Offensive Use of Cyberweapons — Yes, No?

We love victimizing ourselves in our discussions of cyberwarfare. The Chinese are attacking us. The North Koreans are attacking us. The Russians are attacking us. And we had better shore up our defenses.

But in Farwell and Rohozinski’s “The New Reality of Cyber War,” we get a different story. It was the United States that preemptively launched an offensive operation in 2010 known as the “Olympic Games,” shelling Iran with “weaponized computer codes.” These codes, which included the infamous Stuxnet cyberworm, actually succeeded in crippling Iran’s nuclear development capacity and significantly stalled the progress of the Iranian nuclear program. In short, this virtual ‘bombarding’ of Iran with computer viruses proved we would no longer need to send drones and detonate real bombs over Iranian skies to successfully undermine the capacity of Iran’s nuclear institutions.

But that’s only the beginning. Farwell tells us that in September 2011 and in May 2012, additional cyberattacks were launched against Iran presumably by the US. One particular worm, known as Flame, infected computers in Lebanon, UAE, West Bank and Iran, and gathered intelligence by recording conversations, taking screen shots, erasing information on hard discs, logging keyboard strokes, and more.

These preemptive US cyberattacks raise a few important questions.

  1. How do you feel about using cyber weapons offensively against another country with which we may not even be at war?
  2. Does a cyberattack constitute an “act of war?” — Factors to consider: 1. The UN Charter prohibits the “threat or use of force against the territorial integrity or independence of any state.” 2. You might argue that the virtual world is clearly separate from real life and no one actually dies from a cyberattack, but what if Iran, in response to a cyberattack, had responded “kinetically” and perhaps even rightfully by declaring (real) war in retaliation?
  3. On a related note, what do you think is the difference between dropping an actual bomb over Iran—which would be a clear act of war under UN definitions—and bombarding Iran with virtual “bombs” (i.e. in a cyberattack) that would induce physical damage of the machines?
  4. Did you know about American involvement in offensive cyberattacks against foreign nations? Do you think that the media’s portrayal of “cyberwarfare” and “cyberattacks” in the US is fair?


One thought on “Offensive Use of Cyberweapons — Yes, No?

  1. First, I certainly think that a cyberattack constitutes an “act of war.” Think about it this way: the goal of these attacks on Iran was to debilitate Iran’s nuclear facilities and push back the date on which they will be able to build a nuclear weapon. This is identical to the goal of a potential military strike on their nuclear facilities, which, though it may also have human casualties, is focused on taking out their nuclear capacity. Thus, in my mind, it is equal to a military strike on nuclear facilities and is thus an act of war. Perhaps it’s time for the UN Charter to be updated to reflect the growing influence of technological change on confrontation between countries.
    On this issue, I am certainly comfortable about the US’s past use of cyber weapons against Iran, with whom we were engaged in a Cold War of sorts. This is the new reality of 21st-century ‘war,’ and is completely fair game. Do these actions mean that Iran had a right to respond with comparable action? Certainly, as these cyber weapons are the face of military confrontation today. Just as unmanned drones have transformed what people consider to be weapons and forms of attack, so too has the development of technology and the use of cyber weapons transformed this as well.

Leave a Reply