The pervasive nature of information and technological advancement is changing warfare and the political scene. Data has become a powerful component; those with quality information wield strategic power through improved decision-making and mission effectiveness. Strategy is a subsequential idea. It represents a pursuit of objectives set against scarce resources at the disposal. According to Clausewitz, strategy bridges action and purpose.[1]. Throughout the history of the world, advancements in technology have transformed how nations address provocations and engage in wars. Technology has changed the means and strategy of War. Initially, people used to rely on calvaries, spears and other old weapons to fight in wars. However, things changed with the advent of aviation technology and automatic guns. A new virtual space has emerged with the potential to facilitate warfare. In about forty years, the internet has spread throughout all corners of the world.[2]. More than five billion people presently use the internet every day. Some even use it to work as they sit comfortably in their beds. In short, the world has entered a new era of cyberspace.
What is Cyberspace?
Joseph Nye defines cyberspace as an artificial and volatile domain which drives a consistent transformation where liberal actors strive to cope. Cyber comprises digital fragments transmissions over an electromagnetic spectrum, which, although ubiquitous, requires infrastructure like computers, antennas, routers, satellites and other gadgets[3]. Compared to other forms of technology, cyber dramatically minimizes the cost of accessibility and communications, limiting the exchange of information and supporting a growing propagation of actors. People live as kinetic and virtual personas, connected in a living macrostructure with information, collective spaces and private and public networks, where enduring and disruptive social procedures come to the realization. Society has come to rely heavily on cyber. During the Covid-19 pandemic, nearly all business transactions happened in cyberspace. Unfortunately, this increased reliance on cyberspace has introduced a new platform to state and non-state actors to play out their politics and wage wars.[4].
Traditionally, wars and conflicts saw confronting nations or their actors strategizing to defeat their opponents in four domains: space, land, sea and air. During the world wars, nations fought on land, air and sea [5]. When the cold War began, the U.S. and Russia started the space race. Each country wanted to be the first to colonize alien worlds. This race continues today. Currently, a new domain of War has emerged; cyberspace. Computers and other electronic gadgets have become weapons state actors are using to attack their nemeses[6]. In 2021, the White House acknowledged the need to protect critical infrastructure supporting American societies from foreign threats. Such infrastructures included cyberspace. Power, pipelines and other infrastructures are now digital and susceptible to destruction through cyberattacks. According to the White House, nations like Russia are targeting the U.S.’s ability to offer services to Americans[7]. National security experts from the national security agencies agree with the White House assessment [8]. They claim that nations will no longer fight wars on land, sea and air; the subsequent wars will be in cyberspace.
Undoubtedly, although cyberspace is an artificial construction, it has given novel meaning to warfare as people can attack nearly everyone from any place on earth and at a time of their liking[9]. Due to the virtual nature of the cyber world, the landscape of threats has increased remarkably, where security issues engender indistinguishable and faceless adversaries. The rise in digital networks has necessitated the emergence of non-state political actors. This development led to a question concerning present and past strategic thought competence. Some experts argue that cyberspace is a novel concept and should not be too troubling.
Some strategists believe that cyber capabilities are tools and not means of warfare. They think cyberspace is just another class of weapons and is not different from the operational domains that came before it in terms of strategy and tactical application. Others claim that cyberspace will never be a powerful tool of War. According to these strategists, the ‘war’ cyber war is just metaphoric and has descriptive value. Cyberattacks differ from traditional warfare since they do not satisfy Clausewitzian’s definition of War. According to Clauswitizian, War means the political, instrumental and violent use of power or force[10]. The cyber-attacks the U.S., Saudi Arabia and Estonia have witnessed in recent years do not qualify as acts of War since a mere denial of service act is non-violent. Despite their rejection of the cyber capabilities in War, they admit that it can turn the defence and offence balance by making attack cost-effective and easier to execute while making defence harder and resource-intensive [11]. Although these experts do not think there will be a cyber strategy in the future, their new observation does portray a possibility of a novel approach to cyberspace.
The Future of Conflicts
Sometimes one can succeed in a war by subduing a nemesis without even fighting. Such pursuits of victory without soldiers can happen quickly in cyberspace. There are uncanny and enormous cyber capabilities that the world is yet to experience [12]. Currently, cyber-attacks are meant to damage infrastructure or other properties and not to would or kill people. However, the destruction of critical programs that control the operations of, say, nuclear power plants or power grids can have secondary impacts that result in the death of civilians. Still, in most cases, that is usually not the goal. Even so, cyber-attacks are still evolving, and may one-day state or non-state actors can initiate attacks to kill people. Indeed, attacks on the electric train control system can cause a train to derail, killing people. Experts cannot discount such capabilities. Given that technology is advancing, there may be a time such attacks can target military facilities or other resources with the potential to cause harm to millions of people[13].
