Offensive weapons in cyberspace are less of a theoretical venture and have of late a tangible face to them. History may show that Stuxnet was the first offensive cyber volley cast in a military context, but we may learn there have been many more. As more commerce and political activity moves online, experts say it's reasonable to expect that military experts would look at cyberspace as a potential new theater for war.
Experts such as Bruce Schneier say a cyberwar arms race is escalating, much in the way nuclear arms build-ups characterized the U.S.-Soviet Cold War of the 1980s. Nuclear weapons were developed, Schneier said, because neither side knew or understood what the other was doing in this realm. Soon huge stockpiles of weapons were ready and waiting, and there was always the danger of accidental use. The same scenario could soon be true with offensive cyberweapons, where all sides have more capabilities than needed and little dialogue happens on the subject between affected parties.
In this exclusive video with SearchSecurity.com, Schneier also points out that the decisions about the development of cyberweapons are being made too far down the command chain, escalating the risk that a damaging worm, for example, would escape into the wild. And these attacks, he points out, wouldn't always be limited to a military context; you can't stop a criminal organization from developing and deploying similar malicious attacks over the Internet.
Policy makers in the U.S. need to have public dialogues on the matter in the legislation, and with other nations. While understanding that a treaty on the use of offensive cyberweapons may be unenforceable, Schneier says the value could be in just having the dialogue.