Conflict in Cyber Space
eBook - ePub

Conflict in Cyber Space

Theoretical, Strategic and Legal Pespectives

  1. 204 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Conflict in Cyber Space

Theoretical, Strategic and Legal Pespectives

Book details
Book preview
Table of contents
Citations

About This Book

Adopting a multidisciplinary perspective, this book explores the key challenges associated with the proliferation of cyber capabilities.

Over the past two decades, a new man-made domain of conflict has materialized. Alongside armed conflict in the domains of land, sea, air, and space, hostilities between different types of political actors are now taking place in cyberspace. This volume addresses the challenges posed by cyberspace hostility from theoretical, political, strategic and legal perspectives. In doing so, and in contrast to current literature, cyber-security is analysed through a multidimensional lens, as opposed to being treated solely as a military or criminal issues, for example. The individual chapters map out the different scholarly and political positions associated with various key aspects of cyber conflict and seek to answer the following questions: do existing theories provide sufficient answers to the current challenges posed by conflict in cyberspace, and, if not, could alternative approaches be developed?; how do states and non-state actors make use of cyber-weapons when pursuing strategic and political aims?; and, how does the advent of conflict in cyberspace challenge our established legal framework? By asking important strategic questions on the theoretical, strategic, ethical and legal implications and challenges of the proliferation of cyber warfare capabilities, the book seeks to stimulate research into an area that has hitherto been neglected.

This book will be of much interest to students of cyber-conflict and cyber-warfare, war and conflict studies, international relations, and security studies.

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Conflict in Cyber Space by Karsten Friis, Jens Ringsmose in PDF and/or ePUB format, as well as other popular books in Política y relaciones internacionales & Seguridad nacional. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Routledge
Year
2016
ISBN
9781317365419
Edition
1
Topic
Política y relaciones internacionales
Subtopic
Seguridad nacional

1 Competing academic approaches to cyber security

Hans-Inge Langø

Introduction

Ever since science-fiction writer William Gibson coined the term “cyberspace” in his seminal novel Neuromancer we have waited in anticipation for how the information revolution would change society (Gibson 1984). It took a decade for the change to manifest itself in the form of the Internet, but over the past forty years information communication technology (ICT) has steadily changed the economy, civil society and also the military. The social and financial dividends of the revolution seem clearer now than they did in the 1990s, but the security implications of a society dependent on ICT for so many functions remain largely obscured. The promise of cyber wars has not (yet) been fulfilled, and both scholars and practitioners alike have struggled to define, much less agree on, what conflict in the wake of the information revolution will look like.
There is a wide range of literature on the subject, ranging from conceptualization of potential technology to operational analysis of current capabilities. However, there is severe disagreement on both the theoretical and conceptual foundations of cyber security.
At the heart of this debate is a deceptively simple question: how can actors leverage ICT to achieve political goals? For both technical and functional reasons, this technology is largely framed as a source of vulnerability, rather than a source of strength. Unlike kinetic energy, cyber weapons cannot blow up a building. Rather, they are dependent on technological vulnerabilities to be effective. In essence, the object of analysis is power, cyber power, and how actors can utilize their own cyber capabilities and exploit others’ vulnerabilities. What this power looks like in practice is a source of contention across various epistemic communities, because we are still trying to determine rudimentary questions of how effective cyber weapons are, but also how vulnerable we are, in both a technical and political sense.
This chapter will discuss how cyber power is framed and discussed academically. The literature covering cyber security is disparate and covers a wide range of epistemic approaches and ontological subjects. However, there are some key questions common throughout, mostly concerning cyber power, and particularly coercive cyber power (Betz and Stevens 2011). In order to impose some intellectual order on the myriad texts, I have divided the literature into three schools of thought. Though the schools overlap in some ways, and sometimes in authors, they have distinct approaches to how to understand cyber power. In one way, this is also an historical, albeit brief, account of the academic field as it has developed over the past four decades or so. The three schools of thought represent eras as much as they represent epistemic communities, though as will become clear later on reality is seldom as neatly organized as one wants it to be. The typology suggested here should therefore serve only as a guide for future discussion.
The first section of this chapter will discuss the oldest school of cyber security, the Revolutionist school, which holds an expansive view of ICT and how it can change conflict. To illustrate the core ideas of this school, I present some selected central texts, showing how these ideas have influenced current thinking on cyber policy, and particularly the potential for cyber war. The next section presents the Traditionalist school. This school is largely defined by its function as a corrective to the more expansive claims of the Revolutionists, so many of its core texts and ideas have been written in response to Revolutionist thinking. The chapter will point to several weaknesses and shortcomings of both these “schools,” arguing that the Revolutionists tend to see possibilities without empirics, while Traditionalists tend to see only as far as the empirics go. To overcome these shortcomings I will argue that we need to focus on the specific nature of cyber space and cyber power. To this I suggest an alternative, “environmental” approach. The last section will synthesize the few texts already published within this approach, and suggest possible ways forward.

