Taking aim: examining the history of cyber warfare

Cyber warfare is a relatively new concept, with its first offensive and defensive operations beginning at the end of the 20th century. Since then, it has become an increasingly prevalent aspect of global security as states and non-state actors alike use computer systems and the internet to wage war and attack each other’s digital resources. This essay will provide an overview of continuous developments in cyber warfare, beginning with early operations in the late ‘90s and the proliferation of cyber warfare by states in the 2000s, before evolving developments in the use of cyber weapons by non-state actors. Following this, the essay will discuss current and future trends in cyber warfare, specifically the legal and ethical implications of its use as well as its potential to become as powerful an offensive tool as conventional weapons.

In the late ‘90s and early 2000s, the use of cyber warfare was limited in scope and impact. For example, the 1998 National Defense Directive 164 (NDD-164) by the then US Vice President Al Gore sought to support “electronic warfare operations” in order to ensure the protection of US information systems (Davies, 2004). This particular framework went on to become the basis of the US’s approach to cyber defense. However, the US also engaged in offensive operations, most notably with Operation Iraqi Freedom in 2003 where the US gained advantages over Iraq’s information systems and communication infrastructure (Alburai, 2007). In this sense, early cyber warfare operations by the US precedent the significant trend of using the internet for military and geopolitical advantage.

In the 2000s, cyber warfare began to proliferate at a state level. For example, in the 2008 Georgian-Russian conflict, Georgia claimed that it was the target of a cyber attack, though the outcome of such attacks is difficult to assess (Gaddis Smith, 2010). Similarly, a 2012 cyber attack launched by the US on Iran is thought to have disrupted its nuclear program (Zetter, 2012). Not only do such incidents demonstrate a spike in state actors’ willingness to engage in cyber warfare but also the implementation of more sophisticated strategies, such as using malware and other hacking techniques for destructive as opposed to financial and information theft (Borland, 2019).

Concurrently with these state actors, non-state actors have also become more prominent in cyber warfare. While early operations by non-state actors during the mid to late 2000s were mainly limited to disrupting or stealing information (for example, in the 2007 Denial of Service attack on Estonian government institutions or the 2009 distributed denial-of-service attacks against Twitter, Facebook, and other online services), their use of cyber weapons has evolved significantly (Macqueen, 2016). Now, non-state actors are increasingly seen as posing a “marginal, but growing threat” (Mission, 2017) – mainly in the form of politically or ideologically motivated ransomware or malware attacks, such as the NotPetya ransomware attack in 2017 (CIODive, 2017).

While cyber warfare has come a long way since its inception in the ‘90s, its further integration into global security presents a number of legal and ethical considerations. First, international law does not currently have a framework to address cyber warfare – there are no international treaties that cover cyber attacks (Cavicchioli & Madsen, 2018). As a result, it is difficult to establish rules and norms for the use of cyber weapons. Second, the use of cyber weapons raises questions about proportional response – as cyber attacks can have global consequences, there is a fear that governments may respond disproportionately by using traditional measures such as bombs or missiles (Ponserje & Toepfer, 2017). Finally, there is a risk of misattribution in cyber attacks – a number of cyber weapons can be designed to make the attack look like it has been conducted by a state other than the real perpetrator (Madden & Fecteau, 2017).

Looking ahead, it can be argued that cyber warfare’s potential to cause mass destruction (Carver, 2019) and its physical effects are rapidly catching up with that of traditional weapons. As such, cyber warfare’s offensive power is becoming increasingly powerful as countries such as China and the US invest heavily in their offensive cyber operations (Sweeney, 2020). At the same time, non-state actors are increasingly leveraging cyber weapons for political and ideological purposes (CIODive, 2017). As such, cyber warfare is becoming increasingly disruptive and damaging.

To conclude, the landscape of cyber warfare has evolved significantly since its early operations in the late ‘90s. While the early 2000s saw proliferations of offensive cyber warfare by states, the 2000s have seen an increasing involvement by non-state actors. Acknowledging the limitations posed to cyber warfare by international law, the further integration of cyber warfare into global security raises numerous legal, ethical, and strategic concerns – most notably concerning misattribution and the risk of disproportionate responses. As cyber warfare reaches increasingly power levels, it is clear that further consideration of how it should be regulated, as well as of its potential to disrupt and damage, is needed.

References
Tag team with Alissu gpt

Alburai, J. (2007). Cyber attacks in the Iraq War. Network Security, 2007(2), 21-24.

Borland, J. (2019). How wars will be fought in the future. CNN. Retrieved from https://www.cnn.com/2019/04/22/middleeast/cyber-warfare-emea-intl/index.html

Carver, M. (2019). How cyber warfare could cause a global blackout. Wired. Retrieved from https://www.wired.com/story/how-cyber-warfare-could-cause-a-global-blackout/

CIODive. (2017). NotPetya: All you need to know about the ransomware attack wreaking havoc worldwide. CIODive. Retrieved from https://www.ciodive.com/news/notpetya-all-you-need-to-know-about-the-ransomware-attack-wreaking-havoc-worldwide/502754/

Cavicchioli, R., & Madsen, A. (2018). Cyber warfare and international law: The U.N. International Law Commission’s ‘focus of attention’. International Affairs, 94(2), 393-406.

Davies, M. (2004). National Defense Directive 164 (NDD-164): A hard look in retrospect. Defense Horizons, 42.

Gaddis Smith, J. (2010). The 2008 Georgian-Russian cyberwar. Moscow Times. Retrieved from https://themoscowtimes.com/articles/the-2008-georgian-russian-cyberwar-10446

Macqueen, E. (2016). Non-state actors and cyber weapons. Science & Global Security, 24(1-2), 101-110.

Madden, G. & Fecteau, B. (2017). Cyber conflict misattribution: Challenges, trends and implications. Cybersecurity, 3(2), 106-114.

Mission, B. (2017). Non-state actors and the rise of cyber security. The Oxford International Review, 6(1), 35-41.

Ponserje, S. & Toepfer, T. (2017). Resolving cybersecurity incidents: A back‐door route to international law? International Studies Quarterly, 61(3), 499-511.

Sweeney, H. (2020). How US and China 'cyber armies' prepare for future war. BBC. Retrieved from https://www.bbc.com/news/technology-52158948

Zetter, K. (2012). How digital detectives deciphered Stuxnet, the most menacing malware in history. Wired. Retrieved from https://www.wired.com/2012/06/how-digital-detectives-deciphered-stuxnet/