.

Much has been said in the press of the dreaded threat of ‘cyber warfare’, but little detail or clarity has given dimension to this threat of sinister activity. Comments from the UK’s Secretary of State for Defence Phillip Hammond such as, “It’s a new capability… we should explore the boundaries of it,” do little to reassure us that world politicians are imbued with the necessary understanding of this emerging threat. It is necessary for governments to recognize and fully understand the consequences of this hazard, so they can proactively formulate sanctions and policy that need to be developed by the international community.

The fifth domain presents challenges, not only in the physical practices of forming a resilient cyber defense, but also in attitude and outlook as well. The all-too recent memory of the 1989 Quebec blackout is an excellent example of the type of disruptive attack that today would be targeted as an 'act of man', on a country. That year, a solar paroxysm (a massive burst of solar wind and electromagnetic radiation) resulted in the entire collapse of the Quebec power grid. This left six million people without power for twelve hours. While the outcome was a consequence of a natural manifestation, it highlights the type of damage that could be replicated with a cyber attack. Imagine 6 million people without power for twelve hours—the failure of household appliances, the closure of airports and public services, and swathes of people trapped in dark office buildings and elevators. The personal and institutional effects are vast.

Over the last decade, few nations have been forward-leaning enough develop robust policy in this emerging domain, or to recognize the need for a defensive cyber strategy. Currently, the three eminent activists in the cyber arena are what can be referred to as the RUC Group (Russia, United States, and China).

It is well documented that Russia was the alleged aggressor in the vast distributed denial-of-service (DDOS) attacks on both Estonia in April 2007 and a year later in Georgia in August 2008. Also, the ‘Moonlight Maze’ incident, in which the United States government discovered the probing of a number of systems belonging to the Pentagon, NASA, United States Department of Energy, and some military-linked civilian universities, was another Russian cyber attack. The United States has been equally active in pursuing offensive cyber-attack capabilities. Alongside the generously budgeted U.S. Cyber Command, the U.S. Government is explicit in their intention to use cyber weapons as a means of attack.

The Stuxnet worm is a telling example of the potential damage in an attack that nearly crippled Iran’s nuclear facility at Natanz (an attack widely attributed to the U.S. and Israeli). The culturally secret state of China has remained typically discreet in its activity within the fifth domain. Through the ‘Titan Rain’ operation it succeeded in gaining access to U.S. systems, managing to obtain the U.S. Army’s Falconview flight planning software, specifications for a U.S. Army aviation-planning system, and schematics of the NASA Mars Reconnaissance Orbiter. It is now educating specialist soldiers in ‘cyber warfare’ through digital libraries.

While these examples have not resulted in any fatalities or damages, they are harbingers of future conflict. This domain of warfare will be easy, cheap, destructive, and effective; for the first time in the history of human conflict, cyber actors will be able to precisely manage collateral damage to a much enhanced level of predictability. It is likely to become a popular form of warfare and it will gain a plethora of public support. After all, it requires no physical military presence and has much lower costs—blood and treasure saved! Perhaps more significantly, it will introduce a multitude of new actors, for, “In this arena, there's no such thing as a superpower anymore”, according to International Telecommunication Union (ITU) Secretary-General Dr. Hamadoun Touré. Although the Secretary-General may overstate his case, he is right to highlight that it could pave the way for emerging and possibly unstable states to become dominant forces.

Currently, governments and institutions define their cyber policies using colloquial terminology or inchoate classifications. Disregarding the development of an agreed upon set of definitions and international laws for what is and what is not acceptable behaviour in cyberspace is simply irresponsible. This laissez-faire attitude that is pandemic across the international community is typified in the response from James Attwood, Assistant Head - Cyber Policy in the UK Ministry of Defence. In a letter to the author he stated, “As each actor has their own motives and means of attack, it is not useful to break each out, but rather to look at the holistic threat that we within the MOD face”. This is a misplaced understanding of the argument for explicit delineation and definitions. A government cannot treat a cyber-attack from an individual with intent to steal money for personal gain in the same way it would respond to state-sponsored interference, which may well be a Casus Belli (justification for war). The challenge for clarity and agreement is axiomatic, and it is for us all to engage in this straightforward but crucially necessary debate.

Academics have done little to help the wider global community navigate the murky waters of cyber terminology. There is a severe lack of academic engagement, but the few who have brought the subject to the fore, like Thomas Rid and Ronald Deibert, should be noted. Although Rid discounts the term ‘cyber warfare’ he recognises the need to unpack the nuanced differences between certain cyber acts such as subversion, espionage, and sabotage, to name a few. He further stated at a recent online debate hosted by The Economist, that our understanding of the cyber lexicon, “hinges on terminology.” It is essential that international governments, institutions, and organisations realize this.

