Steve Andriole
There are lots of assessments of national digital maturity. Bhaskar Chakravorti, Ajay Bhalla and Ravi Shankar Chaturvedi published an excellent article on digital competitiveness in the Harvard Business Review where they indexed 60 countries’ digital competitiveness. IMD developed World Digital Competitiveness rankings which yielded ten “winners”: While these countries are deservedly proud of their rankings, they should also be fearful: the greater a country’s digital maturity, the greater its vulnerability. This simple equation makes the US, the UK, Japan and other digitally competitive countries far more vulnerable to cyberwarfare than those that are digitally underdeveloped. This irony is not to be discounted.
Is Anyone Home?
We’ve seen this movie before. In-your-face indicators of trends swirling around and many, if not most, of the swirlees in denial. The most recent examples include business disruptions (Blackberries, Blockbuster, Toys-R-Us), political disruptions (Brexit, China), and technological disruptions (social media, autonomous vehicles, augmented reality).
Most disruptions happen faster than anyone expects. We’ve been in a serious cyberwar now for well over a decade. But how much have you heard about it? Can you say where it’s being waged and who’s fighting whom? Can you describe what cyberwarfare weapons are being used to wage cyberwars? Can you identify who the cyberwarfare superpowers are? Do you know who’s winning?
Is Anyone MADD Yet?
Remember MAD – Mutually Assured Destruction? MAD protects the world from nuclear Armageddon simply because of unacceptable retribution. If you attack me, as the doctrine goes, I will attack you, and we both die. Everyone understands the inevitable outcome of global nuclear war, so no one starts one. While new actors challenge the MAD doctrine from time to time, the world has avoided nuclear war since the original MAD doctrine was defined.
The definition of MAD now requires another “D” for – what else? – “digital.” Unfortunately, since there’s no global parity regarding cyber weaponry, the new MADD doctrine is still undefined, undocumented and unsigned. Said differently, the US has fallen behind in the cyber arms race – which is especially ironic given US leadership in most all things digital. Worse, no one even knows who’s on the parity list today or who might be joining the MADD club in the future – a club that’s always open.
Early Weapons Testing
While there are still hot conventional wars everywhere, there are digital wars raging across the world fought by digital troops that never sleep. Here are just a few examples from TechTarget that should attract much more attention than they’ve received:
“TheStuxnet worm, which was used to attack Iran's nuclear program in 2010 … while the United States and Israel have both been linked to the development of Stuxnet, neither nation has formally acknowledged its role.”
“In March 2014, the Russian government allegedly perpetrated a distributed denial-of-service attack that disrupted the internet in Ukraine, enabling pro-Russian rebels to take control of Crimea.”
“In May 2014, three days before Ukraine's presidential election, a hacking group based in Russia took down Ukraine's election commission's system, including the country's backup system.”
“Hackers associated with the government of North Korea were blamed for the 2014 cyberattack on Sony Pictures after Sony released the filmThe Interview, which portrayed the North Korean leader Kim Jong-un in a negative light.”
“A 2015 attack on the German parliament, suspected to have been carried out by Russian secret services, caused massive disruption when the attack infected 20,000 computers used by German politicians, support staff members and civil servants.”
“In 2015, cybercriminals backed by the Chinese state were accused of breaching the website of the U.S.Office of Personnel Management to steal data on approximately 22 million current and former employees of the U.S. government.”
“Chinese cybercriminals have been implicated in the theft of U.S. military aircraft designs, an incident that caused then-president Barack Obama to call for a treaty on cyberarms control.”
“In December 2016, more than 230,000 customers in Ukraine experienced a blackout, the result of remote intrusions at three regional electric power distribution companies. The attack was suspected to originate from Russia. The perpetrators flooded phone lines with a DoS attack and also used malware to attack and destroy data on hard drives at the affected companies.”
“Three hospitals in the UK were forced to halt operations and cancel hundreds of scheduled surgeries after a computer virus froze the IT system of theNational Health Service (NHS).”
NPR reported that “Russian hackers had the ability to shut down U.S. power plants,” and Bloomberg and The Japan Times reported that the attacks included the aviation system.
Cyberwarfare is every day, all the time. What role should technologists play in the war? What role should governments play? What role should corporations play? What role should the military play? NGOs? What kind of leadership is required? What’s the plan!?!?
Digital Weapons are Cheap
Without a new MADD doctrine, cyberwarfare will become increasingly deadly. Despite what Yoda says, the dark side can defeat the force. Victory is the result of parity, just like the old cold war. But digital’s a cheaper war for sure, which makes it a war with many adversaries, not just the nine MAD members of the so-called Nuclear Club. The Achilles’ Heel of cyberwarfare is cyber itself: the greater the network connectivity and digital maturity of a country, the greater its vulnerability. This simple equation makes the US and other connected countries far more vulnerable to cyberwarfare than those that are digitally underdeveloped. Much worse, even “digitally underdeveloped” countries can enter the cyberwarfare arms race without much investment at all, especially when such investments are compared with, for example, building aircraft carrier groups or squadrons of fighter jets.
Open Memberships
Digital strategies and tactics are evasive and complex. They also require constant attention. What “works” today will not work tomorrow. The nuclear strategists of the 20th century cannot develop today’s digital strategy. They do not understand digital vulnerabilities or digital weaponry. Nor do they understand how easily tiny digital investments can generate massive digital returns – which is the exact opposite calculus of nuclear weapons investments of the 20th century. While everyone is still looking at the ever-so-slowly increasing number of members of the Nuclear Club, the real threat comes from a Digital Club anyone can join
No comments:
Post a Comment