Connect with us

Intelligence

Da’wah in the West: Islamic “Just War”

Published

on

In a research under the title “The Qur’an and War: Observations on Islamic Just War,” from 2012, Dr. Joel Hayward says that his purpose is to analyze the holy text which underpins Islam and articulates its mandatory codes of conduct in order to determine what that text, the Qur’an, actually requires or permits Muslims to do in terms of military violence….

This article is intended to be useful — sufficient to dispel any assumptions that the Qur’an advocates the punishment, subjugation or even killing of “infidels” as well as to reveal its key concepts governing justice during wartime…

Even a cursory reading of the Qur’an will draw the reader’s eyes to hundreds of scriptures extolling tolerance, conciliation, inclusiveness and peace, but also to a few scriptures that seem to be more aggressive…

“my conclusion (and that of every authoritative Islamic scholar) that the Qur’an is unambiguous: Muslims are prohibited from aggressive violence and are compelled, should war prove unavoidable, always to act within a code of ethical behavior that is closely akin to, and compatible with, the western warrior code embedded within Just War.

Hayward chooses to confirm his above-written assertions by trying to analyze verses that are used as warmongering by the “enemies of Islam.” He claims that “many critics assert that verses 9:29 and 2:190-194 directs Muslims to wage war against any and all disbelievers anywhere who refuse to embrace Islam or at least to submit to Islamic rule.” However, he says “they do not mandate Muslims to wage aggressive war or to inflict disproportionate or indiscriminate brutality.”

Then surprisingly he turns to analyze the abrogation doctrine. He claims that “The Qur’an itself states in several Surah that Allâh’s words constitute a universally applicable message sent down for ‘all of mankind’ and that it was a ‘reminder’ (with both ‘glad tidings and warnings’) to ‘all’ of humanity (Surah 34:28, Surah 39:41 and Surah 81:27). But what is the connection between abrogation and Islamic just war?

Hayward tries to prove the abrogation doctrine is non-existent. How he does so? Very simple: he just dismisses all Islamic classical exegetes and totally relies on the fresh new Islamic propagators in the West. Here is the main problem: the disqualification of Islamic classic and most important exegetes. In his words: “certainly most Islamic authorities on the Qur’an and Muhammad today, as opposed to scholars from, say, the more ambiguous medieval period (author’s emphasis), are firm in their judgement that the most warlike verses in the Qur’an, even those revealed very late in Muhammad’s mission, do not cancel out the overwhelming number of verses (author’s emphasis) that extol tolerance, reconciliation, inclusiveness and peace.

Who are the exegetes that cancel these most important doctrine? Well, the oracles of Hayward are three, in fact four:

The British scholar Dr Zakaria Bashier (War and Peace), who claims that “all the beautiful verses throughout the Qur’an which instruct Muslims to be peaceful, tolerant and non-aggressive are No reason exists at all to think that they have been overruled.”

The “Prolific British scholar Louay Fatoohi (Jihad in the Qur’an: The Truth from the Source), arguing that “overwhelming number’ of Muslim scholars reject the abrogation thesis regarding war (author’s emphasis). Fatoohi highlights the fact that throughout history the Islamic world has never acted in accordance with this extreme view, that Muslims have co-existed very well with other faith communities and that the 1600 million peaceable Muslims in the world today clearly do not accept the view otherwise, if they did, they would be at war as we speak.”

Muhammad Abu Zahra (Concept of War in Islam), an important and influential Egyptian intellectual and expert on Islamic law, summed up the mainstream Islamic view by rejecting any abrogation thesis pertaining to conflict and stating that “War is not justified… to impose Islam as a religion on unbelievers or to support a particular social regime. The prophet Muhammad fought only to repulse aggression.”

Sohaib Nazeer Sultan (The Koran for Dummies) makes the same point that the martial verse and the sword and those like it do not abrogate the more numerous peaceful, tolerant and inclusive verses.

However, not only we do not have any corroboration for these claims, we just have to believe they know better than Ibn Salama, al-Nasikh wal-Mansukh; al-Nahhas, al-Nasikh Wal-Mansukh; al-Baydawi, Anwar at-Tanzil wa-Asrar at-Ta’wil; al-Zarkasi, al-Burhan fi ‘Ulum al-Qur’an; al-Suyuti, al-Itqan fi ‘Ulum al-Qur’an; and Lubab an-Nuqul fi Asbab an-Nuzul; Fakhr al-Din al-Razi, al-Tafsir al-Kabir; Ibn Hazm, al-Nasikh wal-Mansukh; al-Zamakhshari, al-Kashshaf; al-Tabari, Tafsir; al-Wahidi, Kitab Asbab Nuzul al-Qur’an; Ibn Kathir, Tafsir.

You see, all these esteemed exegetes, biographers of Muhammad, highly acclaimed interpreters of Qur’an in Islamic religious history are put aside and thrown away by the new scholars of the 21st century, who use Da’wah as a diplomacy of deceit to mislead the infidels. It is as if James Madison and Thomas Jefferson have not written the US constitution, or that Alexander Hamilton, James Madison and John Jay have not written the “Federalist.” Even better say, it is as if these personalities have nothing to do with the US constitutional and political establishment, and they all must be null and void compare to new propagators claiming totally the opposite about the history of the US.

Then, Hayward turns “the so-called ‘verse of the sword of Surah 9:5.” He claims

“Bin Laden certainly did draw upon the verse of the sword and other seemingly militant Qur’anic scriptures in his August 1996 ‘Declaration of War against the Americans occupying the Land of the Two Holy Places’ as well as in his February 1998 fatwâ.”

However, Bin Laden “is not representative of Islamic belief or behaviour.” For Hayward

“It is quite true that, taken in isolation, Surah 9:5 seems an unusually violent pronouncement for a prophet who had for twenty years preached tolerance, peace and reconciliation (my emphasis). Yet it is equally true that, when read in the context of the verses above and below Surah 9:5, and when the circumstances of its pronouncement by Muhammad are considered, it is not difficult for readers without preconceptions and bias to understand it more fully… It is thus not as bloodthirsty as Robert Spencer and his colleagues portray it… it would only nowadays have any relevance and applicability if polytheists and idolaters ever tried to undertake and re-establish pagan practices in the Saudi Arabian cities devoted only to Allâh: Mecca and Medina. In other words, in today’s world it is not relevant or applicable (author’s emphasis and double emphasis).

Moreover, Hayward says Ibn Kathir said no such thing that the verse of the sword abrogates all peaceful verses ever previously uttered by the prophet, as Spencer claim: “Spencer mistakenly extrapolates this to claim, baselessly.”

Well, the reader in Arabic and in English who reads Ibn Kathir classical Tafsir, is sure Ibn Kathir said verse 9:5 abrogates all the so-called peaceful verses. If one wonders how Hayward misunderstands what Ibn Kathir said, well here is Hayward’s interpretation to another warmongering verse (4:89), which clearly claim to “seize and slay the infidels wherever you find them.” This verse, Hayward says,

“is surrounded by so many other explanatory and qualifying verses that its superficially violent meaning is immediately moderated by its context of tolerance and understanding. First, it threatened violence in self defence only … Secondly, it stated that, if those aggressors left the Muslims alone and free to practice their faith, and if they did not attack them, but offered them peaceful co-existence, then Allâh would not allow Muslims to harm them in any way… The verse not only offered peaceful co-existence to those who formally made peace with the Muslims, but also to anyone…”

Well, this is indeed an interesting interpretation, yet it has nothing to do with the reality. What ridicule the situation is Hayward own words: first, there is a war against the infidels, but it is only “self-defense.” Second, “if those aggressors left the Muslims alone and free to practice their faith, and if they did not attack them, but offered them peaceful co-existence, then Allâh would not allow Muslims to harm them in any way” (my emphases). In other words, if those “aggressors” yield to the Muslim demands, than peace prevails according to the Muslims’ terms. This “coexistence” has one meaning: a total defeat and surrender to Islam, as those aggressors must to live under Muslims’ terms. This is not exactly a peaceful coexistence.

