16 May 2015

The Cyber Day After: Will the Advent of Cyber Warfare Destroy the Global Internet?


Today, understanding national security means understanding the ‘cyber’ dimension of warfare. For the last twenty years we have lived in a world where every day more people gain access to the global online commons and benefit financially, politically and educationally from that access. The concept of cyber warfare, taken to its logical extreme, will threaten the very nature of the global commons and force policy makers to improvise strategies to defend it.

The tools, tactics and strategies of cyber warfare are rapidly evolving in complex ways – a process that will be greatly accelerated in the event of conflict between two or more nation-states with mature cyber capabilities. While it is impossible to predict exactly how cyber warfare will shape the future battlespace, a sustained cyber conflict will likely pose an existential threat to the global, lightly regulated internet most liberal democracies know today. The Chinese model of the internet (a tightly regulated national network with few connections to the global system) will likely seem increasingly attractive to policymakers under intense political pressure to stop the constant barrage of foreign cyber-attacks. The global consequences of a shift to such a system would be devastating to the current paradigm of free-flowing information upon which much of the global economy is based.

War As Geopolitical Phase Change: Chaotic Systems and Phase Changes


What will the global system look like after the next phase change?

Imagine a straight line composed of individual dots on a piece of graph paper. The line moves left to right. At a certain point along the line the dots begin to jump around and the line breaks up. Eventually the points are drawn together and reform a line. If you draw a box around the points between the two smooth segments of your line, the points inside that box will be scattered, without any rhyme or reason. In this example, the line is an orderly system, moving in a way that is understandable and predictable. The box that bounds the sporadic points is the outline of a chaotic system. The activity within the box seems strange and erratic.

The graph can be used as a model of human experience. Typically, events proceed in a way we can understand and plan for – a linear progression – but sometimes the nature of events becomes chaotic and we find ourselves unable to make sense of the world around us. War is the ‘phase change’ period of geopolitics, an inherently chaotic state during which unlikely or seemly insignificant events can play outsized roles in shaping the course of events. Once a person or a civilization is affected by war, the effects can be almost impossible to model. Who in early 2001 envisioned a major American deployment to Afghanistan by the end of the year? Importantly, the effect of war on technology can be also nonlinear and impossible to model.

Cyber at the Threshold of Phase Change

Highly specialized weapons of cyber warfare already exist in the form of STUXNET-class worms. Those weapons have already demonstrated an ability to inflict massive damage on targeted industrial systems. Clearly, cyber weapons will play a role in future conflicts, but it may be impossible to model the extent to which they will reshape the battlefield.

We are likely standing at the end of the first ‘linear’ period of the history of cyber warfare. Over the last two decades, crude denial of service attacks have evolved into more sophisticated distributed denial of service attacks. Vulnerabilities in operating systems have been used to exploit industrial control systems previously thought to be safe from manipulation due to the ‘air gap’ separating these control systems from the internet (in the case of STUXNET, the virus was introduced via a USB thumb drive). Cyber tactics are being developed, tested, combined, and retested on a daily basis.

If this already seems like a hopelessly complex problem to solve, I’ve got bad news for you. Kim Zetter, in her novel Countdown to Zero Day, states that, to date, the total volume of cyber-attacks conducted by nation states still only numbers in the hundreds, and those attacks largely have been conducted independent of conventional military actions. A notable exception, the ‘cyber salvo’ that Russia launched against Georgia immediately before Russia’s 2008 invasion, made headlines, but was only the beginning. Several hundred attacks sounds like a lot, but it’s still a small enough number that each attack can be studied and understood. Sustained conflict between any of the mature cyber powers (US, Israel, China, Russia, France, and Iran) will exponentially increase the number and complexity of attacks. Such a conflict will herald the beginning of the phase change.

