How Technology is Changing the Dynamic 技术如何改变动态
Throughout most of the 20th century and into the 21st, there has been a level of tension between the U.S. and Russia. Following the Second World War, the Cold War created a dynamic between the two countries that breeds constant competition. This dynamic has persisted past the fall of the Soviet Union and has taken many shapes and forms in the following decades. Technology has been the main proponent of competition, beginning with the nuclear arms race of the Cold War and the race to space of the latter half of the 20th century. Today, the tension has manifested itself into the cyber sphere, with each country working to gain the upper hand over the other through the use of cyber intelligence and attacks. In the past decade, the U.S. has identified several instances of Russia interfering not only with American domestic cyber activity, but also interfering in several other countries. Russia’s cyber interference with former satellite states, now independent, democratic nations with Western alliances, such as Estonia and Lithuania, puts the international system on alert.
In April of 2007, cyber attacks were documented in Estonia that resulted in the disarming of several Estonian government, private sector, and news portal websites over three weeks. It is largely speculated that the Kremlin orchestrated the attack in light of political tension between Estonia and Russia regarding World War 2 memorial services. In 2008, the Radio Free Europe/Radio Liberty website operating within Belarus was targeted by a Distributed Denial of Service. The attack effectively disabled the website, which is one of the only free, pro-Western news sources operating in Belarus. Belarus has been led by its president, Alexander Lukashenka, since 1994, and is considered to have the strongest remaining political ties with Russia while also having one of the most repressive media environments in the world. The attack is largely suspected to have been perpetrated by Russia. These attacks set a precedent of high profile Russian intervention in the operations of free, democratic, pro-Western institutions, which creates a level of discomfort in Western countries, specifically the United States, given the tenuous relation between the two countries over the past several decades.
The U.S. also has a history of breaching the cyber securities of other nations. As early as the 1960’s and 1970’s, American submarines operated alongside the early National Security Agency and in the Sea of Okhotsk. They were able to evade Soviet detection and intercept information from an underwater communications cable, effectively stealing undeterminable amounts of classified Soviet intelligence. In 1982, an alleged cyber attack on a Russian gas pipeline was orchestrated by American operatives, and resulted in the explosion of the pipeline in an attempt to disrupt the Soviet economy. Sabotage and espionage between the two countries is not unprecedented, and likely not final, given the current political climate. In 2010, Iranian nuclear facilities were attacked by the Stuxnet worm, a computer worm that infiltrates a device, spreads, takes over, and disables the network system. Centrifuges within the Iranian facilities were breaking, rendering the facilities inoperable. It is largely speculated that the attacks were a joint operation between the United States and Israel.
美国也有破坏其他国家网络安全的历史。早在20世纪60年代和70年代，美国潜艇就在早期国家安全局（National Security Agency）附近和鄂霍次克海作业。他们能够避开苏联的探测并从水下通信电缆截获信息，有效地窃取了数量不确定的苏联机密情报。1982年，美国特工策划了一次据称对俄罗斯天然气管道的网络攻击，导致管道爆炸，企图破坏苏联经济。鉴于当前的政治气候，两国之间的破坏和间谍活动并非史无前例，也不可能是最终的。2010年，伊朗核设施遭到了Stuxnet蠕虫的攻击。Stuxnet蠕虫是一种渗透设备、传播、接管并禁用网络系统的计算机蠕虫。伊朗设施内的离心机发生故障，导致设施无法运行。据推测，这些袭击是美国和以色列之间的联合行动。
This study will look at several cases of cyber attacks, specifically curtailed around the U.S. and Russia. The two countries are no stranger to armed conflict, and have already come dangerously close to war, as evident by the Cold War. Technology has become integral to the definition of power, and the concept of a powerful country shifts as technology does. As technology changes, so does the international system, and Russia has used this to their advantage. Understanding the criteria of war set by Carl von Clausewitz, the question sought to be answered by this research is whether a new theory of war, cyber war, between the United States and Russia is possible.
Literature Review 文献综述
In order to answer the question explored in this study, it is important to define cyber war and what it entails. The Oxford Dictionary defines cyber war as being, “The use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes” (Oxford Dictionary, 2018).
