• 10 years ago
• Posted in:Uncategorized
• 0
• Author: mshove

In a new age characterised by globalisation, the technological revolution, and a move away from conventional war, the possibility of cyber warfare is becoming ever more relevant. This new age of technological revolution challenges state monopoly over violence, as it places the tools of violence directly into the hands of ordinary people. Today we are living in a world where more people have access to cellphones than to adequate sanitation, and technologies such as personal computers and internet access have proliferated almost worldwide (1). These very basic tools are often the only weapons needed to commit acts of cyber warfare, and this challenges the traditional monopoly states hold over violence. In order to defend themselves against these new threats, states must develop institutions and enforcement agencies specifically targeted towards cyber conflict. In addition, there should be an international cyber arms agreement, which acknowledges the point where an act of cyber conflict becomes an act of war.

Whereas acts of conventional warfare and violence require expensive and generally restricted equipment (tanks, guns, troops, etc), cyber warfare does not. The technological revolution has seen the global uptake of the internet, smartphones, and personal computers, which are often the only tools required to commit a cyber attack. Furthermore, in conventional warfare it is far easier to hold a defensive position than an offensive one. In a defensive position in a conventional conflict one only has to hold off the opponent, whereas with an offensive goal one has to overpower the opponent. However in cyber conflicts, offensive action is easy (compared to in conventional war) and often anonymous,  while defensive action involves setting up elaborate firewalls, security systems and the constant monitoring of these defenses. Therefore cyber technology inverts the traditional defensive advantage held in a conflict. This factor, combined with the ready availability of cyber technologies compared to traditional weapons means that we are likely to see an increase in conflict in the coming years, simply because the development of cyber technologies makes it easier to take offensive action.

In addition to creating new weapons, cyber technology also creates new weaknesses in states. Gone are the days when attacking a state involved bombing infrastructure or killing thousands of troops, in today’s world state’s are heavily reliant on technology both for their security and for the simple day to day functioning of their state. This reliance on technology creates new weaknesses to be exploited, and therefore further encourages conflict. For example rather than creating an elaborate plan to bomb the Pentagon, an attacker could use a cyber attack to take the Pentagon offline, or to corrupt or steal their intelligence files, which would have equally devastating consequences.

For the purposes of this argument, let us define a cyber war as a conflict with over 1000 deaths directly resulting from a cyber attack in a conflict between two or more states. Thomas Rid argues that there is no such thing as ‘cyber war’ and that the construction of such an idea only serves to increase the real insecurity of states, possibly leading to conventional war (2). While I recognise the logic behind this argument, I reject his fundamental assumption that just because there is yet to be an instance of cyber war that there never will be one. Furthermore, even if the possibility of cyber war remains vague and improbable as Rid argues, the reality of cyber attacks has already arrived, justifying state defense in the cyber division.

Take for example the Stuxnet attack in Iran, which was a technological (though arguably not cyber, as it wasn’t online) attack on Iran’s nuclear facilities. This attack involved developing a targeted virus, which was loaded onto their system using a simple USB drive (again, a technology that is readily available to the public). This action delayed their nuclear programme several years, and is often cited as an example of a cyber attack with real world, physical ramifications. However no one died, and no state (or non-state actor) claimed responsibility, so it is not considered an act of war.

What if the assailant had melted down the reactor, instead of just delaying its development? This is an example of the very real possibility of cyber warfare. So much of the capacity and institutions of modern states rely on technology or the internet, which creates an enormous vulnerability. I believe the possibility of cyber warfare is a very real one, especially as states become increasingly reliant on technology. What if the Pentagon was taken offline for even a few hours? The delay in contact, support and resources to the over a million US troops in active service would undoubtedly cause deaths (3). Likewise, a state’s drone system could be hacked, potentially turning these lethal weapons against their own state. The possibilities for cyber warfare are very real, and are becoming increasingly likely as the world becomes more and more reliant on technology.

As such, I believe an international cyber arms agreement is necessary, which clearly defines the point where a cyber attack becomes an act of war. I also believe that states should strengthen their own institutions which regulate cyber behaviour – while almost all states have some form of censorship and control over the internet (for example, restricting online drug sales), the institutions which enforce this control are little known and weak. These institutions ensure state monopoly over violence through cyber attacks, essentially the police force of the internet. As cyber warfare becomes an increasingly likely possibility, these institutions need to be given adequate funding and resources to do their job well, for example the US DoD boasts a goal of having a cyber defense programme made up of 133 teams of 6000 people by 2016 (4). While this may sound a lot, when it is compared to their police force of over a million employees, it is clearly unsuitable to taking on the significant threat of cyber attacks (5). While states have established institutions and systems to maintain monopolies over conventional violence (police and military forces, generally recognised and accepted laws), the institutions in place to maintain such a monopoly over cyber violence are weakly institutionalised by states, if they exist at all. This must change if states are to survive the drastic threat which cyber technology poses to them.

1 – Wang, Y. (2013). More People Have Cell Phones Than Toilets, U.N. Study Shows. Time. Retrieved from http://newsfeed.time.com/2013/03/25/more-people-have-cell-phones-than-toilets-u-n-study-shows/

2 – Thomas Rid. (2012). “Cyber War Will Not Take Place.” Journal of Strategic Studies. Vol. 35, No. 1: 5-32.

3 – US Census Bureau,. (2012). Statistical Abstract of the United States. National Security and Veterans Affairs. Retrieved 19 November 2014, from http://www.census.gov/compendia/statab/2012/tables/12s0509.pdf

4 – Defense.gov,. (2014). Defense.gov Special Report: The Cyber Domain – Security and Operations. Retrieved 26 November 2014, from http://www.defense.gov/home/features/2013/0713_cyberdomain/

5 – Www2.fbi.gov,. (2014). Table 74 – Crime in the United States 2009. Retrieved 26 November 2014, from http://www2.fbi.gov/ucr/cius2009/data/table_74.html