Two years ago, a piece of faulty computer code infected Iran’s nuclear program and destroyed many of the centrifuges used to enrich uranium. Some observers declared this apparent sabotage to be the harbinger of a new form of warfare, and US Secretary of Defense Leon Panetta has warned Americans of the danger of a “cyber-Pearl Harbor” attack on the US — but what do we really know about cyberconflict?
The cyberdomain of computers and related electronic activities is a complex man-made environment, and human adversaries are purposeful and intelligent. Mountains and oceans are hard to move, but portions of cyberspace can be turned on and off by throwing a switch. It is far cheaper and quicker to move electrons across the globe than to move large ships long distances.
The costs of developing those vessels — multiple carrier task forces and submarine fleets — create enormous barriers to entry, enabling US naval dominance. However, the barriers to entry in the cyberdomain are so low that non-state actors and small states can play a significant role at low cost.
In my book The Future of Power, I argue that the diffusion of power away from governments is one of this century’s great political shifts. Cyberspace is a perfect example. Large countries like the US, Russia, Britain, France and China have greater capacity than other states and non-state actors to control the sea, air, or space, but it makes little sense to speak of dominance in cyberspace. If anything, dependence on complex cybersystems for support of military and economic activities creates new vulnerabilities in large states that can be exploited by non-state actors.
Four decades ago, the US Department of Defense created the Internet; today, by most accounts, the US remains the leading country in terms of its military and societal use. However, greater dependence on networked computers and communication leaves the US more vulnerable to attack than many other countries, and cyberspace has become a major source of insecurity, because, at this stage of technological development, offense prevails over defense there.
The term “cyberattack” covers a wide variety of actions, ranging from simple probes to defacing Web sites, denial of service, espionage and destruction. Similarly, the term “cyberwar” is used loosely to cover a wide range of behaviors, reflecting dictionary definitions of war that range from armed conflict to any hostile contest (for example, “war between the sexes” or “war on drugs”).
At the other extreme, some experts use a narrow definition of cyberwar: a “bloodless war” among states that consists solely of electronic conflict in cyberspace. However, this avoids the important interconnections between the physical and virtual layers of cyberspace. As the Stuxnet virus that infected Iran’s nuclear program showed, software attacks can have very real physical effects.
A more useful definition of cyberwar is hostile action in cyberspace whose effects amplify or are equivalent to major physical violence. In the physical world, governments have a near-monopoly on large-scale use of force, the defender has an intimate knowledge of the terrain, and attacks end because of attrition or exhaustion. Both resources and mobility are costly.
In the cyberworld, by contrast, actors are diverse (and sometimes anonymous), physical distance is immaterial and some forms of offense are cheap. Because the Internet was designed for ease of use rather than security, attackers currently have the advantage over defenders. Technological evolution, including efforts to “re-engineer” some systems for greater security, might eventually change that, but, for now, it remains the case. The larger party has limited ability to disarm or destroy the enemy, occupy territory, or use counterforce strategies effectively.
Cyberwar, though only incipient at this stage, is the most dramatic of the potential threats. Major states with elaborate technical and human resources could, in principle, create massive disruption and physical destruction through cyberattacks on military and civilian targets. Responses to cyberwar include a form of interstate deterrence through denial and entanglement, offensive capabilities, and designs for rapid network and infrastructure recovery if deterrence fails. At some point, it might be possible to reinforce these steps with certain rudimentary norms and arms control, but the world is at an early stage in this process.
If one treats so-called “hacktivism” by ideological groups as mostly a disruptive nuisance at this stage, there remain four major categories of cyberthreats to national security, each with a different time horizon: cyberwar and economic espionage are largely associated with states, and cybercrime and cyberterrorism are mostly associated with non-state actors. For the US, the highest costs currently stem from espionage and crime, but over the next decade or so, war and terrorism could become greater threats than they are today.
Moreover, as alliances and tactics evolve, the categories may increasingly overlap. In the view of former US director of national intelligence Admiral Mike McConnell: “Sooner or later, terror groups will achieve cybersophistication. It’s like nuclear proliferation, only far easier.”
The world is only just beginning to see glimpses of cyberwar — in the denial-of-service attacks that accompanied the conventional war in Georgia in 2008, or the recent sabotage of Iranian centrifuges.
States have the greatest capabilities, but non-state actors are more likely to initiate a catastrophic attack. A “cyber-9/11” may be more likely than the often-mentioned “cyber-Pearl Harbor.” It is time for states to sit down and discuss how to limit this threat to world peace.
Joseph Nye, a former assistant US secretary of defense, is a professor at Harvard University and author.
Copyright: Project Syndicate
Could Asia be on the verge of a new wave of nuclear proliferation? A look back at the early history of the North Atlantic Treaty Organization (NATO), which recently celebrated its 75th anniversary, illuminates some reasons for concern in the Indo-Pacific today. US Secretary of Defense Lloyd Austin recently described NATO as “the most powerful and successful alliance in history,” but the organization’s early years were not without challenges. At its inception, the signing of the North Atlantic Treaty marked a sea change in American strategic thinking. The United States had been intent on withdrawing from Europe in the years following
My wife and I spent the week in the interior of Taiwan where Shuyuan spent her childhood. In that town there is a street that functions as an open farmer’s market. Walk along that street, as Shuyuan did yesterday, and it is next to impossible to come home empty-handed. Some mangoes that looked vaguely like others we had seen around here ended up on our table. Shuyuan told how she had bought them from a little old farmer woman from the countryside who said the mangoes were from a very old tree she had on her property. The big surprise
The issue of China’s overcapacity has drawn greater global attention recently, with US Secretary of the Treasury Janet Yellen urging Beijing to address its excess production in key industries during her visit to China last week. Meanwhile in Brussels, European Commission President Ursula von der Leyen last week said that Europe must have a tough talk with China on its perceived overcapacity and unfair trade practices. The remarks by Yellen and Von der Leyen come as China’s economy is undergoing a painful transition. Beijing is trying to steer the world’s second-largest economy out of a COVID-19 slump, the property crisis and
Former president Ma Ying-jeou’s (馬英九) trip to China provides a pertinent reminder of why Taiwanese protested so vociferously against attempts to force through the cross-strait service trade agreement in 2014 and why, since Ma’s presidential election win in 2012, they have not voted in another Chinese Nationalist Party (KMT) candidate. While the nation narrowly avoided tragedy — the treaty would have put Taiwan on the path toward the demobilization of its democracy, which Courtney Donovan Smith wrote about in the Taipei Times in “With the Sunflower movement Taiwan dodged a bullet” — Ma’s political swansong in China, which included fawning dithyrambs