Most of the cyberattacks people have seen today do not cause direct harm to people. Their perpetrators ensure that the target physical infrastructures are worth billions of dollars, ultimately negatively impacting human lives. The attacks on the oil company of Saudi Arabia, Saudi Aramco and those targeting nuclear facilities in Ukraine are just a few examples of how adversaries exploit the fragility of cyberspace across the world. In 2022, the mainstream media estimate that there have been more than 2,000 cyberattacks on government infrastructure in Ukraine since the Russian invasion began[14]. The attacks have led to the destruction of critical resources that were helping Ukrainians survive during the War. Attacks on private companies with links to the governments have also resulted in data breaches. For instance, the Solar Winds attacks resulted in a data breach that affected more than 30,000 companies and government agencies in the United States. The attackers used SUNBURST software to compromise the targets’ I.T. systems[15]. While the impact of the data breach is still unclear, authorities assume that the attackers accessed a massive amount of data which they can use to wage War on Americans. There were reports that those behind the attack were state actors from Moscow. What Russia intends to do with that data is still a mystery. It could use to plan a series of attacks on the people or more government infrastructures. Despite the destruction of properties, cybercrimes undoubtedly affect the lives of thousands, if not millions, of people.
Russia, China, Iran, and the U.S are the major players with the cyber offensive capacity to stifle their opponents. While the U.S. has used the Stuxnet program to derail the Iranian nuclear program, there are reports of China using cyber espionage strategies and hacking data from companies working with the U.S. military. Recently, there have been reports that state actors from Moscow use cyber-attacks to influence democracies. During the U.S. electoral campaign of 2016, Russia strategically used cyber to interfere with the 2016 election by manipulating Americans to vote for Donald Trump[16]. They hacked the Democratic National Convention servers leading to public exposure of confidential information. Simultaneously, they began a disinformation campaign by disseminating false information about Hilary Clinton on Twitter, Facebook and other media platforms. This campaign microtargeted the undecided voters. Even though the cyber activities of Russia and its influence on the American democratic system elude metrics, many see it as an invasion of the U.S. political system and psychological warfare of a grand scale similar to military force deployment. The effects of these cyber activities will probably endure for a long[17]. At only a fraction of what it would cost to wage traditional warfare and evade accountability, the Russian attack helped them win a war by leveraging anonymity and plausible deniability.
The most significant strategic impact of the attack, which continues today, was the agitation that began within the nation, showing that cyber power is indeed a strategic lever. The United States could not act against Russia because there was no solid proof that it was responsible. However, by not responding, the United States appeared weak to the global community. Choosing the United States as its target was a strategic move. Democracies reflect the will of those navigating them. The attack on the U.S. Capitol in 2021 shows how Russia was able to erode the fabric of U.S. democracy. This attack showed how the U.S. democracy had broken down[18]. The power of cyber is immeasurable. Another exciting aspect of cyber is that even small nations can take vast and powerful countries such as the United States. Iran has launched a series of DOS (denial of service) attacks on the United States Wall Street as retaliation for the Stuxnet program[19]. Also, North Korea has been targeting South Korea while threatening to use nuclear weapons.
It is clear that cyberspace has subverted the political boundaries and tested the fabric of the western system. Cyberspace has no geographical borders, which has allowed several non-state actors to target the political system. Groups such as animal rights and environmental activists use cyberattacks to advance their agendas. Recently, non-state actors from Russia, Israel, United States, China and other parts of the world have risen. Their modus operandi is not always clear, making it difficult to guard against or even suspect. Also, it is difficult to know their affiliation since they accept money to carry out attackers. Russia has used non-state actors to push its political agenda. The diverse motives of non-state actors affect cyber strategy.
Solutions
The world is experiencing a cybersecurity problem reforming strategies states adopt as more countries improve their cyber capabilities. The Estonia cyber-attacks had a ripple effect across the globe. The government of Estonia rapidly improved its cyber capabilities. It established a centre for cyber defence that allied nations still use today. The U.S. also created its cyber command that functions worldwide to protect against capable adversaries. China also established a similar base to deter cyber-attacks. Currently, the U.S. conduct an annual assessment of its cyber infrastructure to determine which are vulnerable to attacks from malicious actors.
