(MintPress) – Rather than threatening to strike against any nation allegedly waging a cyberattack against the United States, industry leaders are calling on Congress to cool down the war rhetoric and focus instead on how to prevent and bounce back in the event it occurs.
On Tuesday, March 12, Director of National Intelligence James Clapper told members of Congress that cyberattacks posed more of a threat than any land-based attack by a terrorist organization.
“Attacks, which might involve cyber and financial weapons, can be deniable and unattributable,” he told the Senate Select Committee on Intelligence. “Destruction can be invisible, latent and progressive.”
Is he correct in his assertions? Not necessarily, according to experts in the field, including Martin Libicki, senior management scientist at the RAND Corporation.
“The more emphasis on the pain from a cyberattack, the greater the temptation to others to induce such pain — either to put fear into this country or goad it into a reaction that rebounds to their benefit,” he told the Homeland Security Committee.
On Wednesday, Labicki and other experts testified at a congressional Homeland Security meeting, warning members of Congress that threats of military retaliation against those allegedly posing cyberattacks is dangerous rhetoric — as it could leave the United States in an obligatory state to wage war.
The cautionary tone at the meeting came 10 years after the U.S. invasion of Iraq — a lengthy and costly battle, both in terms of dollars and human life. More than 162,000 people died in the Iraq war, 114,000 of whom were civilians, according to Iraq Body Count.
The question at hand is whether the United States, if faced with a bigger-than-ever cyberattack, will feel an obligation to act on its threats, propelling the nation into war once again.
Libicki said the best defense the U.S. could adopt is one that encourages the nation to stay calm, as the U.S. will bounce back from any cyber-related attack.
“Conversely, fostering the impression that a great country can bear the pain of cyberattacks, keep calm, and carry on reduces such temptation,” he said.
That, however, is antithetical to the U.S. approach to attacks or threats of attacks against the United States, cyber or otherwise.
Debating the weight of cyberattacks
The conversation comes in the wake of cyberattacks allegedly conducted regularly by China on U.S. organizations, reported in February. A U.S.-based cyber security firm, Mandiant, tracked recent cyberattacks on U.S. news outlets and companies back to a branch of the Chinese military. According to Mandiant, the branch is responsible for stealing data from more than 140 organizations throughout the world.
The Chinese government has denied the attacks, instead blaming the United States for targeting its military networks. In February, China’s Ministry of Defense said that more than 144,000 cyberattacks were carried out each month last year, presumably by the United States, according to Reuters.
Despite this, security firm CrowdStrike called on the president and Congress to get serious about the allegations of cyberattacks, describing the actions as akin to military threats posed by foreign nations.
“If the Chinese government flew planes into our airspace, our planes would escort them away,” Shawn Henry, who heads CrowdStrike, told the Associated Press in February. “If it happened two, three or four times, the president would be on the phone and there would be threats of retaliation.”
Yet according to Libicki, the two scenarios cannot be weighed evenly. A threat that costs money and a threat that cost lives are two entirely different situations, which raises the question: Should the stakes remain just as high for both threats?
“How damaging that is to the United States depends on how much the problem is costing us,” Libicki told NPR in February. “It’s a policy decision on where you draw the line and why you want to draw the line.”
In the report Clapper gave to Congress in February, he presented a report that detailed what exactly would constitute a major attack on the United States capable of widespread disruptions — that included regional power outages, which most nations do not have the capacity to pull off, according to CNN report.