The Specter of Cyberwar, Part I

ISR-cyber-theme.jpg

For more than 20 years, experts have warned of the potential for cyberwar. Today, as more countries develop and operationalize offensive cyber capabilities and new geopolitical challenges emerge while longstanding conflicts persist, is cyberwar the serious threat that experts have long warned? Part 1 of this two-part series examines significant historical and recent developments that have set the stage for cyber conflict.

In the summer of 1989, American political scientist Francis Fukuyama published an essay entitled “The End of History?” in the international affairs journal The National Interest. Fukuyama’s title and argument originate in a concept that writers and thinkers have explored for centuries. “The end of history” refers to a point in time when the evolution of human society and economy arrives at a single, prevailing type of government.

With a few exceptions – Karl Marx among them – many thought government’s final form would be a liberal democracy, very likely with a capitalist economy, and Fukuyama agreed. In the essay, Fukuyama wrote:

The triumph of the West, of the Western idea, is evident first of all in the total exhaustion of viable systematic alternatives to Western liberalism. In the past decade, there have been unmistakable changes in the intellectual climate of the world’s two largest communist countries, and the beginnings of significant reform movements in both.

From April to June 1989, just before Fukuyama published his essay, the Tiananmen Square protests occurred in China. In November 1989, the Berlin Wall fell. Within two years, the Soviet Union collapsed. Over the next decade, Western liberal democracy and capitalism would influence socioeconomic aspects of Russia and China, the two largest and most influential nations to resist liberal democratic ideals.

In March 1989, a British software engineer named Tim Berners-Lee wrote and submitted a proposal to his supervisor at CERN. Entitled “Information Management: A Proposal,” it is today recognized as the conceptual birth of the World Wide Web.

By October 1990, Berners-Lee had developed three enabling technologies for the World Wide Web: HyperText Markup Language (HTML), Uniform Resource Identifier (URL), and Hypertext Transfer Protocol (HTTP). In April 1993, CERN announced that Berners-Lee’s technologies would be made available to everyone worldwide for free in perpetuity. The World Wide Web had arrived.

Geopolitical themes and technological factors still at play in today’s nation-state cyber conflicts were set.

Cyber’s Role in Geopolitics Grows

Throughout the 1990s, globalism and the World Wide Web fueled optimism in the West that seemed to vindicate Fukuyama’s claim of the “end of history.” But, as Fukuyama predicted, some conflicts would persist, as would ongoing challenges to liberal democracy, although he believed that liberal democracy would win “in the long run.”

As the 21st Century began, Russia elected as its president Vladimir Putin, a former KGB spy with authoritarian tendencies. Under Putin, Russia developed formidable cyber capabilities, which it has been accused of using for cyber espionage and cyberwarfare. Russia has also been accused of allowing cybercriminal gangs, dubbed the Russian Business Network, who target Western institutions and individuals, to operate with impunity.

China continued to adopt capitalism within its borders and to trade with international partners while maintaining a firm communist political order. China also has been accused of engaging in extensive cyber espionage and the theft of intellectual property from Western private companies.

And, although not exclusively state-driven, fundamentalist terrorists carried out violent attacks in attempting to undermine democratic ideals – both within the U.S. and abroad. Terrorist organizations such as the Islamic State of Iraq and Syria (ISIS) and al Qaeda have leveraged cyberspace for training, recruitment and information operations.

In distinct ways and for specific goals, Russia, China and international terrorist organizations continue to use cyberspace to challenge liberal democratic and market capitalist ideals.

One of the most visible attempts to undermine the Western democratic process allegedly occurred during the 2016 U.S. presidential election. U.S. intelligence agencies have accused Russia of hacking into computers to steal information about Democrat Party candidate Hillary Clinton, her campaign staff and her campaign. The Russian government denies the allegations.

WikiLeaks then published the stolen information, although founder Julian Assange has denied that Russia gave WikiLeaks the information. The declassified U.S. intelligence report released on Jan. 6 was careful to note that Russia’s “influence campaign” did not affect vote counts: “[The Department of Homeland Security] assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.”

Stealing and publishing information to discredit political figures or damage their reputations typically would be categorized as foreign intelligence activities or information operations. But U.S. Senator John McCain, R-Ariz., called Russia’s alleged activities “an act of war.” When questioned on Russian hacking of U.S. elections by McCain during a U.S. Senate Armed Services Committee hearing on Jan. 5, Director of National Intelligence James Clapper testified, “Whether that constitutes an act of war is a very heavy call that I don’t think the intelligence community should make.”

The Specter of Cyberwar

Experts have warned of the potential for cyberwar since the birth of the World Wide Web. In 1993, RAND Corporation’s John Arquilla and David Ronfeldt published a paper entitled “Cyber War is Coming!” The paper is widely recognized as introducing the topic of cyberwarfare for public debate. The authors argued that networked information technologies would increasingly play a central role in warfare.

