If you read articles lately, you know that there has been a substantial uptick in talk about cyberattacks, with an increased use of the term "cyber war." Some individuals are talking about the need for a counter-attack as a result of the OPM breach. Others have pointed to the Sony attack in 2014 as an act of cyber war. These calls have many asking what constitutes an act of cyber war – where is the line? That is a fair question, but most of those that are posing that question will not like the answer.
For a few years now, we have known that DoD has concluded that computer sabotage conducted by another country can constitute an act of war. Earlier this year, Defense Secretary Ash Carter told the Senate Armed Services Committee that an act of cyber war is defined as a cyberattack targeting critical infrastructure, the economy or U.S. military operations.
Carter said cyber should be treated like any other domain such as land, sea or air. "Whether a particular attack is considered an act of war, in or out of cyberspace, requires a determination on a case-by-case and fact-specific basis," he said.
There are those who find this definition too broad. However, given the expansiveness of this domain and threat, as well as the complexity of the issue, it seems appropriate — at least for now. One issue that the ambiguity creates is that cyber attackers seem to push and try to get as close to the line (so to speak) as possible. That is very dangerous as it is only a matter of time until they inadvertently cross it. The implications of such an act are not yet known, but they would be severe for sure.