Connect with us

Intelligence

It’s Hard to Find a Black Cat in a Dark Room, Especially If It Isn’t There: RAND on the Search for Cyber Coercion

Published

on

What is cyber coercion and how have states used cyber operations to coerce others? These are the questions addressed in the RAND think tank’s recent reportFighting Shadows in the Dark. Understanding and Countering Coercion in Cyberspace“. The authors discuss cyber operations conducted by four states — Russia, China, Iran and North Korea — and try to determine whether those activities amounted to cyber coercion.

Starting with the study findings, we will highlight the following points. Cyber operations intended to coerce are a small subset of overall cyber operations globally. Espionage remains the predominant purpose of states’ cyber operations. Despite that, the authors think that states like Russia and North Korea appear to be more likely to have used cyber operations as a coercive tool than China and Iran. The authors also find that, contrary to what coercion theory would predict, states do not make distinct threats with unambiguous demands for changes in behaviour often. Instead, they deny responsibility, hiding behind proxies. Despite the low probability of success, the authors anticipate states will continue to use and may, in fact, come to employ cyber operations more often in the future to coerce. To prepare for this outcome, the United States and its allies need to work now to develop methods to discern cyber coercion as it emerges and strategies to deter and counter it in the future.

Even though the report has certain scientific value, the authors have left quite a lot of space for criticism. First, we need to examine several serious methodological issues. Second, setting aside the fact that the study was sponsored by the United States Department of Defence and its affiliated entities, the authors specifically mention that they only used data from open sources. Indeed, the evidence is mostly taken from reports published by companies such as Mandiant and its eventual buyer FireEye, whose leadership has certain connections both with the Department of Defence and with the U.S. intelligence community. So the evidence of countries’ involvement in cyber operations cannot be seen as objective. Finally, it is lamentable that the ways suggested by the authors for solving problems are strikingly one-sided and do not contain the slightest hint of any possible affirmative action.

Coercion

The authors attempt to base their methodology for defining coercion in cyberspace on the seminal work by the American economist Thomas Schelling Arms and Influence, among other things. They claim that Schelling described two forms of coercion: active coercion (compellence) and passive coercion (deterrence). In their words, the former involves the active use of force in some form to compel action by another. In contrast, the latter involves the threatened use of force to either motivate action or refrain from a particular activity. Schelling himself says the following:

“… partly deterrence has been a euphemism for the broader concept of coercion, as ‘defence’ has replaced words like ‘war’ and ‘military’ in our official terminology. It is a restrictive euphemism if it keeps us from recognizing that there is a real difference between deterrence and what, in Chapter 2, I had to call ‘compellence,’ that is, a real difference between inducing inaction and making somebody perform.” [1]

“… brute force succeeds when it is used, whereas the power to hurt is most successful when held in reserve. It is the threat of damage, or of more damage to come, that can make someone yield or comply. It is latent violence that can influence someone’s choice — violence that can still be withheld or inflicted … The threat of pain tries to structure someone’s motives, while brute force tries to overcome his strength. Unhappily, the power to hurt is often communicated by some performance of it. Whether it is sheer terroristic violence to induce an irrational response, or cool premeditated violence to persuade somebody of your intent and willingness to repeat, it is not the pain and damage itself but its influence on somebody’s behaviour that matters. It is the expectation of more violence that gets the wanted behaviour, if the power to hurt can get it at all.” [2]

It is obvious that Schelling draws a clear line between deterrence and coercion and, more importantly, points out that coercion implies limited use of force: force plays a secondary part, while the central condition is threatening damage.

Further, while describing the logic of coercion, the authors quote several scholarly works that repeat the key points made by Schelling. In one of them, coercion is summarized with the phrase “if you do not do X, I will do Y.” [3] Another work states that a coercive action or threat “demands clarity in the expected result … [and to] be accompanied by some signal of urgency.” [4] These appear to be true and ought to have been taken as the basis. Yet the authors of the report choose another path: they declare that the observed practice differs from the theory of cyber coercion (which, it should be noted, was inferred from practice) and claim that demands and threats expressed as part of such coercion are sometimes ambiguous, as identification of the threatening party can be. But what remains of coercion if its defining characteristics are removed? Large-scale cyber-attacks are not just a show of force but achievement of specific objectives, so they have nothing to do with coercion.

