Book notes: The Darkening Web: The War for Cyberspace—Alexander Klimburg
Publisher description
“No single invention of the last half century has changed the way we live now as much as the Internet. Alexander Klimburg was a member of the generation for whom it was a utopian ideal turned reality: a place where ideas, information, and knowledge could be shared and new freedoms found and enjoyed. Two decades later, the future isn’t so bright any more: increasingly, the Internet is used as a weapon and a means of domination by states eager to exploit or curtail global connectivity in order to further their national interests.
Klimburg is a leading voice in the conversation on the implications of this dangerous shift, and in The Darkening Web, he explains why we underestimate the consequences of states’ ambitions to project power in cyberspace at our peril: Not only have hacking and cyber operations fundamentally changed the nature of political conflict — ensnaring states in a struggle to maintain a precarious peace that could rapidly collapse into all-out war — but the rise of covert influencing and information warfare has enabled these same global powers to create and disseminate their own distorted versions of reality in which anything is possible. At stake are not only our personal data or the electrical grid, but the Internet as we know it today — and with it the very existence of open and democratic societies.
Blending anecdote with argument, Klimburg brings us face-to-face with the range of threats the struggle for cyberspace presents, from an apocalyptic scenario of debilitated civilian infrastructure to a 1984-like erosion of privacy and freedom of expression. Focusing on different approaches to cyber-conflict in the US, Russia and China, he reveals the extent to which the battle for control of the Internet is as complex and perilous as the one surrounding nuclear weapons during the Cold War — and quite possibly as dangerous for humanity as a whole.
Authoritative, thought-provoking, and compellingly argued, The Darkening Web makes clear that the debate about the different aspirations for cyberspace is nothing short of a war over our global values.
About the author
From the GCSC website:
Dr. Alexander Klimburg is Director of the Global Commision on the Stability of Cyberspace (GCSC) Initiative and Secretariat, Director Cyber Policy and Resilience Program at The Hague Centre for Strategic Studies, and a former associate and former research fellow of the Science Technology and Public Policy Program and Cyber Security Project at the Harvard Kennedy School’s Belfer Center. Dr. Klimburg is also a nonresident senior fellow with the Atlantic Council, and an associate fellow at the Austrian Institute of European and Security Policy.
TL;DR: Listen to this NPR interview
It’s one of the great paradoxes of our times that the very technologies that empower us to do great good can also be used to undermine us and inflict great harm
— President Obama, 2015
Cyberspace model
Four-layered pyramid standing on its head.
- Physical layer: the bones of cyberspace. Computers, cables, switches, …
- Logic layer: the nervous system of cyberspace. It’s the coded behaviour of the domain: the programs and protocols.
- Data layer: the muscle system of cyberspace. Documents, emails, pictures, PII (Personal Data), data streams.
- Social layer: the soul or mind of the cyberspace. The Internet of people, human actions and aspirations to make the Internet and the cyberspace.
Cybersecurity
Use of the term “cybersecurity” as a synonym for information security or IT security confuses customers and security practitioners, and obscures critical differences between these disciplines… Cybersecurity encompass a broad range of practices, tools and concepts related closely to those of information and operational technology security. Cybersecurity is distinctive in its inclusion of the offensive use of information technology to attack adversaries.
— Gartner
Offense vs. Defense
Offense is simply much easier than defense is cyberspace
Terms
- Computer Emergency Response/Readiness Team (CERT)
Computer Security Incident Response Team (CSIRT) - Confidence-Building measures (CBM)
technical term for a policy device or instrument intended to reduce conflict or the consequences of conflicts (eg. Washington-Moscow “Hot Line” during the Cold War). - Operational Preparation of the Environment (OPE) aka. “preparing the battlefield.
“High-level British official stated that planting a “primed” cyber weapon in the adversary’s sensitive networks was the same as deploying sea mines in each other’s harbours — arguably an act of war” - SINGINT at rest / in motion
Hacking computer/planting listening device vs. listening while signal is in transit.
Tensions in US Cyber
The US has repeatedly stated that stealing secrets is a completely legitimate activity. As the former NSA and CIA director General Michael Hayden said during an Atlantic Council panel, “Adult nations steal information from one another, and steal my secrets, shame on me, not shame on you.”
“Friendly nations spy on each other,” Keith Alexander has said in closed gatherings, sometimes adding, “Get over it.” He was publicly echoed by the researcher Max Boot: “I have word of advice for American allies outraged by alleged NSA spying on their leaders: Grow up… You just don’t have the resources or capability to spy as effectively as the NSA does. But if you did, you would.”
