Connect with us

Defense

New U.S. Cybersecurity Strategies

Published

on

The United States was one of the first countries to treat cybersecurity as a matter of strategic importance. The terrorist attacks on September 11, 2001, as well as the growing threat to the economy, which was becoming increasingly dependent on ICT, forced the George W. Bush administration to reassess the task of securing critical infrastructure facilities. The required an integrated approach, which duly emerged with the publication of the National Strategy to Secure Cyberspace.

President Barack Obama announced cybersecurity as one of the most important tasks facing the U.S. government. Another task was to develop the new opportunities afforded by cyberspace and harness them for the purposes of serving national interests. The Cyber Space Policy Review was developed and presented in 2009. It contains an analysis of the existing cybersecurity system, as well as a plan for its transformation with a view to providing better cyber defence of the United States. In 2011, the United States published its International Strategy for Cyberspace, the goal of which is to create a unified platform for international cooperation in cyberspace on the basis of U.S. approaches to cybersecurity. The position of Senior Coordinator for Cyber Issues was created at the U.S. Department of State to promote the country’s cybersecurity policy. An interesting feature of the International Strategy for Cyberspace was the emphasis on so-called “capacity-building,” specifically on rendering assistance to developing countries through the provision of the necessary resources, knowledge and experts, including with a view to these countries developing their own national cybersecurity strategies.

In contrast to the George W. Bush era, U.S. representatives played an active role in preparing the report of the United Nations Groups of Governmental Experts in 2010. In 2011–2013, a number of summit-level bilateral negotiations on cybersecurity issues were held, primarily between Russia and China, during which there was an attempt to develop the “rules of the game” for leading powers in this new sphere of international relations. The high point in U.S.–Russia relations was the singing of the Joint Statement by the Presidents of the United States of America and the Russian Federation on a New Field of Cooperation in Confidence Building in 2013. The document also outlined cooperation measures in the protection of critical information systems and mechanisms for reducing cyberthreats. Unfortunately, all agreements were frozen following the outbreak of the Ukrainian crisis. And they cannot be considered tenable under current conditions, as all attempts to bring them back to life have failed.

Donald Trump: America First

The new Strategy is a logical continuation of the policy of recent years and is now enshrined at the doctrinal level. As we have already mentioned, it resembles the policy of George W. Bush more than that of Barack Obama, although it does borrow from and refine some points of the latter’s strategy to meet current needs. The first thing that catches the eye about the new Cyber Strategy is that is forms an image of an external threat to freedom and democracy and focuses on ensuring peace through strength. The Strategy repeatedly mentions the main opponents – Russia, China, Iran, North Korea and international terrorism.

The policy outlined in the document is based on four pillars: protecting the American people, the homeland and the American way of life; promoting American prosperity; preserving peace through strength; and advancing American influence. In some areas, you can find specific examples of recent events that formed the basis of a new policy that could affect both U.S. policy and international relations in ICT security in general.

The main objective of the first pillar of the new Strategy is to manage cybersecurity risks in order to improve the reliability and sustainability of information systems, including critical facilities. One of the new elements of domestic policy is the development of a risk management system in the Federal supply chain that would include, among other things, determining clear authority to exclude (in individual cases) supposedly risky vendors, products and services. These actions will be combined with efforts to manage risks in supply chains connected with the country’s infrastructure. The level of risk associated with using a specific vendor’s product should be determined on a case-by-case basis. At the same time, examples of similar policies allow us to state with confidence that, as far as the United States is concerned, the main unreliable vendors are located in Russia and China. Given the growing trade and economic standoff between the United States and China, the next logical step could be a ban on the use of Chinese components in government agency servers, just like what happened with Kaspersky Lab. This may very well be followed by an embargo of Chinese components by major companies and at critical infrastructure facilities. At the same time, the United States will promote the development of the internet and an open, compatible, reliable and secure communications infrastructure that will increase the competitiveness of American companies and help them counter the economic interference of other countries in areas of strategic competition.

