The nation’s top intelligence official, James Clapper Jr., warned Congress on Tuesday, March 12, that a cyberattack could cripple America’s infrastructure and economy and suggested that such attacks pose the most dangerous immediate threat to the United States, more pressing than an attack by global terrorist networks. In his prepared testimony to the Senate Intelligence Committee he defined as an operation that “would result in long-term, wide-scale disruption of services, such as a regional power outage.”
“Threats are more diverse, interconnected and viral than at any time in history. Attacks, which might involve cyber and financial weapons, can be deniable and unattributable,” he said.
The question arises, however, what is cyber warfare? What would qualify as a cyberattack and trigger retaliation? The problem is that cyber weapons can disrupt a country without physical destruction and from half-way around the world, without one soldier firing a shot or a building being destroyed.
For example, a country could be left disrupted and temporarily impoverished by erased banking records. Transportation systems could result in all flights being grounded, as they were during 9/11. Many people still remember the days it took to untangle all flights and get both passengers and planes back on schedule. Planes were in the air by the next day but imagine if all airlines were grounded for days on end including mail, cargo and transport flights,
Some say that an attack that qualifies of cyber warfare must, therefore, occur in the political and strategic context of warfare.
“War is thus an act of force to compel our enemy to do our will,” said Prussian military strategist Carl von Clausewitz. Chinese military general Sun Tzu's idea of warfare was “to subdue the enemy without fighting.”
Compelling and subduing the enemy does not need to involve physical destruction in this day of cyber attacks and cyber warfare. Cyber sabotage has already been documented by the NY Times and other media systems.
Mr. Clapper said it was unlikely that Russia and China would launch “devastating” cyberattacks against the United States in the next two years, but he said foreign spy services had already hacked the computer networks of government agencies, businesses and private companies. Two specific attacks Mr. Clapper listed, an August 2012 attack against the Saudi oil company Aramco and last year’s cyberattacks on American banks and stock exchanges, are believed by American intelligence officials to be the work of Iran.
The problem remains, what is an act of cyber warfare? Cyber warfare cannot be the fallback term for every malicious attack or unpleasant event.
While Kaspersky Lab CEO Eugene Kaspersky limits his definition of cyber warfare to activity that uses cyber weapons to cause physical damage, only Stuxnet fits that definition to date. President Obama last fall signed a classified directive that requires an “imminent” or ongoing threat of an attack that could result in death or damage to national security before a military cyber-action can be taken to thwart it.
But the definition of “imminent” is, like the definition of an “act of war,” subjective and dependent upon circumstances. In cyberspace, where attacks can launch in milliseconds, a nation might not have enough time to detect an attack and mount a defense. In fact, the last clear “window of opportunity” to counter a threat may be hours or days or months before it is launched.