I have contributed an essay, “A Fatal Disconnect: Conventional Deterrence in a Nuclear-Armed World,” to an excellent edited volume produced by the George C. Marshall Institute in Washington, DC, titled Returning to Fundamentals: Deterrence and U.S. National Security in the 21st Century.
Along with my modest contribution, there are outstanding essays by Bob Butterworth, “Nuclear Force Planning: Odin or Onan?”; Peter Marquez, “Space Deterrence: The Prêt-á-Porter Suit for the Naked Emperor;” and Eric Sterner, “Deterrence in Cyberspace: Yes, No, Maybe?”
We hope that they all contribute something useful to understanding the vitally important concept of deterrence.
Filed under Conventional Deterrence, Cyberpower, Cyberspace, Cyberwar, Deterrence, George C. Marshall Institute, Nuclear Weapons, Shameless Self-Promotion, Spacepower, Strategic Theory, Strategy
World Politics Review has just published an essay I wrote titled "Stuxnet and Cyberpower in War." The following is an extract and then a link to full piece at the World Politics Review website:
In June 2009, a computer worm called Stuxnet was unleashed against the nuclear enrichment plant at Natanz, Iran. Designed to infect the operating system used by the Iranians to control their nuclear centrifuges, Stuxnet significantly disrupted, and thus delayed, Iranian nuclear efforts, according to a New York Times report on Jan. 15, 2011. The Times report also provided a breathtaking peek behind the scenes of what appears to have been a large and complex covert operation to develop the Stuxnet worm. If the revelations are true, then the Stuxnet attack provides significant insights about the potential character of war by cyber means. They also raise serious questions about the use of cyberweapons in the future.
Since Stuxnet was discovered, there has been much commentary about what it means for cyberwar, a term that has become part of the contemporary strategic lexicon. The problem is that "cyberwar" is both an inaccurate descriptor of what Stuxnet and other possible cyberweapons portend, and artificially differentiates cyberpower — the ability to use cyberspace in peace and war in order to achieve political objectives — from the other military instruments as a tool of national power. Cyberpower must be analyzed and considered within the context of 21st century war and peace, not as an isolated phenomenon. To that end, the term "cyberwar" does not promote sound strategic thinking. Instead, it is more useful to talk of cyberpower in war, or war by cyber means.
While the Stuxnet worm reveals a number of characteristics about war by cyber means, it also raises many questions about this kind of warfare that policymakers would do well to ponder. Only by examining both sets of issues is it possible to determine whether Stuxnet is in fact a game-changer in the evolution of the cyber domain and in warfare in general.
Yesterday's New York Times story on Stuxnet mentions a 2008 PowerPoint presentation made by Idaho National Laboratory and Siemens at a conference in Chicago, on the vulnerabilities of the Siemens Process Control System (PCS) 7 operating system used by the Iranians. The New York Times reports that the presentation is no longer available on the Siemens website, but I have obtained a copy here: