In an era where vast quantities of personal data are stored in internet-connected devices, many individuals are concerned about their privacy – and recent hacks of Facebook and Equifax validate their concerns. But what are the implications of cybersecurity for the balance of power in international relations? We hear news occasionally about government departments being hacked, or companies suffering data breaches, but can this have a meaningful impact upon entire countries, or is it simply a problem that their citizens will be burdened with? If it can, what effect will it have on the global balance of power?
Whereas facing up to the US in conventional warfare requires billions of dollars of military hardware, a single person armed with a laptop and an internet connection can do untold damage to US infrastructure.
While rich Western nations have long dominated international politics thanks to their ability to commit vast sums to military technology and capabilities, cyberwarfare offers a much more level playing field. Whereas facing up to the US in conventional warfare requires billions of dollars of military hardware, a single person armed with a laptop and an internet connection can do untold damage to US infrastructure. With such low barriers to entry, almost any state can get involved in cyber-espionage. Certainly, the West currently has an advantage in terms of number of agents and their skills. But hacking skills are rarely developed in a university lecture hall; instead, they are developed through experience and interaction with other like-minded individuals across the world on forums, an opportunity available to anyone connected to the internet. Furthermore, in many ways the traditional powers are disadvantaged in the field of cyberwarfare. They often face difficulties in recruiting talented workers. Nearly 40 percent of FBI cybersecurity jobs were left unfilled through 2014, with the then-director James Comey lamenting the fact that “I have to hire a great work force to compete with those cyber criminals and some of those kids want to smoke weed on the way to the interview”.
In addition, while internet connectivity is rapidly spreading across even the most deprived areas of the world, its adoption has mostly been by consumers, and particularly through mobile phones. In contrast, Western nations have seen a rapid increase in the connectivity of infrastructure such as hospital records, power grids, and rail infrastructure. Though many of these systems are just beginning to be connected to the internet, the underlying infrastructure may be decades old. As a parliamentary report on cybersecurity noted, “Many CNI [critical national infrastructure] computer systems were designed before cyber security was a major concern. More hardware means that more devices need to have security patches installed, vulnerabilities addressed, and that there are more opportunities for devices to be hacked. Perhaps more concerningly, this also means a much greater opportunity for human error. All it takes is for one doctor to click an infected email attachment, and the whole system could be under threat”.
Certainly, I don’t think that the major battles of international conflict will be moved from the real to the virtual world. You can’t (yet) hack a soldier wielding a gun, so conventional military force will continue to be a key measure of a state’s international influence. It may be interesting to consider, however, that rising automation of the military may eventually leave it vulnerable to cyberattack. But one should not be quick to write off the threat that cyberwarfare and espionage pose. Of course, a cyberattack is unlikely to cause the same casualties as an attack by more tangible means. However, consider the consequences of an attack that takes down the power grid, or causes the stock market to plunge. It might not cause as much loss of life as a bombing, but it could nonetheless cripple a nation. You do not need to look any further than the WannaCry ransomware attack to see the chaos cyberespionage can cause: the attack crippled the NHS for several days in 2017 and forced some hospitals to resort to pen and paper. What is more concerning about the attack is the fact that it exploited a vulnerability that had been discovered by the NSA years earlier, which was stolen from them when they were themselves hacked in April 2017.
Cyberwarfare also offers a great deal more uncertainty than traditional conflict. A state can use satellites and spy planes to observe an enemy building up military strength or to track the movement of naval groups throughout the world’s oceans, but it is almost impossible to see the preparations for a cyberattack. Every day, secure servers around the world face login attempts from all directions, like a Jenga player constantly tapping a block to see if it will come loose. It goes without saying that a well-configured system will easily resist these attempts, but one overlooked weakness, one port left open, and the threat of attack increases exponentially. Furthermore, a skilled attacker might be able to remain undetected for months, surreptitiously intercepting communications and stealing information. In addition to these concerns, network infrastructure may also introduce potential supply chain issues that are unlikely to be encountered with traditional military hardware. Even if the products that end up being plugged in are made by a Western company, many computers, servers, and other network infrastructure devices contain chips made in China. A recent investigation by Bloomberg has alleged that more than 30 companies, including Apple and Amazon, installed servers that were compromised by a tiny chip installed during the manufacturing process. As the authors of the article point out, “Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get”. A military rarely has to fear that their equipment has a secret weakness that only their enemy knows about, but the same can’t be said for network equipment.
One overlooked weakness, one port left open, and the threat of attack increases exponentially.
We have already begun to see cyberespionage being utilised by governments. Russian influence in the US election remains fiercely debated, but most accept they had some influence on the outcome. North Korea has long been suspected of engineering several cyberattacks against the West, including the November 2014 Sony hack. In addition to using it to damage their enemies, they have also allegedly used cyberespionage to help sustain themselves in the face of sanctions. A hack of the Bangladesh central bank, which was meticulously planned to take advantage of national holidays in two different countries, netted the attackers 81 million USD, which would make it one of the most expensive bank heists of all time. Similarly, Oxford and Cambridge have had research stolen by Iranian hackers, which allowed the state to get around sanctions that it still faces from many Western states. The first cyberweapon has already been deployed: the Stuxnet virus, suspected to have been created by either the US or Israel, infected computers at Iranian nuclear facilities, and caused centrifuges to fail, going undetected for more than a year.
While conventional warfare is not going away any time soon, it would be unwise to underestimate the threat that cyberwarfare and espionage poses. Keeping a nation and its infrastructure safe requires constant vigilance, careful network design, and proactivity in updating and monitoring equipment. Sadly, governments (and frequently private sector businesses) all too frequently adopt an “if it ain’t broke don’t fix it” attitude to IT and network security. The NHS computers infected with WannaCry, for instance, were still running Windows XP. If the West wishes to extend its privileged position in the new emerging global order into the much more level field of cyberwarfare, they would be well advised to modify this strategy and commit to investing in network infrastructure.