A dangerous new era: US must take lead in cybersecurity

Growing cyber threats demand leadership that can only come from the US. Europe and the world must move beyond qualms about NSA spying and accept a US leadership role on global cybersecurity. The US must work to rebuild trust to ensure the Internet is kept open and safe.

|
Trace Christenson/The Enquirer/AP
Michigan Gov. Rick Snyder watches a cyber training exercise at the 110th Airlift Wing at the Air National Guard Base in Battle Creek, Mich. March 25. Op-ed contributor Jarno Limnell writes: 'The world is adopting digital technologies faster than it is mitigating potential risks. But the opportunities for safeguarding against cyberthreats are much better if the Internet's infrastructure is kept safe, open, and worthy of trust.'

Russian and Ukrainian ground forces are keeping their conventional weapons holstered for now, but it's an escalating shooting war in cyberspace. Ukrainian government computers were hit with 42 separate cyberattacks during the Crimea referendum on March 16, according to media reports. The following day Russian websites were targeted by an even more muscular counterstrike.

It's new proof that the world is entering a dangerously unstable and suspicious era, all the more troubling because cyber conflicts can rage with no physical-world aspect apparent – at least until a power grid gets taken out. Yet only the United States has – accurately – ranked cyberattacks as its top national security issue for 2014, ahead of terrorism and weapons of mass destruction. In Europe, on the other hand, no nation has assigned cyberthreats Tier 1 priority.

As alarms go off in Ukraine and all over the world, the cybersecurity situation demands leadership that can only come from the US. Europe and the world must move beyond current qualms about US computer spying and accept a US leadership role on global cybersecurity. Just as critically, the US must claim that role.

Europe can sleep no longer

Why is Europe lagging behind the US in integrating cybersecurity into defense and national security policies? Why are offensive cybercapabilities and cyberdeterrence now discussed openly in Washington, but still such sensitive issues in most European countries?

Europe can sleep no longer. On the Korean Peninsula, Seoul is said to be developing offensive cyberweapons to disable North Korean nuclear facilities. South Korea's military cyber command has been operational for years, gaining experience and proficiency. President Vladimir Putin says Russian "cyber troops" carry out both military and political missions, and that their "striking force" may outweigh that of conventional weapons.

The very idea of conflict in cyberspace blurs the definition of "war," encompassing espionage, sabotage, and intellectual property theft. It gives nations new ways to pursue their political goals, and not just rogue nations; the US is said to be pondering its cyber options against Syria, though President Obama rightly worries about unintended ripple effects from a cyberattack. (Because a cyber offensive could touch off unpredictable results in our interconnected world, cyber command and control is a key, underaddressed concern.)

The future of cyberwar

Future international conflicts may be ever more vaguely defined, with no clear beginnings or ends, no declarations of victory or surrender. They may just burn on constantly beneath the surface. A participant may not even be aware of a cyber conflict in progress; software may do all the fighting.

War has traditionally been an armed contest for control of territory. Espionage has not usually been understood as an act of war, but cyberassaults can do real damage – not only pilfering information but disabling an enemy's energy, transport, financial, and communications systems and even compromising its ability to retaliate via conventional military means. Cyberweapons deployed with furious but invisible force will undoubtedly be an integral part of any major future conflict – and many more small ones.

A hard choice ahead

It is time to make a hard choice between marshaling a worldwide, organized response to cyber conflict, including widely understood protocols for defense, command and control, and aid among allies, or shrinking from the challenge and avoiding action. Picking the latter unfortunate course means risking not only inadequate responses to cyberattacks but the degeneration of international trust and fracturing of the open Internet.

Survey data shows that, thanks in part to cyberattacks on financial systems and retailers and rampant identity theft, the average citizen's trust in the Internet decreases each year. Now distrust is spreading to governments.

Angered by National Security Agency surveillance reports, Germany is said to want an "Internet of its own," built to shield local traffic from snooping by foreign intelligence. Brazil and Portugal are discussing building a private data link to bypass US-based network access points. And as for international trade, US technology companies are said to be suffering for the NSA's activities: "Suspicion of U.S. vendors is running at an all-time high," one cloud solution provider told USA Today.

Will ours be the first and last generation to know a barrier-free global Internet? Hopefully not. But its fragmentation is already starting – inspired by cyber fears and international mistrust.

Rebuild trust, save the Internet

Even though some of that mistrust is certainly due to American cyber-espionage initiatives, it is now up to the US to move the world in a different direction. The US has the most sober and realistic view of cyberthreats. It has more Internet infrastructure under its control. And US technology companies are enabling a new digital world largely dependent on an open Internet. But for it to work, people, businesses, and governments must all trust it.

Cyberwarfare is in an embryonic stage; strategic questions are manifold, and the US is best equipped to answer them. Europe and others must move past distrust over US spying and embrace America's vital leadership role in this arena.

The course the world chooses and the decisions countries make about cooperation in cyberspace will have far-reaching implications for humankind. The world is adopting digital technologies faster than it is mitigating potential risks. But the opportunities for safeguarding against cyberthreats are much better if the Internet's infrastructure is kept safe, open, and worthy of trust.

The US must show the way in cyberspace. Do that, and Europe – and the world – will follow.

Jarno Limnéll is director of cybersecurity for McAfee, a division of Intel Security. He has participated in NATO and United Nations working groups on cybersecurity and cyberwarfare. He also holds a Doctor of Military Science degree from Finland's National Defence University. Follow him on Twitter at @JarnoLim. The views expressed here are his own and do not necessarily reflect those of Intel Security.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to A dangerous new era: US must take lead in cybersecurity
Read this article in
https://www.csmonitor.com/Commentary/Opinion/2014/0409/A-dangerous-new-era-US-must-take-lead-in-cybersecurity
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe