The U.S./Israeli cyber attacks on Iran are an example of such an offensive. But they likely unleashed attacks on the digital homeland in response. "It is nearly impossible for us to really know cause and effect here, but there has definitely been an escalating pattern of attacks," Papadopoulos says.
The escalation of attacks against private-sector targets is extremely troubling, he says. "If the attacks keep escalating and happening with more frequency and against more private-sector companies, we are putting at risk the stability and security of cyber space."
Nations have been testing each other's armor for long time, more quietly than not, Lumension's Clawson. Knowing your opponents' weaknesses is an important part of any defensive strategy, he says. That drives some of the offensive actions. Stuxnet, for example, "is a heavy engineering exercise that crossed never-seen-before-boundaries ... malware that could do new things."
But such offensive tests can also help the governments attacked respond more effectively, Clawson says. "That massive engineering effort is now being reengineered against us." Martinez concurs: "In the case of Stuxnet, an offensive maneuver engendered an offensive cyber response." As another example, Clawson notes that the apparently Iranian attack on Saudi Aramco had elements of the allegedly Israeli/U.S. Flame in its architecture.
Breaking the cycle of attacks and counterattacksUltimately, the solution to the cycle of cyber violence must be political, Martinez notes. Such attacks "are symptoms of a larger problem that must be resolved between ideologies of two very different cultures and people. ... In some cyber incidents, it's about the perceived or maybe true imbalance between corrupt power and common people. Balancing between these parties, toward the best interest and security of the common people, is a difficult task."
Until the conflicts are resolved, "almost everyone becomes a victim of unintended consequences during war, even cyber war," Martinez says. "Cyber war may be digital, but it is still a form of war."
Because cyber conflict is relatively new, interested parties need to focus more energy and attention on developing international norms that will say what is acceptable behavior and what is not, advises Good Harbor's Papadopolous. That is crucial for maintaining a stable, secure, and trusted Internet, he says.
Although some experts are trying to apply international law to curtail cyber war, these efforts are advancing slowly, and each new attack and counterattack implicitly establishes norms about what is acceptable, he says.