Cyberspace Cooperation

The Global Cooperation in Cyberspace Initiative seeks to reduce conflict, crime and other disruptions in cyberspace and promote stability, innovation and inclusion.

Learn More

McConnell Interviewed by Inside Cybersecurity

Vice President Bruce McConnell discusses progress and challenges with the cyber framework in advance of EWI's upcoming San Francisco and Berlin conferences. 

Bruce McConnell, who served as a top cybersecurity strategist at the Department of Homeland Security, says the financial, telecommunications and energy sectors are making good progress on cybersecurity, though much work remains to be done at smaller companies in every sector.

McConnell served as DHS cybersecurity chief until last summer and helped put together the process that led to the National Institute of Standards and Technology's framework of cybersecurity standards.

He is now vice president of the EastWest Institute, which is holding meetings in June in San Francisco and December in Berlin to kick off a "global cooperation in cyberspace" initiative.

The NIST framework was released on Feb. 12, one year after President Obama's executive order on cybersecurity. Three months after its release, the issue of scalability for smaller companies remains a hot topic of debate among cybersecurity professionals.

"Second-tier companies are the weak link," McConnell said in an interview with Inside Cybersecurity. "They are less able to make the investments and less aware of the issue. That's one point that isn't fixed yet."

The effort to ramp up cybersecurity "is still really a 'push' thing from government rather than companies pulling it," McConnell said.

DHS, NIST and other agencies including the Small Business Administration are trying to alter that paradigm, stressing in multiple settings that the private sector should drive cyber improvements.

Based in New York, McConnell has taken a particular interest in the financial sector's moves on cybersecurity, saying the industry is "at the forefront" of cyber policy.

The Securities Industry and Financial Markets Association is using the framework to improve the cybersecurity practices of members and supply-chain partners, McConnell said.

"We are totally supporting use of the framework," SIFMA's Karl Schimmeck told Inside Cybersecurity. "We're encouraging members to evaluate it and get to know it. We're using it as a communications mechanism and our companies use it to assess themselves."

A SIFMA working group has mapped the framework to the multiple regulations covering the financial industry, Schimmeck said, adding that regulators are performing the same exercise.

McConnell also praised efforts by the Department of Energy to develop cybersecurity maturity models and other tools of use to the electricity, oil and gas sectors.

Looking across the critical infrastructure sectors, McConnell said telecom companies and banks "have religion" when it comes to improving cybersecurity.

The healthcare industry, on the other hand, "still has a long ways to go," according to McConnell.

The big question, McConnell said, is still "what does it take to get companies to make investments in cybersecurity?" The pace of investments has "moved up a notch in the last five years, but it's still slow," he added.

Awareness of cyber vulnerabilities is growing in the private sector, according to McConnell, but "how do you translate awareness into action?"

The answer to that question "will remain a work in progress," McConnell said. "The biggest unused driver is customer demand. That is, once users – individuals and businesses -- get fed up with bad security, they will demand change."

McConnell expressed his hope that NIST would maintain management of the cybersecurity framework, even though the agency says it intends to hand it over to a private-sector entity at some point.

"It makes sense for NIST to own it," McConnell said. "They run a fair process and are truly a neutral party. I don't see anyone else who can do it as well." He urged Congress to provide funding that would allow NIST to maintain this role. 

Photo Credit: Roxanne Tamayo via Flickr

Gady: It's China's Turn to De-Escalate Cyber Tensions

EWI Senior Fellow Franz-Stefan Gady writes on steps needed to break the U.S.-China cyber stalemate, including a recommendation that China "remove the veils covering its activities in cyberspace."

Read the piece here on China-U.S. Focus

Both China and the United States have a vested interest in de-escalating tensions in cyberspace. In the post-Snowden world, the United States has lost its self-conferred leadership role in promoting global Internet freedom, whereas China is seen as recklessly expanding its cyber espionage activities.  Within only a year the fluctuant pendulum of world opinion has decisively swung back and forth between the two nations until finally reaching equilibrium that may be interpreted as a “cyber stalemate”. 

