Guest Post: Is Cyber War The New Cold War?

Tyler Durden's picture

Submitted by Trefor Moss of The Diplomat,

Cyberspace matters. We know this because governments and militaries around the world are scrambling to control the digital space even as they slash defense spending in other areas, rapidly building up cyber forces with which to defend their own virtual territories and attack those of their rivals.

But we do not yet know how much cyberspace matters, at least in security terms. Is it merely warfare’s new periphery, the theatre for a 21st century Cold War that will be waged unseen, and with practically no real-world consequences? Or is it emerging as the most important battle-space of the information age, the critical domain in which future wars will be won and lost?

For the time being, some states appear quite content to err on the side of boldness when it comes to cyber. This brazen approach to cyber operations – repeated attacks followed by often flimsy denials – almost suggests a view of cyberspace as a parallel universe in which actions do not carry real-world consequences. This would be a risky assumption. The victims of cyber attacks are becoming increasingly sensitive about what they perceive as acts of aggression, and are growing more inclined to retaliate, either legally, virtually, or perhaps even kinetically.

The United States, in particular, appears to have run out of patience with the stream of cyber attacks targeting it from China – Google and The New York Times being just two of the most high-profile victims – and which President Obama has now insisted are at least partly state-sponsored.

Although setting up a cybersecurity working group with China, Washington has also signaled it intends to escalate. U.S. Cyber Command and NSA chief General Keith Alexander signaled this shift of policy gears earlier this month when he told Congress that of 40 new CYBERCOM teams currently being assembled, 13 would be focused on offensive operations. Gen Alexander also gave new insight into CYBERCOM’s operational structure. The command will consist of three groups, he said: one to protect critical infrastructure; a second to support the military’s regional commands; and a third to conduct national offensive operations.

As cyber competition intensifies between the U.S. and China in particular, the international community approaches a crossroads. States might begin to rein in their cyber operations before things get further out of hand, adopt a rules-based system governing cyberspace, and start respecting one another’s virtual sovereignty much as they do one another’s physical sovereignty. Or, if attacks and counter-attacks are left unchecked, cyberspace may become the venue for a new Cold War for the Internet generation. Much as the old Cold War was characterized by indirect conflict involving proxy forces in third-party states, its 21st century reboot might become a story of virtual conflict prosecuted by shadowy actors in the digital realm. And as this undeclared conflict poisons bilateral relations over time, the risk of it spilling over into kinetic hostilities will only grow.

Warfare’s Wild West?

Cyberspace is anarchic, and incidents there span a hazy spectrum from acts of protest and criminality all the way to invasions of state sovereignty and deliberate acts of destruction. Cyber attacks that might be considered acts of war have so far been rare. It is certainly hard to characterise the rivalry between China and the U.S. as it stands as cyber warfare, argues Adam Segal, a senior fellow at the Council on Foreign Relations. “I tend to stay away from the term ‘cyber war’ since we have seen no physical destruction and no deaths,” he explains. Segal accepts that there is a conflict of sorts between China and the U.S. in cyberspace, though he says it is “likely to remain below a threshold that would provoke military conflict.”.=

While there is no internationally accepted categorization of different kinds of cyber activity (individual states have varying definitions), it is self-evident that some episodes are more serious than others. NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) – a unit based, not by accident, in Estonia, which experienced a massive cyber-attack from Russia in 2007 – distinguishes between “cyber crime,”“cyber espionage,” and “cyber warfare.”

China’s cyber operations, for all their notoriety, have essentially been acts of theft – either criminals attempting to extract privileged data, or incidents of state-sponsored espionage (some of which, admittedly, had national security implications, such as the extraction of blueprints for the F-35 Joint Strike Fighter). But these operations did not seek to cause any physical destruction, and so would be hard to interpret as acts of war. This may explain why the U.S. government has been quite tolerant of Chinese hacking until now, seeing it as an irritant rather than as anything more provocative.

However, other states – notably the U.S. with its use of the Stuxnet virus against Iran – have arguably engaged in acts of cyber aggression. “Stuxnet might be considered an act of war, or at least a use of force,” suggests Segal, though he adds that assigning labels to such incidents is never straightforward, even in the physical realm.

States certainly appear to be testing the boundaries in cyberspace, safe in the knowledge that those boundaries are undefined. There is almost a sense of lawlessness given the lack of consensus on how to treat cyber warfare from a legal standpoint. The U.S., for example, takes the view that existing international law can be applied to cyberspace. Others, notably China and Russia, have advocated a new code of conduct to address the unique problems that cyber operations create.

