We have seen the future of war, and its name is Stuxnet.
When I was a kid, one of my favorite movies was a science fiction picture that proposed the idea that in the future, nations would no longer exist and war would no longer exist. The world would be controlled by a handful of international corporations. The controlling industrialists realized the folly of war with its destruction, its carnage, its irrelevance, and resorted instead to a particularly gruesome sport as a proxy for war itself: Rollerball. Primary cities each had their own teams and the teams would battle it out on the hardwood coliseum for supremacy. The movies tagline is: "In the not too distant future, wars will no longer exist. But there will be Rollerball." (Rollerball is like a cross between roller derby, hockey and motocross.)
The original version of the movie (1975) is a bit dated and contrived , but Rollerball does contemplate a future that, in retrospect now seems pretty plausible and a good security allegory.
The worst-case scenario of all-out nuclear war looks unlikely to occur due to a variety of reasons; not the least of which is the overwhelming destruction and the obvious repercussions on the instigator. What is much more likely based upon recent evidence is that States and private industry will increasingly engage in proxy fights through esoteric non-State actors. Numerous examples of these proxy fights exist which include cyber-warfare between entities where the target was obvious, but the attacker was not. In 2007, a three-week wave of massive cyber-attacks were aimed at the small Baltic country of Estonia, where Parliament, banks, and the media were targeted, allegedly by Russian hackers after the Estonians' removal of a Soviet war memorial in the center of the capital, Tallin. In late 2010, companies like Visa, MasterCard, PayPal and Amazon.com were also targets of coordinated distributed denial-of-service attacks, designed to force the websites offline or make them generally unavailable for business by hacker sympathizers of Julian Assange due to the websites' refusal to process payments to support the Wikileaks effort.
To best illustrate the premise that future conventional warfare for most of the advanced world will pose a lesser risk than it has historically, and will instead be replaced by pure cyber-warfare, consider the case of Stuxnet.
'Stuxnet' is a computer worm that was launched in July of last year with a destructive payload that had a defined target: Windows-based industrial systems. The worm was designed very specifically to attack only certain types of industrial systems; like the ones that run nuclear plants.. Unlike most viruses and malware, Stuxnet does little harm to computers and networks that don't meet the explicit configuration requirements of its code. Like a laser sight on a snipers rifle, fingerprinting technology allows Stuxnet to precisely identify the systems it infects The creator of this worm took great care to ensure that only the designated target(s) were hit. A tremendous and sophisticated effort was required to avoid collateral damage.
What was the intended target? It is difficult to say for sure, but this much is known: 60% of the infected computers worldwide were in Iran. It is surely not a coincidence that Stuxnet infected the systems at two nuclear power plants that were hurriedly trying to enrich uranium.
The complexity of the code and the use of multiple programming languages contemplates the idea that only a -State or collection of States accessing deep enough pockets and vast dedicated resources could have the collective skill to create and deploy such a focused cyber-weapon. Most of the blame falls on the U.S. or Israel, in particular, who would ostensibly have the most to gain by stopping or slowing the ability of the Iranians to get nuclear capability.
The supposition then is obvious: this cyber-weapon was created o do what conventional warfare and diplomacy could not by surreptitiously taking out enemy nuclear capabilities like a sniper in the night. Unlike the very public 2007 Israeli air force raid on a Syrian site that the Israelis claimed was a nuclear facility with a military purpose, the Stuxnet attack is a much lower profile attack. The message is no less ambiguous than a full frontal assault and the effect just as valuable. Coupled by the additional benefits of no human causalities, and no political fallout, cyber warfare appears to also be very, very cost effective.
From the limited test case of Stuxnet, we can easily extrapolate to an 1984-like world of cyber-warfare where instead of Oceania declaring war on Eurasia one week or Eastasia the following week, battles will instead be played out over DS3s, T1s and fiber optic networks. Rather than sending one million expensively armed soldiers to invade an enemy, one simple mouse click could deploy a worm or virus that will shut down power grids, water systems or wreck havoc on international financial systems.
It may not be roller derby, but either way, Stuxnet presages the future of warfare.
