RealSecurity

Cyberwar will be fought in the ether, and as discussed, a more appropriate expression of this is a "cyber theater of war". As with many new things, we attempt to take what works today and apply to what is emerging. A very natural human reaction; use what you have and "don't reinvent the wheel" are common. However, in the domain of cyberwar the application of traditional military strategy will not entirely work and usher in new theories of war that will ultimately influence 21st century - and beyond – warfare tactics in both the physical and cyber worlds.

If you're just joining me on the topic of all things cyberwar, let's recap.

Cyberspace is the digital domain and is being weaponized. This isn't your hacker tool kit on steroids, it's military grade ordnance that is highly engineered to be rapidly deployed to effectively destroy the intended target as designed – period.

Cyberwar is a term that has real meaning, despite people using it for seemingly everything we used to call hacks. In that sense, we are experiencing cyber "skirmishes" or something I referred to in my post Cyberwar as a "cyber cold war". First, we must strip out the things people are calling cyberwar which are just today's version of hacking.

After that we must acknowledge that nations are performing cyberattacks against other nations and even businesses. This is not unlike the cold war decades ago where one country would bump into, or sink another's sub in a global cat and mouse game. Don't fool yourself... a lot of people gave their lives – on both sides – during the cold war. In fact, we see reflections of this today, such as the North Koreans torpedoing the South Korean Navy ship killing 46 sailors. When this happens in cyberspace it is a cyber cold war and it's real, with real consequences and real potential for damage.

As far as cyberwar – as in an all out war – this has yet to happen. I see the term cyberwar differently than others – I see it as a future state and today's skirmishes are leading to a war. And to that point, a cyberwar will be combined with traditional (physical) warfare. In short, cyberwar will be part of a larger form of "war" and will occur in a cyber theater of war alongside traditional theaters of war in the physical domain. I say this because cyber skirmishes may escalate and given that we cannot decouple society from the digital domain, a cyberweapon will have serious physical manifestations that will be fundamentally indistinguishable from traditional weapons resulting in various forms of retaliation.

To be clear, when you boil it down, today's cyberwar is a "cold war" and like we experienced decades ago, there is damage occurring – and we're not talking about your typical hackers using hacker tools. However, what we're experiencing today, combined with the weaponization of cyberspace and our intense reliance on the digital domain in everyday life, there is meaningful potential for a war – and all this implies – due to the physical impacts, directly or indirectly, from a cyberattack.

Now on to the cyber theater of war and implications for military strategy.

The cyber theater of war is, well, cyberspace and everything and anything that is digitally empowered. In most scenarios, we think only of a highly interconnected computing infrastructure, but we must include embedded systems, such as those in military equipment, smart grid meters, GPS devices, satellites, cell phones, and just about anything that uses a computer to function. Of course, interestingly, these historically "disconnected" devices are becoming more and more integrated into an intelligent computing infrastructure.

The trick is that cyberspace is ubiquitous and it can be very difficult to accurately determine the target in question is in fact the intended target. These points compose the foundation of the change in strategy needed. In fact, these same points have been the basis for changing military tactics throughout history.

In the American Revolution, early forms of guerrilla tactics were used to confuse the British through raids, ambush, and generally harassing them making it challenging to quantify and target the enemy. In the Tet offensive, January 31, 1968, 80,000 North Vietnamese, using tunnels and other forms of hidden mechanisms to move troops and equipment, launched a surprise, highly-coordinated, country-wide attack across 100 cities. Distinguishing the enemy from the civilians was difficult and their proximity to US forces made airstrikes virtually impossible. Today this is further exacerbated in Afghanistan and Iraq where the difference between a terrorist and a shop keeper is the former explodes unexpectedly.

The intermingling of the enemy with those you are assigned to protect has forced a change in military tactics, which have formalized in three basic ways. First, gain the hearts and minds of the community to offset the political, physiological, and physical nature of embedded threats. Second, acute situational awareness, such as dealing with IEDs. And finally, precision. Collateral damage is unacceptable; combatants must be accurately identified before engagement, which is clearly very difficult. In this situation, the allied forces in the Middle East cannot employ an enormous collection of weapons at their disposal – most of which have been designed to destroy an identifiable enemy. You can't roll a hundred tanks into a village. However, you can fly a smart-bomb-armed Predator drone to perform reconnaissance and attack when the opportunity presents itself.

In short, what military has had to come to grips with in the last several years is a large portion of their arsenal is virtually worthless, the enemy is entrenched and nearly indistinguishable from non-combatants, and the people you must protect may become your enemy without warning.

OK, so the general nature of war tactics change in various conditions, and we see the same nuances in the cyber theater as we are currently seeing in the war in Afghanistan and Iraq. To see the real change, we must look deeper to see how changes will resonate in the trenches.