When I started this project, my goal was to expand my knowledge of the changing face of warfare by examining the latest front, that is, cyberspace. Additionally, I wanted to see how the advances in cyber warfare would affect the war on terror. Currently, my only experience with the war on terror was as a soldier in the thick of it, so I was hoping to gain a broader perspective on the conflict in general, and how cyber terrorism would play a part. Then, I was hoping to identify and highlight the differences between cyber activism, and cyber terrorism, and how they can easily be confused, depending on who you ask. Finally, I was curious about the way forward with the war on terror, and what is happening now.
First, I thought I would look at Iran. Traditionally, cyber warfare has been for espionage or reconnaissance purposes, to gain intelligence, steal technology, or plant surveillance measures. Iran is the first country to conduct cyber warfare operations for the express purpose of causing as much damage to systems and infrastructure as possible. As such, the other cyber super powers (the United States included) need to step up their game in terms of defense and counter-operations. Security firms already exist that set up dummy networks to deceive and observe hackers, which is how we learned just how effective, and aggressive, Iran is. They [Iran] have been hailed as “the new China” when it comes to cyber warfare. Why focus on the cyber front, though? Because that’s the only way Iran can really fight back against the military might and the sanctions leveled against them. However, as these sanctions are being lifted, they’ll have to consider just what direction to take their cyber operations. Before reading these articles (Cyber Warfare: Iran Opens A New Front & Iran Attacks Americans on American Soil), I knew that Iran was active in cyberspace, but I had no idea to what degree. I was familiar with what you would call “traditional” cyber warfare, but it sounds like Iran is changing the face of cyber warfare, and forcing the other super powers to adapt at their pace. In my mind, this gives them an advantage that they appear to be capitalizing on. However, as previously stated, as sanctions run their course, they’ll have to choose their actions carefully, lest the international community renew those sanctions in response to their cyber attacks.
Next, I thought I’d take a look at an example of cyber activism, focusing on Egypt and Tunisia. Being an American, I take it for granted the amount of information I have available. If I want to know anything about an official or politician, or even someone like a professor, the information is readily available online. This isn’t the case elsewhere, and it certainly wasn’t the case in Egypt or Tunisia. However, thanks to the efforts of their “netizens”, awareness of public issues, and public problems, was able to spread faster than ever before. I never really gave much thought as to how information is disseminated, but without cyber-activists in Egypt and Tunisia, the Wikileaks articles, which helped trigger the Arab Spring, may never have reached such a wide audience as quickly as it did. I also take my individuality and voice for granted, because it’s something I’ve always had, and in that regard, the second article pointed out something interesting. The Internet, and the activist blogs established by Egyptians and Tunisians, gave everyone a voice, whether you were a man, a woman, rich, or poor, you could speak with your own voice, and be heard. And this, too, helped to pave the way towards revolution. The two articles I looked at (Cyber-activism from Egypt to Wall Street & Paving the Way) seem to describe a cosmopolitan approach, building networks between people in order to spread awareness and share their cultural ideals.
Now that I had some examples of cyber terrorism and cyber activism, I wanted to know some of the key players involved in Iran’s cyber terrorism program. I was surprised to find that the government was actually funding these terrorist organizations. This was a political realist approach, utilizing all facets of their “military” to defend their national interests. I identified two groups and their activities through a couple articles (The Rocket Kitten Report & Past and Present Iran-linked Cyber Activity). I knew that the Rocket Kittens and The Thinkers were probably still active, but I didn’t know to what extent. Nor was I aware that, after the success of their initial two groups, the Iranian government has apparently diversified their cyber activities, creating even more cyber warfare groups. I was also unaware of the particulars of *how* they were carrying out these attacks, and the two articles were quite informative in that regard. I knew what Denial-of-Service attacks were, and what phishing was, but I had no idea that they were actually using legitimate means (through authentic VPNs) to infect people’s computers, and even remotely wipe government hard drives. If I had to categorize these groups, I would say, right now, they’re radicals. Their goal appears to be to inflict as much damage as possible and tear down opposing governments. However, while the groups themselves might be radicals, I would argue that the Iranian government funding them would be political realists, working to establish a more secure nation for themselves via cyber warfare, since they were “forced” to give up their nuclear arms.
Now, this raised an interesting question. What is the difference between cyber activism and cyber terrorism? Before reading these articles (Defining the threat: What cyber terrorism means today and what it could mean tomorrow & Hacktivists launch more cyber attacks against local, state governments & Bonus : Iran cyber attacking Israel, who is also targeted by hacktivists, who are in turn targeted by cyber terrorism), I had a pretty good idea of the difference between cyber terrorism and cyber activism. These articles only served to confirm and broaden my understanding of it. It’s all a matter of perspective, and motivation. Hacktivists and cyber terrorists often do the exact same things on the Internet, conduct the exact same types of attacks for the exact same results. It’s the “why” that is important. Cyber terrorists may be advancing their own political agenda (or that of the government funding them) while cyber activists are fighting for their rights, or the rights of others, taking on what they see as an oppressive regime/government. In this sense, cyber activists would be radicals, through and through, protesting and resisting, and helping others to protest and resist. And while some cyber terrorist groups might be radicals right now, their motivations, or the motivations of those funding them, could be seen as political realism. That’s another important note, I haven’t found any instance of hacktivists being funded by the government, while cyber terrorists seem to be government or state sponsored agencies.
