The Wilson Quarterly

The military of the United States reigns supreme on land, in the air, and at sea. But who will rule cyberspace remains an open ­question.

Shane Harris, a correspondent for National Journal, reports that cyber­warfare—attacks on a nation’s power grid, air traffic control system, banks, Web servers, or ­phones—­is now an integral part of U.S. military strategy. The government has made its efforts to keep American computers secure well known, but now evidence that the United States has engaged in an offensive ­cyber-­strategy is piling up. Harris reveals that in May 2007 Presi­dent George W. Bush authorized an attack on the cell phones and computers of insur­gents in Iraq. Unnamed former officials credit such operations with helping to “turn the tide of the war.” Some suggest they were even more in­stru­mental than the thousands of addi­tional troops President Bush sent to Iraq as part of the surge in 2007.

With the creation of ­high-­level posts to coordinate U.S. ­cyber­strategy and the emergence of a younger generation of leaders, the new way of war is getting more attention from the defense establishment. But the United States faces major challenges in keeping pace with Russia and China. An independent study published in July found the nation’s cyberwar staff fragmented and inadequate; the study blamed low salaries and a hiring process that can stretch on for months.

Secretary of Defense Robert Gates has said that the military is “desperately short” of cyber­warriors. The Defense Depart­ment graduates about 80 stu­dents each year from schools devoted to teaching cyberwarfare and hopes to quadruple that number in the next two years. But the government must compete with the private sector for top talent. For example, defense contractor Raytheon Company recently posted a “Cyber Warriors Wanted” advertisement on its Web site and announced 250 open ­spots.

The United States appears to have proceeded cautiously, in part out of awareness that the weap­ons of cyberwarfare are very different from conventional ones, producing systemic effects that can be hard to anticipate. Planners considering an attack on the Iraqi banking system before the 2003 U.S.-led invasion backed off when they realized that the Iraqi networks were tied to ones in France that would also be affected. Moreover, the computer coding used in any assault is at risk of being captured by an adversary, refined, and redeployed. Mike McConnell, a former director of national intelligence, has said that a coordinated ­cyber­attack “could create damage as poten­tially great as a nuclear weapon over time.”

Old-fashioned Cold ­War–style deterrence theory plays a big role in the new thinking. Harris writes, “Presumably, China has no interest in crippling Wall Street, be­cause it owns much of it. Russia should be reluctant to launch a ­cyber­attack on the United States because, unlike Estonia or Georgia [which Russia is believed to have cyber-attacked in 2007 and 2008, respectively], the United States could fashion a response involving massive conventional force. . . . If nations begin attacking one another’s power grids and banks, they will quickly exchange bombs and bullets.”

* * *

The Source: "The Cyberwar Plan" by Shane Harris, in National Journal, November 14, 2009.

Photo courtesy of Flickr/Torkild Retvedt

Read Next

Good Vibrations