Cyber War: The Next Threat to National Security and What to Do About It
Nowadays computers play a fundamental role in controlling critical infrastructure systems, managing logistics, and relaying intelligence information. The book Cyber War: The Next Threat to National Security and What to Do About It by Richard A. Clarke and Robert K. Knake presents the idea of a potential cyber war and its effect on the modern day society since computer-related attacks have been developed in the recent time and have posed grave threat to both governmental and private sectors. The narrative is based on the story about the United States, which faces serious peril of its national security. Clarke and Knake provide the comprehensive explanation of cyber war, arguing that it is inevitable in the United States, and present their perspectives on the necessity of upgrading national security strategies.
At the beginning of the book, Clarke and Knake (2012) state that the death of William W. Kaufmann, one of the creators of the United States Strategic Nuclear War Doctrine, signals the end of the bipolar era of Cold War and the introduction of the multipolar period. The authors emphasize that the information age conditions emergence of cyber war, which “refers to actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption” (Clarke & Knake, 2012, p. 6). Clarke and Knake (2012) provide a history of cyber-events, covering the renowned suspects and post-cold war international conflicts where nations have organized cyber-attacks to support major combat operations or as a means of coercion. For example, Moonlight Maze and Titan Rain can be referred as cyber-espionage, and DDOS attacks launched by Russia against Estonia and Georgia, Israel against Iran and Syria, North Korea against South Korea can be defined as minor computer-related warfare. The nature of these incidents demonstrates that cyber war is real, “happens at the speed of light,” (Clarke & Knake, 2012, p. 30) global, does not require physical battlefield, and has already begun “for political, diplomatic and military goals” (Clarke & Knake, 2012, p. 11). The authors emphasize that cyber warfare will accompany almost any kinetic wars in the future, which becomes the grave peril.
The authors also indicate the global aspect of cyber war. At the period of rising tensions, due to the use of computer technologies, the opponent may be misled about the nation who has started the conflict. As a result, other countries can be accidentally involved in the war. In addition, it can be a hacker who uses a cyber-weapon for his or her purposes and wreaks destruction, or discovers and triggers a logic bomb left by another person. Furthermore, cyber-warriors may justify this form of war because it neither involves explosives nor leads to direct lethality. For example, pilots who kill Taliban in Pakistan by remote control undermine the seriousness and damage they cause because they are situated in a peaceful and calm environment, being distant from violence and death (Clarke & Knake, 2012, p. 136). Such progressive nature of cyber-attacks entails the impossibility of punishment or retaliation since it is impossible to attribute the attack to a country or a certain citizen.
The authors concentrated on cyber-threats posed by nation-states rather than by cyber-terrorists or “hacktivists.” Nowadays, China, Russia, North Korea, and the United States possess in their arsenal such computer-related capabilities that in a case of utilization of at least a certain proportion of them, some states can be devastated. Clarke and Knake (2012) provide a clear explanation for such a pessimistic perspective. In fact, both private and governmental sectors vastly use computer systems for the operation of a financial system, power grids, air-control, the Internet network services, and transportation. It means that these systems can be easily targeted and rendered inoperable. In particular, the United States faces the biggest threat to its security in comparison with other nations due to its excessive dependence on cyberspace: “Cyber war places this country at greater jeopardy than it does any other nation” ( Clarke & Knake, 2012, p. xiii).
Clarke and Knake (2012) provide a step-by-step scenario of mechanics of a war-game exercise in which the U.S. fail to deter China from establishing its power and control in the South China Sea. The theoretical threat attaches considerable importance to cyber-defensive and offensive capabilities and determines the relative asymmetry of cyber warfare. Insufficient cyber-protection provides the reason why the U.S. should not engage in a cyber war and first launch attack. Moreover, the authors conclude that cyber-deterrence is not as efficient as nuclear deterrence because of the impossibility of detection of an attack’s source.
