Defining the "Cyber-Pearl Harbor" - Validation of the DSLP-framework in "Offensive Cyberspace Operations Targeting Ukraine: A Cyber Pearl-Harbor"

Abstract

The use of cyberattacks against organizations, health care and individuals have increased along with the constant digitalisation. Nations have also fallen victim to cyberattacks, often combined with other means of war. A Cyber-Pearl Harbor (further shortened as CPH) is a term mentioned by the former United States Secretary of Defense, Mr. Leon Panetta, who described it as “combined attacks that result in human death and physical destruction and that paralyzes an entire nation”. Gazmend Huskaj used Panetta's definition in order to create a framework (herein the “DSLP-framework”) for classifying an event as a CPH. This study strives to see if the DSLP-framework can be validated since the term has been widely used for the last 25 years. However, a universal definition of the term seems to be missing, therefore it is not certain that the criteria presented in the framework is accurate. A qualitative case study was conducted through a literature review regarding the term CPH and semi structured interviews with three experts were done, which were later analysed through a thematic analysis. The framework was applied to three real life cases: a public health sector in Costa Rica, a TV-tower in Kyiv, Ukraine and the grocery company Coop in Sweden. The result from applying the DSLP-framework to each case was that only the case of TV-tower in Kiev, Ukraine, could be classified as a CPH. The following conclusions were drawn in this study: 1) The framework could not be validated due to lack of data, and 2) The interviewees views differed from the framework making it hard to find common ground.