Schneier on Cyberwarfare

I enjoy reading such thought provoking pieces. It is not like there is a lot of controversy or even ambiguity in his discussion of cyberwarfare but it is a strong contrast to the picture many others paint. I like having more rational pieces in my memory to be able to cite or at which to point when encountering the misinformed or poorly educated.

As any good discussion does, he clearly defines his terms, up front. He even breaks them down a point, simplifying things by pointing out that all the addition of the prefix cyber- does is connote the domain. Hence it is not surprising that he mostly contends that warfare, terrorism and even vandalism online have more in common between the online and offline variations. This point resonates well with the one I was trying to make about overblown cybercrime laws when I discussed the recent German lawmaking in the last podcast.

The most he concedes about the difference between cyberwar and traditional is that the difference is more like the introduction of air power and satellites. They did not fundamentally change the nature of warfare, though they had a significant effect. He also uses that notion later in the piece as a warning, that while he is urging greater rationalism, nations should not completely dismiss the effect of the internet on attack and defense.

He spends some time elaborating more on similarities and differences, for example that like attacking physical infrastructure, most cyberattacks are more valuable if they coopt rather than destroy enemy assets. There are some interesting differences in the question of origins and balance. The former in that it can be next to impossible to correctly identify the real attacker and that many attacks will actually capitalize on this difference. The latter is a chilling what if where an under developed nation may make a very different decision about an undiscriminating attack, like a worm, if they feel they have less to lose in the balance.

I encourage you to read the piece for yourself as they is a lot more to it than my simple summary. Whatever your past experience in reading about cyberattacks, I’m pretty sure you’ll find a choice nugget you may not have fully considered or perhaps an angle on an existing fact you may not have encountered. Regardless, I think this is a good cornerstone piece to which we should be referring, among hopefully others, when trying to discuss and prepare in a rational and meaningful way.

Leave a Reply

Your email address will not be published. Required fields are marked *