Cyber Warfare: The New Front

An Essay by Marie O’Neill Sciarrone, Co-founder and President of Trinity Cyber LLC and Former Special Assistant to the President for Homeland Security

As war has advanced, the battlefield has expanded from land to sea to air.  Now, battles are engaged in a new arena: cyber space.

U.S. Army Private First Class Hannah Quaney participates in a training exercise in Postojna, Slovenia. (Army Staff Sergeant Caleb Barrieau/Department of Defense)

Warfare has traditionally been executed within easily-defined periods of time and geographic boundaries. Wars are declared and when objectives are achieved or abandoned, the parties return home. These conflicts have been fought on identifiable terrain in the air, on the ground, under the sea, and as of the last 20 years, in space. 

Even the changing tools of war have been easily defined: the rifle, bomb, aircraft, tank, ship, et al. Some of the newer tools, such as the improvised explosive device, are equally tangible and identifiable. 

But the internet and its expansionary nature have opened a whole new domain for attacks and warfare. There are no geographical boundaries and the domains are beyond the reach of traditional norms such as the Geneva Convention. 

This evolution, referred to as cyber warfare, is a game-changer. It changes how we assess our enemies, meet their challenges, and enact policies that match the growth of the cyber domain. To determine the best policies and plans of action, government and civilian entities must cooperate to develop common definitions and goals and implement responses.

[Cyber warfare] changes how we assess our enemies, meet their challenges, and enact policies that match the growth of the cyber domain.

Those affected by the threat include officials who specialize in this area and everyday citizens, whose protection from cyber warfare must be at the forefront of any policy. The cooperation of citizens also is necessary for a successful policy to take root. Technology will always outpace policy, but policymakers can reduce the gap through engaging the public. After all, the internet touches millions of lives each day.

What exactly is cyber warfare?

We need a clear understanding of what the term means and how cyber warfare differs from traditional warfare. Otherwise, it will be impossible to discuss and understand – let alone address – the challenges that the Department of Defense specifically faces as the government responds to warfare in the new digital domain. Those tests involve finding the right policies, technologies, and staffing.  

Unfortunately, no universal definition of cyber warfare exists. Even agreement on a single way to spell the term has proven elusive. Is it "cyber warfare," "Cyber-Warfare," "Cyberwarfare," or "Cyber warfare"? 

The subtle differences reflect a large difference in the word's connotation. Is the emphasis on "cyber"? Is the emphasis on "war" to reflect an offensive focus versus a more conventional defensive positioning usually associated with "cybersecurity"? Or, is the term meant to reflect a select type of warfare? Also, is cyber warfare using digital weapons? Is it only limited to actions taken on a computer? Is it advanced warfare using ever-more intelligent and autonomous weapon systems?  It also is important to differentiate a cyber attack from cyber warfare. Calling it “war” implies a wider scope and longevity. An attack is understood to be a singular event, while war is a series of attacks. 

For this piece, the emphasis will be on using a digital means to attack an opponent – what constitutes an attack and the warranted response. 

Cyber warfare should not be thought of as computer against computer, but a much broader concept. It is an effort through cyber space or using a digital means to attack an opponent. These attacks could range from state-sponsored infiltration with the objective of disrupting information systems, to individual hackers trying to make a political statement or influence outcomes. 

With the advent of non-state-sponsored terrorist organizations and the ubiquity of internet access, offensive cyber attacks have become frequent occurrences at all levels. Reaching agreement on terms and meanings will be critical to achieving and determining how to best deal with this new type of warfare.

Cyber warfare should not be thought of as computer against computer, but a much broader concept. It is an effort through cyber space or using a digital means to attack an opponent.

Changing a traditional view of war 

Cyber warfare stands apart from warfare found in history books or movies of the 1950s and 1960s, where the “good-guys” could see or touch the enemy. In cyber warfare, a sniper does not pull the trigger of a gun; a unit cannot take a hill or invade an island. Cyber warfare is fought on keyboards with armies of ones and zeros acting like the soldiers executing orders. 

It follows that any policy must stand apart from more traditional methods. Yet the Department of Defense and others have spent billions viewing cyber space and accompanying solutions in more traditional physical terms – likely because that is what is familiar to them. 

A new paradigm must be developed that reflects the realities of cyberspace, which expands the battlefield anywhere to which the internet extends, particularly past the supposedly-safe borders of our homeland and into almost every aspect of our lives. That so much of business, political, and social activity relies almost exclusively on this technology means escaping the impact of cyber warfare is unlikely. The capacity for a single solution is equally unlikely.

What's more, definitive attribution of the adversarial act(s) can be difficult or even impossible. A single person can control an army of usually-unwitting computers, making it even more difficult to identify who is behind the actions. 

This makes it challenging to establish traditional defense policies. It is unclear who has what authority to respond in a significant cyber attack, when they respond, and what options leadership can enact. These variables make it necessary to reach agreement on terminology, actions, and responses. A common understanding of them will ensure we have the political will to address these challenges.

Cyber warfare is also not always surgically-targeted, so the potential of harming those not even involved is great. Once an attack tool is used, it is not spent like a round of ammunition. It can be reused and even aimed against the entity that released it. 

