![Sample our Politics & International Relations journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5947/TOC-Subject-Sample-2021-Politics-International-Relations.jpg"})
ABSTRACT
Futurist depictions of cyber-attacks in coming wars often portray them as bolts out of the blue that will cause immense damage to a nation’s warfighting capacity and create chaos among its populace by crippling its essential services. However, those depictions are based more on prophecy than they are on historical realities. The historical development of conceptions about cyber operations explains how those themes came to dominate national security discussions about cyber in the United States. Rather than being self-evident, the themes are a result of the application of early cyber efforts to strategic operations, advocacy that focused on doomsday scenarios to draw attention to cybersecurity problems, and the ease with which cyber threats were tied to the primary strategic narratives of American national security during their development.
Acknowledgments
The author would like to thank C. J. Horn, Michael Warner, Jennifer Hall, Aaron Reid, and Brian Branagan for their thoughtful comments and support in reviewing this article.
Disclosure statement
The opinions and assertions expressed herein are those of the author and do not reflect the official policy or position of the United States Space Force or the Department of Defense.
Notes
1 Richard A. Clarke, Cyber War: The Next Threat to National Security and What to Do About It (New York, NY: Harper Collins 2010), 67.
2 Jason Ryan, ‘CIA Director Leon Panetta Warns of Possible Cyber-Pearl Harbor’, ABC News, 10 February 2011, https://abcnews.go.com/News/cia-director-leon-panetta-warns-cyber-pearl-harbor/story?id=12888905.
3 Ibid.
4 Jason Healey, ‘A Brief History of US Cyber Conflict’, in Jason Healey (ed.), Fierce Domain (Washington DC: Cyber Conflict Studies Association 2013), 17.
5 For a great historical study of the conceptual development of strategic bombing and the impact those conceptions had in the employment of bombers in World War II, see Tami Davis Biddle, Rhetoric and Reality in Air Warfare: The Evolution of British and American Ideas about Strategic Bombing, 1914–1945 (Princeton NJ: Princeton University Press 2004).
6 United States Air Force, Air Force Doctrine Publications 3–12 - Cyberspace Operations (Washington DC 2023), 6, https://www.doctrine.af.mil/Portals/61/documents/AFDP_3–12/3–12-AFDP-CYBERSPACE-OPS.pdf.
7 Department of Defense, United States Government Compendium of Interagency and Associated Terms (Washington DC: Department of Defense Citation2019), 233.
8 Michael Warner, ‘A Brief History of Cyber Conflict’, in Schneider et al. (ed.), Ten Years In (Newport RI: Naval War College 2020), 15.
9 Thomas Rona, Weapon Systems and Information War, 1 July (Seattle WA: Boeing Corporation, for the Office of the Secretary of Defense Citation1976), 1. https://www.esd.whs.mil/Portals/54/Documents/FOID/Reading%20Room/Science_and_Technology/09-F-0070-Weapon-Systems-and-Information-War.pdf
10 Ibid., 2.
11 Ibid., 4.
12 Lt Col Evan H. Parrott, ‘C3CM: Theory, Application, and Process’, Research Report, February (Maxwell Air Force Base: Air War College 1983), 14.
13 Bruce Berkowitz, The New Face of War: How War Will Be Fought in the 21st Century (Free Press 2007), 57.
14 Craig J. Wiener, ‘Penetrate, Exploit, Disrupt, Destroy: The Rise of Computer Network Operations as a Major Military Innovation’, Dissertation, Virginia, George Mason University, 2015, 95.
15 Wiener, 97.
16 Berkowitz, The New Face of War, 58.
17 Michael Warner, ‘Cybersecurity: A Pre-history’, Intelligence and National Security 27/5 (October 2012), 787; see also, Lou Cannon, President Reagan: The Role of a Lifetime (New York, NY: Public Affairs 1991), 38.
18 Kaplan, Dark Territory, 2.
19 National Security Decision Directive 145, National Policy on Telecommunications and Automated Information Systems Security, 17 September 1984. This document is now declassified. https://irp.fas.org/offdocs/nsdd/nsdd-145.pdf.
20 Stephanie Ritter Schulte, ‘The WarGames Scenario: Regulating Teenagers and Teenaged Technology 1980–1984’, Journal of Television and New Media 9/6 (2008), 2. https://www.academia.edu/download/32038664/III.C.FRC-Articles_Schulte_8_TVNMedia_2008.pdf
21 Ibid., 3.
22 Ibid.
23 Ibid., 4.
24 Federal Bureau of Investigations, ‘History: Morris Worm’, accessed 17 January 2022, https://www.fbi.gov/history/famous-cases/morris-worm.
