The short answer is the media wants a cyberwar. Cyberwar is a dark, sexy, mysterious headline that sells and so each time something nefarious happens on the internet that potentially involves two or more countries, security experts are besieged with the question “Is this cyberwar”?
Let’s look back to the 1989 book by Clifford Stoll called “The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage”. In his book Stoll tells the true story of a German spy who was using the internet to steal US military information to sell to the Soviet KGB. Nobody was asking if it was cyberwar back then because the marketing term had not yet been invented, or at least heard of by the media, and everyone understood that this was simply a part of spying and espionage.
When radar was invented did the media ask “Is this electronic warfare”? Electronic warfare refers to the use of electronics in traditional warfare, but it not a separate type of war. Computers have long been used in warfare. During Operation Desert Storm, a war involving Iraq, the US, and troops from other countries, you can bet that computers were used extensively. Computers guided missiles to their targets. Computers received satellite information for a variety of purposes. The probability is that there was hacking and potentially malware involved as well. It will be many years before that information will be declassified, so one can only speculate right now. Robots designed to go in first and spot the enemy make extensive use of computers. Is this cyberwarfare? When there is a traditional war being conducted then it is understood that computers will be used and there usually are no questions about so called cyberwarfare. This changed a little when Russia invaded Georgia and simultaneously a crippling distributed denial of service attack was launched against Georgia. This was not a cyberwar, this was a battle that included a cyber component.
For many years now antivirus companies and others in the security space have battled viruses, trojans, and hacking attacks. The criminals behind the profit driven attacks are not cyberwarriors, they are more like information superhighway bandits.
So, when and where is the cyberwar? If we define cyberwar as a battle to control cyberspace, then the cyberwars are largely civil wars. China engages in a cyberwar against the Chinese people by controlling their access to cyberspace. Iran engages in cyberwar against dissidents internally. Potentially a proposed bill in the United States to make “wiretapping” of the internet easier may result in a cyberwar pitting the US government against its own citizens. It really comes down to how you wish to define cyberwar. Throughout history new technologies have come along and dramatically changed the nature of warfare. For me, the age old adoption of new technologies for use in spying and espionage is not a new type of warfare, it is business as normal. The use of new technologies in conventional warfare is nothing new either.
Stuxnet is a very sophisticated piece of malware but does not represent anything really new. For years now governments and individuals have used hacking techniques and malicious software to infiltrate and attempt to remotely control target computers. That Stuxnet is so sophisticated is part of the evolution of malware, not a paradigm shift in how warfare or espionage is conducted.
Director of Technical Education
Author ESET Research, We Live Security