What Would Cyber-War With Syria Look Like?

The Spanish Civil War provides a lesson on what conflict with Syria could look like.

By SHARE
WideModern_security_130912.jpg
In this March 8, 2012 photo, Norwich University student Adam Marenna, of Belair, Md., works on computers in Northfield, Vt. Deep in the bowels of a building on the campus of the nation’s oldest private military academy, students from across the globe are being taught to fight the war of the future. In a six-week seminar nearing its end, students take turns building and defending computer networks, attacking one or monitoring the operation. The technical training is only a part of the skills needed to protect computer networks from probes that could allow an attacker full access to a target computer.

In a recent discussion on Syria, Lebanese journalist Hisham Melhem alluded to the Spanish Civil War (1936–1939), saying, "Syria is going to be the Spain of the Arab World." That historical analogy was intended to highlight the internationalization of the conflict. In the 1930s, Spain was seen as a proxy battleground where communism clashed with fascism openly for the first time. In Syria today, many analysts see the civil war as a substitute conflict for an inner-Islamic power struggle between Shia and Sunni Muslims, with Saudi Arabia and Iran in opposing camps.

The Spanish Civil War, however, was also testing ground for modern weaponry and new methods of warfare. In the late 1930s, with its "Legion Condor," Nazi Germany was especially keen to test the burgeoning concept of air war to derive practical lessons for future conflicts. Germany, fighting on the side of Francisco Franco, supplied around 16,000 men and almost 100 planes to the fascist cause and played a key role in defeating anti-fascist republican forces.

Today, keeping with the Spain analogy, Syria could be seen as the testing grounds for cyber-war should President Obama decide to launch cyber-strikes as part of a military campaign against the Assad regime. Cyber-war in the 21st century, like air war in the 1930s, is a new concept, which is minimally understood outside small groups of cybersecurity experts and defense analysts.

[See a collection of political cartoons on Syria.]

Even among this select group of insiders, opinions on the revolutionary character of this new form of warfare and its effectiveness vacillate substantially. The reason for this is quite simple: Like air power theorists in the 1930s, large numbers of cyber-weapons have yet to be used in a real conflict, which is ultimately the true test of any weapon's effectiveness. Most analyses – even with those compiled with highly classified information – are a guessing game at best.

While it is true that the Spanish conflict proved a testing ground for the famed German "Blitzkrieg" tactics and provided German Luftwaffe pilots valuable combat experience, the German general staff drew some fatally flawed conclusions on the overall effectiveness of air war and its ultimate role in the next conflict. The experience in Spain made high-ranking officers of the Luftwaffe – notably the influential Wolfram Freiherr von Richthofen, who served as Chief of Staff to the commander of the "Legion Condor," Hugo Sperrle – dismiss the doctrine of strategic bombing. Other influential Luftwaffe officers supported Von Richthofen, such as Ernst Udet, a World War I fighter ace and director of research and development of the Luftwaffe in the late 1930s.

The reason for the dismissal of the strategic bombing doctrine was based on Giulio Douhet's book, "The Command of the Air," in which he outlines the need to destroy the enemy's cities and industrial capacity to break the inevitable deadlock of trench warfare, which he thought would be the inevitable characteristic of modern warfare. In Spain, however, the frontlines were fluid, and there was little heavy industry. In addition, there were no strategically important production centers to destroy. The lack of a strategic bombing force contributed to the Luftwaffe's defeat during the Battle of Britain in 1940.

[See a collection of political cartoons on defense spending.]

While the consequences for today's cyber-warfare theorists may not be as dire, the Spanish Civil War analogy should serve as a cautionary tale. Syria has its own peculiar characteristics regarding critical information infrastructure, which may tempt commentators to draw wrong conclusions. Most importantly, Syria's critical information infrastructure is fairly centralized, creating various single points of failures, making it easier to achieve massive disruptions through cyber attacks.

Syria is connected to the World Wide Web via three undersea cables and a terrestrial line via Turkey; however, the digital gateway to the country is centrally controlled by the state-owned Syrian Telecommunications Establishment, which makes it much easier to cut off connectivity. Consequently, the impact of a cyber-weapon launched against the STE with the aim of knocking Syria offline will proportionally have bigger net effects on Syria than similar attacks on a country with a more decentralized critical information infrastructure.

The same is true for the Syrian power grid. According to Jeffrey Carr, it is a small grid with only about 14 power-generating stations, all of which use foreign vendors, providing easy access points for foreign cyber warriors. Syria also receives most of its electricity from a single source – Iran. Both factors combined make the successful targeting of a select number of industrial control systems to cut off electricity simpler.

[See a collection of political cartoons on Iran.]

Other factors may also distort the picture. After more than two years of civil war, much of the country's critical information infrastructure has been destroyed or severely damaged (estimates vary widely), which will make it hard to assess the level of damage and impact caused by cyber-weapons. Besides, Syria does not have a strong homegrown IT-community, nor from what we know through open source information, does it possess advanced cyber-weaponry or cyber-warriors akin to those employed by the U.S. Cyber Command. In all likelihood, its cyber-countermeasures would be less effective.

All of these factors make any lessons drawn from cyber-war in Syria for future conflicts somewhat complicated if not unreliable. Perhaps a school of thought will emerge, which will favor the concept of strategic cyber-strikes over kinetic attacks, based on the lessons from Syria, thereby shifting precious resources in times of budget austerity.

What is more important to understand, however, is that any new weapon or method of warfare must undergo a severe testing phase at the beginning with opposing camps hyping or dismissing the change that this new asset will initiate. As always, the truth will fall somewhere in between.

Franz-Stefan Gady is a writer for the Foreign Policy Association and a senior fellow at the EastWest Institute, where he was a program associate and founding member of the Worldwide Cybersecurity Initiative. You can follow him on Twitter @HoansSolo.

  • Read Heather Hurlburt: 3 Reasons Syria's Chemical Weapons Treaty Move Is a Win for the U.S.
  • Read Andrew Natsios: Without Military Force, Obama's Syria Diplomacy Is Doomed to Fail
  • Check out U.S. News Weekly, now available on iPad