Hayward is right when claiming that Surah 22:39 contains that first transformational statement of permission to fight in self-defense. However, he could not avoid using Da’wah, diplomacy of deceit, by claiming “Interestingly, it even extols the defense of houses of worship, including the churches of Christians and the synagogues of Jews.” Where from he has taken this false statement?

Hayward continues by claiming that

“In every Qur’anic example in which warfighting (qital) is encouraged for protection against oppression or violence, verses can be found that stress that, should the wrongdoers cease their hostility, then Muslims must immediately cease their own fighting.”

Well, the root q-t-l (noun Qitāl) means slaying, killing, fighting, slaughtering. It appears 123 times in the Qur’an, of which thirty-four times in the Meccan Sûwar and eighty-nine times in the Medina Sûwar, and it reveals the warlike character of the Arab Islamic political culture. The purpose and rules of Jihād Fī-Sabīlillāh and Qitāl merge together, being an inseparable part of Islamic roles, motivations, and targets. Both have the same objectives to make Islam dominant over all other religions. That is why Jihad is the inspiration, the call to bring Islamic religious and political superiority, while Qitāl is the earthly act of fighting and slaughtering the infidels.

As a propagator of Islam, Hayward could not escape praising Muhammad as a pacifist tender person and anti-war hero:

“Muhammad was no warmonger and forgave and pardoned mortal enemies whenever he could. This “reluctant warrior,” to quote one scholar, urged the use of nonviolent means…

Muhammad recognised that wars were so unpalatable to his peace-loving community that, even though the causes of Muslim warfighting were just, he had to go to extra lengths…

However, the truth is unfortunately very different. Hayward have to learn the three best and most acclaimed biographers of Muhammad: Ibn Ishaq, Sīrat Rasûl Allāh; al-Tabari, Ta’rīkh al-Rusûl wal-Mulûk; and al-Waqidi, Kitāb al-Maghāzī, as to really realize the way and the character of the wars conducted by Muhammad and his believers. Even personally, the list of Muhammad’s killing is long.

Hayward states that “the Qur’an repeatedly enjoins Muslims to remember that, whenever possible, they should respond to provocations with patience and efforts to facilitate conciliation.” But he does not mention that this command was true only to the Meccan period, when Muhammad and his community of believers were small, weak and vulnerable, compare to the Meccans. This is something to recall: after 12 years of religious preaching at Mecca there were only 150 believers, including women and children. However, to introduce the war-like character of the Arabs, 10 thousand joined Muhammad’s ranks after his victory in the Badr War, in March 624.

Only at the end of his research, Hayward refers to topic, mainly “Observations on Islamic Just War.” He claims that

“The reasons for going to war expressed within the Qur’an closely match those within jus ad bellum, the Just War criteria which establishes the justice of a decision to undertake combat. The criteria include Just Cause, Proportionality and Last Resort” (my emphasis).

He has done nothing to prove this claim. He claims that

“Muhammad would instruct them to fight honourably, not to hurt women and children, not to harm prisoners, not to mutilate bodies, not to plunder and not to destroy trees or crops.”

However, from reading Muhammad’s biographers and other Islamic reliable sources, the picture is the opposite. I have referred to these, only from Islamic exegesis in the first chapter of my book: Islam and the Infidels.

From reading his research it is doubtful if Hayward knows Arabic well, which a great fault is. However, he is also mistaken by claiming that

“Abu Bakr, the first Caliph, compiled the Qur’an’s and the prophet’s guidance on the conduct of war into a code that has served ever since as the basis of Islamic thinking on the conduct of battle” (my emphasis).

Well, Abu Bakr lived only two years, and only Uthman, the third Caliph, compiled the Qur’an, in 644. To be more accurate, this period of the four first Caliphs, al-Khulafā’ al-Rashidûn, prove the warmongering character of the Arabs: in less than 30 years, there were two civil wars; the great rift separation in Islam, between the Sunnah and the Shī’ah, and three of the four Caliphs were murdered.  

Hayward is now back to the issue of Jihad. He claims:

“Interestingly, given that jihad is now associated with extremists who are full of hatred, like Osama bin Laden and other terrorists, the Qur’an does not allow hatred to form the basis of a military or other armed response to perceived injustices” (5:8; 3:134).

Well, he should read the paper published in Modern Diplomacy (January 19 and January 27, 2016), concerning hatred. Yet, he continues by misquoting verses 2:256 and 5:32. These verse were dealt very extensively in my Da’wah papers on Modern Diplomacy (February 22, and March 4, 2016).  

Hayward adds insult to injury by claiming that

“Despite rejection by several powerful Jewish tribes, Muhammad remained convinced that the Jewish and Christian faith communities (as opposed to individual tribes which acted treacherously) were eminently acceptable to Allâh.”

Well, the truth is that the three Jewish tribes of Medina were deported and massacred, their women and children were forcefully Islamized, and their belongings were seized and taken. The truth is that in Arabia the Jews were passed through process of genocide and ethnic cleansing, being the “worst enemies of Allah;” “like apes and pigs.”  

Again, Hayward makes his work cheap by claiming that

“jihad, far from meaning some type of fanatical holy war against all unbelievers, is the Arabic word for “exertion” or “effort” and it actually describes any Muslim’s struggle against the things that are ungodly within him or her and within the wider world.

Well, this is incorrect. Jihad comes from the third conjugation of the root j.h.d. and it means war. From here comes Mujāhidûn and Jihād. Indeed, it is mentioned (not in the Qur’an and not in an authentic, Sahīh, Hadīth) there is al-Jihād al-Akbar (the spiritual Jihad as compare to al-Jihād al-Saghīr, but it is also clear that al-Jihād al-Akbar will be practiced only after al-Jihād al-Saghīr is finished, meaning there will be infidels and Islam prevails.      

Hayward concludes his research by bringing a long statement

This article is not an attempt at religious apologetics. It is written by a scholar of military strategy and ethics for a military audience in an endeavour to demonstrate that the world’s second largest religion (only Christianity has more adherents) includes at its core a set of scriptures that contains a clear and very ethical framework for understanding war and guiding the behaviour of warriors” (Author’s emphasis).

Well, it is the right time to directly refer to the subject matter raised by Hayward, which was unfortunately highly apologetic and misleading.

Just war in Arabic is Sīyār. Reading the Islamic Four School of Jurisprudence (Maliki, Shafi’i, Hanbali and Hanafi), and the Sharī’ah (Ahmed ibn Naqib al Misri, ’Umdat as-Sālik; Ibn Rushd, The Distinguished Jurists Primer; and Abu Zakariya Yahya, Riyad al-Sālihīn), clearly reveal there is no concept of “Just War” in Islam as in Western, Judeo-Christian thinking. From Islamic vantage point, any war which is directed against the infidels is morally justified and religiously legitimized. It comes even from the names: Islamic wars are not Hurûb (plural of Harb), but rather Futûhāt (plural of Fath), which literally means opening the world to the call of Islam.

Muslims wage Jihad in order to occupy the world and bring it under its fold, and/or to disseminate the religion to all humanity. This is why it is a just war to achieve a legitimate and a sacred cause. They wholeheartedly believe that their territorial expansion and their use of force and coercion against the other is not aggression but a fulfillment of the Qur’anic command to spread Islam to all humankind. The distinction is clear: every war activity in Islam is described as totally defensive, and every move of the infidels is defined as totally and undoubtedly aggressive.  

