the opponent’s command systems was a central thesis of Heinz Guderian, a pioneer of Blitzkrieg. No surprise that he began his career as a signals officer, nor that he played a major role in the swift victory over France in 1940, which, as Karl-Heinz Frieser has observed, “caused outdated doctrines to collapse; the nature of war was revolutionized.”19 Bitskrieg, too, will likely one day cause the collapse of outdated doctrines.
Bitskrieg is also similar to its World War II-era predecessor in terms of its emphasis on, and capability for, waging political warfare. For another element of Blitzkrieg doctrine was the employment of propaganda and subversion to prepare for invasion by field forces. This practice, too, had origins in Spain’s Civil War, as fascist General Emilio Mola, whose troops were closing in on Madrid from four directions, said that his advance was aided by a covert, subversive “fifth column.”
The early German annexations of Austria and Czechoslovakia benefited tremendously from such fifth-columnist actions, as was also the case in the 1940 invasion of Norway – a daring operation whose success, in part, was due to the activities of Vidkun Quisling and other Nazi collaborators. Their effects were so substantial that, as William L. Shirer noted, the capital Oslo “fell to little more than a phantom German force dropped from the air at the local, undefended airport.” And at strategically important Narvik, the initial defending force “surrendered to the Germans without firing a shot.”20 An Anglo-French force landed at Narvik later – too late, despite much hard fighting, to overturn the final result of this campaign.
In our time, we have the example of a “virtual fifth column” employed to great effect by the Russians, disrupting the Ukrainian ability to resist aggression in, and annexation of, the Crimea. At the same time, a parallel fifth column was used to spread propaganda justifying this invasion to the wider world. This approach, which included a “people’s plebiscite” – a tactic employed by the Nazis – helped to ensure that the Russian take-over would be bloodless, allowed to consolidate with neither effective internal resistance by the Ukrainian government nor international military counter-intervention. In this instance, the Russian fait accompli froze the principal Western guarantors of Ukrainian territorial integrity – per the terms of the 1994 Budapest Memorandum on Security Assurances: Britain, the United States, and France – into almost complete inaction.
But cyber-based political warfare can do far more than just provide support for invasions; it can also be used, as the Russians have done, to foment unrest and chaos in the United States and other open societies that are inherently vulnerable to the dissemination of lies cloaked as truth. Yet political warfare is not only suited to undermining democracies; it can also attack authoritarian and totalitarian rulers. In the 1980s, for example, prior to when the Internet began its rapid growth, President Ronald Reagan pursued an information strategy via radio and direct-broadcast satellite that put pressure on the Soviet Union and its control of Eastern Europe. Indeed, the argument has been advanced that his initiative played a significant role in the peaceful end of the Cold War and dissolution of the Soviet Union.21 Today, cyberspace-based connectivity provides even greater opportunities for striking at dictators. Social media links billions of people, a significant slice of whom live under controlling regimes. Authoritarians are aware of this, and mount efforts to monitor – sometimes to close down – access to such media. They may succeed – for a while. But advancing technology continues a major trend toward broader, easier connectivity, making it ever harder to control access. If past is prologue, even the harshest control efforts will ultimately fail. During the Second World War, John Steinbeck’s The Moon is Down, a novel of resistance, made its way in bootleg translations to virtually every occupied country, inspiring opposition to Nazi rule.22 Information diffusion today is much easier; its effects are likely to be at least as powerful and widespread. Probably much more so, for the classic theme of active resistance resonates in and from the virtual realm in ways that mobilize “the real world” – evinced in recent decades by the “color revolutions” and the Arab Spring.
Back in World War II, physical resistance featured widely varied acts of sabotage against the Nazis’ transport, communications, and arms manufacturing infrastructures – despite often quite terrible reprisals being inflicted upon innocent civilians. Perhaps the most important of the sabotage campaigns was that mounted by Norwegian resistance fighters who prevented shipping of heavy-water supplies – essential to the Nazi nuclear program – from Norway to Germany. One of the key leaders of the Nazi effort to build an atomic bomb, the physicist Kurt Diebner, confirmed that “It was the elimination of German heavy-water production in Norway that was the main factor in our failure to achieve a self-sustaining atomic reactor before the war ended.”23 Inspiring messages, conjuring visions like the one crafted in Steinbeck’s The Moon Is Down, provided informational support that helped to catalyze and sustain such heroic acts of resistance. This was despite the strict controls the Nazis imposed on communications.
Today, it is very difficult to prevent information flows, in a sustained and leakproof way, from reaching mass publics. And the same technologies that allow for “information blockades” to be evaded offer up many opportunities for engaging in active resistance as well. Thus, sabotage using explosives – still quite an available option – can now be augmented by acts of virtual disruption in the form of what I call “cybotage.” Beyond the usual denial-of-service attacks, the worms, and varieties of malicious software designed to disrupt information flows and functions, or to corrupt databases, it is also increasingly possible to employ bits and bytes that cause physical damage to important equipment. The watershed example of this kind of cybotage was the Stuxnet worm that attacked the system running Iranian centrifuges, forcing them to spin themselves at such a high rate that it led to their self-destruction. As General Michael Hayden, the former head of the National Security Agency and the Central Intelligence Agency, put the matter, “Previous cyberattacks had effects limited to other computers . . . This is the first attack of a major nature in which a cyberattack was used to effect physical destruction.”24 In a way, the Stuxnet operation – widely assumed to have been conceived by the United States and Israel – was like the Norwegian commando attacks on German heavy-water facilities and supplies during World War II: both actions were aimed at slowing the progress of nascent nuclear programs.
Stuxnet destroyed those centrifuges in 2010 – though it was most likely implanted into the Iranian system years earlier, lying in wait, activated at a moment when it brought the blessing of time for negotiations in a burgeoning proliferation crisis. A preliminary arms control agreement was reached in 2013, and formalized as the “Joint Comprehensive Plan of Action” in 2015. It was adhered to until the United States withdrew from the agreement in 2018. The Iranians openly broke the terms of the agreement in 2019. But long before this break, in 2012, Tehran and/or Iranian-aligned hackers demonstrated a capacity for retaliatory cybotage, too. Shamoon, a virus that attacked the master boot records – key to mass storage and computer function – erased and irremediably overwrote key data on more than 30,000 PCs of the oil firm Saudi Aramco. A similar attack was launched soon after against the Qataris, further contributing to widespread concern about the vulnerability of a key aspect of the global oil industry to cybotage.25 Needless to say, the Iranians have denied any involvement in Shamoon – much as the United States and Israel have never acknowledged any role in Stuxnet. The covert and clandestine aspect of cyberwar relies on veils of anonymity and deniability, for real, “smoking gun” evidence of actual involvement or perpetration would likely lead to escalation – perhaps even to a shooting war.
As to Stuxnet itself, even though it was carefully inserted into an Iranian system and designed for a very specific target – the programmable logic controls on particular Siemens equipment – its properties gave it a broader functionality across a range of SCADA systems. And when the worm leaked “into the wild,” perhaps spread by a technician who picked it up inadvertently (or not) on a flash drive, Stuxnet variants began to turn up. In 2011, Duqu emerged. Intended for intrusion and intelligence-gathering, it had Stuxnet-style attack properties as well. The following year, yet another variant debuted, Flame, which apparently attacked the Iranian oil industry. More recently, Triton appeared in 2017, and very quickly demonstrated
