How should we use cyber weapons?

cyberIn a recent article in Contemporary Security Policy, Forrest Hare argues that we should shift the cyber conflict debate from the “Can we?” question to the “How should we?” question.

The recent release of the United States Department of Defense’s 2018 Cyber Strategy timed closely with National Security Advisor John Bolton’s declaration that the White House has authorized offensive cyber operations suggests that the United States intends to take a much more aggressive approach to combatting perceived threats in the domain.

However, these developments generate as many questions as answers. For example, is the U.S. military prepared with the capabilities required to make good on the National Security Advisor’s declaration? How should the US Department of Defense even structure its military capabilities to combat the threats it faces in the domain?

In my recent CSP article, I hope to spur the cyber conflict debate forward in a productive direction, and away from a focus on strategic alarms, so we can get at answers to these questions. In other words, we must acknowledge that military conflicts have now expanded to cyberspace and it is time to start focusing on ensuring that its conduct is carried out in a professional manner that address all the valid concerns and implications of conflict in the domain.

With this backdrop, I argue in my article that developing precision cyber weapon systems, to be used during a lawful conflict, can be an important part of a responsible national security strategy to reduce the amount of violence and physical destruction in conflicts. To make this argument, I first describe a precision cyber weapon system in a military context. I then present three compelling rationales for the development of precision cyber weapon systems based on ethical, operational, and financial considerations.

For many years now, we have been engaged in debates about the potential for acts of “mass disruption” in cyberspace and the possible legal, moral, and other implications of such strategic incidents. Many writers and popular media have raised the alarm about the dangers that will confront us as a result of an all-out cyber conflagration. Is it possible that this resistance to accepting the usefulness of cyber capabilities has actually led to more death and destruction in conflicts?

Detractors may not consider that an unintended consequence of their conflation of issues, and a singular focus on potential strategic effects, may be creating greater risk to the warfighter, civilian populations, and even the taxpayer. Arguments against the use of any cyber weapon capabilities may put militaries and civilians on both sides of a conflict at unnecessary risk when kinetic weapons may be preferred unnecessarily.

To be clear, I do not argue that precision cyber weapons will be a panacea. We should never expect cyber weapons to replace other weapons in conflict. There will always be a requirement for a spectrum of capabilities to defend a nation in all domains. However, I look forward to the day when there is a broad acknowledgement by military and academic professionals to consider precision cyber weapons an important force multiplier and component of a responsible national security strategy.

Forrest Hare is a retired Colonel in the United States Air Force having served most recently at the Defense Intelligence Agency. His recent article “Precision cyber weapon systems: An important component of a responsible national security strategy?”, Contemporary Security Policy, Advance online publication, is available here