Author: Dmitri Alperovitch
Affiliation: The Silverado Policy Accelerator and the Cybersecurity Firm CrowdStrike (Former Chief Technology Officer)
Organization/Publisher: Foreign Affairs
Date/Place: January/February, 2022/ USA
Type of Literature: Journal Article
Word Count: 2705
Link: https://www.foreignaffairs.com/articles/united-states/2021-12-14/case-cyber-realism
Keywords: Cyber-Realism, Cyber Threats, Defense and Deterrence, Geopolitics of Cyberspace, Grand Bargains, and Geopolitical Rivalry between Great Powers
Brief:
The article provides a critical reading of the US perspective of the cyber attacks and crimes against its official and civil institutions by its main opponents, especially China, Russia, Iran, and North Korea. It criticizes the traditional approach based on cyber defense and deterrence in which Washington deals with such attacks and crimes, proposing a more effective alternative realist policy to limit their negative impacts. The author attributes Washington’s weakness in facing these increasing hostile attacks to its neglecting of cyber threats as a top priority and not looking at them in a broader geopolitical context related to the great power rivalry, as Washington deals with the symptoms of the phenomenon rather than roots. The US views issues related to cyberspace as a narrow set of technical problems that must be solved by pursuing a combination of limited deterrence and defensive measures, rather than focusing on the underlying conditions that generated them, i.e. broader geopolitical problems. Therefore, the United States needs a strict realist approach to dealing with “the disease itself”, using all means of exerting pressure and influence on opponents to push them to change their aggressive behavior. This will be, in the author’s eyes, by pushing them to accept a grand bargain with which everyone coexists.
The article is divided into three parts. The first explains the features of the US conventional cyber approach that has been followed over the past decades in dealing with cyber threats. It is based on narrow defense and deterrence as Washington has been dealing with such threats as if they were separate from the geopolitical competitions that make up the global security system, instead of solving their basic causes. Washington focused on strengthening its cybersecurity defense systems and providing protection for sensitive sectors in particular. It has also adopted a policy of imposing limited sanctions on some government officials and contractors associated with these attacks in the respective adversaries’ countries. The author argues that such a conventional policy has not been sufficient to prevent or reduce the severity of attacks and that hackers in cyberspace have an asymmetric advantage: the cost of their intrusion attempts is low, and they put the US government always in a defensive position. Moreover, US sanctions do not affect them directly, and their activities are directed against smaller American entities that do not have the resources and knowledge necessary to repel these attacks, such as schools, hospitals, police departments, small businesses, and others. The author accordingly calls on Washington to impose stricter sanctions on the countries sponsoring them which threaten the pillars of economic growth, such as punishing the national industrial companies in those countries.
The second part discusses the broader geopolitical context in which the hostile cyber activities of the US’ four main adversaries come in this field, or what the author calls the “geopolitics of cyberspace.” The cyber activities of these states and their proxies are closely related to their major geopolitical goals. China seeks to bypass the United States as a superpower. So, it directs the majority of its cyberattacks against Washington in the field of economic espionage. For example, between 2010 and 2015, Chinese hackers hacked vital American companies such as aircraft manufacturing companies and stole valuable information for the benefit of Chinese state-owned companies. By 2018, the Chinese were able to build commercial aircraft based in part on stolen intellectual property. Russia also seeks to maintain its great power status and direct influence in its near abroad, using both cyber and traditional espionage tools. Its cyber activities focus on sowing political and economic turmoil in the West, undermining Westerners’ faith in democratic governments, and weakening the influence of Russia’s Western neighbors. Such activities are consistent with its broader geopolitical agenda; for instance, its interference in the 2016 US presidential election and its 2017 malware attack that brought down hostile networks in the Ukraine. Iran and North Korea have less cyber competence, but their cyber activities are also consistent with their geopolitical goals. For example, the Korean regime has financed itself with tens of millions of USD through cybercrime. As for Iran, it has used economic espionage to circumvent Western sanctions imposed on it. The two countries have also used cyberattacks to weaken regional rivals such as South Korea, Saudi Arabia, and “Israel.”
In the final part, the author provides his recommendations for designing a realist and more effective cyber approach that enables Washington to limit these attacks against it. Improving current cyber defense systems and deterrence are insufficient methods, and the United States should use the right combination of incentives, disincentives, and compromises. If Washington wants to limit or stop hostile cyber activities, it will have to persuade Beijing to strike a grand bargain under which Washington stops escalating the trade war against it. It would also need to allay Moscow’s concerns about US interference in Russia’s domestic and regional affairs, and primarily advance negotiations over the nuclear programs of Iran and North Korea. “The question for the United States and its allies is whether they are willing to prioritize progress on issues in cyberspace over progress on other geopolitical objectives, and what they are willing to give up for the sake of that progress.” The Biden administration must answer this question urgently. The author offers other recommendations, such as increasing sanctions, expanding deterrence, stimulating public and private investment in defensive measures, and showing diplomatic rigor that would enable Washington to change the behavior of its opponents on cyber issues. These are all partial reform measures that mitigate hostile cyber threats until Washington can craft a more lasting diplomatic solution to the inherent geopolitical problems that stand behind these threats.
By: Djallel Khechib, CIGA Senior Research Associate
