The hacking-cyberwar continuum, Part II

How likely is a major cyber war?

In my last blog, I distinguished between Cyberwar, Cyber Espionage, Cyber Cold War, Cyber Sabotage/Vandalism and Cyber Hacktivism. All are familiar to us by now, though fortunately we haven’t yet experienced a major Cyberwar.

That said, there’s no discounting the state-sponsored damage that can result from cyber vandalism as with the recent attacks on Sony, apparently spearheaded by North Korea and/or its proxies.

  • Not receiving as much attention, but more serious, have been subvert, aggressive Russian cyber incursions into U.S. public and private domains that increased dramatically before and after their annexation of Crimea and ensuing Western sanctions. Case in point: Russian hackers (with probable links to the Russian government) attacked JP Morgan late last year, compromising 83 million accounts (USA Today, October 7, 2014). Now, with oil prices continuing to fall and other, mounting domestic pressures, several experts are pointing to Putin as the most likely ‘cyber loose cannon’ of 2015.

How likely is a major cyber war?

The Big Picture

Major Cyberwar scenarios range from disruptive to devastating, the latter including mass casualties that would result from the disruption of food and water supplies. On the disruptive end of the continuum, the Russian-Georgian War invasion of 2008 underscored the inevitability of Distributed Denial of Service (DDoS) attacks of ANY future military action between nations. A more recent example: in 2014, Russian forces cut telephone and Internet links to the Ukrainian mainland as they seized control of the Crimean Peninsula.

  • While most likely future Cyberwar scenarios encompass that and other communications disruptions, they don’t include a complete destruction of an enemy’s information technology because of the assumed need to maintain critical intelligence on an enemy’s ongoing military decision-making process.
  • In reality, there’s no way to predict whether a full-fledged Cyberwar will occur in the future. The complexity of digital offensive and defensive capabilities of different nations are classified and simply too complex even for insiders to fully grasp.
  • Finally, there’s no way to know how a future Cyberwar would unfold sequentially, let alone its outcome.

cyberwas infographics

Possible triggers for a major cyber war–

The overriding concern is that Cyberwarfare is easy to start, making them more likely than conventional wars.

Why so?
  • First, because cyberwarfare is asymmetric, i.e., cheap, it may encourage weaker states into conflict with bigger, stronger states.
  • Second, since the source of cyberattacks is difficult to identify, actors may believe they won’t experience retaliation, encouraging them to be more aggressive than in conventional war scenarios.
  • Third, because it’s so hard to defend against cyberattacks, many states may be encouraged to attack preemptively.
  • Finally, since cyber offensive and defensive capabilities are surrounded by secrecy and great uncertainty, cyber arms control agreements would be hard to implement.

In my final post on this subject, I’ll describe standard arguments against the eventuality of Cyberwar.

More Insights