The above seems to challenge the accuracy of the question asked at the beginning of the paper under review: “What is cyber coercion?” Let us first consider what coercion is. It appears to be primarily a form of policy aimed at maintaining or changing the existing order of distribution of power and wealth in the global community [5]. From this standpoint, the essence of coercion is to change the political behaviour of other actors in the global political arena with the possibility of a limited demonstration of force that does not escalate into full-scale warfare. To some extent, the essence of coercive policy is described in the Art of War by Chinese General Sun Tzu: “Therefore the skilful leader subdues the enemy’s troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field.” Even so, coercive violence is also possible: discussing this, Schelling cites an example from the history of the Wild West: raids on some Indian settlements were intended to break the resistance of and subjugate all tribes. But here the Indians were clear about the source of the threat, the possible consequences of resistance and the demands that were put forward, as well as the ways out — either to submit or to retreat.

If we base our discussion on the above premise that coercion is a form of policy, a more appropriate question arises: can cyber-means be used to implement a coercion policy and, if so, how effectively? Based on the definition of coercion, its implementation generally requires A to demand that B change its policy in a specific way — with a demonstration of force that can be used to its full extent if the demand is not satisfied. In individual cases, demands, threats or demonstration of force can be implicit. Still, it is evident that the victimized party needs to be aware of such risks and understand them correctly. This imposes certain conditions on the means used for implementing a coercion policy.

The ICT environment has a number of properties making it an attractive medium for influence. First of all, it offers anonymity and action across borders, which complicates attribution, i.e., identification of the source of influence. The “plausible deniability” of involvement in cyber-attacks is one of their most significant benefits as a military-political tool. Experience shows that cyber-attacks can be used to project and demonstrate power. Still, the party that uses them for coercive purposes has to assume responsibility or reveal its involvement in some other way. According to some statistics, numerous cyber-attacks are carried out against the Russian public infrastructure every day (2.4 billion hostile actions were detected in 2017, rising to 4 billion in 2018). Recognizing a demonstration of force or a demand to change one’s policy within such a torrent of events appears impossible. Using the possibility of a cyber-attack as a threat also seems ineffective because it allows the potential adversary to prepare for the attack and to fend it off.

Public Policy

The authors of the report claim that, as the development of more connected and interconnected information systems and networks proceeds, the potential for actors to use cyber operations to exert influence and impact the economic, political, and social wellbeing of other states is incresing. When examining possible episodes of cyber coercion, however, the authors confine themselves to just four key global political actors identified by the U.S. Government: Russia, China, Iran and North Korea. For each country, open-source research was conducted to develop an overview of their capabilities, published doctrine on cyber operations, as well as available data on government-affiliated cyber operations groups.

The authors’ research into doctrines and documents disclosing states’ positions concerning operations in cyberspace is incomplete, inconsistent and sometimes merely erroneous. For example, when quoting strategic planning documents of the Russian Federation, the authors state that “[a]lthough Russia sees its adversaries conducting such [information] operations against it, these writings indicate how Russia thinks about the potential role for cyber operations in its operations as well.” Here it would suffice to consult the Russian Federation Armed Forces’ Information Space Activities Concept, which reads: “Cyberspace conflict settlement shall be carried out in the first place by means of negotiation, conciliation, addressing to the U.N. Security Council or regional agencies or agreements, or by other peaceful means.” The authors also quote Chinese experts, who point out a whole range of disadvantages of network deterrence and coercion operations, above all the fact that the ambiguous nature of cyber operations may reduce their efficacy [6]. Successful deterrence and coercion results from effective signalling — the adversary must first be aware of the source and motivation for the influence for it to take actions expected by the attackers. The authors conclude that China “is taking a more circumspect approach to using cyber operations for coercive purposes, focusing largely on stealing data or silencing critics of the regime. China may, however, seek to expand its use of cyber operations to coerce in the future.” It is an entirely groundless conclusion, especially considering all the disadvantages the Chinese experts have pointed out.

