Anxious Americans are talking about the massive infiltration of critical government computer networks and some powerful senators are calling it an act of war. As serious as the mysterious breach may be, it’s considered an “espionage” situation.
World class espionage
The hack attack on Uncle Sam’s computer network was a sneaky act of state-level Spy vs Spy madness. It has Senator Dick Durbin livid. His face turned purple when he called the infiltration “virtually a declaration of war.”
That was seconded by Senator Marco Rubio, who asserts “America must retaliate, and not just with sanctions.” Actually, the cybersecurity and legal fact checkers note, under international law, it’s really an “act of espionage.” Those who never sat through law school tend to throw terms around interchangeably, but it matters.
In order to fully qualify as an act of war, there has to be some significant damage. “Warfare implies violence, death and destruction,” law professor Duncan Hollis explains. He happens to specialize in cybersecurity at Temple University.
His associate Benjamin Friedman, a policy director at the think tank Defense Priorities agrees and adds, “simply stealing information, as much as we don’t like it, is not an act of war. It is espionage.”
According to the book they use at the Pentagon, the Department of Defense law of war manual, some cyber operations can be considered an act of war. Some examples it lists are a hack which was able to “trigger a nuclear plant meltdown,” or “open a dam above a populated area, causing destruction.”
A penetration of the air traffic control system which caused a plane crash would be another. This breach has been costly in terms of information piracy but hasn’t gone above the espionage level.
Lots of countries spy
Highly professional and well financed intruders managed to hijack software produced and managed by Texas based SolarWinds Corp. The criminals injected malicious code into the patches which SolarWinds regularly provided to customers, ironically meant to keep them safe from attack.
For a period of “months” the spies were able to tiptoe through the data banks of “private companies, think tanks, and government agencies,” Reuters reports. Experts aren’t sure of the extent of any withdrawals from those classified information storage banks. The espionage is confirmed to have compromised email and “other data within several U.S. government agencies.”
Some of the crucial government departments hit by the espionage are the Commerce Department, Treasury Department, and Department of Energy, which is the one responsible for America’s nuclear stockpile.
An Energy Department spokeswoman assures the public that the malware had been “isolated to business networks only” and had not impacted U.S. national security.
The DOD manual spells out that the “United States cannot use force to respond to a cyber operation that is not itself an act of force.”
What we can do is respond with measures like as a diplomatic protest, an economic embargo, or other acts of non-violent retaliation. “We know that lots of countries engage in espionage, and we don’t bomb them in response,” said Friedman.