The public outcry after the revelations of the 2013 Mandiant Report with its exposure of the Chinese military unit labeled “Advanced Persistent Threat 1,” and its alleged cyber espionage activities, yielded, based on the disclosures of Edward Snowden, to privacy fears of an all-intrusive NSA in the last few months. However, rather than perceiving it as a serious setback, the current cyber stalemate between the United States and the People’s Republic of China should be seized by political leaders in both countries as an urgent incentive to push for cooperation and strategic stability in cyberspace. In that respect the United States has recently taken the lead. 

The Obama administration’s briefing for the Chinese military leadership on the US military doctrine for defending against cyber attacks was an unprecedented step towards strategic stability in cyberspace. The US military is envisioning to spend USD 26 billion in the next five years on protecting its networks from intrusions, but also to continue to develop offensive cyber weapons. This naturally leads to uneasiness in the technologically inferior PLA as well as among the Chinese political leadership, which threatens to further destabilize an already precarious relationship. While the Pentagon is disappointed that the Chinese have so far not reciprocated its openness, indications from the briefing suggest that the U.S. military has finally come around to actively seek strategic stability in cyberspace through some form of cyber deterrence. 

One way to increase the deterrence factor vis-à-vis adversaries is to have a more systematic public display of nation states' cyber war capabilities. In the past, the media has been used to convey a country's cyber warfare capabilities with strategic leaks of classified information (e.g. Operation Olympic Games) to some news outlet as part of a country's unofficial cyber deterrence strategy. Now, the United States has taken a more direct, nuanced and official approach by outlining its military doctrine without, presumably, detailing the capabilities of U.S. offensive cyber weaponry. The Pentagon presentation made it easier for the Chinese leadership to discern the infamous “red line” for the United States regarding Chinese cyber attacks and improved the signaling mechanisms between the two countries. 

Another sign for the willingness towards de-escalation is the recent announcement by the Obama White House that the NSA will more openly share intelligence on zero-day vulnerabilities—security holes in software that are unknown to the vendor and are exploited by hackers before they can get fixed. There is a loophole of course: the NSA can still withhold information in case of a “clear national security or law enforcement need.” Yet, as a spokeswoman for the US National Security Council states:  “This process is biased toward responsibly disclosing such vulnerabilities.” 

This is almost certainly part of a carefully planned publicity campaign, and it is primarily meant to assuage the U.S. private sector, which, more than ever, is vulnerable to losing global market shares to foreign competition after the revelations of its tacit cooperation with US intelligence agencies. Nevertheless, the zero-day vulnerability announcement is also a clear signal to U.S. adversaries that the United States is interested in stabilizing cyberspace by its willingness to “unilaterally disarm”, parts of its cyber arsenal.   

Technological inferiority is still a grave concern to Chinese top military brass. As Major General Wu Jiangxing, president of the PLA Information Engineering University, stated in an interview: “The gap is that China does not have a cyber army, whereas the United States has established a Cyber Command, certainly with cyber warfare units.” This refrain, heard time and again from the Chinese side, however, has so far not yielded any diplomatic benefits.  The U.S. offer on quasi-unilateral disarmament (or at least the discussion thereof) may be a first step in mollifying corresponding Chinese fears. 

However, despite the recent emphasis by senior Chinese leadership on cyber security, the reaction by the Chinese government has so far been tepid and no discernible reciprocal steps have been taken by, for example, the People’s Liberation Army. On the contrary, as the 2014 Mandiant Report states:  

The Chinese government is expanding the scope of its cyber operations, and China-based advanced threat actors are keen to acquire data about how businesses operate—not just about how they make their product . . . Despite the recent accusations and subsequent international attention, APT1 and APT12’s reactions indicate a PRC interest in both obscuring and continuing its data theft. This suggests the PRC believes the benefits of its cyber espionage campaigns outweigh the potential costs of an international backlash. 