As for the specific cyber capabilities of each state, the work done by RAND is not based on concrete facts. For example, as corroboration of the claims of Russia’s involvement in cyber-attacks on Montenegro in 2018, they refer to an article stating that: “Three international I.T. security companies say the emails [containing malware] came from APT28, also known as Fancy Bear, which U.S. intelligence services say is connected to the Russian military intelligence service, GRU.” China’s involvement in cyber-attacks on South Korean networks and systems, as well as other episodes of cyber influence, are proven similarly. A case from 2017 is mentioned, when the U.S. Department of Justice brought cyber-espionage charges against three employees of the Chinese company Boyusec. Even though federal prosecutors deliberately avoided the question of whether Boyusec was affiliated or connected with the Chinese government, private sector representatives noted that they assumed that Boyusec had been working for the Ministry of State Security of China. Myths are born from repetition and persistent emphasis on facts long disproven. For instance, Russia is alleged to have carried out cyber-attacks on Estonian government agencies in 2008, even though this allegation has long been refuted: an independent investigation confirmed that the operation was, in fact, the work of activists with no government affiliation.

The RAND report relies on a biased selection of evidence provided by entities associated with the United States intelligence community, and it gives the impression of stretching facts to create a negative image of Russia, China, Iran and North Korea as malicious actors in cyberspace. Meanwhile, it is the current U.S. strategic planning documents that articulate a clear vision of a threat to freedom and democracy and set the goal of ensuring peace using force. This implies identifying adversaries and exerting influence using all available means. Coercion policy has already become the norm in the United States. Take, for example, this summer, when The New York Times published a piece claiming that the U.S. secret services have carried out offensive operations against the Russian electricity grid and power plants. The purpose of that publication is still unclear: was it a leak and, if so, was it intended? Or was it disinformation? U.S. President Donald Trump accused journalists of treason, and representatives of the U.S. National Security Council said there were no risks to national security. If we take the lead from RAND, however, and look at the broader context, we see that, against the backdrop of tension between Russia and the U.S., this publication was a clear signal of coercive policy.

Establishing peace through force does not provide a mutually acceptable mechanism for reducing tensions in the ICT sphere. And though, as the authors themselves note, not all of the cases examined in the report are explicit acts of cyber coercion, it is necessary to develop the means to detect early signs of cyber coercion and to craft deterrence and resilience strategies. It is assumed to be enough to respond successfully to cyber coercion. The authors see no ways of solving the problem other than developing strategies to counter this phenomenon (it may be assumed that those will include all available means, including “public attribution”).

In conclusion, the authors repeat the message that cyber operations may not be accompanied by clear signalling of a threat or expected behaviour, let alone means that can be used for coercion. It is also challenging to determine what exactly cyber operations carried out against another country are aimed at. Maybe the argument would benefit from Occam’s methodological principle: “entities should not be multiplied without necessity.” Indeed, just as the authors state, ICT tools are widely used by many states to accomplish military and political objectives. Yet, if an action is not aimed at changing the political behaviour of another country and if there is no direct threat or use of force (which would be a violation of the United Nations Charter, by the way), should we speak of so-called coercion or is it just regular cyber activity, which is now commonplace? A vivid example of a coercive policy that is mentioned, but not discussed by the authors, is the cyber-attack on Iranian nuclear programme facilities in 2010. First, specific countries demanded that Iran wind down its nuclear programme. Second, there was talk of a possible strike if the conditions were not fulfilled. As we know, Iran did not change its policy, and the cyber-attack that followed was not an act of coercion or a limited demonstration of force but fulfilled particular tasks: Iran’s nuclear programme was slowed down considerably.

What we need is not strategies against cyber coercion, which RAND experts call for, but international frameworks for precluding conflicts in cyberspace. One such framework could be built up from the norms, rules and principles of responsible behaviour in the ICT environment formulated by the international community through the United Nations Group of Governmental Experts.

From our partner RIAC

1. Thomas C. Schelling, Arms and Influence, New Haven, Conn.: Yale University Press, 1966., P. 174–175.

2. Ibid. P. 3.

3. Erica D. Borghard and Shawn W. Lonergan, “The Logic of Coercion in Cyberspace”, Security Studies, Vol. 26. No. 3, 2017, pp. 433–34.

4. Christopher Whyte, “Ending Cyber Coercion: Computer Network Attack, Exploitation and the Case of North Korea”, Comparative Strategy, Vol. 35, No. 2, 2016.

5. For a definition of policy, see Kokoshin A.A. Global politics: theory, methodology, applied analysis [Mirovaya politika: teoria, metodologia, prikladnoy analiz]. Komkniga, 2005. ISBN 5484000874 (in Russian).

