recommended reading

War of Words

There's been a war of words lately over the meaning of war - specifically, cyberwar. What is it? How do we recognize it? When it happens, what's the appropriate response? These aren't academic questions. As the Defense Department stands up a new Cyber Command, the definition of war in the ungovernable expanse of the Internet is a fundamental problem, still unanswered.

Among the technological cognoscenti, two camps are taking shape, and their critiques and counterpoints - played out in blog posts, Twitter streams and op-eds - are giving way to personal invective. One camp holds that the United States is engaged in cyberwar right now, and it's losing. This war is being fought against shadowy hacker groups, some of which are employed as proxies by the United States' main strategic rivals, China and Russia. Every day, they make thousands of attempts to penetrate government and corporate computer systems. Those who ignore this persistent threat do so at the nation's peril, as hackers continue to steal vital information and disrupt operations.

The other camp holds that while malicious activity permeates cyberspace, the "cyberwar" label was cooked up by former government officials who now work for security consulting firms. They're in line to receive the billions of dollars in cyber defense spending forecast for the public and private sector in the next few years, and so these cyber Cassandras have an incentive to promote fear and obscure reality. They stand ready to ignite a cyber arms race by refashioning criminal hackers as marauding Internet soldiers.

What's missing from this debate is a better sense of what the real nature of a cyber threat is. Cyberwar is a legitimate term. But it's only narrowly applicable. In the United States, it describes computer-based attacks by the military on the computer networks of its adversaries to cause harm in the real world. That latter point is essential. In 2007, the military hacked into the cell phones of insurgents in Iraq in order to send them misleading text messages that lured them into traps. Ask the military's cyberwarriors how they view what they do, and they'll tell you a computer is a weapon, but not a lethal one on its own. The entire point of cyberwar is to cause some damage in the offline world. v Cyberwar is the wrong term to use when describing the thousands of attempts each day to steal information from sensitive government and corporate computer networks. This is espionage, plain and simple. When Google accused hackers in China of pilfering the company's trade secrets, that really was an allegation of industrial spying. When U.S. officials are warned not to carry any sensitive information on their laptops or phones when traveling in China - and preferably to leave all their electronic equipment at home - they're being schooled in counterintelligence. To call this "warfare" offers no remedy. What is the United States supposed to do when the Chinese government steals from an American company. Bomb Beijing?

The war of words over cyberwar is an important debate. But it's time to step back and take a deep breath. The distinction between war and espionage is only a first step, but it takes us in the right direction.

Shane Harris is the author of The Watchers: The Rise of America's Surveillance State. He covered intelligence and technology at Government Executive from 2001 to 2005.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.