When you hear the word “cyberwarfare” hope probably isn’t the main emotion you feel. The word is far more likely to inspire feelings of fear—a response that hasn’t been helped by years of sci-fi movies where conflicts between man and machine are full of violence. Yet, a recent New York Times article makes the case that while cyberwarfare is by no means a good thing, world powers having a less bloody way to wage battle could mean an overall reduction in world violence.
Cyberwarfare has created a new kind of battlefield—the kind where battle strategies play out on computer networks rather than on human bodies. When countries can attack each other through computer viruses, it could shift conflicts away from physical injuries and death and toward attacks that impact government and business computer systems instead.
As Cybèle C. Greenberg argues in the opinion piece, “fighting digitally offers a unique opportunity: the continuation of politics by other means, without the physical invasion of a sovereign territory or the inevitable sacrifice of lives.”
In fact, some of the most notable campaigns of cyberwarfare in recent years were designed to thwart direct violence. During the Bush and Obama administrations, the U.S. worked with Israel to launch a cyber campaign attacking Iran’s work on nuclear weapons. The initiative managed to take out thousands of the centrifuges Iran was using to purify uranium. It’s estimated to have set back the country’s nuclear technology by years, all without any human casualties. This type of weapon via computer code certainly seems like an improvement over guns and bombs—especially the nuclear bombs it helped prevent.
Greenberg isn’t the first to argue that cyberwar has the potential to lead the world toward less bloody conflicts. The question is: will humanity take cyber options as an opportunity to shift away from more traditional warfare, or simply add it to the arsenal as one more option for battle?
Just this past summer, 23 countries in the United Nations joined together in affirming norms around cybersecurity. The agreement clarifies that nations should not use cyberattacks to target critical infrastructure and shouldn’t enable or shelter any malicious hacking activities in one’s territory.
Having a diplomatic agreement in place between nations helps codify norms. Being tied to specific steps for holding countries accountable when they defy those norms, an agreement can only go so far. Right now, the world doesn’t have a good system in place for holding nations to a certain standard of behavior. And hackers (even those backed by a state) tend to be good at being sneaky, making accountability that much harder.
Getting nations to agree on norms and stick to them is hard enough. But one of the biggest challenges to the possibility of cyberwar replacing more physical forms of violence is all the other groups out there perpetuating violence.
“We live in a world today that is increasingly Balkanized, far more so than in the mid 20th century,” points out Gary Roboff, Senior Advisor at Shared Assessments. “Cyberweapons are not difficult to develop and deploy—small groups, not affiliated with any specific nation-state—can do so.”
Even without the backing of a government, terrorist groups can do a lot of damage—something the world learned all too well with the attack on the World Trade Center in 2001.“Renegade groups are unlikely to abide by any ‘responsible use and appropriate control’ standards developed and accepted by conventional governments,” Roboff argues. “There are simply too many wild card actors outside of the family of nations who can accomplish substantial damage.”
The argument that cyberwarfare can reduce physical violence depends on the idea that cyber-attacks won’t be used to exact that kind of violence. And for the most part, that’s been true so far. Cyberattacks are most often used to disrupt systems and organizations rather than being used to hurt people physically. But that doesn’t mean they can’t or won’t be deployed that way.
In 2007, cybersecurity experts in the U.S. conducted experiments that proved a cyberattack could physically blow up a generator—the kind of move that could be weaponized against people if made by a bad actor. In 2017, hackers came close to blowing up a petrochemical plant in Saudi Arabia, an attack experts predict would have been deadly if not for a mistake in the attackers’ code. And earlier this year, hackers managed to access the system of a water treatment plant in a small city in Florida and nearly poisoned the town’s water supply.
All these examples point to the very real possibility that cyberattacks can be used to hurt humans. While attacks on utility systems won’t cause the kind of casualties common in traditional warfare, they can still do serious damage to people. And if hackers manage to use cyberattacks to cause explosions, the effects won’t be too far off from the impact of conventional bombs.
Cyberwarfare won’t mean an end to violence—human nature is too strong. Yet cyberattacks could be deployed strategically by nations to avoid more violent forms of warfare, leading to an overall reduction in the kind of casualties traditional warfare has wrought.
But a lot depends on what humans choose to do with the technology we have. Will nations, terrorist groups, and hackers find ways to use cyberattacks for physical violence, or will they deploy cyberwarfare in a way that reduces the human cost? Which option becomes the norm of the future remains to be seen.