6. Shou Xiaosong, ed., The Science of Military Strategy [战略学], Beijing, China: Military Science Press, 2013, p. 194.

Continue Reading
Comments

Intelligence

The Failures of 737 Max: Political consequences in the making

Sisir Devkota

Published

on

Last month, as Boeing scaled new contracts for the 737 Max, horrific remains in Bishoftu, from the crashed Ethiopian Airlines Flight 302, witnessed the Dubai Air show in despair; the plane manufacturer had sealed another 70 contracts for the future. Still, the dreaded MCAS software is looking for a resolution at last. Two of the fatal Max 8 crashes have been reportedly caused by censor failures, accounted to software malfunctions. Hundred and fifty-seven people died inside flight 302, only months after Lion Air 610 crashed into the Java Sea with 180 passengers on board.

Both accidents are predisposed towards the highly sophisticated Maneuvering Characteristics Augmentation System (MCAS), an algorithm that prevents 737 aircrafts from steep take offs; or de-escalates the vehicle at its own will. However, there is more to Boeing accidents than just a co-incidental MCAS failure. Largely, it is only a consequence of political and economic interests.

While Boeing’s European competitor, Airbus, relaunched its A320’s in 2010, there were fewer changes in the operating manual. Airbus 320 Neo, as it was re-named, had larger engines on the wings, primarily designed for fuel efficiency. The Neo models claimed a whopping 7% increment in the overall performance; inviting thousands of orders worldwide. Consequently, Boeing’s market share of more than 35% was immediately under threat after Lufthansa introduced it for the first time in 2016. Despite of major competition from the A320, 737’s lack of ground clearance space, hindered for a major engine configuration. Nevertheless, Boeing responded to the mechanical challenge and introduced the MCAS for flight safety. As bigger engines in 737 was increasing the take-off weight, the MCAS would automatically re-orient the aeroplane’s steepness to avoid stall. Boeing’s lust to stay afloat in the competitive market, led by a robotic intrusion in flight controls did not fare too long. Flight investigations claimed that although Lion Air 610 was gaining altitude in normal circumstances, the MCAS read it wrongly; hence, pulling the aircraftlower, beyond the control of physical pilots. It was a design flaw, motivated by the need to overcome dwindling sales profits.

Neither is Airbus enjoying smooth performances over the years; it however has not performed as miserly as the 737. Indigo, a major Indian airline is the largest importer of A320 Neo; despite new technologies, it has been warned of repeating problems like momentary engine vibration. Months back, an Indigo flight stalled on its way from Kolkata to Pune, before being forced to return to its departure. Unlike the Boeing 737, Airbus malfunctioning does not lead to a major disaster. There is an element of mechanical interference available to pilots flying the European prototypes. Still, it is not everything that separates the two giants.

The Ethiopian disaster, scrutinized Boeing’s leadership at home; a congressional hearing concluded that after repeated attempts to warn the airline manufacturer to present information as transparently as possible, deaf ears have persisted. As the statement read, Boeing was hiding significant information away from airline companies and pilots. While it plans to resume sales in 2020, progress has been waning, in terms of improving the knowledge behind operating the 737 Max. The investigative hearing concluded that Boeing was manufacturing flying coffins.

Unsurprisingly, there is little amusement towards the development of airline sales around the world. Visibly, there is a band of companies, preferring the American manufacturer to the other. The politics is simple; it is merely about technological superiority, but more related with subsidies and after sales services. Regardless of whether Boeing will scrap the 737 Max or improve the software configuration, doubts have presided over choosing to fly altogether with choosing to fly a specific model. Air travel could not be safer in 2020. That claim is in serious trouble.

Continue Reading

Intelligence

Digital Privacy vs. Cybersecurity: The Confusing Complexity of Information Security in 2020