The struggle to differentiate the many nuances of sinister cyber activity is clear. Governments must shake off the parochial cloistered formation of their own cyber vernacular, as it only serves to feed global bewilderment. Moreover, the term ‘cyber warfare’ is seen by many as the argot of doomsayers. This should not be an ‘either-or’ situation. It is essential to comprehend the potential of all malicious cyber actions in order to develop the sanctions and legislations referred to earlier. As a starting reference to inform debate, I offer the following definitions:

  • Cyber Terrorism: A person or group that intends to disrupt, damage or destroy public or private property or seek to terrorise citizens in order to achieve a political, religious or idealistic aim through the means of cyberspace.
  • Cyber Warfare: A state-sponsored attack or response that leads to a sinister engagement through the means of cyberspace, in addition to the use of cyber technology as part of an established conflict.
  • Cyber Espionage: A person, group, or state who penetrates public or private networks in order to gain classified information through the medium of cyberspace.
  • Cyber Sabotage: A person, group, or state who disrupts or damages public or private entities through the medium of cyberspace.
  • Cyber Crime: A person, group, or state who engages in sinister cyber activity out with agreed sovereign and international law through the medium of cyberspace.

I refer to these bespoke characterizations as Cyber TWESC. This acronym offers an explicit set of terminology for the type of known sinister activity that can come from the fifth domain.

Many of the sanctions and consequences relating to activity conducted within these terms are not necessarily exclusive. The reality is that each rule can, on occasion, act as a relative cause and or consequence of another. That is to say a cyber war would most likely incorporate the acts of cyber espionage and sabotage. Cyber TWESC gives clarity and breaks down much of the esoteric language surrounding this emerging platform. It seeks to dissipate the confusing and ill-thought definitions of everyday cyber discussion. This task, however, may require far less attention. It may just need the addition of one word: ‘cyber’. (“All Members shall refrain in their international relations from the threat or use of force [in all domains of warfare, including the fifth: cyber] against the territorial integrity or political independence of any state, or in any other manner inconsistent with the Purposes of the United Nations”). This is the first step in developing a robust, internationally agreed-upon set of definitions that will help lawyers set the legal parameters for this emerging domain.

The growing division between the accelerated evolution of computer networks and the stagnation of policies to govern them is clear. Whilst academics such as Thomas Rid still feel “a cyber-Hiroshima [is] highly unlikely”, no leading authority has gone so far as to discount such a scenario. Instead, they realize that the wars of bullets and munitions have now been joined by an untouchable ether and that the wars of technological intelligence have begun.

Ash J. Hunt is a student reading Ancient History & Philosophy at Royal Holloway, University of London. He maintains a deep interest in foreign affairs and political policy (particularly concerning defence/intelligence/security).

Photo: Guerric (cc).

The views presented in this article are the author’s own and do not necessarily represent the views of any other organization.

a global affairs media network

www.diplomaticourier.com

Cyber: A Real and Present Danger

August 28, 2014

Much has been said in the press of the dreaded threat of ‘cyber warfare’, but little detail or clarity has given dimension to this threat of sinister activity. Comments from the UK’s Secretary of State for Defence Phillip Hammond such as, “It’s a new capability… we should explore the boundaries of it,” do little to reassure us that world politicians are imbued with the necessary understanding of this emerging threat. It is necessary for governments to recognize and fully understand the consequences of this hazard, so they can proactively formulate sanctions and policy that need to be developed by the international community.

The fifth domain presents challenges, not only in the physical practices of forming a resilient cyber defense, but also in attitude and outlook as well. The all-too recent memory of the 1989 Quebec blackout is an excellent example of the type of disruptive attack that today would be targeted as an 'act of man', on a country. That year, a solar paroxysm (a massive burst of solar wind and electromagnetic radiation) resulted in the entire collapse of the Quebec power grid. This left six million people without power for twelve hours. While the outcome was a consequence of a natural manifestation, it highlights the type of damage that could be replicated with a cyber attack. Imagine 6 million people without power for twelve hours—the failure of household appliances, the closure of airports and public services, and swathes of people trapped in dark office buildings and elevators. The personal and institutional effects are vast.

Over the last decade, few nations have been forward-leaning enough develop robust policy in this emerging domain, or to recognize the need for a defensive cyber strategy. Currently, the three eminent activists in the cyber arena are what can be referred to as the RUC Group (Russia, United States, and China).

It is well documented that Russia was the alleged aggressor in the vast distributed denial-of-service (DDOS) attacks on both Estonia in April 2007 and a year later in Georgia in August 2008. Also, the ‘Moonlight Maze’ incident, in which the United States government discovered the probing of a number of systems belonging to the Pentagon, NASA, United States Department of Energy, and some military-linked civilian universities, was another Russian cyber attack. The United States has been equally active in pursuing offensive cyber-attack capabilities. Alongside the generously budgeted U.S. Cyber Command, the U.S. Government is explicit in their intention to use cyber weapons as a means of attack.

The Stuxnet worm is a telling example of the potential damage in an attack that nearly crippled Iran’s nuclear facility at Natanz (an attack widely attributed to the U.S. and Israeli). The culturally secret state of China has remained typically discreet in its activity within the fifth domain. Through the ‘Titan Rain’ operation it succeeded in gaining access to U.S. systems, managing to obtain the U.S. Army’s Falconview flight planning software, specifications for a U.S. Army aviation-planning system, and schematics of the NASA Mars Reconnaissance Orbiter. It is now educating specialist soldiers in ‘cyber warfare’ through digital libraries.

