An old saying says that a classic mistake in military planning is preparing for the next war with the weapons of the last one.
After the clashes of enormous battleships like the battle of Jutland in World War I, the United States spent the next 20 years building battleships. But World War II turned out to be an aircraft-carrier war.
Or take for example the Cold War, and the primary weapon as the nuclear missile—the proper use of which was to never be fired.
A new kind of world war has begun, and it doesn’t look anything like these wars of the past.
Yes, aircraft carrier groups are still critical—in fact, they remain the key unit of naval power and serve important functions in worldwide security. In a potential war between world powers, there’s no contest when it comes to aircraft carriers: the US Navy operates half the world’s carrier groups (and three-quarters of the tonnage). The only other nation with more than 1 carrier group is Italy, whose two carriers do not add up to half the tonnage of a single US Nimitz-class carrier. Besides, I’m pretty sure they just use theirs for bunga-bunga parties.
And yes, a single nuclear weapon is still something to be concerned about, today more than ever. The U.S. is estimated to have a total of 7,700 nukes and Russia, a few more at 8,500 (though no one’s sure if any of them work), according to estimates from the Federation of American Scientists. France is the third largest nuclear power, with 300 nuclear weapons. China comes in at number four with 240—none of which are deployed. India has less than 100, and again, none are deployed.
Today, though, in the wake of Vietnam and Afghanistan and Iraq and September 11, we tend to be primarily concerned with “asymmetrical” kinds of war— wars with regional powers and wars with non-state actors, both of which are fought largely by special operations units and drones.
But the threat of large-scale, global wars between world powers is far from gone. It just isn’t about guns and ammo anymore. It’s about bits and bytes.
Last week, cybersecurity firm Mandiant accused China of hacking US public and private institutions on an unprecedented scale. They allege that China has attacked companies such as Apple, stealing trade secrets and new product designs. Twitter and Facebook claim to have been attacked in similar ways.
After the New York Times broke stories detailing the personal finances of major figures in the Chinese government, they too were the victims of a sustained, concentrated, four-month-long cyberattack. The Wall Street Journal and Washington Post have claimed to be victims as well.
China has denied involvement in the attacks, stating that either the origin of the attacks was faked or that, even if they did come from within China, it was not government sanctioned. Apparently, the Chinese military just doesn’t do that sort of thing.
Mandiant sarcastically admitted that sure, the attack could have been orchestrated by “a secret, resourced organization full of mainland Chinese speakers with direct access to Shanghai-based telecommunications infrastructure ... engaged in a multi-year, enterprise scale computer espionage campaign right outside of [government building] Unit 61398’s gates, performing tasks similar to Unit 61398’s known mission.”
Hey, maybe Unit 61398 has been hacked and its 1,000+ servers hijacked. I mean, that would be kind of awesome, right?
A different brand of criticism, directed at Mandiant, has come from elsewhere in the cybersecurity community. Jeffery Carr, CEO of competing security firm, wrote, “Mandiant refuses to consider what everyone that I know in the intelligence community acknowledges. That there are multiple states engaging in this activity; not just China.”
Just for good measure, after the report came out, emails started circulating with attachments that appeared to be Mandiant’s report. Of course, it turned out to be spyware.
It’s just bits of information, right? No one’s going to die because of it.
That couldn’t be further from the truth. Plenty of people died in the Cold War, whether it was through proxy wars such as Korea, Vietnam, or Afghanistan (e.g., the Soviet invasion in 1979) or due to arms-race induced food shortages.
To put it another way, the U.S. is having a hard enough time coming out of the Great Recession, and we’re an innovation economy. As others have astutely asked, what happens to the American economy if the next product from the US’s most innovative and valuable company, Apple, is released by a company in China before Apple has even taken delivery of the prototype? If our economy takes another big hit, many people will lose livelihoods, homes, the ability to feed their families, and much more. All because of little bits of information.
Don’t worry, Congress is on the job. They’ve got the Cyber Intelligence Security Protection Act, and while no one liked it last year, they’re not about to give up on it. Sarcasm and general distrust of Internet legislature aside, a war is on and security is in fact needed.
But the fact that we need security does not mean that any security measure will do. Previous Congressional attempts to rein in the Internet have been shockingly misguided. SOPA and its ilk are generally so out of touch with the way things actually work that they were not only likely to be completely ineffective but also tantamount to a new breed of McCarthyism.
Security, online and off, is a real concern that needs real solutions—not paranoia and placebos. We are right in the thick of creating those solutions. We are a participating and powerful agent of change. Already the government’s approach to online security, privacy, and property ownership has changed dramatically, thanks to the Internet’s reactions and responses. If the citizens of the Internet stay engaged in their government, then we may have a shot at producing the approach to security that the Internet both needs and deserves.
Photo by Jayel Aheram/Flickr