The new Strategy focuses on improving cybersecurity in the transport and maritime infrastructure, as well as in space. The modernization of these sectors makes them more vulnerable to cyberattacks. The safety of maritime transport is particular concern, as transport delays or cancellations could disrupt the economy at strategic and lower dependent levels. The NotPetya malware attack that cost the logistics company Maersk a total of $300 million in 2017 as a result of a violation of its operating activities drew attention to the problems in this area. In response, the United States plans to establish the necessary roles and areas of responsibility, promote improved mechanisms of international cooperation and information exchange and help create a next-generation maritime infrastructure that is resistant to cyberthreats. It is possible that the maritime infrastructure of other states that participate in international maritime trade may, under the pretext of noncompliance with American standards, be deemed “unsafe” (for example, liquified natural gas terminals or ports along the Northern Sea Route).

Another important element of the policy outlined in the new Strategy is the modernization of legislation in electronic surveillance and computer crime. The United States is expected to update its legislation in these areas in order to expand the power of law enforcement agencies to legally collect evidence relating criminal activity and carry out further operational, investigative and judicial activities. Evidence may be collected outside the United States. In the past, these activities were carried out under so-called mutual legal assistance treaties, including the Budapest Convention on Cybercrime. However, the CLOUD Act adopted this year gives law enforcement agencies considerable powers to obtain information stored in the servers of U.S. companies operating outside the country. As a result, countries are no longer required to enter into mutual legal assistance treaties and inform other states that they are carrying out investigative activities in their territory. Interestingly, while the new Cyber Strategy contains statements about rejecting censorship on the internet and adhering to a free and open cyberspace, it also instructs law enforcement agencies to work with the private sector to overcome technological barriers, for example anonymization and encryption technologies, that are used to ensure this much-touted “freedom of the internet.”

The Strategy places considerable emphasis on actions aimed at expanding U.S. influence around the world. One of these areas is developing the capacities of partner countries to counter cybercrime. When U.S. law enforcement agencies issue a request for assistance, the country in question has to possess the appropriate technical capacity. Despite the fundamental problems of the Budapest Convention on Cybercrime (the lack of development and the threat of state sovereignty being violated), the U.S. Administration will work to increase the international consensus with regard to it. The UN draft resolution “On Cooperation in the Field of Countering Information Crime” put forward by Russia has not even been critically evaluated.

Peace through Strength

The United States is prepared to use all available tools of national power, including military force, to deter opponents from malicious acts in cyberspace that threaten its national interests, allies and partners.

The mechanism for determining the degree of “malicious intent” of actors in cyberspace will be based on the American interpretation of the provisions of international law and the voluntary non-binding norms of the responsible behaviour of states in cyberspace. These norms were developed by a UN Group of Governmental Experts in 2015 and were intended to define the limits of acceptable behaviour of all states and contribute to greater predictability and stability in cyberspace. The United States will encourage other countries to publicly adopt these principles and rules, which will form the basis for joint opposition to states that do not conform to them. In order to identify these states, the Executive Branch of the United States and the country’s key partners plan to share objective and relevant data obtained by their respective intelligence agencies. Obviously, in the context of the widespread use of public attribution, the unsubstantiated statements of a powerful state on the involvement of a given country in a cyber incident cannot lead to an escalation of tensions. There is no indication in any of the documents of the international legal mechanisms that may be created for the legitimate investigation and judicial examination of cyber incidents, including those that, in the opinion of the United States, may be considered an armed attack.

At the same time, work is under way on the establishment of possible consequences of irresponsible behaviour that causes damage to the United States and its partners. The United States expects to build strategic partner relations that will be crucial in terms of exerting influence on the “bad” actors in cyberspace. The Cyber Deterrence Initiative should be a key component of this: coordinating the general response of a broad coalition of likeminded states to serious malicious incidents in cyberspace, including through intelligence sharing, attribution, public statements of support and other joint actions. The United States Department of Defense will carry out similar work to consolidate and strengthen joint initiatives. In accordance with the Law on Budgetary Appropriations for National Defense, in 2018, the Department of Defense carried out a comprehensive review of military strategy in cyberspace and the possibilities for its implementation. The result was the publication of a new Department of Defense Cyber Strategy, many elements of which overlap with the National Cyber Strategy. In accordance with the provisions contained in the Department of Defense Cyber Strategy, the development of cyber capabilities intended for both military purposes and combatting malicious actors in cyberspace will be accelerated. The United States will be able to promote its interests through operations in cyberspace across the entire spectrum of conflict intensity, from daily operations to wartime, while cyber capabilities will be used proactively. This cannot but cause concern, especially considering the fact that Donald Trump has lifted many of the barriers to carrying out cyber operations and the Cyber Command has been given greater independence, becoming the Department of Defense’s 10th Unified Combatant Command

