Saturday, June 7, 2014

Cyber Part III - Trust, War of 1812 and China

by Bill Doughty
Part III of "Cybersecurity and Cyberwar" has one of the book's best aha moments. The authors link piracy and privateering in the War of 1812 with an insight into U.S. relations with China and then examine what can be done to strengthen security and prevent Internet War.

Subtitled, "What Everyone Needs to Know," P.W. Singer's and Allan Friedman's work calls for a global standard with built-in resilience to ensure network security and protection.

Resilience, the ability to adapt to adverse conditions and overcome attacks, should be preceded by inoculation. The authors recommend a comparison with the Centers of Disease Control rather than the Cold War. They are skeptical of hyped warnings of an imminent "cyber Pearl Harbor" as long as governments, private industry and citizens adopt "vaccination" against attack. 
During and after the War of 1812, maritime piracy ran rampant, and patriot privateers assisted in fighting the pirates, damaging the British economy. The authors report that two hundred years ago there were 517 American privateer ships compared with U.S.Navy's fleet of 23 ships.

When it came to maritime piracy, "As in cyberspace today, one of the biggest challenges for major powers was that an attacker could quickly shift identity and locale, changing its flags and often taking advantage of third-party harbors with loose local laws."

Just like today, nations depended on a network of treaties and norms and the rule of law to preserve peace. Less than fifty years after the War of 1812 and just before the Civil War, both pirates and privateers were considered pariahs, and a global code of conduct was established.

No wonder this book was recently added to the CNO's Professional Reading Program's essential list. Consider the Navy's commitment to keeping sea lanes open and the global commons free.

Here's that "aha moment":
"The cyber parallel today, again, is that all netizens have a shared global expectation of freedom of action on the Internet, particularly online trade, just as it is ensured on the open ocean. If you knowingly host or abet maritime pirates or privateers, their actions reflect back on you. The same should be true online. Building those norms will motivate both states and companies to keep a better check on individual hackers and criminals (the pirate equivalent). It will also weaken the value of outsourcing bad action to patriotic hackers (the latter-day privateers).
"In addition to encouraging new accountability, this approach also offers opportunities for what are known as 'confidence-building measures,' where two states that don't get along can find ways to work together and build trust. After the War of 1812, for example, the British Royal Navy and nascent U.S. Navy constantly prepared for hostilities against each other, which made sense since they had just fought two outright wars. But as the network of norms began to spread, they also began to cooperate in antipiracy and antislavery campaigns. That cooperation did more than underscore global norms: it built familiarity and trust between the two forces and helped mitigate the danger of military conflict during several crises. Similarly, today the United States and China are and will certainly continue to bolster their own cyber military capabilities. But like the Royal Navy and new American Navy back in the 1800s, this should not be a barrier to building cooperation. Both countries, for instance, could go after what the Chinese call 'double crimes,' those actions in cyberspace that both nations recognize as illegal."
A similar insight comes from World War II. This past week was the 72nd anniversary of the Battle of Midway, turning point of the war in the Pacific against Imperial Japan and a victory for cryptology mathematics (codebreaking) and intelligence analysis. Today, Japan is our strong ally and friend, with a good self-defense force thanks in large measure to forward-thinking leaders like Adm. Arleigh Burke, Gen. Douglas MacArthur and Fleet Adm. Chester Nimitz.

So, when it comes to cybersecurity, can people look beyond short-term selfish gain and take a long view toward future good? 

Nations have come together in the past to agree to universal standards and rules. They have agreed on ways to use new technologies without imposing restrictive regulations or giving up privacy. An example the authors give is the telegraph and adoption of Germany's version of Morse Code. By the way, this week was also the 70th anniversary of D-Day, and today former enemy Germany, like Japan, is a bulwark of democracy and freedom in its region.

The next questions, then: Can we trust government, industry and each other? And, whether we can trust or not, can we come up with the mechanisms and arrangements to reach agreement?

Despite recent and not-so-recent examples of mistrust and distrust, there are many success stories about self-regulation and cooperation on the Web to deal with bothersome spam, dishonest scams and the evils of child porn.

The authors applaud opportunities for nations to train together, conducting cyber exercises and simulations. Such events have been sponsored by think-tanks from Beijing and Washington with the State Department and DoD participating, along with China's counterparts.  "The hope is that in the long run such exchanges will help build trust and reduce the likelihood of miscommunication during a real crisis or under poor assumptions." 
President Barack Obama and President Hu Jintao of China greet guests on the south lawn
of the White House, Jan. 19, 2011. (Official White House Photo by Pete Souza)
When you read "Cybersecurity and Cyberwar," you'll see the authors' conclusions for what's ahead.  You'll learn about where jobs are in the field and be reminded why it's imperative to promote STEM (science, technology, engineering and mathematics).

The authors include a thorough set of notes and an informative glossary.

Admiral James Stavridis, U.S. Navy (Ret), former Supreme Allied Commander at NATO, calls this, "The most approachable and readable book ever written on the cyber world."  P. W. Singer is author of "Wired For War," reviewed on Navy Reads in 2010.

No comments: