<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=192888919167017&amp;ev=PageView&amp;noscript=1">
Monday, March 18, 2024
March 18, 2024

Linkedin Pinterest

Will: Discussion on cyberattacks long overdue

By
Published:

There is a consensus that aggression by one nation against another is a serious matter, but there is no comparable consensus about what constitutes aggression. Waging aggressive war was one charge against Nazi leaders at the 1946 Nuremberg war crimes trials, but 70 years later it is unclear that aggression, properly understood, must involve war. Or that war, in today’s context of novel destructive capabilities, must involve “the use of armed force,” which the Rome Statute of the International Criminal Court says is constitutive of an “act of aggression.”

Cyberskills can serve espionage — the surreptitious acquisition of information — which is older than nations and not an act of war. Relatively elementary cyberattacks against an enemy’s command-and-control capabilities during war was a facet of U.S. efforts in Operation Desert Storm in 1991, in the Balkans in 1999 and against insurgents — hacking their emails — during the “surge” in Iraq. In 2007, Israel’s cyberwarfare unit disrupted Syrian radar as Israeli jets destroyed an unfinished nuclear reactor in Syria.

But how should we categorize cyberskills employed not to acquire information and not to supplement military force but to damage another nation’s physical infrastructure?

In World War II, the United States and its allies sent fleets of bombers over Germany to destroy important elements of its physical infrastructure. Bombers were, however, unnecessary when the U.S. and Israel wanted to destroy some centrifuges crucial to Iran’s nuclear weapons program. They used the Stuxnet computer “worm” to accelerate or slow processes at Iran’s Natanz uranium-enrichment facility, damaging or even fragmenting centrifuges necessary for producing weapons-grade material. According to Slate magazine columnist Fred Kaplan, by early 2010, approximately 2,000 of 8,700 “were damaged beyond repair,” and even after the Iranians later learned what was happening, another 1,000 of the then-remaining 5,000 “were taken out of commission.”

For fascinating details on the episodes mentioned above, and to understand how deeply we have drifted into legally and politically uncharted waters, read Kaplan’s new book, “Dark Territory: The Secret History of Cyber War.” Three of its lessons are that cyberwar, much of it is very secret, resembles war and everything essential to the functioning of modern society is vulnerable.

The things controlled by or through computers include not just military assets but also hospitals, electric power grids, water works, the valves of dams and the financial transactions of banks. And, Kaplan notes, unlike nuclear weapons or the ballistic missiles to deliver them, cyberweapons do not require large-scale industrial projects or concentrations of scientists with scarce skills. All that is needed is “a roomful of computers and a small corps of people.”

Clearly the U.S. needs a cyberdeterrent capacity: the ability to do unto adversaries anything they might try to do unto us. One problem, however, is that it can be difficult to prove the source of a cyberattack.

Imagine what havoc can be wrought by battalions of militarized cyberwarriors implacably implementing a nation’s destructive agenda. It is long past time for public discussion of the many new meanings that can be given to Shakespeare’s “Cry ‘Havoc!’ and let slip the dogs of war.”


 

George F. Will is a columnist for the  Washington Post Writers Group. Email: georgewill@washpost.com.

Loading...