Dr. Matthew Crosston

Published

on

There is a small and potentially tumultuous revolution building on the horizon of 2020. Ironically, it’s a revolution very few people on the street are even aware of but literally every single corporation around the globe currently sits in finger-biting, hand-wringing anticipation: is it ready to meet the new challenge of the California Consumer Privacy Act, which comes into full effect on January 1, 2020. Interestingly, the CCPA is really nothing more than California trying to both piggy-back AND surpass the GDPR (General Data Protection Regulation) of the European Union, which was passed all the way back in 2016. In each case, these competing/coincident pieces of regulation aim to do something quite noble at first glance for all consumers: to enhance the privacy rights and data protection of all people from all digital threats, shenanigans, and malfeasance. While the EU legislation first of all focuses on the countries that make up the European Union and the California piece formally claims to be about the protection of California residents alone, the de facto reality is far more reaching. No one, literally no one, thinks these pieces can remain geographically contained or limited. Instead, they will either become governing pieces across a far greater transregional area (the EU case) or will become a driving spur for other states to develop their own set of client privacy regulations (the California case). Despite the fact that most people welcome the idea of formal legal repercussions for corporations that do not adequately protect consumer data/information privacy, there are multiple confusions and complexity hidden within this overly simple statement. As we head into 2020, what should be chief for corporations is not trying to just blindly satisfy both GDPR and CCPA. Rather, it should be about how to remedy these confusions first. However, that elimination is not nearly as easy to achieve as some might think.

First off, a not-so-simple question: what is privacy? It is a bit awe-inspiring to consider that there are many ways to define privacy. When considering GDPR and CCPA, it is essential to have precise and explicit definitions so that corporations can at least have a realistic chance to set goals that are manageable and achievable, let alone provide them with security against reckless litigation. Failure to define privacy explicitly carries radically ambiguous legal consequences in the coming CCPA atmosphere, something all corporations should rightly avoid like the plague. Perhaps worse, no matter how much time you spend defining consumer privacy beforehand, trying to create this improved consumer protection digitally becomes almost hopelessly complicated. The high-technology, instant-communication, constant-access, massively-diversified world we live in today makes some argue that ‘digital privacy’ in any real sense is dead and buried without the possibility for resurrection. If this is true, then how quixotic will it be for corporations to try to meet the regulation demands of legislative projects like GDPR and CCPA if they do not first try to establish both clarity and transparency of terms and goals?

This is not a nihilistic argument just trying to have every corporation around the world throw up its hands in despair and give up on improved consumer privacy and data protection. But note the word ‘improved.’ In order for corporations to realistically provide consumer data protection, the irony of ironies may be that the first successful step will be finally embracing transparency in admitting that ‘perfect digital privacy’ will not and cannot exist. Realistic cyber expectations mean admitting that external threats always have an upper hand over internal defenders. Not because they are more talented or more committed or more diligent. But because what it takes to successfully perpetrate a threat is far simpler, quicker, cheaper, and easier than what is necessary to successfully enact a comprehensive defense program that can answer those threats and remain agile, flexible, and adaptive far into the future.

The broken glass analogy helps illustrate this conundrum. I am in charge of protecting 100 windows from being broken. But I must protect them from 1000 people coming toward me with rocks. Ultimately, it is far easier for the 1000 to individually achieve a single success (breaking a window) than it is for me to achieve success in totality (keeping all 100 windows intact). The resolution, therefore, is transparency: there is greater chance of ‘success’ for the chief actors (namely, me as defender and the client as owner of the windows) if I can be liberated from the impossible futility of ‘perfect protection’ and set a more realistic definition of protection as ‘true success.’ As long as there are recovery/restitution processes in place (replacing/repairing a broken window), then ‘success’ should be legitimately defined as a percentage less than 100. This is the same for corporations dealing with clients/consumers in the new world of 2020 CCPA: if the idea is that these pieces of legislations finally make corporations commit to perfect digital privacy and such perfection is the only definition of success against which they can measure themselves, then 2020 will be nothing but a year of frustration and failure.

The funny thing in all of this is that the EU legislation somewhat admits the above. Consider the seven principles of data protection as laid out by GDPR:

  • Lawfulness, fairness, and transparency.
  • Purpose limitation.
  • Data minimization.
  • Accuracy.
  • Storage limitation.
  • Integrity and confidentiality.
  • Accountability.

Nothing in these seven principles would bring about the establishment of perfect digital privacy or sets the expectation that failures in consumer protection must never occur. But they do hint at a darker secret underlying the European concept of client privacy that sits in contradiction to the very essence of American economics.

