From Cyberterrorism to Actual Military Campaigns

It is often claimed these days that, thanks to the internet of things and dramatic technological progress, future kinetic wars will be fought in virtual reality. While this is a possibility, now it makes more sense to talk about disparate acts of cyberterrorism. As any other act of terrorism, their perpetrators (and/or sponsors) have goals that they pursue. Yet often – and it is important to draw a distinction between cyberterrorism and cyber espionage here – their perpetrators do not have any fundamental goals, and they simply want to smear the name or undermine the image of a public person or, occasionally, that of a national government as a whole. This becomes particularly evident during election campaigns or important political events (which has happened on numerous occasions to the Democratic Party in the United States and its presidential candidate, Hillary Clinton).

It is rather difficult to track down the perpetrators (there is always a problem when it comes to attributing cyber-attacks; while it is possible to trace hackers and malware developers, it is still much more difficult than movies would have us believe). Attribution is often at the level of intuition or media speculation, even if not entirely baseless, as was the case with the attack on Sony ahead of the launch of the satirical comedy The Interview about Kim Jong-un. Yet governments of leading countries in the area of the virtual reality technology have been paying a lot of attention to cyberspace related issues recently.

REUTERS/Dado Ruvic

Logo of "Kosova Hackers Security". At the request of the United States, Malaysia has arrested a man, 20-year-old Ardit Ferizi from Kosovo, on charges of hacking personal data of more than a thousand U.S. officials and handing it to Islamic State militants in Syria so they could target the individuals. 

On a level above that, governments also suffer from enemy cyber strikes at times of military conflicts or revolutions. Attacks on the government websites of Estonia and Georgia (2008) (in 2007 and 2008, respectively) are textbook examples. Their official sites were down for hours before recovering from DDOS attacks. Western countries and media claimed that Russia was behind both attacks, an accusation that Russia denied. So far, these are the starkest examples of so-called “cyberterrorism” potentially commissioned by a government. Therefore, cyber terrorist attacks only accompany “conventional” conflicts, without turning hackers into soldiers on real front lines. For now.

Today, countries that are leaders in IT are trying to bring some order into their cyberspace activities. To this end, they establish special centres where countries conduct joint cyber wargames and practice defence against cyber-attacks. NATO has led the way by setting up a large cyber centre in Tallinn. This is further proof that cyberspace is becoming increasingly militarized. The centre’s website says that its objectives include military training of cybersecurity professionals and experts. Many countries view cybersecurity as a sphere of military interests, with Russia and China being no exception. At the highest level, cybersecurity is the domain of government agencies, such as the Federal Security Service and the Ministry of the Interior of the Russian Federation.

It should also be noted that countries are taking steps towards implementing the provisions of international law in cyberspace. Countries have already agreed to equate cyber-attacks with actual military attacks that could result in a very real response. So far, international leaders have shown enough political restraint and vision to prevent the outbreak of an actual war as the result of a seemingly innocuous email hack or a temporary halt of operations at a critical infrastructure facility. But this could change. There is no guarantee that countries will not attack each other with real weapons in the future. And countries are extremely reluctant to make steps towards each other in cyberspace. The matter of developing and/or modifying the existing norms of international law is of utmost importance. The economic factor could motivate governments to do just that. Losses from cyberterrorism and cyber-attacks are growing at an astonishing rate every year. The numbers are still small compared even to the national GDPs of relatively developed countries, let alone the global GDP. Still, technological development creates an increasing number of “zero days,” which are exactly the reason for the financial losses of the affected countries.

It is entirely possible, given the pace of technological development, that we will see cyber-generals and cyber-officers in the future.