The normal and justified relationships between Dār al-Islām, the domain of Islam, and Dār al-Harb, the domain of war, where the infidels reside, is a state of infinite war. The Muslims are totally justified in their state of belligerency against the infidels. Dār al–Islām is conceived as any territory conquered by force in the history of Islam, to become Waqf. By this reasoning, all territories of the infidels in Dār al-Harb, must be subdued or eliminated.

A lasting peace between Dār al-Islām, being a religious and political community, and Dār al-Harb is impossible, until Dār al-Harb no more exist. When the entire world has become Dār al-Islām, submission (Islām) to Allah will become the law of the nations. Until then, war is the normal and lasting state. Dār al-Sulh or Dār al-‘Ahd exist only when Muslim power is weak and they cannot win over the infidels. Arab-Islamic political culture institutionalizes the conflict as the natural state of affairs. The word Salām denotes a state of security within the Muslim community (Ummah) and only those coming under its rule and governance. Everything is temporary and subject to change, in accord with Muslim values and interests.

Majid Khadduri, a world leading authority on Arab definitions of peace and war states clearly: Arabs and Muslims view peace with infidels only as a tactical means for achieving their strategic objective. It is a valid instrument only if it serves the Islamic interests. Peace constitutes a temporary break in the ongoing war against the infidels, and it is clearly seen from the intriguing 1,400 year sequence of wars, terrorism, alliances and violent violation of agreements and treaties between Arabs and Muslims and others. Muslims might come to terms with the enemy, provided that they should resume Jihad after the expiration of the treaty, or according their interests. By their very nature, treaties must be of temporary duration, for the normal relations between Muslim and non-Muslim territories are not peaceful, but warlike.

Islam could not abolish the warlike character of the Arabs who were constantly at war with each other. It indeed reaffirmed the war basis of inter-group relationship by institutionalizing war… transforming inter-Muslim war into a holy war designed to be ceaselessly declared against those who failed to become Muslims (pp. 53-4). This change, as a matter of fact, did not imply abandonment of the Jihad duty; it only meant the entry of the obligation into a period of suspension… There is no permanent compromise with non-believers (pp. 64-5).

This is summarized in a statement by the renowned Ibn Khaldun (1332-1406)

In the Muslim community, Jihad as the holy war is a religious duty, because of the universalism of the Muslim mission and the obligation to convert everybody to Islam either by persuasion or by force. Therefore, caliphate and royal authority are united in Islam, so that the person in charge can devote the available strength to both of them at the same time.

Muhsin Khan, The Translator of Sahīh al-Bukhārī into English states

So, it is incumbent upon Muslims to follow the path which Allah’s Messenger adopted to avoid polytheism and heresy in all its shapes and to take the Qur’an and the Prophet’s traditions as torches in front of us to guide us. We have to teach our brethren and convey the message to non-Muslims all over the world as much as possible in order to save them from the Hell-fire. We have to prepare ourselves to stand in the face of our enemy and to possess the means of power and to participate in the progress of useful industries in order to protect our religion and be powerful enough to face our enemy, as Allah ordered.

Intelligence

Islamic State after ISIS: Colonies without Metropole or Cyber Activism?

Published

on

With the world constantly following the events in the Middle East, much now depends on the shape, form and ‘policy’ Islamic State is going to take. What form will the IS take? What role will cryptocurrencies play in funding terrorists? How can Russia and the US cooperate in fighting mutual security threats? RIAC expert Tatyana Kanunnikova discusses these issues with Dr. Joseph Fitsanakis, Associate Professor of Political Science in the Intelligence and National Security Studies program at Coastal Carolina University.

Islamic State is perceived as an international threat. In which regions is it losing ground and in which ones is it on the rise? Could you please describe IS geography today?

Groups like the Islamic State are mobile. They tend to move and redeploy across international borders with relative ease, and are truly global in both outlook and reach. It is worth noting that, from a very early stage in its existence, the Islamic State incorporated into its administrative structure the so-called vilayets, namely semi-autonomous overseas provinces or possessions. These included parts of Libya, Afghanistan, Somalia, the Philippines, Nigeria, and of course Egypt’s Sinai Peninsula. By the first week of 2018, the Islamic State had all but eclipsed from its traditional base of the Levant. How has the loss of its administrative centers affected the organization’s strategy?

Dr. Joseph Fitsanakis

There are two competing answers to this question. The first possible answer is that ISIS’ plan is similar to that of the Great Britain in 1940, when the government of Winston Churchill was facing the prospect of invasion by the forces of the German Reich. London’s plan at the time was to use its overseas colonies as bases from which to continue to fight following a possible German takeover of the Britain. It is possible that ISIS’ strategy revolves around a similar plan —in which case we may see concerted flare-ups of insurgent activity in Egypt, Southeast Asia, Afghanistan, Somalia, Kenya, and elsewhere. The second possible answer to the question of ISIS’ strategy is that the group may be entering a period of relative dormancy, during which it will concentrate on cyber activism and online outreach aimed at young and disaffected youth in Western Europe, the Caucasus, and North America. According to this scenario, ISIS will use its formidable online dexterity to establish new communities of Millennial and Generation Z members, and renegotiate its strategy in light of the loss of physical lands in the Levant. This scenario envisages an online geography for the Islamic State, which may eventually lead to the emergence of a new model of activity. The latter will probably resemble al-Qaeda’s decentralized, cell-based model that focuses on sharp, decisive strikes at foreign targets.

Commenting for an article in Asia Times, you said that ISIS returnees are extremely valuables sources of intelligence. How can they be effectively identified in the flow of migrants? How exactly can security services exploit the experience of these militants?

In its essence, the Sunni insurgency is a demassified movement. By this I mean that its leaders have never intended for it to become a mass undertaking. The Islamic State, like al-Qaeda before it, does not depend on large numbers of followers. Rather it depends on individual mobilization. Senior Islamic State leaders like Abu Bakr al-Baghdadi, Mohamed Mahmoud, Tarad Muhammad al-Jarba, and others, have no interest in deploying 10,000 fighters who may be reluctant and weak-willed. They are content with 100 fighters who are unswerving in their commitment and prepared to devote everything to the struggle, including their lives. Consider some of the most formidable strikes of the Sunni insurgency against its enemies: the attacks of 9/11 in the United States, the 7/7 bombings in the United Kingdom, the November 2015 strikes in Paris, and the fall of Mosul in 2014. There have been more large-scale strikes on Russian, Lebanese, Afghan, Egyptian, and other targets. What connects all of those is the relatively small number of totally dedicated fighters that carried them out. The fall of Mosul, for example, which brought the Islamic State to the height of its power, was carried out by no more than 1,500 fighters, who took on two divisions of the Iraqi Army, numbering more than 30,000 troops.

The reliance on a small number of dedicated fighters mirrors the recruitment tactics of the Islamic State (and al-Qaeda before it). The latter rested on individual attention paid to selected young men, who are seen as reliable and steadfast. This is precisely the type of emphasis that should be placed by European, American and Russian security agencies on suspected members of terrorist groups that are captured, or are detected within largest groups of migrants. What is required here is individual attention given by security operatives who have an eye for detail and are knowledgeable of the culture, customs and ways of thinking of predominantly Muslim societies. However, most governments have neither the patience nor expertise to implement a truly demassified exploitation campaign that targets individuals with an eye to de-radicalization and — ultimately — exploitation. The experience of the Syrian migrants in countries like Italy and Greece is illustrative of this phenomenon. The two countries — already overwhelmed by domestic political problems and financial uncertainty — were left primarily to their own means by a disinterested and fragmented European Union. Several members of the EU, including Poland, Hungary, and the United Kingdom have for all practical purposes positioned themselves outside of the EU mainstream. At the same time, the United States, which is the main instigator of the current instability in the Middle East, shows no serious interest in de-radicalization and exploitation programs. This has been a consistent trend in Washington under the administrations of Barack Obama and Donald Trump.

