02
geopolitical handbooks
moderndiplomacy
THE COMING CYBER STORM
Examining the Russia-US-China
Hacking Nexus
moderndiplomacy.eu
GIANCARLO ELIA VALORI
Advisory Board Co-chair Honoris Causa
Professor Giancarlo Elia Valori is an eminent Italian economist and
businessman. He holds prestigious academic distinctions and national
orders. Mr Valori has lectured on international affairs and economics
at the world’s leading universities such as Peking University, the Hebrew University of Jerusalem and the Yeshiva University in New York.
DR. MATTHEW CROSSTON
Dr. Matthew Crosston is Vice Chairman of Modern Diplomacy and
member of the Editorial Board at the International Journal of Intelligence and Counterintelligence.
LAURA GARRIDO
Laura Garrido is currently inishing her Master’s degree in the International Security and Intelligence Studies Program at Bellevue University
in Omaha, Nebraska, USA. Her primary research interests cover the
post-Soviet space and the ight against radical Islamism.
DAVID DAVIDIAN
David Davidian is an Adjunct Lecturer at the American University of
Armenia. He has spent over a decade in technical intelligence analysis
at major high technology irms.
MAHMUDUL HASAN
Mahmudul Hasasn is Lecturer of Law at the University of Development
Alternative (UODA), Bangladesh.
ANONYMOUS
Anonymous is currently a graduate student in International Security
and Intelligence Studies at Bellevue University and works within the
US governmental system. The opinions expressed are strictly personal
and do not relect a formal endorsement of or by the United States’
government and/or Intelligence Community.
the gRand cYbeR spY gaMe
can aMeRica eVeR Match RUssian
cYbeR innoVation?
china & RUssia: cYbeR coUsins
bUt not cYbeR bRotheRs
a peRFect cYbeR stoRM
does RUssia haVe a neW WaY
to Wage WaR?
ManUFactURed bogeYMan
the Us intelligence
and pResident donald tRUMp
Fsb's snoWden WaR
a WeaponiZed cYbeR coMMons
the Fsb and sigint
inteRnational cYbeR secURitY
coopeRation
the challenge oF the indigenoUs
aRMs indUstRY
The Coming Cyber STorm
Examining the Russia-US-China Hacking Nexus
t
There can be no denying the importance of cyber-conlict and the potential of cyber-war in the 21st century. What was once restricted to
the screenplays of Hollywood science iction writers now seems to be
an essential component of any modern conlict. In fact, as our readers
will see with this anthology from the Modern Diplomacy, cyber
weapons may indeed eventually come to be seen as a preferred
method for initially waging war and starting conlict, ultimately replacing the more tried-and-true traditional kinetic operations. We investigate this reality here by looking at the three dominant global
players responsible for most of the major cyber initiatives taking place
today: the United States, the People’s Republic of China, and the Russian Federation. We call this triumvirate the ‘hacking nexus’ because it
is difficult to research any major cyber event in the 21st century that
has not involved one or more of these three rivals.
modern diplomacy
moderndiplomacy.eu
And these events do not transpire in a political vacuum: they are indicative of a new technological foreign policy that signals these three
countries in particular will be able to iniltrate and insert themselves
into the affairs of just about anyone, if they so wished. This kind of invasive power needs to be chronicled and analyzed and this anthology
is but the irst small step to open that discussion. As is always our style,
Modern Diplomacy does not label any one country the villain or any
state the ‘good guy.’ We do not believe the world of cyber actually has
black hats and white hats (pun intended). Instead, we believe the
world of cyber makes politics, war, and diplomacy a sometimes hopeless and long-lasting cloudy grey. But as is always the case with research from the Modern Diplomacy, it is our faith in bringing complex
issues into greater detail, and contributing knowledge to subjects that
seem to enjoy remaining obfuscated, that gives us hope for inding
new opportunities for understanding, collaboration, and conlict resolution.
So, we hope you enjoy this effort and truly ind the information contained within a step in the right direction for making you more informed, more enlightened, and more willing to investigate the
problem deeply, accurately, and powerfully. In a world full of misinformation and disinformation, may the readers of our anthologies be
the light shining such shadows away into oblivion.
Dr. Matthew Crosston
Vice Chairman, Modern Diplomacy
The coming cyber STorm
D r . m aT T h e w C r o S S T o n
& anonymouS
The Grand Cyber
Spy Game
Russia, America, & China
Stealing the World
One Byte at a Time
e
Every month another story of cybertheft linked to China or Russia
emerges. Recent data breaches at Target, United Airlines, Blue Cross
Blue Shield, and OPM have been linked back to Russia, while theft of
key technology across major Department of Defense contractors such
as Lockheed Martin and US government laboratories have been linked
to China.
Neither China nor Russia’s government formally admit to leveraging
the internet to steal secrets from other countries but hacks have been
linked directly to their intelligence services’ respective buildings or individuals known to be under governmental inluence.
The Coming Cyber STorm
International cyber incidents in Ukraine,
Georgia, and Estonia have all been apparently linked back to Russia while the Canadian government recently set up domestic
cyber-protection programs after several
major corporations were hacked by Chinese
intelligence. The US government struggles
on how to approach these cyber intrusions.
Should they be ignored so that other foreign
policy initiatives can move forward?
Are these initiatives acts of war or a new
method of state gamesmanship? Do these
collections of vast amounts of information
count as high treason/espionage or simple
economic theft? Environmental negotiations
just about broke down several years ago
when President Obama called out China for
hacking several governmental systems during the negotiations. What does all of this
signify as Russia and China become more important strategic world partners, while still
at least semi-maintaining long-held intelligence and military adversarial attitudes toward the US? Welcome to the REAL cyber
era, where multiple players try to steal the
world one byte at a time while pretending to
do nothing of the sort.
The Chinese, American, and Russian intelligence services have no issue launching clandestine internet attacks to pursue what they
all consider to be legitimate national security
and foreign policy objectives. Sometimes
the information collected is economic, directed against or about important corporations; other times the information is military
and political. In all cases the information is
highly strategic.
moDern DiplomaCy
While it is true that the information the Russian and Chinese intelligence services are
providing to their respective policymakers is
much broader in scope than the CIA or US
Department of Defense, and is arguably
much more domestically invasive than the
FBI or DEA, both Russia and China have successfully started campaigns questioning the
‘purity of purpose’ within American intelligence given the details of the Snowden
scandal. All of which begs questions: should
American intelligence maneuvers match
Chinese and Russian cyber precedence? Is
the American public aversion to cyber collection programs really just a front for a private philosophy that already rivals China and
Russia? Is there something fundamentally
important for states to consider in this style
vs. substance cyber spy debate?
Crucial differences in intelligence organizational culture and mission make iguring
these questions out quite difficult. While the
United States has been quick to leverage
open-source collection for its own programs,
it has supposedly been hesitant to execute
the power of its cyber abilities in invasive, offensive, global scenarios (although this consideration is now being heavily debated in
the classiied sector and some accuse it of already transpiring). This article will attempt to
determine if Chinese and Russian intelligence services have gained a tactical advantage over the United States because of a
political and bureaucratic blind spot, or if the
United States intelligence collection culture
is different only at the supericial level and is
largely the same as its rivals in terms of true
cyber substance.
moderndiplomacy.eu
The irst important aspect in understanding
the Grand Cyber Game is to understand how
the Russian, Chinese, and US intelligence
communities are structured. The United
States is known for the ‘big brothers’ of its IC,
the Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA).
However, there are actually 17 members of
the US Intelligence Community. Some of
these include intelligence offices for each
branch of the US military, Department of
Homeland Security, Department of Energy,
Department of State, Department of the
Treasury, Drug Enforcement Administration,
National Reconnaissance Office (NRO), and
National Geospatial- Intelligence Agency
(NGA). The irst ive use intelligence collection as part of a law enforcement mission,
while the NSA, NRO, and NGA all harvest
data and imagery collection. Traditionally,
the CIA operates overseas and cultivates
human sources while conducting clandestine operations.
The FBI traditionally manages counterterrorism operations domestically, provides investigation support overseas when American
citizens are involved, and acts under an enforcement jurisdiction to maintain the law.
The NSA was established to provide cryptologic services and to protect US information
systems and signals intelligence. It supports
military customers, national policymakers,
and counterterrorism and counter-intelligence communities under the Department
of Defense. However, in a post-9/11 world,
these explicitly deined roles have become
more blurred and opaque as global travel
and transnational collections are intensely
complicated by the internet.Conversely,
modern Chinese intelligence services have
always had domestic and international missions intertwined. China’s Ministry of Public
Security (MPS) was formed in 1954 as a domestic law enforcement agency. It managed
criminal investigations, security protection,
public information network security, traffic
control, legal affairs, counter-terrorism, drug
control, and other anti-smuggling and anticorruption duties. In 1983, the Ministry of
State Security (MSS) was established as the
formal intelligence and security agency of
China for non-military areas of interests. It
has the same authority to arrest or detain
people as the MPS with a nearly identical
oversight mission by the courts, but it is also
a separate, parallel network to the MPS.
The MSS mission is to ensure “the security of
the state through effective measures against
enemy agents, spies, and counter-revolutionary activities designed to sabotage or
overthrow China’s socialist system.” Similar to
the CIA, the MSS gathers foreign intelligence
from targets in various countries overseas
while the MPS gathers information domestically to protect against domestic terrorism
and political coups. Both heavily rely on
cyber collection.
The Coming Cyber STorm
Russia operates with three principal intelligence services. The SVR focuses on foreign
intelligence collection, but mainly with civilian affairs. It is formally responsible for intelligence and espionage activities outside the
Russian Federation. The GRU is the main foreign military intelligence directorate of the
General Staff of the Armed Forces. It is Russia’s largest foreign intelligence agency, deploying at least six times as many agents as
the formal KGB successor, the SVR. The FSB
operates in theory only across the former Soviet Republics and domestically, but having
had its operational portfolio increased in
2003 to include the Border Guard Service
and the Federal Agency of Government
Communication and Information.
The three intelligence services often overlap
and sometimes compete against one another in the recruitment and collection of intelligence sources. Russia also established an
Anti-Terrorist Center that falls under full control of the FSB. The Center’s mandate was to
create a database for intelligence sharing
among the security services of all members
of the Commonwealth of Independent
States (CIS). Although the SVR has promised
not to spy within CIS territories, the FSB has
not. As such, it has become the de facto leading intelligence service for foreign collection
activities for Russia. Interestingly,
Russia has often turned a blind eye to Central Asian intelligence service activity within
its borders, when Central Asian leaders are
making moves against so-called political enemies (these moves are usually abductions
back to Central Asia for detainment).
moDern DiplomaCy
These activities have included both the Chinese MSS and MSP. In 2001, the Shanghai
Cooperation Organization (SCO) was established by China, Kazakhstan, Kyrgyzstan,
Russia, Tajikistan, and Uzbekistan, to work together against terrorism, separatism, and extremism. They established their own
Regional Anti-Terrorist Structure (RATS) that
became the mechanism of choice for carrying out abductions across national boundaries, outside of standard judicial
procedures. RATS operations have been
compared to the CIA’s practice of extraordinary rendition and allow members to detain
suspects in the six participating states outside of any rule of law. The members’ operators are not subject to criminal liability and
they are immune from arrest and detention
within the six states.