Virtual Progress

Recently , the CCDCOE made an important attempt to inform this debate when it published the Tallinn Manual, a detailed examination of the way in which existing international law might be applied to cyber warfare. “What makes the situation fairly unique is that there is not much cyber-specific international law regulating actions between states, and therefore states have to assess and analyze how the already existing, but not cyber-specific norms, apply to cyber activities,” explains Liis Vihul, a scientist with the CCDCOE’s Legal and Policy Branch.  “It is at least the view of most western states that the international law dealing with the right of self-defense and also the conduct of armed conflict apply to cyber operations; the devil lies in the details – in other words, in some matters the states really have to think hard to figure out how exactly these norms play out in the context of cyber.”

The Tallinn Manual is meant to guide governments through some of this hard thinking. Under international law, states are legally entitled to respond to an “armed attack” or a “use of force” in a proportionate way. Vihul says that “cyber activities carried out by states that injure or kill people or damage or destroy objects are most likely to be considered as uses of force.” If a state suffers such an attack, it could be legally entitled to retaliate with cyber or conventional forces, even if the attack was purely cyber in nature, and even if the attack was perpetrated by civilian, rather than military, agencies.

However, cyber complicates the application of the existing law in two ways. The victim of a cyber attack might hide the fact that the attack ever took place so as not to reveal its vulnerability to other potential aggressors. Even more importantly, it is hard to attribute a cyber attack to another state in a way that would satisfy international law, given the attacking state’s likely use of proxies.

The first challenge that states face is therefore proving the origin of an attack.

Secondly, states have to decide how to respond legally and effectively to cyber crime and cyber espionage. So far the governments have seemed inclined either to accept such attacks as a fact of interconnected life, or to try to retaliate with cyber operations of their own. The former approach only encourages further aggression, while the latter probably breaches international law if the original hack was not an example of the use of force. In future, the victims of virtual theft might instead focus on gathering evidence and then seek reparations at the World Trade Organisation or the International Court of Justice, much as they would do in cases of IP theft or breaches of sovereignty.

Thirdly, the international community must continue the debate where the Tallinn Manual has left it, and work to develop universally accepted rules and norms for operating in cyberspace. “I think the risks of miscalculation or inadvertent escalation are very high if two sides do not share a common vision of what are legitimate targets or thresholds for acts of war,” says Segal.

China and the U.S. have both said that they would like to see a rules-based cyberspace, but they do not see eye to eye on how those rules should be established. A costly and potentially dangerous Cyber Cold War awaits if they cannot do better, and agree on some rules of engagement for their rapidly expanding online forces.


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
ebworthen's picture

Building controls are networked, as in I.P. address and controllable remotely.

Heating, air conditioning, air handling, all sorts of systems.

Dumbest thing EVER.

New_Meat's picture

gotta' distribute all of the ways to make the "smart grid" go stupid at least locally. - Ned

dryam's picture

Off topic,  

For those that didn't hear about CBS-Canada's show on gold last night here is the video.  You might want to download it because youtube might take it down because of copyright issues

TheGardener's picture

Tallinn ? Sounds more like Gleiwitz ...

lolmao500's picture

Well yeah.But if intelligent people ran the government, anything critical would be disconnected from internet BY LAW.

That and China sending troops inside India...

Chinese troops intrude into Indian territory in Ladakh, erect a tented post

In a deep incursion, Chinese troops have entered the Indian territory in Daulat Beg Oldi (DBO) sector in eastern Ladakh and erected a tented post, setting the stage for a face-off with Indian troops.

A Platoon-strength contingent of China's People's Liberation Army (PLA) came 10 km inside the Indian territory in Burthe in DBO sector, which is at an altitude of about 17,000 feet, on the night of April 15 and established a tented post there, according to highly placed sources, which said that a Chinese Army Platoon usually consists of around 50 men.

India has 2 choices... accept Chinese troops on their territory will they build up their infrastructure and annex a part of your territory...which will surely go well with the Indian people... or go to war with them... very bullish in either case.

Parrotile's picture

Disconnected from the Internet? - Unfortunately not practicable: Cost-driven standardisation of communication systems (primarily data) has meant everything follows the same tune (at a fundamental MAC address / IP address) level, purely for economic and ease / cost of service means.

Everything (and I DO mean EVERYTHING) at a systems control / sensor / actuator level seems to have some embedded SCADA functionality, and even with transfer over "private" networks (fibre, cable or RF / Microwave) the number of "back doors" are enormous.

"Modern" systems telemetry / management / operation comes with this as a built in disadvantage. Fortunately access is limited, requiring prior knowledge, but as we've all seen in the past, it only takes one well-placed disgruntled employee and all hell can be let loose.

lolmao500's picture

You can always rewrite the codes so that nothing can be connected to the internet.

CH1's picture

Nothing was connected to the Internet in 1990, and everything still worked.

New_Meat's picture

"Is Cyber War The New Cold War?"

why, yes, and it achieves certain objectives with little outlay and the possibilities of great damage and perhaps certain other gains.