While these examples have not resulted in any fatalities or damages, they are harbingers of future conflict. This domain of warfare will be easy, cheap, destructive, and effective; for the first time in the history of human conflict, cyber actors will be able to precisely manage collateral damage to a much enhanced level of predictability. It is likely to become a popular form of warfare and it will gain a plethora of public support. After all, it requires no physical military presence and has much lower costs—blood and treasure saved! Perhaps more significantly, it will introduce a multitude of new actors, for, “In this arena, there's no such thing as a superpower anymore”, according to International Telecommunication Union (ITU) Secretary-General Dr. Hamadoun Touré. Although the Secretary-General may overstate his case, he is right to highlight that it could pave the way for emerging and possibly unstable states to become dominant forces.

Currently, governments and institutions define their cyber policies using colloquial terminology or inchoate classifications. Disregarding the development of an agreed upon set of definitions and international laws for what is and what is not acceptable behaviour in cyberspace is simply irresponsible. This laissez-faire attitude that is pandemic across the international community is typified in the response from James Attwood, Assistant Head - Cyber Policy in the UK Ministry of Defence. In a letter to the author he stated, “As each actor has their own motives and means of attack, it is not useful to break each out, but rather to look at the holistic threat that we within the MOD face”. This is a misplaced understanding of the argument for explicit delineation and definitions. A government cannot treat a cyber-attack from an individual with intent to steal money for personal gain in the same way it would respond to state-sponsored interference, which may well be a Casus Belli (justification for war). The challenge for clarity and agreement is axiomatic, and it is for us all to engage in this straightforward but crucially necessary debate.

Academics have done little to help the wider global community navigate the murky waters of cyber terminology. There is a severe lack of academic engagement, but the few who have brought the subject to the fore, like Thomas Rid and Ronald Deibert, should be noted. Although Rid discounts the term ‘cyber warfare’ he recognises the need to unpack the nuanced differences between certain cyber acts such as subversion, espionage, and sabotage, to name a few. He further stated at a recent online debate hosted by The Economist, that our understanding of the cyber lexicon, “hinges on terminology.” It is essential that international governments, institutions, and organisations realize this.

The struggle to differentiate the many nuances of sinister cyber activity is clear. Governments must shake off the parochial cloistered formation of their own cyber vernacular, as it only serves to feed global bewilderment. Moreover, the term ‘cyber warfare’ is seen by many as the argot of doomsayers. This should not be an ‘either-or’ situation. It is essential to comprehend the potential of all malicious cyber actions in order to develop the sanctions and legislations referred to earlier. As a starting reference to inform debate, I offer the following definitions:

  • Cyber Terrorism: A person or group that intends to disrupt, damage or destroy public or private property or seek to terrorise citizens in order to achieve a political, religious or idealistic aim through the means of cyberspace.
  • Cyber Warfare: A state-sponsored attack or response that leads to a sinister engagement through the means of cyberspace, in addition to the use of cyber technology as part of an established conflict.
  • Cyber Espionage: A person, group, or state who penetrates public or private networks in order to gain classified information through the medium of cyberspace.
  • Cyber Sabotage: A person, group, or state who disrupts or damages public or private entities through the medium of cyberspace.
  • Cyber Crime: A person, group, or state who engages in sinister cyber activity out with agreed sovereign and international law through the medium of cyberspace.

I refer to these bespoke characterizations as Cyber TWESC. This acronym offers an explicit set of terminology for the type of known sinister activity that can come from the fifth domain.

Many of the sanctions and consequences relating to activity conducted within these terms are not necessarily exclusive. The reality is that each rule can, on occasion, act as a relative cause and or consequence of another. That is to say a cyber war would most likely incorporate the acts of cyber espionage and sabotage. Cyber TWESC gives clarity and breaks down much of the esoteric language surrounding this emerging platform. It seeks to dissipate the confusing and ill-thought definitions of everyday cyber discussion. This task, however, may require far less attention. It may just need the addition of one word: ‘cyber’. (“All Members shall refrain in their international relations from the threat or use of force [in all domains of warfare, including the fifth: cyber] against the territorial integrity or political independence of any state, or in any other manner inconsistent with the Purposes of the United Nations”). This is the first step in developing a robust, internationally agreed-upon set of definitions that will help lawyers set the legal parameters for this emerging domain.

The growing division between the accelerated evolution of computer networks and the stagnation of policies to govern them is clear. Whilst academics such as Thomas Rid still feel “a cyber-Hiroshima [is] highly unlikely”, no leading authority has gone so far as to discount such a scenario. Instead, they realize that the wars of bullets and munitions have now been joined by an untouchable ether and that the wars of technological intelligence have begun.

Ash J. Hunt is a student reading Ancient History & Philosophy at Royal Holloway, University of London. He maintains a deep interest in foreign affairs and political policy (particularly concerning defence/intelligence/security).

Photo: Guerric (cc).

The views presented in this article are the author’s own and do not necessarily represent the views of any other organization.