Our long dead Prussian friend understood that tactics change with time and technology, and that strategies remain similar even if the metaphors change. When he tells us that strength of will is more to make a change in strategy versus tactics) p. 178) he recognizes that which is the parasitic force of decision. He identifies in one paragraph they “why” of how cyber warfare has existed and been known for nearly four decades yet has no mind share among generals. Only recently has the public picked up on the issues and the media reported incidents closely aligned with cyber warfare.
The issue with the current milieu of cyber warfare is identified when Clausewitz informs us that possible engagement s are to be regarded as real ones because of their consequences (p. 181) yet military leaders continue to ignore those risks. Consider that the most media reporting is on the denial of service of web services and considered to be cyber warfare. Yet that ignores the entirety of the Internet and the gateways to other technologies defined by the military as the global information grid (GIG). The risk is that for those who ignore a new strategy they will have to defend against it (p. 182) The totality of cyber warfare is much larger than a single battlefield and strategy must consider that. Clausewitz did not know of the GIG but his idea of strategy allows for the existence of it.
The moral virtues (p. 187) cannot be ignored. Whether bravery, concern, perfidy, or willingness the detachment from perceived physical harm creates a new morale dilemma for commanders. There though is an entire difference between the citizen and soldier as much as there will be between the “hacker” and the soldier. Professionalism in service is a requirement of the nation-state as much as the egalitarian inquisitiveness of the individual is needed. Hackers are not soldiers and neither should they be, and soldiers are not hackers nor should they. In some ways I take a paternalistic view of what I call hackers. More than cyber criminals the intelligence and drive of open thinking found in the hacker legions are at consistent odds to the military virtues alliterated by Clausewitz (p. 187). The citizen and the soldier are not the same man.
Of the characteristics the defender and the attacker in cyber warfare will find so needed is perseverance (p. 193). Where the defender must always be successful we find that the attacker need only be successful once. Clausewitz, discuses this concept in his idea of superiority of numbers (p. 194). In this maelstrom of asymmetric attack is the epitome of anti-attrition. Yielding any space is catastrophic and where strength and stamina may hold sway it is actually perseverance that should be considered the primacy of the cyber battlefield.
Of course, the appearance of “surprise” (p. 199) should not be to those who study cyber warfare. There is a certain amount of maturity that occurs through the study of cyber conflict. The beginner sees that it is of risk, then danger, and then imminent threat. The journeyman reflects on the continuing risk and the asymmetric nature realizing the dangers while always finding new elements. The master of cyber warfare can perceive that there is a distinct pattern of conflict and that the patterns of conflict have existed for a long time. To the beginner surprise is always new and to the master there is only a continuation of conflict following patterns long set in the human soul. Surprise is the period of peace in an asymmetric landscape categorized by attacks saturating the mind with numbers and values of truly epic proportion.
Consider the current strategy of the cyber planners for the United States. They are concentrating connectivity to the Internet to as few portals as possible as a concentration of force (p. 204). This has merit according to Clausewitz but in a world where control of access is no longer possible it makes no sense. The castle with walls was superseded first by the trebuchet then by the cannon. Now we see the advent of air power and distribution of troops is becoming a winning strategy. Similarly cunning is a unification of forces in time (p. 205) is becoming less of a defensive strategy but nicely describes the concept of a denial of service attack. As Clausewitz says it is good to be very strong (p.204).