Because cyber warfare is so different from traditional warfare, you can't rely on the same rules you'd use in a physical conflict. With the right techniques, a hacker can make an attack practically untraceable. It's not hard for a skilled hacker to create an entire army of zombie computers -- machines infected with a program that allows the hacker to control the computer remotely. A person owning one of these infected computers might not be aware of the intrusion at all. If a computer system comes under attack from an army of zombie computers, it might not be possible to find the hacker ultimately responsible.
Part of preparing for a cyber attack is to educate citizens around the world. The importance of computer security can't be overstated. A combination of the right antivirus software and a careful approach to Internet activities can help prevent hackers from gathering the resources they need to mount an offense in the first place.
Security experts like Richard Clark, former cyber security advisor to the United States, say that part of the responsibility falls on software companies. He has said that software companies often rush products to market without putting them through a rigorous quality control phase. In particular, he criticized Microsoft for its practices. Since then, Microsoft claims it spends more time and resources making sure its products have strong security features [source: Frontline].
Why release products that aren't secure? The issue isn't as clear-cut as we might like. There's an economic tradeoff when companies take more time to look into security issues before releasing a product. The longer the production cycle, the more money the company has to spend. That puts software companies in a difficult position. Should they increase the price of their products, which can hurt the consumer? Should they keep the price the same and absorb the added development costs, which hurts their investors? Should they cut costs elsewhere by lowering salaries, which hurts their workforce? The reality is that an increased focus on security will result in an impact on the bottom line of the business. If companies feel the risk of a security breach is low, it's possible that they'll ignore the possibility entirely.
Another thing to consider is that private companies own most of the Internet's infrastructure. Unless the government implements regulations, it's up to these private companies to ensure the safety of their networks. Even experts like Richard Clark have said that regulation is not the right decision -- he argues that it inhibits innovation and lowers the bar for security across all industries.
Most industries and governments employ security experts who monitor their respective computer systems constantly. They are responsible for detecting probes and intrusions and reacting to them. Security experts like John Arquilla, an associate professor at the Naval Postgraduate School, and John Hamre, CEO and president of the Center for Strategic and International Studies, have said that a Pearl Harbor attack would probably not cause widespread destruction, in part because we've learned to detect and respond to attacks quickly [source: Frontline]. While an attack might still be successful, they say that the recovery period would be relatively short. Governments and companies should still try to seal any security holes they might have, but it's not likely that a massive attack could cripple major systems for a significant period of time. Other experts are less certain -- they caution that a well-organized assault could take us by surprise and hit enough systems to cause widespread economic damage.
While it might not be obvious to us in our every day life, there's no doubt that cyber warfare is going on right now between nations and factions around the world. So is cyberwar coming? It may already be underway.
To learn more about cyber warfare and other topics, try invading the links on the next page.