It is now China’s turn to remove some of the veils covering its activities in cyberspace in order to de-escalate tensions. While there is an inherent asymmetry between U.S. and Chinese military capabilities in related technology, this should not be used as an excuse by the Chinese leadership to avoid a more open engagement with the United States in the coming months and try to break the cyber stalemate between the two rivals. 

Photo Credit: U.S. Secretary of Defense via Flickr

Gady Writes for New Europe on China's Cyber Realpolitik

EWI Senior Fellow Franz-Stefan Gady describes the Chinese government's push for cooperation with the EU to fight cyber crime as an attempt to balance against the U.S.

Realpolitik: China’s Push on EU Cyber Ties

A paper issued by the Chinese government to coincide with President Xi Jinping’s visit to Europe in April emphasises the need for increased cooperation with the EU on combating cybercrime.

This raises a dilemma: how can the two sides cooperate against illicit acts in cyberspace when each is also engaged in active dissuasion of the other, quite adversarial in style and tone, from malicious cyber activities.

China consistently claims to be the biggest victim of cybercrime in the world. The Cybersecurity Strategy of the EU lists “drastically reducing cybercrime” as number two in a list of five strategic priorities. There appears to be a clear convergence of interests in this field between Beijing and Brussels. Yet one of the biggest concerns for many EU member states—especially Germany and Great Britain—is online intellectual property theft originating from China. In January 2013, the European Commission decided to establish a European Cybercrime Centre within Europol, which among other issues, is actively combating IP theft. It is an open secret that China is a top concern for Europol.

Nonetheless, at the same time, the paper by the Chinese government says that China intends “to raise the level of China-EU cooperation on intellectual property rights” (IPR). Notwithstanding the near schizophrenic approach to cybersecurity both with and from China, this measure on IPR would be a step in the right direction.

The Chinese leadership also is following another more geopolitical rationale by warmly embracing the European Union on cybersecurity issues. China is actively exploiting the transatlantic rift that occurred as a result of Edward Snowden’s revelations regarding the US National Security Agency. China does not appear to have issued a policy paper like the EU one, with such attention to cybercrime, for its other key trading partners, such as the United States, Russia or Japan—all of which are countries China sees as posing genuine and more immediate threats to the People’s Republic than the EU.

One can deduce from this that China probably believes it can cosy up the EU – first and foremost a civilian power - because it does not constitute a threat to Chinese influence, Chinese territorial integrity or Chinese interests in cyberspace. One can further deduce a clear calculus behind China’s engagement with the EU. China attempts to exploit the current rift in transatlantic relations similarly to its attempt to exploit the EU-US disagreement over the US invasion of Iraq in 2003, where China worked especially close with France to oppose unilateral intervention in the Middle East.

Yet, while the disagreement over Iraq was severe, the transatlantic partnership was never really in danger of falling apart. Today, the after-effects of the economic crisis of 2008 paired with new, more assertive European governments, particularly in the case of Germany, make a repetition of fallout as severe as in 2003 highly unlikely. 

China’s push towards closer ties with the EU, based on Chinese realpolitik, is decidedly opportunistic. A transnational institution such as the EU is also by its mere existence inherently an anomaly in modern Chinese political thought, which emphasises state sovereignty and territorial integrity after enduring a “century of humiliation”, yet the transnational need for increased EU-China cooperation on cybercrime is more pressing than ever.

Despite the fact that the EU often has been seen opportunistically by China as a useful entity to balance the United States when it suited Chinese interests, the growing threat from cyberspace may require even more schizophrenic, two-layered cyber-realpolitik in the future between Brussels and Beijing.

Gady also wrote on China-EU cooperation to combat cyber crime for The Huffington Post

Photo Credit: European External Action Service. 

The Internet’s First Town Meeting?

EWI’s Senior Vice President Bruce McConnell attended the NETmundial meeting in São Paulo and comments on its historical significance.

“The Internet is the greatest revolution in human history.” Neelie Kroes, Vice President, European Commission, at NETmundial.  

