“Modern warfare is evolving rapidly,” warned the introduction to the Obama administration’s 2014 Quadrennial Defense Review, “leading to increasingly contested battlespace in the air, sea, and space domains—as well as cyberspace.”
U.S. attempts to erect effective cyberdefenses are, however, facing significant challenges. This is due both to the nature of the threat, which can affect a vast array of critical networks with little or no warning, and to political dynamics in the United States. The Justice Department’s recent indictment of five Chinese People’s Liberation Army (PLA) officers accused of hacking U.S. companies is only the most recent sign that previous efforts to address cyberattacks, from China and elsewhere, have been insufficient.
The indictments focused specifically on commercial espionage, in keeping with the stated U.S. distinction between cyberspying carried out to gain an economic advantage, which the U.S. claims is illegitimate, compared with spying for national security purposes, which the U.S. acknowledges is a common practice for a number of countries. The Chinese reject this distinction. But the inability to fully protect U.S. networks has implications beyond the commercial sector, including the security of critical pieces of U.S. infrastructure like the power grid or air traffic control system.