Cyberspace OperationsDigital Geopolitics and the Imperative of Cyber Diplomacy: Shaping a Unified and Secure Cyberspace
Note to readers: I was scheduled to participate in the panel discussion at the CyberPeace Summit 2023. However, due to unforeseen timing constraints and prior obligations that I could not reschedule, I was regrettably unable to present my intervention. As I believe the contents of this speech are critical and worth sharing, I have decided to publish it here for the broader audience. While I wasn’t able to deliver these thoughts virtually, I hope they provide value and insight to those interested in the topic.
Ladies and Gentlemen,
Esteemed delegates,
Good morning. Good day and afternoon. I want to thank the Global CyberPeace Summit and Dialogues for organising and hosting this important event. As the title of this panel states, Internet Governance and Cyber Policy Dialogue have a role to play in ensuring an open and resilient cyberspace that benefits all humankind.
Today, I will highlight incidents and their consequences, discuss cyber diplomacy, and touch upon digital geopolitics. The critical interplay between diplomacy and cyberspace will become more evident by the end.
This is more critical than you may think:
Imagine if threat actors could infiltrate companies managing the IT of thousands of clients.
In 2017, a report was released detailing cyber espionage campaigns of another country. The report uses various analysis methods to attribute the cyber espionage campaign to a specific threat actor.
The attackers targeted companies that manage their customer’s IT and systems. These companies, also known as managed systems providers, have access to their customer’s networks.
As you can imagine, managed systems providers are very lucrative targets for cyber espionage attacks.
According to the report, once a threat actor has gained access, and I quote, “it is likely to be relatively straightforward to exploit this and move laterally onto the networks of potentially thousands of other victims.”
The targets included industries, and I quote, in “information technology, high-tech electronics, financial services, satellites and telecommunications, energy, public administration, scientific research and consulting, chemicals, and aerospace.”
Another threat actor has targeted governments, private companies, the media, and other organisations.
What are the implications of cyber espionage campaigns?
In 2014, three world-leading companies suffered cyber espionage. In 2017, one filed for bankruptcy, one declared bankruptcy, and the third traded at less than half of pre-attack levels.
Let’s discuss some other attacks.
In 2021, threat actors conducted a ransomware attack on Colonial Pipeline. Colonial Pipeline is the largest refined products pipeline in the United States, transporting more than 100 million gallons or 2.5 million barrels per day. Colonial transports approximately 45 per cent of all fuel consumed on the East Coast, providing refined products to more than 50 million Americans.
The threat actors demanded 75 bitcoins, which were equivalent to USD 4.4 million at that time. This attack impacted the US’s political, economic, and social systems.
In 2021, a private company stated that a threat actor was inside another neighbouring country’s energy and power plant’s IT systems.
In 2022, just as the Russian aggression towards Ukraine began, Ukrainian agencies were hit by cyberattacks. In addition, the cyberattacks also hit satellite operator Viasat. Why? The threat actor intended to attack Ukrainian military command and control systems. However, the attack had secondary/tertiary effects by striking civilian infrastructure operated by Viasat.
These examples showcase how national security interests are furthered in and through cyberspace.
Cyberspace is increasingly used for cyberespionage, cyber-ransom attacks, misinformation, and disinformation campaigns, attacking the information environment and, in turn, the cognitive dimension of humans.
These incidents offer a backdrop for the importance of our discussion today.
Therefore, we must understand the challenges to tackle them together.
So what do we do about this?
Cyber diplomacy and dialogue have a vital role to play, and so does deterrence.
I published a research article reviewing the policy landscape of cyber deterrence and dialogue. In 2017, scholars said, and I quote, “protecting or advancing national interests cannot merely rely on deterrence: shaping behaviour requires ‘active cyber operations’.”
In 2018, another scholar stated that Information systems are always vulnerable: states that are “not constrained by the etiquette and rules of Western law” will exercise cyber power by combining it with “conventional military and intelligence assets.”
In 2019, a third scholar covered the topic of a policy of persistent engagement, strategic stability, superiority, and forward defence. The same year, a framework to assess policy in persistent engagement was published.
Additionally, in 2019, another scholar reviewed the opportunities and limits that international law provides.
In 2020, a different scholar stated, “There is opportunity to shape behaviour in cyberspace, but so are potential risks of escalation.”
“The prospects of this strategy are ambiguous”, and only through the “accumulation of empirical experience in the application of this strategy” will the advantages become apparent.
The same scholar said that diplomatic dialogue, be it behind the scenes or covert dialogue, is critical to ensure that communication between states occurs at all levels, from peace to crisis and un-peace.
And Cyber Diplomacy does indeed have a role to play.
Remember the Colonial Pipeline case I mentioned earlier? Once Colonial Pipeline identified the attack, they contacted a cyber security company to investigate and respond.
They also notified Law enforcement and the federal government authorities of the attack. The pipeline was taken offline to reduce the risk of exposure to the operational network. The CEO of Colonial Pipeline took the difficult decision to pay the ransom of 75 bitcoins ($4.4 million).
On the political level, President Joe Biden declared the event a state emergency. The Department of Justice gave US agencies and their allies the legal authority to recover the bitcoins, approximately USD 2.3 million.
Finally, in June 2021, at the President Biden and President Putin summit in Geneva, the two Presidents held a dialogue on arms control cybersecurity and the Colonial Pipeline ransomware attack.
This is just one illustration of how crucial cyber diplomacy and global collaboration are in today’s interconnected globe.
Cyberspace has also implications for digital geopolitics. In another research article I published, it became evident that technology has always been at the heart of geopolitics.
When we were exploring the seas, it became vital to secure sea transport lanes. This led to the notion of Sea power.
As technology and innovation continued and the discovery of the steam engine, we had trains that could transport resources faster than sea transport. Thus, it became vital to secure these transports, hence land power.
And with the discovery of the aeroplane, we could transport traditional mail and other resources even faster. Hence, it was essential to discuss air power.
The same logic applies to space power. And today, with these cyber systems that are the backbone of everything we do online, it is crucial to discuss cyber power.
Therefore, digital geopolitics is about analysing internetworked information systems, or cyberspace, that, combined with geographic features of Earth and space, impact world politics and a country’s political, military, economic and social systems.
It is evident that malign entities exploit vulnerabilities for cyber espionage and cyber attacks.
Furthermore, malign entities use cyberspace to conduct misinformation and disinformation campaigns. The target here is humankind’s cognitive vulnerabilities.
The consequence of cyber attacks on companies is that some go bankrupt.
The consequences of misinformation and disinformation are that some citizen groups engage in hate speech and violence.
One policy response has been the notion of cyber deterrence and persistent engagement. But what encapsulates everything is that cyber diplomacy and dialogue always have a role to play.
Let us not be deterred by malign entities because we know that digital geopolitics impacts a state’s political, military, economic and social systems.
Together, through cyber diplomacy and dialogue, we’re not just combating cyber threats but ensuring that current and future generations enjoy an open and resilient cyberspace that benefits all humankind.
Thank you again to the Global CyberPeace Summit and Dialogues for organising and hosting this important event. I wish you fruitful dialogue and discussions on these very important topics.
Thank you.