David E. Sanger. The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age. New York: Broadway Books, 2019. xix + 378 pp. $17.00 (paper), ISBN 978-0-451-49790-1.
Reviewed by Kurt Skarstedt (Air University)
Published on H-War (December, 2019)
Commissioned by Margaret Sankey (Air University)
Rapid advancements in technology are changing how societies live and interact with the world. The modernization that brings efficiencies to infrastructure also provides access to anyone with talent in system exploitation. The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age, by David E. Sanger, is a modern history detailing the rise of cyber warfare. Using interviews, press conferences, newsworthy events, and investigative journalism, Sanger pieces together decisions that form the larger picture of state-sponsored cyber forces infiltrating global industries and vulnerable networks. The prize is control of the information and systems that govern the modern way of life.
Sanger is a national security correspondent and Pulitzer Prize-winning senior writer for the New York Times. He also teaches national security policy at Harvard University’s Kennedy School of Government and is a New York Times best-selling author. As an investigative reporter for one of the country’s leading publications, Sanger has access to technology experts, diplomats, commercial executives, agency directors, Pentagon officials, foreign ministers, US senators, and US presidents. In The Perfect Weapon, Sanger combines thirty-six years of investigative journalism experience with a behind-the-scenes narrative that walks the reader through compelling evidence. This builds the case for the who, how, and why of cyber events that have national security ramifications.
The Perfect Weapon begins with the 2015 cyberattack on Ukraine. The director of the US National Cyber Security and Communications Integration Center watches as well-coordinated hackers systematically disable Ukraine’s power grids. The grid’s technicians were powerless as their computers disconnected switches and erased essential backup systems. In the end, they were left sitting in the dark, cursing at blank computer screens. Even though the United States was not the target, the implications are terrifying as a nightmare was given life; Russia demonstrated the physical capability to turn off its enemy at will and has already infiltrated several US power plants. The hard truth is it would take months for American intelligence agencies to attribute any attack. Even worse, Russia proved there could be no way of knowing in real time who was attacking and against whom to retaliate.
Sanger, after grabbing the reader’s attention, transitions to an earlier retelling of the US-Israeli effort to prevent Iran from developing nuclear weapons. A computer virus, later known as Stuxnet, destroyed over a thousand centrifuges in Iran. The attack was a tremendous short-term success leaving Iranian engineers baffled as to what went wrong. In the long run, it was the original sin, providing motivation for the Iranians to increase their efforts while demonstrating the seductive power of achieving physical effects with minimal risk of being identified. Sanger makes a clever metaphor of the US policy on nuclear weapons. The US failed to set international standards when first developing nuclear capabilities. Just like the Russians claimed to have developed a nuclear program to counter US threats, Iran now had the perfect excuse to develop a formal cyber force to counter the growing US Cyber Command threat.
The story continues with the rushed creation of dedicated cyber forces and their involvement in questionable operations later exposed by rogue contractors. The reader learns of the rise of the Chinese and their “patriotic hackers” who stole everything from seventy million US government personnel records to the blueprints of half the pipeline network in the Western Hemisphere (p. 2). North Korea developed rapidly into a premier threat capable of funding long-range rocket research with funds stolen during cyberattacks on international banking systems. Russia also presents a threat as its already capable cyber force stole the very weapons US agencies developed and has unleashed them on its neighbors to great effect. The lessons Russia learns will undoubtedly be applied in an attack on the United States should confrontations escalate. The book also covers global industries evolving as CEOs struggle with the reality that their most valuable commodities provide significant vulnerabilities. Government pressure for access to client information drives a wedge further between commercial giants and security agencies, and companies choose to protect their international clients rather than further US interests. Sanger concludes with the warning that the Russians are already manipulating US elections with multifaceted attacks that use everything from social media to weaknesses in the voting systems.
The Perfect Weapon provides an entry-level education to those uninitiated in the shadowy world of cyber warfare. Sanger uses historical examples to illustrate the need for pursuit of international norms in the cyber domain. The US government is apprehensive of public discourse, because it might reveal secret capabilities or require the US to surrender an advantage. However, atomic weapons demonstrate that deterrence works best when everyone knows their adversary can unleash that level of destruction. Deterrence is also more stable when leadership is confident in their ability to use their weapons. Conducting cyber operations in secrecy defeats both awareness and confidence, undermining deterrence. The US is developing vulnerabilities faster than it can address them. Sanger proves it is in the country’s interest to develop international norms regarding the use of cyberattacks and targeting civilian infrastructure.
I would recommend this book to anyone looking to gain an understanding of cyber conflict in the modern era, any professionals trying to expand their theoretical understanding of deterrence, and those seeking public office. Networks of all flavors permeate every facet of our lives, and the government cannot possibly protect every device. Encrypting personal files, recognizing phishing campaigns, and protecting networks with passwords need to become as second nature to society as shredding credit card statements and locking car doors. Sanger leaves the reader with a reminder that these technologies were built to enrich lives not plunge enemies into darkness. It is not too late; the situation is not out of control if people work to manage it.
If there is additional discussion of this review, you may access it through the network, at: https://networks.h-net.org/h-war.
Kurt Skarstedt. Review of Sanger, David E., The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age.
H-War, H-Net Reviews.
|This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License.|