The next Cold War has already begun – in cyberspace

Just as dangerous as “real war”
Some argue that the idea of cyber warfare has been overhyped because cyberattacks don’t have the physical consequences that “real” wars do. But the cyber weapons being used and developed could cause a large degree of economic as well as infrastructural damage — and this could endanger property and even human life. In 2007, scientists at the Idaho National Laboratory in the United States were able to show how a cyberattack on an electricity generator could cause an explosion. This shows the real danger that cyberattacks can pose, not simply to national security infrastructure but also to hospitals, schools and homes.

The year 2007 was actually crucial in the history of cyber warfare, marking the point when several major states began putting cyber weapons to use in a well-documented way. After Estonia attempted to relocate a Soviet war memorial, Russia was accused of launching a series of DDOS attacks on Estonian websites including government and banking sites. Such action was not just embarrassing but damaging to both the power of the Estonian state and the economic activity of the country.

Although it wasn’t discovered until 2010, the Stuxnet worm was the first prominent cyber weapon to be used by the United States, and was originally deployed against Iran in 2007. The worm, part of the wider “Operation Olympic Games,” was designed to prevent Iran from producing uranium that could be used in nuclear weapons. The software was hidden on a USB stick and uploaded to the control systems of the enrichment plant, causing its centrifuges to operate outside of safe parameters and leading to a series of breakdowns.

The Israeli cyber section, Unit 8200, which had a hand in the Stuxnet design, was also involved in the blackout of air radar during an attack on nuclear facilities in Syria in Operation Orchard, 2007. Shutting down the ageing Soviet-era radar through a mixture of cyberattacks allowed Israeli jets to bomb the site in the Deir-ez-Zor region of Syria.

The Israeli example shows how cyberattacks will start to become part of standard military operations. Both the United States and Chinese cyber warfare divisions are parts of the countries’ conventional military structures. And both states have made it clear that they will not rule out using cyberattacks for the sake of maintaining national security interests.

Acting with impunity
These capabilities pose a danger to everyone, not just governments, and not just because they could lead to infrastructure being blown up. Stuxnet was discovered because the worm found its way onto the global Internet and caused problems for tens of thousands of PCs across the world. It’s not hard to imagine the widespread economic and personal damage that could be done with an even more malicious program. Stuxnet also shows why simply keeping critical infrastructure disconnected from the internet is not enough to protect it.

The other particularly worrying aspect of cyber warfare is that it allows states to act with relative impunity. Advanced encryption technologies make it almost impossible to prove exactly who is responsible for a specific cyberattack. As a result, states can now act unilaterally with little fear of open retaliation. For example, despite a bilateral agreement between the United States and China to refrain from hacking for economic benefit, Chinese hackers have continued to infiltrate secure systems in the United States. There are few real consequences for this outright breach of sovereignty.

On the positive side, some have argued that cyberattacks allow states to pursue their foreign policy goals without using conventional military action, and could even dissuade superpowers from doing so. Disabling Iran’s nuclear program, for example, reduced the short-term likelihood the United States would feel the need to make a military attack on the country. With tensions between superpowers high, but the risk of full-scale world war still relatively low, cyberattacks are likely to become an increasingly common way for countries to gain at their competitors’ expense.

Conor Deane-McKenna is Doctoral Researcher in Cyberwarfare, University of Birmingham. This article is published courtesy of The Conversation (under Creative Commons-Attribution/No derivative).