Just weeks before the World Cup, the Brazilian government hosted 800 people in São Paulo at the two-day “NETmundial” meeting to discuss Internet governance principles and institutional structures. Roughly equally divided among representatives of governments, corporations, civil society and technologists, the in-person participants were supplemented by hundreds of netizens assembled in “remote hubs” on every continent.

The meeting opened with a video featuring vignettes of young people smiling and saying “It’s My Internet!” Brazilian president Dilma Rousseff followed by signing with great flourish the just-passed “Marco Civil,” a law establishing a comprehensive framework of privacy and other legal protections for consumers and providers of the Internet in Brazil. With three billion users now online, and the impending arrival of billions more from developing countries, it is surely time to figure out how this global resource will be managed.   

A sense of being present at an unprecedented moment in the discourse regarding the future of the Net pervaded the proceedings. The purpose of the conference, announced last summer by Rousseff after she learned her cell phone had been hacked by NSA, shifted in the ensuing months from a potential NSA-bashfest to an experiment using “multistakeholderism” to produce a 12-page non-binding “outcomes” document. While a majority present may have shared the view of one young Indian netizen that governments and companies are merely trustees of the Internet on behalf of the people who use it, the advocates of more traditional values and international decision-making processes were a vocal, if at times, unwelcome minority.

On the government side, senior delegations came from Brazil, Canada, the EU, Germany and the U.S., along with official representation from China, India, Iran, Russia, Saudi Arabia, South Korea and most of Latin America. Governmental attitudes ranged from hopeful, to cynical, to disoriented. Civil society, on the other hand, enjoyed the limelight and the opportunity to advocate publically on human rights, gender balance, net neutrality, free access to information and surveillance. These themes are reflected, albeit somewhat tentatively, in the conference’s final product. The technical and academic community was fascinated, and very much in their element. Companies, with good reason, were nervous: while the outcome is non-binding, it could become fodder for incorporation in the International Telecommunication Regulations that will be revised in October at a meeting in South Korea. 

Multistakeholderism, like many young life forms, is an awkward and somewhat tentative thing. Seven languages spoken with consecutive translation, four sectors represented plus the remote hubs, representatives standing in line to make two-minute interventions, and the open observation of the small drafting groups produced a slow and only “rough” consensus. And, with no governmental representatives on the drafting groups, one had the unique experience of seeing Canadian, German and U.S. cyber ambassadors leaning in, straining to try to hear the deliberations. 

The agenda for human rights (and precious little was heard about the responsibilities that attend rights) was fired by post-Snowden concerns: freedom of expression requires privacy, and governments have the primary legal and political responsibility to enforce human rights. And yet they are the architects of mass surveillance, coercing unwilling firms into participation. Indeed, even a Chinese data services provider argued for a safe harbor from liability to their customers in such coerced situations. The outcome document implies that the actions of such intermediaries should be subject to international human rights norms, as a matter of policy if not of law. Rousseff noted that human rights thrive under the shelter of the state, not in its absence. 

This meeting may have been the first convocation of a global Internet polity, focused on “what benefits humanity as a whole” and working toward what World Wide Web inventor Tim Berners-Lee termed a “global Magna Carta” to make the Internet a “territory of trust.” Yet, a variety of governments, including China, Cuba, Ecuador, India, Indonesia, Russia and Saudi Arabia defended traditional multilateral processes for making global decisions, along with the sovereign rights of the state in Internet matters within their boundaries. The state is apparently not dead yet, even on the Internet. 

In the end, the answer to the question, “Is the meeting about governance of the Internet on the Internet, or in the era of the Internet?” seemed to be “All of the above.” The Internet, a force for democratization, must itself be democratically managed, and the movement to inculcate multistakeholderism into other international organizations was just launched in São Paulo. 