Information Security / Information Warfare
Information Warfare: “manipulation of information trusted by a target without the target’s awareness, so that the target will make decisions against their interest but in the interest of the one conducting information warfare”
[…] tensions between the offensive and the defensive missions in cyberspace, on the one hand, and between the logical (that is, code) and the psychological aspects of cyber conflict (the information ops versus the information warfare split), on the other.
[…] tension between cyber operations and information warfare […]. It is the the difference between perceiving cyber as just another tool of warfare and seeing warfare completely transformed into a “Guerrilla information war with no division between military and civilian participation”.
The fine line between information warfare and strategic communication should boil down to one word: honesty.
Regardless of the medium or messenger, deceitful statements, […] cannot be a matter of cybersecurity practice. Covert influencing as a tactic is one thing if it is clearly targeted against a specific foreign individual as part of a sanctioned government operation with limited outcome; it is quite another thing if it is on a national scale and en masse, open ended, and inadvertently capable of influencing one’s own electorate.
Russia
The Russian and Chinese definition of information security reflects those nations’ attempts to legitimize state control over all aspects of information, in particular toward hostile content.
[…] what the Russian view of “information war” was, along four dimensions. […] electronic warfare, intelligence, hacker warfare, and psychological warfare. [They] were all put on display in Russia’s conflict in Ukraine.
While the Ukrainian attack was only somewhat successful as a cyberattack, as an act of information warfare it was enormously effective. And information warfare has always been the dominant Russian interest in the cyber domain.
What [Russia] are basically trying to undermine is the idea of reality-based conversation, […] and to use the idea of a plurality of truths to feed disinformation, which in the end looks to trash the information space.
The ability to hide behind the cyber-crime actors and assume no knowledge or control over their activities was always going to be irresistible to the military cyber thinkers in the Russian government.
Non-state actors can be used by the state, overtly or covertly, to execute plausible deniable cyber attacks.
China
January 2015, a number of Chinese users trying to access banned content were instead directed to a pornographic Web site in Germany (which itself was illegal under Chinese law), supposedly due to a random rerouting of traffic. That Web site promptly collapsed under the weight of new visitors.
The redirection of traffic like this can easily force smaller Web sites off-line.
Chinese netizens have developed a virtual library of terms and sly insinuations to avoid triggering the censors.
Trying to keep up with linguistic misdirection and outright code of the bloggers was always going to be a losing proposition for the censors. It was obviously a much better option to distract from and confuse the discussion completely, simply by opening new topics or promoting a new dialogue.
[Censors are] 60 thousand full-time government employees [supported] by up to 2 million part-time contractors.
1 out of every 178 media posts in China was made by propagandists. On government Web sites the ratio may even be as high as 1 out every 2 posts.
Social media provides instantaneous feedback on local issues and grievancs, effectively functioning as a pervasive and continuous sounding platform for government initiatives as well as an early-warning network for possible criticism and especially civil unrest.
While China continues to modernize its critical infrastructure, government, and armed forces, it increasingly loses the advantage of general technological backwardness that it has enjoyed vis-à-vis its most feared opponent. the United States. Any type of cyberattack that could previously have targeted the US without fear of equal response can now also target China whether through collapsing power grids or public infrastructure, knocking out government systems, or attacking financial networks. China has simply grown up — a reality that, ironically, has made it equally vulnerable to the US and other world powers.
Internet Governance
[…] the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet.
— Wikipedia
Laura DeNardis once asserted that the question of who should control the Internet […] makes no sense whatsoever
It is important to understand that states do view it as possible to treat the Internet (and the cyberspace overall) as part of a digital Great Game — a chessboard on which their respective interests can be advanced, and key points captures, all toward the notion of occupying the commanding heights of what will be the dominant domain of the future: cyberspace.
[InfoSec’s as defined] by Russia, China, and others clearly goes beyond the international standards organization’s definition of securing the confidentiality, integrity, and availability of information to also include its use. It clearly implies that the use of information to wage “psychological attacks” against a nation — which explicitly includes “foreign propaganda,” terrorism, and indeed anything that bothers the ruling elite — is a matter of information security and national security.
Data Security […] adds another much-needed perspective to the debate: the role of data protection, or the regulations and standards needed to shield the data of individual human beings from unlawful use
A thriving civil society remains the best insurance policy against a subversion of the Internet by those forces wishing to recast it as a tool of control
UNCLOS seems to offer so many hints for an overarching yet not excessively stringent framework for regulating at least state behavior in cyberspace
the focus of Western governments on technical hacking and cyberwar has allowed authoritarian governments — Russia in particular — to constantly push the topic toward the psychological and information warfare component without much resistance
