The Yellow (Cyber) Horde is Coming to Get You: a US Military Perspective
All right, we’ve all read countless stories over the past few months about the shadowy world of Chinese hackers, their government support, and their quest for global domination. (Well, I didn’t say that we necessarily believed any of these stories.)
Most of what I’ve read on the subject can be categorized as one of the following:
1. Geek story — articles in any periodical that includes “PC” in the name qualify here. The substance of most of these writings usually includes the technical capabilities of some of these hacksters, as well as a list of some of the more high profile targets they have taken down, the latter being quite titillating to your average geek reader.
2. Wingnut hit job — these pieces can generally be found in newspaper op-ed columns (e.g. the Washington Times), think tank reports, and right-wing blogs. The tone here is usually paranoid, nationalistic, and thin on facts.
3. Apologists — these are more likely to be found online than anywhere else and include missives written by bloggers and technical experts whose main message seems to be: “Of course China has hackers, who doesn’t?” I suppose the stuff that I have written on this subject would be best classified in this third category.
Today’s contribution, courtesy of Wired Magazine, is a comment made by a US general (the head of US strategic command, what ever that is — I have said countless times that I am not a military expert.)
Speaking to reporters at a press breakfast last week, Gen. Kevin Chilton, the head of U.S. Strategic Command, said the president retained the option to retaliate with military force in the event of a serious cyber attack against U.S. networks.
I don’t know about you, but none of the hackers I know congregate in a single, well marked, and identifiable facility where they punch in at nine o’clock in the morning and leave every day at five.
Maybe I’m crazy, but it seems that a threat like cyber warfare is something the military types like to call “unconventional.” You would also think that the proper military response to such a threat would also be unconventional.
I guess not. I wonder who is the poor schmuck whose job it is to target those smart bombs on China’s hacker HQ. Now that’s a tough job.
I am quite sure when the US general said “retaliate with military force” do not include retaliation through cyber means. It must be conventional or nuclear weapons, not cyber attacks or anything like that. Right ?
Hey Stan,
Maybe if you checked STRATCOM’s unclass website you would find:
Operationalize the Command along Deterrence, Space and Cyberspace Lines of Operation
Complete and fully implement Space, Cyber, Global Strike & Deterrence, and Combating Weapons of Mass Destruction Plans
Improve capabilities to develop and deliver integrated effects across USSTRATCOM
Develop and implement CONOPs for integrated operations, defense and attack in the cyber domain
STRATCOM’s mission is more than just nukes these days.
This was never in doubt. The issue is the interview and subsequent press coverage. Bad PR can the group, or its head, look ridiculous.
Another reason for the general making a statement like this is deterrence – as in: “Nation X, do not let the hackers in your country run amok. You will be held responsible for failing to prosecute non-state criminals in your nation if they cause serious harm to ours. Therefore, control them before anything happens, or you too will be culpable”
An logical analogy would be the way Afghanistan was held responsible for 9/11, though it was not directly responsible as a nation-state (the attack wasn’t coordinated as a part of Mullah Omar’s foreign policy).
Similarly, we can envision some sort of hacking attack that causes a mass loss of life – i.e. shutting down the power grid, overriding a nuclear plant, I’m sure there are other situations – or mass havoc (destroying the financial system) that would be enough to warrant a military response. The war in Afghanistan is, ostensibly, a just war, and I don’t think it would be a far stretch to say that if hackers cause a similar amount of damage, it *could* (but not necessarily if their nation state took appropriate steps to deal with the problem) result in military retaliation.