Written by Francis Domingo.
As states seek to strengthen their national security and expand their political influence in the information age, cyber capabilities are rapidly becoming an instrument of state power. Computer network operations have been integrated as part of conventional military capabilities to strengthen network defences as well as to align with the cyber capabilities of powerful states. The persistence of hostile interactions in cyberspace is more pronounced in the Asia-Pacific region, where the highest number of interstate cyber incidents has been observed in the past fifteen years. Existing studies suggest that these cyber conflicts are linked to geopolitical tension such as territorial disputes, great power rivalry, and historical animosities between states in the region.
Intelligence collection through the infiltration of computer networks has been a prevalent phenomenon across the Asia-Pacific, but a majority of these incidents have been carried out by China. The race to develop advanced cyber capabilities may influence middle and small powers to increase their engagement in CNE in light of the uncertainty and mistrust in the Asia-Pacific Region.
Despite occurrences, there have been limited interstate military conflicts in the region, which suggests that the use of computer network operations encourages less physical harm or damage. In this sense, cyber capabilities have the potential of becoming a favourable foreign policy instrument for states, given the prevailing geopolitical environment and uncertainty regarding cyber interactions in the region. The use of cyber capabilities offers three strategic advantages for states: nonphysicality of cyber incidents; stealthiness of cyber operations; and functionality of cyber operations.
Before exploring these strategic advantages, it is first necessary to define specific terms to develop conceptual clarity. Cyber capabilities are therefore defined as three types of operations: computer network attack (CNA), computer network defence (CND), and computer network exploitation (CNE). CNA is the act of disrupting, denying, degrading, or destroying information in computers and information systems, while CND is the capability “to protect, monitor, analyse, detect and respond to unauthorized activity.” CNE, meanwhile, is the act of infiltrating computer networks of adversaries to collect intelligence. The specific operational instrument or weapon involved in executing cyber incidents is designated as a “cyber weapon.” Cyber weapons are computer codes deployed with the intention of “manipulating, threatening or inflicting physical, functional, or mental harm to structures, systems, or living beings.”
The first advantage of utilising cyber capabilities is that these do not cause physical damage or harm. The primary instruments used in cyber incidents are cyber weapons or malicious computer codes that are not tangible elements located in the physical domain. This fundamental characteristic of cyber weapons defines the nonphysical nature of computer network operations as well as the possible outcomes that cyber operations can achieve.
The nonphysical nature of computer network operation is attractive to great powers that have interests in the region because of two reasons. First, China, Russia, and United States have formidable conventional military capabilities but it is not in their interests to instigate a war in the region. While the use of different foreign policy tools – ranging from diplomacy to military force – is feasible depending on the situation, the use of cyber capabilities is an emerging strategic option for great powers. Using computer network operations against each other is favourable when the objective is to convey displeasure or register specific political preferences during rivalries and disputes, especially since there is low risk of escalation to armed conflict. Second, since cyber incidents are nonphysical, these are not automatically considered as military action. This dilemma can be exploited and used against states that rely on military alliances and defence pacts given that it is problematic to justify a case for military action against perpetrators of cyber conflict.
Stealthiness of cyber operations
The second advantage of using cyber capabilities is the surreptitious nature of computer network operations. The deployment of cyber weapons is difficult to detect because malicious software can pretend to or be integrated within legitimate computer programmes that appear non-threatening to users. The stealthy nature of cyber operations is further manifested in the challenge of attributing CNAs. Debates about how to address the attribution problem are extensive but a clear strategy for attribution remains elusive.
The stealthiness of computer network operations is advantageous for states engaged in rivalries and disputes in the Asia-Pacific because these can support intelligence operations against adversaries specifically through espionage and sabotage. Indeed, intelligence operations conducted through cyberspace have already been useful for some states. In terms of espionage, China’s capacity for CNE is well documented and proven effective enough to infiltrate and collect secret information from the most secure networks of various government agencies, across different jurisdictions in the region. In terms of sabotage, North Korea’s cyber operations against the United States and South Korea have been persistent, inflicting distributed denial of service attacks against websites and the operations of government agencies, private companies, and civil society groups.
Functionality of cyber capabilities
The third advantage pertains to functionality or the range of actions that can be undertaken through computer network operations. Conventional military weapons such as missiles, guns, and bombs are specifically designed to inflict or defend against physical attacks. In this sense, cyber weapons are useful for supplementing conventional weapons because of the various non-lethal functions offered to states in the region.
Firstly, cyber capabilities can be utilised offensively by disabling command and control systems during military readiness exercises and maritime operations. The objective of this action is to communicate protest or disapproval against the military force projection of adversaries. Secondly, cyber capabilities may be used defensively by disrupting computer systems of hostile military forces when they breach air defence identification zones or operate very closely to territorial boundaries. The objective of this measure is to communicate a strong but less threatening message of disapproval against the actions of another state. Lastly, cyber capabilities have been useful for espionage against adversaries in the region. Intelligence collection through the infiltration of computer networks has been a prevalent phenomenon across the Asia-Pacific, but a majority of these incidents have been carried out by China. The race to develop advanced cyber capabilities may influence middle and small powers to increase their engagement in CNE in light of the uncertainty and mistrust in the Asia-Pacific Region.
More attacks but less violence
The strategic advantages derived from using computer network operations, make it a favourable instrument for states aiming to send a strong but non-lethal response to contentious foreign policy challenges such as rivalries and territorial disputes. The unique nonphysicality of cyber weapons limits the potential for conflict escalation and gives more incentives for great powers to make use of computer network operations as a response to specific foreign policy issues. The stealthiness of computer network operations is a strong compliment to existing intelligence operations of states, and another incentive for them to consider cyber operations as an instrument. The functionality of cyber capabilities is a third incentive. Cyber weapons can be useful because these can supplement conventional military weapons by disabling, disrupting, and exploiting adversaries’ command and control systems.
Francis Domingo is Assistant Professor of International Studies at De La Salle University in Manila and a doctoral candidate at the School of Politics and International Relations at University of Nottingham. He was previously a Teaching Fellow at Victoria University Wellington focusing on Cybersecurity and International Relations in 2016. Image Credit: CC by Christoph Scholz/Flickr.