Wars have been fought all throughout human history, and the ways that people wage war are almost always changing and evolving. This holds true to this very day, as cyber warfare is becoming the more and more prevalent form of warfare. Cyber warfare incidents are occurring around the world, and countries, such as the U.S., are racing to bolster their cyber warfare programs. The constant evolving nature of cyber warfare has caused the balance of power to shift; in the past, the traditional balance of power has usually leaned to the strongest, most well-armed military. Now, the balance of power can lean towards any country—or individual—that has the ability to cause damage through cyberattacks.

In order to understand how cyber warfare influences the actions of countries and how it changes the balance of power, it is important to understand what cyber warfare is, and what cyber space is, since cyber space is where cyber warfare takes place. Cyberspace is crucial to any cyber activity, not just cyber warfare, as without it there would be no online activity. However, cyberspace cannot be viewed in a similar manner as traditional warfare, since “cyberspace differs fundamentally from the traditional physical domains,’ according to Sean C. Butler, a Major n the  United States Air Force.  Not only that, but cyberspace isn’t used for just cyber warfare—it’s also used for the spreading of information. How cyberspace is used, and the physical aspect of cyberspace are crucial to the definition of cyberspace, as defined by Michael Robinson, a PhD student at De Montfort University in the UK: “A global domain within the information environment whose distinctive and unique character is framed by the use of electronics and the electromagnetic spectrum to create, store, modify, exchange and exploit information via interdependent and interconnected networks using information-communication technologies.” Simply put, cyberspace is the environment created from technology where information can be communicated through connected networks. Cyber warfare is a little harder to define than cyberspace, due to the nature of warfare. For example, in the past, more often than not warfare is usually fought in order to advance a nation’s agenda. However, warfare in modern times can arguably be waged for certain ideologies, religious beliefs, or other reasons. Because of this, it is important to consider who the attacker is and why they are attacking. This leads to defining cyber warfare as “the use of cyberattacks with a warfare-like intent,” as this definition considers the both the aggressor and their intentions (Robinson).

The balance of power in traditional warfare changed often over time, and it can still change over time through cyber warfare as well. Since there are no physical restrictions on cyber warfare except for the need for electricity and the proper hardware, almost any country or individual can have the capability to launch a devastating cyberattack.  For example, in the beginning of 2009, a campaign of cyberattacks was launched against Israel after Israel started a physical attack on Hamas infrastructure. According to reporter Miruna Marinescu, this resulted in over 10,000 websites being affected in one way or another, and the websites raged from media outlets and government websites to multinational companies that were associated with Israel. These cyberattacks came from people all around the world, working either on their own or in tandem. Even though the cyberattacks were carried out by small groups or individuals, they created very serious issues that Israel was not prepared for. However, a few years later, Israel Electric Corp “reported a few hundred attacks on their infrastructure in 2013 and 20,000 attacks in 2014,” (Marinescu). But, since Israel had begun to invest cyber security strategies and strong infrastructure, none of those attacks were successful. These incidents of cyberattacks show the danger of cyber warfare. The balance of power can lean towards individuals or small groups instead of large nations, but if defenses against cyberattacks can be thoroughly implemented, then the balance of power might not shift at all.

The consequences of cyberattacks don’t have to be constrained to the cyber world, as they can have real world, or kinetic world, effects as well. In this sense, cyber warfare is very alike to kinetic warfare. In the case of the failed cyberattacks against Israel Electric Crop, if just one of those cyberattacks had succeeded, power utilities could have been crippled across Israel, which could have resulted in homes losing power, traffic light outages, and more (Marinscu). Attackers wishing to do significant damage through cyberattacks may most likely strive to do physical and kinetic damage to their victims, which can shift the balance of power in a major way. Professors Gary Lilienthal and Nehaluddin Ahmad contest that, “even if there is no physical damage done as a direct result of a cyberattack, it is “likely that . . . a kinetic outcome would be the end link in a chain of causation.” Since small groups and individuals can have the ability to carry out a massive cyberattack, the traditional balance of power can be even more prone to changes. Even though larger countries and states still influence the balance of power through kinetic means and cyber means, the possibility that anyone skilled enough can cause kinetic damage and cyber damage throws the balance of power into an even greater position of volatility than it ever has been in before.

Since more than just large nations and countries can influence the balance of power, it is important for proper cyber security practices be put into place. But, a lot of countries are behind on their cyber security and cyber warfare policies. For example, recently the United States has been investigating its cyber security practices. Reporter Julio Rivera says that the Government Accountability Office (GAO) has been investigating the Department of Defense (DoD), since the DoD oversees plenty of military action; the GAO’s investigation revealed that the DoD is “severely lacking in appropriately trained IT and cybersecurity staff needed to secure its weapons systems.” The GAO also reviewed reports that showed that “a two-person test team was able to penetrate cybersecurity protocols and gain unauthorized access to weapons systems within an hour” and that “a tester was able to guess an administrator’s password,” (Rivera). If the wrong two people were to gain access to a world power’s extensive weapons systems or government files, the kinetic consequences could be unfathomable. The GAO’s review clearly shows that the United States is behind in its cyber security practices, as the GAO also found that the United States doesn’t even hire people qualified enough for cyber security positions, or the United States doesn’t train their employees well enough, “the test report also showed poor password management practice such as using default passwords,” (Rivera). If a leading global power and influence such as the United States is so behind in its cyber security practices, the balance of power could change too quickly for the United States to do anything about it.