Since the early 1990s, governments worldwide have invested heavily to develop capabilities in cyber espionage and cyberwarfare. (Experts distinguish cyber espionage from cyberwarfare.) There seems to be no slowdown today. P.W. Singer, author of Cybersecurity and Cyberwar: What Everyone Needs to Know, noted that more than 100 governments have developed some capability for a cyber-military command. In congressional testimony on Jan. 5, Clapper said 30 countries are now developing offensive cyber capabilities.

Neither are countries keeping their intentions and activities secret. Even before the release of the U.S. intelligence community’s declassified findings on Russian hacking of the 2016 U.S. election, President Barack Obama and Vice President Joe Biden remarked openly on retaliating against Russia – in cyberspace and by other means.

In a December 2016 blog, the Council on Foreign Relations (CFR) observed that in 2016 the U.S., U.K. and Australia all admitted their militaries used offensive cyber capabilities:

This year marked a turning point in military uses of cyberspace. For the first time, the United States, United Kingdom and Australia acknowledged deploying offensive cyber tools against the Islamic State. The fact that the United States, China, Russia and others break into adversary computer networks is not new – intelligence organizations have done so since the early 1990s. But openly acknowledging that a military, as opposed to largely civilian intelligence organizations, is using malware to gain an advantage during an armed conflict breaks new ground.

In particular, CFR noted the significance of Defense Secretary Ash Carter’s statement in February 2016 on “dropping cyber bombs.”

To date, there have been only glimpses of what cyberwarfare might look like, and each potential case study involves varying levels of uncertainty. The Estonian government accused Russia of a cyberattack on its infrastructure in 2007, which knocked out the country’s internet. The Russian government denied involvement in the attack, and forensic evidence supporting the Estonian government’s claim of direct Russian government involvement has proven inconclusive. In 2008, an ethnic Russian living in Estonia was convicted of the incident.

In 2007, Israel reportedly hacked Syria’s Russian-made air defense system during a successful campaign to bomb a North Korean facility allegedly developing nuclear weapons within Syria’s borders.

In 2008, Russia allegedly combined cyber and conventional military tactics during a land dispute with the country of Georgia. The Russian government denied it was behind the cyberattacks.

To date, there has been no example of what all-out cyberwar might look like. Instead, nation-states and international terrorist organizations are using cyberspace in more ambiguous ways to antagonize each other and further their interests.

Today’s “Gray Warfare”

Some experts and observers believe we are already in a prolonged type of conflict called “gray warfare.” Soviet-born British journalist Peter Pomerantzev has written about gray warfare and gray-zone conflicts at length. In his view, the U.S. is currently in ongoing gray warfare with Russia, China, and ISIS. Pomerantzev characterized gray warfare as follows:

Described by scholars as “hybrid,” “full-spectrum,” “non-linear,” “next-generation,” or “ambiguous” — the variations in the description indicate the slipperiness of the subject — these conflicts mix psychological, media, economic, cyber and military operations without requiring a declaration of war.

Retired Navy officer James D. Durso has argued that we are in “Phase Zero” of a war with Russia, which is using the old Soviet technique of “active measures” to “shape the battlefield.” Dorso’s characterization of Russia’s active measures sounds similar to Pomerantzev’s gray warfare:

This is the new “always war” – the hybrid warfare that President Putin is waging using what the Soviet Union called “active measures.”  In addition to hacking and disinformation, hybrid warfare includes bribery, blackmail, and covert activities aimed at undermining the political stability of Western countries by funding fringe or “protest” political parties; leveraging oligarchs with KGB backgrounds to buy media, politicians or political office; paying agents provocateurs in migrant communities to encourage outrageous behavior that inflames anger at incumbent leaders; and using committed agents of influence to promulgate the party line.

Moscow-based investigative journalist Andrei Soldatov has described how Russia has sought to use cyber – both at home and abroad – as a means for the Soviet tactic of “kompromat,” the disclosure of information to hurt opponents.

Pomerantzev has analyzed China’s use of gray warfare tactics in its Three Doctrines of Warfare, which include legal, media and psychological warfare. Pomerantzev also has analyzed ISIS’s use of social media and online tactics in its ongoing information warfare.

One gray warfare tactic increasingly drawing scholars’ attention is the use of narrative to influence audiences and advance agendas. Brad Allenby and Joel Garreau, co-directors of the Center on the Future of War, have analyzed “weaponized narrative,” as used by nation-states and terrorist groups in conflicts ranging from the American presidential election and Brexit to conflicts in Ukraine and the Baltics. Allenby and Garreau wrote:

Weaponized narrative seeks to undermine an opponent’s civilization, identity and will by generating complexity, confusion and political and social schisms. It can be used tactically, as part of explicit military or geopolitical conflict; or strategically, as a way to reduce, neutralize and defeat a civilization, state or organization. Done well, it limits or even eliminates the need for armed force to achieve political and military aims.

Cyber is today an important component of gray warfare, representing the convergence of what once was called electronic warfare and information operations. As all of the techniques outlined above illustrate, the goal of information operations is to influence opinion, which differs in its objectives and techniques from what might happen if gray warfare ever escalates to all-out cyberwar.

Part 2 of this series examines key issues around and the potential effects of all-out cyberwar.