At this point, I had a pretty good understanding of the cyber aspect of things, so now, I wanted to expand my understanding of the Global War on Terror. To do that, I first had to define what it actually is. My knowledge of the Global War on Terror was limited to what I had personally seen, first as a child when the towers fell, and second as a soldier operating in Afghanistan. These articles (Fifteen Years On, Where Are We On The War On Terror? & 9/11 Then and Now: Terror, Militarism, War and Fear) have broadened my viewpoint to include the forest, not just the trees. I didn’t know that ISIS only exists because the US destabilized Iraq and the Syrian civil war destabilized that region, which gave them the opportunity to expand. And while terrorist operational capabilities remain limited, they make use of cyber activism to recruit insurgents and inspire lone wolf terrorist attacks all over the world. Something else I was unaware of was how “at risk” the typical American thinks we are. I know that terrorists have limited means to strike at the US, but the average American only has the media to depend on for such information, and the media paints a fairly dark and scary picture, that the public has eaten up. I had no idea that 50% of Americans think we could be the victim of another “9/11” style terrorist attack. But, that’s the point, though, isn’t it? As long as Americans think terrorists are a real threat, they can be used as political leverage to get any number of bills or proposals passed, as long as they “improve American security”, capitalizing on a politically realist perspective that has been cultivated by the media. The big take away though, is that even though we’re 16 years into this Global War on Terror, and even though we have our opponents cornered, we’ve still got a lot of work to do if we intend to see this through to the end.
I mentioned before that we only have the media to depend on for information, so that got me thinking, what kind of approach does the media take in reporting? Would they be a form of cyber activism, cosmopolitans spreading cultural information and awareness, or would they be more radical, painting a picture of our very way of life being torn asunder? I think we all know the answer to that, as we are all aware of media bias. You only have to look at Fox News and CNN to see it in action. However, such bias doesn’t seem to exist in countries where Freedom of Speech isn’t a thing. Take Egypt, for example (The Silence in Sinai: Covering Egypt’s “War on Terror”). Their cyber activists risk their freedom, and possibly their lives, in order to expose the truth about what is happening in their War on Terror, and to bring the atrocities committed to light. In the US, we have so many different news outlets, we can pick and choose what version of the truth we want to see. That’s not a good thing. The second article (Fanning the Flames: Reporting on Terror in a Networked World) has an example of cyber activism at its worst, when they’re discussing a school bombing, and how Reddit named a missing student as the bomber, and this was retweeted by a number of reporters and news outlets, in order to “get the word out” for “public safety” and to “bring him to justice”. This information wasn’t verified, and a lot of time was wasted looking for this student, time that could have been spent looking for the actual bombers. Previously, I commented on how the government benefits from the media keeping the public in a state of fear concerning terrorism. And so, I’m left with the question, if the actions of our media constitute cyber activism at what point do their actions cross the line and become domestic cyber terrorism?
At this point, I was left with one question, what’s next for the war on terror? What’s the future of cyber activism and cyber terrorism? My experience with the War on Terror was as a soldier in Afghanistan. With the troop withdrawal, I was left wondering where the fight would take place next. The answer is that, in addition to continuing attacks in the real world, the battlefield has shifted to include cyberspace. With this shift has come a shift in policies as well, to help combat it. Congress has implemented the Cybersecurity Information Sharing Act of 2015, the National Cybersecurity Protection Advancement Act and the Protecting Cyber Networks Act. These are just a few bills that were sanctioned in support of cyber security. Furthermore, Congress launched an incentive for private-sector companies to increase participation in the war on cyber terrorism. This is a classic political realist approach, only taking action when the threat presents itself, and then bringing as much might to bear as possible. Unfortunately, they’re going to have to call in some experts, because this is a specialized battlefield, and not something just anyone can defend against, which means they might have to liberalize their thinking a bit (in terms of globalization perspectives) if they want to continue to safeguard our national interests.
An extension of that question is, what is happening today? Based on all the research I’ve done for this assignment, I knew it was bad out there, but not like this. It would seem that, in our rush to either establish or maintain “arms superiority” we’ve developed weapons of digital mass destruction that are no longer under our control, and are being auctioned off to the highest bidder (usually terrorists) to do with as they please. I mentioned before that we needed to shift from a political realist approach to a political liberalist approach, and this highlights that need. We’ve got to get experts on this, not just for cyber offense, but cyber defense, to ensure that whatever we develop doesn’t end up in the wrong hands. In the old days, barbed wire, a high wall, and some steel doors were all you needed to keep your secrets safe, but in the digital world, security seems lackadaisical at best, and that’s just plain unacceptable. This is the future of our conflict, to quote the first article, “every flash point has a cyber element”, so we can’t afford to let our guard down now. Unconventional enemies require unconventional means, we learned that in Afghanistan, and right now, we’re playing catch up with Iran, who is openly funding cyber terrorist organizations to keep their enemies off balance. Imagine what they could do, or have already done, with the N.S.A cyber weapons.
In the end, I think we need to redefine what we consider weapons of mass destruction, and the likelihood of two great powers going to war in cyberspace. This avenue represents a way to do real damage to an enemy without risking your own troops, or making a public display or declaration. Much of what goes on in this cyber war is shrouded in mystery, and it’s difficult to prove who is behind an attack. Just look at Russia and our election. As I’ve stated before, if this is the future of our conflicts, we need to bring in experts who know what they’re doing, and shift the way we approach these conflicts. There’s no reason we can’t have a political realist mindset, and take a political liberalist approach, calling in experts and actually listening to them, to strength our “military presence” in cyberspace, to defend our national interests, both here and abroad. If my research has shown me anything, it’s that a multifaceted approach is what’s necessary when dealing with a flexible environment like cyberspace.