Notwithstanding multicoloured state efforts, particular challenges debilitate any cyber strategy. For instance, the capability to avoid attacks from adversaries becomes difficult because the enemy’s identity, motives, and abilities are uncertain in cyberspace [20]. Strategists have advanced different deterrence definitions in their books and research papers. According to these numerous definitions, deterrence involves persuading another party not to engage in something they may otherwise be willing to do. Deterrence is about safeguarding one’s interests through explicit threats and implied likelihood of actions that the opponent would consider unpalatable. For instance, the United States has missile silos across different states. These silos still deter the threat of a nuclear attack years after the cold War. NATO is considering increasing theatre-range missiles in Lithuania and Estonia as a deterrence mechanism[21]. In essence, deterrence is about shifting the cost-benefit analysis of an opponent to make any actions they could contemplate against one’s interests not worth the trouble. Deterrence is a coercive rather than controlling strategy.
Freedman argues that deterrence is an actual or potential use of force or power to influence the actions of a voluntary party. Coercive strategies involve the purposive application of overt threats of power to influence the strategic choices of the enemy[22]. Coercive techniques are of two types: Compellent or deterrent, but they all persuade one another not to act in a certain way for fear of the repercussions in case they do. The United States and Russia have the most nuclear weapons in the world[23]. They keep them as deterrent tools. No nation can risk going to War with them for fear of the consequences of a nuclear war. The U.S. cannot attack Russia with its weapons, and Russia cannot attack the U.S.
In the case of cyberspace, limited situational awareness worsens the use of deterrence as a strategy. Furthermore, legislators wonder how conventional nuclear strategy ideas such as pre-emptive strikes or MAD (mutually assured destruction) could benefit the realities of today’s world. Another crucial question strategists are struggling with is how the government can respond to concerns in cyberspace, particularly when the private sector dominates this realm. For instance, companies such as Google, Facebook, network providers, and others control cyberspace in the United States. These private companies control more than eight per cent of the cyberinfrastructure. Although the federal government has relations with these companies, it does not monitor their cyber resources directly. Also, there are different types of cyber threats, including sabotage and service disruption. Still, there is no clear definition or status, and there are no practical global government approaches to designing state strategy.
Nye suggests the use of deterrence through denial to solve this dilemma. Deterring attacks by invigorating one’s defensive mechanisms is the best way to avoid a cyber-attack. It makes developing a cyber-attack strategy by the enemy more costly. According to Nye, building strong cyber defences ensures that attackers will need to use a lot of time and resources to attack[24]. Making the cost higher than the benefits can likely deter an attack. Every year, the White House launches a new cyber strategy to improve the nation’s resilience to cyberattacks. In the current dynamic world, countries must solidify bilateral relationships to help interpret the motives of possible hostile actors and advance one’s security. The U.S. and its NATO allies have control centres which monitor cyber threats regularly. They have introduced new firewalls to protect their infrastructure [25]. Also, the work liberal democracies are doing to form alliances and concentrate on cyber abilities demonstrates their dedication towards a united front against Russia and its allies. The private sector is also working to fortify its cyber infrastructure. After the Solar Winds attack, different organizations in the U.S. implemented new cyber risk management protocols and frameworks to ensure such breaches do not happen to them. Government agencies also reviewed risk management frameworks to protect their data from state and non-state actors.
Conclusion
In today’s world, technology is advancing at a fast pace. Cyber companies are launching new technological capabilities every month, if not weeks. Innovation and creativity in cyberspace are more significant than in the four other domains of War. However, strategy has always endured the nature of technological changes. There has been a crucial unity in strategic experiences in every historical period because of little changes in warfare and strategy’s function. Even so, future conflicts will not resemble those the world saw previously or is seeing now. The world is at a time when it does not know where or where cyberattacks begin or end or whether others have declared cyberwars. Cyber-attacks start way before the target notices. All the recent attacks began this way. Attackers compromise a system and wait for the opportune moment to cause the most damage. Virtual wars are not easy to detect. The goals of all strategies are to predict significant changes in the war environment, change as needed, and prepare well to get decisive competitive advantages. Therefore, the cybersphere needs to reexamine the longstanding beliefs and definitions of violence and War. In the twenty-first century, the future of strategy will be to understand War and conflicts, keeping in mind the changes in technology, and then using years of strategic experience and research.
