IN MAY, a ransomware virus attacked computer systems in 150 countries and impacted more than 200,000 people. Experts say it was one of the largest cyberattacks ever. Is cyberwar the new frontier? And what do we make of the claim by Microsoft president Brad Smith that this virus piggybacked off a digital weapon developed by the United States? And then there’s Russia’s alleged interference with the 2016 U.S. presidential election. If there was an interception of the American people’s right to the democratic process in order to advance Russia’s own political agenda, what is a proper response?
John B. Sheldon, a professor of cybersecurity at the School of Advanced Air and Space Studies in Alabama, defined cyberwar as “war conducted in and from computers and the networks connecting them, waged by states or their proxies against other states.” Cyberwar is not to be confused, according to Sheldon, with online espionage, digital terrorism, or other forms of cybercrime. Not every cyberattack is part of a cyberwar, nor should it be treated as such. Online weapons are cheap to make and easy to deploy; they are also primarily anonymous. And the most effective way to bring cybercriminals to justice and restore security might well be civilian-controlled internet policing, not state-led responses.