The rise of iWar
New word of the month is ‘iWar’, conjured up by Johnny Ryan of Dublin’s Institute of European Affairs in an article in Open Democracy. It describes “attacks carried out over the internet that target the consumer internet infrastructure”.
Ryan makes a distinction between iWar and language such as ‘cyberwar’, which refers to attacks on electronic networks. Ryan started to think about this distinction as a result of the ‘denial of service’ attacks on Estonia last year, which I blogged about at the time.
“In essence, iWar is to cyberwar what an iPod is to the Vienna State Opera: small, convenient and cheap. The small “i” indicates its common pedigree with the gizmos and devices that symbolise the new generation of tech-empowered individuals.”
The trends underpinning iWar are fairly obvious: the growth of the internet, the empowerment of individuals, and the decreasing ability of governments to regulate communications infrastructure.
Ryan identifies five factors which make iWar conflagrations more likely in the near future:
- iWar effectively reduces the level of skill and technology needed to attack. Comparison: “Matchlock troops could be trained in a matter of weeks, compared to the lifetime of training required to produce effective longbow men.”.
- iWar breaks the relationship between cost and effort that used to discourage attacks on geographically distant targets. (It may have much less impact on its target than a long-range bomber, but the Stealth bomber costs $2.1 billion a time. iWar, in contrast can be used injudiciously).
- Because of the low cost and the increasingly ubiqitous technology, it will spread quickly across the globe.
- It appears to be deniable and difficult to punish. It’s still unclear whether Russia co-ordinated the attacks on Estonia or whether they were the work of a group of like-minded militant hackers.
- The impact of iWar attacks will increase as the internet becomes increasingly important in daily (and economic and political) life – which of course (although Ryan doesn’t spell it out) means that the incentive for attacks will also increase.
His blog is here, for people interested in online regulation and security.