We’ve seen a lot in recent days about the alleged attack from North Korea on selected computer systems in South Korea. It appears that the banks and television stations in South Korea were the target of cyberwarfare from sources in North Korea.
When will an attack on a nation’s computer systems constitute an act of war? When will a cyberattack necessitate a severe retaliatory response on the level of war?
We’ve always thought of direct physical attacks as the precursors of war. Think Pearl Harbor in 1941. Think 9-11 in 2001. Think Fort Sumter in 1861.
But will the disruption or shutting down of our online banking, our power grid, or some other major form of technology rise to that level? Or do people have to die before a war-like response is forthcoming?
I’m struck by an earlier historical situation. In the first part of the Great War of 1914-1918, World War I as we now call it, U-boats, or submarines, were new to armed conflict. No one had really used them in a significant way. German leaders decided to do so in 1915. They sunk ships carrying war supplies, weapons, hospital goods, medicines, civilian passengers, and practically anything else.
There was no system or process in place, no protocols or standards of accepted practice for a submarine confronting a ship. Those thing had to be sorted out with much bloodshed, confusion, and hostility.
We’re seeing the same thing happen with drones in today’s conflicts. And at the same time, no one really knows where the fact of cyberwarfare fits in with our understanding of acts of war.
As is so often true, technology runs ahead of standards, ahead of customs, ahead of how we understand and embrace a norm.