Bibliography
Brantly, Aaron F. “Risk and uncertainty can be analyzed in cyberspace.” Journal of Cybersecurity 7, no. 1 (2021): tyab001.
Douzet, Frédérick, and Aude Gery. “Cyberspace is used, first and foremost, to wage wars: proliferation, security and stability in cyberspace.” Journal of Cyber Policy 6, no. 1 (2021): 96-113. Accessed at https://www.tandfonline.com/doi/epdf/10.1080/23738871.2021.1937253?needAccess=true&role=button
Freedman, Lawrence. “Introduction—The Evolution of Deterrence Strategy and Research.” NL ARMS Netherlands Annual Review of Military Studies 2020: Deterrence in the 21st Century—Insights from Theory and Practice (2021): 1-10.
Hodgins, Julia. “Cyberspace’s strategic power.” Kings College London (2020): 1-7.
Kornberger, Martin, and Eero Vaara. “Strategy as engagement: What organization strategy can learn from military strategy.” Long Range Planning 55, no. 4 (2022): 102125.
Kydd, Andrew H. “Decline, radicalization and the attack on the U.S. Capitol.” Violence: An International Journal 2, no. 1 (2021): 3-23.
Reuters. “Ukraine blames Russia for most of over 2,000 cyberattacks in 2022”. Reuters.com, (2022).
Rolls, Major Matt. “JCSP 46 Master of Defence Studies.” (2020).
Simón, Luis, and Alexander Lanoszka. “The Post-Inf European Missile Balance: Thinking About NATO’s Deterrence Strategy (Summer 2020).” Texas National Security Review (2020).
White House. “The national security strategy.” (2022): 1-48
Wolff, Evan D., K. M. Growley, and M. G. Gruden. “Navigating the SolarWinds supply chain attack.” The Procurement Lawyer 56, no. 2 (2021).
[1] Martin Kornberger and Vaara, Eero, Strategy as engagement: What organization strategy can learn from military strategy.” Long Range Planning 55, (2022): 4
[2] Frederick Douzet and Aude Gery. “Cyberspace is used, first and foremost, to wage wars: proliferation, security and stability in cyberspace.” Journal of Cyber Policy 6, no. 1 (2021): 96
[3] Julia Hodgins, “Cyberspace’s strategic power.” Kings College London (2020): 2
[4] Ibid.
[5] Frederick Douzet and Aude Gery. “Cyberspace is used, first and foremost, to wage wars” (2021): 96
[6] Ibid.
[7] White House. “The national security strategy.” (2022): 34
[8] Ibid
[9] Julia Hodgins, “Cyberspace’s strategic power.” (2020): 4
[10] Major Matt Rolls, “JCSP 46 Master of Defence Studies.” (2020): 28
[11] Aaron Brantly, “Risk and uncertainty can be analyzed in cyberspace.” Journal of Cybersecurity 7, no. 1 (2021): 4
[12] Frederick Douzet and Aude Gery. “Cyberspace is used, first and foremost, to wage wars” (2021): 96
[13] Ibid.
[14] Reuters. “Ukraine blames Russia for most of over 2,000 cyberattacks in 2022”. Reuters.com, (2022).
[15] Evan et al., “Navigating the solarwinds supply chain attack.” The Procurement Lawyer 56, no. 2 (2021): 1
[16] Julia Hodgins, “Cyberspace’s strategic power.” Kings College London (2020): 5
[17] Ibid, 5.
[18] Andrew Kydd, “Decline, radicalization and the attack on the US Capitol,” Violence: An International Journal 2, no. 1 (2021), 3.
[19] Ibid.
[20] Aaron Brantly, “Risk and uncertainty can be analyzed in cyberspace.” (2021): 4
[21] Luis Simon and Alexander Lanoszka,”The Post-Inf European Missile Balance: Thinking About NATO’s Deterrence Strategy (Summer 2020),” Texas National Security Review (2020): 14
[22] Lawrence, Freedman, “Introduction—The Evolution of Deterrence Strategy and Research,” Deterrence in the 21st Century—Insights from Theory and Practice, (2021): 4.
[23] Ibid, 6.
[24] Julia Hodgins, “Cyberspace’s strategic power.” (2020): 5
[25] Luis Simon and Alexander Lanoszka,”The Post-Inf European Missile Balance: Thinking About NATO’s Deterrence Strategy (Summer 2020): 14
write