The reality is, on an international level, the
intelligence services of all three nations operate with remarkably similar mission goals
and objectives: they wish to protect the national interests of their respective states and
garner advantages for said states via the acquisition of important information. While
Hollywood has often focused on the political
deviance and violence of intelligence missions around the world, the less exciting reality is that intelligence is more often utilized
simply for political leverage. On the domestic level, the United States has long-held the
moral superiority card against rivals like Russia and China, largely based on the democratic system in America supposedly being
more altruistic and legally-minded than the
so-called autocratic-type regimes in Beijing
and Moscow.
moderndiplomacy.eu
Snowden and other details in the past several years have started to
make some at least wonder how much that moralism is built upon a
foundation of sand and not stone. Finally, the stylistic aspect of intelligence public relations is signiicantly different between the three:
the US decidedly tries to maintain an air of secrecy and deniability
over just about everything its Intelligence Community does or needs
to do. Russia and China, while revealing no secrets, tend to be a bit
more unabashed about the role and necessity intelligence plays for
the furthering of state power and do not fear making public statements to that effect anywhere, anytime. For them, therefore, the only
difference between the three great players in the Grand Cyber Spy
Game is the costuming and marketing of their respective goals, but
NOT the ploys, initiatives, and overall desires. When it comes to winning, it seems all three are set and determined to virtually steal, that
is, ‘obtain’ as much as possible. The Grand Cyber Spy Game demands
no less.
The Coming Cyber STorm
Laura garrido
Can ameriCa
ever matCh
russian Cyber
innovation?
i
In February 2015, James Clapper, the Director of National Intelligence
in the United States, announced that the appraisal of Russian cyber capability and intention had been elevated, pushing Russia to the number one spot on the list of countries which pose a major cyber-threat
to the United States. China held the number one spot for years because
of the frequency of attacks on the United States. However, China’s cyberattacks were inancially and economically motivated espionage
rather than outright physical infrastructure attacks. Also, even though
China’s cyberattacks were more frequent, it is believed Russia has more
capabilities but has simply chosen not to use them all yet.
The Coming Cyber STorm
Clapper also stated that Russian cyber saboteurs, spies, and thieves are widening their
attacks against vulnerable American internet
infrastructure, which chips away at US
wealth and security over time.
Clapper’s intelligence assessment details
how Russian cyber actors are creating new
ways to remotely hack into industrial control
systems that run electrical power grids,
urban mass-transit systems, air-traffic control
networks, and oil and gas pipelines. According to private-sector cyber security experts,
these actors have been able to successfully
compromise the product supply chains of
three control system vendors so customers
unknowingly downloaded exploitative malware directly from the vendors’ websites
along with routine software updates. Russia
is seen as an unregulated area as well as a
safe haven for the development and spread
of malicious codes around the world.
According to senior Russian military officials,
its Ministry of Defense is establishing its own
cyber command that will be responsible for
conducting offensive cyber activities, such
as propaganda operations and inserting
malware into enemy command and control
systems. A specialized branch for computer
network operations is also being established
by Russia’s armed forces. This is the consequence of a national security legacy, as Russia was one of the irst nations to move
assertively into the cyber sphere. In 1998,
long before most nations even began thinking about cyber-security, the Kremlin established “Directorate K” to begin operations to
monitor and defend against hackers and
spammers.
modern dipLomaCy
However, in recent years, Directorate K has
taken on a more offensive role in the digital
sphere. Russia has been cyber-attacking the
United States for several years. In 1999, it was
discovered that the Moonlight Maze virus
had been stealing information from the Department of Defense, Department of Energy,
NASA, and military contractors for two years.
In early 2015, Russia hackers were able to access an unclassiied server of the US Department of State. Through this they were able
to penetrate sensitive areas of the White
House computer system and access information such as the real-time non-public details
of President Barack Obama’s schedule. The
FBI, the Secret Service, and United States intelligence community overall are all involved
in investigating the breach and say that it
was one of the most sophisticated attacks
ever launched against American governmental computer systems.
Russia was also able to hack into systems at
the Pentagon in July 2015. The sophisticated
cyberattack affected nearly 4,000 federal
employees when it shut down the Pentagon’s unclassiied email system for the Joint
Staff for nearly two weeks. The attack was
carried out through the use of encrypted accounts on social media and officials at the
Department of Defense stated that the attack involved “new and unseen approaches
into the network.” Fortunately, only unclassiied accounts and emails were involved so
no classiied information was accessed or
taken from the network.
moderndiplomacy.eu
These cyberattack threats from Russia are a
major concern for the United States because
they undermine United States economic
competitiveness and its fundamental belief
in maintaining the secrecy of national security information. As of now, a “cyber armageddon” is not a high risk, but low to
moderate-level attacks over time could pose
serious inancial security risks to the United
States. In the US alone, international hacking
has cost, on average, between 25 billion to
100 billion dollars annually. In 2008, cyber
espionage, including industrial espionage,
intellectual property theft, and theft of trade
secrets caused the loss of more than one trillion dollars worldwide, with Russia always
being cited as one of the main perpetrators.
Russia’s tactics of using cyber-attacks to
block any and all communications from
within a nation-state and its ever increasing
innovative capabilities could have a signiicant negative impact on United States’ security and interests.
What the real question seems to be is not so
much can Russia be stopped but does the
United States have the talent pool to create
similar cadres capable of matching the same
innovation emerging from Russia. Classiied
information and state secrets aside, the jury
on that question, quite frankly, remains out.
The Coming Cyber STorm
D r . m aT T h e w C r o S S T o n
China & Russia:
CybeR Cousins
but not CybeR
bRotheRs
t
There seems to be a strong divergence in perception behind China's
desire to command cyberspace offensively. On the one hand, there is
the assumption that this is a natural manifestation of its growing desire
to achieve global superpower status. On the other hand, there is the
counter-argument that emphasizes China's own perception to be unable to operate effectively against the United States in a conventional
military confrontation. (Hjortdal 2011) Indeed, many Chinese writings
suggest cyber warfare is considered an obvious asymmetric instrument for balancing overwhelming US power. (Hjortdal 2011)
The Coming Cyber STorm
This latter argument is more compelling
based on the stark military realities:
•In overall spending, the United States puts
between ive and 10 times as much money
into the military per year as does China.
•Chinese forces are only now beginning to
be brought up to speed. Just one-quarter of
its naval surface leet is considered modern
in electronics, engines, and weaponry.
•In certain categories of weaponry, the Chinese do not compete. For instance, the U.S.
Navy has 11 nuclear-powered aircraft-carrier
battle groups. The Chinese navy is only now
moving toward the complete construction
of its very irst carrier.
•In terms of military effectiveness, i.e. logistics, training, readiness, the difference be tween Chinese and American standards is
not a gap but a chasm. The Chinese military
took days to reach survivors after the devastating Sichuan earthquake in May of 2008,
because it had so few helicopters and emergency vehicles. (Fallows 2010)
Given this state of military affairs, a Chinese
perception of insecurity is not surprising.
Even more logical is the Chinese resolve to
evolve its asymmetric cyber capabilities:
such attacks are usually inexpensive and exceedingly difficult to properly attribute,
meaning the victim is unlikely to know who
was directly responsible for initiating the attack. It is even more complex for states,
where cyber-attacks can be ‘launched’ from
inside of neutral or allied countries. (Ollman
2011)
moDern DiplomaCy
Given an authoritarian state’s capacity for
paranoia, it is illogical for China to not develop its offensive cyber capabilities. In this
case the weakness - conventional military
strength - is quite real. To that end, the People's Republic of China has endeavored to
create its own set of lopsided military advantages in the cyber domain:
•The Pentagon's annual assessment of Chinese military strength determined in 2009
that the People's Liberation Army had established information warfare units to develop
viruses to attack enemy computer systems
and networks.
•The PLA has created a number of uniformed
cyber warfare units, including the Technology Reconnaissance Department and the
Electronic Countermeasures and Radar Department. These cyber units are engaged on
a daily basis in the development and deployment of a range of offensive cyber and information weapons.
•China is believed to be engaged in lacing
the United States’ network-dependent infrastructure with malicious code known as
‘logic bombs.’ (Manson 2011)
The official newspaper of the PRC, the Liberation Army Daily, conirmed China's insecurity about potential confrontation with the
United States in June 2011. In it, the Chinese
government proclaimed that, "the US military is hastening to seize the commanding
military heights on the Internet…Their actions remind us that to protect the nation's
Internet security we must accelerate Internet
moderndiplomacy.eu
defense development and accelerate steps
to make a strong Internet Army." (Reisinger
2011) Clearly, the Chinese have sought to
maximize their technological capacity in response to kinetic realities. This is not to say
the United States is therefore guaranteed to
be in an inferior position (information about
American virtual capabilities at the moment
remains largely classiied), but the overt investment, recruitment, and development of
Chinese virtual capabilities presents opportunities that the US should also be willing to
entertain.
How does all of this compare
and contrast with the Russian approach to the cyber
domain? Anyone studying
cyber conlict over the last
ive years is well aware of
Russia's apparent willingness
to engage in cyber offensives.
The 2007 incident in which
the Estonian government
was attacked and the 2008
war with Georgia are universally considered examples of
Russia using cyber technology as the tip of their military
spear. While it is true that
Russia actively encourages
what has come to be known
as ‘hacktivism’ and lauds ‘patriotic nationalist’ cyber vigilantism as part of one's ‘civic
duty,’ there are still distinct
differences with China.
Much of Russia’s cyber activity, when not in
an open conlict, seems to be of the criminal
variety and not necessarily tied directly into
the state. Indeed, Russia seems to utilize organized crime groups as a cyber conduit
when necessary and then backs away, allowing said groups continued commercial domination. Russia, therefore, almost acts as a
rentier state with criminal groups: cyber
weapons are the ‘natural resource’ and the
Russian government is the number one consumer. This produces a different structure,
style, and governance model when compared to China.
Parsing Cyber Rogues
The Coming Cyber STorm
Purpose
China's purpose in developing its cyber capability seems motivated by protectionist instincts, based largely on the perception that
it is not able to defend itself against the
United States in a straight conventional military conlict. Russia's purpose seems utterly
predatory. This is no doubt inluenced by the
fact that most of the power dominating
cyber capability in the Russian Federation is
organized and controlled by criminal groups,
sometimes independently and sometimes in
conjunction with governmental oversight.
Psychology
The operational mindset of China seems to
be both long-term and rational. It develops
its strategies based on future strategic objectives and its position within the global community. Most if not all of China's goals in the
cyber domain can be clearly understood if
rational self-interest is taken into consideration. Russia's cyber mindset is dominated by
short-term thinking, largely motivated by
the pursuit of massive proit and wielding inequitable political power. When analyzing
just how much of Russian cyber activity is in
fact controlled by the desire for wealth it is
hard to not have an overall impression akin
to state cynicism.