Definitive attribution of the adversarial act(s) can be difficult or even impossible. A single person can control an army of usually-unwitting computers, making it even more difficult to identify who is behind the actions. This makes it challenging to establish traditional defense policies.

Many cyber weapons are based on software vulnerabilities and those vulnerabilities exist on numerous systems. They can affect networks that drive health care, manufacturing, power generation and distribution, and transportation, among others. 

As a result, it is hard to safeguard the systems used to secure and identify people, especially our military in times of conflict. Biometrics are no longer a fingerprint with ink. They have moved to digital versions and are stored in a digital database.

These modern challenges impact the intelligence our national security and war fighters depend upon. Fortunately, encryption technology mitigates the threats to this information. Yet we must remain vigilant when new advancements threaten to compromise security. 

Is a disruption intelligence gathering or cyber warfare?

There is also an important distinction between cyber warfare and intelligence activities. The United States was aware of spying activities on our soil during the Cold War. The intelligence community tried to observe "dead drops" and other acts of espionage. Those efforts were not seen as an act of war in the same way an attack on U.S. submarines or missiles pointed at American soil would have been. 

Intelligence gathering will continue and even expand as the digital world pervades almost every sphere of influence. Yet digital intrusions are hard to distinguish between intelligence collection and attempts to intercept (or interrupt) planning for an attack.

For example, an enemy may disrupt a defense system while inserting malicious code to collect information from our systems as part of traditional espionage information-gathering. But the malware also could be intentionally inserted to disrupt and take down the system for more nefarious purposes.

The capacity to determine the difference -- or where an exploitation ends and an attack begins -- does not exist. Intent is one of the hardest things to know, but how we define these events matters enormously. The definition will determine the response. If digital events are considered conventional espionage, they may trigger political or legal reviews and approvals. But a digital attack response aimed at disrupting an enemy’s capabilities fall more along traditional military lines.

The focus of cyber warfare will likely remain on disrupting the opponent, as opposed to creating a lethal situation. And it will focus on providing the U.S. an advantage. Cyber warfare also will evolve as the internet evolves, including with the growth of digitally-enabled appliances and everyday items, known as the “internet of things.” 

Similarly, the “internet of military things,” which arises from the increasing connectivity in aircraft, weapons, air defense and communications systems, and personal protective equipment, dictates that we address the offensive and defensive warfare aspects of the evolving cyber struggle. The internet of military things opens the U.S. military up to a new range of weapons, opponents, and threats. 

Combined arms rehearsal meeting for Ulchi Freedom Guardian (UFG) at Camp Yongin, South Korea, Aug. 21, 2014. (Army Sergeant Daniel Schroeder/Department of Defense)

So, what do we do?

All of these developments present the Department of Defense with a new challenge and beg the question: What will "traditional warfare" mean in 2025 or 2030? 

Warfighters will be operating – and when necessary fighting – seamlessly from undersea, surface, land, air, and space. They will be working with both manned and unmanned systems that perform autonomous operations across land, air, space, and sea. They will be working together to identify and defeat an enemy at the speed of light or in "digital speed."

The American military does not possess sufficient numbers of skilled operators to counter this growing threat, much less obtain superiority in the cyberspace domain. We will need to train for a different set of skills and knowledge.

The American military does not possess sufficient numbers of skilled operators to counter this growing threat, much less obtain superiority in the cyber space domain. We will need to train for a different set of skills and knowledge.

The tools that will advance U.S. military capabilities are also creating vulnerabilities since they operate on the same internet that is under attack. As U.S. policies evolve and incorporate innovative technologies into defense systems, they need to be designed with an eye towards security. Developing a strong military without protecting the electrical grids, airports, and railroads at home is short-sighted and will hinder longer-term success. These critical infrastructure components, while not owned by the military, must be part of the planning. They will be a vital part of protecting the U.S. in this era of cyber warfare. 

A proactive planning approach will prove the most effective way to move forward. Now, when the military contemplates responding to a cyber attack, success is largely defined by destroying the physical hard drive or power supply, items which can be easily replaced by attackers. Instead, the focus must be on finding solutions within the network. This will neutralize the adversary more effectively than short-term solutions.

As history has shown, military strategy must adapt to new domains. Cyber space is that next domain. While traditional warfare will continue to exist, technology and cyber operations will aid its methods. 

Cyber warfare could make conventional warfare systems that employ computers and electronics operationally ineffective or obsolete. A traditional system that cannot respond in "digital time" to a multi-pronged threat or that cannot provide protection while attacking others may be of little use in the future. It would be the equivalent of the Polish Army attempting to use their horse cavalry team against the German armored brigades at the beginning of World War II. Society and warfare have evolved from horses against metal to metal against the matrix.

Going forward, many political and military questions will need to be addressed as we determine how to conduct and respond to cyber warfare. Unanimous agreement is unlikely, but an informed dialogue with the public on these issues is essential. That will pave the way for the compromise and support necessary to establish new policies and principles for this complicated subject of cyber warfare.

As history has shown, military strategy must adapt to new domains. Cyber space is that next domain. While traditional warfare will continue to exist, technology and cyber operations will aid its methods.
Leave your feedback with The Catalyst editors