What Cyberwar Would Look Like
CREDIT: U.S. Air Force
In this second of a three-part series, SecurityNewsDaily explores truths, distortions, confusions and likelihood of cyberwar. Click for Part 1: Cyberwar: Definition, Hype and Reality and Part 3: Why Cyberwar Is Unlikely .
Perhaps the most striking feature of cyberwar is how divorced it is from people's everyday lives.
An attack that shuts off a power plant , disables a military command center or alters sensitive financial data could very well go unnoticed by most Americans. Even if you were to notice a change, it would be indistinguishable from the regular systemic failures that lead to blackouts or banking trouble.
That's because of the two possible flavors of cyberwar, one would occur alongside conventional hostilities, making it simply "war," and the other would happen so subtly that even its victims might take some time to discover it.
Strategic cyberwar, considered by most as a theoretical activity, would occur independently of other military hostilities and target vital infrastructure such as a country's electrical grids and financial systems.
Tactical cyberwar would disable military communications and defense networks in cooperation with a conventional assault.
In practice, strategic cyberwar would probably fall far short of the doomsday scenarios that envision complete societal collapse in the absence of computer-controlled services.
And tactical cyberwar would not constitute a new form of attack, but would instead merely augment the electronic warfare already practiced by modern militaries.
"They would try to get into our infrastructure, but they would only succeed in scattered ways. We might not even notice," said Martin Libicki, a senior policy analyst in cyber issues for the RAND Corporation in Santa Monica, Calif.
"DDOS [distributed denial-of-service] attacks [would occur], almost certainly," Libicki explained. "Another possible form of attack would be against the domain naming service and the routing of traffic, so the Internet may not behave well for a while.
"But if Amazon.com doesn't load, or you don't have cable access for four hours, that's not the first time a cable company screwed up or a website went down. So you won't assume it's cyberwar."
History of cyber conflict
Tactical cyberwar has definitely occurred at least twice, and possibly a number of times more.
In September 2007, Israel used a cyberweapon to disable Syrian air defenses just before Israeli aircraft bombed a suspected nuclear site, said James Lewis, senior fellow and director of technology and public policy at the Center for Strategic and International Studies in Washington, D.C.
Then, during the August 2008 war between Russia and the Republic of Georgia, Russian hackers disrupted Georgian government communications, impairing the ability of Georgian leaders to coordinate the defense of their country.
As of yet, no country has launched an attack that would qualify as strategic cyberwar.
Should that change, experts agree that the main targets would include power grids, financial institutions and the infrastructure of the Internet itself, said Sami Saydjari, chairman of Professionals for Cyber Defense, an organization of security experts which sees its mission as "to advocate, advise and advance sound cyber defense policy for the United States of America."
However, even if an attacker were to cause a widespread blackout, the results wouldn't cripple the nation.
After all, most of the Northeast suffered from a massive blackout in August 2003, and New York City, America's largest metropolis, did not descend into anarchy, said Jerry Brito, a senior research fellow at the Mercatus Center at George Mason University in northern Virginia, and director of its Technology Policy Program.
"People should worry about this, and take serious action, but they shouldn't worry about some of these doomsday scenarios," Brito told SecurityNewsDaily. "They shouldn't worry about some sort of cyber Pearl Harbor, with planes falling out of the sky and power plants going down all in the span of fifteen minutes."
Would anyone notice?
Barring a blackout or a bank collapse, a cyberwar would proceed slowly, over the course of weeks and months.
As malware spread and attacks expanded, the network backbone that linked everything from air-defense radar to corner-store ATM machines would gradually grow less and less reliable.
In this form, cyberwar would constitute a form of economic warfare that wore down an enemy by forcing him to devote more and more resources to maintaining his systems.
Across a broad enough span of time, this could have significant negative impacts on the target, but it could take years before the targeted citizenry noticed any of the effects.
"How do you measure the degradation of the system? Do average Americans care? Not at all," said George Smith, a senior fellow at Globalsecurity.org, based in Alexandria, Va.
"We've had a couple of these kinds of attacks already, and most people didn't notice them," Smith added. "So that's a different standard of war."