Article Preview
TopIntroduction
Cyberwar is no longer coming as Arquilla and Ronfeldt predicted in 1993, but “cyberwar is here, and it is here to stay” (Arquilla, 2012). As far as the term “cyberwar” goes, this statement is indisputable. Two decades ago it was discussed only sporadically within American military-academic scholarship. With the 2007 cyberattacks in Estonia, the term has gone mainstream. Characterised as the first cyberwar (Lesk, 2007), the Estonian cyberattacks took place over the duration of a month during which websites were disrupted and bank-services momentarily shut down (Lander & Mankoff, 2007). Later in the same year, the term “cyberwarfare” was used to describe a cyberattack that neutralised a Syrian radar-system prior to the Israeli bombing of a nuclear construction site in Deir ez-Zor (Fulghun et. al., 2007). Since then, “cyberwar” has gradually gained traction as a number of businesses, governments and private individuals have been targeted through cyberspace. To date, the incident that has attracted the most attention was the U.S.-Israeli orchestrated cyberattack known as Stuxnet, which managed to destroy centrifuges at an Iranian nuclear facility (Sanger, 2012; Foltz, 2012; Farwell & Rohozinski, 2011).
These events constitute the backdrop against which the scholarly debates on cyberwar are played out. But despite similar empirical starting points, the debate as to whether cyberwar is here, whether it is impending or whether it is merely a discursive term used to describe a threat that at best is exaggerated and at worst is non-existent, rages on. While some scholars argue that cyberwar is coming (Adams, 1998; Clarke & Knake, 2010; McConnell, 2010; Farwell & Rohozinski, 2012), other more critical scholars rebut these findings as exaggerated claims based on dooms-day scenarios with little or no empirical validity (Samaan, 2010; Lawson, 2011; 2012; Rid, 2012a; 2012b; Gartzke, 2013); what they both lack, however, is theoretical grounding.
The German military thinker Carl von Clausewitz’s monumental book On War (2007 [1832]) is widely acknowledged to be the most influential book on war (Gray, 2005; Heuser, 2002). Within the literature on cyberwar however, the few scholars that do claim to draw inspiration from Clausewitz tend to do so in a rather selective manner, cherry-picking quotes and misusing concepts (cf. Arquilla & Ronfeldt, 1997; Farwell & Rohozinski, 2012; Cornish et al., 2010; Rid, 2012a; 2012b). Most scholars reject Clausewitz’s framework as inapplicable to cyberwar, either because On War is considered outdated (Cornish et al., 2010: 32) or because the “war” in cyberwar does not respect the Clausewitzian criteria of war (Rid, 2012a; 2012b). What these scholars fail to acknowledge, is that it goes against the foundation of the Clausewitzian framework to draw out selected theoretical concepts and test them against empirical events. On War is “the prism through which we … look at war” (Strachan & Herberg-Rothe, 2005: 1), and it is a way of thinking about war. This article shows that On War, when thought of as a prism, remains relevant to the discussion and of cyberwar.
Motivated by the urge to show that the use of Clausewitz within the cyberwar-debate thus far has been both limited and based on misinterpretations, this article uses On War as a lens through which to analyse the relationship between cyberattack and war, and finds that, while cyber-weapons are becoming the new “weapons of mass discussion”, the threat from – and opportunities of – cyberattacks are greatly exaggerated.