Style
The atmospheric style in which Chinese
cyber activity takes place is strategic. The
state strives to control the cyber environment and maintain inluence over all groups
in the interest of the state. The Russian cyber
atmosphere unfortunately resembles nothing if not anarchy.
moDern DiplomaCy
The state engages criminal groups whereby
the relationship’s authority structure is
blurred if not non-existent. As a result, there
is little conidence that the government of
Russia exclusively controls its cyber environment.
Governance Model
It is clear that China's cyber governance
model is state-centric. This may not be most
ideal for democracy, but it shows how China
does not allow competing authorities or
shadow power structures to interfere with its
own national interests. Russia's cyber governance model is crimino-bureaucratic. It is
not so much that the state is completely absent from the cyber domain in Russia: it is
rather the ambiguity of power and authority
that deines the cyber domain. Russia may
enjoy claiming the allegiance of its patriotic
nationalist hackers, but it does not in fact
tightly control its own cyber netizens, at
least not in comparison to China.
While both Russia and China are not afraid
to use offensive cyber weapons, there are
dramatic structural, motivational, strategic,
and philosophical differences. Russia seems
to embody a criminal-governmental fusion
that has permeated the entire state apparatus. The cyber domain there is used for temporary forays to achieve state objectives and
then returns to more permanent criminal
projects.
moderndiplomacy.eu
As such, the domain is not truly state-controlled, is relatively anarchic,
and cannot establish any deterring equilibrium. China, on the other
hand, may be the irst state to truly embrace the importance of techwar: it has realistically assessed its own kinetic shortcomings and
looked to cyber for compensation. In short, it has fused Sun Tzu with
Machiavelli: better to quietly overcome an adversary's plans than to
try to loudly overcome his armies.
This analysis paints Russia in a relatively stark strategic light. While
these differences do not give rise to a trusted alliance with China, the
manner in which China approaches its cyber domain presents interesting new ideas about how the US or the West should approach the
global cyber commons. Russia has room to improve still on the cyber
front if its interests are in greater cooperation internationally with the
world’s other great powers. If it prefers its current ‘lone wolf’ approach, then it is doubtful the cyber commons will ever see any organized or honored regime of rules and proper behavior.
The Coming Cyber STorm
Laura garrido
A Perfect
cyber Storm
Russia and China
Teaming Together
u
United States intelligence agencies have listed cyber-attacks as the top
threat to American national security, ahead of terrorism. These threats
are increasing in sophistication, scale, frequency, and severity of impact. Also, the range of actors, attack methods, targeted systems, and
victims are expanding. In February 2015, James Clapper, the Director
of National Intelligence in the United States, announced that the estimation of the Russian cyber threat had been elevated, pushing Russia
to the number one spot on the list of countries which pose the greatest
danger to the United States.
The Coming Cyber STorm
Since the collapse of the Soviet Union, Russia
has faced political, military, and economic
challenges which it worried could mean that
its national interests could be ignored by
other powers. In order to protect their interests defensively, and free up their offensive
capabilities for deployment elsewhere, Russia and China signed an agreement in April
2015 vowing not to attack each other, while
also agreeing to share intelligence and software and cooperate in law enforcement and
investigations. This is a direct challenge to
the United States because not only are Russia and China working together to get ahead
in the energy race but this agreement meant
they were now trying to combine their capacities in the digital world.
China and Russia, by far, have the most sophisticated cyber capabilities in the world.
The offensive cyber capabilities of each individual country was a threat already to the
United States but if they now work together
in earnest the United States could be facing
an unprecedented cyber danger. According
to senior military officials, Russia’s Ministry of
Defense is establishing its own cyber command that will be responsible for conducting offensive cyber activities such as
propaganda operations and inserting malware into enemy command and control systems. A specialized branch for computer
network operations is also being established
by Russia’s armed forces. Computer security
studies claim that unspeciied Russian cyber
actors are developing ways to access industrial control systems remotely. Industrial control systems manage critical infrastructures
such as electrical power grids, urban mass-
modern dipLomaCy
transit systems, air-traffic control, and oil and
gas distribution networks. “These unspeciied Russian actors have successfully compromised the product supply chains of three
ICS vendors so that customers download exploitative malware directly from the vendors’
websites along with routine software updates.”
Russia was one of the irst nations to move
assertively into the cyber sphere. In 1998,
long before most nations even began thinking about cyber-security, the Kremlinbacked “Directorate K”, a government
agency, began operations to monitor and
defend against hackers and spammers. However, in recent years Directorate K has taken
on a more offensive role in the digital sphere.
Russia has been cyber-probing the United
States for many years. In 1999, it was discovered that the Moonlight Maze virus had
been stealing information from the Department of Defense, Department of Energy,
NASA, and military contractors for two years.
In early 2015, Russian hackers were able to
access an unclassiied server belonging to
the United States Department of State.
Through this they were able to penetrate
sensitive areas of the White House computer
system and access information such as the
real-time non-public details of President
Barack Obama’s schedule.
The FBI, Secret Service, and other United
States intelligence agencies were all involved in investigating the breach and said
that it was the most sophisticated attack
ever launched against an American governmental system.
moderndiplomacy.eu
The breach was pinpointed to hackers working for the Russian government based on
“tell-tale codes and other markers,” even
though the intrusion was routed through
computers all around the globe. The attack
was believed to have begun with a phishing
email launched using a State Department
email account that the hackers had previously stolen.
Titan Rain is particularly unnerving because
the attack was meant to be completed in as
little as 20 minutes and was able to target
high-proile agencies such as NASA, the US
Army Information Systems Engineering
Command, the Defense Information Systems
Agency, the Naval Ocean Systems Center,
and the US Army Space and Strategic Defense Installation simultaneously in one day.
China has also recently increased the
amount of time, manpower, resources and
money spent on cyber espionage. China’s
People’s Liberation Army (PLA) includes a
special bureau within its intelligence community speciically managed for cyber espionage. The PLA, according to recent
intelligence reports, is not only capable of
advanced surveillance and collection but
also possesses malware that could take
down foreign electricity and water grids.
However, it seems that China so far has only
been motivated to commit inancial and
economic espionage, rather than any outright physical infrastructure attacks. Nevertheless, the United States has been getting
compromised by China for many years. “It is
estimated that in the last few years, Chinese
hackers have attempted attacks on 2,000
companies, universities, and government
agencies in the United States.” In 2003, China
launched Titan Rain against United States
military and government agencies. Titan
Rain targeted US defense networks in an attempt to obtain conidential national security information. While no information was
reported as stolen, it was considered to be
one of the largest attacks in cyber espionage
history.
These cyber threats from Russia and China
were always a major concern for the United
States because they undermined American
economic competitiveness and at least tried
to compromise national security interests. As
of now, a “cyber armageddon” may not be a
high risk but low to moderate-level attacks
over time could pose serious inancial and
security risks to the United States. Especially
if this supposed cyber alliance ever truly
takes root and begins to create new innovative cyber strategies for attacks. “In the
United States alone, the value of the information that is compromised due to international hacking is somewhere between 25
billion to 100 billion dollars annually.”
With Russia’s tactics of using cyber-attacks to
block any and all communications from
within a nation-state and China’s habit of
economic and inancial cyber-attacks, the
two countries combining could be a perfect
storm of political and economic havoc that
may not yet have the United States’ proper
attention and deterrence capacity.
The Coming Cyber STorm
Laura garrido
Cyber-prepping
the battlefield
Does Russia have a New Way
to Wage War?
a
According to the Bloomberg report, Russia may leverage vulnerabilities in critical infrastructure, including large banks, stock exchanges,
power grids, and airports, as pressure points against the West. Ashmore (2009) says the future of Russian cyber warfare is offensively
poised. Mshvidobadze (2014) also claimed that analysts examining espionage malware of apparent Russia origin indicate a preparation of
the battleield for cyber war. Russia is developing information warfare
capabilities such as computer network operations, electronic warfare,
psychological operations, deception campaigns, and mathematical
programming impact.
The Coming Cyber STorm
Ashmore (2009) agrees that Russia is developing new information war strategies with
the use of hackers that support Russian government information specialists, providing
Russia with assets to use during future cyber
conlicts. Heickero (2010) also identiies the
main organizations responsible for offensive
and defensive cyber capabilities as the Federal Protective Service (FSO), the Federal Security Service (FSB), and the Main
Intelligence Directorate (GRU). Russia’s approach to information warfare and information operations differs from that of Western
countries to some extent. Russia sees information as a valuable asset that has strategic
value and is a key factor for the stability of
the state, for the regime, and for inluential
actors.
According to Dr. Matthew Crosston, one of
the leading experts both in cyberwar and
Russian foreign policy, part of the reason
why Russia is such a major threat to the
United States is not only its increasing capabilities but the reasoning and psychology
behind its attacks and development of such
capabilities. Russia’s purpose in developing
cyber capabilities seems to be predatory in
nature.This predatory purpose is heavily inluenced by “the fact that much of the power
dominating cyber capability in the Russian
Federation is organized and controlled by
federal security agencies but also quasi-outsourced to criminal groups, sometimes independently and sometimes in strict
conjunction with governmental oversight.”
Crosston also notes the cynical cyber mindset of Russia is somewhat controlled by
short-term thinking that has massive proit
and political power-wielding motives.
modern dipLomaCy
While not all cyberattacks originating in Russia come from the state, Russia has been
seen as a safe haven for cyber criminality directed against foreign interests and to some
extent domestic cyber criminality. Many
have pointed out that Russia has not acted
resolutely enough to deal with these law
breakers. Thus, what makes Russia especially
dangerous, according to Mshvidobadze
(2014), is the collusion between the Russian
state and cyber criminals. Criminal operators
confound attribution and hone their skills on
criminal activity, which ends up being a costeffective reserve cyber force available to the
state when needed. There has also been a
conjoining of criminal and governmental
malware which could result in even more
potent cyber weapons. All together this
makes Russian cyber espionage widespread,
hard to detect, difficult to attribute, and
costly to counter.
Heickerö (2010) pointed out Russian strategy
emphasizing the importance of information
warfare during the initial phase of a conlict
to weaken the command and control ability
of the opponent. This was evident in the
2007 attacks against Estonia and the 2008 attacks against Georgia. Some calculate this
was also extensively used during the intervention in Syria in 2015. To add to this, Herzog (2011) claimed that the severity of the
Estonian attacks was a wake-up call to the
world. It showed that potentially autonomous transnational networks, such as
state-sponsored, pro-Kremlin hacktivists,
could avenge their grievances by digitally
targeting the critical infrastructure of technically sophisticated states.
moderndiplomacy.eu
Herzog suggested that enhancing cyber security and creating new multinational strategies and institutions to counter cyber threats
was essential to the sovereignty and survival
of states. The biggest challenge, however, is
striking a balance between Internet freedom
and maintaining adequate early-warning
monitoring systems.
