Tackling the Wilderness of a New Frontier
Ever since the advent of the Cold War, the United States and Russia have engaged in talks, the core focus of which has been on generating agreements on the limits to nuclear proliferation, and the systems to create and enforce those desired outcomes.
Whilst the Cold War is no more, the U.S. and Russia continue to discuss these topics, but it has become clear that a whole new realm needs agreements and regulations between these two military powers: cyberspace.
Cyberspace has, unfortunately, become an increasingly contentious topic between these two aggrieved parties. Whilst the Internet has become the beating heart of modern economics and our society at large, not to mention the vital links it creates between governments and military systems, the speed of the development of the Internet is outpacing the current regulatory bodies that seek to monitor the system.
Attacks upon this system are a tempting target for anyone seeking to cause disruption and economic damage at an extremely low cost. There is no need to fund heavy weapons and train troops. Instead, a small team of motivated individuals with computers can launch devastating attacks on companies and governments.
In addition to this, it is clear that some nations are hiding behind a general inability to define who is exactly launching the majority of such attacks. With this plausible deniability, cyberattacks require significantly more research into where they originated from than an armed attack with a clear and visible origin point. The slowness of any retribution or accusation renders the threat of retaliation virtually moot.
In recent meetings between President Joe Biden and Russian President Vladimir Putin, the agenda has been accusatory, with allegations that Russia has become increasingly hostile in the cyberspace realm. Whether that be from false account creation on social media in order to influence recent U.S. elections, or attempts to gain access to infrastructure, such as nuclear power plants, the finger of blame is pointed squarely at Russia.
The reality, though, is that Russia is not alone in launching cyberattacks against the United States and Europe. Both China and North Korea have taken actions against U.S.-based servers. China gained access to 22 million U.S. government personnel files, opening a critical vulnerability in the U.S. intelligence community that may have been exposed by this leak. North Korea attacked Sony, compromising private communications, in an attempt to prevent the airing of The Interview, a satirical film that mocked Kim Jong-Un.
With a lack of accountability, governance, or enforcement, it is clear that the vast sprawling virtual space of the cyber realm is the new frontier to be conquered and tamed.
The United States, like most Western countries, has claimed to favour an open, interoperable, secure, and reliable service, relatively free of censorship or control, as set out in policy over a decade ago. This is seen as the best way to promote a free flow of ideas and information, and for most of us, this is the Internet as we have experienced it. Despite this, nations such as the U.S. and the UK have been labeled the “enemies of the Internet” by French NGO Reporters without Borders, which criticises these nations for active, intrusive surveillance of news reporters and violations of freedom of information and human rights.
For other nations, the Internet has long been labeled as a threat, and strict curbs on information freedom are openly in place. China, for example, has a firewall around its nation, making it extremely hard for the Chinese to access websites outside of their region. Russia as well has decided that the corrupting influence of the Internet is too much and has been attempting to hive itself off from the World Wide Web.
Embracing the Internet sits well in line with the U.S. rights to free speech. However, enthusiasm is waning as the Internet is increasingly used by outside actors to influence politics, steal intellectual property, and damage the economy.
Trying to set rules on the use of cyberattacks is great in principle, but the U.S. is by no means innocent of misusing the Internet. The U.S., along with Israel, an ally, carry out espionage online and reportedly installed malicious software into Iran’s nuclear weapons program. Any rules that the U.S. wants to set, will no doubt still also allow for such activities.
One idea discussed by Biden and Putin was a ban on the targeting of critical infrastructures such as dams, electrical grids, oil and gas production facilities, healthcare, power plants, and nuclear weapon command and control systems. The idea is to prevent cyberattacks from becoming a weapon of mass destruction due to targeting such critical infrastructure.
Of course, forcing compliance with such bans could prove impossible. It is often incredibly difficult to trace the source of such assaults. Furthermore, whilst many such attacks may be state-sponsored, some are carried out by motivated individuals outside of government control. Deterrents such as the unilateral announcement of a tit-for-tat response may help to control the threat of nation-states taking cyber-based actions against others.
Any agreements made will need to require both sides to take steps to both agree to not commit cyberattacks, along with moves by each nation to prevent themselves from being vulnerable to such actions. For example, despite China’s announcement in 2015 that it would no longer seek to steal intellectual property, other nations need to take the necessary steps to ensure their nation and the companies within are essentially bullet-proof in terms of cyber vulnerabilities.
Furthermore, to hold nations accountable for threat actors within their borders, nations will need to agree that claims of ignorance and denials by governments are not sufficient to avoid responsibility. An analogy to this would be how the U.S. government, in the wake of the September 11, 2001 attacks, stated that it would not allow any distinguishment between terrorist groups and governments that supported or sanctioned them. As such, Russia would be held accountable for actions taken by any group or individual working within its borders.
With time, a U.S.-Russia pact could be the seed of an agreement that other groups, such as Europe and China, could join. Whilst an agreement does not add up to disarmament, it does provide the basis for a de-escalation of hostility in an increasingly wild new frontier.