Cyber Warfare: How Long Can the U.S. Have its Cake and Eat it Too?

The recent publishing of a report implicating the Chinese government in the sponsorship of cyber attacks on U.S. corporations has added another layer of tension to an already delicate relationship. Distressingly, the Obama Administration’s struggle to formulate an appropriate response to these discoveries has revealed that the politics of cyber warfare still remain largely, and perhaps dangerously, uncharted. Even more disconcerting however, is the increasing potential for these politics to form a new plane upon which the U.S. can exercise exceptional policies in the name of global security.

Image courtesy of US Navy, © 2007, some rights reserved.
Image courtesy of US Navy, © 2007, some rights reserved.

Issued by private American security firm Mandiant, the February report traces a significant majority of recent cyber attacks on American corporations to the headquarters of a People’s Liberation Army (PLA) Unit in Shanghai. This Unit is thought to be the same powerful hacking group that has come to be known as “Comment Crew” among cyber experts. While Comment Crew has stolen data from major companies, including Coca-Cola, there is a growing fear that its focus is shifting to corporations tied to U.S. infrastructure: “….its electrical power grid, gas lines and waterworks.”[1] One targeted company, for example, had “remote access to more than 60 percent of oil and gas pipelines in North America.”[2]

In response to the report’s accusations, spokesman for the Chinese Ministry of National Defense, Gengy Yansheng, stated: “Chinese military forces have never supported any hacking activities.”[3] The Obama Administration has not taken the findings lightly, and has already begun to launch new series of defense policies against Chinese cyber attacks. Such policies include a new presidential directive that will allow the U.S. government to share information it has obtained on “unique digital signatures” with American internet providers in an effort to improve cyber security nationally.

Despite these actions, the Obama Administration has been hesitant to confront the Chinese government directly. It seems likely that fear of upsetting relations with its “crucial supplier and customer,” as well its main debt financer, has cautioned the U.S. against blatantly accusing China of engaging in cyber warfare.[4] However, key factors conditioning the U.S. response are not limited to economic considerations, and may include fear of discrediting America’s own past and potential future employment of cyber warfare. An examination of the U.S. cyber attacks on Iranian nuclear facilities may help to shed light on why the Obama Administration has left it up to private security firms to publicize the Chinese cyber strikes.

Known now as “Olympic Games,” the American cyber attacks against Iran’s nuclear facilities have aimed to paralyze Iran’s nuclear progress without resorting to the preemptive military strikes advocated by Israeli officials and American neoconservatives. Launched under the Bush Administration and continued ardently by President Obama, Olympic Games successfully shut down at least one fifth of Iranian centrifuges at Iran’s Natanz enrichment facility in 2010.[5] However, the effect was not entirely devastating, and while some believe the cyber worm deployed under Olympic Games has set back Iran’s nuclear program up to three years, most experts agree that such assessments are extremely difficult to verify.

Although initially one of the most “secret, compartmentalized programs inside the US government,” knowledge of Olympic Games has slowly become widespread.[6] When the internet worm inserted in Natanz’s computer system accidentally jumped onto an external laptop in the summer of 2010, the program leaked out onto the world wide web. While the then unknown virus became globally known as “Stuxnet,” it has since become clear that Stuxnet was the very worm that served an intrinsic role in America’s cyber war against Iran.

The question remains then, whether the U.S. can, even in spite of its own engagement in covert cyber warfare, directly condemn China’s cyber attacks. In indirect attempts to buffer its position, the Obama Administration has sought to emphasize that the Chinese hackers have chosen “commercial targets” in an effort to increase the Chinese industry’s “commercial advantage.”[7] One might argue America’s cyber attacks were more justified as they were conducted for defensive, rather than offensive, purposes.

Nonetheless, given that there is no evidence Iran has nuclear weapons, only evidence suggesting it has the capacity to build them, references to defense seem dubious. Further, an attempt to frame U.S. cyber actions as more acceptable than China’s is to suggest that a preemptive, or even preventative, effort to cripple another state’s potential nuclear weapons program is somehow more justifiable than attempts to undercut another state’s industrial or economic advantage. Is the former really more acceptable than the latter? Is it possible to weigh these intentions against one another as more or less just?

While the Mandiant report has raised many questions over how to respond to cyber attacks, especially among increasingly economically interdependent super-powers, what seems certain is that a new set of international laws, treaties, and agreements will need to be secured in order to mediate the inevitable growth of cyber warfare and cyber security. Such regulations will have to determine, for example, what constitutes jus ad bellum or jus in bello in the cyber world. The U.S. has a strong historic record in taking the leading role in establishing such international rules and standards and it has an equally strong record of making itself an exception to the very standards it sets. Even by attempting to indirectly frame China’s cyber attacks as unjustifiable following its own use of similar tactics, the U.S. has already set a double standard in its relationship with cyber warfare. As international cyber standards develop, will the U.S. continue to have its cake and eat it too?

[1] Sanger, David, Barboza, David, and Perlroth, Nicole. “Chinese Army Unit is Seen as Tied to Hacking Against U.S.” New York Times, February 18th, 2013.

[2] Ibid.

[3] Barboza, David.” China Says Army is Not Behind Attacks in Report.” New York Times, February 20th, 2013.

[4] Sanger, David. “In Cyberspace, New Cold War.” New York Times, February 24th, 2013.

[5] Sanger, David, 2012. Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power. New York: Random House, p. 206.

[6] Ibid, p. 190.

[7] Sanger, David. “In Cyberspace, New Cold War.” New York Times, February 24th, 2013.

Leave a Reply