Cordesman and Cordesman (2002) criticized
the disconnect between US cyber-defense
and cyber-offense. This was later expansively
enhanced by the work of Crosston (2011;
2013; 2014) This conceptual analytic disconnect permeates US governmental efforts
and the response of state and local authorities, the private sector, and non-governmental organizations. They believe in a need for
a “comprehensive annual net assessment of
cyber threats that combines analysis of the
threat that states present in terms of cyberwarfare with the threats that foreign, domestic, and non-state actor groups can present
in terms of cyber-crime and cyber-terrorism.”
Ashmore (2009) believes that the international community should work together to
track and prosecute cyber criminals that operate outside the country being attacked.
Also, Ashmore (2009) believes that nations
should “work together to share technical
data to maintain cyber defenses and keep
up with the newest and ever-changing
cyber-attacks” because individual hackers
usually share information on new techniques that can penetrate IT defense structures. This prescription, however, requires
enormous amounts of trust from both sides,
which is hard to ask for even amongst allies.
While the international community should
come together to secure cyberspace, it is a
completely different ballgame to ask states
to share their defense techniques. Not only
could this information be used to identify
vulnerabilities in their defenses, if the information is stolen by hackers, it could be used
against these states and in turn applied to
the hackers’ networks to make countermeasures impotent.
Another prescription offered by Ashmore
(2009) is the creation of laws that make cybercrimes illegal with the hope that the punishments would deter potential cyber
criminals. The problem with this is that there
is already plenty of laws criminalizing hacking and cyber espionage, none of which
have slowed the frequency of cyberattacks.
Will new laws prevent the average middleclass Joe from sending vicious malware to
his ex-employer out of spite? Maybe. Will
new laws prevent criminal hacktivists from
launching a politically motivated attack to
their adversary’s networks? The answer is
most likely no. Just as terrorists continue to
murder, maim, and rape their victims regardless of the laws that forbid such actions,
those who want to hack likely will. It does
not matter what laws are in place. It is this innate internal motivation of the hacker that
states like the Russian Federation count on
and strategically utilize. For the most part,
Russia is the undisputed leader in this newly
politicized world of the dark net.
The Coming Cyber STorm
D r . m aT T h e w C r o S S T o n
Manufactured
BogeyMan
Trump, Mainstream Media,
and Russian Hacking
t
The current America media coverage in the West on the Russian-hacking scandal has largely been used to further portray President-elect
Donald Trump as either an oblivious ignoramus (granted, this is not
the only issue used to try to portray the President-elect in such a light)
or as some oddly recalcitrant Russian patsy, being used and manipulated by a strategically superior Vladimir Putin. Part of this motivation
is clearly rooted in a still bitterly disappointed progressive movement
that clings to the hope some piece of information can emerge before
January 20th that might derail the inauguration.
The Coming Cyber STorm
Since the possibility of recounts, voter fraud,
and other such shenanigans seemed to
wither and die on the vine before they could
gain any real momentum, the Russian-hacking scandal is now the du jour focus for the
anti-Trump brigade. Since largely domestic
procedural complaints failed, perhaps an international espionage illegitimacy angle will
work? The reality is this will not work and for
several important reasons. It seems that
mainstream media isn’t interested in covering these reasons but the larger global community should be cognizant of them.
1. The relative insigniicance of the information released through hacks
It has been rather odd to see how a fact that
was hugely trumpeted by progressives during the campaign is now being largely
shoved under the media rug, as it were: that
just about all of the massive trove of emails
released by Wikileaks contained either selfevident ‘duh’ moments (the Democratic National Committee felt it needed to support
Hillary over Bernie in order to have a better
chance in the national election? This is newsworthy or a surprise to anyone?) or were
mind-numbingly boring (exactly how many
Podesta emails must we read to know that
Podesta really wasn’t all that important in
the election campaign?).
The interesting bait-and-switch being performed now in mainstream media is that the
public is being told to not focus on the content of the hacks but simply on the process:
that a foreign nation allegedly engineered
the release is what needs to be criminalized
and anyone who beneited from it should be
nulliied.
moDern DiplomaCy
Creative, most certainly, but not legitimate
to nullify the election because no one will be
able to explicitly and quantiiably show the
impact any alleged Russian hacking had on
actual voter turnout. Without that crucial evidentiary connection the trail simply goes
dormant.
2.The crucial aspects of Hillary’s poor
performance in key-Democratic areas
cannot be truly tied to Russian hacking
Three crucial states that Hillary ultimately
lost were Michigan, Pennsylvania, and
Florida. Inside each were three key democratic stronghold cities: Detroit, Philadelphia,
and Miami. Hillary handily beat Trump in all
three, mostly by percentages in the high
teens. A prominent victory for sure in most
races. The problem, of course, is that Obama
four years earlier had taken those three cities
over Romney by percentages as high as
EIGHTY, a truly astounding igure. This
trouncing helped Obama carry those three
crucial states in 2012. Hillary’s relatively
modest wins there were not enough to overcome Trump’s state dominance outside of
those metropolitan centers. No one can
show or prove that the largely urban minority populations of Detroit, Philadelphia, and
Miami were demotivated to go vote for
Hillary because of Wikileaks. This is because
that demotivation was not instigated by the
Russians but by the relatively uninspiring
and indifferent attitude of the Clinton campaign. It was so conident it was going to
easily capture these areas, based on the resounding victories of Obama beforehand,
that it basically just bypassed them on the
campaign trail again and again.
moderndiplomacy.eu
This clearly proved to be a huge mistake but
it had nothing at all to do with Russians engineering a Trump presidency. Thus in some
ways Russian hacking is now being used to
cover over fundamental strategic missteps in
the Democratic campaign.
3.The overall poor turnout on both sides
of the electorate places blame in other
places
While Trump did indeed command a healthy
electoral college victory, he did in fact lose
the popular vote. This enrages many progressives (even though they went through
this exact scenario 16 years ago, when Gore
lost a much closer electoral college race, but
won the overall popular vote against Bush)
and allows them to not pay as much attention to the eternal vexation of American politics: that a mature and stable democracy
seems to never motivate its voting population to participate beyond 50%.
So, taking half of half, as it were, means once
again America is putting into the Oval Office
a person who was explicitly affirmed by
barely 25% of the public.
This undermines the accusation that any
Russian hacking campaign was crucially impactful in the election results: it needs to be
shown that the hacks either inspired Trump
voters to go out or depressed Clinton voters
from showing up. In real terms, as in recent
Presidential elections, the electorate overall
stayed remarkably and uninspiringly consistent in terms of poor participation.
Thus, it is legitimate to argue Russian hacking had relatively little inluence.
4.The disagreement now emerging from
within the American Intelligence Community about what it all means still
misses a basic point of fact
The CIA has been the agency within US Intelligence (there are 17 overall within the
American system) that has spear-headed
both the analysis of the alleged Russian
hacking and the conclusions to be made
from it. CIA analysts have continuously
stated the ‘evidence’ leading back to Russianbased hacking efforts is overwhelming.
While Trump still somewhat clumsily misplays this fact by trying to stubbornly deny
any such evidence at all, people need to realize that the more important question is not
one of process but intent. Amazingly, it
seems signiicant players within the US Intelligence Community are starting to unknowingly or begrudgingly agree with Trump.
The Office of the Director of National Intelligence (ODNI) has maintained that the main
problem in the hacking analysis is that no
one has the ability to peer into the mindset
of the actual actors who did the hacking.
Therefore, the ability to know the true intent
of the hacking is impossible to ascertain. The
FBI, which usually conducts its analyses
based on the higher threshold of building an
actual legal case before an American court,
has irst agreed with the ODNI but then, receiving some criticism, has said it agrees
with the overall conclusion of the CIA. This
will get a lot of new press in the West but it
won’t hide the fact that the FBI would NOT
want to go to court with what the CIA has
shown so far as ‘proof of electoral results
tampering.’
The Coming Cyber STorm
There is a huge difference between being
co-conspirators to undermine the institutions of American democracy and engineer
an illegitimate result and simply wanting to
embarrass the candidate who has spent half
a dozen years publicly proclaiming antiRussian policies and sentiments (something
Hillary has done with ample media evidence
to prove it). Given the shock of most media
outlets during election night it is hard to
imagine Russian sources were more in tune
with the pulse of the American people.
Which means they thought Hillary was
going to win just like everybody else. Which
means the hacking, if anything, was not
about electing Trump pre-election but embarrassing Clinton post-election. And while
that is still certainly unsavory it also does not
add up to anything more than what every
politically-motivated campaign ad was trying to do to each candidate all throughout
the election campaign for two years.
Unfortunately, the present media circus surrounding the hacking scandal has dripped
into the true corridors of power within Washington, as both the Senate and House of
Representatives are demanding deeper investigations.
moDern DiplomaCy
But these investigations are going to do
nothing but reveal the very astute and important divergence presently separating the
US Intelligence Community: no one is ever
going to be able to ‘prove’ in a legal sense
that Russia explicitly compromised the
American presidential election. What it did
was largely akin to very powerful and wellinanced PAC (political action committee)
campaigns fueling anti-Clinton rumors and
disinformation.
But that reality is something that epitomizes
nearly every election campaign at every
level within America today. Just look at the
recent fervor to root out ‘fake news.’ For
those who analyze foreign policy closely, it
is not surprising that Russia would prefer a
President Trump over a President Clinton.
But that does not mean the Trump Presidency now exists solely or exclusively because of Russian interference. It doesn’t. And
progressives need to realize this manufactured bogeyman is not going to help them
move forward as a party or strategize better
in future elections.
moderndiplomacy.eu
g i a n C a r l o e l i a Va l o r i
The US inTelligence
and PreSidenT
donald TrUmP
e
Everyone should or could carry out inluence actions and operations
or, if the situation is favourable, each country could even interfere with
or intrude into the political process of an opponent or an ally.
Francesco Cossiga, who really knew everything about intelligence
services, used to say that the agent of inluence "attacks the country
of interest by inluencing its decision-making process." If we made a
list of the agents of inluence currently operating in Italy, we could almost smile and wonder at this reined, complex and subtle intelligence
ield. On the other hand, as many Italian and foreign journalists and
scholars have documented, the United States made several inluence
actions and operations vis-à-vis Italy.
The Coming Cyber STorm
They included the "demagnetize" project designed to eradicate, both in Italy and in
France, the cultural and political inluence of
the Communist Party and its allies. Not to
mention the Embassy brieings given to
Indro Montanelli and many other great Italian journalists. This is exactly the "inluence"
which has always materialized in Italy. Obviously, also the Soviet Union did so, through
networks not identiiable with Moscow and
apparently apolitical - or even notoriously
right-oriented - news agencies.
If there had not been a colonel of the Defence Intelligence System (SID), who distributed bribes to the participants of the Italian
Republican Party Congress in Ravenna, so as
to ensure the victory of Ugo La Malfa - and
hence of the Party line in favour of the "centre-left project" – currently Italy would have
been very different. Finally, if a great foreign
correspondent of the newspaper "L’Unità"
had not had personal and direct contacts
with the Palestinian leadership, he visited at
night by crossing the lines - and who was
later discovered to be a KGB colonel - much
of the Middle East policy of the Italian Left
would have not been implemented. Intrusion is a technique of offensive and covert
penetration into friends’ or foes’ intelligence
systems to draw conidential information
and, once again, change the decision-making process of the "victim." These are crimes
which, if discovered – as is probably now
happening in Italy – affect the agents, but
usually keep the source that used data intact. It is not necessary for these operations
to be always in the cyber area - they can also
be carried out with the old paper documents.
modern diplomaCy
As an Italian Navy Officer did during World
War II, by taking away important documents
during a party held in an enemy embassy
and later returning to the ball- room with a
dazzling smile.