In your opinion, will cryptocurrencies become a significant source of terrorism funding? Some experts believe that pressure on traditional methods of financing may facilitate this process.

In the old days of the 1970s and 1980s, most terrorist groups raised funds primarily through extortion, kidnappings, bank robberies and — to a lesser extent — drugs. Things have changed considerably in our century. Today, cryptocurrencies are not in themselves sources of funding — though it can be argued that the frequent rise in the value of many cryptocurrencies generates income for terrorist organizations — but more a method of circulating currency and providing services that generate funds. With the use of cryptocurrencies and the so-called Darknet, terrorist organizations are now able to engage in creative means of generating cash. They include the sale of pirated music, movies and, most of all, videogames. They also engage in the sale of counterfeit products, including clothing, electronics and other hi-tech accessories. Additionally, they sell counterfeit pharmaceutical products and even counterfeit tickets to high-profile sports events and music concerts. Those who buy those products often pay for them using cryptocurrencies, primarily through the Darknet. Looking at the broad picture, it is clear that the use of cryptocurrencies constitutes a form of asymmetric finance that circumvents established financial structures and operates using irregular means that for now remain largely undetected. Few terrorist groups will resist the temptation to employ this new method of unregulated financial transaction.

How can Russian and US intelligence and security services cooperate in combating terrorism? In December 2017, media reported that CIA had helped its Russian counterpart foil a terror attack in St. Petersburg. What should be done to deepen and broaden such kind of cooperation?

Despite friction on the political level, cooperation between Russian and American intelligence agencies in the field of counter-terrorism is far more routine than is generally presumed. Last December’s report of the CIA sharing intelligence with its Russian counterpart was notable in that it was publicly disclosed. Most instances of intelligence cooperation between Washington and Moscow are not publicized. In February 2016, the then CIA director John Brennan stated publicly that the CIA works closely with the Russian intelligence community in counter-terrorism operations directed against Islamist militants. He described the CIA’s relationship with Russian intelligence officials as a “very factual, informative exchange.” He added that “if the CIA gets information about threats to Russian citizens or diplomats, we will share it with the Russians”. And he added: “they do the same with us”. Brennan gave the example of the 2014 Winter Olympics in Sochi, Russia. He said: “We worked very closely with [Russian intelligence agencies]” during the Sochi games to “try to prevent terrorist attacks. And we did so very successfully”. There is no reason to doubt the sincerity of Brennan’s statement.

Professionals are always more likely to find common areas of interest. So, in what areas, apart from combating terrorism, can Russian and US intelligence services cooperate?

There is a virtually endless list of common concerns that ought to and often do bring together American and Russian intelligence agencies. To begin with, there are two major existential threats to the security of both countries and the whole world that demand close cooperation between Washington and Moscow and their respective intelligence agencies. The first threat is the black market in weapons of mass destruction, notably chemical weapons, biological agents, and even radioactive material. In the past 20 years, there have been several cases of individuals or groups trying to sell or trade radioactive substances. The fear of such weapons possibly falling into the hands of non-state insurgents should be sufficient to entice close cooperation between American and Russian intelligence agencies. The second existential threat is that of global warming and its effects on international security. It is no secret that the rise in global temperatures is already having a measurable negative impact on food production, desertification, sea-level rise, and other factors that contribute to the destabilization of the economies of entire regions. Such trends fuel militancy, political extremism, wars, and mass migrations of populations, all of which are serious threats to the stability of the international system. Solving this global problem will require increased and prolonged cooperation on the political, economic, and security/intelligence level between the United States and Russia. The two countries must also work closely on a series of other topics, including standardizing the global regulation of cryptocurrencies, diffusing tensions between the two rival nuclear powers of India and Pakistan, tackling the tensions in the Korean Peninsula, preventing the destabilization of Egypt (the world’s largest Arab country), combating the growth of Sunni militancy in West Africa, and numerous other issues.

Among other things, you are an expert in the Cold War. At present, Russia and the USA are experiencing a period of tensions in their relationship. In your opinion, what should be done in order to overcome these challenges and mend fences?

For those of us who remember the Cold War, and have studied the development of Russia–US relations in the postwar era, the current state of affairs between Washington and Moscow seems comparatively manageable. Despite tensions between Washington and Moscow, we are, thankfully, very far from an emergency of the type of the Berlin Crisis of 1961, the Cuban Missile Crisis, or even the 1984 collision between the US plane carrier Kitty Hawk and the K-314 Soviet submarine in the Sea of Japan. How do we avoid such dangerous escalations? The answer is simple: regularize communications between the two countries on various levels, including executive, political, economic and security-related. Such communications should continue even or, arguably, especially at times of rising tensions between the two nations. The overall context of this approach rests on the indisputable truth that Russia and the United States are the two central pillars on which the idea of world peace can be built for future generations.

First published in our partner RIAC

*Dr. Joseph Fitsanakis is Associate Professor of Political Science in the Intelligence and National Security Studies program at Coastal Carolina University. Prior to joining Coastal, he built the Security and Intelligence Studies program at King University, where he also directed the King Institute for Security and Intelligence Studies. An award-winning professor, Dr. Fitsanakis has lectured, taught and written extensively on subjects such as international security, intelligence, cyberespionage, and transnational crime. He is a syndicated columnist and frequent contributor to news media such as BBC television and radio, ABC Radio, Newsweek, and Sputnik, and his work has been referenced in outlets including The Washington Post, Foreign Policy, Politico, and The Huffington Post. Fitsanakis is also deputy director of the European Intelligence Academy and senior editor at intelNews.org, a scholarly blog that is cataloged through the United States Library of Congress, and a syndicated columnist.

Continue Reading

Intelligence

How security decisions go wrong?

Sajad Abedi

Published

on

Photo by Ryan Young on Unsplash

Information warfare is primarily a construct of a ‘war mindset’. However, the development of information operations from it has meant that the concepts have been transferred from military to civilian affairs. The contemporary involvement between the media, the military, and the media in the contemporary world of the ‘War on Terrorism’ has meant the distinction between war and peace is difficult to make. However, below the application of deception in the military context is described but it must be added that the dividing line is blurred.

The correct control of security often depends on decisions under uncertainty. Using quantified information about risk, one may hope to achieve more precise control by making better decisions.

Security is both a normative and descriptive problem. We would like to normatively how to make correct decisions about security, but also descriptively understand follow where security decisions may go wrong. According to Schneider, security risk is both a subjective feeling and an objective reality, and sometimes those two views are different so that we fail acting correctly. Assuming that people act on perceived rather than actual risks, we will sometimes do things we should avoid, and sometimes fail to act like we should. In security, people may both feel secure when they are not, and feel insecure when they are actually secure. With the recent attempts in security that aim to quantifying security properties, also known as security metrics, I am interested in how to achieve correct metrics that can help a decision-maker control security. But would successful quantification be the end of the story?