Carl von Clausewitz offers three elements that define the concept of war, which can then be applied to the concept of cyber war and used to decide if it applies to the United States and Russia. First, Clausewitz writes that war is inherently violent, that both sides of the conflict work to overwhelm the other and inflict enough pain to render surrender. Second, he asserts that war is used as a means to an end, the end being the coercion of the enemy into accepting the terms of defeat. The third element is the concept of war’s political nature, that war is an extenuation of politics. It is politically motivated, and not defined by one decision; the ultimate “end” is subject to the will of the party in power and not necessarily constrained by isolated acts (Rid, 2012). The body of research into this question is divided along the lines of these elements. One such study concludes that cyber war is inevitable, although not necessarily between the U.S. and Russia. John Arquilla and David Ronfeldt surmise that technology inherently initiates cultural change, that it forces a shift in the international system. They draw upon historical precedent of technological advancements that changed the nature of war and had profound impacts on the course of history, such as the invention of the gun. Arquilla and Ronfeldt argue that the concept of modern “war” has shifted, so as to minimize violent conflict and has come to focus on the collection of information that would allow you to outmaneuver your opponent (Arquilla, 1993). They note that conflict in the modern age has manifested itself into an ideological disagreement and highly intertwined with economics, rather than territorial disputes as it has been in the past. Information has become a highly prioritized currency in inter-state conflict, and because of this, the nature of war has been changed.
卡尔·冯·克劳塞维茨（Carl von Clausewitz）提出了三个定义战争概念的要素，然后可以将这些要素应用于网络战争概念，并用来决定它是否适用于美国和俄罗斯。首先，克劳塞维茨写道，战争本质上是暴力的，冲突双方都努力压倒对方，并造成足够的痛苦以投降。第二，他声称战争是达到目的的手段，目的是迫使敌人接受失败的条件。第三个要素是战争政治性质的概念，即战争是政治的一种减轻。它是出于政治动机，不是由一项决定决定的；最终的“终结”取决于执政党的意愿，而不一定受到孤立行为的约束。对这个问题的研究主体是按照这些要素划分的。其中一项研究得出结论，网络战争是不可避免的，尽管不一定是美国和俄罗斯之间的战争。约翰·阿奎拉和大卫·朗费尔特（David Ronfeldt）推测，技术从本质上引发了文化变革，迫使国际体系发生变化。他们借鉴了改变战争性质并对历史进程产生深远影响的技术进步的历史先例，例如枪的发明。Arquilla和Ronfeldt认为，现代“战争”的概念已经转变，以尽量减少暴力冲突，并将重点放在收集信息上，使你能够战胜对手。他们指出，现代的冲突表现为意识形态分歧，与经济高度交织，而不是过去的领土争端。在国家间冲突中，信息已成为一种高度优先的货币，因此，战争的性质发生了变化。
Research into cyber war also suggests that technology changes the nature of the international system (Weigly, 1989). It allows a state access to another in ways previously not possible. Technology has redrawn boundaries between states and opens systems that had not been accessible before (Arquilla, 1993). This challenges the international system and opens it up to reconfiguration. States have begun to alter their approach to national security and priorities, with a focus on protecting their economy. To challenge a powerful country by modern standards, such as the United States or Russia, it is necessary to challenge their economy, to compromise their economic capabilities.
Alternatively, there is research surmising that cyber war is not inevitable, that it will not take place, based on the three elements set for by Clausewitz. Thomas Rid argues that no cyber attack to date has met all three elements of being violent, instrumental, and politically attributed, despite numerous isolated attacks meeting one or two of the criteria (Rid, 2012). He looks into the Estonia cyber attack in April of 2007 that threatened their national sovereignty, as well as the explosion of a Russian gas pipeline in 1982 that is suspected to be the result of an American cyber attack, and found neither to meet the definition of cyber war. He concludes that because cyber war is not geared towards the type of violence that directly threatens human life and safety, cyber war is not likely.
