By Col. Alan D. Campen, USAF (Ret.)
One if by land, and two if by sea, but what if by cyberspace?
Having long relied upon military prowess and diplomatic skills to
project and protect its interests on the seas, on land and in aerospace,
the United States now is in conflict with stateless entities seeking
hearts and minds, not land or treasure. It is a global contest of words
and images, waged on a battlefield called cyberspace where rules of
engagement that govern traditional conflict dont apply and plans for a
multiagency effort to protect the information infrastructure have not
yet been adopted.
Should we call this struggle a war? If so, what laws and rules govern
conduct? How serious is the threat of malicious intrusions intoand
manipulation ofinformation systems, and can the vulnerabilities,
particularly in the Internet, be sufficiently reduced? Should we respond
to these intrusions in kind, and if so, by which agencies and by what
means? And what is the role of U.S. armed forces in a battle of words?
Recent events have converged to bring the subject of network
vulnerability, threats, risks and responses to the fore.
Assaults on Estonian, U.S., U.K., British and German government
information systems have refueled alarm over security gaps in the
Internet, calling to question the ability of wired nations to function
under, respond to and recover from network disruptions. The May 9, 2007,
attack on Estonia obliged that nation to sever external connectivity to
its government Web sites temporarily, with resultant losses in the tens
of millions of euros. Reports that e-mail service in the Office of the
Secretary of Defense was interrupted for several days also suggest that
nation-states could have been behind the disruption as well as behind
electronic dumpster diving into information systems of U.S. defense
contractors. Still, while important government functions were disrupted
by these intrusions, no nation has been brought to its knees. Expensive?
Yes. Damaging? Certainly. Manageable? Apparently. But, casus belli?
Subscribe to InfoSec News