In his evening weekday program titled Lou Dobbs Tonight, the Fox Business anchor Lou Dobbs suggested that the U.S. should go to war with China over the alleged hacking, claiming cyberattacks are no different to the Pearl Harbor military strike committed by the Japanese in 1941.
This latest show focusing on cyber security issues was aired on December 21, 2018, following charges by the United States against two Chinese citizens on the exact same day for having allegedly carried out "cyber theft".
It is not the first time a cybercrime is equated to an act of war like the Pearl Harbor attack. Neither is it the first time that China faces the accusation by the US on the issue of cybersecurity.
When Leon Panetta, former U.S. Secretary of Defense and the then Central Intelligence Agency director, first used the term in 2011 before the Senate Armed Services Committee, he meant a cyber attack matching a Pearl Harbor attack that cripples America’s electrical grid and its security and financial systems.
The frequent use of this term in American media and academia first reveals a common confusion about cybersecurity and cyber war. Approaching from a legal standpoint, cybersecurity issues，if criminally confirmed，fall into activities governed by domestic criminal law.
A cyber war between two countries, if sufficiently severe, may constitute a use of force in international relations governed by international law. The party who illegally launched cyber-attack may violate the general prohibition on the use of force in international relations under article 2(4) of UN Charter and be guilty of a crime of aggression under international law.
Unfortunately, the international community has yet to reach consensus on the conditions under which a cyber-attack may be legally defined as a use of force in international relations under the UN Charter.
There is a document entitled Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, which is authored by nineteen international law experts and represents the most comprehensive analysis of how existing international law applies to cyber operations. However, this document does not have the status of international law.
Besides this confusion between cybersecurity and cyber warfare, another undeniable fact is that the U.S. has the strongest cyber capabilities in terms of both offense and defense. The U.S. established the leading cyber force in the world and opened an arms race in this field. United States Cyber Command (USCYBERCOM) is one of ten unified commands of the United States' Department of Defense.
To say the least, even if the alleged “cyber theft” amounts to a Pearl Harbor attack, the U.S. may have launched such Pearl-Harbor cyber-attacks many times and on many countries. Edward Snowden's disclosures showed that the U.S. has conduced cyber spying activities worldwide and not a single U.S. global surveillance program is less destructive than the alleged “cyber theft”.
Then there’s the question why the U.S., with the strongest cyber capabilities, is always worrying about a “cyber Pearl Harbor”.
In terms of domestic politics, a “Pearl Harbor” cyber-attack is an easy and handy way for having a high defense budget to build advanced cyber capabilities. In addition, the Pentagon also needs a good reason to keep a strong cyber force. An exaggerated “Pearl Harbor” cyber-attack threat serves both purposes.
Internationally speaking, there is no better tool to charge China with than cyber accusations, the standard of proof of which can often be downgraded or circumvented with the excuse of national security concerns. Furthermore, in the context of an on-going trade war with China, it also reveals the U.S. cold-war mentality to expand the trade war to other fields.
Finally, by referring to a “cyber Pearl Harbor” which overstates the actual threat, the users not only inflamed public passion and beat the drums of war unnecessarily, but also incorrectly implied that the United States should respond militarily. This is a truly dangerous step threatening international peace and security.