Cyber-Attacks Can Be an Act of War

Quietly, just beneath your nose, a cyber war has been raging for three to fours years between the United States, Russia, Israel, Iran, and North Korea. It’s war in an unofficial sense, but that could be changing soon. As far back as 2011, Pentagon officials have said that certain types of cyber-attacks can be considered an act of war based on the current definition used for land, sea, and air attacks, but don’t have a definition for cyber-attacks. The language for addressing cyber-attacks that have been published in a strategy document by the Pentagon states “When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country. We reserve the right to use all necessary means — diplomatic, informational, military, and economic — as appropriate and consistent with applicable international law, in order to defend our Nation, our allies, our partners, and our interests.” Its been all talk up until the end of October when the European Union drafted a diplomatic document that states severe cyber-attacks by a foreign nation has the possibility of being classified as an act of war.

cyber-attack war
Cyber-attacks against critical infrastructure is the obvious choice as an act of war consideration such as the WannaCry ransomware outbreak that crippled England’s National Health Service causing appointments and surgeries to be canceled and put the lives of patients at risk that were under the knife when the ransomware shutdown medical equipment needed to perform the operations. The British government and Microsoft place culpability on North Korea for WannaCry.

Many of the tools non-nation state hackers use come from nation-state hacking groups that develop new strategies and code. These nation-state groups, called APTs in the cyber world, deploy their malware, someone obtains a copy of the malware (through stealing or otherwise), then sells it on the dark web where many bad actors pay for a new toy that could bring a country to its knees. This proliferation of highly sophisticated malware adds to the problems of a single attack in that once a nation-state hacking group launches an attack, many other attacks by less skilled and more aggressive hackers might ensue. Instead of taking down a section of our power grid we could face subsequent attacks that might take down the entire power grid or air traffic controller network, or the emergency broadcast system, or-or-or; the implications are terrifying.

What makes designating a cyber-attack as an act of war difficult is attribution. No one is known to have a system of investigation that makes attribution of attack to a particular group accurate enough to declare war on another country. The Justice Department under the Obama administration indicted four Chinese army officers in 2014 for hacking-related offenses, so other than press conference blaming, and official attribution has been limited to individuals in a hacking group sidestepping the pandora’s box that would be opened by directly charging a nation’s leader(s). Hackers at the nation-state level regularly code in a different language (say Chinese instead of Russian), and use techniques of other hacking groups to obfuscate the true source.