Shimoon, well that comes to mind.  ME production goes where?  Who would wish to damage the recipients?  Who would benefit from the ensuing confusion?

- Ned

TheGardener's picture

Cyber war under control, cyber witches drafted or burned.

I live among coding idiots for a living and they think I could code all of you.

Database wise they wisely tell me the more the records,
the less the control. But they are idiots because all the
evidence ever needed is an on the fly comment, finger print or DNA match made up according to needs.

dick cheneys ghost's picture

massive explosions in Boston...........656pm

New_Meat's picture

ha'int don't know the diff between 40SW or "flash-bangz" and "Massive Explosions"

And not in Boston

- Ned

{I'm local and kinda' understanding, more or less wtf is going on the ground, this here four-legged thang kinda' wonderin' how, in fact, given the above cluelessness, the fucking financial advice/commentary on this site is valid???}

{{'cuz above is pig-shit, don't cha' know}}

Ineverslice's picture


Just un-plug the damn thing.

dark pools of soros's picture

I'd piss on a spark plug if it'd do any good

YHC-FTSE's picture

Takes me back to my childhood. I had such a crush on Ally Sheedy.

I was going to avoid coming here this weekend to give my tolerance for WTF events time to recover which exceeded my mental circuit breakers after seeing images of 3 state troopers at Sandy Hook who bore an uncanny resemblance to the Craft Internstional-clad 3 at the Boston bombing. That was a big WTF. But 10 mins of BBC news was all I could take before I had to come back. 

Bingfa's picture

Welcome to the Matrix

Where all your fears come 24/7

Bearwagon's picture

Where you can check out any time you like, but you can never leave ...

pragmatic hobo's picture

cyberwar is utter bull shit. The real secure communication for military and government is done via private network that has no physical connectivity to internet. reason why infection of Iranian nuclear program was done via infected memory stick is because they, like everyone else, do not allow sensitive installation to be accessed by internet. Only reason for spread of FUD regarding cyber-terror is because government must desperately regulate internet.

Sabibaby's picture

You need to ask yourself, "Where are the parts for these devices made?" 

ChIndia, that's where. You know about the drones infected with a virus that just won't go away? The virus is HARDCODED into the chips and the chips come from China and India. There really IS a war going on. To say it's utter bs is so naive...

dark pools of soros's picture

so if someone blows up a bridge is it not war?  if someone knocks out a grid via cyber attacks is it not war?

you dont just hit military targets in war right?


Bad Attitude's picture

Cyberwar is very real, and has been going on for years. There is a lot of civilian infrastructure (banking networks, utility control, PCs, cell phones) that is not on any secure military network.

A 2010 story from 60-Minutes:

And, as other have pointed out, there is a lot of potentially compromised made-in-China computer hardware on networks everywhere.

A 2012 story about a made-in-China chip used in many military products in which had a backdoor:

Counterfeit electronic components from China found in US military hardware:

These articles just scratch the surface of this issue.

Scarlett's picture

On our side we sold a Boeing to China that had a big fucking backdoor--and they found it instantly.

espirit's picture

You get what you pay for.  COTS (commercial off the shelf) hardware as a cost savings in .gov is a boondoggle and they know it.  "Thickening" is the new meme, as make it yourself even if it costs up to 25% more is now meant to insure reliability and capability.

Talk about closing the barn (back) door after the event is just the kneejerk reaction to being one move behind - all the time.

So sad...

PeaceLover's picture

Red tagging the above is a strike for the banks.

The fighting Cyber war is double speak for censorship and move surveillance to the tune of billions,

To watch who.. big brother.

The biggest enemy of the Crooked banks and big brother is the truth!

never in the history of the world has so many been able to share the "TRUTH"

If you have a system or a business that can be attacked thru the front door "Internet" ask your self why your so stupid?
If you need a little help on that question let  me help you.
You may be way out of touch.

The people that are passing the bill's haven't a clue it appears.
Cyber War
Drug War
War on everything... watch out big scarey world out there.
Lets get bigger guns for swat, and start using drones..
Starbucks stop the free internet.


After the war in Vietnam.. I kind of though we would get a clue.

Iraq. and the quacks that came out of that.

torture a prisoner to get them to say what we wanted
And Bradley manning, if there was a man in the government and there appears there isn't, they would drop to there knees beg, the nation to forgive them and release Truth tellers on the spot
And Dem's that line right up behind a secret kill list man..
Democrats  stand on taxes was always a lot to take but at least they seem to look out for the underdog.
Now they just line up behind there mind, acting like they lost there's

The whole internet deal has been a set back for evil in the world because evil doesn't do to well in the light!

it's a coming at some point like we say it drops to zero at some point

Milestones's picture

Good, intellegent post Peace.  Thanks.         Milestones

Bingfa's picture

Must keep the Matrix intact....