At the Other End of the Chaotic Interval (The Example of Border Controls)

Navy Petty Officer 2nd Class Jessica Cummins performs her duties at the U.S. Fleet Cyber Command Maritime Operations Center at Fort Meade, Md., Oct. 3, 2012. Fleet Cyber Command serves as the Navy component command to U.S. Strategic Command and U.S. Cyber Command, and is the Navy’s central operational authority for cyber, networks, cryptologic/signals intelligence, information operations, electronic warfare, and space capabilities. DOD courtesy photo

Though it’s impossible to model the way that cyber warfare will evolve once the phase change begins, we can still speculate, as many security experts have, about how a sustained cyber campaign might affect our world. The doomsday scenarios trotted out repeatedly over the last decade have become depressingly familiar: the banks will crash, satellites will fall out of the sky, and the dams will be blown open, flooding everything. Each of these scenarios imagines a particular cyber tactic being violently directed against a defenseless target. These scenarios contain two problematic misconceptions. The first problem with all these scenarios is that they presume to know which tactic (targeting banks, satellites, and dams) will be adopted by cyber actors. It’s impossible to know for sure which tactic will be adopted because that decision will likely made during wartime and hence occur during the chaotic interval when nothing can be safely predicted. The second problem is that these scenarios fail to appreciate the ways in which systems under attack will evolve to defend themselves. Warfare is a struggle between forces. Even if targeted nations are slow to understand what’s occurring, they will eventually develop strategies to counter cyber threats.

To use an analogy from the early 1900s, before World War I it was possible for a French citizen to travel from France to China with little or no documentation. The pre-World War I era was one of globalization – the states of Europe had not yet developed the mechanisms of border control we now associate with the inter-war and Cold War periods (imagine the fortified checkpoints surrounded by concertina wire and frowning soldiers crouched in machine gun nests).

After World War I, the surviving states all implemented strict border controls. They did this despite the cost and the detrimental effects that checkpoints have on trade and commerce. The risk of uncontrolled borders was just too great. In many cases these control measures lasted until the early 1990s when the European Union made a concerted effort to remove those barriers and expand the freedom of movement of goods and people throughout Europe.

The Fate of the Global Internet

Today’s internet is a truly global phenomenon. Users in the United States can easily access websites hosted in Russia, Poland, France, Kenya or Iran. These connections are lightly regulated by most nation states, though China is a major exception. These connections are also highly lucrative. The global internet has allowed financial institutions to quickly and efficiently synchronize operations around the world. Without the internet, there would be no online ordering or ‘just in time’ manufacturing chains. The social and economic benefits of a direct, unpoliced US – Russia internet connection outweigh the risk of, say, a concerted effort by Russian cyber actors to infiltrate the US banking networks. That may not always be the case.

The response of European states to the violent chaos released by World War I was to severely restrict inter-state economic traffic and the movement of people across borders. A similar phenomenon may occur following the first sustained conflict by major cyber actors. While countries may not completely choke off their citizens’ access to web addresses hosted in hostile nation states, it may be incumbent upon those countries to severely restrict that access in the name of network security. China has already moved in this direction by creating the Great Firewall, a system that strictly regulates the points where China’s internet connects to the rest of the global commons. President Putin recently called on Russia to build its own internet, calling the existing global internet a ‘CIA project.’

The movement away from a global Internet and toward a system of national or regional networks (North Atlantic, EU or North American for example) is one possible outcome of a future cyber conflict. While there is no guarantee that such segmentation will occur, it follows from the way that nations typically react to security crises for which they are unprepared. In a word; they ‘overreact,’ and tend to put heavy-handed structures in place that can take generations to remove (see also, post-9/11 airport security in the US). For the reasons outlined above, it is likely impossible to know exactly how a cyber-conflict will change our world… but human nature doesn’t change much. If we fail, as a nation, to appreciate the degree to which cyber conflict will change our world, we will likely make short-sighted decisions in the heat of the moment that may take a long time to fix. We should start grappling with the implications now, while we’re still in the linear phase and have some control over events.

No comments: