“This is my own work, has been done solely by me and is not used for any other purposes other than to show my expertise in the field and inform enthusiasts of the subject. Any other usage is strictly prohibited.” -Omar Chaudhry
Cybersecurity is without a doubt one of the most controversial issues around the world following the advancement in information and communication technology. Cyberspace, in which the concept of data is sent from one computer to another, has grown from a niche subculture with a specialized purpose to a constantly growing, compulsory need. The number of people who are connected to the internet has resulted in exponential growth over the past couple of decades at both the regional and global level following the availability and ease of access of the internet. This increase in internet access has led to an increase in the rate of cybercrime (e.g. economic espionage, planning of military operations, etc.) that has left detrimental impacts on the social, political, and economic lives of people around the world, leading to a risk of cyberspace to be militarized by organized criminal organizations and rogue nations due to the convenience of launching attacks on their target populations through the medium. Security experts and various watchdog organizations have called upon the relevant authorities and countries to establish strategies of enhancing cyberspace security following these growing threats.
The growing trend of prioritizing a focus on cyber within both the private and public sector has certainly had positive impacts on the wellbeing of the United States as well as fellow nations. This goes beyond the convenience of communication among everyday civilians, such as the cursory purpose of social media. On the flip side, the growth of cyberspace has contributed negatively to the lives of individuals. Key among the major concerns on the growth of cyberspace is the possibility that criminal and rogue nations may take advantage of the convenience of the internet to perpetrate terror among their targets (Brandes, 2013). The possibility of the militarization of cyberspace is shown by the increasing concerns from relevant peace organizations and worldwide security stakeholders. These bodies have over the past few years been asserting the need for policies that regulate the use of cyberspace. Finnemore (2019) notes that the success of international norms for the use of cyberspace is largely dependent on the advocates’ clear understanding and articulation of how the proposed guidelines can be applied in the global context. By stating this, the author implies that there is no substantial progress in an attempt to control how people use cyberspace at the international level.
While focusing on the proposal for the creation of norms that control the use of cyberspace in a bid to protect users from associated risks, the author mentions that the promoters of this concept do not provide a concrete layout of how the proposed norms apply to countries and military organizations on a global level. However, her highlight of the efforts made by various promoters proves that the world leaders and concerned stakeholders are aware of the threat in the growing use of cyberspace to conduct crimes, which can be adopted by countries to carry out military operations. The concerns raised by the advocates can also be attributed to the inadequacy of security measures against a properly coordinated cyberattack. There is no doubt that most countries around the world are not properly equipped to defend themselves against a potential attack by other counties with advanced technologies. As such, any event of an attack can have devastating impacts on the social and economic lives of the citizens.
The possibility of the militarization of cyberspace is also indicated by the widespread economic espionage of businesses at the international level. The internet has been used by criminals to steal data from one company to another for economic gain. For instance, Chernenko, Demidov, and Lukyanov (2018) note that the global digital economy is at risk of cyberattacks by criminals and rogue companies due to the lack of international laws and guidelines that protect organizations from such adversaries. The authors also note that there has been a significant increase in cooperation among organizations and countries at the international level to improve cybersecurity and establish operational norms.
The promotions of such cooperation at the international level show that the relevant stakeholders have identified potential threats that access to the internet poses to the security of businesses. The authors further raise a concern that there is not a single international body that is working towards the establishment and improvement of strategies that aim at fighting cyber crimes. They also reiterate the comment by Fennemore (2019) that the concerned leaders and world-peace stakeholders have not established any proper mechanism for coming up with substantial norms for controlling countries' operations in cyberspace. This way, countries presently operating with impunity and carrying out all manner of legal activities as they are not bound by any legal restrictions.
Certainly, the concern raised by such authors concerning the potential economic threats on the global digital market shows that cyberspace is also at risk of being militarized by the nations. Countries can use the same mechanism that criminals use to target businesses digitally to launch military attacks on various institutions of an enemy country. Moreover, given that most services ranging from healthcare, water supply, aviation control, energy production to supply of electric power among other services are run through the internet, there is a lingering threat from adversary countries which may hack into the servers and cause catastrophic damages through the systems. Overall, countries' essential services that are run digitally are equally at risk of being attacked via cyberspace as the economic institutions and businesses.
Research studies indicate that various countries are relying on cyberspace as a tool for modern warfare by collecting data on their enemies’ operations and coordinating attacks. For instance, Anderson and Sadjadpour (2018) note that the Iranian government has been using cyberspace to carry out its military and security operations. Based on their report, the country’s security apparatus have been using proxies to launch coordinated attacks on their selected targets. Certainly, the country’s reliance on the cyber threat results from the susceptibility of their target population’s cyberspace.
Additionally, the decision to turn to cyberspace to perpetuate its coordinated attacks on enemies can be attributed to the fact that the country has been under restrictive trade and weaponry embargo by powerful world organizations and countries such as North Atlantic Trade Organization and The United States. Therefore, the country has been lagging as far as the development and advancement of defensive and offensive weapons are concerned. Thus, they have been forced to adapt to the most convenient and sophisticated military systems- most of which are presently dependent on internet connection- to coordinate their attacks and defend their borders. Given this knowledge, it is evident that countries can use organized criminal organizations and individual terrorists to run military operations via the internet due to the convenience that characterizes the operations.
A review of past events also proves that cyberspace can be used as an avenue for military operations. Various counties have fell victims to cyberattacks by organized criminal organizations. An example of such events includes the Morris Worm attack on computers in the United States in 1988 and the attack on NASA in December 2006 (North Atlantic Trade Organization, 2006). While these attacks were not direct military attacks by enemy combatants or countries, they proved to be destructive as they interrupted the normal operations of services and the lives of people significantly.
Notably, various countries or terror organizations can use the same techniques that the cyber attackers used to run military operations and cause significant destructions presently. While the United States and other countries that have been subject to cyber-attack such as Estonia have put in place protective measures against future attacks. However, the increasing sophistication and overall advancement of technologies still predispose these countries to cyber attackers. Hackers come up with various ways of penetrating the firewalls of servers as is reflected by the reports published by the Center for Strategic and International Studies (2021). According to these reports, the latest cyber-attack was carried out on February 2021 by a cybercriminal group that targeted computer systems that contained data on Covid-19 vaccines research and sold the data to various nations.
Arguably, such a recent attack at an international level indicates that cyberspace is still susceptible to compromise by criminal groups. It also indicates that most computer systems are still at risk of being compromised. Thus, criminal groups and rogue nations can take advantage of the available internet infrastructure to orchestrate military attacks at a targeted population. This possibility also explains why world leaders and concerned organizations have been promoting the adoption of norms that regulate operations within cyberspace by nations, individuals, and organized groups around the world.
The threat posed by the possible militarization of cyberspace is also evident in the precautions that world leaders have expressed at the national level. Particularly, the legislature of countries that are prone to cyberattacks has repeatedly called on the government to establish defensive measures that can prevent or limit the damages that might be caused in the country in the event of a military cyberattack. For instance, a report that was prepared by United States Senate Committee on Homeland Security in 2012 cites the susceptibility of the country to catastrophic damages should its cyberspace be attacked by another nation or criminal organization.
According to the report on Homeland Security in 2012, computers in the United States are prone to cyberattacks and every segment of the government including the department of defense is at risk of experiencing serious data breaches and subsequent damages. The legislatures also recognize that the country is under constant threat of experiencing cyberwarfare perpetrated by criminal organizations that have to target government institutions, personal data, and businesses in the US. In an expression of the effects of potential cyber warfare, the report cites the potential damages that the country could experience as a result of cyberwarfare based on a review by a cybersecurity expert. Some of the possible damages include the collapse of the US Department of Defense’s classified and unclassified networks, dissolution of financial institutions due to data breaches, destruction of oil refineries, and the explosion of gas pipelines among other catastrophic results.
The expression of such concern by legislative members of a superpower like the United States which has invested in the development of high-tech military equipment and weapons- is a clear indication that cyber warfare is a real threat and consequences are devastating. Further, the report cites specific countries such as Russia and China which have developed advanced technologies that the countries’ military can use to coordinate attacks in any part of the world. Evidence of this concern is expressed by the citation of Russia’s alleged cyberattack on Estonia’s government websites in 2011 (US Senate Committee on Homeland Security, 2012).
The report also mentions that Russia used cyberspace to launch a military attack on the financial and government institutions of Georgia as a way of showing its military might. China is also accused of establishing proxy cyber hacker groups and cyberwar military departments to advance its capabilities of conducting military coordinated attacks on its enemies (US Senate Committee on Homeland Security, 2012). Certainly, this report shows that the militarization of cyberspace is not only a concept as perceived by others but an actual war tactic that is already in use by some countries and criminal organizations.
Critiques may however claim that the possibilities of militarizing cyberspace are a far-fetched idea. Someone can cite the acknowledgment of the threats posed by cyberattacks and the levels of precautions that countries have put in place to protect their computer systems from potential cyberattacks by a criminal organization or other nations (Kremer, 2014). This argument is viable since countries that have identified potential threats of cyberattacks have moved to install firewalls on their systems in a bid to mitigate any damages that might occur following the attacks. However, as mentioned above, the contemporary era is characterized by technological development which entails the discovery of new techniques that can be applied to compromise various computer systems. Hackers work around the clock to breach the firewalls of computer systems which is evident by the constant report of massive cyberattacks on various institutions and personal computers.