One of the reasons why it is so hard for the United States to catch up is the fact that cybersecurity experts—if they are members of the United States military, they can be referred to as “cyberwarriors”—can find much better work almost anywhere other than the military. This causes a gap in the proficiency of military “cyberwarriors” and other cyber security experts that freelance or work in the private sector; in one cyber wargame exercise conducted in Fort Meade, “the military’s best active duty ‘cyberwarriors’ were pitted against reservists who work in the civilian sector . . . the active duty personnel were ‘pretty much obliterated,’” (Rivera). Although working for the military could produce housing and healthcare benefits and the satisfaction of serving for one’s country, the military does not provide the same opportunities and flexibility that working in the civilian sector can provide, which is why so any people cyber security experts pick the civilian sector over serving in the military (Rivera). This gap creates an obvious instability in the balance of power; if a leading world super power’s systems can be infiltrated or destroyed easily, then the balance of power that was held in place by traditional warfare will be completely shattered, as an individual or a small group of people weren’t able to cause this kind of damage to a country before.

Of course, however, the United States isn’t just leaving its cyber security practices in a state of vulnerability. In late 2017, as reported by author Tom Leithauser, the United States Senate and House of Representatives “produced a Defense Department authorization bill that would require the president ‘to develop a national policy for the United States relating to cyberspace, cybersecurity, and cyberwarfare.’” This bill will work to improve the cybersecurity of the United States, which is something that the United States and the Department of Defense desperately needs, “it is long past time that the federal government develops a comprehensive cyber deterrence strategy,” (Leithauser). If the bill passes through Congress, then the United States can be on its way to establishing itself as superpower when it comes to cyber warfare. Even though cyber warfare can dramatically shift the balance of power, the bill passing can be a step towards keeping the balance of power in a more stable position, although it won’t be as stable as it was before the advent of cyber warfare. If more countries other than the United States start to adopt stronger cyber security and cyber warfare policies, then the balance of power might not shift as much at all, but there is still always a small chance that a dissident can throw everything awry.

The consequences of cyber warfare and any misuse of cyberspace can be disastrous. A small cyberattack executed by a small group or individual that succeeds can have a massive effect on kinetic systems, such as power grids. Not only that, if the wrong people infiltrate a government’s systems, then an entire country’s worth of weaponry could be hijacked. This all can lead to major shifts in the balance of power that was kept in place though traditional warfare. With an influx of people, groups, and countries that can have the ability to wage cyber warfare, the balance of power is in an even more precarious position than it once was, as even a small misstep or transgression can throw the balance of power completely out of kilter.

 

Works Cited

Butler, Sean C. “Refocusing cyber warfare thought.” Air & Space Power Journal, Jan.-Feb. 2013, p. 44+. Academic OneFile, http://link.galegroup.com.ccny-proxy1.libr.ccny.cuny.edu/apps/doc/A316664177/AONE?u=cuny_ccny&sid=AONE&xid=a213d631. Accessed 30 Oct. 2018.

Hill, Rebecca. “Ex Spy Bosses: Cyber-Warfare Needs Rules of Engagement for Nations to Promptly Ignore.” The Register® – Biting the Hand That Feeds IT, The Register, 24 Oct. 2018, www.theregister.co.uk/2018/10/24/cyber_warfare_oracle/.

Leithauser, Tom. “House, Senate Conferees OK Bill Requiring Cyber Warfare Strategy.” Cybersecurity Policy Report, 13 Nov. 2017. General OneFile, http://link.galegroup.com.ccny-proxy1.libr.ccny.cuny.edu/apps/doc/A517440964/ITOF?u=cuny_ccny&sid=ITOF&xid=e6295bc5. Accessed 8 Nov. 2018.

Lilienthal, Gary, and Nehaluddin Ahmad. “Cyber-Attack as Inevitable Kinetic War.” Computer Law & Security Review: The International Journal of Technology Law and Practice, vol. 31, no. 3, 2015, pp. 390–400., doi:10.1016/j.clsr.2015.03.002.

Marinescu, Miruna Ioana. “Cyberwar & Cyberterrorism Heading Towards a Cyber-Waterloo.” Annals of University of Oradea, Series: International Relations & European Studies, no. 7, Jan. 2015, pp. 49–60. EBSCOhost, ccny-proxy1.libr.ccny.cuny.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=113854286&site=ehost-live.

Rivera, Julio. “Is the U.S. Failing at Cyberwarfare?” American Thinker, 29 Oct. 2018, www.americanthinker.com/articles/2018/10/is_the_us_failing_at_cyberwarfare.html.

Robinson, Michael, et al. “Cyber Warfare: Issues and Challenges.” Computers & Security, vol. 49, no. C, 2015, pp. 70–94., doi:10.1016/j.cose.2014.11.007.