Photo credit: Blog do Planalto

_

Bruce McConnell piece also appeared on the Foreign Policy Association Blog and the International Policy Digest

Kostyuk's Paper Presented at Midwest Political Science Association Conference

EWI Cybersecurity Program Coordinator Nadiya Kostyuk’s paper, “International Domestic Challenges to Comprehensive National Cybersecurity: A Case Study of the Czech Republic,” was presented at the 73rd Midwest Political Science Association Conference in Chicago. 

Conference presentations were organized by topic in more than 70 sections—each section based on different subfields or areas of study. Many presentations were interdisciplinary, drawing scholars from different fields and providing a variety of perspectives. In 2013, over 5,700 participants—from the United States and 55 countries throughout the world—presented more than 4,700 papers. Kostyuk's paper was presented during the panel on “Policy Challenges in the Internet Age.”

Critical Terminology Foundations 2

EastWest Institute's new report presents a vital set of cyber terms, the result of a collaborative relationship between the institute and Moscow State University’s Information Security Institute. In this second-of-its-kind report, 20 new critical terms have been added to the international cyber “dictionary.” 

By doing so, this global team of science, technology, engineering and mathematics professionals continues to set the fundamental tenets of a common language within the cybersecurity domain. This bilateral collaboration began several years ago and produced Critical Terminology Foundations, the first report, which contained 40 terms and was released in 2011. 

Valery Yaschenko, senior vice-director of Lomonosov Moscow University’s Security Institute, explained, “Our goal is to avoid technical and scientific arguments and offer clear and useful ‘political’ definitions.” Plans are underway for this work to extend to Chinese, French, Hebrew and other languages. 

EWI Senior Vice President Bruce McConnell emphasized the importance of further cooperation with the Russian team and suggested they jointly explore other critical areas, such as critical infrastructure protection and the cyber arms race.

Click here to download full report: Critical Terminology Foundations 2

China's Cybersecurity Push and the Need for Sino-U.S. Cooperation

Writing for China-U.S. Focus, Franz-Stefan Gady says that China is "emphatically reconfirming" the importance of cybersecurity, citing the creation of a new body to oversee internet activities and information. The U.S. and China must work together more closely to combat cyber crime and develop a mutually beneficial relationship. 

Last week the Chinese state-run Xinhua News Agency announced that Chinese President Xi Jinping is personally presiding over a newly founded government body entitled the Central Internet Security and Informatization Leading Group. A similar and less senior group, in the past headed by the Chinese Premier, has been in existence since 1993. The purpose of the new group is to “lead and coordinate Internet security and informatization work among different sectors, as well as draft national strategies, development plans and major policies in this field.” 

The exact mechanism, mission and scope of this new body are unclear. However, the two deputy heads of the group, Li Keqiang and Liu Yunshan, the former the leading figure behind China’s economic policy, the latter the director of the Propaganda Department of the Communist Party of China Central Committee, suggest that a principal emphasize will be placed on streamlining content control (e.g., internet censorship) and to ramp-up cyber security in the ever modernizing Chinese private sector. 

This new body reconfirms emphatically the strategic importance of cybersecurity to the Chinese leadership. Diplomats and foreign policy makers in both the United States and China can no longer deny that this issue will be of the utmost importance in the years ahead (Coincidentally, in the U.S. State Department, a new function has been added to the post of Under Secretary of State for Economic Growth, Energy, and the Environment, Catherine A. Novelli, as the Department’s Senior Coordinator for International Information Technology Diplomacy). It also confirms that even in the high echelons of power, leaders agree that cybersecurity can no longer be viewed in isolation, merely confined to the technical level and technical experts.  Cybersecurity permeates all spheres of the China-U.S. relationship in one way or the other, whether it is the relationship with Taiwan, human rights, trade negotiations, or military to military dialogues. 

With regard to the China-U.S. relationship in cyberspace in particular, impaired by the NSA scandal and accusations of Chinese industrial espionage, this new body should be seen as an incentive to more than ever push China-U.S. cooperation on a selective number of cybersecurity issues such as the protection of mutually beneficial critical information infrastructure from cyber attacks and better ways to cooperate on jointly combatting cyber crime. 

