War has been with us throughout our history — and it will likely continue to be with us for some time. But will the ways in which we wage war change? Here's how the wars of the future could unfold.
Some of the next wave of weapons will also undoubtedly be focused on digital strikes not just physical ones, as cybersecurity journalist Kim Zetter explained to us today in a Q&A. We've already started to see the first of that wave, says Zetter:
Stuxnet was pretty sophisticated - it conducted a surgical strike against very precise systems and modified information going back to operators to make it appear that the systems it was sabotaging were working fine. I expect the next generation of weapons will follow along these lines but have additional capabilities — perhaps like polymorphic worms that can adapt to their environment once unleashed. Stuxnet, for example, could have been easily thwarted simply by changing the configuration on the systems it targeted. Because it was a precision weapon targeting one configuration, changing that configuration would have required the attackers to re-engineer their attack code. But what if there are weapons that can learn on the fly, recognizing when changes occur and adapt to those changes? I also expect better ways of controlling the attack code to prevent researchers and victims from taking the weapons apart and determining what they're designed to do. Stuxnet's code was encrypted, but the keys for decrypting it were contained within the code, making it easier for researchers to reverse-engineer it. I expect attackers to better harden their weapons against this by creating decryption keys that are independent of the weapon — that is, that are based on information contained in the targeted system. We already saw something like this with Gauss, an espionage tool that targeted banks in Lebanon. The code was so well encrypted that researchers still have not been able to unlock parts of it. The only way to decrypt it was through an elaborate process that involved information on the machines that Gauss attacked. Gauss was discovered in 2012 but researchers at Kaspersky Lab who uncovered the code are still stymied by it as a result of the encryption.
So will cyberweapons come to replace the world's current stockpiles? Perhaps, but, as Zetter explains, the more likely event is not that digital battlefields will come to replace our physical ones, but that cyber attacks will be used in combination with conventional ones:
Most of the experts I've spoken with think we will never have all-out cyberwarfare. What we'll likely see are cyber skirmishes conducted in conjunction with a conventional attack — that is, cyber attacks that take out radar and communication systems or that sabotage computerized missile and other weapon systems to alter the aim of a weapon or make it malfunction in some other way.
They also say that we're unlikely to have real cyberwarfare because the parties that have the ability to conduct such attacks don't have the will — China, for example, is often cited as a threat against our financial networks, but its economy relies on ours too heavily to gain from an all-out attack against financial networks — and the parties that have the will (terrorist groups, for example) don't necessarily have the capability (yet).
It won't be long, however, before the latter groups do acquire the capability — probably through mercenary hackers. So we will see attacks, but whether they will occur at the level that conventional warfare occurs is unlikely. Taking systems down is easier than keeping them down. Computer networks can recover faster than conventional war targets. That is, unless the aim is to physically destroy equipment, as Stuxnet did.
You can read the full Q&A right here.