The Revolutionists

The Revolutionist school of cyber security consists of a wide range of texts. As several of these were written in the formative years of the information revolution, they have to a certain extent defined how cyber security is understood today.1 They shaped the thinking around this nascent technology, and as such the texts were primarily conceptual in nature. The technical details of cyber space and ICT were the launching pad for speculation and prognostication about how the technology would affect warfare and conflict. Looking back at these early texts, we can see that the Revolutionist school has two overlapping approaches to cyber security. The first, and oldest, is narrow in its approach, as it focuses on military-to-military operations and either kinetic effects or disruptive effects similar to electronic warfare. While this approach was maturing in places like the Pentagon, a second approach surfaced, one that was more holistic in examining the potential marriage of technology and organization. This second approach was part of the Revolution in Military Affairs (RMA) movement in the 1990s, and also offered glimpses of how technological change would manifest itself on a societal level. Whereas the two approaches may differ as to the subject of analysis (military versus societal structures) and purpose (capabilities concepts versus organizational concepts), both seek to identify the potential for cyber warfare in a strategic context. Moreover, the entire school of Revolutionist thinking is marked by an expansive, optimistic view of the role of technology in conflict—with some even claiming that new technology will change the very nature of war.
The idea of waging war against and through computer systems is nothing new, and we see this in the first part of the Revolutionist school. Even though most of the literature on cyber warfare has appeared in the past two decades, the vulnerabilities associated with widespread ICT integration were being discussed well before the spread of the Internet and the personal computer. In 1976, the term “information warfare” was coined in a US Department of Defense report on the potential vulnerabilities of US weapons platforms that had become reliant on computer systems.2 If someone could manipulate or disrupt the processes controlling these platforms, that actor could keep the weapons from receiving launch commands. That would have implications for defense as well as offense: the United States could be the target of such operations, but could also exploit similar vulnerabilities in Soviet systems (Rona 1976). Pentagon analysts continued working on the concept of information warfare throughout the 1980s (Berkowitz 2003). By the time the Cold War had ended, ICT had become such an integral of society that a new term was coined, Strategic Information Warfare (SIW). A 1996 RAND report argued that the United States and a range of other countries had grown so dependent on ICT that computer network attacks (CNA) against these networks could have strategic effect (Molander et al. 1996). Cyber warfare was thus elevated, at least conceptually, to the same level as other forms of strategic warfare.
Scholars were now comparing cyber power to other forms of military power, with some even describing it as potential, albeit indirect, weapons of mass destruction (Clemmons and Brown 1999). The most common comparison though is between cyber power and strategic air power (Rattray 2009). In one of the most important texts on the subject, Gregory J. Rattray draws several parallels between the rise of strategic air power in the 1930s and 1940s and the possible use of cyber space as an arena for strategic warfare.3 Rattray rejects the notion that cyber space is a virtual domain and thus the claim cyber conflict is a new phenomenon. It is all a product of physical processes, even if it is at the microscopic level. What is distinct, Rattray argues, is that SIW can be conducted in either a physically violent or a non-violent way. Even if a digital attack does not cause damage or shed blood, that does not mean it does not constitute a use of force. He refers to digital warfare as a type of microforce that can cause significant amounts of damage, despite the low level of energy expended: whereas a nuclear bomb kills many people and is terribly destructive, cyber attacks can be quite disruptive, with the potential for paralyzing economies or societal functions. However, as Rattray himself admits, the “microforce potential of digital information warfare is as yet unclear” (Rattray 2009).

