CYBER OFFENSIVE: Politicians, pundits and security experts disagree as to whether the age of cyber warfare us upon us. That has not stopped countries, including the United States, from making preparations. Image: COURTESY OF JOHN SOLIE VIA ISTOCKPHOTO.COM
There is speculation among some politicians and pundits that the fog of war will soon extend to the Internet, if it has not done so already, given a recent report that the U.S. Department of Defense will introduce its first cyberwarfare doctrine this month, combined with similar announcements from the governments of Australia, China and the U.K. (not to mention Google's ongoing cyber spat with China). Less clear, however, are the rules of engagement—such as what constitutes an act of cyberwar as opposed to the cyberattacks that take place on government computers every day and who, if anyone, should mediate such disputes.
Wars have traditionally been waged between nations or clearly defined groups that officially declare themselves in conflict. This has yet to happen openly on the Internet, although such accusations have been leveled against China, Russia and other nations, says Chris Bronk, an information technology policy research fellow at Rice University's James A. Baker III Institute for Public Policy in Houston and a former U.S. State Department diplomat.
Cyberwarfare is more likely to reflect the wars fought against shadowy terrorist networks such as al-Qaeda as opposed to conflicts between uniformed national military forces. "One thing about war is that, historically, the lines have been drawn and there is an understanding of who the enemy is," says David M. Nicol, director of the Information Trust Institute at the University of Illinois at Urbana-Champaign. "When a cyberattack occurs against a sovereign state, who do you declare war on?"
The Defense Department is expected to clarify at least some of these gray areas when it releases its cyberwarfare doctrine, the Wall Street Journal reported last month. This would not be the Pentagon's first foray into managing cyberwar. The U.S. Strategic Command's U.S. Cyber Command (USCYBERCOM) division has been operational since October and is designed to centralize the administration of cyberspace operations, organize existing cyber resources and synchronize defense of U.S. military networks. What is missing is a clear set of publicly declared rules under which USCYBERCOM will operate, Bronk says, adding, "We can't say there is a cyber command and then not have rules of the road like you do for other areas of military conduct."
Other countries seem to be following suit. The U.K. is developing a cyberweapons program that will give ministers an attacking capability to help counter growing threats to national security from cyberspace, the Guardian reported last month. Australia is also on record as saying it will create the country's first national cybersecurity strategy to confront the growing threat posed by electronic espionage, theft and state-sponsored cyberattack, the Sydney Morning Herald recently reported. Not to be left out, China has also set up a specialized online "Blue Army" unit that it claims will protect the People's Liberation Army from outside attacks, according to News Track India.
The inability of governments, or any other cybersecurity experts for that matter, to pinpoint the origin of cyberattacks is problematic and boils down to an intelligence problem, Nicol says. "Right now, with the infrastructure that we have it's very difficult using purely technological means to trace the source of some kind of attack," he adds. "You can't just look at the connection between one computer and another because cyberattackers use multiple levels of cutout servers that make it difficult to determine where data is being sent. These computers that do the cutoffs are in foreign countries so there's little recourse in terms of requesting log files from those computers."