On the whole, the new cyber strategies are aimed at strengthening the power, increasing the influence and promoting the interests in the United States on the international stage. At the same time, Donald Trump’s pre-election campaign slogan of “America First” is being implemented on completely different levels – the promotion of American know-how and technologies and the rallying of allies and partners. Meanwhile, U.S. markets are closing themselves off under the pretext of national security to goods and services provided by companies from “unreliable” states. Similar steps by other states – for example, the requirement that personal information be stored on servers inside the country – are declared to be undermining the competitiveness of American companies.

As for the norms of behaviour in cyberspace developed by the UN Group of Governmental Experts, the United States will promote them and use them to its advantage. This will probably be done through public attribution without any serious evidence, which seems to be par for the course these days. This mechanism of marginalization will not lead to an increase in stability and security, given that it involves a coordinated response from the United States, not only by means of attribution, but also through (proactive) military action.

The Strategy does not outline plans for the creation of international legal mechanisms that could independently, objectively and with due competence carry out a legitimate investigation and make a court decision with regard to malicious acts in ICT. This means that the suspects are already known and there is no doubt as to their identity – Russia, China, Iran, North Korea and international terrorism. At the same time, the Strategy does not say anything about how we might overcome the current crisis situation. Instead, there is a clear signal that no mutually beneficial or mutually essential official contacts on information and cyber security have been planned for the near future. This means that the schism between the American and Russian–Chinese visions of the future ICT environment is only growing, which could lead to the eventual fragmentation of the ICT environment and the internet. Having said that, Russia and China do not want the situation to unfold in this way. This much is clear from the resolution submitted for consideration by the UN General Assembly entitled “Developments in the Field of Information and Telecommunications in the Context of International Security.” Traditionally, these resolutions serve to highlight current events in international information security and do not contain any significant declarations. However, this particular resolution calls on all states to follow the norms, rules and principles developed in 2015 and convene a meeting of the Group of Governmental Experts to address the issue of how to implement these norms.

Active work at the unofficial level (namely, track one and a half diplomacy) at various international forums and other platforms could also help overcome the current crisis. Restoring relations should start with steps to re-establish mutual trust, perhaps through participation in projects involving a number of international players. Moreover, given the political will, the sides could focus on solving problems in a manner that is in the interests of both states.

First published in our partner RIAC

Continue Reading
Comments

Defense

India’s Sprouting Counterforce Posture

Published

on

In recent years, the technological advancements by India in the domain of counterforce military capabilities have increased the vulnerability of the South Asian region. While trying to disturb the strategic stability in South Asia, India through its adventuresome counterforce posture against Pakistan is on the verge of becoming a rogue state. Notwithstanding the repercussions, India is voyaging towards destabilization in the South Asian Region.

India’s enhanced strategic nuclear capabilities which includes-the development of Multiple Independent Reentry Vehicles (MIRVs), Ballistic Missile Defence System (BMD), Inter-Continental Ballistic Missiles (ICBMs), supersonic and hypersonic cruise missiles, and acquisition of nuclear-capable submarines- indicate that India is moving away from its declared policy of ‘No First Use’ (NFU) towards a more aggressive, counterforce posture against Pakistan. The BMD and MIRV technology along with the provision of an advanced navigation system under BECA would embolden India to go for the first strike against Pakistan. While having reliance on BMD, as to be sheltered in return. These technological advancements made by India are sprouting a new era of counterforce posture, which would further make the South Asian region volatile and vulnerable to conflicts.