Ostensibly, this may seem difficult. The report of the U.S.-China Economic and Secuirty Review Commission bluntly stated that China has not cut down on its industrial espionage activities in the United States. Conversely, China has not stopped pointing out the alleged double standard of the United States on this subject, perennially citing the Snowden revelations as a backup. During the China-US Summit in June 2013 in California, Xi Jinping insisted that China was also a victim of “cyber theft.” President Obama characterized the discussions on cybersecurity “very blunt.” Even progress of the official China-US Working Group on cybersecurity, hailed as a step in the right direction, has also been very slow. 

Yet, given the volatile nature of the current world economy and the importance of both the United States and China within it, ways have to be found where both countries can cooperate on certain mutually beneficial issues, while circumventing their disagreements in other domains. For example, my colleague Dr. Greg Austin, in a keynote delivered at the 2014 Canada-US Cybersecurity Conference: Securing Our Financial Infrastructure proposes that China and the United States cooperate on the international protection for exchanges and clearing houses in cyberspace. 

Austin argues, “states should commit by treaty to the absolute protection in cyberspace of designated exchanges and clearing houses in the same way as they now commit to the absolute protection of diplomats as internationally protected persons and embassies as internationally protected premises.” For example, a China-U.S. working group could look at the 1997 Convention on Crimes against Internationally protected persons and use it as a framework for a “Convention on Internationally Protected Facilities.” Of course, this will be a tricky thing to sell to the private sector. Government intervention especially in the financial sector is a touchy political subject. Yet the risks in cyberspace are ever increasing and time for voluntary best practices may have run out. 

With regard to the United State and China jointly working on such a sensitive issue there is surprisingly a precedent from 2010. Back then, the United States and China were among some 24 countries to sign the 2010 Beijing Convention and 2010 Beijing Protocol, multilateral agreements which require states, inter alia, to criminalize cyber attacks (though the convention used a more general term of “new technologies”), and certain preparatory activities, that target civil air navigation facilities and aircraft in flight, as Austin outlined in his addressed. 

Perhaps then, the new emphasis by the Chinese political elite on cybersecurity, as exemplified by the new Central Internet Security and Informatization Leading Group, should be used by the United States to explore this option. 

Read the full piece on China-U.S. Focus

Austin to Speak at 2014 Nuclear Knowledge Summit in Amsterdam

Overview

EWI's Professorial Fellow Greg Austin will present "Views on Cyber Security" during a panel discussion on "Regional Approaches to Nuclear Security," at the Nuclear Knowledge Summit (NKS) in Amsterdam. 

The NKS—organized by the Netherlands Institute of Foreign Relations (Clingendael), together with the Fissile Material Working Group and the Asan Institute for Policy Studies—seeks to create a broad platform for nuclear experts and international NGOs to promote nuclear security and to support the NSS process.

Austin will urge participants to consider the bold ideas presented in EWI's latest cybersecurity policy report, A Measure of Restraint in Cyberspace: Reducing Risk to Civilian Nuclear Assets, which proposes four specific steps to limit the use of cyber weapons during peacetime.  

 

Cyberwar in Crimea? Franz-Stefan Gady for U.S. News & World Report

There is evidence of cyber warfare in Ukraine, Gady writes, but Russians will be cautious in carrying out cyber attacks or risk retaliation from NATO or Ukrainian hackers. 

Read the full piece on U.S. News and World Report's World Report blog. 

The current crisis in Ukraine has again made one thing very clear: Any future conflict will involve military activities in cyberspace. Last Friday, unidentified men seized several control centers in Crimea run by Ukrtelecom JSC, Ukraine’s telecommunications provider, essentially cutting off the peninsula from mobile, landline and Internet services. Conversely, RT (formerly known as Russia Today) was hacked by unknown assailants. There have also been reports that members of the Ukrainian parliament’s cell phones have been jammed. So far no other confirmed reports have emerged about cyberstrikes on Ukraine’s critical information infrastructure, and up to now hacker forums—a good indicator for “cyber mobilization”—have been remarkably quiet.