The aim of this note is to explore the potential difference between correct and actual security decisions when people are supposed to decide and act based on quantified information about risky options. If there is a gap between correct and actual decisions, how can we begin to model and characterize it? How large is it, and where can someone maybe exploit it? What can be done to fix and close it? As a specific example, this note considers the impact of using risk as security metric for decision-making in security. The motivation to use risk is two-fold. First, risk is a well-established concept that has been applied in numerous ways to understand information security and often assumed as a good metric. Second, I believe that it is currently the only well-developed reasonable candidate that aims to involve two necessary aspects when it comes to the control of operational security: asset value and threat uncertainty. Good information security is often seen as risk management, which will depend on methods to assess those risks correctly. However, this work examines potential threats and shortcomings concerning the usability of correctly quantified risk for security decisions.

I consider a system that a decision-maker needs to protect in an environment with uncertain threats. Furthermore, I also assume that the decision-maker wants to maximize some kind of security utility (the utility of security controls available) when making decisions regarding to different security controls. These different parts of the model vary greatly between different scenarios and little can be done to model detailed security decisions in general. Still, we think that this is an appropriate framework to understand the need of security metrics. One way, maybe often the standard way, to view security as a decision problem is that threats arise in the system and environment, and that the decision-maker needs to take care of those threats with available information, using some appropriate cost-benefit tradeoff. However, this common view overlooks threats with faults that are made by the decision-maker. I believe that many security failures should be seen in the light of limits (or potential faults) of the decision-maker when she, with best intentions, attempts to achieve security goals (maximizing security utility) by deciding between different security options.

I loosely think of correct decisions as maximization of utility, in a way to be specified later.

Information security is increasingly seen as not only fulfillment of Confidentiality, Integrity and Availability, but as protecting against a number of threats having by doing correct economic tradeoffs. A growing research into the economics of information security during the last decade aims to understand security problems in terms of economic factors and incentives among agents making decisions about security, typically assumed to aim at maximizing their utility. Such analysis is made by treating economic factors as equally important in explaining security problems as properties inherent in the systems that are to be protected. It is thus natural to view the control of security as a sequence of decisions that have to be made as new information appears about an uncertain threat environment. Seen in the light of this and that obtaining security information usually in it is cost, I think that any usage of security metrics must be related to allowing more rational decisions with respect to security. It is in this way I consider security metrics and decisions in the following.

The basic way to understand any decision-making situation is to consider which kind of information the decision-maker will have available to form the basis of judgments. For people, both the available information, but also potentially the way in which it is framed (presented), may affect how well decisions will be made to ensure goals. One of the common requirements on security metrics is that they should be able to guide decisions and actions to reach security goals. However, it is an open question how to make a security metric usable and ensuring such usage will be correct (with respect to achieving goals) comes with challenges. The idea to use quantified risk as a metric for decisions can be split up into two steps. First do objective risk analysis using both assessment of system vulnerabilities and available threats in order to measure security risk. Second, present these results in a usable way so that the decision-maker can make correct and rational decisions.

While both of these steps present considerable challenges to using good security metrics, I consider why decisions using quantified security risk as a metric may go wrong in the second step. Lacking information about security properties of a system clearly limits the security decisions, but I fear that introducing metrics do not necessarily improve them;this may be due to 1) that information is incorrect or imprecise, or 2) that usage will be incorrect. This work takes the second view and we argue that even with perfect risk assessment, it may not be obvious that security decisions will always improve. I am thus seeking properties in risky decision problems that actually predict the overall goal – maximizing utility – to be, or not to be, fulfilled. More specifically, we need to find properties in quantifications that may put decision-making at risk of going wrong.

The way to understand where security decisions go wrong is by using how people are predicted to act on perceived rather than actual risk. I thus need to use both normative and descriptive models of decision-making under risk. For normative decisions, I use the well-established economic principle of maximizing expected utility. But for the descriptive part, I note that decision faults on risky decisions not only happen in various situations, but have remarkably been shown to happen systematically describe by models from behavioral economics.

I have considered when quantified risk is being used by people making security decisions. An exploration of the parameter space in two simple problems showed that results from behavioral economics may have impact on the usability of quantitative risk methods. The results visualized do not lend themselves to easy and intuitive explanations, but I view my results as a first systematic step towards understanding security problems with quantitative information.

There have been many proposals to quantify risk for information security, mostly in order to allow better security decisions. But a blind belief in quantification itself seems unwise, even if it is made correctly. Behavioral economics shows systematic deviations of weighting when people act on explicit risk. This is likely to threaten security and its goals as security is increasingly seen as the management of economical trade-offs. I think that these findings can be used partially to predict or understand wrong security decisions depending on risk information. Furthermore, this motivates the study how strategic agents may manipulate, or attack, the perception of a risky decision.

Even though any descriptive model of human decision-making is approximate at best, I still believe this work gives a well-articulated argument regarding threats with using explicit risk as security metric. My approach may also be understood in terms of standard system specification and threat models: economic rationality in this case is the specification, and the threat depends on bias for risk information. I also studied a way of correcting the problem with reframing for two simple security decision scenarios, but only got partial predictive support for fixing problems this way. Furthermore, I have not found such numerical examinations in behavioral economics to date.

Further work on this topic needs to empirically confirm or reject these predictions and study to which degree they occur (even though previous work clearly makes the hypothesis clearly plausible at least to some degree) in a security context. Furthermore, I think that similar issues may also arise with several forms of quantified information for security decisions.

These questions may also be extended to consider several self-interested parties. in game-theoretical situations. Another topic is using different utility functions, and where it may be normative to be economically risk-aversive rather than risk-neutral. With respect to the problems outlined, rational decision-making is a natural way to understand and motivate the control of security and requirements on security metrics. But when selecting the format of information, a problem is also partially about usability. Usability faults often turn into security problems, which is also likely for quantified risk. In the end the challenge is to provide users with usable security information, and even more broadly investigate what kind of support is required for decisions. This is clearly a topic for further research since introducing quantified risk is not without problems. Using knowledge from economics and psychology seems necessary to understand the correct control of security.

Continue Reading

Intelligence

Cyberspace: A Manmade Sphere for Wars

Anahit Parzyan

Published

on

Internet can be considered as one of the greatest achievements of humanity of the last century, which connected the entire world. It created a new space for connections, information and communications, as well as cooperation. Thus, it created also a new platform for conflicts which involved not only individuals but also states. The invention of the twentieth century, the internet, has become another sphere for international relations, and a new space for defensive and offensive policies for regulating and balancing those affairs. The space called cyberspace has become a platform for interactions not only between individuals, but also between states. The interactions on their side were not only developed in a positive manner, but were also transformed into attacks, which pose a real threat to the security of states. Thus, the following questions arise:

Can cyberspace be considered a new sphere for war? Can conflicts and offensive and defensive operations in cyberspace be considered a real war?

The aim of this article is to specify offensive and defensive actions occurring in cyberspace and to explain the differences and similarities between them and the classical approach to war present in other spheres: land, water, air, and space. Despite the overgrowth of offensive interactions in cyberspace and defensive strategies for enriching the cyber arsenal of states, military specialists have concerns over the reality of cyberwars in general. Parallels are drawn to show the similarities and differences between definitions and perceptions of war, and whether concepts from the classical approach can be transferred to describe wars in the cyber sphere.  This research puts cyberwars in line with other wars, thus analyzing their peculiarities, whilst Cyberspace is seen as another sphere for war and international relations in addition to the existing spheres of land, water, air, and space

Internet’s Two Sides of the Coin: From Good to Threat

The Internet that we use today, is based on the Transmission Control Protocol or just Internet Protocol commenced in 1973. The network became operational in January 1983. For the first two decades of its existence, it was the preserve of a technological, academic, and research elite. From the early 1990s, it began to percolate into mainstream society and is widely regarded as a General-Purpose Technology (GPT) without which modern society could not function.

