Two decades have passed after Arquilla and Ronfeldt in 1993 warned the public about an upcoming. They were also the first to introduce a concept of cyberwar and give an elaborated opinion. They referred to a conduct and preparation of military operations using information-related principles and also invoked a link between intelligence (the collection of information for political or military purpose) and cyber operations. Now, the scale of intelligence has significantly expanded.

Interestingly, before cyber appeared, there was a radio which was used for intelligence purposes and was weaponized later in the World War II. From that time on, electronic warfare became standard characteristics of a modern conflict. Despite this, there is a key difference between electronic warfare and a cyber one. Traditional electronic warfare aimed to guide, target, or protect weapons systems (Ibid., p. 24). In contrast, cyber makes today’s weapons and military systems smarter but also more vulnerable for an attack.

At the moment everyone still wonders what the whole idea of cyberwar means. There is no accepted interpretation or definition. Furthermore, many experts even say that such war does not even exist (or cannot be referred to the notion of “war”). Perhaps, it is due to the fact that a war in cyberspace has not yet happened. To make it clear, cyber capability has not actually killed anyone and a code has not been used as the use of force.

Similarly, the dangers of a nuclear bomb were recognized only after its use, the same goes to the notion of “nuclear war”. Although there have been many cyberattacks, none of them have been raised to the level of war because none of them, in fact, caused the level of damage which could be adhered to the level of a large-scale conflict.

Cyber warfare has derived from different aspects of conventional warfare and traditional definitions of war. It usually involves organized units within nation-state in offensive or defensive operations which are part of a war or a conflict.

In general, since cyber study is relatively new, there are many competing terms and definitions to explain cyber phenomenon. The following concepts – the revolution in military affairs, electronic warfare, information warfare, and cyber war – have been all offered to describe the new emerging area of conflict. Experts do not agree on any particular term, more often using different notions when talking about cyber issues. Nonetheless, it is vital to understand the facts of the 21st century similarly to the need that rose along with the invention of atomic reaction. A major concern now is no longer weapons of mass destruction, but weapons of mass disruption. (2009, p. 47).

One of the central elements to define a cyberwar, is that it has to meet the same criteria, applied to any other type of war. Vandalism or spying is an act of crime, but they do not start wars. So, assumingly, there has to be physical destruction and casualties in order to declare a war.

Therefore, a cyberwar should have real world damage similar to a conventional war. For this matter, it should probably take place in a digital world. What is not clear, however, is whether it should be fought exclusively in cyberspace or it can accompany a conventional attack too. This aspect is quite interesting, because cyberattacks can easily be used in combination with a kinetic attack and can multiply the force and power of the attacker.

In this case, it does not make sense to create a new term “cyberwar” as it falls down under the same definition of war. It is the same example when aerial bombings supported the attacks on the ground during the World War I, but in the end we called it a war, not a particular type of war. Consequently, cyber introduction resembles more a revolution in military affairs, rather that a new emerging type of warfare.

What is clear, though, is that the difference in definitions complicates the matters of regulating cyberspace and prevents achieving a common ground on cyber issues and/or developing new treaties and agreements between the states. So far there is no international agreement on the cyber principles, despite some attempts of the states to engage into negotiations (Budapest Conference on Cyberspace, the World Conference on International Telecommunications). There is, however, the Convention on Cybercrime, the first international agreement that addresses compute crime, adopted by the Council of Europe. Interestingly enough, Russia (as a part of the Council) neither signed nor ratified the agreement, whereas US (not part of the Council) recognized it and ratified it.

Apart from these difficulties in defining cyberwar, there has been a hyperbolic use of the word itself, mostly by media and tabloids (e.g. The Washington Post, “We are at cyberwar and we are our own enemy”; The New York Times, “How to prevent Cyberwar”; Zdnet, “Cyberwar: a guide to the frightening future of online conflict”; Komsomolskaya Pravda, “Are we expecting the First World Cyberwar?” etc.). They do not usually give any concrete information but are eager to use this term and apply it randomly to different cases just because it sounds good. All in all, uninformed public use of the word has enormously contributed into the heat surrounding cyber implications.

Futher, cyberattacks are too often discussed equivalently, regardless of its impact. In this sense, minor cases like ransomware or phishing might be raised to the level of an armed attack (especially if they affect multiple computers worldwide). Yet, these cases are good examples of cybercrime, and crime is not a war. When individuals engage into this type of activity, they do not engage in a war. The same goes for espionage in cyberspace. Catching a spy on one’s territory will certainly put pressure on bilateral relations, but it would not start a war.

This exaggeration of cyberattacks can be explained through securitization theory. The notion offered by the Copenhagen Security School describes how a certain concept can be politicized and securitized to the extent that it becomes a threat to national security (See Buzan, 2006).

To conclude, it should be mentioned that there is no guidance for the conduct of “cyberwar”. There are no internationally agreed definitions and, to that extent, the whole idea of cyberwar so far seems unrealistic. At this moment technology is not sophisticated enough to ensure a military conduct entirely in cyberspace. Besides, any cyberattack of such scale would presumably result in a physical destruction, which consequently might provoke a conventional retaliation attack. This, in result, would cause a war we know for years, so there is no need to introduce a particular type of war. On another note, using cyber operations to support a conventional war and/or conflict is the way to go, but in this case it is just a revolution and modernization in military affairs.

I would be interested to hear your opinion about that in the comments below.

For further information see:

1) A movie “War Games” (1983)

2) Arquilla, J. and Ronfeldt, D. (1993). The Cyberwar is Coming! RAND Corporation, [online] Available at: https://www.rand.org/pubs/reprints/RP223.html

3) Cetron, M. J. and Davies, O. (2009). Ten critical trends for cyber security. The Futurist, 43(5), pp. 40–49.

4) Stiennon, R. (2015). There Will Be Cyberwar: How The Move To Network-Centric War Fighting Has Set The Stage For Cyberwar. Michigan: IT-Harvest Press.