Regardless of whether these case studies conclude an act of cyber war or not, it is evident that the number of cyber attacks are increasing, and are likely to continue. The Pew Research Center conducted a survey in 2014 that canvased 1,642 experts on the Internet and cyber attacks and found that 61% agreed that a major attack causing widespread harm would occur by 2025. The study highlighted four key themes agreeing with the likelihood of attacks. First, that systems connected to the Internet are open targets. An overwhelming amount of society’s basic functions, essential to daily activities, are facilitated by the Internet. This attracts attention from those who wish to take advantage of this fact. Second, that security is not the primary concern when Internet applications are designed. Designers instead work to make the most economically beneficial product they can, to make the most money they can. System security does not often fall in that category. Third, that major cyber attacks have already happened, such as Stuxnet. Finally, that cyber attacks often target the private sector rather than government institutions. These institutions are more vulnerable to attacks because they are not equipped with the same level of defense as government institutions, but arguably carry equal weight importance in the daily lives of the public (Pew Research, 2014). The dissenting opinion argues three counter concepts. First, that there is already significant progress in security fixes. Designers are upgrading system security capabilities. Second, that cyber deterrence is an effective method of defense. The threat of retaliation is sufficient to deter malicious actors. Cyber deterrence is defined as the capability to do to attackers what they may intend to inflict (Libicki, 2009), and that the potential attacker is aware of it. Third, that cyber attacks are exaggerated, created by organizations that would profit from an atmosphere of fear.
无论这些案例研究是否得出网络战争行为的结论，很明显，网络攻击的数量正在增加，并可能继续。皮尤研究中心（Pew Research Center）在2014年进行了一项调查，调查了1642名互联网和网络攻击方面的专家，发现61%的人同意到2025年将发生一次造成广泛伤害的重大攻击。该研究强调了四个关键主题，同意攻击的可能性。首先，连接到互联网的系统是开放的目标。互联网为社会的大量基本功能提供了便利，这些功能对日常活动至关重要。这吸引了那些希望利用这一事实的人的注意。其次，在设计互联网应用程序时，安全不是首要考虑的问题。相反，设计师们致力于尽可能地制造最经济实惠的产品，尽可能地赚大钱。系统安全性通常不属于这一类。第三，重大网络攻击已经发生，例如Stuxnet。最后，网络攻击的目标往往是私营部门，而不是政府机构。这些机构更容易受到攻击，因为它们没有政府机构那样的防御能力，但可以说在公众的日常生活中具有同等的重要性。持不同意见的人提出了三个相反的概念。首先，在安全修复方面已经取得了重大进展。设计者正在升级系统安全功能。第二，网络威慑是一种有效的防御方法。报复威胁足以威慑恶意行为者。网络威慑被定义为对攻击者实施他们可能打算实施的攻击的能力，并且潜在的攻击者知道这一点。第三，网络攻击被夸大了，是由从恐惧气氛中获利的组织发起的。
The United States has identified the cyber sphere as a top national security sphere, and has initiated efforts to increase deterrence capabilities under the new administration, including the commission of several research and development agencies. Agencies such as the Cyberspace Solarium Commission have been tasked with finding and have published strategic approaches to cyber deterrence (Sasse, 2018).
Realism is the international relations theory that best explains the United States and Russia’s response to one another and the shifting world system. Under realism, international relations is individual states interacting with each other, in the pursuit of power. States act in accordance with human nature, which is largely selfish. The definition of power is ambiguous, and is not constrained by any one component, but has been agreed to include technological capabilities. There exists a balance of power in the international system, and states battle to gain the upper hand over the others while preventing others from doing the same to them. There is a lack of hegemony in the international system, so higher power to assume the ultimate authority in delegating the balance of power. To do so, states operate in their own self interest, with national security being a top priority. They rely on their own military resources to achieve desired ends, and a “self-help” system of sorts emerges. Jean-Jacques Rousseau wrote about realism in his work, The State of War (Roosevelt, 1987),and surmised that the world is governed by predatory rulers, and that there is an inherent anarchy in international politics. Applying the theory to the modern world, neorealism borrows models from economics and behavioral science. It makes the modification to the theory that recognizes economic resources as the basis of influence and power. A powerful country by today’s standards is a country with a powerful, secure economy.
