It's Time to Move to a Fully Global Governance Regime to Tackle Cyber Warfare
By Mohan Das Menon | Published: 23rd May 2015 10:00 PM |
The Vienna Convention on Diplomatic Relations signed in April 1961 is accepted across the world as a platform for creating an effective mechanism for sovereign countries to maintain confidence-building links and interconnects with one another. The convention constitutes the basis for international diplomatic conduct and play, under the overall supervision of the UN. While seeking to differentiate between peace zones and war zones, other Vienna conventions essentially delve on behavioural norms for countries during times of conflicts.
Irrespective of the varying scope of these conventions, the manifest reality is, it is the internal dynamics within the respective ‘sovereign spaces’ that dominates the pathway of actual relations, real or derivative, between states.
Even when the heads of states finalise agreements, their implementation rests on internal dynamics of the day rather than any auto-generated dynamics of modern diplomacy. Today’s world is quite different from the earlier times when the various Vienna conventions were signed. It is information technology driven to the extent that one state can cause immense harm to another without any overt military action.
Under these circumstances, it is relevant to assess if the Viennna or Geneva conventions suffice in maintaining peace in today’s world. IT appliances are proliferating in the diplomatic interface and getting established in diplomatic exchanges the world over. This has rendered most provisions of existing conventions insufficient as the ‘wars of future’ could be triggered without exactly impinging on provisions of these protocols.
The Internet has become a major battleground of the 21st century. We are only beginning to grapple with the questions this transformation raises. Do crime and war in cyberspace use the same tactics, require the same defences, and have the same effects as they do in realspace’? Or does this new battlefield mean a break from the past, requiring new approaches and ways of thinking?
Two recent books provide grist for both sides of these questions. Arguing for an evolutionary position, in Cyber Operations and the Use of Force in International Law, Marco Roscini, who teaches international law at the University of Westminster, applies law-of-war principles to the Internet. He suggests that, by and large, they can be adapted to work in this new terrain.
In contrast to Roscini, Shane Harris makes a strong case that the Internet is forcing us to rethink our basic assumption about crime, war, and the roles of the government and private sector in keeping us safe. In his new book, @War: The Rise of the Military-Internet Complex, Harris explores how government and private industry are reacting to dangers online—whether from criminals, terrorists, or hostile states.
He notes that in the real world, the “governments of nation states have always had a monopoly on the use of force” that is no longer the case today. An online computer can be accessed by any other computer in the world, bypassing governments entirely.
Given the existent, globally acknowledged reservoir of hacking expertise, the possibilities of real sabotage as well in the global IT arena are immense. Such subversive moves in the IT arena can assume alarming proportions because they remain largely non-detectable and the culprits are not easy to identify.
Isolated cyber-attacks between governments have been taking place for decades. The 2010 Stuxnet attack on Iran to disrupt the country’s nuclear programme is one stellar example. The multi-year Red October hack discovered in 2012 is another. But we seem to be entering a new era of bona fide cyber-war, where nations engage in attacks that are claimed to be retaliation for previous attacks through non-state actors. A cyber-war takes place in the shadows, where deniability exists. Cyber attacks can be secretly farmed out to independent individuals or groups.
Such attacks are already increasing in number, sophistication and impact. As the world becomes more inter-dependent and hyper-connected, there is growing concern about the vulnerability of the Internet, an infrastructure on which nearly all economic activities–trade, energy provision and the entire financial system—have come to depend.
In a medium that does not map onto political borders, it is impossible to manage risks successfully from just one jurisdiction. In economic terms, cyber crime is already comparable in size to drug trafficking. But we have yet to develop fully a global governance regime. Various initiatives have attempted to facilitate the international management of cyberspace, but none has had more than limited success.
The international community has put in place minimal codes that regulate areas like health and nuclear weapons’ proliferation. There is no reason why we cannot do the same in cyberspace. Unfortunately, the three largest cyberspace powers—the US, China and Russia—have not agreed on a common treaty to harmonise national laws. Nor do they cooperate on the issue through other institutions, with the exception of the G-20 and UN. Recent cases of cyber espionage have generated growing mistrust even among traditional allies like Germany and the US. In the interest of defending their sovereignty, states could begin to interfere in the technical governance that has proved so efficient. firstname.lastname@example.org
Menon is a former additional secy, Cabinet Secretariat