United States Cyber Command USCYBERCOM
At the end of June, after a U.S. drone was shot down by Iran, the US adopted an unusual means of retaliation. Under the authority of President Trump, US cyber forces launched cyber-attacks against a number of Iranian military and intelligence agencies, with destructive purpose. The specific damage caused by this attack remains a mystery, but this new form of military retaliation may change many countries’ perceptions of national security, which in turn could lead to unpredictable chain reactions in the future.
Although the attack on Iran is not the first time the US launched a cyber-attack, this particular attack has some features that deserve attention. For example, this is the first time the US has used cyber-attacks as a tool of retaliation. Unlike previous cyber-attacks, this time the US government and the military deliberately revealed some details of the offensive, such as the target and purpose. The goal was to damage Iran’s weapons and command system with a clear and destructive intention. These characteristics make this attack more like an example of cyber war, rather than mere hacking.
In recent years, with US cyber forces completing several of their phased goals, the US defense posture in cyberspace has become more aggressive. According to US media reports, at least three countries have become victims of similar cyber-attacks or penetrations by US cyber forces. In addition to Iran, during the Obama administration US cyber forces launched a network interference attack on North Korea’s missile launch, causing many missiles to explode shortly after lift-off. This practice is similar to the recent attack on Iran. A month ago, The New York Times revealed that US cyber forces were implanting an "offensive" Trojan virus in the Russian electrical grid, ready to be activated at a specific moment to cause significant harm.
Iran, North Korea and Russia all have some hostility with the US and are subject to US economic sanctions. Cyber-attacks are regarded by the US as a "safer, lower threshold" punitive measure. At the same time, the US regards cyber-attacks as a foreign policy tool that brings uncertainty to the stability of cyberspace, and undermines the international community's mutual trust in cybersecurity.
First, this practice may change international attitudes towards the militarization of cyberspace, with more countries regarding offensive cyber capacity building as an urgent need. Cyber-attacks are low in cost and easy to implement, while cyber defenses are difficult. The US believes that, given the significant gap between US military capabilities and those of other countries, its adversaries will not rashly use military means to respond. Therefore, cyber-attacks provide the US with additional advantages and flexibility in a grey-area confrontation. However, this advantage will soon be eliminated, as US competitors will develop corresponding cyber-attacks as soon as possible, forming a deterrent against the US, or using cyber methods as a counterattack when necessary.
Second, this practice has weakened mutual trust between the United States and other countries on military matters. The United States once considered itself a "victim" of cyber-attacks. The International Strategy for Cyberspace, launched by the US government in 2011, proposes to enhance the security and reliability of the global Internet through international cooperation. During this period, cybersecurity became a key area of cooperation between the US and other countries. In recent days, the US has suddenly changed its position and implemented some cyber behaviors that it had previously opposed. For example, the US has expressed its opposition to launching cyber-attacks on critical infrastructure such as power grids in peacetime, while the malicious network penetration of the Russian power grid clearly contradicts this position. This inconsistency has caused more countries to worry that US is also carrying out similar acts against them in secret, causing serious distrust.
Third, this approach may promote the development of hacker organizations. It will become increasingly common to “outsource” cyber weapons research and development to hackers. Some countries may also reorganize hacking organizations into "cyber militias" or “private cyber forces” to replace the role of regular forces. These new tasks and resources will lead to the growth of hacker organizations. In the absence of cybersecurity cooperation, international hacker organizations may even become a new force threatening national security.
Fourth, the “9/11” or “Pearl Harbor” of cyberspace may break out at any time. The development of 5G technology and the Internet of Things has made society more dependent on cyberspace, and the potential harm caused by cyber-attacks has also expanded. Compared with traditional warfare, cyber warfare has more available targets, and is more prone to unpredictable chain reactions.
For Sino-US relations, the US cyber-attack against Iran will pose a potential risk for Sino-US military relations. The militaries of the two countries need to prepare a plan for such incidents, manage the risk of escalating attacks, and set rules and boundaries for cyber-attacks. Cyber-attacks should not be a military option with no scruples, and US should take a more cautious view of its approach.