When people call CCPA the ‘almost GDPR,’ it is hinting at how the spirit of the two legislations are somewhat diametrically opposed to one another. The EU crafted GDPR under strong social democratic norms that encompass many of the core member governments. As such, it is most decidedly not legislation engineered to first protect the sacred right to free market business enterprise and a fundamental belief in the market to solve its own problems. Rather, GDPR has within it, implicitly, a questioning skepticism about the core priorities of major corporations and the belief that governance is the only way to make free-market economics work fairly. As such, GDPR is not just about protecting consumer data and information privacy from hackers, outside agents, and foreign actors: it is alsoabout protecting consumers from “untrustworthy corporations” themselves. This is something that should not infuse the CCPA (whether it does or not is yet to be determined and 2020 will therefore prove to be a very interesting judgment year). Because while California is staunchly to the left on the American political spectrum, it still operates as a constituent member of the US, the most fiercely protective country of its capitalist roots and belief in the sanctity of the free-market system. As such, government regulation in the EU that works for consumer privacy protection will not be looking at corporations as a willing or even necessarily helpful partner in a joint initiative. American government regulation should and must. As time progresses, if CCPA proves itself to be too close to GDPR, to European as opposed to American market norms, expect to see other states in the US create competing legislation. And even if those competing pieces aim to create a more ‘American’ conceptualization of consumer digital privacy as opposed to ‘European,’ what it means in real terms for corporations is yet more competing standards to try to synergize and make sense of. Thus, executive leaders in charge of information security in 2020 are going to need to have critical reasoning and analytical research skills far more than they ever have in the past.

In the end, protecting consumer privacy and providing client data protection is an essential, proper, and critical element for doing business in 2020. Legislation like GDPR and CCPA are meant to help provide an acknowledged framework for all actors to understand the expectations and consequences of the success/failure of that mission. Having such protocols is a good thing. But when protocols do not recognize reality, skip over crucial elements of clarity and transparency, hide some of the futility that likely cannot be overcome, and ignore their own competing contradictions, then those protocols might end up providing more problems than protection. What corporations must do, as they head into 2020, is not blindly follow CCPA. Nor should they facetiously do superficial work to achieve ‘CCPA compliance’ while not really providing ‘privacy.’ What is most crucial is innovative executive thinking, where new analytical minds are brought in to positions like CISO (Chief Information Security Officer) that are intellectually innovative, entrepreneurial, adaptive, and agile in how they approach the mission of privacy and security. Traditionally, these positions have often been hired from very rigid and orthodox backgrounds. The enactment of CCPA in 2020 means it might be time to throw that hiring rulebook out. In real terms, the injection of new thinking, new intellectualism, new concept agility, and new practical backgrounds will be crucial for all information security leadership positions. Failure to do so will not just be the death of privacy, but the crippling of corporate success in the client relationship experience.

Continue Reading

Intelligence

The priorities of cyber diplomacy in the Rouhani’s government

Sajad Abedi

Published

on

Technological growth and its breakthrough advances, along with their advantages, also have disadvantages, which are obvious examples of communication equipment. In fact, today, the Internet, telephones, cell phones and other communication devices can be described as a double-edged sword used to facilitate communications on the one hand and to spy on and monitor information.

The main pillar of cyber security – from the very beginning of this concept – is the implementation of technical and non-technical measures that ensure the security of information systems. But for these measures to be effective, they must cover all possible threats and vulnerabilities, as only a small flaw can provide the basis for a widespread attack.

The fact is that, contrary to what most people think, “cyberspace” is not a virtual space. In fact, the use of the word virtual has led astray people and ideas in this field. Cyber ​​space is a real space in a new arena for influence and consequence of friendship, cooperation, competition, hostility and even war between nations and other actors. It shows well that the Internet and cyberspace have opened a new field for politics, where individuals, groups, and governments are engaged in policymaking. Accordingly, “cyber-politics” and “cyber security” are spoken about in international relations and politics today. Cyber-politics is a two-part concept that refers to the interplay of two policy areas (friendship, cooperation, competition, conflict and the fight for values ​​and interests) and the Internet (a new space for acting).

Cyberspace Interaction Space, or more properly the “cyber-politics” space, is the latest and most important field of interest for policy and international experts in theory and practice, neglecting which can cause serious harm. And unpredictable for countries as the most important actors in the field of international relations.

Today in the field of international relations and politics there is talk of “cyber-politics” and “cyber security”. Cyberspace is a real space in a new realm of influence and consequence of friendship, cooperation, competition, hostility, and even war between nations and other actors. These illustrate well that the Internet and cyberspace have opened a new field for politics, where individuals, groups, and governments are engaged in policymaking.

Cyber-politics is a two-pronged concept that refers to the interplay of two policy areas (friendship, cooperation, competition, conflict, and the fight for values ​​and interests) and the Internet (a new space for action). Some experts have gone even further and have spoken of cyber policies as “excellent policy” versus “low politics”.

