As the the blast from the first atomic bomb swallowed the New Mexico skyline, Robert Oppenheimer felt something like regret. “I am become Death, destroyer of worlds,” he said, borrowing a now infamous line from the Bhagavad Gita. “Destroyer of worlds.”
In the passage quoted, the deity Krishna reveals his “true self” to a frightened follower. The sentiment behind the action held special meaning for Oppenheimer, a man troubled by his new creation. Like Krishna before him, he, too, believed he was showing humanity its end.
So far, we have managed to avoid nuclear doomsday. Instead, modern militaries have found new and inventive ways to escalate conflict. Cyberspace has become the battlefield of the future, and powers around the world are scrambling to find war’s next endgame.
Dr. Craig Albert is the director of the Master of Arts in Intelligence and Security Studies program at Augusta University. An expert in both counterterrorism and cybersecurity studies, he’s currently working to define what such a line might look like. Though still in its infancy, his research shows how a well-executed cyberattack could make a nuclear blast seem like a mercy.
“A cyberattack could theoretically wipe out a state’s electric grid, causing [the target] country to go into a pre-industrial era for several months,” Albert said.
While not as outwardly destructive as a nuclear attack, the long-term consequences would be just as damaging. Smartphones, computers, navigational systems would become instantly useless. Electronic trade would cease. Markets would crash. Almost all national defense functions would slow to a crawl.
“That [kind of attack] could pretty much wipe away any previously held power projection capabilities,” Albert said. “All economic factors would cease to be relevant.”
Unlike the use of nuclear weapons, around which decades of norms and policies have been established, there is no global consensus on the waging of cyberwar. As a result, Albert said the possibilities are “endless” when it comes to predicting the scope of cyberattacks.
The most likely outcome of a major cyberattack is a kinetic response. That said, putting boots on the ground can be a difficult call to make. Intent plays a huge role in deterimining whether an attack can be considered an act of war. When the United States bombed Japan in the final days of World War II, for instance, the intent was clear; the United States wanted to send a message to the rest of the world that it had become the dominant superpower. But what does a state intend when it infects a government system with malware?
All of this, of course, assumes the source of the attack can even be determined. Cyberattacks often go unattributed, Albert said. Sometimes that lack of attribution stems from non-state actors carrying out the attack from within a hostile country. Other times, it’s because the states involved want to claim plausible deniability. In either case, the decision to go to war isn’t as simple as ordering a counterattack. There is an added nuance to cyberwar, Albert explained; a subversion of the typical saber rattling found before kinetic wars.
For the moment, the endgame of cyberwar is likely to remain a kinetic response. Cyberattacks fill a comfortable niche within kinetic operations; shutting down websites or cutting off internet access prior to an invasion is already a popular Russian tactic. As cyberattacks become more and more complex, though, the likelihood of two nations waging pure cyberwar becomes more real. If or when that happens, those left standing might understand where Oppenheimer was coming from.