There is a consensus that aggression by one nation against another is a serious matter, but there is no comparable consensus about what constitutes aggression. Waging aggressive war was one charge against Nazi leaders at the 1946 Nuremberg war-crimes trials, but 70 years later it is unclear that aggression, properly understood, must involve war, as commonly understood. Or that war, in today’s context of novel destructive capabilities, must involve “the use of armed force,” which the Rome Statute of the International Criminal Court says is constitutive of an “act of aggression.”
Cyberskills can serve espionage — the surreptitious acquisition of information — which is older than nations and not an act of war. Relatively elementary cyberattacks against an enemy’s command-and-control capabilities during war was a facet of U.S. efforts in Operation Desert Storm in 1991, in the Balkans in 1999, and against insurgents — hacking their e-mails — during the “surge” in Iraq. In 2007, Israel’s cyberwarfare unit disrupted Syrian radar as Israeli jets destroyed an unfinished nuclear reactor in Syria. But how should we categorize cyberskills employed not to acquire information, and not to supplement military force, but to damage another nation’s physical infrastructure?
For fascinating details on the episodes mentioned above, and to understand how deeply we have drifted into legally and politically uncharted waters, read Kaplan’s new book, Dark Territory: The Secret History of Cyber War. Three of its lessons are that cyberwar resembles war, much of it is very secret, and everything essential to the functioning of modern society is vulnerable.
To appreciate how computer keystrokes can do damage comparable to a sustained air campaign using high explosives, consider what happened in 1995 in the private sector. Barings, founded in 1762, was Britain’s oldest merchant bank, having weathered the Napoleonic wars and two world wars, and its clients included Queen Elizabeth. One of its young traders, Nick Leeson, in the bank’s Singapore office, was so skillful at navigating the derivatives markets that at one point he produced 10 percent of the bank’s profits. Inadequately supervised, he created a secret Barings account from which he made risky bets, including a huge one on Japan’s stock market rising. He did not, however, anticipate the Kobe earthquake. Japan’s stock market plunged, causing enormous losses in Leeson’s account that Barings could not cover. The bank quickly collapsed and was bought by a Dutch company for one British pound.
If one rogue trader’s recklessness, motivated by mere avarice, can quietly and quickly annihilate a venerable institution, imagine what havoc can be wrought by battalions of militarized cyberwarriors implacably implementing a nation’s destructive agenda. It is long past time for urgent public discussion of the many new meanings that can be given to Shakespeare’s “Cry ‘Havoc!’ and let slip the dogs of war.”
— George Will is a Pulitzer Prize–winning syndicated columnist. © 2016 The Washington Post