Only half a century ago it was difficult to imagine that human interactions would be developed in a manmade sphere, totally virtual and artificial. It must have been impossible to imagine that it would penetrate our lives so closely that it would cover everyday life, from communication and information sharing to purchasing products and regulating temperature at home.

Now internet has connected the entire world breaking the land borders which lined geographically differentiating the places people live. It substituted land borders with digital ones, making it possible to connect the entire world into one sphere.

With the start of the World Wide Web in 1993, the greatest accretion of communication came into existence. Since then, information being secret for a limited groups or organizations that were historically used for military purposes as an intellectual advantage, soon became available for masses.

Moreover, equal access to information for all, one of the ultimate achievements of humanity and one of the supreme advantages of the internet, has started to provide information not only for good will, having also provoked irregular warfare.

These chaotic interactions, which Garnett called “fourth generation warfare” (4GW), through networks would become a wave of social reactions and pressure that would provide an opportunity for an asymmetric warfare. The tendency is obviously dangerous since not only states possess these “digital” weapons but also non-state actors including terrorist networks. Basically, the Internet allows anyone to join digitally and to be a force or power that could have a significant impact on states’ policies.

The sphere were those actions take place with the usage or within the system of information and communication technologies is broadly named cyberspace and the actions that take place in this sphere get their terminology accordingly; cyber-attacks, cyberwar, etc… Though states have various definitions of a cyberspace and with the scope it covers, it is meant to be a non-physical Information and telecommunication technologies environment (ICT).The term cybersecurity has been emerging from the US since the mid-1990s, which later have become widely used in other countries and international organizations such as United Nations (UN), Organization for Security and Co-operation in Europe (OSCE), Organization for Economic Co-operation and Development(OECD), North-Atlantic Treaty Organization (NATO), the Council of Europe(CE), BRICS, Shanghai Cooperation Organization (SCO) and many others.

A cyber-attack is not an end in itself, but a powerful means to a wide variety of ends, from propaganda to espionage, from denial of services to the destruction of critical infrastructure.

From the prism of threat, they may cause, cyberattacks can be implemented using methods, such as malicious programs, that can penetrate systems of specific or not specified group of people or entities causing dysfunctions of computer operations, stealing personal information, phishing stealing passwords of the user as well as infecting computer systems to slow down specific processes, etc.  In current internet-run infrastructure a single penetration can be fatal for a society and become a threat for a state. A penetration into the command-control system of critical infrastructures, for example, can cut the supply of energy, change the chemical construction of water thus making it poisoned, etc. and the anonymity can stand as an advantage as cyberattacks are still not attributable through international humanitarian law. Moreover, in a cyber conflict, the terrestrial distance between adversaries can be irrelevant so cyber weapon can reach its target much beyond its borders.

The advance of technology made it possible to give room for clashes between States and non-states actors involved in operations in cyberspace. These clashes have become a real threat for international security. As compared with kinetic weapons that are relatively expensive to obtain, as well as possible to detect their origin, malicious programs are available to download or buy and even create if there is a good specialist of it: even a teenager can formulate it.

Therefore, it is becoming nearly impossible to patrol all the purchase and supply chain of the cyber arsenal. Malicious viruses or programs can penetrate various computer systems of public and private usage and cause dysfunctions, changing the primary command-control systems, slowing their base speed of operation and causing very costly problems for state security.

Per media reports, the group which rampaged through and besieged part of Mumbai in November 2008 made use of readily available cellular and satellite phones, as well as overhead imagery from Google Earth, to coordinate and plan their attack.

However, this invention is an issue of arguments among scientist from the prism of war definition.

Theoretical Dilemma of cyberwars and cyber reality

Despite different conflicts occurring in cyberspace between state and non- state actors, state-sponsored operations, and developments in international relations, military specialists argue about the exact definition of cyberspace, whether to evaluate it as real war or not, and as whether to count operations in cyberspace as a real war between parties involved.

Various conflicts in cyberspace including attacks of regular and irregular origin performing symmetric or asymmetric tactic, do not correspond with the classical approach of the war including only some or one or even missing any aspect of the war characterization. Despite of the current actions and bilateral, multilateral etc., agreements signed by states and international organizations, associations on the cybersecurity issues and despite of the threats the world overcomes or will overcome in cyberspace, theorists have certain disbelieves while defining or accepting cyberspace as a new sphere for wars as well as cyberwars as already occurring facts.

The issue is that there had not been a single verifiable case of cyber terrorism nor has there been any human casualty caused by cyber-attacks, giving grounds for disbelief.

Thomas Rid a specialist of war, is among those scientists and experts who see debates about cyber wars exaggerated, moreover, he expresses mistrusts related to cyberspace as a new space for war in a classical approach of war definition. He believes that “Cyber war has never happened in the past, it is not occurring on the present and it is highly unlikely that will disturb the future.”

The fact that computer and internet assisted attacked may penetrate the operating systems of targets stealing data or causing dysfunction of potentiality of operations Rid, however, in this respect differentiates between sabotage operations and direct physical harm.

Rid refers to Carl von Clausewitz, a nineteenth-century Prussian military theorist, who defines war according to three criteria, “First, all acts of war are violent or potentially violent. Second, an act of war is always instrumental: physical violence or the threat of force is a means to compel the enemy to accept the attacker’s will. Finally, to qualify as an act of war, an attack must have political goal or intention.”

Theoretical description of war through centuries might have changed its primary strategies and instruments, while his goal is always the same. Within this respect, it is important to observe this definition on a broad way: Of course, computer warm or virus cannot kill directly a person, like it could have a sword, but it can cut the energy supply of a hospital causing a chain of violence, or it can penetrate the command control of the Airplane system and change the direction of the plane or to cause and a catastrophe.

In contrary to classical approach of war, the reality of cyber war is supported by those who believe that cyber wars have already occurred, are occurring and will, possibly, continue to occur in future, thus cyber strategies must be implemented.

In July 2016, Allies reaffirmed NATO’s defensive mandate and recognized cyberspace as a domain of operations in which NATO must defend itself as effectively as it does in the air, on land and at sea.

Former U.S. President Obama speaking about cybersecurity mentioned:

“America’s economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet. Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property.  Although the threats are serious and they constantly evolve, I believe that if we address them effectively, we can ensure that the Internet remains an engine for economic growth and a platform for the free exchange of ideas”.

Thomas Reed, a former staffer on the US National Security Council argues that Cyber wars are even new. They occurred in past, in Cold War Era, and had devastating results. As an example, he mentions about the first ever cyber-attack- a massive pipeline explosion in the Soviet Union in June 1982, counting as the most violent cyber-attack ever. “According to Reed, a covert US operation used rigged software to engineer a massive explosion in the Urengoy-Surgut-Chelyabinsk pipeline, which connected Siberian natural gas fields to Europe. Reed claims that Central Intelligence Agency (CIA) managed to insert malicious code into the software that controlled the pipeline’s pumps and valves. The rigger valves supposedly resulted in an explosion that the US Air Force rated at three kilotons, equivalent to the force of a small nuclear device.”

Although, neither there is a factual evidence of accident being a cyber-attack confirmed or supported by the official U.S, nor there are any Soviet media reports from 1983 also confirming that Reed’s mentioned explosion took place. Though Soviet Union media regularly reported about accidents and pipeline explosions at the time. In case of cyber-attacks, it is not an easy task to investigate fully and in a short period of time. Forensic examination is needed which presupposes experts and conditions for objective examination. Under the condition of Cold war, the parties would hardly agree to do such an investigation which will reveal secrets about their technical capabilities and the real cause of the explosion. Incase Reed’s claims are true, then the massive violence it could have done would theoretically rank cyber weapons among extremely dangerous means and cyber wars would have been defined accordingly.