To be clear and technically accurate, with
Donald Trump the US intelligence services
have decided to do what they do in countries swinging between two inluences: a
delegitimizing bloodless coup. Why? Because the US intelligence community has
many and varied interests, including companies, foreign politicians and geostrategic
projects already underway. Everybody has
mobilized against Trump since the very beginning so as to make him a “lameduck”: lavishly funded demonstrations against him
were staged throughout the country, such as
those of the Ukrainian Euromaidan, as well
as of the usual Hollywood actors - who are
progressive and liberal only when their
money is not called into question – and of
the gay or LGBT communities that have long
become reference groups for election or advertising campaigns or for campaigns designed to change social perceptions.
One issue regards also Israel: 20% of Hillary
Clinton’s campaign was funded by Saudi
Arabia, not to mention the Sunni lobby
which has been domineering the State Department since George W. Bush’s administration. With Donald Trump, also this
mechanism will go up in smoke. The President-elect knows all too well that, without
Israel, there is no room for the United States
in the Middle East. And even this rankles in
the now modest mind of our American
friends.
moderndiplomacy.eu
If Trump’s line for an appeasement with the
Russian Federation had real effect, the whole
new cold war apparatus arranged by Barack
Husseyn Barack Obama and Hillary Clinton
would go to waste. Obviously, it is very likely
that Putin ordered his networks in the
United States to favour the Republican candidate hated by his own party. However, we
will never know and the reconstructions of
facts made by the Director of Central Intelligence (DCI), who is usually the Head of CIA,
are very weak and sometimes naive.
In his official document, summarizing a
longer and very conidential text, the DCI
speaks about public and well-known attempts made by Vladimir Putin to inluence
"the US decision-making process". Cannot a
sovereign State say what it thinks? How can
we prevent it to do so? On April 7, 2016 the
DCI also publicly spoke of Panama Papers
dismissing them as defamation means used
by the United States against Russia, by even
adding the issue of the Russian athletes’ doping at the Olympics. Is there anything more
evident than this? Would this be a secret
mechanism to "demolish the American liberal society and its institutions"?
I do not think so. Furthermore the document
notes that Putin, although appreciating the
efforts made by Trump during the election
campaign, "avoided praising him so as not
to create problems to his reference candidate". What else could he do - as the DCI document maintains - if not developing "a clear
preference for the candidate Trump"? Is it a
crime or - and here the issue gets comic - an
"intelligence operation"?
However, what our US friends currently
mean by intelligence?
I fear that it happened to them what is also
happening to us, that is a kind of transformation of Agencies and Services into a large
"communication company", in which operations are no longer carried out or, rather, it is
believed that “communication” is enough. It
is not enough to organise competitions for
children to "draw intelligence". We need to
still be harsh and impassive operators of
covert actions, which are only rarely real war
actions. In short, from the US DCI document
we can infer that a foreign Head of State
should not even dare to mention the US
election campaign.
The document also mentions Putin’s
"friends", namely Silvio Berlusconi and Gerhard Schroeder, both kicked out of their own
governments because they were thinking of
a new relationship between Russia and Europe. Indeed - as happened with the old cold
war - Europe is still the bone of contention
between the old and new Empires. Currently
the issue lies in weakening it economically,
but in the past the issue lay in making it
strong – though not enough - to face the
USSR and its Eastern European allies. Moreover, the DCI document also speaks of Guccifer 2.0 that hacked the US Democratic
Committee’s website and is supposed to be
an operator of the Russian military service
(GRU). In fact, it is good practice for any serious secret service to use e-mails and Internet
addresses directly related to its own structure, or possibly state, during the hacking activities, what it is and for what reason it is
doing so.
The Coming Cyber STorm
Unbelievable. Conversely, the other charge
included in the DCI document regarding the
possible Russian intrusion into the US electoral machines, is more realistic. Would it not
be better to use the old indelible pencils?
Why using - as also happens in India – online electoral machines owned by private
companies?
The DCI document also states that the Russian media have always commented Trump
statements favourably. What did they have
to do - always stay quiet? And also other
countries, such as Italy or France, have been
fans of Donald Trump or Hillary Clinton, In
fact, clumsily as usual, Italy funded Hillary
Clinton’s campaign with Matteo Renzi.
Hence the charges of manipulating the election process should apply also to Italy, which,
however, with Matteo Renzi, knew nothing
about the real US political equilibria.
Reference is also made to well-known websites, such as Russian Times, which supposedly "denigrated" the poor wretched Hillary
Clinton. Hence, obviously no one can pass
judgments on American politicians. Moreover the report drawn up by CIA and disseminated by CNN about the Trump’s alleged
sexual activities in Russia was - and is - entirely invented. Indeed, the DCI himself,
James Clapper, apologized and has recently
pledged allegiance to this Presidential administration. It seems incredible, but it is true
that, according to some authoritative American media sources, CIA had asked for help
to the Ukrainian services, which I imagine
will be gone right through by Russia until
after the Summit.
modern diplomaCy
To put it in harsh and clear terms, with these
operations against its own country, CIA
proved to be an amateurish Agency, now
unable to do intelligence, but only capable
of doing "communication" - and badly so. We
do not even well understand why the 'Langley Agency has sunk so low. It may be full of
poor-quality analysts, but it is not the only
one. It does not want Trump to make peace
with the Russian Federation, but why? It is
true that the new cold war feeds the "industrial military system” that not even Eisenhower liked. However there is a strategic and
political alternative option round the corner.
Reaching an agreement with Russia and
China (and here Trump harshly criticizes
China’s "currency manipulation") so as to rebuild the new areas of inluence in the world.
China wants a free hand in the Paciic, without getting in the way and interfering with
Japan. It is a smart proposal to be carefully
studied in the United States. Obviously the
United States will not leave South Korea to
its fate, but again an agreement is possible
even with the Communist North Korea. Europe should go to rack and ruin, for its irrelevant strategic merits, but it could become
a safe area southwards, against the permanent Sunni jihad (fuelled exactly by the
United States) and open to Eurasia and its
new “Silk Road”, with collective security
measures to be studied speciically.Latin
America, that the United States have proved
to be unable to hold, could be a reference
area also for the European powers, called
upon to support - with new development
patterns - the economies created by millions
of their emigrants.
moderndiplomacy.eu
Moreover Africa will increasingly need China and the Russian Federation, which will make their intervention areas safe.
Finally Trump shall turn his intelligence system upside down, considering that McCain himself stated he drafted and then disseminated . instead of a now amateurish CIA – the 35-page document he himself
had received from a British MI6 agent operating in Moscow. Material
just sketched out and unveriiable, irrelevant and stupidly defamatory. The American “deep state” has not yet digested Donald J. Trump’s
victory. but it shall do so quickly because the new President does not
seem to be a man who is content with pretending to rule.
The Coming Cyber STorm
AlexAnder S. mArTin
FSB'S
Snowden war
Using the American NSA
against Itself
r
Russia's understanding of information warfare must be understood in
the context of Russian statism. Russian leaders, particularly President
Vladimir Putin, view state power as essential to national health and
broadly-deined state power. The state attempts to maintain absolute
privilege over rights, ownership, and power, and often confers these
things to others as gifts or presents. (Jurevicius, 2015) Since Putin's rise
to power, exclusive private ownership within the state has been weakened and the state has increasingly used its now massive media industry as a means of inluencing both the domestic population as well as
foreign audiences. (Kiriya & Degtereva, 2010)
The Coming Cyber STorm
In terms of foreign inluence, information
plays a critical role in Russian political and
military strategy. The Russian military divides
information operations into two means of
attack: “information-technological means,”
which include attacks on national critical infrastructure and cyber-attaches; and information-perceptual means, which include
propaganda, perception management, disinformation, psychological operations, and
deception. (Liaropoulos, 2007) Russia's exploitation of US intelligence disclosures falls
within this second set of means as a form of
propaganda. While the Russian state has always used propaganda as a means of ensuring Russian security, examination of this
tactic is under-appreciated in the modern
day. (Stewart, 2014)
In relation to the West, Russian information
operations, often called Information Warfare
by Russian strategists, ill a critical strategic
role in all phases of conlict. In a conlict involving kinetic operations, information warfare is used as a force multiplier “whose
purpose is to guarantee the achievement of
the goals of the operation” and is often seen
as most effective in targeting enemy command and control structures, as well as
enemy decision-making. (Thomas, 1996)
Tellingly however, the Cold War notion of information warfare as a low-intensity form of
conlict targeting the enemy's civilian population and its public awareness, as well as
“state administrative systems, production
control systems, scientiic control, cultural
control, and so forth” remains a key feature
of Russian thinking today regarding information operations. (Thomas, 1996)
modern diplomACy
It is not that other nations do not accept this
anymore as a part of modern warfare, but
rather only Russia is so openly adamant
about the properness of such techniques. In
2013, the Russian Chief of the General Staff
wrote that modern conlict includes the
“broad use of political, economic, informational, humanitarian, and other non-military
measures.” (Jones, 2014) Russian information
warfare thinking has thus evolved beyond
Soviet-era concepts into a fully modern doctrine, particularly in the more intense forms
of conlict.
Critical to the effective use of Russian propaganda are its intelligence agencies, particularly the FSB. One high proile example of
FSB media manipulation is the allegation
that the FSB controls “troll armies,” a term
used to describe an estimated 200,000 FSB
employees who are tasked with looding social networks, Internet forums, and media
comment sections with pro-Russian content.
(Jurevicius, 2015) It is worth noting that this
is but one aspect of the FSB's control of Russian media. While it is difficult to ascertain
precisely what links exist between the FSB
and Russian media corporations formally,
the FSB's extensive power makes it clear that
FSB-directed propaganda is likely a critical
component of many Russian media operations. In response to the expansion of US intelligence because of the Global War on
Terror, Paul Todd and Jonathan Bloch wrote
“just as the Cold War provided a legitimizing
framework for the unprincipled and often
counterproductive waging of covert warfare,
so the dangers of a new era of intelligence
'blowback' are all too clear.”
moderndiplomacy.eu
Russian media propaganda against US intelligence services makes use of such allegations - of vastly expanded and illegal
American power to collect information
against foreign and domestic targets. While
it is possible to draw from a range of incidents the disclosures of Edward Snowden, a
former NSA system administrator, has arguably been the most controversial and impactful.