India’s urge to acquire counterforce capability is strongly associated with its doctrinal shift. As the stated posture requires flexibility in the use of nuclear weapons, which fortifies the first strike capability, and thus a deviation in India’s declared policy of ‘No First Use’ (NFU) has become more significant, particularly concerning its impact on regional stability. India’s declared policy of NFU, set out in Draft Nuclear Doctrine in 1999, followed by its first amendment in January 2003 has since then been into hot debates. Pakistan has long doubted the Indian policy of NFU, as the actions and statements by the officials of the latter have always been aggressive and protruding towards the former. India, now, is drifting away from its policy of NFU with the acquisition of counterforce capabilities, particularly against Pakistan. This is further evident from the statement issued by India’s Defense Minister Mr. Rajnath Singh, back in August 2019. It stated “Till today, our nuclear policy is ‘no-first-use’ (NFU). What happens in the future depends on the circumstances.” A change at the doctrinal level is evident in the Indian strategic enclave. Notwithstanding the challenges and repercussions caused by the counterforce strategy and with an attempt to destabilize the nuclear deterrence in the region, India would go unjustifiably low to attain such measures.  

In the same vein, India has been enhancing its nuclear capabilities for strategic flexibility against its regional rivals. By the same token, it wants to attain nuclear dominance, which would ultimately result in chaos in the region. The counterforce capability by India would compel its adversaries to heed towards the preemptive strike, in case of a crisis, out of the fear of the use of Nuclear weapons first by the patent enemy.  Moreover, the counterforce capability pushes the enemy to put the nuclear weapons on hair-trigger mode, which is directly linked with the crisis escalation.  The acquisition of counterforce capability by India would likely provoke a new arms race in the region. This would further destabilize the already volatile South Asian region. The far-reaching destabilization which India is trying to create, just to have an edge on the nuclear adversary, would be back on India’s face, faster than she knew it.

On the contrary, Pakistan has been maintaining a posture of Credible Minimum Deterrence (CMD) and does not claim to have a No-First Use (NFU) policy. Moreover, Pakistan’s nuclear capability is defensive in principle and a tool for deterrence. Given the Indian evolved notions of counterforce preemption, even now Pakistan would be left with no choice but to leave room for carrying out a ‘first strike’ as a feasible deterrent against India. Nevertheless, with the advent of technological innovations, its countermeasure arrives soon, too. Presently, there are two aspects that Pakistan should take into consideration; the growing Indo-US nexus and India’s concealed innovations in the nuclear posture. Though India is far from achieving counterforce strikes against Pakistan’s nuclear targets, concrete steps are required for maintaining future deterrence stability. With that intention, Pakistan might need to look towards its allies for getting hands-on the modern capabilities which includes- advanced communication and navigation systems, sensors, and advancements in artificial intelligence and otherwise, is essential for strengthening its deterrent capability. Pakistan should heed towards the development of absolute second-strike capability; as, what is survivable today, could be vulnerable tomorrow. Therefore, advancements in technology should be made for preserving nuclear deterrence in the future as well.

Summarizing it all, the existence of Pakistan’s nuclear deterrence has created a stable environment in the region, by deterring full-scale wars on multiple occasions that might have resulted in a nuclear exchange. With the revolution in nuclear technology, the threat of nuclear war has emerged again. Instead of going towards the attainment of peace and stability in the region, India has been enhancing its counterforce capabilities. This would likely remain a significant threat to the deterrence stability in the region. Moreover, any kind of failure to maintain nuclear deterrence in South Asia could result in an all-out war, without any escalation control. India, in its lust for power and hegemonic designs, has been destabilizing the region. Both the nuclear states in South Asia need to engage in arms restraint and escalation control measures. This seems to be a concrete and more plausible way out; else the new era of destabilization could be more disastrous.  

Continue Reading

Defense

A pig in a poke of Lithuanian Armed Forces

Published

on

The proverb “a chain is only as strong as its weakest link” perfectly reflects the situation in the Lithuanian armed forces. It is it unclear how the army will carry out its tasks, if everything that happens there runs counter to common sense.