Between the United States and Russia, there lies a deeply rooted struggle for power. Both states have built themselves up as two of the most powerful states in the international system. As prescribed by the realism theory, each state is in constant struggle to gain power over the other; this concept is directly applicable to the situation today. Constant changes in technology create constant opportunity for the balance of power to shift, and both countries work to gain power over the other.
The following cases look at instances of possible cyber attacks that the U.S. and Russia/Soviet Union were involved in. By comparing them the Clausewitz’s criteria of war, it will possible to evaluate the possibility of cyberwar given the precedent set by the United States and Russia, specifically their capabilities and the extent to which they are willing to go in the name of national security and protecting the balance of power.
1.) Estonia, 2007: 1）爱沙尼亚，2007年：
In April of 2007, street riots broke out in the capital, Tallinn, between young Russian ethnic groups and the native Estonians. The riots were in response a government decision to relocate a Soviet-era, World War Two memorial that celebrated Soviet army victories. The site had become a rallying point for extremist Russian nationalists, and the relocation was an attempt on the government’s behalf to ease tensions. Instead, the tensions only increased when the peaceful protests turned violent, with police making 1300 arrests, hundreds injured, and one death. The Estonian ambassador in Moscow was physically assaulted. Estonian government web pages, news agencies, and private sector websites were attacked over a span of three weeks, disrupting the day to day operations of the country.
Analysis: Estonia is a highly interconnected state, with high internet capabilities. It was a wide range of government and private sector services available online and the majority of the Estonian population has access to and used the Internet; much of daily life is dependent on internet functionality. The attack is suspected to have been instigated by the Kremlin and Russian nationalists in response to removal of the memorial. This particular attack is highly politically motivated but lacks any inherent violent motivation. It demonstrates Russia’s ability and willingness to interfere in an independent state’s sovereignty.
Source: “International Cyber Incidents: Legal Considerations” by Eneken Tikk, Kadri Kaska, and Liis Vihul, 2010.
2.) Radio Free Europe/Radio Liberty, 2008:自由欧洲电台/自由电台，2008年：
In April of 2008, on the anniversary of the Chernobyl disaster, the Radio Free Europe/Radio Liberty website operating within Belarus was targeted by a Distributed Denial of Service attack. The attack rendered the website inoperable. The attack lasted for two days, during which other RFL/RL websites were affected. Belarus is notoriously maintains one the closest relationships with Russia following the fall of the Soviet Union, having been lead by the same president, Alexander Lukashenka, since 1994. Only 29% of the population uses the Internet, and access is controlled by a state-owned company that controls and restricts some critical websites, according to Freedom House.
Analysis: On the anniversary of the Chernobyl disaster, native Belarusians were protesting the government for lack of compensation following the disaster. It is speculated that the government attacked the RFL/RL to limit press coverage of the protesting, facilitated by Russian technology and Lukashenka’s close relationship with the Kremlin. The RFL/RL is one of the few sources pro-Western, uncensored, international news in Belarus. The Belarusian/Russian disruption of information flow again exemplifies Russia’s willingness to overpower a sovereign state. The fact that the website was pro-Western is not to be ignored by western states, specifically the United States. Analyzed by Clausewitz’s three criteria, the attack was not intended to be directly harmful to human safety, but was politically motivated, as it was an effort to assert one system of culture and government over another by silencing it.
Source: “International Cyber Incidents: Legal Considerations” by Eneken Tikk, Kadri Kaska, and Liis Vihul, 2010.
3.) Operation Ivy Bells, 1960s/70s:常春藤钟的运作，1960/70年代：
In the 1960s and 70s, the American Navy and the National Security Agency created a covert operation that submarines would locate and tap into underwater Russian communication cables in the Sea of Okhotsk. The submarines were disguised as deep-water rescue and research vessels, and were able to avoid Russian detection. They used highly advanced technological equipment, some of which is still classified to this day, and the divers involved were some of the first to use the new underwater water breathing devices that are used today. The mission was reportedly highly successful, as it continued until the 1980s.
