Dan Blum

There is no dictionary.com definition of “cyberwar” but there’s plenty of colloquial use of the term. Especially lately.

As multiple breaches and DDOS attacks struck the U.S. and Europe in the savage spring of 2011, I became fascinated with the concept of cyberwar, and then increasingly appalled. In the heat of those news moments I felt we were approaching a state of cyberwar in the world.

I struggled to blog about it, but the initial efforts made trusted colleagues uncomfortable. One told me to “be wary of over-simplifying an area that has many actors and dimensions and largely speculation about the role of nation state intelligence agencies in several noteworthy and publicized attacks.”

Yet the unease with definitions isn’t universal. Andrew Walls at the Gartner Security Summit asked rhetorically: “Does the definition matter?” and noted that the last time the U.S. formally declared war was during World War II.

Indeed, many define cyberwar pretty broadly. According to the “free online dictionary,” cyberwar is just “an assault on electronic communications networks.” As described in another post on cyberwar definitions, even the experts’ opinions differ.

Yet another colleague, Ramon Krikken, got me wondering: Should more sober heads prevail? Ramon comes from the Netherlands, a country on the plains of Northern European, one of history’s great invasion routes.

To paraphrase Ramon’s concerns, “I’d rather you didn’t call it war. I’d rather we didn’t get into another war. Definitions are important and calling something war when it isn’t is asking for trouble. I don’t see current cyber-attacks rising to the level of war, which would mean we’re considering all options including a kinetic response.”

To follow this train of logic, most of the cyber-attacks we’ve seen have been undertaken by individual criminals or hacktivists rather than nation states. And most suspected nation state advanced persistent threats (APTs) fall into the espionage bucket. Bitterly resented, maybe. Cause célèbre for war, rarely.

This isn’t to say we won’t see nation states (or their proxies) conduct digital attacks with kinetic consequences in the future. In fact, a spectacularly successful attack on the electrical grid or the financial system might cause enough economic damage to be called an act of war even if it doesn’t immediately kill anyone.

The good news is that we’re not there yet. The bad news is that nation states are building digital arsenals through cybersecurity programs just in case on again, off again efforts at diplomacy fail. Last month I received an inquiry from a client in a medium-sized country asking me to rate the comparative cyberwar capabilities of four other nations. I declined because we don’t provide that sort of research.

But it was one more data point that me think one should be careful with what language one uses on this complex issue, and consider de-escalating the situation. But that’s for my next post.

Perhaps this sums it up the best. Again, from Andrew Walls: “When I hear the term cyberwar, it tells me that the speaker is attempting to define their pursuits and interests as different and more important or arcane than mere information security. The term is political speech, not a meaningful term that defines or describes a group of activities.”

Submit a Comment »

Category: Uncategorized     Tags: cybersecurity, cyberwar

Share

Tweet