Crash! How Future War Would Start

DS is pleased to reproduce Julian Lindley-French’s latest article:

“When do you decide you want to bomb an adversary’s electrical company? It’s the same answer for when you would launch a cyber-attack on their electricity sector – it is just a question of how you do it”.

Buky Carmeli, former Director, Israeli National Cyber Security Authority, August 2018




Alphen, Netherlands. 29 August. Buky Carmeli, former Director of the Israeli National Cyber Security Authority, has called for “…a strategic paradigm shift in thinking about cyber operations” in order to place them squarely at the centre of deterrence and defence. He also warned about the growing danger from a “cyber doomsday weapon”.  His message mirrors what Generals Allen and Breedlove, Admiral Zambellas and I called for in our recent paper Future War NATO in which we suggested threat must be seen as a continuum across a new spectrum of violent escalation from hybrid war to hyper war (including space war) via cyber war.


Imagine this. 0812 hours the electricity grid crashes. A few minutes later internet and phone systems – fixed and mobile – also crash. At first people are bemused, almost resigned, but confident that in a short time their lives will be restored to normalcy. As time passes and nothing happens bemusement becomes concern. They search their FM and AM radios for news, but nothing. A day passes and they have neither news nor power.  Just in time delivery systems of food and medical supplies fail, still no news.  With fridges down people consume much of the food they have bought before it goes rotten.  Questions are asked as neighbours begin to talk to each other. What is happening?  Is there any news? Panic begins to seep into their consciousness and in the absence of information rumours abound. With citizens isolated from the state and from each other authority, order and control begins to steadily collapse.  Slowly, word spreads of cyber-attacks and sabotage across the country and still no news from government.


Fantasy?  At 0812 hours my house and much of the surrounding region lost power. The internet and phone systems crashed along with much of the road and rail network. Power was restored at 0917 hours, which was impressive given the size of the outage but worrying also in that the cause was failure in one high-tension wire and an entire region of the country lost power. For sixty-five minutes my wife and I were completely isolated – no phone, no internet, no information. In a real national emergency sirens would have blared out their sombre call to crisis. What crisis? What to do? What action to take? To whom to speak and how?


Double Dutch defence?


When power goes down in the Netherlands it is often whole swathes of the country that is effectively taken out.  Yes, the Dutch, like many European states are very good at talking about security. For example, the impressive Hague Security Delta is a leading security cluster that involves all leading stakeholders engaged in assuring societal security and stability.  And yet, what happened here reveals that for all the talk the country’s critical infrastructure and by extension society is extremely vulnerable to mass disruption.  Worse, talking a lot about such threats seems to be fast becoming part of the problem.  For politicians ‘threat’ remains far too abstract, as if simply funding research is a form of defence in its own right and thus a way of delaying doing anything much about it. New concepts are developed, such as hybrid war, cyber war and hyper war (yes, guilty as charged) and people like me talk sagely and not-so-sagely about what needs to be done to make society more ‘robust’ and ‘resilient’ in the face of emerging threats. It is not enough.


This weekend I had dinner with a close friend of mine who also happens to be the best Dutch strategic analyst. He made two important points. First, the Dutch do not really know the extent of the vulnerability of their power grid to attack. This is partly because that have never really tried to find out and partly because they rely for much of their power on the German national grid. Second, the Dutch have made little or no effort to prepare their population for a sustained outage generated by an attack. The Dutch are not alone. Much of the rest of Europe is equally vulnerable and ill-prepared. National government is ill-prepared and local government by and large wholly unaware what real civil defence would mean and entail in a prolonged emergency.


What is the threat?


So, what is the threat? In an August article for The Jerusalem Post, Carmeli confirmed that offensive cyber capabilities were becoming an ever more important part of the strategic arsenals of major military powers such as Israel.   Indeed, what Carmeli had to say should be sobering news for all Europeans. Russia and China have ‘cyber-compromised’ Israel far more than Iran or Hezbollah. He pointed to the number of cyber-attacks on Israel mounted daily by states, groups and companies and called for cyber-defence to be seen as part of broader national defence. Carmeli also warned against making a false distinction between war and peace. “Cyber is an endless battle – you are always playing chess with the other side”.


Carmeli then went on to hint at the importance of offensive cyber capabilities. Of the democracies only the US, UK and Israel have really begun to develop such capabilities. Critical to the debate about the changing character of war he suggests that launching a potentially catastrophic cyber-attack should only take place in conjunction conventional attack.


Too many European leaders are in denial about the possibility of future war and the role of cyber-attacks therein. The experience my wife and I had together with well over 100,000 other Dutch households is precisely how a twenty-first century war could start. A carefully planned disinformation and disruption campaign that would proceed or parallel any military campaign of destruction.  Defeat could happen at a stroke simply because government would be powerless to respond, and society would simply have no idea how to respond.  Resiliency?


War at our seams and the new civil defence


War at the many vulnerable seams of our societies is now the chosen weapon of enemies. In the twenty-first century there can be no ‘defence’ if a new and purposeful balance is not struck between defence and deterrence, protection and projection.  The mistake all European governments make is to see the security debate and the defence debate as separate. They are not. Rather, they are part of a continuum of effects (including cyber) that must be generated if the citizens of twenty-first century democracies are to live their lives reasonably free from the fear of externally-generated violence by states and non-states alike, quite possibly in harness. The very nature of twenty-first century warfare is such that neither security nor defence can be generated unless governments actively treat their citizens as partners in their own security.


What is needed is an entirely new concept of civil defence that works in tight conjunction with information, cyber and military defence.  First, re-established civil defence would restore the broken link between people protection and legitimate power projection aimed at deterring aggressors.  Second, civil defence would reinforce deterrence by demonstrating the ability of society to recover. Third, active civil defence would help restore the big partnership between power and people vital to security and defence.


Hardening democracies


To achieve what will to some appear to be an oxymoron – hardened democracies – specific investments will need to be made to harden those critical infrastructures upon which freedom from the fear of aggression and violence depends. Above all, governments must embark on a much more systematic campaign of education so that people are made aware of the threats and would critically know what to do in a genuine emergency when the siren sounds. Contemporary security and defence is not simply about investment, much though it is needed. It is about a fundamental change in the political culture of many European democracies so that ‘sec-def’ is treated with more than political lip service and citizens treated as more than overgrown children.


Now, I am not suggesting a major shock war is going to break out in Europe tomorrow. However, as I suggest in my new piece for Internationale Politik about Germany’s role as a strategic peacekeeper, such a war is no longer beyond the realms of possibility. For those of us schooled in the consideration of the worst case it is simply time again for those in power to at least think about war. Why? History suggests over-mighty, predator-lkie illiberal states and groups with extreme motivations see irresolute, distracted and weak liberal states as prey creating the ‘best’ conditions for strategic shock. Recognise it?


Julian Lindley-French


Professor Dr Julian Lindley-French

Senior Fellow, Institute for Statecraft, London; Director, Europa Analytica, Netherlands; Distinguished Visiting Research Fellow, National Defense University, Washington DC; & Fellow, Canadian Global Affairs Institute.

NEXT BOOK: Future War and the Defence of Europe (co-authors Gen. John R Allen & Lt Gen Ben Hodges)

New Report: GLOBSEC NATO Adaptation Report

Lindley-French’s Blog Blast

Latest Blog – Nordstream 2 and Germany’s Two-Legged Foreign Policy