Another example that speaks about possible cyberattack that will “suit” to the description of war can be considered the 2008th cyberattacks on Georgian most prominent websites, including those of the country’s national bank and the Ministry of Foreign Affairs. In August 2008, in the period of the military conflict over South Ossetia, Georgian Government blamed the Kremlin, but Russia denied sponsoring the attackers, and later NATO investigation found no conclusive “proof” of who had carried them out. The fact that the “proof” is not found can illustrate two possible judgments: first, the attacker is technically equipped well enough so it is hard to distinguish him, second: the attack was not carried out by a potential suspect. However, the situation can be judged by the following viewpoint: you are innocent unless your guilt is proved. And because the anonymity is a priority in cyber wars, so it is highly efficient especially for states to use it in hybrid war strategies.

In cyberspace the sides, that are involved in the attacks or counterattacks can be distinguished only in two ways: first, by their own wish (which may occur rarely, or even impossible to happen especially when attacks are carried out by States rather than other subjects) or, according to the evidence. The last one is directly connected with the technical capabilities of an attacker as well as technical competences of an attacked side to be able to detect.

According to Oleg Demidov, a Cybersecurity expert at the Russian Centre for Policy studies (PIR Center), the overview of the NATO experts suspecting Russia in attacking Estonian infrastructure in 2007, Georgian government and private sector networks in 2008, and U.S. financial institutions and private companies in 2014 Spring, as not fundamental, because there was no practical evidence of the proof of the attacker, or lack of technical capabilities to be able to define the source of the attacker.

In his contribution “Global Internet Governance and International Security in The Field of ICT Use”, Demidov stresses high possibility and risk of an international conflict between nuclear-weapon states. As he mentioned;

 “In the event of lighting-fats cyber-attack that imitates the ‘signature’ of Russian perpetrators (for example, Cyrillic code fragments and other linguistic patters) and targets the infrastructure of NATO countries using servers in Russian territory, there is a risk of NATO military retaliation against Russia. In accordance with NATO doctrine, retaliatory measures may include the use of kinetic weapons and the involvement of all NATO members in a retaliatory strike”.

These two cyber incidents- the Georgian cyber-attacks and Estonian cyberattacks, are regarded by the U.S. and other Western nations as causes for great attention and much reflection.

Estonian cyber incidents were followed by the establishment of cyber strategies for national and system level for EU members and partners.

Particularly, in 2008, a year after the attacks, NATO set up the Cooperative Cyber Defense Centre of Excellence (CCD COE) in Tallinn. The military-defense usage of Information and Communication Technology (ICT) is one of the main purposes of the center. The center is technically equipped well enough to protect its members by providing technical support and human resource to protect internet infrastructure.

Another well-known and destructive cyber program that processed a worldwide discussion over the reality of cyber wars is the “Operation Olympic Games”, a large operation, that included the “development, testing, and use of malware against specific targets to collect information about the Iranian Nuclear program, as well as to sabotage it and slow it down as much as possible. It included such malware as Stuxnet, Duqu, Flame, and Guass (all of them targeting special operation for espionage and sabotage), active in between 2007-2013.The US presidential administration and Israeli secret services have been named as perpetrators.

Ex-head of the Foreign Relations Committee of Iran’s Supreme National Security Council Seyed Hossein Mousavian, in his “The Iranian Nuclear Crisis: memoir confirms Stuxnet as a malicious computer warm developed to target the computer system that control Iran’s huge enrichment plant at Natanz. Moreover, according to Mousavian, Ali Akbar Salehi, Iran’s Representative to the International Atomic Energy Organization (IAEA) at that time confirmed that Iran was experiencing espionage at its nuclear plants. According to the IAEA, there was a big decrease in the amount of the operating centrifuges caused by the Stuxnet with a vivid decline to more than 100 – from 4920 in May 2009 to 3772 in August 2010. Despite of the Fact that Ahmadinejad mentioned about the problems directly related to the computer software, installed by the spies to slow down centrifuge’s operation, nevertheless, Mousavian does not think that this could have cause a big problem and an obstacle for enriching the centrifuges.

In fact, Stuxnet did affect the nuclear enrichment system, and did make problems for Iran’s nuclear program. The computer worm was operating inside the system for quite a long time unnoticed, slowing down the operational capabilities of both experts and technical equipment. If we note the fact that it successfully slowed down the system’s operation, then we can conclude that operations reached a certain level much later then they could have without the worm Now that sanctions have hit Iran’s economy and forced it to make concessions, we can conclude that the situation would have been different if Stuxnet had not affected Iranian programs; Iran would have finished its program faster, before sanctions could devastate its economy. But since Iran discovered the problem much later and the whole process was slowly altered by the worm, we can see that Stuxnet led to a longer timeframe for enrichment, and subsequently longer terms for sanctions.

The action brought not only psychological damage, as would be named and labeled by Israel and U.S. specialist, but it brought also to economical, technical(human resources as well as technical capabilities) crises.

According to M. Sahakyan, an Armenian researcher.

“…sanctions were hard and maybe they were the main reason why Iran agreed to the Interim agreement. Though Iranian leaders like to mention that sanctions were not problem, but the Iranian economy had been effectively hit hard by these sanctions. Iranian economy mostly declined when EU member states imposed an oil embargo on Iran. China also reduced its average oil import levels from Iran in a disagreement on Iran’s nuclear program. The depreciation of Iranian Rial, reduction of oil exports and shortages of foreign currency created hard social-economic situation in Iran. So sanctions were hard and maybe they were the main reason why Iran agreed to the Interim agreement.”

It is evident that, not directly but indirectly cyber war may influence politics of a specific State. Today cyber-attacks can target political leadership, military systems, and average citizens anywhere in the world, during peacetime or war, with the added benefit of attacker anonymity.

Stuxnet influenced the Iranians’ centrifuges, causing them to overload an intelligence program. This is a new type of and reason for war. While the basic definition of war presupposes physical violence, Stuxnet presupposes a psychological intent. In addition to the technical harm it did, it also influenced the psychology of those who had encountered the undiscovered cyber worm. Regarding the first, undiscovered phase of the computer worm, imagine a specialist working on the program, who faced long-lasting technical problems, becoming filled with doubt towards their personal professional skills and also doubting the capability of Iran in general to develop its program. This is a new approach in the definition of war, as it dramatically shifts the choice of instruments that can cause harm to a State.

From Wars with Swords to Cyber Wars: State Security is Still a Priority

Nevertheless, the war in cyberspace is real, it has happened in the past, it is happening now and it will certainly happen in future.

The classical approach to war sees physical violence carried out by military operations. Cyberwar presupposes physical violence as well as bringing a new, psychological violence, which may cause no less harm.  Ideas and things important for state security have changed over the centuries, as have the instruments and measurements of security, but the problem of state security is still a priority. Maybe unexpected ships won’t attack from the sea, but cyber-attacks will come.

In past centuries, population size was an important issue for the state in maintaining its governance. It determined the size of the workforce and the size of the army, and the strength of armies was measured by the quantity of troops.

Centuries ago, a human, a good soldier was to aim to harm the opposing side. To conquer the army was to win the war. Afterwards, the period of weapons and technology began, and would enable opposing sides measure their technical and tactical capabilities to win. At that time, to mobilize technical capabilities was to conquer the army. Due to growing population and technological achievements, in addition to the number of troops, now the amount of military equipment is of much importance. A single-pilot jet may cause greater harm than 1000 troops on the same territory. Nowadays unmanned aircraft can jeopardize enemies’ strategic targets in specific cases even without any physical violence, because in a certain situation to harm a strategical unit even without causing physical violence from neither attaching side nor from the attacked still may have fatal result for the states being attacked.