The conscription took place in Lithuania. The recruits once again were revealed by an electronic lottery on January 7, 2021. 3,828 recruits were selected from the list of 38 thousand conscripts aged 18 to 23.

The idea of using electronic lottery in such a serious procedure arises a lot of questions among Lithuanians. Young people are suspicious of this method and fully admit the possibility of corruption. Nobody could check the results and so nobody could be blamed for random selection. The more so, the armed forces could get weaker recruits than in case of using usual ways of choosing among candidates. So, the army buys a pig in a poke.

This approach to recruitment in Lithuania results in presence of those with criminal intents and inclinations. Сases of crimes committed by Lithuanian military personnel have increased. Incidents with the involvement of military regularly occurred in Lithuania in 2020.

Thus, a soldier of the Lithuanian army was detained in Jurbarkas in October. He was driving under the influence of alcohol. A Lithuanian soldier suspected of drunk driving was detained also in Siauliai in December. Panevėžys County Chief Police Commissariat was looking for a soldier who deserted from the Lithuanian Armed Forces and so forth.

Such behaviour poses serious risks to public safety and leads to loss of confidence in the Lithuanian army in society.

Lithuanian military officials have chosen a new way to discourage young people from serving in the army, which is already not popular.

“The road to hell is paved with good intentions.” The ministry of defence decided to run a photo contest that would reflect service in the country’s armed forces. It is doubtful that such pictures will attract to the army, but the real situation is provided.

Usually, popularization is the act of making something attractive to the general public. This contest served the opposite goal. Look at the pictures and make conclusions.

Continue Reading

Defense

Fatah-1: A New Security and Technological Development About Pakistan’s Indigenous GMLRS

Published

on

Islamabad: It seems like 2021 has been a good start for Pakistan specifically with regard to stepping up its missile testing. On the 7th of January, the Pakistan military has successfully conducted a purely indigenously developed missile test flight known to be Fatah-1. As stated by various reports, Fatah-1 is an extended-range Guided Multi-Launch Rocket System (GMLRS) which itself is a developed variant of the guided MLRS family.

According to the recent statement given by the Inter-Services Public Relations (ISPR) about the newly developed rocket, it was stated: “The weapon system will give Pakistan Army capability of a precision target deep in the enemy territory.” Director-General of Pakistan Army, Media Wing, major general Babar Iftikhar on 7th January tweeted: “Pakistan today conducted a successful; test flight of indigenously developed Fatah-1, Guided Multi Launch Rocket System, capable of delivering a conventional Warhead up to a range of 140 km.”

Defense analyst Mr. Syed Muhammad Ali also stated in his capacity: “the new system was very fast, accurate, survivable, and difficult to intercept”. A video was also shared by ISPR on their official website, in which the missile launch can be seen while being fired from the launcher however, the details on when and where the test flight has taken place, along with the specification of the rocket system are yet to be announced.

Currently, Pakistan Army owns a wide range of Short-Range Ballistic Missiles (SRBM), Medium-Range Ballistic Missiles (MRBM), Battlefield Ballistic Missiles (BBM), Rocket Artillery, and Surface to Surface Cruise Missile (SSCM). In the previous year, Pakistan had also maintained prime success in conducting the Ra’ad-II cruise missile and Ghaznavi surface-to-surface ballistic missile (SSBM). Besides, Pakistan Air Force (PAF) on 30thDecember made apt progress when it comes to the national air defense arsenal as it was announced that PAF is beginning the production of the State-of-the-art JF-17 Thunder Block 3 fighter jets, at the same time acquiring the 14 dual-seat Jf-17 aircraft.

According to various reports, the JF-17 Thunder Block 3 will be said to have a new radar operational capability which will be far better in the practical domain as compared to the Raphael aircraft acquired by India. Whereas, the exchange of 14 dual-seat aircraft, manufactured with Pak-China cooperation were also given to the PAF which will be used for extensive training.

The recent successful testing of Fatah-1 has been considered to be another milestone for Pakistan as it tends to be a fitting response to the recent developments in the conventional capabilities carried out by India and also to India’s Cold Start Doctrine.

Continue Reading

Publications

Latest

Trending