Of course, complex government-sponsored cyberattacks can evade detection, but the restraint shown by Russia is not without reason: Sophisticated cyberweaponry, such as the Stuxnet worm, is hard to contain and may affect Russia’s own network and communication nodes. A historical analogy would be the use of poison gas during World War I that could blow, depending on the wind direction, either way. However, the reach of cyberweapons transcends front lines.

The “blowback fear” is not as farfetched as it seems. Unlike Syria, where the country’s critical information infrastructure is highly centralized and where the Obama administration was contemplating cyberstrikes, Ukraine hosts a decentralized critical information infrastructure network and is served by many Internet Service Providers. As an analysis by Internet intelligence company Renesys states:

Ukraine has a strong and diverse Internet frontier, with more than 200 domestic autonomous systems purchasing direct international transit (out of a total of more than 1,650 domestic ASNs). The roads and railways of Ukraine are densely threaded with tens of thousands of miles of fiberoptic cable, connecting their neighbors to the south and east (including Russia) with European Internet markets. The country has a well-developed set of at least eight regional Internet exchanges, as well as direct connections over diverse physical paths to the major Western European exchanges.

Consequently, a “cyber knockout blow” will certainly have repercussions in Russia and other parts of the world. Also, unlike warfare in the real world, cyberwars are won and lost by private sector companies and their ability to protect their networks and spot attacks. Companies such as Gazprom and the Russian nuclear plants bordering Ukraine would be more affected by cyberstrikes due to their mere geographical proximity to Kiev. For now, both Russia and Ukraine appear to be limiting their cybercampaigns to minor exchanges mostly consisting of patriotic propaganda, low-key hacks, as well as physical protection and seizure of network infrastructures.

Russia also showed restraint during its 2008 invasion of Georgia when conducting its cyberwar campaign against the country’s digital assets. The attack consisted mostly of Distributed Denial of Service Attacks, which knocked websites offline for a few hours to days, jammed network communications and disrupted military communication nodes. Russia refrained from destroying civilian critical information infrastructure, such as power plants or digital records in hospitals. Some analysts argued Russia feared that a revelation of its more sophisticated cyberweaponry would tilt the asymmetrical cyberarms race between Russia and NATO even more in favor of the latter.

Today, NATO is playing a role in Russia’s consideration about launching a full-scale cyberwar against Ukraine, as well. NATO could quickly be drawn into the cyberaspects of the conflict by Ukrainian hackers planting false digital leads, which attribute attacks on NATO’s critical information infrastructure to Russia, pitting both sides against each other. Attribution, after all, is still one of the most complex problems in cyberspace, and the greater and more intense a cyberconflict is, the more difficult it will become to trace back the origins of cyberstrikes.

As during the Georgia-Russia War, patriotic hackers are the frontline troops in this conflict—the grunts of cyberspace. Ukrainian hackers have a reputation for talent and ingenuity, and it will be a hard battle for Russian cyberwarriors to obtain what the U.S. Air force calls “cyber superiority” (i.e., network domination), even if it is to Russia's advantage that much of Ukraine’s telecommunications infrastructure was built during the Soviet era.

Almost by definition, this will be a covert war, and we will see only some marginal reflections in public. In reality, there is no certain way to assess Russia’s true intentions and activities in cyberspace.

Yet, given what we know from open-source intelligence, Russia, will most likely exercise constraint in its activities in cyberspace during this crisis regardless of its outcome. The question whether cyberwar will happen over Ukraine is a non sequitur: Cyber may be the fifth domain of warfare, but it is the only domain that permeates all other spheres (air, land, sea, space); therefore, it will play a role no matter what. If a shooting war starts, cyberattacks—particularly on anti-aircraft systems, military and civilian communication nodes—may occur, but Russia will surely think twice before deploying the most sophisticated cyberweapons in her arsenal. 

Photo Credit: mediageek

Pages

Subscribe to RSS - Cyberspace Cooperation