Cyberattacks are back in the news, but there is still legitimate skepticism regarding their true threat to national security.
One worst-case scenario is a cyber Pearl Harbor. What are the odds?
Cyberattacks appear a good way to gain tactical advantage during the opening moments of any conflict. They surprise by their very nature -- otherwise there would already be a software patch in place. Further, individual attacks are so diverse that it is hard to predict what the next attack will look like or where it will occur.
Here are some candidates for a cyber "Battleship Row," the eight US battleships in port at Pearl Harbor on December 7, 1941: core routers, undersea cables, strategic communications, air defense, electricity nets, classified nets, financial nets, and the Windows operating system. A successful attack on any of these targets could have tangible military value and might even cause panic among the civilian population.
As with Pearl Harbor, the most significant military threat could be that a successful attack would delay a counterattack. Japan did not expect to win World War II in Hawaii, but sought to forestall a US response until it could fortify a chain of defensive island positions analogous to the Maginot Line in Europe (neither strategy worked). In the same way, an aggressor today might use a cyberattack to help it capture real-world territory from which it could then play defense. So as a prelude to any major war in the future, we may see some kind of Cyber Pearl Harbor, developed in a secret, air-gapped training room before anyone gets to see it.
"A Day That Will Live in Infamy"
An aerial view of "Battleship Row" moorings at Pearl Harbor, which shows damage from the Japanese raid conducted three days earlier.
I think the better question for national security thinkers is whether the aggressor will be able to maintain momentum or keep the initiative. Similar to the real Pearl Harbor attack, early successes may prove illusory, and there is even less of a chance they will be decisive. Japan only managed to sink four of eight US battleships, and all three US aircraft carriers survived unscathed (they were not in port at the time). Furthermore, two of the sunk battleships, USS California and USS West Virginia, were raised, rebuilt, and put back into service. And it is easier to reboot and reinstall a computer than an aircraft carrier.
In cyberwar, the gap between perception and reality is still very high. Cyberattacks do not generally cause physical damage or human casualties. They are likely to be effective only when used by a side with traditional military firepower, or they invite a kinetic response that the attacker will regret.
By analogy, hackers are closer to pirates than infantry. Hackers can cause havoc with hit-and-run tactics, but they are at a disadvantage in a set-piece battle. Finally, in cyberwar, everyone is vulnerable to retaliation. Even Japan was caught flat-footed by the Doolittle Raid on Tokyo, which came a mere four months after Pearl Harbor.
Even in the Internet era, stable governments with strong allies and access to natural resources will still win future wars, and that should generate some level of cyberattack deterrence in the mind of a potential aggressor.
— Kenneth Geers is an NCIS Cyber Subject Matter Expert.