In current stage, the military parades mostly demonstrating technical capability of a certain state, will alarm a possible harm while attack or attacking. Aside from the traditional military spheres like land, sea, and air (added later),an epoch of adding a new sphere, cyberspace, has begun, in which technical capabilities do no less harm than in a traditional war. One of the ultimate advantage of cyberwars is the anonymity of the attacker, which makes it a reasonable choice for state’s foreign policy.

In addition to the traditionally distinguished types of harm for a state security, cyberwar brings the conception of psychological trauma for the sates making it doubt its capabilities on a certain level. In the case of Stuxnet, the attack was “emotional” and technical.

The definition of the emotional damage through cyberwars was used to describe Russia’s so-called internet interference in 2016. “The New Yorker” expresses viewpoints of national-security officials who believed that those series of cyber hackings were directed to destabilize the conception of democracy in the States.

For many national-security officials, the e-mail hacks were part of a larger, and deeply troubling, picture: Putin’s desire to damage American confidence and to undermine the Western alliances—diplomatic, financial, and military—that have shaped the postwar world.

To technically dysfunction a system just causing a technical harm is a small incident, while targeting CI with technically destabilizing them already has grown into a political scandal.

In turn, cyberattack may cause harm on a specific target without involving other sides especially in case of state sponsored attacks, as it remains undiscovered for a while and the stereotypes and cliché of the traditional war definition will empower the attacker to have “excuses” for the attack. Cyberwars will become more dangerous, if not included and named as war and not struggled as traditional wars.

Cyber Arm race has started

Despite of the distrust and interpretation of cyberwars within the framework of classical approach of war, states are accelerating cyber arms race. This development has several political and strategic implications that pose the need to find specifically political answers. What is often forgotten or neglected is the increasing importance of understanding cyberspace as a political domain and cyber politics is needed more than ever before.

While experts are debating over the exact description and definition of cyberwar, States are enriching their State defensive arsenal with cyber equipment and technical staff for better governance in cyberspace, as well as regulations and doctrines that will define the strategy for the defensive and offensive operations for ICT threat.

In November 2011, the Department of Defense of the U.S. issued a report to Congress confirming, that it was ready to add cyberspace to sea, land, air, and space as the latest domain of warfare – the military would, if necessary, use force to protect the nation from cyberattacks. This statement shape the interactions in cyberspace on the same level with other spheres making them equally important and in case of need, changeable and cooperative.

By this, next to the traditional war spheres: ground, sea, air, space, a new battlefield-the cyberspace is differentiated.

With the technological developments, nearly every aspect of our lives is technically run, so it becomes very sensitive to any cyberattack, since any non-functioning in a technical field may cause human harm, economic harm, and be a serious problem for the entire National security.  In this regard, the former Secretary of Homeland Security of the U.S.Jeh Johnson at The White House Cybersecurity Framework Event on February 12, 2014, specifying the seriousness of the cyberattacks on electrical substations specifically, mentioned:

“What the public needs to understand is that today the disruption of a critical public service like an electrical substation need not occur with guns and knives. A cyberattack could cause similar, and in some cases far greater, damage by taking several facilities offline simultaneously, and potentially leaving millions of Americans in the dark”.

The focus was on the electrical substations but it may refer to other sectors too: telecommunication, hospitals, libraries and federal departments courts and prisons. Any entity, that is functioning with technology may be in a real attack risk.

The technological developments of the last century bring the automated industrial control systems as well as most Critical Infrastructure (CI), the list of which may vary from state to state but have similarities, under possible cyber-attack which may be fatal for national defense. The range of facilities on the list of CIsmay include but not limited to nuclear industry, electricity, telecommunication, water supply, transport system on ground, sea and air, governmental buildings and their communication facilities, the financial and banking system, healthcare and defensive facilities etc. In 2017, the USA Department of Homeland security announced about its decision to include also election infrastructures into the list of Critically Important infrastructure for the State.

The cyber- defensive policy of states becomes an urgent issue and States are engaged in implementing special cybersecurity projects on national level to defend the CI of their countries.

Many states, for instance the U.S., Russia, China, Germany, UK, France etc. are enriching their cyber arsenals and developing cyber security system for defensive operations for their countries. Not only states are engaged in national mechanisms but they also are involved in developing global cooperative platforms for better and clean cyber environment of the World. Specifically, it would be interesting to mention U.S. Russia, China cyber triangle and their input of cyberspace as a significant priority for a State development and Security. The countries are involved in various discussions and cooperation agreements to maintain cooperation and peace in cyberspace globally. Despite of ideological differences in cyberspace and the attitudes of maintaining the policy for it, however these three cyber powers found a common ground for mutual understanding and possible fundamental cooperation. United Nations (UN) Governmental Group of Experts is one of the examples of that which is currently the only platform that has united the U.S. Russia, and China with commonly acceptable norms and suggestions. Since the scope of interests in cyberspace includes all groupings of society including governmental and federal entities private and public sectors as well as common citizens on a national level, private supra-powers regulation beyond borders and being responsible for larger audiences, there is an urgent need to focus on cooperation and establishment of fundamental rights in cyberspace as well as mechanism to establish security in this sphere.

Conclusion

Can a cyber-attack pose a serious threat to national security?

With the clear majority of undergone, ongoing and possible cyberattacks and with the current defensive strategy of the states, the cyberwar is nothing than a real threat for states’ national security as well as private sector. It enflames not only regular warfare which can cause as much harm as it is assumed to have by traditional approach of the war, it may also provoke irregular warfare with the privilege of the equal information access and anonymity.  The technological invention of twentieth century may considered to be a disaster along with such scientific invention as atomic energy. It may give a good, but it may harm severely.

The difficulty of cyberwar falls also on the lack of common norms and definitions as well as specifically composed legislation equally acceptable for all states for peaceful and collaborative regulations of problematic issues on this field.

I do believe that cooperation on this issue is of great importance. Joint legislation, understanding and definition of conceptual ideas, common cooperative grounds will bring to a better and secure life, eliminating or declining the possibility of occurring private or non-state organizational subjects to be involved in irregular warfare destabilizing the peaceful cooperation of states and people on internet sphere for a good and productive will.  The classical approach of war definition should be able to include a new sphere of violence before a certain violence occurs rather than defining right after it occurs, as mostly happens in historical approach. Aside from the traditional military spheres like land, sea, and air (added later),an epoch of adding a new sphere, cyberspace, has begun, in which technical capabilities do no less harm than in a traditional war.

Cybersecurity is an urgent, necessary strategy, which will lead to a secure sphere for cooperation, free and secure access to and sharing of information, and, due to its technical capabilities, to a more comfortable and economically developed way of life.

While Cybersecurity is an issue for the whole world, strategies for the development of cybersecurity may vary from state to state, in some cases occurring a national level, while in others limited to certain federal entities.

I believe that Cyberspace is very much like the environment; it is a digital environment, and just as a virus that penetrates a certain country is spread worldwide if not stopped, so is a computer virus. Just as pollution in one part of the world pollutes air or water that we all share, a cyberattack may cause a global problem. Networking, sharing information, and a global security approach are musts for a safe and productive global cyber environment and maintenance of all roads for better digital development for the sake of humanity.

(*) This essay adapted from the article Cyberspace – A Manmade Sphere for Wars, (21-st Century, N.1, 2017, pp.42-58). Used by permission. All rights reserved.

Continue Reading

Latest

Newsletter

Trending

Copyright © 2018 Modern Diplomacy