Cyber War is Hell

(Written December 29, 2014) 
For
The Bold Pursuit

This is not about computer geeks hacking a movie’s website.  This is not a computer game of war, where if you lose, you get to start over.  This is actual warfare, the kind that can destroy a nation.  People get killed.  There is no reset button.

In recent months, computer experts have recognized the extreme sophistication of computer hackers.  What was done to Sony may seem like small potatoes, the juvenile ranting of a tin horn dictator throwing a tantrum over a movie that personally insulted him.  In fact it was more than a warning shot; it left blood on the floor.

Let’s not forget that, whatever his fuzzy, comic portrayal in the previews of the movie, The Interview, Kim Jong Un, the dictator of North Korea, is certifiably a homicidal maniac, a sadistic and brutal murderer of millions of men, women and children.  He has repeatedly attacked South Korea with artillery, showing the world that he has no fear of starting a major war on the Korean peninsula where he lives.

In response, corporations and governments are (we hope) tightening up their computer security.  They are building things called fire-walls and encrypted files and multiple layers of passwords.  They are doing things that (we hope) we do not even know about, all in the effort to keep out hackers from places like North Korea, China, Iran and Russia. 

Unfortunately, such defensive strategies cannot succeed against an ever more sophisticated, and ever more determined horde of enemies who are constantly ramming at our gates.  Some computer experts are predicting a cyber warfare version of the Pearl Harbor attack that placed us in the bloodbath of World War 2.

Make no mistake, cyber war is war, nothing less.  A cyber Pearl Harbor may not be sounded by exploding bombs, but it will actually be worse.  It can destroy our infrastructure, which is that thing that provides electricity to your house, food to your kitchen, and keeps hospitals running.  Destruction of the infrastructure silences all your telephones, shuts off your radio and television, and makes it impossible to get gasoline for your car—and that is just for starters.

To emphasize just how fragile our physical infrastructure is, loss of our electric grid alone, if it happens, is expected to leave ninety percent of Americans dead within a year.  As apocalyptic as that scenario is, it is the sober and serious prediction of people who know.

With that much at stake, we cannot afford the luxury of putting up a defense that will protect us only until the next determined hacker finally discovers a tiny, but fatal, gap in our fire-walls.  Carl von Clausewitz (1780-1831), the famous Prussian military mastermind, is often credited with having said that the best defense is a good offense.  Whether he said it or not, the adage certainly applies to cyber warfare.  We cannot rely on an antiquated trench warfare strategy to stave off our relentless enemies.  We cannot wait for their next move.  Our enemies need succeed only once, and if they get inside our computers, it could be doom for us.

We must attack.  Here is how.

For starters, the president and Congress must immediately declare publicly that any and all cyber attacks on major targets in the US will be considered an act of war, and will be responded to just as if an enemy air force had bombed Pearl Harbor.  We must not allow “feeler” attacks, probes into our defenses in search of weak points.

Of course we cannot be reckless in our response.  Cyber attacks are difficult to detect, and even when detected, it may be enormously difficult to be sure who launched the attacks.  Even so, no enemy should feel safe from reprisal when conducting such an attack.

With international cooperation, it will be possible to deny safe havens to enemy hackers.  Even parties who did not themselves launch the attack can sometimes have clues or information that can pinpoint the attacker.  Those parties must be strongly encouraged to provide that information, or to risk the consequences if they conceal or protect attackers.  Yes, attacks can be disguised, so as to appear to have come from an innocent party, and enormous care must be taken to avoid being deceived.  As far as I know, nobody said this will be easy or risk free.

During the cold war, the nuclear powers employed the doctrine of mutually assured destruction, the acronym of which is MAD.  Anyone who was tempted to launch a war knew, even if he killed the enemy, that he, too, would die.  As insane as the doctrine sounded on the surface, it prevented a mutually destructive nuclear war.

We cannot, of course, rely on the fears of madmen to stay their hand.  They will attack.  When they do, even if their attack is merely a probing attack, we must respond with such overwhelming and devastating force that they will be rendered incapable of launching a second attack.  The only words appearing on their computer screens should be, “Game Over.”

War is hell.  Cyber war is no different.

.