• Blog
  • February 19th, 2018

Offensive Cyber Operations Endanger Us All

NATO cyber

There is increasing debate and concern over the actions of states and non-state actors alike in the cyber domain.  Annegret Bendiek and Ben Wagner, associates of the German Institute for International and Security Affairs (SWP), outline key challenges and the dubious utility of offensive cyber operations in their article Making states responsible for their activities in cyberspace.

Ensuring the stability and integrity of the internet is a crucial goal for policy makers. In the words of the GGE [UN Group of Governmental Experts], it is a “key question for international peace and security.” – Annegret Bendiek and Ben Wagner

The two main methods of combatting cyber-security threats are:

  • “deterrence by resilience” — strengthening defenses and cyber infrastructure to ward off attacks; and
  • “deterrence by retaliation” — offensive responses to cyber-attacks.

While enhanced defensive measures can be highly beneficial, “deterrence by retaliation” can be challenged on many fronts, including effectiveness, legality and political legitimacy as well as the potential for serious “blowback”.

Many leading scholars have warned that the build-up of offensive capabilities only repeats the mistakes of the past. It fosters mistrust, leads to a new arms race and might even lead to the internet’s disintegration as states increasingly assert their sovereignty. – Bendiek and Wagner

As highlighted in an earlier Ceasefire.ca blog post, Canada’s new defence policy asserts Canada’s intention to go beyond much-needed enhancements of cyber defences to the “conduct of active active cyber operations against potential adversaries in the context of government-authorized military missions.”

But this new DND cyber mandate pales in comparison to the “vast mandate” outlined in Bill C-59 for the highly secretive Communications Security Establishment to carry out activities:

to degrade, disrupt, influence, respond to or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security. – Section 20 of the proposed Communications Security Establishment Act (CSE Act)

Such extraordinarily permissive language gives CSE the power not only to undermine fundamental rights and freedoms of Canadian citizens but also to contravene Canada’s international legal obligations.

Using the cyber domain as a battlefield is riddled with perils, with grave potential to undermine the reliability of the internet and the crucial infrastructure that it supports. Clearly our main objective now has to be

to encourage the development of an international order in which there are formidable restraints on the use of cyber force. – Lawrence Freedman

For the full article by Bendiek and Wagner, see: Making states responsible for their activities in cyberspace (The Security Times, February 2017).

Photo credit: NATO website

Read More

Comments are closed.




Will peaceful democratic change prove possible in Algeria? What next in Venezuela?

Hundreds of thousands of people protested in central Algiers on Friday in the biggest demonstration against President Abdelaziz Bouteflika’s 20-year rule since unrest began last month. So begins a recent Reuters report on the momentous events unfolding in what has heretofore been an anchor of stability in the region.  For more in depth analysis see: Understanding the Algerian Protests (Giorgio Cafiero, […]

Read More
View the Blog »

CSO Open Letter to PM on review of Saudi arms deal and update on gun control in Canada

  On 5 March 2019 a large group of civil society organizations including the Rideau Institute released to the media and ...

Nuclear flashpoints, Palestinian suffering, Venezuelan meddling and more

In a week packed with international flashpoints, our CF Roundup looks at important developments on the Korean peninsula, the sub-continent, ...