Last week, in the first speech ever publicly delivered by the National Security Agency (NSA), Defense Secretary Chuck Hagel called for the "de-militarization" of cyber space. There certainly is precedent for such actions - military limits have previously been imposed on the Arctic Circle as well as outer space. And, of course, there are numerous examples of arms control treaties being used to prevent the spread of extraordinarily dangerous weapons and technologies such as chemical and biological weapons, nuclear non-proliferation treaties, and even ballistic missile technology.
The calls for limits on militarized cyber space certainly make sense, especially in light of the overwhelming amount of cyber attacks occurring at any given moment. Unfortunately, Secretary Hagel's aspirations are likely to be doomed by the tough realities of cyber attacks. Put simply, cyber weapons are just too easy to develop, much less procure from sources not affiliated with a particular country or its national security apparatus.
As I have previously noted, McAfee and others have done an excellent job of documenting the thriving black market for cyber weapons. The prices for malware and other malicious tools are so low, virtually anyone can afford to carry out a damaging cyber attack.
Of course if you want the cyber weapon to penetrate sophisticated defenses or have no traces of authorship, the cost will rise dramatically. Regardless, the militarization of cyber space at this point seems to be a foregone conclusion. The return on investment is too high and the ability of such weapons to level the international security playing field make it too tempting a tool to be adequately controlled.
Our efforts are likely better focused on drawing laws of cyber war, as well as making it clear that use of cyber weapons to attack America will be met with a digital and physical response as appropriate.
Follow Brian E. Finch on Twitter: www.twitter.com/BrianEFinch