Reporting on the NSA's requirement to end
its collection of telephony metadata as stipulated by the USA Freedom Act, one grouping Russia Today articles highlighted the
conlict between privacy advocates and US
lawmakers, writing “while privacy advocates
described the change as only a single step
with the prospect of more progress to come,
lawmakers adopted a tone of inality.” (RT,
2015) Another grouping of articles aimed at
demonstrating the loophole the NSA technically used to continue collection against
US citizens. Finally a third implied that the
vast metadata collection program did not
provide the NSA with any operational or analytic value. (RT, 2015) These article groups
demonstrate not only Russia's main aim in
reporting on the Snowden leaks so as to undermine American image on the international stage, they are also an abstract
attempt to achieve an important Russian foreign policy goal: using the expansive NSA
collection effort targeted against US citizens
to positively contrast with Russian maneuvers on the global stage. In the context of
America always making charges against Russia for using draconian measures to limit its
citizens' rights and invade their privacy,
these reports are designed to highlight US
hypocrisy and sow the seeds of discord and
doubt among American allies about any socalled US moral supremacy.
Falling approval ratings of the US Government also help determine the impact of FSB
propagandizing the Snowden leaks. After
Snowden leaked the disclosures, US President Barack Obama's approval ratings plummeted. (CNN, 2014) Gallup poll data show
now that American conidence in all three
branches of the US Government is declining,
with the Supreme Court and Congress being
at all-time lows in 2015. (McCarthy, 2014) In
contrast, a recent Economist/YouGov poll
found that 78% of Americans view President
Putin as a stronger leader than President
Obama. (The Economist/YouGov, 2014) A
inal area of impact to consider is European
reactions to the leaks. As with the American
public, European publics were outraged. Not
only by the perceived US hypocrisy, but also
by the alleged NSA collection against European diplomats and elites. (Network of European Union Centers of Excellence, 2014)
The Coming Cyber STorm
These disclosures have had a negative impact on US-European relations, as the EU has
become increasingly reluctant to impose
further economic sanctions on Russia despite US pressure. (Harress, 2015) Furthermore, European leaders are showing an
increased willingness to cooperate with Russia with regard to military operations and
objectives in Syria. (Bloomberg, 2015) While
the reasons for these developments are
complex and multi-level, the damage done
to US-European relations has absolutely
been impacted by explicit Russian intelligence efforts to ‘refocus’ media perception
on American image and global status.
It is important to note that this form of intelligence media propaganda is not effective in
isolation. It was not Russian propaganda that
caused widespread distrust of the US government. However, the FSB and Russian
media conglomerates are able to effectively
proit from the damning Snowden disclosures by casting the US in a suspicious, negative light, while at the same time
minimizing its own supposed laws and political sins. More study should be devoted in
future to this softer but still signiicant aspect
of US-Russian relational conlict.
modern diplomACy
moderndiplomacy.eu
D r . m aT T h e w C r o S S T o n
A WeAponized
Cyber Commons
Coding Anarchy or Peace
Into he Matrix?
m
Many cyber experts say the world is woefully ill-prepared for a sophisticated cyber-attack and that each passing day brings it one step closer
to a potential virtual Armageddon. While the problems hindering the
development of an effective and comprehensive cyber deterrence policy are clear (threat measurement, attribution, information-sharing,
legal codex development, and poor infrastructure, to name several),
this article focuses on one aspect of the debate that heretofore has
been relatively ignored: that the futility of governmental innovation
in terms of defensive efficacy is a relatively constant and shared weakness across all modern great powers, whether the United States, China,
Russia, or others.
The Coming Cyber STorm
In other words, every state that is concerned
about the cyber realm from a global security
perspective is equally deicient and vulnerable to offensive attack; therefore, defensive
cyber systems are likely to remain relatively
impotent across the board.
As a consequence, the goal for major powers
should not be the futile hope of developing
a perfect defensive system of cyber deterrence, but rather the ability to instill deterrence based on a mutually shared fear of an
offensive threat. By capitalizing on this
shared vulnerability to attack and propagandizing the open buildup of offensive capabilities, there would arguably be a greater
system of cyber deterrence keeping the virtual commons safe. Though it may seem
oxymoronic, the more effective defense in
this new world of virtual danger is a daunting cyber-lethal offensive capability; not so
much to actually use it, but rather to instill
fear of it being used.
Interestingly, some states are clearly already
adhering to this strategy, at least in the informal sense if not in explicit policy position—
China’s fervent support of “honkers” and the
Russian Federation’s frequent reliance upon
“patriotic hackers” come to mind most readily. The United States certainly has the technological capability to equal Chinese and
Russian virtual lethality. The formal lack of an
open policy arguably indicates hesitancy on
the part of the United States to develop a
“weaponized virtual commons.” Rather than
an indication of infeasibility, this reluctance
seems to be a nod to intelligence considerations, meaning the United States is arguably
moDern DiplomaCy
more satisied developing its offensive capabilities in secret as part of more-covert operations than as a piece of overt policy. This
article argues the emphasis on covert offensive capability rather than overt is an error
that compromises the effectiveness and potentiality of developing a true virtual commons across the globe that ensures greater
security for all, not just one powerful nation.
In some ways, this reality gives argument to
the possibility of cyber war existing above
and beyond conventional war; not because
conventional war will ever be obsolete or be
a state’s most supreme form of gaining and
enhancing its own security, but rather cyber
war can be seen by many states as a less confrontational and more results-oriented maneuver.
Effective hacking and strategic cyber-attacks
at the moment still hold many more opportunities for hiding participation while successfully gaining economic, political,
diplomatic, and military secrets. In simple
cost-beneit calculations, cyber war is much
more cost effective than conventional war,
so it is arguable that its popularity over time
will grow exponentially. When considering
the impotence of defensive systems tasked
with stopping such efforts, cyber war as a
concept is fundamentally complex, convoluted, and diffused by design. This is one of
the reasons the Islamic State is having
greater success around the globe through its
cyber recruitment and incitement while suffering heavy conventional losses in the ield
across the Levant.
For the past 15 years (at least), the United
States has invested heavily in cyber-security
technologies.
moderndiplomacy.eu
Despite this commitment, major problems
remain across the most fundamental areas.
There is still no large-scale deployment of security technology capable of comprehensively protecting vital American infra
structure (Note the reasoning behind the en
masse resignation of eight officials this
weekend from the Trump Cybersecurity
group).
The need for new security technologies is essential, but to date the best developments
have only been in small-to- medium-scale
private research facilities. What would be required to make rapid, large-scale advances
in new network security mechanisms is
daunting:
•
development of large-scale security
test beds, combined with new frameworks
and standards for testing and benchmarking;
•
overcoming current deiciencies and
impediments to evaluating network security
mechanisms, which to date suffer from a lack
of rigor;
•
relevant and representative network
data;
•
adequate models of defense mechanisms; and
•
adequate models of the network and
for background and attack traffic data.
Most of these issues are problematic because of the severe complexity of interactions between traffic, topology, and
protocols. In short, it is simply easier to attack than to defend in the cyber realm, and
the innate complexities of infrastructure preparedness make it seem likely this is not just
an estimation of current affairs but rather an
axiom that will stand across eras, actors, and
countries.
In short, hackers will always trump defenders. Even with this admission, however, this
piece is not in fact arguing for the creation
of some cyber variant of a Dr. Strangelove
doomsday machine, the repercussions of
which would make the attribution problem
utterly moot. Rather, taken to its extreme extrapolation, a mutually and openly
weaponized cyber commons deters just as
the nuclear Mutually Assured Destruction
principle did, ie, the perception of realistic
virtual devastation via retaliatory strike induces fear of action, thereby rendering the
global system safe through a dangerous but
stable equilibrium. But just as with nuclear
weapons, the ability to universally destroy
the virtual commons is not the sole ultimate
hope and outcome for peace across the system. It is not a call to rejoice in fear and
dread.
The Coming Cyber STorm
Recall that mutuality not only builds fear but
also allows the possibility of trust through repeated engagement. That element of trust is
essential. Up to now the dynamic nature of
the cyber domain too heavily favored those
who sought to only do damage against it. A
weaponized cyber commons would inally
put some of that dynamism in the hands of
major powers with a mutual interest in rules,
regulations, and stability, rather than chaos,
theft, and illicit behavior.
So this is not an argument for giving any
president a choice between surrender to
constant technological violations or hacking
the modern world into the Middle Ages.
Rather, a weaponized cyber commons policy
— by being open, transparent, expansive,
and mutual — could have enough new deterrents built into it structurally to not only
provide more options to all of the actors in
the game but also give pause to the rogue
behavior that constantly probes its edges,
threatening to disrupt the entire scenario.
That combination of creating hesitation
amongst rogues while instilling trust
amongst major actors is where the sweet
spot of global virtual peace can develop.
moDern DiplomaCy
moderndiplomacy.eu
bruCe AdriAnCe
THE FSB and
SIGInT
Absolute Power at Home
and Abroad
t
The Russian Federal Security Service (FSB) should easily be considered
one of the most inluential and powerful intelligence organizations in
the world today. Its primary functions and roles include: law enforcement, counterintelligence, domestic surveillance, and internal intelligence functions at the national level.
These roles mirror many of the functions assigned to the Federal Bureau of Investigation in the US (FBI). However, while many of these
functions would put the FSB squarely in the realm of law enforcement
instead of security or intelligence, the FSB also has mission responsibilities that organizations such as the FBI do not.
The Coming Cyber STorm
The most signiicant being the mission of
signals exploitation (SIGINT). This article focuses on the SIGINT capability of the FSB and
its threat to US political, economic, and
diplomatic policies as well as the threat in
the new environment of cyber espionage.
Initially an internally focused organization,
the FSB threat proile changed in 2003 when,
under Presidential Edict No. 314, the missions and authorities of the Federal Agency
for Government Communications and Information (FAPSI) were transferred to the FSB.
This meant the FSB would now have both
the resources and authorities for SIGINT collection against its adversaries and information assurance for all Russian government
information systems.
This transition established the FSB as a much
larger player in the intelligence exploitation
community and a larger threat to US interests. Most Western intelligence services separate the responsibilities and missions of
SIGINT to a single intelligence organization,
like the National Security Agency (NSA) in
the US, which has only that authority. Other
intelligence services handle matters such as
counterintelligence and military-related intelligence.
This is not the case with the FSB, which after
Presidential Edict No. 314 controls elements
of all major aspects and disciplines of intelligence, essentially giving it both unfettered
access to collected intelligence as well as the
ability to potentially restrict other Russian organizations from accessing the collected
data. What exists is a single intelligence service with the capabilities to conduct human
modern diplomACy
intelligence, counter-intelligence, law enforcement, border security, counter-surveillance, and signals collections. This represents
a signiicant amount of authority and global
reach that cannot be compared to any one
intelligence service within the US or most
other modern developed states. With the
transition of SIGINT responsibilities, increased authority on border security, and
cryptographic responsibilities to the FSB, the
comparison of it to the US Intelligence Community also transitioned. Its domestic protection roles still most closely align with the
FBI, but its SIGINT responsibilities mirror that
of the National Security Agency (NSA), while
the border security functions are more akin
to the US Customs and Border Patrol (CBP)
or even Immigration and Customs Enforcement (ICE).
