Speaking of Kings of War and the British military, David Betz links to an interview with a flag officer that spans a length of topics. There’s plenty of interest, but several parts jump out at me.
First, the Chinese strategy text, Unrestricted Warfare:
And so, it goes back to cyber just being part of a broader concept of warfare—the Chinese idea of unrestricted warfare. It’s just another tool for governments to use. What I see is a blurring of the distinctions between war and peace and what is civilian and what is military.
There’s a lot of problems with UW that Joseph Fouche and Visions of Empire have diagnosed, but chief among them is the confusion of politics with war itself and the perennial problem of unrealistic expectations of bloodless victory. Additionally, many China-watchers posit that the book is not representative of mainstream Chinese strategic thought. It seems that the PLA itself doesn’t have much use for the book, in short.
There’s also an bit about cyberwar, or lack thereof:
I would start by rejecting the language of “cyberwar,” because it is actually war pursued in cyberspace. …I define cyber as having to do with networked computers, and cyberspace as an information-space created by networked computers. “Cyberspace” is a manmade construct, which itself sits within the environment of the electromagnetic spectrum. This environment is just another medium of delivery. It is similar in some ways to the land, air, and sea environments. The major difference is that cyberspace is not bounded by geography. So cyberwar, cybercrime, cyberterrorism, and cyberespionage are new—but only new insofar as they are new ways of waging war, crime, terrorism, or espionage.
While this is an interesting point, let’s take it a step further–most of what is called “cyberwar” is simply not. War involves organized human violence between states, empires, tribes, gangs, etc. Most of what we’ve seen in the cyber realm since the creation of what we understand as “cyberspace” has been crime, vandalism, espionage, or, in the case of Stuxnet, covert operations. I’ll quote at length from my blog on the subject:
Covert actions are sensitive and discreet but not invisible. It was patently obvious where the weapons and logistical training for the 1980s Afghan insurgents were coming from. A trained observer could spot the hand of the CIA and the KGB was present in many third-world coups. Large and complex activities–particularly those that bear on crucial foreign policy outcomes–are hard to disguise. While covert actions do not have to involve material damage or violence, they often do. Plausible deniability is more about making covert actions less blatant than hiding them altogether. The utility of state covert actions is to accomplish political objectives in a low-cost, low-liability manner. Operationally, covert actions balance their own objectives with the strategic concern of not showing enough of an obvious hand as to provoke a harsh response. Most covert actions fly under the threshold of what might be considered militarily provocative.
Much of what we see as state cyberwar is actually covert action. For example, Stuxnet–by disabling Iranian nuclear facilities–supported a policy objective shared by both regional and international states. Cyber as a medium is also ideally suited to covert action. The large-scale acquisition of civilian and military technologies in order to build a national-technical base is a type of covert action that–even if properly attributed–would not give latter-day Adlai Stevensons much to go on. States engage in espionage and covert action all the time. The scale of the action and its policy consequences is the issue, not the action itself. There are mountains and mountains of reports of state use of cyber for covert operations and espionage, but those states continue to launch attacks without much impediment.
We have yet to really see what real cyberwar is, and it is unlikely to be pretty. It will occur during organized warfare and–depending on the objectives–range from command and control warfare against military networks to strategic targeting of critical infrastructure and countervalue targets. As with anything else, the scale of the attack is governed by the objective and the means available.