MUNK’S NEW RESEARCH METHODS EXPOSE THE STRUGGLE FOR THE INTERNET
Right now, the reader of this article is likely viewing it through an Internet connection, perhaps over their mobile phone or iPad, via the medium of cyberspace. Ten years ago, the term cyberspace would have been the stuff of science fiction. Today, it is an all too familiar, deeply pervasive medium through which every aspect of society, economics and politics is integrated. In spite of our overwhelming immersion in cyberspace, and the proliferation of more and more Internet-connected devices, it may seem strange to assert that the “high politics” and security dynamics of cyberspace are largely hidden from the average user. But the evidence bears this out.
Today, there is a geopolitical competition occurring deep within cyberspace as important as prior great power competitions over land, air, sea, and space. Much of this cyber competition is shrouded in secrecy, with contests and machinations obscured in ways that typically accompany high stakes realpolitik. It is characterized by heteropolarity – meaning a multiplicity of actors – states, corporations, individuals, militants, NGOs, both civil and uncivil society. There is in fact an arms race in cyberspace. What this means is governments struggle to project national power and gain strategic advantage, or learn to “fight back” against digital adversaries. Most of cyberspace is owned and operated by the private sector, which spans numerous state jurisdictions. Companies like Research-in-Motion and Google are being drawn into cyberspace contests as governments impose their controls to the edges of the network, often without public accountability or oversight.
The projection of power in cyberspace is often cleverly disguised. Blocking of websites can take places in ways that are masked as electrical outages, faulty Internet connections, or random denial of service attacks. Acts of computer network exploitation can be carried out in ways that mask attribution and disguise origins, debilitating adversaries, be they other governments or pesky human rights groups. A recent ‘worm’ called Stuxent was revealed to be targeting industrial control systems in Iran. This virus has all of these characteristics and may represent the crossing of a threshold of a new type of information weapon that could jeopardize critical infrastructure. Nearly every day, there are new revelations of denial-of-service attacks being employed to silence opposition or human rights groups.
One aim of our research activities in cyberspace at the Munk School’s Citizen Lab has been to shed a light on these contests and developments — to “lift a lid on the Internet” and find out what goes on beneath the surface. Our strength has been in our unique approach to the puzzle, a set of methods that combines careful meticulous technical interrogation, in-country field research, and data analysis – what we call “fusion methodology.” Those who study state intelligence methods will be familiar with this approach: the combination of techint and humint was a deliberate design choice that has informed all of our collective research projects. But unlike state intelligence actors, the Munk School’s Citizen Lab is not privy to unlawful access provisions, nor warrantless surveillance. Nor do we have access to billion dollar budgets. We have had to work within the framework of ethics and resources that applies to all University-based research projects. This constraint, however, has also been our greatest strength: we have had to do more with less, and develop intuitive connections from open data sources and approaches derived from different disciplinary matrices. In doing so, we may have gone beyond the capabilities of the very organizations we set out to emulate, and now provide a model for how to accomplish structured, focused research in a complex information space.
Research of this sort — multidisciplinary cyberspace research — is going to become more important in years to come because the Internet itself is undergoing dynamic changes. The Internet population continues to explode in every direction and in every possible way. But there is also a major demographic shift occurring from the North and the West, to the South and the East that will have a major impact on the character of cyberspace. Just as the first generation Internet was defined by Silicon Valley libertarians, the next generation will be defined by the millions of Internet users connecting from Lagos, Delhi, Chengdu, and Jakarta. Signals intelligence — the interception and collection of electronic information — once monopolized by superpowers with globe-spanning capabilities is now proliferating and democratizing. We have entered the age of DIY Sigint. The massive ecosystem of cybercrime – a persistent underbelly of the Internet since its very beginning — is now morphing into espionage and warfare as an arms race creates a new opportunity structure and market for the cyber criminals’ wares. More than ever, we need independent sources of research and an evidentiary base to guide security and policy in cyberspace as it becomes an object of ever intensifying political competition.
RELATED MATERIAL FOR THE WEEK OF DECEMBER 6
BACKGROUND
In recent years, cyberspace has emerged as a contested ground on which policymakers, the military and academics have sought to respectively legislate, securitize, and study. A 2009 RAND report to the United States Air Force entitled “Cyberdeterrence and Cyberwar” notes that cyberspace “joins the historic domains of land, sea, air, and space” in terms of its importance from the perspective of military strategy. In 2003, the United States government released the National Strategy to Secure Cyberspace. Finally, in April 2009 the 24th Air Force stood up as the first ever unit in the United States dedicated entirely to cyberspace operations.
Much recent popular discussion focuses on cyberspace as a source of potential political and economic vulnerabilities, which can potentially be exploited by state and non-state actors. One current example is the recent case of the release by WikiLeaks of thousands of American diplomatic cables, which were hosted on an inter-agency network. Another recent case is the discovery of the Stuxnet worm, which targets critical infrastructure and power grids and was discovered to have been used to target Iranian nuclear power plants. A 2007 cyberattack – in the form of a denial of service attack – on Estonia, which targeted Estonian state, military, banking, and media networks, demonstrated the degree to which states are vulnerable to attacks to government servers. In the wake of this particular attack, NATO launched a cyber defense policy, which was recently reinforced in the newly announced NATO Strategic Concept.
RELATED MATERIALS
The Munk School’s own Citizen Lab conducts advanced research and development at the intersection of digital media, global security, and human rights. The Citizen Lab has received considerable media attention and international acclaim for its work on detecting vulnerabilities in a wide range of governmental networks, as well as its work on the OpenNet Initiative, which conducts research on internet surveillance.
NATO has featured cyber security in its website entitled “Defending Against Cyber Attacks.” The site includes links to official NATO reports on cyber security, news updates, and information about NATO’s cyber defense organizational structures.
The September/October issue of Foreign Affairs features a piece by United States Deputy Secretary of Defense William J. Lynn III on the Pentagon’s efforts to increase security on its networks in the face of increasing cyber threats.