Unlike nuclear weapons, there is no clear protocol for when cyberwarfare should be used, or how to respond to an attack
In almost every classified Pentagon scenario for how a future confrontation with Russia and China, even Iran and North Korea, might play out, the adversary’s first strike against the United States would include a cyber barrage aimed at civilians. It would fry power grids, stop trains, silence cellphones and overwhelm the internet. In the worst-case scenarios, food and water would begin to run out; hospitals would turn people away. Separated from their electronics, and thus their connections, Americans would panic, or turn against one another.
The Pentagon is planning for this scenario because it knows many of its own war plans open with similarly paralyzing cyber-attacks against our adversaries, reflecting new strategies to try to win wars before a shot is fired. Glimpses of what this would look like have leaked out in recent years, partly thanks to Edward JSnowden, partly because a mysterious group called the Shadow Brokers – suspected of close links to Russian intelligence – obtained terabytes of data containing many of the “tools” that the National Security Agency used to breach foreign computer networks. It didn’t take long for some of those stolen cyberweapons to be shot back at America and its allies, in attacks whose bizarre-sounding names, like WannaCry, suddenly appeared in the headlines every week.
There is still little agreement on whether and when cyberstrikes constitute an act of war, an act of terrorism, mere espionage, or cyber-enabled vandalism
Link : The age of cyberwar is here. Now, citizens need to have a say | David Sanger