Additionally, opponents may cite the potential retaliation and the subsequent fully-fledged warfare as a limitation of the potential use of cyberspace for military attacks. The notion that countries such as the United States that have military might could retaliate by invading another nation that attacks it through cyberspace may be the reason most countries have not resorted to militarizing cyberspace. While cyber warfare could have devastating impacts on the lives of the citizens of a targeted country, other contemporary military weapons such as nuclear bombs cannot certainly be downplayed as a more serious threat (Gomez, 2016). As such, the world’s superpower nations such as the United States, Russia, and China can conveniently sanction and declare war on any country that takes advantage of cyberspace to launch an attack on its territories.
Reports by security experts show that countries that do not have advanced military prowess are likely to rely on the convenience of cyberspace to launch direct and indirect attacks on their enemies. For example, Lewis (2019) states that following its lack of proper military might that matches its enemies like the United States, Iran has resorted to developing a sophisticated network of cyber warfare system. However, the country may not resort to an outright attack due to the few of the potential damage that the country might suffer following a military response by the United States. Notably, the reluctance of the militarization and actual use of cyberspace to execute attacks on another country can be attributed to this few of retaliation like any other warfare.
However, various countries still have ways that they can converse the security systems of their target populations and launch military attacks through the internet. A common way of achieving this motive is by using proxies or funding organized criminal groups to carry out the attacks on the behalf of a nation. Moreover, most countries that have dared to militarize cyberspace are those that have advanced technologies and weapons that either match or are superior to their targeted countries.
Overall, cyberspace is at risk of being militarized by rogue nations or organized criminal groups to launch attacks on a targeted population due to the convenience of the medium. The expediency of coordinating attacks through the internet is characterized by the use of proxies and the existing weaknesses in computer systems around the world. The possibility of cyberspace militarization is portrayed by the constant call for the establishment of norms by world leaders and world peace watchdogs. Besides, the susceptibility of the digital economy which has experienced numerous cyberattacks over the past years shows the possibility of nations and using similar routes to launch military attacks on their enemies. Research studies indicate that most countries are currently relying on cyberspace to spread terror among targeted counties and showing their military might.
The militarization of cyberspace is also pegged to the weaknesses of computer systems which hackers can take advantage of and cause substantial damages. Despite putting in place firewalls and other security measures on the systems, most countries’ networks are still susceptible to attack by hackers due to the constant development of techniques and knowledge of computer applications. The possibility of cyberspace militarization is also evident from an analysis of past incidents which involved the manipulation of computer systems on a large scale. While opponents might cite various reasons such as the fear of retaliation by a country with superior military technology and weapons as well as the potential minimum damages that may be caused due to the precautionary measures taken by most countries, there is overwhelming evidence that the militarization of cyberspace is an actual warfare tactic that has been adopted by various countries.
Anderson, C., & Sadjadpour, K. (2018). Iran's Cyber Threat: Espionage, Sabotage, and Revenge. Carnegie Endowment for International Peace.
Brandes, S. (2013). The newest warfighting domain: Cyberspace. Synesis: A Journal of Science, Technology, Ethics, and Policy, 4(1), G90-G95.
Center for strategic and international studies. (2021). Significant cyber incidents | Center for strategic and international studies. Center for Strategic and International Studies. https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents
Chernenko, E., Demidov, O., & Lukyanov, F. (2018). Increasing international cooperation in cybersecurity and adapting cyber norms. Council on Foreign Relations.
Finnemore, M., & Hollis, B. (2019). Cybersecurity and the concept of norms. American Journal of International Law, 110(3), 425 – 479.
Gomez, M. A. N. (2016). Arming Cyberspace: The militarization of a virtual domain. Global Security and Intelligence Studies, 1(2), 5.
Kremer, J. (2014). Policing cybercrime or militarizing cybersecurity? Security mindsets and the regulation of threats from cyberspace. Information & Communications Technology Law, 23(3), 220-237.
Lewis, J. A. (2019). Iran and Cyber Power. Center for Strategic and International Studies: CSIS.
North Atlantic Trade Organization. (2006). The History of Cyber Attacks - A Timeline. NATO Review. https://www.nato.int/docu/review/2013/cyber/timeline/en/index.htm
US Senate Committee on Homeland Security. (2012). - America is Under Cyber Attack: Why Urgent Action is Needed (112-85). U.S. Government Publishing Office. https://www.govinfo.gov/content/pkg/CHRG-112hhrg77380/html/CHRG-112hhrg77380.htm