In the field of international relations, influenced by the tradition of realism, international issues are divided into crucial issues such as security and less important issues such as economic issues. Some experts believe that due to the importance of the cyberspace, cyber-policy should be considered as one of the most important, critical and security issues or excellent policy. They point out that millions of people worldwide now have access to computers and the Internet, and that the number of users and the level and depth of Internet use are increasing every day, which provides a very important playing field for politics Is. The number of users is increasing daily as well as the level of technology. In such circumstances, cyberspace plays an important role in guiding public opinion, setting priorities and desires, public diplomacy, espionage, sabotage, war, conflict and everything that actually constitutes the real policy space. As a result, cyberspace should be considered a top policy.

The Theoretical Framework and the Most Important Impacts of Cyberspace on Politics and International Relations include three fundamental issues:

The first is to provide a “conceptual order” to explain the relationship between cyberspace and politics.

The second issue is identifying and believing in the broad relationship between cyberspace and politics.

The third issue is to explain the path and the important issues in this regard.

The “side pressure” theory is applicable to this field.

The purpose of lateral strain theory is to provide a new level of analysis beyond the three levels of Stephen Walt. He believes that cyberspace cannot be discussed based on past levels and approaches of people like Kenneth Boulding and Kenneth Waltz.

Cyber ​​space requires a different level in addition to the three levels of “human”, “states” and “international system”. At this new level, the “global level”, the impact of cyberspace is emphasized by emphasizing the separation between the “social system” and the “natural environment”.

At the global level, the emphasis is that the Internet space and its widespread effects on the world of politics cannot be debated with the old levels that emphasize the individual, the state or the international arena. The Internet is a space for simultaneous acting, nongovernmental actors such as terrorists and private companies in the economic, cultural, security and even military dimensions. Therefore, it should be emphasized at the global level that while combining the other levels, it creates a broad linkage between all levels and dimensions and is capable of analyzing other political space. Therefore, lateral pressure theory attempts to establish a link between the individual, state, and international levels as the old levels and the level of global analysis.

Based on the experience of the past few decades, the Internet and cyberspace have had an impact on the relations of countries, especially the US and Iran. In fact, serious competition between countries in this field is positively or negatively or positively or negatively. In this battle, major countries, including China and the United States, are trying to outperform others in technology, which has positive implications for the advancement of the Internet, but at the same time the Internet has created a new atmosphere of competition, hostility and war that some countries, including It has attracted America and Iran.

On the subject of Internet content and the role and policies of governments in controlling cyberspace, powerful countries are trying to influence the direction and overallity of the Internet space and determine its future direction. On the other hand, weaker countries in the field are trying to influence the Internet through content filtering, with a negative and defensive look. In such an environment, the serious competition that exists between Western countries and others is taking shape every day.

In the cyber-political space as an important new issue in the field of politics and international relations, as in other areas of politics, “values” and “interests” are played by various actors such as governments, organizations and government actors. And NGOs, and even people, are produced, distributed and consumed. As a matter of fact, cyber policies has put new players alongside governments as the most important international relations players, sometimes more powerful and successful than governments.

However, apart from all the positive benefits and benefits of the Internet, the reality is that the Internet has provided a “new war space” that is referred to as “cyber warfare”. In this type of war, countries and other actors use the Internet to spy, sabotage, create riots, revolutions, and even destroy military and critical military facilities and centers.

Of course, the Internet has also created a new space for countries to “cooperate” and “interact”. In this context, the Internet has made it easy and cheap to build relationships between all actors, including governments, individuals, organizations, and institutions, with high speed and accuracy. As a result, the conditions for cooperation and interaction have become more important than ever. While countries and other actors are aware of the need for extensive international cooperation on the Internet, they are aware that the cyberspace has created a new field of international cooperation.

As for the wider impact of the Internet on all aspects of politics and international relations through the dissemination of awareness, the fact is that the Internet has greatly contributed to facilitating and expanding access to information and knowledge in the national and international arena. Individuals and human societies have become more aware and literate than ever before, and the world is confronted with a new phenomenon called “human awakening” in Islamic countries known as “Islamic awakening”. As a result, political demands such as respect for democracy and the need to respect the political independence of nations, respect for cultural and religious values, the right to decent socio-economic development, etc. and increased sensitivity to environmental issues. Accordingly, the Internet has affected the operating environment of countries and other actors.

