For years, people have been saying that the next world war will not be fought by massive land, air, or sea forces but by cyber warriors with computers hacking into and disrupting critical infrastructure networks. It doesn’t seem as far-fetched today as it did just a decade ago, especially when you consider what’s already happened so far this year in the United States, Canada, and China.
- Last week, Canada’s Chief Information Officer said that “a highly sophisticated Chinese state-sponsored actor” had breached the networks of the National Research Council of Canada, the government’s premier research and technology organization.
- Last month, the New York Times reported that Chinese hackers have breached the networks of U.S. government agencies, including the Office of Personnel Management and the Government Accountability Office.
- In May, a U.S. grand jury indicted five members of the Chinese military for cyber espionage — accusing them of hacking into U.S. businesses and stealing trade secrets.
The Chinese government has denied responsibility for any of the attacks, and as you can imagine, cyber espionage has become an issue in U.S.-China relations. The question is: Has a cyber war already begun?
I guess it depends how you define “war.”
On the one hand, Thomas Rid, a professor of security studies at King’s College London and author of the book Cyber War Will Not Take Place, applies the definition of 18th century Prussian general and military theorist Carl von Clausewitz, who said that war must involve violence and politics and be a means to an end. Cyber war, Rid said, just doesn’t fit the bill.
On the other hand, Richard A. Clarke, the former National Coordinator for Security, Infrastructure Protection, and Counter-terrorism for the United States and coauthor of the book Cyber War: The Next Threat to National Security and What to Do About It, puts forth that the possibility is quite real and, perhaps, imminent.
Politicians and other experts can argue until the cows come home whether or not “war” needs to be redefined in today’s digital age. However, one thing is certain in my book: Cyber attacks are still in their infancy, but at some point in the future, as technology continues to advance and cyber attacks continue to improve, they may indeed result in civil disruption, property destruction, and the loss of human life.
You don’t have to look to China to see how cyber extortion and data breaches have affected how we live. You may not need a bunker, but you should keep your eyes peeled and your ears open to news about anything online that could compromise your safety.
To learn about ISO’s various cyber offerings, visit the ISO Cyber Risk Solutions website, www.verisk.com/cyber, or e-mail me at sdougherty@iso.com. You can also follow me on Twitter @doughertyshawn.