The future of cyberspace
While most defence and security analysts are still focused on the traditional threats that emanate from the sea, land, air, and recently space, a new kind of risk has finally dawned. It has to do with risks of attacks that originate in the cyberspace. Moreover, while the threats posed by the terrorists involve physical action, in terms of where the attacks are planned and where they are carried out, cyber attacks can be launched virtually and the results can be equally devastating if not deadly. Moreover, it’s technologically difficult to ascertain who the attackers were and thus difficulty in attribution creates unique challenges.
Like the use of drones, cyber warfare is also on the increase, especially between China and US. While China is increasingly in the limelight for stealing secrets from US firms, the Stuxnet operation revealed US and Israel have also carried out cyber assaults. Reportedly, the Stuxnet virus seriously impeded Iranian progress towards acquiring nuclear capability.
The struggle for access to information and knowledge, and being able to control and influence it, has become an essential part of what has come to be known as information warfare, and cyberspace is an important battlefield where powerful international actors are waging it.
With growing dependence on the internet, protecting the infrastructure and networks that facilitate millions of information-based transactions that occur in the cyberspace, has emerged as the most important arena of the future warfare. There are four associated areas of this new battlefield: strategic cyber-war, cyber-espionage, cyber-disruption, and cyber-terrorism.
Strategic cyber-war involves direct attack on the infrastructure of the enemy. On the other hand, cyber-espionage is more prevalent and is used to illegally steal secret information that has commercial and military value. Cyber-disruption is manifested through denial of service or inability to access important websites.
A newly released US National Intelligence Estimate (NIE) has confirmed that China is America’s most serious cyber threat. Therefore, the US is shifting its focus on beefing up cyber security to prevent not only the extremists from exploiting the vulnerabilities, but to also protect against industrial espionage from countries like China.
In June 2011, former American Defence Secretary Leon Panetta had commented, “The next Pearl Harbor we confront could very well be a cyber attack that cripples our power systems, our grid, our security systems, our financial systems, our governmental systems.”
With cyber attacks becoming increasingly frequent against government networks, during his first term President Barack Obama approved guidelines that determined the parameters of the military response against the perpetrators of a cyber attack or espionage. The White House formulated its first ever wide-ranging cyber strategy in 2011 that focused on seven major policy priorities.
The International Strategy for Cyberspace, aims to promote a more secure, open, reliable and interoperable cyber environment, and stresses the need for a global alliance to maintain online freedoms and to impede cyber crime. The new strategy is being seen as part of the US administration’s aggressive initiatives to define the internet’s future amid contending plans such as the one presented by China, Russia and Iran, which involve greater control.
The US will consider the use of conventional weapons to respond to any cyber attack, according to this new strategy. “A response to a cyber-incident or attack on the US would not necessarily be a cyber-response. All appropriate options would be on the table,” Pentagon spokesperson Colonel Dave Lapan had commented in 2011. The move had come after computer network of Lockheed Martin was hacked and defence secrets were stolen in 2011.
Google also accused Chinese officials of attempting to hack Google email accounts belonging to US officials, government offices, politicians, journalists and activists – a claim denied by China. Instead, Beijing asserts that America is using online tactics to bring about regime change in Arab nations and claims it has evidence that the cyber assaults originated in the US.
Some recent examples of cyber warfare have come in the form of ‘Stuxnet’ and ‘Flame’ viruses. Flame reportedly was used to map and monitor Iran’s computer networks. Flame virus had an extraordinary data snatching capability and could eavesdrop on unsuspecting computer users by manipulating its audio system and listen to office conversations and Skype calls. In the Middle East, Saudi national oil company Aramco came under a serious cyber attack in August last year, allegedly from Iran, that damaged more than 30,000 computers. Reportedly, the attempt was to dent the Saudi oil and gas production.
In essence, we are entering a peculiar stage of the cyber war. The present free flow of information on the information highway appears to be in tension with security measures nations are being forced to adopt as part of the unraveling cyber warfare.
Facing multitudes of threats, Iran for example, has decided to develop its own internet. The functionality of this Iranian internet can be thought of as an intranet that a company would have for its employees. The most damning aspect of this model is that it exists disjointedly from the central internet, and thus it would no longer be the free flow of information that we otherwise think of when we talk of internet. There are fears if other nations facing similar security threats may adopt a comparable approach. The parallel here is similar to if a country was to adopt protectionism in its economic posture, which is antithesis of globalisation.
While global economic cooperation and trade is already being impacted by security concerns, if norms around cyber warfare are not agreed by international actors, the free flow of information via the internet may at some point become the next causality.
The writer is chief analyst at PoliTact, a Washington based futurist advisory firm (www.PoliTact.com and http:twitter.com/politact) and can be reached at aansar@politact.com