They stress that the defense from the cyber-attacks must become the first and foremost priority of cyber war strategy in the USA. Clarke and Knake (2012) warn that insufficiency of credible cyber-protection techniques could result in the escalation of a cyber-conflict into a conventional form of war. Moreover, the authors credibly assess the Supervisory Control and Data Acquisition (SCADA), which comprises the systems of critical infrastructure, in terms of its insecurity. Although the U.S. already possesses the most advanced offensive cyberspace prowess, has been a leader in cyber-espionage and the development of cyber war tools, the state needs to devise better defensive capabilities to protect critical infrastructure from potential cyber-attacks. In fact, national security leaders assure that they possess enough resources to detect a risk of cyber-attack (Clarke & Knake, 2012). However, Clarke and Knake (2012) emphasize that a major cyber-danger from another nation originates within the American borders. Consequently, the state would not be able to respond and protect its systems at the full scale, and civilian infrastructure would be affected the most. Moreover, military forces are also excessively network-centric and are thus vulnerable to cyber-attacks (Clarke & Knake, 2012). It means that in the most critical situations, highly advanced and effective technologies would not function.
The authors accessibly explain the challenges that the federal government needs to handle to succeed in employing effective defensive methods. They do not approve of the government’s inability, which one presidential administration imparts to another, to apply measures for network security to the private sector. On the contrary, Chinese and Russian cyber-defense strategies have already excelled towards computer-related security due to the rigorous governmental approach and regulations of their national Internet Service Providers. Moreover, these countries do not have privacy issues like the USA. Consequently, they can scan incoming traffic for malware and deter other nations from planting logic bombs and trapdoors on their systems. In addition, Asia has surpassed the United States in the production of the complex microchips that are necessary for modern systems. An innocent-looking part hides a serious danger in the form of spyware, logic bombs, or Trojan horses (Clarke & Knake, 2012).
Clarke and Knake (2012) not only aim to enlist potential cyber-threats but also provide detailed and accurate recommendations for theoretical and practical measures to ensure national and international cybersecurity and define six main strategies aimed at averting a cyber-war disaster on an international level. Their prescriptions bear the biggest significance of the book. Clarke’s government experience provides profound insight into the peculiarities of the creation and implementation of comprehensive strategy of national cybersecurity. Moreover, the authors present a balanced perspective on the need for international law and the potential of a corresponding treaty to ban cyber-attacks on civilian infrastructure to prevent cyber war. They also criticize computer-related espionage, intending to promote the prohibition of it, because it has “the potential to be damaging to diplomacy, to be provocative, and possibility even destabilizing” (Clarke & Knake, 2012, p. 128). Nevertheless, the authors do not fully oppose espionage, stating that it “is about getting knowledge” (Clarke & Knake, 2012, p. 125).
Clarke and Knake (2012) provide security-related recommendations known as the Defensive Triad Strategy. It is supposed to incorporate federal regulation as a fundamental base to devise cyber-security principles. Defensive efforts would cover three major sectors. First, it is necessary to implement adequate regulations of the Tier I ISP with “deep packet inspection” (Clarke & Knake, 2012, p.134) which does not violate privacy rights or affect the Internet speed. Second, increased protection of the power grid can be achieved by disconnecting critical infrastructure management from the Internet. In addition, the control signals sent to key components such as generators or transformers must be both encrypted and authenticated. Last, the authors recommend enhancing the security of military networks and weapons by security upgrades for defense IT systems such as the vast use of firewalls, encryption, and network monitoring. In brief, in a case of a large-scale attack against the United States, the Defensive Triad could mitigate the repercussions.
To strengthen their arguments and points, Clarke and Knake use substantial facts based on their personal and professional experience. Richard Clarke, a former cybersecurity agent, served three presidents as an advisor on national security. He worked in the White House for Presidents Ronald Reagan, George H.W. Bush, George W. Bush, and Bill Clinton. He was also appointed as national Coordinator for Security, Infrastructure Protection and Counterterrorism (Clarke, n.d.). Thus, Clarke’s inferences demonstrate his expertise and knowledge concerning the governmental role in adopting the policies and the cyber war capabilities of other countries. His hypothetical situations provoke thoughts about the readiness of the U.S. to handle such a threat and how each citizen and sector could contribute to preparation for the defense against a cyber war. Rob Knake, an international affairs fellow at the Council on Foreign Relations, has concentrated on homeland security and the computer-related threats in the twenty-first century (Clarke & Knake, 2012). Knake’s alternatives and solutions are succinct and relevant because they are mainly based on the most recent investigations.