Information revolution

While the concept of SIW depicted new types of military operations and targets, its focus on kinetic-like effects was largely traditional. Other scholars sought to reveal the broader implications of the information revolution underway, including, but not limited to, computer network attacks. This came with the debate on cyber security in the 1990s, when speculation about the potential for cyber power was debated through the prism of the Revolution in Military Affairs (RMA) (Gray 2005; Owens 1995).4 ICT offered the opportunity for organizational changes in the military, in the shape of network-centric warfare, but the information revolution could also bypass the military and lead to societal conflict in cyber space. This is the second part of the Revolutionist school.
Many of these ideas were articulated by John Arquilla and David Ronfeldt. They wrote extensively about how the information revolution would revolutionize the way the military would wage war. This revolution would not be limited to new tools, the purely technological aspect, but would also encompass organizational changes enabling a more coordinated and efficient military. Arquilla and Ronfeldt indicated that, in the future, “warfare is no longer primarily a function of who puts the most capital, labor and technology on the battlefield, but of who has the best information about the battlefield” (Arquilla and Ronfeldt 1997b: 23).
Their own definition of the term cyber war is therefore quite broad. It referred to the conduct of “military operations according to information-related principles.” In practical terms it would entail disrupting or destroying the opponent’s ICT systems, but it could also mean maintaining informational superiority over your opponent (Arquilla and Ronfeldt 1997b: 30).
The basic idea behind Arquilla and Ronfeldt’s concept, and thus its link to the RMA debate, is the translation of non-material factors into material gains. How do “we” use information and information systems to defeat an opponent when we need to do this cheaply or have no other options, due to imbalance in resources? As the authors stress, cyber war “should not be confused with past meanings of computerized, automated, robotic, or electronic warfare” (Arquilla and Ronfeldt 1997b: 30). To them, it is a broader concept that combines organization, doctrine and technology in order to transform warfare, and where information is a veritable commodity (Arquilla and Ronfeldt 1997c: 158). Informational superiority can also mean being able to manipulate the decision-making process of the opponent (Stein 1996).
Though much of what they write is speculative, Arquilla and Ronfeldt draw on historical examples such as Blitzkrieg and Mongol warfare to show how the information revolution might further change warfare. One of their proposals is a doctrine based on swarming: “when the dispersed nodes of a network of small (and also perhaps some large) forces can converge on an enemy from multiple directions, through either fire or maneuver.” As they describe swarming, “[t]he overall aim should be sustainable pulsing—swarm networks must be able to coalesce rapidly and stealthily on a target, then dissever and redisperse, immediately ready to recombine for a new pulse” (Arquilla and Ronfeldt 1997d: 465). Related to this concept is the idea of a technological “Mesh,” or a system of sensors, to empower the United States on the battlefield (Libicki 1994).
Whereas cyber war is fought by militaries, Arquilla and Ronfeldt also envisioned another type of conflict in cyber space, called netwar (Arquilla and Ronfeldt 1996). Such a conflict would be between states or societies, but on a lower level of conflict than cyber war. Its aim would be to affect the opposition population’s beliefs or perceived knowledge about themselves or others. Netwar “may include include public diplomacy measures, propaganda and psychological campaigns, political and cultural subversion, deception of or interference with local media, infiltration of computer networks and databases, and efforts to promote a dissident or opposition movements across computer networks” (Arquilla and Ronfeldt 1997b: 28). Given both its form (asymmetrical, non-hierarchical and probably non-violent) and function (societal change), netwar can be seen as a hypothetical continuation of traditional Kulturkampf. Thomas Rid and Marc Hecker have come up with a related concept, “War 2.0,” to describe the role of media operations and information technology in asymmetrical conflict. While it encompasses public affairs, psychological operations, public diplomacy and informat...

Table of contents

  1. Cover
  2. Half Title
  3. Title Page
  4. Copyright Page
  5. Table of Contents
  6. Notes on contributors
  7. Preface
  8. Introduction
  9. 1 Competing academic approaches to cyber security
  10. 2 From cyber threats to cyber risks
  11. 3 Cyber spillover conflicts: transitions from cyber conflict to conventional foreign policy disputes?
  12. 4 Power, rivalry and cyber conflict: an empirical analysis
  13. 5 Cyber security in Sweden and China: going on the attack?
  14. 6 Who pays for zero-days? Balancing long-term stability in cyber space against short-term national security benefits
  15. 7 How to govern cyber security? The limits of the multi-stakeholder approach and the need to rethink public–private cooperation
  16. 8 Cyber warfare by social network media
  17. 9 Politics and the development of legal norms in cyber space
  18. 10 Cyber weapons: oxymoron or a real world phenomenon to be regulated?
  19. 11 Law in the militarization of cyber space: framing a critical research agenda
  20. Index