A recent story from the Associated Press describes a report that Washington and Moscow have plans to establish a hotline to prevent a hostile cyber war between the two countries. The multidimensional nature of the cyber security threat affects everything from public service infrastructures, such as water and electricity supply, to the integrity of the systems that govern nuclear assets.
The nuclear hotline, housed in the Nuclear Risk Reduction Center that was established under President Ronald Reagan in 1988, would be expanded to include direct communication on cyber security. The question is why it has received the same priority as nuclear politics? I think the reasoning suggests clandestine groups like Anonymous are threatening in what they do, but they are also only the tip of the iceberg in terms of the potential scale and damaging effects cyber attacks can have.
The weapons in this new conflict are basic: increases in computing power and the implementation of 4G+ networks that work faster and carry larger amounts of data. But while these components are simple in the now highly-wired world, overseeing their use requires government agencies that can first keep up with the pace of technological change, and then recognize, anticipate and act against the possible threats.
But not all cyber threats should be seen as overtly malicious to a national state. Rather, there is also a criminal (even activist) component in cyber security. Hactivist group Anonymous, for example, has an objective of only retrieving (or stealing) information from networks, not compromising their integrity. Attacks aimed instead at the destruction of such networks are categorically different. While the protection of sensitive information is vital, and while Anonymous’ actions in exposing confidential information are not correct, it is the destabilizing potential of these attacks that I think is the motivation for the establishment of this hotline in the first place.
A more malicious cyber attack could potentially lead to the destruction of the function of vital systems and external control of others, systems that are critical to national security. The complexity is also augmented in the vastness of cyberspace: The digital world is less respective of national borders than traditional conceptions of security. For example, the data on your Facebook profile could be divided between the company’s database in Santa Clara, California, and its new data centre in Sweden.
The point to take away here is that the development of more robust and advanced infrastructure can be beneficial, but also raises the risks of its misuse correspondingly. States do not have a monopoly on new cyber infrastructure or the information that flows through it. Putting cyber security on par with nuclear security is perhaps a two-fold strategy that on one hand recognizes the future possibilities of the cyber threat, while revealing that states really have no strategy on how to deal with it.
The alliance between Moscow and Washington at least shows that they have understood the importance of it; now we have to figure out what to do about it.