Vviewpoints
DOI: 10.1145/2184319.2184334
viewpoint
Why Computer scientists should
Care about Cyber Conflict and
U.s. national security policy
In the last several years, cyber security has been the focus of a great deal of media attention that has reflected public policy concerns worldwide about this
topic. For example, the Sunday Times
of London quoted Israeli Prime Minister Binyamin Netanyahu as saying that
“Israel must turn into a global cyber
superpower.”
2 Through the National
Computer Network Emergency Response Coordination Center of China,
the Chinese government reported China experienced nearly a half-million
cyber attacks in 2010, about half of
which originated abroad.a
PHotoGraPH by aP PHoto/Mark J. terrIll
Of particular note is the May 2011
publication of the White House’s In-
ternational Strategy for Cyberspace,
in which it asserted: “when warranted,
the United States will respond to hostile
acts in cyberspace as we would to any
other threat to our country… We reserve
the right to use all necessary means—
diplomatic, informational, military,
and economic—as appropriate and
consistent with applicable internation-
al law, in order to defend our Nation,
our allies, our partners, and our inter-
ests.”
7 Amplifying these sentiments, a
number of news stories subsequently
appeared reporting the U.S. believed
a cyber attack on the U.S. could be re-
garded as an act of war, and that the
a http://news.xinhuanet.com/english2010/
china/2011-08/09/ c_131038851.htm.
The u.s. Department of homeland security logo is reflected in the eyeglasses of a
cybersecurity analyst in the watch and warning center at the Department of homeland
security’s cyber defense facility at idaho national Laboratory.
U.S. could respond to such an act using traditional military force (for example, see Gorman1).
Some have been skeptical of such
statements. One argument is that it is
impossible to attribute a cyber attack
to any specific nation-state, so against
what party would any nation retaliate
in the wake of a devastating cyber at-
tack on it? Another argument is that
the strategy assumes state sponsor-
ship is necessary for such an attack.
What prevents a non-state actor from
conducting such an attack? Indeed,
the necessary technology is available
at big-box stores, and much of the nec-
essary knowledge is freely available on
the Internet.
Threat and strategy
Consider first the threat. Most of what
is discussed in the popular media as
“cyber attacks” is really espionage of
various kinds. What is “lost” is information: technical documents, political
memos, credit card numbers, Social
Security numbers, money in bank accounts, business plans, and so on. As