25 Estimates of 10% (roughly 6,000 computers) originate from an MIT report that said 10% of MIT computers were affected. That may not be the same for the rest of the internet, and other estimates range as low as 1,000. See Assistant Comptroller General of the United States, Report to the Chairman, Subcommittee on Telecommunications and Finance, Committee on Energy and Commerce, House of Representatives: Computer Security – Virus Highlights Need for Improved Internet Management, June (Washington DC: General Accounting Office 1989), 17.
26 Peter J. Denning, ‘The Science of Computing: The Internet Worm’, American Scientist 77/2 (March–April 1989), 127.
27 Assistant Comptroller General, Computer Security, 4.
28 Most often they are subtle references but suggest that many viewed the threat as being one from malevolently motivated individuals. This is a representative example from a Wall St. Journal article: ‘If computers can be sabotaged so easily, so swiftly, experts wonder, how vulnerable is the system to high-tech terrorists?’ ‘Spreading a Virus: How Computer Science Was Caught Off Guard By One Young Hacker – Outbreak Spread Nationally, Caused No Lasting Harm But Much Embarrassment – Finding a Worm in the Mail – A Wall Street Journal News Roundup’, Wall Street Journal, 7 November 1988. https://www.proquest.com/newspapers/spreading-virus-how-computer-science-was-caught/docview/398171075/se-2?accountid=4332.
29 Healey, Fierce Domain, 36–37.
30 House, Computer Security: Hearings Before the Subcommittee on Technology and Competitiveness of the Committee on Science, Space, and Technology, 102nd Cong., 1st Session, 27 June 1991, 10. https://winnschwartau.com/wp-content/uploads/2019/06/Testimoney-1991-Computer-security_hearing.pdf
31 Alan D. Campen, ‘Iraqi Command and Control: The Information Differential’, in Campen (ed.), The First Information War (Fairfax VA: AFCEA International Press 1992), 172.
32 For some examples, see Eliot A. Cohen and Thomas A. Keaney, Gulf War Air Power Survey: Summary Report (Washington DC: U.S. Government Printing Office 1993), 248; James Adams, The Next World War: Computers Are the Weapons and the Front Line Is Everywhere (New York: Simon & Schuster 1998), 55; ‘Space and C3I: A Strategic Context’, 18 November (HQ AF/XOOO 1991), slide 6.
33 DOD Directive (DODD) TS 3600.1, Information Warfare, 21 December 1992. Document is now declassified. https://archive.org/details/14F0492Doc01DirectiveTS3600.1
34 George C. Herring, From Colony to Superpower: U.S. Foreign Relations since 1776 (Oxford UK: Oxford University Press 2011), 920.
35 Ibid., 936.
36 Clarke, Cyber War, 106.
37 Critical infrastructure examined in the report included transportation, oil and gas, water, emergency services, government services, banking and finance, electrical power, and telecommunications. See Robert T. Marsh, ‘Critical Foundations: Protecting America’s Infrastructures’, The Report of the President’s Commission on Critical Infrastructure Protection, 13 October (Washington DC: 1997), 3–4.
38 Ibid., i.
39 Ibid., x.
40 While terrorists have relied heavily on the internet for recruiting, communications, and fundraising, there have been no major cyber-attacks or intrusions from terrorists; see Healey, Fierce Domain, 64.
41 Kaplan, Dark Territory, 64.
42 Healey, Fierce Domain, 42.
43 Kaplan, Dark Territory, 69–70.
44 John Campbell, ‘Lessons from Our Cyber Past, The First Military Cyber Units’, in Healey (ed.), Fierce Domain, 56.
45 Warner, ‘Cybersecurity’, 797.
46 John J. Hamre, Deputy Secretary of Defense, speech to the Fortune 500 CIO Forum, Aspen, Colorado, 21 July 1998 https://www.globalsecurity.org/intell//library/news/1998/07/t08121998_t072198.html
47 Healey, Fierce Domain, 43.
48 Ibid.
49 ‘FBI Eyes Teens in Pentagon “Attacks”’, Wired, 27 February 1998, https://www.wired.com/1998/02/fbi-eyes-teens-in-pentagon-attacks/, accessed 24 February 2022.
50 Senate, Security in Cyberspace: Hearings Before the Permanent Subcommittee on Investigations of the Committee on Governmental Affairs, 104th Cong., 2nd Session, 16 July 1996, 155. https://babel.hathitrust.org/cgi/pt?id=uc1.31210010684072&view=1up&seq=161
51 Jennifer Martin, ‘Nunn: End of Cold War Destabilized World’, South Bend Tribune, 19 March 1998. https://www.proquest.com/newspapers/nunn-end-cold-war-destabilized-world-ex-senator/docview/416888814/se-2?accountid=4332
52 David Perera, ‘Stop Saying “Cyber Pearl Harbor”’, Fierce Government IT, 13 June 2012, https://web.archive.org/web/20120617204335/http://www.fiercegovernmentit.com/story/stop-saying-cyber-pearl-harbor/2012-06-13.
