Is Cyber the Perfect Weapon?
For years, political leaders have warned of the danger of a “Cyber Pearl Harbor.” Thus far, however, cyber weapons seem to be oversold, more useful for signaling or sowing confusion than for physical destruction.
CAMBRIDGE – For years, political leaders such as former US Secretary of Defense Leon Panetta have warned of the danger of a “cyber Pearl Harbor.” We have known for some time that potential adversaries have installed malicious software in our electricity grid. Suddenly the power could go out in large regions, causing economic disruption, havoc, and death. Russia used such an attack in December 2015 in its hybrid warfare against Ukraine, though for only a few hours. Earlier, in 2008, Russia used cyber attacks to disrupt the government of Georgia’s efforts to defend against Russian troops.
Thus far, however, cyber weapons seem to be more useful for signaling or sowing confusion than for physical destruction – more a support weapon than a means to clinch victory. Millions of intrusions into other countries’ networks occur each year, but only a half-dozen or so have done significant physical (as opposed to economic and political) damage. As Robert Schmidle, Michael Sulmeyer, and Ben Buchanan put it, “No one has ever been killed by a cyber capability.”
US doctrine is to respond to a cyber attack with any weapon, in proportion to the physical damage caused, based on the insistence that international law – including the right to self-defense – applies to cyber conflicts. Given that the lights have not gone out, maybe this deterrent posture has worked.