Pages

21 July 2018

Cyber warfare: the dawn of a new era for which we are thoroughly ill-prepared

David Rothkopf

With the attention of much of the world drawn to the Nato summit last week, the meeting between Russia's Vladimir Putin and US President Donald Trump in Helsinki and the on-going investigation into Russian interference in the US election, it is striking that the most important connection between these events has been largely overlooked. What is more, that connection has broad resonance for every region of the world, including the Middle East. It turns not on personalities or politics but on the dawning of a new era in global affairs for which all are ill-prepared. What the indictments brought by US special counsel Robert Mueller last Friday against 12 officers of the Russian military intelligence service illustrate is that for several years the US and Russia have been engaged in the world’s first major cyber war.


There have been skirmishes in the past, even damaging blows, from the US “Olympic Games” attack on Iranian nuclear facilities to North Korea’s attack on Sony. But the Mueller indictment confirmed what many have surmised all along: the Russian government has authorised and engaged in a massive campaign to undermine American democracy.

Further, US director of national intelligence Dan Coats declared on Friday, in remarks clearly timed to impact the Trump-Putin summit, that the Russian campaign is on-going and poses a threat to the US elections scheduled for 2020.

We are also learning daily of the scope of the simultaneous Russian attacks in Europe – perhaps tipping the scales in the UK’s Brexit referendum and seeking to impact elections in France, Germany, Italy and elsewhere.

In other words, the Nato alliance has been under constant attack for the past several years and the consequences have been material – undercutting the EU and putting in place a US leader who appears to have served Russian interests and, as we saw last week, battered the ties that bind Nato together.

Had such an attack involved the firing of a single shot or the destruction of a single building, Nato’s Article 5 would have triggered an immediate counter-response. But there is no Article 5 provision for cyber-attacks.

Indeed, Russia has exploited vulnerabilities not just of open societies susceptible to information warfare – but of old institutions like Nato, with next generation forms of warfare, for which they have no playbook, doctrines or treaty provisions.

The very deniability of cyber warfare makes the Helsinki summit possible, with both parties seeking to put a good face on things and thus both with an incentive to sweep the small matter of an on-going war against American democracy under the rug.

In short, while Mr Trump chided Nato members for their failure to hit defense funding targets, Mr Putin was able to attack Nato with relative impunity. This suggests a flaw within the institution that, if not addressed, will do more to undermine it than anything Mr Trump might seek to achieve, despite his diplomatic bull in the china shop approach.

Old-fashioned alliances need to be rethought to address next generation threats and the appropriate responses to those threats.

Nato needs a cyber Article 5. And regions like the Middle East that are in dire need of new security alliances need those partnerships to be constructed in ways that anticipate the new reality: that the conflicts of the future will often not resemble those of the past.

This means not only that institutions must be conceived of and designed with considerable foresight on the part of their architects but that the participating nations will need to retool their militaries to be able to defend against next generation threats and retaliate effectively and proportionately. Further, such capabilities will have to be consistent with international norms that have yet to be devised.

Beyond this, there must be a recognition that remaining a competitive international power and ensuring security in the cyber era will require a major realignment of priorities and reapportionment of assets to create necessary capabilities within governments.

But even that will not be enough. As most cyber targets will be in the private sector, most cyber technologies will be developed there and most cyber talent will reside there. So, it will be essential to develop new kinds of public-private partnerships to develop and maintain capabilities in this new realm.

Further, this will require cultivating national human resources via science and technology education and via dramatically increased spending on research and development – an area in which many of the countries of the Middle East lag the world dramatically.

Absent such an investment, the future security alliances of the region will not only be incapable of harnessing the power of next generation technologies, they will be left to defend themselves against 21st Century threats with obsolete 20th Century resources and thinking.

As we have seen in the past week, even among the countries of the world most advanced in these areas, keeping up with them is a great challenge – and the costs of failure to do so are enormous.

No comments:

Post a Comment