Making Sense of Cyber Capabilities for Small States (original) (raw)

Cyber Capabilities as Favourable Instruments in the Pacific Century

As states seek to strengthen their national security and exercise political influence, cyber capabilities are rapidly becoming an instrument of state power. States have started integrating computer network operations in their military forces to defend against cyber intrusions and to align with capabilities of major allies. The increase in cyber skirmishes is more pronounced in Asia, where the highest number of interstate cyber incidents has been observed in the past fifteen years. Despite this predicament, there have been very limited interstate military conflicts in the region, which suggests that the use of cyber capabilities encourages less violence. In this context, this paper aims to explore the prospect of cyber capabilities being a preferred foreign policy instrument by states in the region. It contends that the heightened geopolitical tension in Asia makes cyber capabilities more strategic for interstate security interactions for three reasons. First, cyber capabilities are not violent: computers cannot cause direct physical damage. Second, cyber capabilities are stealthy: complex cyber intrusions are difficult to detect. Third, cyber capabilities are convenient: computers can be utilised to enable or disable military operations.

Small States and Cyber Security: The Case of New Zealand

While there is a burgeoning literature on cyber security, little scholarly work has been completed on how cyber security issues are affecting small states. This article attempts to contribute to the debate by exploring whether small states are facing unique or different challenges in enhancing their cyber security. Drawing on the extensive small states literature, the article begins by outlining three conceptual models of small state security, based on alliances, institutional cooperation and norms. These models are then applied to the small state cyber security context. It is argued that institutional cooperation on cyber security issues and the emergence of cyber security norms are being hindered by strategic rivalries between the United States, Russia and China and that military alliances are struggling to adapt to collective defence against cyber threats. The article then explores New Zealand's cyber security strategy and outlines the various domestic and international challenges that exist for New Zealand policymakers. The article finds: that a globalised cyber security environment is eroding New Zealand's geographical isolation; that the New Zealand government is struggling to formulate a tenable balance between security and privacy in responding to cyber security issues.

Deciphering Cyberpower: Strategic Purpose in Peace and War

Strategic Studies Quarterly, 2011

What is the strategic purpose of cyberpower? All too many works on cyberspace and cyberpower are focused on the technical, tactical, and operational aspects of operating in the cyber domain. These are undoubtedly important topics, but very few address the strategic purpose of cyberpower for the ends of policy. Understanding its strategic purpose is important if policy makers, senior commanders, and strategists are to make informed judgments about its use. Cyberpower does indeed have strategic purpose relevant to achieving policy objectives. This strategic purpose revolves around the ability in peace and war to manipulate perceptions of the strategic environment to one's advantage while at the same time degrading the ability of an adversary to comprehend that same environment. While it is proper to pay attention to the technological, tactical, and operational implications, challenges, and opportunities of cyberspace, this article concerns itself with its use-"the ability to use cyberspace to create advantages and influence events in all the operational environments and across the instruments of power"-for achieving the policy objectives of the nation. 1 Transforming the effects of cyberpower into policy objectives is the art and science of strategy, defined as "managing context for continuing advantage according to policy" (emphasis in original). 2 The definition provides the overall strategic impetus for the use of cyberpower. To fully understand the power of cyber, one must acknowledge the character of cyber-power and cyberspace. The linkage between strategic context, strategy, and

Medium-sized states in international cyber security policies

Some medium-sized states play varying, yet important roles in international cyber-security policies. This Policy Brief offers a concise overview of five medium-sized states with such a prominent position: Australia, Estonia, Israel, the Netherlands and South Korea. How did these states attain these positions, and what are the benefits and challenges? The analysis shows that these positions are not easy to acquire or to maintain. Whilst the will to continuously invest and to develop an integrated (whole-of-government) approach seems to be an obvious key requirement for success, cyber security as a policy area is very broad. Remaining in a lead position may require looking for ‘a niche within the niche’.

Building blocks for national cyberpower

2016

With the advancement of technology and proliferation of mobile and computing devices through all levels of society, cyber power is becoming an increasingly prominent driver in the attainment of national security for any state. This paper investigates the national cyberpower environment by analyzing the elements of cyberspace as part of national security. To understand cyberpower as a contributor to national security, one must identify and analyze the elements of national cyberpower and how they interrelate to national power. In his discussion on national power, David Jablonsky (Jablonsky, 1997) distinguishes between natural and social determinants of power. In addition, Jablonsky refers to the Ray Cline’s formula (Cline, 1993) to determine a rough estimate of “perceived” national power by focussing primarily on a state’s capacity to wage war (Jablonsky, 1997). The problem posed is how cyberpower can be best positioned within Jablonsky’s proposed model for national power and the form...

