Exactly two decades ago, the RAND Corporation, an influential think tank, proclaimed that“cyber-
war is coming!" In 2005, the US Air Force declared it would now "fly, fight, and win in cyberspace".
The future of war would surely play out in that fifth domain, on top of land, sea, air and space. Dark
warnings of“Cyber Pearl Harbor" soon became a staple of Washington discourse.
What would an act of cyberwar look like? History suggests three features. To count as an armed at-
tack, a computer breach would need to be violent. If it can't hurt or kill, it can't be war. An act of cy-
berwar would also need to be instrumental. In a military confrontation, one party generally uses force to
compel the other party to do something they would otherwise not do. Finally, it would need to be politi-
cal, in the sense that one opponent says, "If you don't do X, we'll strike you. " That's the gist of two
centuries of strategic thought.
No past cyberattack meets these criteria* Very few meet even a single one. Never has a human been
injured or hurt as an immediate consequence of a cyberattack Never did a state coerce another state by
cyberattack. Very rarely did state-sponsored offenders take credit for an attack. So if we're talking about
war-the real thing, not a metaphor, as in the "war on drugs"-then cyberwar has never happened in the
past, is not taking place at present, and seems unlikely in the future.
That is not to say that cyberattacks do not happen A computer breach could cause an electricity
blackout or interrupt a' city's water supply, although that also has never happened If that isn't war,
what is it? Such attacks are better understood as sabotage.
Code-borne sabotage is a real risk. Industrial control systems run all sorts of things that move fast
and can burn: trains, gas pipelines, civilian aircraft, etc. Many of these are highly susceptible to brea-
ches, and information about system vulnerabilities is easily available. Even so, the number of violent
computer-sabotage attacks against Western targets is zero, because causing havoc through weaponised
code is harder than it looks. Target intelligence is needed. Control systems are often configured for spe-
cific tasks, limiting the possibility of generic attacks. Even if they happened, such attacks may not con-
stitute a use of force.
The concept of cyberwar is rmsleading. Closer examination of the facts reveals that what is happen-
ing is the opposite of war: computer breaches are less violent than old-style attacks. Violent sabotage is
harder if it is done through computers, while norrviolent sabotage is now easier and is happening more of-
ten: crashing websites, deleting files and so on.
The armed forces need to stay focused on fighting and winning the real wars of the future. That's
hard enough. Let us not militarise the struggle for the free and liberal internet today.
6. It can be learned from the first paragraph that_____．
[A] the RAND Corporation made a correct prediction about cyberwar
[B] the US Air Force cracked down the RAND Corporation
[C] widespread warnings about cyberwar brought gloominess
[D] the US government is gearing up for cyber combat
9． According to Paragraph 5, industrial control systems_____．
[A] are highly vulnerable to cyberattacks
[B] never incurred cyberattacks before
[C] survive generic cyberattacks through weaponised code
[D] guard against cyberwar by the use of armed force