Cyberspace, Security & International Relations
It is very important to concentrate on hitting the U.S. economy through all possible means . . . look for the key pillars of the U.S. economy. The key pillars of the enemy should be struck . . .” —Osama Bin Laden, December 27, 2001
“Today, the cyber economy is the economy. . . . Corrupt those networks and you disrupt this nation.” Condoleeza Rice, (March 23, 2001, to the Partnership for Critical Infrastructure of the U.S. Chamber of Commerce).
Security is as old a concern as humans are themselves but nothing has transformed it like information age which was ushered by the rapid propagation of internet, modern communications, ever improving computing devices and sheer amount of information all these systems generate to run the modern world. The profusion of information and the explosion of information technology is the driver, reshaping all aspects of social, political, cultural, and economic life.
Two quotes cited above summarized the national security dilemma which the US (and developed world) in particular and the rest were faced with in general. Issues like radio frequency weapons, bioterrorism, information warfare, espionage, technology transfers, transnational crime, and weapons proliferation were all well known to US intelligence community and government and yet, 9/11 happened. That was some 19 years ago. Fast forward to 2020, the situation has become more complex as information technology has penetrated in cognitive domain as well after becoming integral part of governance, decision making, analysis and carrying out threat perception. Today billions of people interact with each other over the internet and too many with maintaining complete anonymity.
It was only at the beginning of this decade that political leaders and analysts only began to come to terms with this transformative technology. Until then, the issue of cyber security has largely been the domain of computer experts and specialists and in many parts of the world, it remains the same but with the rapid evolution of new technology, new venues of communication, exponential increase in rate of information generation and growing sophistication of cyber attackers has ushered a whole new approach of cyber security which by now is a compulsory component of national security in any modern nation state.
Developed countries have begun to accept cyber space as a fifth operational domain after land, sea, air and space[1] though the situation in developing and under developed world remains the same. Penetration of IT services is not harmonious across the world. More developed a nation, more integrated it is via information technology and hence remains a bigger and more attractive target for hostile entities. This characteristic of IT presents first challenge.
Emergence of cyber security as an integral part of national security outpaced every other traditional concern or dimension of national security due to unprecedented development in computational capacity (which is still doubling after every 18 months). This rapid pace in development and integration of technologies at national and individual levels didn’t allow security managers to appreciate the threats associated with these technologies. This is 2nd most pressing issue for national security experts and policymakers. There were few select individuals in the internet when it was first created some 40 years ago, this small virtual village where everyone knew each other security was least of the concerns and more focus was to make the communication fast and reliable.
Global internet underwent a rapid expansion with the invent of commercial web which is only 2 to 2.5 decades old but it has grown at an exponential rate. In the early 1990s, there were only few hundred thousand users and now in 2020, more than 3.5 billion people are connected with World Wide Web globally.
Gen Michael Hayden, former director of the CIA said, “Rarely has something been so important and so talked about with less clarity and less apparent understanding [than cyber security]. I have sat in very small group meetings in Washington . . . unable (along with my colleagues) to decide on a course of action because we lacked a clear picture of the long-term legal and policy implications of any decision we might make.”[2]
This statement of former CIA head clearly describes the inherit problem of formulating a national cyber defense policy and strategy tightly knitted in overall national security strategy. The US is not the only nation faced with such dilemma, the phenomenon is universal across the globe. More cyber infrastructure to protect national critical data and communication means a bigger target footprint for the cyber terrorists and hostile cyber troopers to take aim at. This is where cyber security diverges from the traditional philosophy of national security based on the idea of securing physical borders.
Cyberspace is a global domain of human interaction with distinct features.
- Created by the interconnections of billions of computers by a global network, today the Interne, and all of its derivatives
- Built as a layered construct where physical elements enable a logical framework of interconnection;
- Permits the processing, manipulation exploitation, augmentation of information, and the interaction of people and information;
- Enabled by institutional intermediation and organization; and
- Characterized by decentralization and interplay among actors, constituencies, and interests.
Historically, cyber space technologies were developed away from political domain. This is why until recently cyberspace was considered largely a matter of low politics – the term used to denote background conditions and routine decisions and processes. By contrast high politics is about national security, core institutions, and decision systems that are critical to the state, its interests, and its underlying values. Nationalism, political participation, political contentions, conflict, violence and war are among the most often cited aspects of high politics. But low politics do not always remain such. If the cumulative effects of normal activities shift the established dynamics of interaction, then the seemingly routine becomes increasingly politicized. Cyberspace is now a matter of high politics.
How impactful are cyberspace and all the related technologies in the global affairs? There is consensus that cyberspace has emerged as a major and powerful disconnect between 20th century international relations and the realities of the 21st century. It goes without saying that all of this forces us to re-assess the conventional perspectives on security, as threats to cyber security become more and more salient. But this is only one side of the proverbial coin when seen in an international perspective. The other side of the equally proverbial coin is about cooperation and the challenges associated with international governance, especially governance of cyberspace. Something every nation state want to control.