The web is it's biggest enemy...

Parrotile's picture

The Military may well be "ok" initially, but just think how much they are dependent on ALL the Civilian systems working smoothly.

No Railway signalling = no trains. No bulk transport. No civilian commuter capacity. Also ttrains "stuck" where they shouldn't be, and no simple means of knowing the location of these "lost" trains;

No Air Operations = no planes. No Travel, thousands stuck where they shouldn't be (from an economic perspective);

No traffic management systems = effective gridlock. Certainly Citywide and maybe Statewide.

No digital communication over the Civil network so no deliveries of anything, so no fuel, food, medical supplies . . . . .

No power ('cause no Grid Control infrastructure). Industry stops, Hospitals stop, fresh water stops, sewage treatment stops, in effect - everything stops.

"Oh the Army will come to the rescue". Maybe for VERY localised supplies for a SHORT period of time, but even the US Army AND Reserves have neither the manpower nor vehicles to meet anything other than a VERY small fraction of "normal daily" demand. And what happens when the fuel reserves run dry (remember the Civilian systems no longer work, or work reliably, so no refineries, reduced ship handling capacity, etc.,). What then??

Sorry - Cyber Defence is BIG business for a VERY good reason.


Kirk2NCC1701's picture

HP owns the largest private backbone for a private internet. Access points are controlled a number of ways in series, and a host of AV SW gauntlets are in place.

Plus they own and manage entire blade server farms.

So, yes, it's mostly BS, unintended for public consumption and manipulation.

bugs_'s picture

Ben Bernanke: I'd piss on a sparc plug if I thought it would help!

rsnoble's picture

In other words China already has rules in place and since all the elite buttfuck buddies are in bed now the US will suddenly need them. Fuck this goddamn planet.

dark pools of soros's picture

What's this cyberwhat shit??  it aint real unless you can hold them like my bullets




blindman's picture

Fact or Fiction….stranger?
April 15, 2013
"we have movement in the boat." MA Rt. 9 Window Cam
19:40 est.

q99x2's picture

Hell no it is not cyber war between nations. This is a crock of bull because mission critical operations are kept on VPNs and separate trunk lines. But governments are attacking the public networks around the world as a way to control populations.

squexx's picture

The plan has been in the works for a LONG time. We are looking at eventual one world government, 666 ID, etc... By the time the USA starts to come out of this contrived crash, people will be so desperate for security and jobs they will gladly hand over their Constitutional rights!

Bearwagon's picture

Didn't they hand over those 'constitutional rights' already? I vaguely remember NDAA and stuff ...

earleflorida's picture

You want surreal... how about a seventy year old thought that's not a theory or hypothesis anymore-- but a living, breathing, and tangible phantasmagoric exorcism, waking-up all... in a chemtrail of opaque'd dismal mist arising in an arid hermaphodite's, 'wet-dream menstruation'?!

Whoa... "HAARP the Herald's Sing"-- Tesla being the harpist?! ___ "HAARP Unleashes Tesla Death Ray"?

cyberwar doesn't stand a chance... and, only outside the nodes is there'noir salvation?... hint, the "MAP"?

jus sayin...  and,

friday humour???


Parrotile's picture

With a current Billion watts (=1 Gigawatt) of radiated power, just how much power does this little toy consume?

With far less than 100% conversion efficiency, add on cooling needs, and other electrical infrastructure, the "energy bill" could be easily 2 GW.

Now, just think how beneficial this power could be to the less well off. Those who have to choose between food and heating / cooling? For a population of 350 milion, we're looking at about 6kW per individual, which brings Military largesse rather into focus, doesn't it!

Longing for the old America's picture

Hell, American Airline's reservation system outage brought the company to a grinding halt.

A truly effective cyber attack would cripple any country these days.

Whatta's picture

The gubermints are going to ruin the interent anyway.

How about an alternate internet? Is that possible? Probably not without being cable?

Bearwagon's picture

It is completely possible, and it even could be done without much cable (but that would slow it down considerably).

espirit's picture a parallel universe, far far away.

Brixton Guns's picture

Wouldn't you prefer a nice game of chess?

>No, let's play global thermonuclear war.




Kirk2NCC1701's picture

Paradigm Shift time again: The biggest and most important Cyber War is the war for the hearts and minds of people.

Even ZH is doing its share of 'fighting', albeit at a respectable profit. Not that there's anything wrong with profit.

shenjie's picture

information can assist spanking new use f. you bought a nice looking golf bag at admired continue to polo ralph lauren uk keep Christian Louboutin Pumps this region together with lo! nike lunarglide You find that someone else would be taking out an identical tote to them