(Cyber)War… What Is It Good For?

Recently OECD — a well-meaning think tank of doubtless impressively-credentialed academics – published a report suggesting that, well… the term “cyberwar” is awfully inflammatory, and it’s not likely that anyone (nationality or otherwise) is going to effectively attack a sovereign nation, and after all, the Internet is highly flexible and can easily address these types of attacks even if they do occur… right?

Those of you who read this blog regularly know that neither I nor eIQ are really fear-mongers of the infinite order.  But this is one example where the Really Smart Guys (and Gals) got it wrong.  The fact is, we have already seen successful cyberattacks that meet even the most basic definition of “cyberwar”, and have tangibly disrupted the flow of critical information.  Just ask Google, Yahoo, Adobe, Dow Chemical, Northrop-Grumman, and about 30 other companies: a scant year ago, these organizations all experienced an attack perpetrated from China — without, or possibly with, state sponsorship – targeted at thousands of IT assets based in the U.S.  Google claims that it lost significant intellectual property in the attacks, and it’s clear from the attack pattern (released by Google themselves) that this was a coordinated attack by hundreds of attackers geographically located in China, all targeting the same organizations.

Of course, not every cyberwar attack is so complicated: at the very moment I’m writing this blog post, the Egyptian government is waging what could be reasonably construed as a cyberwar against its own people, having cut Internet access, wireless carriers, and other digital communications into and out of the country.  The people of Iran went through a similar event last year during post-election protests.

As for other targets of attack, data is not always the only target in a cyberwar.  The Stuxnet worm, a particularly malicious piece of code that strings together multiple zero-day attack vectors and stolen digital signatures all in a single, convenient package, has targeted Siemens PLCs in energy generation and distribution networks around the world.  The inter-connected world of digital technologies in to so many industries — energy, transportation, manufacturing, and many others – means that cyberwars are no longer limited just to data.

The simple fact is, cyber attacks that fit even the most conservative definition of “cyberwar” have initiated a foothold into our world, and they’re not going to go away.  The OECD suggests a different term that more accurately reflects the real criticality of these types of threats.  Tongue firmly in cheek, I’d like to suggest some “less inflammatory” terms that might better fit the OECD’s comfort level:

• “Cyber-Cutting-off-An-Entire-Country’s-Digital-Access-to-the-World”
• “Cyber-Loss-of-Power-to-the-Western-Hemisphere”
• “Cyber-Rerouting-of-Classified-Data-to-a-Foreign-Country”

Hopefully these more “restrained” — and more technically accurate – descriptions will be more to the OECD’s liking.