在20世纪60年代和70年代，美国海军和国家安全局（National Security Agency）发起了一项秘密行动，潜艇将在鄂霍次克海定位并接入俄罗斯的水下通信电缆。这些潜艇伪装成深水救援和研究船，能够避开俄罗斯的探测。他们使用了高度先进的技术设备，其中一些至今仍被列为机密，参与其中的潜水员是第一批使用今天使用的新型水下呼吸设备的人。据报道，该特派团非常成功，一直持续到1980年代。
Analysis: With this case, the United States has demonstrated a precedent and ability for cyber espionage and a desire for information to gain an advantage over Russia. Hacking Russian underwater communication cable and stealing highly classified state secrets sets the United States squarely in conflict with Russia and raises tensions between the two. When compared to Clausewitz’s three criteria, the mission was politically motivated, as it was an effort to steal information, but was not directly violent or cause any type of destruction.
Source: Submarine Spying- Operation Ivy Bells in the Cold War by Matthew Gaskill, 2018.
4.) Stuxnet, 2010.震网病毒，2010年
In 2010, several Iranian nuclear facilities were attacked by a malicious software computer worm, known as Stuxnet, that had the ability to repeat itself and spread to any device operating on the same network as the initially infected device. The worm gave attackers the capability to override the system, and it was used to destroy centrifuges inside the nuclear facilities, forcing the facilities to shut down. It is largely speculated that the worm was developed by a joint effort between the U.S. and Israel, in an effort to deter Iranian nuclear capabilities.
Analysis: By developing a malicious computer worm, capable of inflicting substantial systemic damage, the United States has demonstrated a willingness to initiate potentially violent and dangerous actions that operate in the self interest of the state. In this particular situation, the U.S. felt threatened by Iranian nuclear capabilities and attempted to protected itself by disabling Iran’s nuclear facilities. Attention on the United States was diffused by the cooperation with Israel, who had also had a state interest in disabling Iran’s nuclear operations. When compared against Clausewitz’s criteria, it is a politically motivated attack, but it was not directly violent and did not result in the physical harm of human life.
Source: “Cyber Attacks Likely to Increase” by the Pew Research Center, 2014.
Applying realism to the Russian-American dynamic currently playing itself out through international relations, there is clear and definite struggle in the balance of power. They have developed two distinctly different systems and cultures and have perpetuated them internationally so that each has come in direct competition with the other for global dominance. Eastern and Western cultures have become so conflicted that each is a threat to the sovereignty of the other. The changing nature of technology changes the nature of this conflict and has continued to do since the Cold War. As exemplified by the case studies and recent international events, Russia has demonstrated the ability to integrate cyber capabilities and attacks in military offenses. The United States recognizes this as a threat to its allies along the Russian border, and subsequently a threat to Western culture. Conversely, the United States has demonstrated a willingness to act against states and institutions it deems threating to national security. The American government has prioritized the cyber theater as a top security priority, and the current presidential system has authorized new programs and operations that loosen restrictions on cyber retaliatory attacks. National Security Memorandum 13 enables agents to engage in retaliatory actions quickly and without approval from governing bodies, as well as allowing them to take preemptory steps towards potential attackers before any attack has even happened (Fryer-Briggs, 2018).
Understanding that the number of cyber attacks are increasing, so are the intensity of the attacks. Just this past year, thirteen Russian nationals and three Russian companies were indicted by the United States on charges of interfering with the 2016 presidential election. The Russians stand charged with the hacking of the Democratic National Committee and the Clinton presidential campaign (Mazzetti, 2018).
As the intensity of the attacks increase, so does the likelihood of cyber war taking place between the United States and Russia. But following the criteria set forth by Clausewitz, there has been no cyber attack that meets those standards. If cyber war were to follow this definition of war, it is possible that it will never occur. It is also possible, however, that the nature of cyber attacks and changing cultural values combine to create a new definition of war, one that can define cyber attacks as acts of war. The goal of these attacks is not directly focused on violence, but rather on culture and state infrastructure. More and more, cyber attacks are becoming focused on and targeting the disruption of daily civilian life, hacking into the private sector businesses and corporation and disrupting state economies. If the goal of war remains the dominance of one state over the other, absent the violent criteria of past concepts of war, does cyber war not then meet the other criteria? The United States and Russia see each other as threats, and have responded as such, and along the lines of the realist theory: by building up military capabilities in the form of cyber attack and deterrence capabilities. As they continue to do so, the reality of cyber war becomes increasingly evident.