On top of all of this, the FSB has become increasingly connected to all issues cyber as
well. The world continues to become more
interconnected. The internet has become an
integral part of our daily lives and, for some,
even a necessity. It supports everything from
e-commerce to sensitive governmental correspondence. So when a country’s intelligence service inserts itself into business
transactions, there becomes an increased
risk that sensitive data could be syphoned
off and used to support both commercial
and national intelligence interests at home
and abroad. Even though the Russian IT registration requirement is only for private companies operating within Russia, this means
little in the interconnected world of the internet where data crosses many geographical boundaries between transmitter and
receiver.
moderndiplomacy.eu
The internet is a medium susceptible to signals collection just like any other and when
countries or intelligence services have access
to all internet-based traffic that falls within
their borders, then that threat is not only
very real but actually ampliied.
One example of this threat is the Russian
SORM program. SORM, or System for Ensuring Investigated Activity, is a mechanism
that permits the FSB to monitor all phone
and internet traffic coming in and out of the
Russian Federation. While arguments are
that this program is a law enforcement and
internal security tool, the FSB still remains an
intelligence service with a mission set that
goes beyond internal security and law enforcement. It is worth noting that until a
Russian Supreme Court ruling was handed
down in late 2000, the FSB was under no obligation to inform Internet Service Providers
(ISPs) that agents were accessing the system.
The work undertaken by the FSB to support
signals exploitation is not just limited to
Russian companies, therefore, but extends
to international entities with a presence in
the Russian Federation.
On 11 April 2011, for example, a government
source told the Interfax news agency that
the FSB was not proposing a ban on Gmail,
Skype or Hotmail in Russia. The FSB expert
speaking at this meeting only expressed
concerns that a number of those servers provide services outside of the national legal
framework. The inferred concern was that
because these companies utilize encryption
for securing the communications of users,
and none of them are directly based in
Russia, the FSB requirement under SORM
may not be implemented properly. It is interesting that the FSB would take the time for
an interview to highlight its effort to ind a
solution to make the functioning of these
services on Russian territory ‘comply’ with
national laws. This statement, while perhaps
innocuous on the surface, speaks to the potential level of penetration the FSB can gain
into all aspects of communications, both traditional and emerging.
On 8 June 2011 Microsoft Russia made a
statement with respect to the FSB and the
on-line communications service Skype. In a
statement carried by the Russian Federal Security Service-owned but supposedly editorially-independent Russian news agency
Ekho Moskvy, Microsoft denied claims it had
provided the FSB with encryption algorithms for the internet service. It did, however, admit that the source code for the
program was provided. With its charter to
protect and monitor cryptographic systems
for the Russian government, the FSB has access to those individuals who both create
and decipher cryptographic algorithms as
part of the newly transferred FAPSI functions.
The Coming Cyber STorm
With these vast resources, it is not a giant
leap of logic to think the FSB will be sorely
tempted to conduct eavesdropping on any
entity it wishes, without the support of said
company, as long as a suitable connection to
‘national security’ is found.
These two examples are a sample of how
cyber seems to be a new focus of FSB SIGINT
collection efforts. And while, for now, they
focus solely on what has occurred within
Russian territory, it is important to note the
FSB has recognized links in over 80 countries
and formal offices in at least 18 of them. This
level of global reach and interaction means
its SIGINT mission can be transferred anywhere the FSB maintains a presence. As
these capabilities are deployed, they provide
the FSB with a larger SIGINT capability than
most intelligence agencies around the
world. The FSB of course formally declares
that it honors all international treaties and
pursues only legitimate inquiries that hold
potential harm to the sovereign interests
and national security of the Russian Federation. The problem, of course, is just how fungible those sovereign interests might be
over time and how relevant the old adage
about absolute power corrupting absolutely
might become.
modern diplomACy
moderndiplomacy.eu
mahmudul haSan
InternatIonal
Cyber SeCurIty
CooperatIon
t
The rapid development of digital technologies and wide range of services provided for activities in cyberspace raises the issue of cyber security as a serious concern for governments around the world.
Cybercrimes pose a direct threat to the security of critical infrastructures and Information Technologies (IT) as a low-cost asymmetric warfare element. Most countries are aware of the vulnerability of
information technologies, abuse of public data provided on the internet and the great importance of shielding critical infrastructures. Nations adapt their own national strategies and policies to cope with the
threat of potentially devastating cyberattacks.
The Coming Cyber STorm
Policy makers in different countries are increasingly considering the use deterrence
strategies to supplement national cyber defense. But it is rather hard to counteract the
threat by means of merely ‘national’ cyber
defense strategies and policies, given that
cyberspace spans worldwide and attacks
can be carried out from anywhere of the
world.
The internet has changed the political landscape of the planet in an extremely profound way. If the whole world is connected
via the internet, cyber attacks are never just
a national threat. With the advent of advanced information and communication
technologies, crime now knows no jurisdictional or national boundaries. The very nature of the internet allows for unpre
cedented collaboration and interaction
among particular communities of criminals.
In February 2016, a spectacular bank hack
occurred that stole $81 million from accounts at the Bangladesh Bank via the SWIFT
system. SWIFT credentials of Bangladesh
Bank employees were used by unknown
hackers to send fraudulent money transfer
requests to the US Federal Reserve Bank in
New York asking to transfer nearly $1 billion
from Bangladesh Bank’s funds held there to
bank accounts in the Philippines, Sri Lanka
and other parts of Asia.Despite separate investigations carried out by Bangladesh,
Philippines and US authorities, the true identity and origin of those attacks are still undetected.Reportedly, almost eleven different
cyber criminal groups including the Sony
hack, which the US government attributed
to North Korea, have been suspected to have
modern diplomaCy
connections with this central bank cyber
heist. Following the Bangladesh Bank cyber
heist, SWIFT sent out an alert to its members
indicating that a second bank in Asia had
been targeted in a similar attack.
Though, in the past, cybercriminals were
mainly individuals or small groups, today,
heavily funded and highly organized cyber
criminal groups are bringing together individuals from across the globe.
As cybercrimes can be committed in real
time from anyplace in the world in an unprecedented way, and they are hard to track,
prosecute, and enforce penalties, therefore,
criminals are increasingly turning to the internet to facilitate their activities and maximize their proit. Crimes committed in
cyberspace are not necessarily new, such as
theft, fraud etc. but they are rising in line
with the opportunities presented by digital
technologies. Consequently, cyber criminals
are frequently holding the world to ransom.
The Daily Mail (UK) reports (10 June 2014)
that cyber attacks damage the global economy to the amount of more than £238 billion a year – almost equal to 0.5 per cent of
the world’s total GDP. On the other hand, Juniper research (UK) predicts that cybercrime
will cost businesses over $2 Trillion by 2019.
Cyber attacks, by analogy, represent a threat
to global peace and security as frightening
and horriic as nuclear war. So every government, business entity, organizations and individuals who are using electronic data
processing have no way to escape the threat
of cyber attacks.
moderndiplomacy.eu
While cybercrime is generally understood to
mean unlawful access and attempts to unlawful access to computers, networks, and
the information stored therein - all illegal,
harmful and hostile activity on the internet cyberterrorism, meanwhile, adds a new dimension of threat in cyberspace. Though cyberterrorism does not necessarily imply
something different from cybercrime, it has
a stronger meaning. Cyberterrorism usually
describes acts done online that have similar
characteristics to real-world terrorism attacks. As the statutory deinition suggests,
terrorism is usually intended to demoralize
either a society or a civilian population in furtherance of some political or social objectives. To understand what cyberterrorism
can – and will – be, we must examine how
terrorists can use information and communication technology to gain those objectives.
Using cyber attacks, terrorists can cause
much wider damage to a country or region
than they could by resorting to conventional
physical violence. As a hypothetical example
of cyberterrorism, a critical infrastructure
such as a nuclear plant may be taken over by
terrorists for destructive purposes.The Lipman Report (2010) states that “During 2009,
a series of cyber attacks were launched
against popular government Web sites in the
United States and other countries, effectively
shutting them down for several hours” and
claims that “most disturbing is the possibility
that this limited success may embolden future hackers to attack critical infrastructure,
such as power generators or air-traffic control systems — with devastating consequences for the economy and security“.
More recently, Bangladesh based the Daily
Star (August 28, 2013) reports that in August
2013 media companies including the New
York Times, Twitter and the Huffington Post
lost control of some of their websites after a
hacker group named Syrian Electronic Army
supporting the Syrian government breached
the Australian Internet company that manages many major site addresses.
Cyberwarfare - as distinguished from cybercrime and cyberterrorism – can be deined
as actions by a nation-state to break into another nation's computers, networks and the
information stored therein for the purposes
of gaining some military objectives i.e.,
achieving certain advantages over a competing nation-state or preventing a competing nation-state from achieving advantages
over them. Cyberwarfare generally constitutes the use of cyberspace by nation states
to achieve the same general goals they pursue through the use of conventional military
force. Some governments are increasingly
making it an integral part of their overall military strategy, having invested heavily in
cyber warfare capability. The Chinese De fense Ministry has conirmed the existence
of a cyberwarfare unit officially claimed to
be engaged in cyber-defense operations.
The Coming Cyber STorm
There are reports published in Washington
Times that the People’s Republic of China is
frequently launching cyberattacks that are
intended to disable Taiwan’s infrastructure
and defeat the capacity of that island’s government and economy. In May 2007, Estonia
faced mass cyberattack soon after removal
of a Soviet World War II war memorial from
downtown Tallinn. In August 2008, during
the Russia-Georgia War cyberattacks caused
the Parliament of Georgia and Georgian Ministry of Foreign Affairs websites to be replaced by images comparing Georgian
president Mikheil Saakashvili to Adolf Hitler.
Several other incidents of cyberwarfare are
increasingly being reported between different state sponsored cyber defense groups
and military cyber units, most commonly,
US-China, US-Russia, Israel-Iran, North KoreaSouth Korea, India-Pakistan etc.
Since crimes in the cyberspace often transcend a nation’s boundaries in being committed, actions to cope with them must also
be of an international nature. While threats
arising out of cybercrime, cyberterrorism or
cyberwarfareare increasing rapidly with the
advent of information and communication
technology, international law to deal with
cybercrime has been slow to adapt.The International Cybercrime Treaty (ICT) is the irst
and only international treaty to date seeking
to address internet and computer crime by
harmonizing national laws, improving investigative techniques, focusing on regulatory
initiatives and increasing cooperation
among nations. Due to the heterogeneity of
law enforcement and technical countermeasures of different countries, the Treaty is far
modern diplomaCy
ranging in the areas it attempts to address
and touch upon. Given the myriad of issues
arising from the Treaty, much controversy
has sprung up over various points. It is silent
about the most crucial issues rapidly evolving in cyberspace such as cyberterrorism or
cyberwarfare. The main failings of existing
international Treaty systems that touch on
cyber law are that most do not carry enforcement provisions. Treatments of cybercrime
or cyberwarfare outside the orthodox international human rights law (IHRL) or international humanitarian law (IHL) framework are
almost absent. On the other hand, issues relating to cyberspace are multidimensional
and too complex to it easily under the mainstream IHRL and IHL framework. This renders
the tension between classifying cyber attacks as merely criminal, or as matters of
state survival resorting to the same rationales as conventional threats to national security and which then creates a vacuum for
cybercrime to grow bigger.