A way forward can be charted out by adopting new venues of analysis of different aspects of cyber space in the context of national security and international order. For example, the ubiquity of cyberspace calls for a meta-analysis, an overarching investigation of contours and interconnections of cyberspace and international relations (and international cyber relations) in order to identify the linkages between the international system (and international relations) on the one hand, and technological change (and cyberspace), on the other – in analytical, empirical and observable terms. Each of these two domains – the cyber and the international – is defined by core principles and characterized by specific features of structure and process; these enable and are enabled by a wide range of actors and activities.
The increasing interconnections between the cyber and the “real” domains is shown by the development of practices surrounding e-Government, for example, as well as evidence state expansion in the cyber arena. Examples such as these create notable challenges for empirical analysis that take center stage in more recent analysis in quantitative international relations.
CYBER CHALLENGES to the STATE
There is no doubt that emergence of cyberspace has only made our world more complex. This complexity is defined by the new venues for expression and its freedom with complete anonymity. If we take into account the salience of cyberspace – especially the dramatic expansion of cyber access in all parts of the world then we can appreciate the fundamental departures from tradition in international structures and processes, and that the world is now much more complex.
A central feature of in relations, jurisdiction in international relations is tied to location-centric rules that depend on the nature of the actors and the issues, and the willingness of sovereign states to accommodate differences in the internal laws for managing the private sector, while conforming with the practice that external activities are governed by the rules of jurisdiction in public international law. And this explains a big difference which calls for a fresh and broader context of cyber security because unlike international relations, cyber international relations are not restricted by location based rules. Cyberspace is contiguous; at least for now. More and more nation states are trying to create their own data repositories within their physical precincts but no country has achieved that 100% and neither it is going to happen in foreseeable future.
It is time to summarize all the different aspects of cyberspace which adds to the national security concerns. These aspects or features of cyberspace are making it even more challenging for legislators and leaders to draft national cyberspace security strategy.
Security Issues of Cyberspace |
|
Temporality | Events in cyberspace take place almost instantly giving very limited time to react. A bigger event in international cyberspace by known perpetrator will invite instant reaction without any warning. |
Physicality | Cyber technologies always transcend physical constraints. This demands a new approach to deal issues related with international cyber security, cyber war, cyber terrorism and cyber IR. Events in cyberspace can’t be kept physical constraint like events in real world. |
Permeation | Like with physical boundaries, cyberspace respect no legal jurisdictions; at least not until international community reaches a global consensus on this issue. |
Fluidity | Sustains shifts & reconfigurations is a common occurrence in cyberspace making the any kind of global consensus almost impossible for global cyber laws. |
Participation | Cyberspace has reduced barriers to political expression. A phenomenon came to the fore in Arab spring and continues to make impact strongly on political development. This is another challenging aspect for the states to tackle. A tough trade-off between national security needs and personal liberties. |
Attribution | Anonymity is primary feature of cyberspace. Finding and designating a culprit is almost impossible when attackers use technologies like Tunneling and TOR. |
Accountability | Cyberspace and its technologies bypass established mechanisms |
Source: Based on Choucri, [3]
Above table establishes that there are inherent tensions that are yet to be addressed. If there is international law for cyberspace, it is still in the making. It is not easy to make laws for something which is still emerging and still in its birth process. Some experts like (Kohl) have proposed a “simple choice”, that is between “more global law and a less global internet”[4]. Especially important here is that characteristic features of cyberspace stand in sharp contrast to our traditional conceptions of social systems, generally, and to the state system in particular.
Different aspects as shown in table may offer great comfort to end user but for legislators they are like challenges or level of a game which hackers want to win with zero-sum result. The challenge is still there and calls for rigorous efforts both locally and globally. Academia can be a good starting point to share ideas about making the cyberspace more secure. Unlike traditional security, cyber security has a critical temporal axis along with severity axis and frequency axis. Consequently, all of this becomes more and more important given that who gets what, when, and how is influenced by cyber access but also by the growth and diversity of actors, each endowed with differential levels and distributions of traditional power and capability. By definition, all entities generate demands (they seek to meet) and are endowed with capabilities (they chose to deploy). They all are able to participate in one way or another in the international forums and all seek venues for shaping the evolving international political agenda – but only states have the final vote.
Early in the 21st century it was already apparent that the cyber domain shaped new parameters of international relations and new dimensions of international politics. Among the most salient new features is the above-noted creation of new actors—some with formal identities and others without – and their cyber empowerment, which is altering the traditional international decision landscape in potentially significant ways. Concurrently, we see the growing use of cyber venues by non-state groups whose objectives are to undermine the state or to alter its foundations. This is really very alarming!
END NOTES
[1] Goztepe, Kerim, Recep Kilic and Alper Kayaalp, “Cyber Defense in Depth: Designing Cyber Security Agency Organization for Turkey”. Journal of Naval Science and Engineering 10,no.1 (2014):1-24.
[2] Michael V. Hayden, “ The Future of Things Cyber”, strategic Studies Quartely 5, no.1 (sping 2011): 3.
[3] Choucri, Nazli, “Cyberpolitics in International Relations”.MIT Press, 2012.
[4] Kohi, Uta.”Jurisdiction and the internet: Regulatory competence over online activity”. Cambridge university press, 2007.
The author is Ph.D. Scholar (SPIR-QAU). Currently, she is working at Islamabad Policy Research Institution (IPRI) as Policy Researcher/Consultant. Her work has been published in local and International publications.
Comments