53 Ibid.
54 George Smith, ‘An Electronic Pearl Harbor? Not Likely’, Issues in Science and Technology 15/1 (Fall 1998), 69–70. https://www.jstor.org/stable/43311853
55 White House, National Security Strategy, May 1997, 7.
56 Ibid., 11.
57 White House, A National Security Strategy for a New Century, December 1999, 1.
58 Ibid., 12.
59 Roger C. Molander, Andrew S. Riddile and Peter A. Wilson, Strategic Information Warfare: A New Face of War (Santa Monica CA: RAND 1996), xi. http://www.rand.org/pubs/monograph_reports/2005/MR661.pdf (accessed 1 March 2022).
60 Ibid., xiii.
61 US Congress, General Accounting Office, ‘Information Security: Computer Attacks at Department of Defense Pose Increasing Risks’, Technical Report GAO/AIMD-96-84, 22 May (1996), http://www.fas.org/irp/gao/aim96084.htm (accessed 1 March 2022).
62 Office of the Under Secretary of Defense for Acquisition & Technology, ‘Report of the Defense Science Board Task Force on Information Warfare-Defense (IW-D)’, November (1996) https://apps.dtic.mil/docs/citations/ADA319571 (accessed 1 March 2022).
63 ‘Y2K’ Smithsonian Institute, https://www.si.edu/spotlight/y2k (accessed 1 March 2022)
64 Healey, Fierce Domain, 50.
65 Ibid.
66 Clarke, Cyber War, 112.
67 The Code Red Worm alone produced headlines for months warning it was just the beginning of what cyber terrorists could do. See also Healey, Fierce Domain, 50.
68 Healey, Fierce Domain, 49.
69 Clarke, Cyber War, 111.
70 Healey, Fierce Domain, 49.
71 Vernon Loeb, ‘NSA Adviser Says Cyber-Assaults On Pentagon Persist With Few Clues’, The Washington Post, 7 May 2001, https://www.proquest.com/newspapers/nsa-adviser-says-cyber-assaults-on-pentagon/docview/409117447/se-2?accountid=4332.
72 ‘We’re in the Middle of a Cyberwar’, Newsweek, 19 September 1999.
73 Bradley Graham, ‘Bush Orders Guidelines for Cyber-Warfare’, The Washington Post, 7 February 2003, https://web.stanford.edu/class/msande91si/www-pr04/readings/week5/bush_guidelines.html.
74 Ibid.
75 Ibid.
76 Department of Defense, Information Operations Roadmap, October 2003, 45–48. Document is now partially declassified.
77 Ibid., 57.
78 Chairman of the Joint Chiefs of Staff, National Military Strategy of Cyberspace Operations, December 2006. This document is now partially declassified. https://nsarchive.gwu.edu/document/21419-document-23
79 Ibid., 13.
80 Ibid.
81 Details about the meeting’s content come primarily from secondary sources. In Playing to the Edge, Hayden provided the only primary source material when he specifically credited DNI McConnell with selling Bush on the ‘immediacy of the cyber threat and convinced him to launch the CNCI’, 177. Kaplan’s Dark Territory includes a more in-depth telling of events based on his interviews of unknown members, 174–178. Clarke’s Cyber War provides fewer details than Kaplan but they largely agree with Kaplan’s narrative, 114.
82 Mike McConnell, interview by Charlie Rose, The Charlie Rose Show, PBS, 8 January 2009. https://www.dni.gov/files/documents/Newsroom/Speeches%20and%20Interviews/20090108_interview.pdf
83 Ibid.
84 Kaplan, Dark Territory, 174.
85 Kaplan’s Dark Territory records Bush saying he wanted a solution in thirty days, 175, while Clarke’s Cyber War quoted him saying, ‘I want a plan, soon, real soon’, 114.
86 Kaplan, Dark Territory, 178.
87 National Security Presidential Directive, 54, Cybersecurity Policy, 8 January 2008, 4. https://irp.fas.org/offdocs/nspd/nspd-54.pdf. This document is now partially declassified.
88 Kaplan’s Dark Territory reported the administration requested $18B over five years, 178. Clarke’s Cyber War pegged the number at $50B over five years. Others reported $3.6B alone allocated to it in 2011, see Eric Chabrow, ‘CNCI Budget Request Set at $3.6 Billion’, GovInfoSecurity, 2 February 2010, https://www.govinfosecurity.com/cnci-budget-request-set-at-36-billion-a-2151.
89 Robert Gates, Duty (New York City NY: Alfred A. Knopf 2014), 193–4.
Additional information
Notes on contributors
Cameron L. Ross
Cameron Ross is an officer in the United States Space Force currently attending the School of Advanced Air and Space Studies at Maxwell Air Force Base, Alabama. He is an intelligence officer with expertise in signals and cyber intelligence and has published articles on strategy, cyber deterrence, competition with China, and Air Force history.