As cyberspace is not a customary arena over
which a Sate may exercise its national jurisdiction or State sovereignty and, thus, challenges arising out of it are unique, the
situation therefore requires exceptional regulatory solutions. Some have argued that cyberspace is international commons resource domains or areas that lie outside of
the political reach of any one nation.To the
extent cyberspace is international commons,
it requires the common vision of the international community to deal with the issue. By
fostering international cooperation, nations
can tackle the problem of the borderless nature of cybercrime by enabling actions
moderndiplomacy.eu
beyond the borders of a single nation. This
will be a win-win situation for all countries
coming forward to cooperate. It is important
for the international community to establish
a comprehensive regime for various types of
cyber threats through a new international
accord dealing exclusively with cyber security and its status in international law. Until
such an accord becomes politically viable, it
is important to examine how existing treaty
systems may extend to handle the challenges presented by cyber threats.
In addition to each country taking individual
measures and actions for their own cyber security, all stakeholders in the global cyberspace need to cooperate and assist each
other
One of the most urgent needs for the international community is to establish an inclusive mechanism to regulate cyberspace. The
best way to ensure international cyber security is to form an appropriate legal regime for
the various types of cyber threats e.g. cybercrime, cyberterrorism or cyberwarfare whether it is humanitarian law (laws of war),
human rights law or some novel combination of treaty systems.
Before thinking about cyber security, an institution has to deine what is worthy to protect. The institution will also be in charge of
building fundamentals for dynamic cyber
defense, implementing relevant international cyber security treaties and laws, functioning as catalyst for discussion among
different disputant States and other entities,
and harmonizing with other treaty systems.
The institution will have a comprehensive jurisdiction to appropriately address the risks
associated with the revolution in information and communication technology. There
should be also a mechanism based on enhanced international cooperation to implement a risk-based approach, whereby risks
are quickly and appropriately identiied as
they evolve and responded to dynamically
in accordance with their characteristics. A
major effort should be undertaken to increase the monitoring of critical networks,
and to assess and furnish remedies for any
vulnerabilities that are identiied. Measures
should be taken to help developing countries improve their cyber defense programs
through training and other necessary logistic support. Mechanisms should be developed
for
comprehensive
military
cooperation including cyber security deterrence strategies.
As the United Nations (UN) has a signiicant
and unique role in the international community, the organization can take action on a
wide range of issues. An inclusive legal
regime, institutional mechanisms, multilateral agreements and international military
deterrence can be considered and discussed
under the auspices of UN. Other international organizations, in particular, NATO, European Union, Council of Europe, G-8, OECD
etc. can play a lead role in furtherance of international cyber security cooperation.
The Coming Cyber STorm
D av i D D av i D i a n
The Challenge of
The IndIgenous
arms IndusTry
he Ascendant and Dependent
Classes
j
Just as Niccolo Machiavelli noted the unreliability of mercenaries [1]
and interpretations of Sun Tzu [2] claiming a mercenary's real value is
not more than half a native soldier, one can extrapolate from these observations to deduce that the most effective arms industry is indigenous. While this may not be much of a revaluation, its implementation,
especially in developing countries (and even developed countries), is
becoming exponentially difficult.
The gap between the necessity for manufacturing indigenous arms
and the ability to deliver them is widening and has been since the end
of WWII. This gap is not between irst- and third-world states.
The Coming Cyber STorm
To be more precise, if one looks at the history
of weapons development since the end of
WWII, one sees that countries that have had
uninterrupted arms development are those
that have been able to build upon and maintain military research and development programs and can deliver continuously
advanced weaponry to the ield. It is nearly
impossible for a newly established state or
an established state that wishes to enhance
its defensive capabilities with serious indigenous development to do so at the same rate
as established state industries, for the everincreasing rate of change in technology is
fostered by “ascendant-class states”. An exception to this may be Israel, but this is due
to its extensive ties with the US military industrial complex. The widening of the technology barrier is in the interest of
ascendant-class states such as the US, Russia,
and China as they are the leading arms exporters to the “dependent-class states”.
Where has this left the dependent-class
states, speciically those that have budgets,
technology, development and management
capabilities, and inevitably the political necessity for weapons? Given a fortuitous combination of items from the preceding list the
best bang-for-the-buck is to develop nuclear
weapons.Israel's nuclear program [3] began
as far back as the 1950s, accelerating after
the 1967 Six Day War. Some states move
from dependent-class to the nuclear club
sometimes at the expense of feeding their
own people.North Korea is an example. If
Iran were not effective in its indigenous
weapons program and uranium enrichment
capabilities, it might be relegated a Middle
moDern DiplomaCy
East backwater subject to a Persian Spring.
We have seen this spelled out clearly with
India and Pakistan. Both have nuclear
weapons. India claims to have hydrogen
bombs [4] of varying yields, yet it must import its best ighter jets as does Pakistan.
While joint development or licensing of
technology seems a reasonable compromise
in some scenarios, ascendant-class states
limit the amount of technology that is exposed. Many examples can be cited, but earlier this month joint development of an
Indian-Russian ifth generation ighter jet
stalled over Russian concerns that its stealth
technology would be compromised. [5] Pakistan was hoping it would acquire the capability to build a state-of-the-art ighter jet
from scratch in their joint JF-17 Thunder program with China. This didn't happen. “...PAF
[Pakistani Air Force] understood that it cannot build a backbone ighter via imports.” [6]
A licensing agreement between Azerbaijan's
Defense Ministry and Aeronautics Defense
Systems of Israel for the local assembly of
Aerostar and Orbiter UAVs (Unmanned Aerial
Vehicles) in Baku still has 70% of the components produced in Israel. [7] These are strong
reminders of what Machiavelli and Sun Tzu
observed hundreds and thousands of years
ago, respectively. The dependence resulting
from not reinventing one's own wheel can
be a gating factor as the ascendant-class can
modulate the game.
What of those states that have limited resources, and/or never had or lost their research and production capabilities to sustain
a limited indigenous arms industry? These
states would rank below dependent-class
status.
moderndiplomacy.eu
In some cases, it makes little sense in both
time and effort to match technology-fortechnology with a state's perceived enemies.
For example, if state A has advanced tanks or
other heavy weaponry, rather than to match
or exceed it in quantity and/or quality, state
B could use ultra-sensitive vibration and triangulation processing to locate tanks in motion from many kilometers away and target
them with standard artillery.
When the enemy's advanced tank is disabled
and captured, further inspection and investigation could provide methods for more effective destruction. Most offensive military
UAVs have anti-radiation protection.
However, a UAV must either be directed or
self-identify a target. Considering that the
methods available for targeting are based on
technologies associated with radar, ladar,
electro-optical sensors, GPS, etc., rather than
to match the enemy’s advanced UAV systems, creating ways of disabling or degrading their tracking and target acquisition may
be the way to go in defending against such
technologies.
Inexpensive, yet effective, (non-nuclear) directed EMP (Electro Magnetic Pulse) systems
may be enough to temporarily degrade or at
least cause directional errors large enough
to divert the UAV. Wide ield laser weapons
[8] meant to blind soldiers (banned by the
UN) could damage electro-optical sensors,
adapted for use in combination with other
defense mechanisms. Such techniques can
be an alternative to developing a top of the
line military UAV industry.
Then, there is cyber warfare. Some call this
the great equalizer because cyber attacks are
anonymous, effective, deniable, and entire
state infrastructures can be taken down with
a keyboard.The United States, China, Russia,
and Israel are on cyber warfare technology's
leading edge. Some of this is very overt. Job
postings for several years in the United
States include a new position called an “ethical hacker”. Targeted cyber weapon efforts
such as Stuxnet [9] require the prowess of a
sizable state. This is due to the combination
of wide systems expertise, cyber hacking
technology, and human intelligence required to stage such a debilitating weapon.
Less challenging, yet devastating, attacks
can be the work of a single cyber soldier.
Cyber warfare attacks have been reported
on infrastructures in Syria, Ukraine, Estonia,
Burma, Iran, Japan, Israel, South Korea, US,
Georgia, etc. If there is such a thing as collateral damage from cyber attacks, the following story should shed light on this. While I
was on a visit to the Republic of Georgia in
2008, hostilities between Russia and Georgia
commenced. The Russians began the equivalent of a denial-of-service attack on the
Georgian internet infrastructure.
The Coming Cyber STorm
This resulted in the inability of Georgians to
access facilities such as email; but, most importantly, accurate information simply wasn't available. One might as well have been in
the dark ages, for local TV reverted to showing black-and-white movies of Georgians defeating the Persians hundreds of years
earlier. Russian cable channels were severed.
Rumors became “reality”: lour imports were
rumored halted, which caused a run on bakeries at 2pm one morning; word on the
street was the country was low on beans,
and within hours the price of beans in Tbilisi
stores became astronomically high; Russian
ighter jets were launched from air bases in
Armenia (this was speciically announced as
false on Georgian TV). If collateral cyber
damage from not having internet access to
at least neutral information were actually
planned, it alone could cause erroneous decisions to be made based on false or incomplete information.
However, as the line between state-of-theart state-sponsored hackers and those of an
astute individual is blurred, the capability of
non-state actors to create infrastructure
chaos is real. Six months ago, Syrian hackers
claimed responsibility for hacking into Belgian news sites. Only last month, it was reported that ISIS-affiliated hackers attacked
various governmental sites in the UK. [10] It
could take only a few more keystrokes to
hack into UK's power distribution grid even
though it is actively protected against such
attacks. Military and defense secrets are the
most leeting of all.
The world is increasingly technologically
complex. It would be remiss of established
states not to maximize their indigenous defense capabilities – if – such states are determined to minimize their dependence on the
ascendant-class. Minimum dependence enhances the ability to defend one's own interests.
Georgia did not need a classical army of soldiers, weapons and tanks to mitigate this denial-of-service attack. I am sure lessons
learned will be implemented as the boundary between ascendant-class and dependent-class or below is not easily deined in
cyber warfare.
[1] The Prince, page 20
[2] Art of War; 9. The Army on the March
[3] Israel's Worst-Kept Secret
[4] Nuclear Anxiety: The Overview; India
Detonated a Hydrogen Bomb, Experts Conirm
[5] Full tech transfer could derail Indo-Russian ifth-gen ighter program
[6] What did Pakistan gain from the JF-17?
[7] Azeris get Israel UAVs built under license
[8] How the US Quietly Field Tests 'Blinding'
Laser Weapons
[9] An Unprecedented Look at Stuxnet, the
World’s First Digital Weapon
[10] Isis-linked hackers attack NHS websites
to show gruesome Syrian civil war images
Finally, there are non-state actors. Non-state
actors are either given weaponry or must secure them inancially. As proxies for regional
or international powers, non-state actors are
subject to the vagaries of their patrons.
moDern DiplomaCy
moderndiplomacy.eu
“The society that
separates its scholars from
its warriors will have its
thinking done by cowards
and its fighting by fools”
Thucydides
www.moderndiplomacy.eu