SVG
Commentary

The Trouble with Cyber Arms Control

The New Atlantis, Fall 2010

Senior Director for WMD and Counterproliferation, National Security Council

These are early days in the age of cyberwar. In the developed world, nearly every sphere of life now depends upon computers and networks, a fact that has introduced great vulnerabilities. The United States in particular — with a modern infrastructure, a plugged-in population, numerous enemies and competitors around the world, and a military whose overawing conventional prowess is heavily reliant on computer networks — has reason to feel exposed to cyber attack.

U.S. Department of Defense computer systems are already probed millions of times a day by would-be computer intruders. Some succeed in becoming more than would-be intruders, such as the still-unidentified assailants who not long ago managed to access terabytes of files related to the new F-35 Joint Strike Fighter jet. Computer espionage is already an established tool of twenty-first century geopolitics, and attacks upon computer systems and networks are now emerging as a powerful tool of warfare. When Russia invaded the Republic of Georgia in 2008, Georgian computer systems were subjected to crippling attacks intriguingly coincident with the sudden Russian offensive — an event some consider to be the first wave in the new tide of cyberwar. Palestinian and Israeli hackers reportedly attacked each other’s computer systems during the Gaza conflict in 2008-09. And more recently, the Stuxnet computer worm seems to have damaged work on Iran’s nuclear reactor at Bushehr and the country’s ongoing uranium enrichment operations at Natanz. Computer attackers — whether they be hacker-activists aligned with no government, cyber privateers quietly encouraged by a government, or authorized governmental cyber soldiers — seem likely to play increasingly important roles in future conflicts. . . .

Click to read the full text PDF.