Awaken The Cyber Dragon: China's Cyber Strategy and Its Impact on ASEAN

The increase in frequency of cyber attacks launched against the Association of South East Asian Nations (ASEAN) regional bloc that have been attributed to the People’s Republic of China (PRC) sets a precedent for the future of low impact cyber conflicts. While the calls for mutual defense of cyberspace and regional cooperation have been highlighted in the ASEAN ICT Masterplan 2015, conflicting interests between members and the nature of the ASEAN principles suggests that any eventual cyber defense policies can only be framed within the context of individual state interests. This lack of cohesion paves the way for low impact cyber attacks that, while not targeting critical infrastructure, can enable the aggressor to influence the different instruments of national power within the region and serves as a viable tool to project power and influence with minimal risk of escalation as opposed to traditional approaches. While this moves against the current predictions that suggests targeted and debilitating attacks aimed at crippling critical infrastructure, the lack of instances of such lends weight to the assumption that these are unlikely for the time being. On the other hand, the recent events that have taken place in the ASEAN bloc has shown that the PRC has, and continues to, utilized low impact cyber attacks. By taking advantage of the problem of attribution coupled with the lack of knowledge regarding its true cyber capabilities and the threat of kinetic retaliation, the PRC has found itself able to operate freely. This study aims to discuss how the PRC has adopted this strategy in response to recent disputes with members within ASEAN, in particular, the Republic of the Philippines. The paper highlights the low impact approach that the PRC has chosen as a means of exerting its influence in ongoing disputes with the Republic of the Philippines and to a greater extent, the rest of the region. The study discusses the underlying factors that allow the PRC to operate freely by taking advantage of the fundamental weaknesses of ASEAN as a platform for establishing a cyber defense mechanisms within the region and goes on to caution as to the long term repercussions of such.

Explaining Great Power Competition in Cyberspace

Comparative Strategy, 2016

This article explains why powerful states develop capabilities for warfare in cyberspace. It argues that despite the apparent limited strategic utility of cyberspace, powerful states develop cyber capabilities to compete for military dominance in the international system. This argument is best explored using a neorealist framework because it provides the most compelling explanation for the competitive behavior of states in cyberspace. Three key implications can be derived from the study: the proliferation of capabilities for warfare in cyberspace is inevitable; powerful states will still dominate cyberspace; and cyberattacks may escalate to kinetic attacks due to the uncertainties regarding existing cyber capabilities.

Victory in Cyberspace

IAFOR Journal of Politics, Economics & Law, 2017

A review of state-associated incidents in cyberspace over the past decade reveals that over two thirds of these involved actors within the Asia-Pacific, often occurring in the context of politico-economic disputes. These activities, ranging from attempts at espionage to coercion, in all appearance appears to confirm the domain's increasing strategic value. But upon closer inspection, only half of these have resulted in meeting their political objectives. Moreover, these have involved notable regional powers employing relatively unsophisticated tools and tactics in cyberspace. This challenges the prevailing notion that cyberspace provides an asymmetric advantage for middling and/or weak powers due to its low cost of entry and the increasing technological dependence of targets. With growing tensions in the Asia-Pacific, the need to better understand the strategic utilization of this domain is paramount. In so doing, this paper argues that coercive success in cyberspace is not determined solely by an aggressor's technological prowess but depends crucially on appropriate force employment and an understanding of the domain's unique geography. Through the analysis of the Stuxnet operation, the paper demonstrates that careful consideration of these factors may better account for the success or failure of coercion in the domain.

Cyber War and Strategic Culture: The Russian Integration of Cyber Power into Grand Strategy

Today, nation-states are integrating cyber tactics into their political and military strategies. Professor Wirtz posits that when it comes to the use of cyber, ‘national styles’ might be emerging as states attempt to use cyber capabilities to achieve strategic objectives. He suggests that it is wrong to treat cyber attacks as a silver bullet, and that it is better to consider how a sort of combined arms approach will prevail. On a positive note, the need for legal and bureaucratic integration of policies and programmes should produce national idiosyncrasies on the cyber battlefield that can help with the vexing challenge of attribution.