Cyber Security Challenges: Prerequisites for a comprehensive strategy

"Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather." - John Perry Barlow

This articulation is the first portion from 'A Declaration of the Independence of Cyberspace' by John Perry Barlow as a response against USA's Telecommunication Act of 1996. The founding member of Electronic Frontier Foundation, John Perry Barlow believed that cyberspace is 'A new home of mind' where the issue of sovereignty from the physical world does not converge as it had no elected government with moral rights and authority to wean off convulsions. 

Nevertheless, many of his remarks for instance- a new and different social contract, a wide diffusion of information beyond boundaries, free access of all etc. seems desirable while the main question about his "Golden Rule" remains ambiguous to this day. Thousands of websites displayed his declaration. However, the gradual rise of cyber-attacks diminished the credibility of this speech, paving the way for states as well as other actors to participate in cyber issues to bring stability in the cybersphere.

It is widely known that the internet was at first created for military purposes to counter any unforeseen attack by the USSR over the US. Thereafter, from the year 1993, it was accessible for civilian usage marking as a historical step forward. Yet, the threat regarding cyberspace had sprung back when Winn Schwartau in 1991 contrived the term "Electronic Pearl Harbor". He assessed that a major cyber-attack can bring the USA to its knees. Though his remarks were not heeded in security debates, the rise of cyber incidents put a dampener on longstanding optimism over cyberspace. The involvement of major powers turned cyberspace into a matter of international relevance when in 2010 the Stuxnet attack on Iran's nuclear program allegedly put USA and Israel into the spotlight. This event shifted the long-accepted belief of cyberspace being the realm of technical experts towards a realm of politicisation.  Subsequently, the Pentagon proclaimed cyberspace to be the fifth domain of warfare after land, sea, air and space. Hence, cyberspace became an issue of national security through its militarisation by a global power.

Now, different states use distinctive lexicons for cyber accessories- for some it is Digital Technology and for others, it is Cyber Technology. To track down any cyber incident, the vital questions are- 'Who committed this?' as well as 'Why have they done this?'. In this regard, the Center for Security Studies in their hotspot analysis evaluated specific distinctions between cyber crimes and cyber conflicts. The first one is carried out solely for economic gains and as a result, the targets are chosen with economic values in mind. On the other hand, the latter deals with political and national security issues with extensive strategic concerns. For instance- the civil war in Syria was widely internationalised since cyberspace was manipulated to shape public opinion with propaganda and false information and spy on members of both government and anti-government groups. Another massive cyber-attack occurred in Ukraine's power grid during its crucial conflict against Russia. The issue caused major sufferings for approximately 250,000 people with lasting damage to the electricity supply. The very recent case of cyber conflict is the US election of 2017 where Russia was accused of attempting to influence the election results. Many consider this attempt to bring a Pro-Russian US president, though this argument remains inconclusive to this day.  

Most strategic attacks are carried out on networks of state institutions, media outlets and non-state actors for possessing sensitive information or data. Photo: BSS

The Center for Strategic and International Studies (CSIS) in its latest report articulates on significant cyber events since 2006. This report showcases cyber-attacks with strategic implications. Some notable ones from 2020 include Iranian hackers targeting attendees of the Munich Security Conference for foreign policy intelligence, Greek hackers vandalising the website of the Turkish Parliament and 150 Azerbaijani government websites in support of Armenia, Chinese government hackers attempting to breach U.S. defence industrial headquarters as a comprehensive espionage campaign, etc. Hence, most strategic attacks are carried out on networks of state institutions, media outlets and non-state actors for possessing sensitive information or data.

Cyber conflicts with strategic and political potential have materialised in low-stakes situations yet the attacks have become more frequent than ever before. The massive usage of digital technologies in government operations has remodelled cyberspace as a high political phenomenon. States perceive each other as a threat since they remain wary about the intentions of others. Thus, there has been covert state involvement in cyber-attacks as "Double-edged sword perspective" which involves winning wars in cyberspace by exploiting security vulnerabilities resulting from the extensive dependency on cyber tools. Though research shows that there is a lack of innovation of cyber weapons, both state actors and cybercriminals use common equipment. Therefore, governments can formulate a framework where the combination of national, business as well as social sectors will have the responsibility to avert the damaging fallout of cyber-attacks on the private, local and international sphere. This involves the application of non-technical analysis and contextual knowledge of geopolitics to identify actual perpetrators and avoid false incriminations. Still, there remains an asymmetric knowledge gap regarding cyberspace as well as an insufficient capacity of cyber tools between the developed and underdeveloped nations.

Although regional, bilateral or multilateral efforts for cyber norms have been ineffective, it is the responsibility of the technologically advanced states to minimise the asymmetric knowledge gap concerning cyberspace among underprivileged states. The National Cyber Security Coordinator of India revealed that cyber-crimes in India cost roughly $17 billion in 2019. Remarkably, the expensive nature, as well as technological efficiency, is not feasible for underdeveloped nations unless developed states come up with better strategies and efforts to spruce up the international order with coordinated participation. It is very important to form solid cooperations to counter this present-day threat with strong technical averment and effective intelligence affiliations with sharp political scrutiny.

The author is a 4th year-undergraduate student at the Department of International Relations, University of Dhaka.

Disclaimer: The views and opinions expressed in this article are those of the authors and do not necessarily reflect the opinions and views of The Business Standard.