Has the Cyber-War Begun?

Melissa Andrews April 30, 2013

Year 2013 has been marked with increasingly tense chatter surrounding the concept of cyber-warfare.

As recently as mid-March, in response to a significant New York Times breach, President Obama

publically confirmed that recent cyber-attacks have been funded by other governments. In particular, he

specifically chastised the Chinese government who is suspected of perpetrating the New York Times

attack and sponsoring other significant assaults. (1) This strengthened rhetoric, in addition to escalating

action taken by the Pentagon, clearly signifies that the United States is positioning itself for cyber-war.

In fact, according to a CNN Money article titled “Nations Prepare for Cyber War”, security experts

believe that in 2013 cyber-attacks funded by enemy nations will become mainstream and may even

cause deaths. (2) Given these predictions, as well as recent government actions, and the increasing

reach and sophistication of current attacks one may conclude that the cyber-war has already begun.

Most experts believe that a cyber-war is imminent. Yet, the definition of what exactly constitutes a

cyber-war is still hotly debated. According to the article titled “Is Cyber War the New Cold War?” there

are three types of cyber-attacks as defined by NATO’s Cooperative Cyber Defense Centre of Excellence:

cyber-crime, cyber-espionage and cyber-warfare. (3) Some experts state that espionage is enough to

constitute cyber-war while others argue that a cyber-attack must have caused physical damage or

death. (3) Further complicating the determination of cyber-war is the fact that “rules of engagement” in

terms of cyber-attacks are undefined at a global level. (4) Therefore, what one country may determine

to be an act of warfare another may not. This state of “lawlessness” is fostering an environment of

escalating counter-actions on the part of United States, China, and Iran in particular. (3)

In 2010 the United States was suspected of attacking an Iranian nuclear facility with a worm known as

Stuxnet. By infiltrating critical control systems, the worm ultimately caused the destruction of the

centrifuges at the uranium enrichment facility. (4) Iran is suspected of retaliating with a debilitating

attack on 30,000 computers belonging to oil company Saudi Aramco and a significant denial-of-service

attack on major US banks. (2) These events including the more recent attacks sponsored by China are

evidence that the cyber-war, if anything, is heating up. Not only is there little doubt that these attacks

are in fact government sponsored, the governments involved are aggressive about advancing their

cyber-warfare tactics and resources. Governments are making strategic decisions to infiltrate the

systems of enemy countries. In fact, a recent Huffington Post article discussed North Korea’s unabashed

efforts to increase its cyber-warrior force as it reportedly continues to infiltrate and shut-down South

Korea’s key infrastructure systems such as TV networks and banks. (5)

North Korea is not the only country beefing up its cyber-army. In fact, “12 of the world’s 15 largest

military powers are currentlybuilding cyberwarfare programs”. (2) The United States has approved the

recruitment of as many as 4,200 new cyber warriors. (6) The reasoning for this as stated by National

Intelligence Director James Clapper and implied by other government officials is that essential

infrastructures such as power grids and water supplies are not properly protected and are at great risk

of cyber-attack. Clapper states that while the likelihood of a wide-scale attack causing long-term

damage is remote, less sophisticated attacks will still cause disruption and fuel damaging ripple

effects.(7) An example of such a ripple effect would be the impact on the DOW as a result of the

Associated Press Twitter account breach. A false report of a Washington DC attack triggered a

preprogrammed “sell-off” of stocks instantly sending the DOW down 140 points. (8) Clearly ramping up

the security systems in defense of these disruptive attacks is becoming a paramount initiative to the

United States and all other governments.

Interestingly, North Korea is also not alone in training its new cyber-army not just in defensive tactics

but offensive measures as well. US Cyber Command and NSA chief General Keith Alexander has decided

that 30% of CYBERCOM personnel will be dedicated to offensive operations. Conducting national

offensive operations is a primary element of his three part cyber-strategy. (3) If not in a state of war,

one may question what the purpose is of increasing offensive measures that are potentially agitating.

That can be answered by the fact that the United States is not currently prepared for the continued

attacks to come. While not deniable that the sophistication and scope of cyber-attacks is increasing,

more challenging to counter is the speed and vastness of attacks that cyber-enemies can craft and

deliver. “The techniques and capabilities are developing so rapidly that sometimes policies have to

catch up.” (4) So is true with defense mechanisms. If defense mechanisms have yet to be developed or

implemented, the US’s only option to prevent an attack is pre-emptive action. Thus, US cyber-offenses

are being ramped up and perhaps the military is simultaneously puffing its proverbial chest as a warning

to rogue nations as to its warfare capabilities.

In the end, there is still no clear definition of cyber-war. Also, the declaration of such has not been

made by the President of the United States. It is clear though that Obama is becoming more and more

vocal on the topic and the threat of full-on cyber-war is on his immediate radar. War or not, the United

States clearly has work to do in securing its primary infrastructure systems. Prevention is the only way

to deter attacks. It’s curious that as cited by government officials, power grids and other critical

infrastructures are still at considerable risk of attack. It seems the security of these basic utilities should

have long been mandated and any roadblocks to accomplishing this should have been conquered. It

would be refreshing to see a clear directive come from Washington to address this ever present issue

before it becomes a crisis.

Bibliography

1. Lever, Rob. "Obama Adds Voice to Accusations of China Hacking." Yahoo! News Singapore. AFP

News, 14 Mar. 2013. Web. 29 Apr. 2013.

2. Goldman, David. "Nations Prepare for Cyber War." CNNMoney. Cable News Network, 07 Jan.

2013. Web. 29 Apr. 2013.

3. Moss, Trefor. "Is Cyber War the New Cold War?" The Diplomat. The Diplomat, 19 Apr. 2013.

Web. 29 Apr. 2013.

4. Michaels, Jim. "Pentagon Seeking 'rules of Engagement' for Cyber-war." USA Today. Gannett, 4

Apr. 2013. Web. 29 Apr. 2013.

5. Craggs, Ryan. "North Korea Cyber Warfare: Hacking 'Warriors' Being Trained In Teams, Experts

Say." The Huffington Post. TheHuffingtonPost.com, 24 Mar. 2013. Web. 29 Apr. 2013.

6. Posel, Susan. "Obama Will Launch Preemptive Cyber-Strike If Threatened By Major Digital

Attack." Occupycorporatism.com. Susanne Posel, 7 Feb. 2013. Web. 29 Apr. 2013.

7. France-Presse, Agence. "Critical Infrastructure at Risk of Cyber Attack." IndustryWeek. Penton

Media, Inc, 12 Mar. 2013. Web. 29 Apr. 2013.

8. Pepitone, Julianne. "AP Hack Proves Twitter Has a Serious Cybersecurity Problem." CNNMoney.

Cable News Network, 23 Apr. 2013. Web. 29 Apr. 2013.