The authors avoid using complicated computer terms or sophisticated military details. More importantly, they simplify technical notions and provide a glossary to enhance the accessibility of the narrative. Therefore, this book helps to prepare the U.S. population for the potential computer-related war threat. To attach more significance to the existing problem and evoke in readers the realistic pictures of possible danger, the authors provide vivid descriptions of hypothetical situations involving cyber-attacks in the USA. For example, the readers are exposed to detailed accounts of the results of dormant logic bombs and malware attacks. Clarke and Knake (2012) conclude that collapsed air-traffic control, disruption to the work of railroad and bank systems, and exploded pipelines can affect the large portion of the state. Although the authors concentrate mainly on the U.S., such devastating scenarios can be applicable to any nation that is not vigilant in their cyber-defense. Koh (2014) notes, “The book serves as a reality check, both to the U.S. and the world” (p. 79). Thus, cyber war could bring a huge scale of repercussions to the entire world if people remain ignorant of the computer-related threat.
The authors’ definition of cyber war is precise and convincing because serious cyber-attacks, being the prerequisite for such war, already happen on a daily basis in the world. Cyber war can lead to disruption to the work of 18 critical infrastructure systems, among which there are traffic, electrical power grids, as well as financial and health care records systems. Thus, envisioning potential risks of cyber war may help to reduce the chances of its development and mitigate the effects of cyber-attacks. This form of war is convenient since by inflicting adversities on the target population, the attacking side attempts to compel an opponent to surrender without resorting to conventional form of war and weapons. Moreover, the cyber war becomes evident only after successful application of an attack. The average computer user may even not notice that his or her computer has been under a cyber-attack. In addition, wars are held with the purpose of gaining dominance because “a superior force (or nation-state) that loses information dominance will be beaten, while an inferior one that seizes information dominance will be able to win” (Clarke & Knake, 2012, p. 43).
There is no need to include this book in the reading list for cyber intelligence analysts because of its shortcomings. First, the narrative lacks references and an index. Therefore, it is impossible to confirm the credibility of the facts presented by the authors. Second, some of their assertions border on the fear of cyber-doomsday due to the vulnerabilities of the Internet. For example, according solely to the authors’ opinions without any outside support, simple gadgets and software on personal computers may be altered to the weapon. The simplicity of presentation and excessively fictional style of expression being on the verge of speculations, lack of statistics and more technical approach do not correspond to the level appropriate for intelligence analysts. Moreover, some Clarke’s and Knake’s arguments on cyber war are hyperbolized. In addition, it might be hard to follow the authors’ approach to support their opinion due to the absence of ordered timeline of significant events despite the fact that the book has a well-structured format.
Nevertheless, this book provides much relevant information related to cyber intelligence. It is especially essential for those who are at the initial stage of acquiring knowledge on this topic. Thus, Clarke and Knake differentiate among hackers, cyber criminals, and cyber warriors. Hacker could write instructions in the code; when they exceed authorized access, they become cyber criminals. Cyber warriors are those who work for the U.S. military. Readers can also learn more about cyber warfare and cyber war in general, its components, and main methods of performing such attacks. The authors also explain such notions as cyber-espionage, cyber-crime, and cyber-terrorism, proving the specific examples. Analyzing the potential situations provided in the book and the authors’ insight into cyber war, readers may understand the major predispositions and consequences in the aftermath of the cyber-attack. In addition, this book will be interesting for those who would like to deepen their knowledge concerning the U.S. government, its structure, policies, and role regarding cyber warfare and national security.
The book Cyber War: The Next Threat to National Security and What to do About It by Richard A. Clarke and Robert K. Knake is increasingly relevant to today’s national security issues because it presents information about technology, government, and military strategy in terms of the threat posed by cyber-attacks and the vulnerability of a nation. Despite some reservations related to the style and references, this book provides a thorough analysis of the problem of potential cyber war, its consequences and methods of prevention as well as the historical context around the cyber-attacks and the need for adoption of substantive defensive policies. Therefore, the country’s main purpose is to devise a viable and comprehensive cyber strategy to secure vital national infrastructure from being electronically targeted in a future conflict.