The cyber domain may offer a new direction in how nations threaten and act against one another. This threat’s immediacy became clear when China hacked the U.S. Office of Personal Management’s systems last June, leaking more than 4 million sensitive records.
The U.S. government’s only viable response was economic sanctions against companies and individuals. It refrained from escalating the conflict so close to President Xi Jinping’s official state visit. In other words, although some hope that cyberconflict will revolutionize military and diplomatic interactions, governments are confronting this new threat through traditional methods.
But what evidence is there about the reality of the cyber-threat? The first step to understanding cyberconflict is to define the domain. Here are 10 things to know about the cybersecurity debate, as taken from our recently released book from Oxford University Press, Cyber War versus Cyber Realities.
1. Terminology is important
Many cyber-scholars have been sloppy in their usage of terms, leading to this rather voluminous definitions document by New America. Since almost anything is now termed as a cyberattack, the term itself is meaningless. Predicting the amount, level and context of cyberconflict is dependent on how the term is defined, framed and engaged. For us, the prefix “cyber” simply means computer or digital interactions. “Cyberspace” is the networked system of microprocessors, mainframes and basic computers that interact at the digital level but have foundations at the physical level. What happens on the physical layer of cyberspace is where political questions operate.
We define “cyberconflict” as the use of computational means, via microprocessors and other associated technologies, in cyberspace for malevolent and/or destructive purposes in order to affect, change or modify diplomatic and military interactions between entities.
2. We need data and theories about cyberconflict
We need to develop theories of cyberaction in the cybersecurity field. Without theory, key aspects of cyber-dynamics can be left unexplained, unexplored or ignored in favor of broad projections.
Our counterintuitive theory suggests that rivals will tolerate cybercombat operations if they do not cross a line that leads directly to the loss of life. Put simply, cyber-actors show a remarkable degree of restraint. To support, we need data.
The goal of creating an exhaustive database of all cyber-incidents and disputes between countries is daunting yet achievable. Our data feature interactions between rival antagonists between 2001-2011 and includes dates, strategies, goals, severity and methods. Future updates will extend the data to all countries and expand the years covered.
3. Cybertactics are not used often
In the table below, we list who uses cybertactics against whom, the number of cyber-incidents and cyber-disputes a state has been involved in, the highest severity type of a dispute, the highest method used by the state, the highest target type the state has used and the highest objective of the initiating state.
Only 16 percent of all rivals have engaged in cyberconflict. In, total, we recorded 111 cyber-incidents and 45 disputes over the period of relations among the 20 rivals. The most frequent users appear to be China as an attacker and the U.S. as the attacked. Other frequent offenders include states such as India, Japan, North Korea and Russia, all with ongoing international conflicts, suggesting the context of disputes matters a great deal.
Summary of cyber-disputes among rival states, 2001-2011.
Data and table: Brandon Valeriano and Ryan C. Maness, 2015. From Cyber War versus Cyber Realities: Cyber Conflict in the International System New York: Oxford University Press, p. 88.The Actions We Have Seen Have Been Low in Severity
Data and table: Brandon Valeriano and Ryan C. Maness, 2015. From Cyber War versus Cyber Realities: Cyber Conflict in the International System New York: Oxford University Press, p. 88.The Actions We Have Seen Have Been Low in Severity
4. Cyber-actions to date have not been very severe
The severity levels of the incidents and disputes we observe are, on average, at a very low level. The average severity level for cyber-incidents is 1.65 and for disputes is 1.71. This means that most cyberconflicts – 73 percent – between rival states have been mere nuisances or disruptions. This is surprising, considering how widely the media and military are aware of these possible conflicts. It is also perplexing considering these states are active rivals who seemingly are willing to utilize any tactic to harm their enemy.
Given all this, we may actually be in an era of cyberpeace.
5. Most cyber-incidents are regional
Regional contexts clearly play a role in cyberconflict, a confounding idea given that these technologies defy the physical bounds of time and place.
No comments:
Post a Comment