Skip to Content

Asian Tribune is published by World Institute For Asian Studies|Powered by WIAS Vol. 12 No. 2967

Cyber Attacks: when will they constitute acts of war?

Hemantha Abeywardena writes from London…

The news of the cyber-attack launched at Twitter, the micro-blogging site, on Friday, which resulted in the exposure of usernames, encrypted passwords and email addresses of more than a quarter of a million users, came hard on the heels of a catalogue of similar attacks against the US-based media in recent times.

Not only did Twitter admit that it came under attack, but also shed some light on the potential culprit behind it – if you read between the lines, though: "This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked," announced Twitter in a blog post, which hardly needed proficient decoding.

Although, Twitter hesitated to name and shame the attackers – or even its origin - Google did not seem to have a problem with it. Eric Schmidt, the Chairman of Google, had branded China as a global menace in the theater of cyber security, according to the citations from a book written by him, as quoted in the Washington Post.

In his book, The New Digital Age, Mr Schmidt has lamented, how the ‘sense of fair play’ was Putting the United States at a distinct disadvantage owing to strict laws that govern the corporate or government behavior in the presence of cyber-attacks on its institutions; by saying so, Mr Schmidt, in fact, talks about the constraints that could potentially spring up in the US - in the event of resorting to counter-attacks.

Mr Schmidt may be frank in his assessment, as he did not identify the US as a hermit sitting in the lotus position in this field while contemplating universal compassion; Mr Schmidt was referring to the role played by the world’s only superpower when the Iranian nuclear facilities came under attack from Stuxnet virus.

Mr Schmidt, however, has to exercise caution before identifying the ‘whiter-than-the-white’ in the digital realm, especially on a platform of ethics and fair play, where he could easily be prone to embarrassing form of slithering.

The company that he leads with the motto, ‘Don’t be evil’, is not entirely innocent when it comes to honouring the privacy of its loyal users. In the UK, more than a dozen Apple users are suing Google for installing small pieces of tracking software in their devices in order to pass on user’s search habits to various third parties – even pulling wool over obsessively-protective Apple eyes.

Nowadays, those who do not take cookies seriously, often are surprised at Google’s newly-gained ‘intelligence’ about individual search habits, just by looking at the advertisement that appear on Google search pages in a pensive mood to reflect their helplessness!

The threat faced by the users is well on course to reach its critical mass and the search giant will be forced a hasty retreat from the questionable practices by the long arm of law in due course – judging by the growing number of lawsuits and investigations both in Europe and the US. For millions of anxious internet users, the tendency to spy on their search patterns and then pass it on to commercial interests, also constitute a cyber-attack – and in a unique form, of course.

The cyber threat faced by the US companies and government agencies was raised to critical level from serious level this week in the wake of the revelations by two major news organizations in the US. Both New York Times and Wall Street Journal admitted that their computer systems had been infiltrated by the hackers based in China.

The sophistication of the attacks, ranging from technical know-how to the relatively-long duration, has clearly rattled the Obama administration, while forcing it to look for a robust response. Hilary Clinton, the former secretary of state, for instance, in her last official communique, was adamant that the Chinese should not be allowed to get away with this form of threats. She, however, talked about the dangers of tit-for-tat action in the same breath.

Since cyber-attacks have been used for even more destructive form of intrusions – stealing business secrets from major US companies, for instance – the US may be forced to act at some point, if the threats grow unabated.

When Lockheed Martin’s network defences were hacked in 2011, the Pentagon went public by saying that cyber-attacks could constitute acts of war and the retaliation could come in what it called, ‘traditional’ way – most probably with a shower of Tomahawks at a potential target. The definition of a cyber-attack, however, immediately got bogged down on the literary realm – what actually constitutes a cyber-attack?

The policymakers at the Pentagon at that time were of the view that the scale of the attack and level of sophistication are good enough to pin the blame on a foreign government for direct involvement – or complicity, if only fingerprints could be spotted. As for the appetite for the military response in retaliation, things appeared to be more complicated than the initial knee-jerk reaction.

If a folk in Somalia – not necessarily a religious fanatic - for instance, is responsible for such an attack at the behest of some foreign influence, are the US prepared to retaliate the land without a functioning government, just because the latter has a thriving telecom sector that defies economics? Some say that the US must resort to a physical response only if the cyber-attacks result in death or large scale destruction to its national assets.

All in all, it is not easy even for a superpower to determine at what point that the cyber-attack constitutes an act of war. That task is not getting any easier, if the nation in question has been at it in the past, in order to safeguard its own national interests while making mockery of the principles that it says it adheres to.

- Asian Tribune -

Cyber Attacks: when will they constitute acts of war?
diconary view
Share this