Samantha O'Driscoll
Many news agencies have debated whether the breach on the SolarWinds platform was a new way of a state-actors attacking systems. Yet, it was instead the exploitation of existing vulnerabilities. Indeed, Coalition forces in Operation Desert Storm achieved the same effect of disrupting Saddam’s command-and-control structure through a vulnerability in the way they directed the war-fighting effort in Kuwait. In the aftermath of the 2007 Estonian Distributed Denial of Service attacks (DDoS), NATO analysts concluded “it was highly likely that a key objective of the attack was to test and demonstrate cyber capabilities, with the outcome of sowing confusion and uncertainty.” This conclusion, and many other examples like it, led policy makers to focus on the question of whether cyber-warfare/digital warfare is a new warfighting domain – however, with that question came a challenge to define what that meant. Their framing was:
Cyberspace is contested at all times as malign actors increasingly seek to destabilise the Alliance by employing malicious cyber activities and campaigns. Potential adversaries seek to degrade our critical infrastructure, interfere with our government services, extract intelligence, steal intellectual property and impede our military activities. Russia’s war of aggression against Ukraine has highlighted the extent to which cyber activities are a feature of modern conflict.
Although NATO framed an inconsistent connection between existing methods of warfare, such as command-and-control (C2W), it makes it harder for policy makers to determine if an incident is a criminal act or an act of war.
Even by NATO’s own admission it recognizes that cyber-attacks are going to be “a major component of conventional warfare”:
In the summer of 2008, the conflict between Russia and Georgia demonstrated that cyber-attacks have the potential to become a major component of conventional warfare.
Indeed, during the COVID Pandemic under the threat of increased cyber-attacks the Australian 2020 Cyber Security Strategy adopted similar language which begins to describe an adversarial benefiting effect:
No comments:
Post a Comment