Finally, a new space has emerged in the international arena that cannot be analyzed based on past theories, approaches, and levels. In fact, the content and philosophy of the new space, known as cyberspace, is very different from the past. In this new space, new and different kinds of friendship, cooperation, competition, hostility and war have been created alongside the patterns of the past. In addition, diverse and diverse actors have been added to traditional actors, which are highly ambiguous and unpredictable. As a result, new theories, approaches and perspectives that are much more flexible and open to the past need to be emphasized.

Cyber-politics and cyber security are nowadays considered as a major issue by international relations experts, along with older issues of war, economics, women and the environment, and even some consider it more important than others; Because cyberspace has some old-fashioned areas and themes.

It has come from the Rouhani’s government big cyber policies:

“Over the past 15 years, soft norms have become internationally binding norms, and this process has been going on without Iran’s presence and effective role play, the process and formation of norms and binding norms that may sometimes conflict with national and international interests. Being sovereign, it would severely damage Iran’s rights and interests and provide future grounds and excuses for pressure and sanctions from the cyber space.

With the proliferation of political and media reports and spaceships on Iran’s cyberattacks on the US and Saudi Arabia, highlighting and inducing Iranian government support for destructive and stealing information and “presenting Iran as a cyber-threat” accelerates the process. The sanctions could provide grounds for further pressure, cyber and non-cyber sanctions, and hostile countermeasures against our country, whose prospects could pose a threat to our country’s cyber interests. In the process, the country will see the imposition of a future “cyber crusade” that requires the necessary technical, political and diplomatic arrangements beforehand in cooperation with all actors in the field.

Establishment of normative grounds for joint action by US companies as a “front line of cyber warfare” against the Iranian government and Iranian companies under the pretext of conducting cyberattacks by Iran and joint collective action to combat filtering and support for national antitrust flows in space. Cyber ​​and external messengers with the slogan of protecting users and empowering them against government cyberattacks. “Tech companies are an important element in cyber warfare, and we’re the first responders to cyberattacks, and just as recognized by international law for sending medical facilities, technology companies must be neutral so they can be responsive to citizens,” says Brad Smith. And help them. ” They want to make filters-breakers equivalent to dispensing medicine and medical aid during wartime, thereby justifying their intervention in other countries’ affairs. But in fact, there is no resemblance between the humanitarian aims of the Red Cross and the Red Crescent with their inhuman and inhuman aims.”

For example, cyberspace has provided new conditions for countries to cooperate and compete, and of course other actors in the military and security, political, economic, environmental, women’s, children, health, education and more. Thus, the cyber space has created new conditions in which international relations issues are raised differently, resulting in a new form of cyber-policy that has particular implications for national and global security. Therefore, it is necessary to strengthen the clerical state at national level by thoroughly explaining and properly explaining cyber-politics and cyber security and its impact on all areas.

Continue Reading

Latest

Americas1 hour ago

It’s Back to “Rocket Man”: Trump Steadily expanding risks of a Nuclear war With North Korea

“Fools, visionaries, sufferers from delusions, neurotics and lunatics have played great roles at all times in the history of mankind,...

Science & Technology4 hours ago

G2C e-Governance & e-Frauds: A Perspective for Digital Pakistan Policy

e-Governance, sometimes referred as e-government, online-government or digital government, is the use of information and communication technologies (ICTs) to assist...

EU Politics6 hours ago

Aviation Safety: EU Commission adopts new EU Air Safety List

The European Commission today updated the EU Air Safety List, the list of airlines that do not meet international safety...

South Asia8 hours ago

Kartarpur may be the first drop of rain

On November 09th, 2019, Pakistan and India opened the first-ever visa-free corridor between the two countries to facilitate the pilgrimage...

Reports10 hours ago

Inequality threatening human development

Despite global progress in tackling poverty, hunger and disease, a “new generation of inequalities” indicates that many societies are not working...

Newsdesk12 hours ago

The role of data and statistics for evidence based policy making

An international workshop on data and statistics for evidence-based Voluntary National Reviews (VNRs) taking place at the headquarters of the...

Energy14 hours ago

Energy Production is Moving Upwards

The United Nations (UN) Environment Programme, and numerous research organizations working in consortium found in a recent report “the world’s...

Trending