Introduction

Undoubtedly, the twentieth century could be counted as the
bloodiest in human history; man has been at war for much longer than he has
been at peace. The death tolls are incalculable although historians put
estimates at somewhere between 170 million to 210 million. No true figures are
available but what is undisputed is the proliferation and effect of war on all
aspects of society. Its impact on the soldier and the civilian as well as the
economy and society or culture has given birth to the concept of ‘total war’ (Marwil, 2000). The last time total
war was experienced was the Second World War which invariably led to the Cold
War and its all-encompassing nature on every aspect of society (Stavrianakis & Selby,
2012).
Particularly with technology, the 20^th century has seen the
advancement of technology to epistemic levels where it has produced the concept
of ‘modern war’ – atomic weapons, satellite guided missiles, chemical and
biological weapons and electronic drones; none of which have eclipsed the older
forms of warfare (Barkawi, 2011). A new form of
warfare has evolved and it is part of the 4^th Industrial Revolution;
it is cyber warfare.

To understand its significance, one only has to look at former President Barack Obama declaring the digital infrastructure of the US as strategic national asset to be protected with the entire resources available to the United States. Obama prompted the formation of a special unit in the Pentagon called Cybercom whose sole purpose is to prepare the US for the inevitable cyber war that America will be embroiled in. The UK has also set up the National Cyber Security Programme and NATO has released the Tallinn Manual on the International Law Applicable to Cyber Warfare; a three-year study by international scholars setting out ninety-rules to govern conflicts among nations. Cyber warfare is definitely gearing up as a new arena for conflict.

This dissertation looks at the subject of cyber warfare and
examines how widespread a concern this is to nations and if indeed it is just a
concern of the super powers. Just like atomic weapons has become a military
weapon of magnitude, the world has still not experienced a nuclear war. Instead
nuclear energy is being used to advance economies and aid production and meet
energy needs. Is cyber space similar to the threat of nuclear weapons? Does it
actually do more good that the proposed harm that is being touted? This
dissertation will carry out a secondary data analysis to understand the current
literature on the subject and determine if indeed cyber warfare is the new
arena of conflict.

Narrative

The organising principle of every theme in this dissertation
is layered; each begins with a general historical and contextual appraisal invariably
moving to specifics and constantly looking at the problem-solution dilemma. To
substantiate or clarify explanations, arguments, themes, findings etc.,
footnotes will be included and/or non-integral citations will be used to focus
attention more on the research being discussed and less on the researchers or
authors. All related studies to this dissertation will be research/information
prominent.

With a few exceptions, English is used entirely in this
dissertation and therefore tense usage is important in the organisational
narrative. Where reference is made to a single study, the past simple tense
will be used. Where reference is made to more than one study or an area of
research, the present perfect tense will be used. Where reference is made to generally
accepted knowledge, particularly with respect to cyber warfare or generally
accepted knowledge in international relations, information technology or
geopolitics, the present tense will be used.

Finally, the choice of reporting verbs in this dissertation
will inadvertently express a certain attitude be it critical distance, doubt,
certainty, confusion etc. As much as possible, I have tried to maintain the
same reporting verbs used in citing research and evoking emotion in my
reflexive thoughts. Sometimes this has not been possible and the same reporting
verb will express different attitudes depending on the context. Where this has
occurred, I have elaborated any misconception or misunderstanding in the
corresponding footnotes.

Themes and concepts

The chronological order of the table of contents gives a
straightforward description of the chapter and sub-chapter headings in this
dissertation. Thematically, the dissertation is divided into 4 chapters.
Chapters 1-3 deal with the research justification as well as academic and
methodological underpinnings. These chapters set the terms of reference for the
dissertation and elaborate its research direction and deal with the subject
matter, cyber warfare. Chapter 4 deals with the results, discussion of the results
and conclusion.

Theoretical and conceptual framework

War, Conflict and Anarchy

It is imperative to understand international relations and
the theories and concepts underpinning them before looking at cyber warfare as
a new arena for war. The Melian Dialogue in the great 5th century BC classic of
Thucydides’ “History of the Peloponnesian War” best describes the context in
which one looks at the international system. At a point in the Peloponnesian
Wars, the Athenians wanted to take over the neutral island of Melos to obtain
control over the Aegean Sea. An Athenian fleet was dispatched to Melos to try
and negotiate a surrender and the ensued dialogue, as told by Thucydides,
captures the essence and birth of our international system today. The Athenians
declared to the Melians that

“since you know as well as we do that right, as the world goes, is only in question between equals in power, while the strong do what they can and the weak suffer what they must.”

(Thucydides)

The international system today is premised on the fact that
nation states can and do exert their power over weaker states although some do
work through a collaborative system to ensure a common purpose. The study of
international relations begins with the very notion that there is no central
authority which acts as the ultimate arbiter in world affairs. Nations simply
do what they can through mutually beneficial alliances and discard them when
their interests are no longer served. If we look at world history before the 20^th
century, international relations could be said to be in a state of anarchy as
there was no central figure. From
1078, China was the world’s major producer of steel, the world’s leader in
technical innovations, the world’s leading trading nation, possessed the
largest commercial ships and these are just to mention a few. Few academics
would now dispute that China was the world’s hyperpower for 800 years before the rise of British imperialism in
the 19^th century. Despite China being a hyperpower for 800 years,
there is no record of any central authority governing the behaviour of
nation-states. They simply did what they could to nations who couldn’t fight
back. Ironically China was insular and did not engage in any international
conflicts.

Every study of international relations or politics beyond
that makes assumptions about the state of anarchy and offers a counter
explanation of an international system with inter-state relations and a
hierarchical intrastate system. A system that we have now with bodies like the
United Nations, the World Trade Organization regulating economic relations and
the International Criminal Court prosecuting crimes against humanity.  International relations deals with how nation
states decide to exist without a central authority or with no structure or how
they choose to create one. Waltz (1979) describes the juxtaposition of the international
system and the domestic system by explaining that 

“domestic systems are centralized and hierarchic”, “international systems are decentralized and anarchic”

Waltz 1979, p. 88

All approaches to international relations and studying the
behaviour of nation-states begins with an assessment of the anarchic structure
in the international system. Anarchy is the starting point of viewing
international relations but that view depends on the perspective a country
chooses to take. Let’s begin with the oldest view recorded since the Melian
dialogue between the Athenians and the Melians. The ‘political realist’
perspective is known as a theory one subscribes to in international relations.
A political realist is under no illusions that countries behave with the single
purpose of self-interest and therefore actions and reactions are done to defend
that interest. Nation states are geared towards survival, according to the
realist and this can often mean exerting strength over a weaker enemy or
acceding to a collaboration with a stronger foe.

All is done for the purpose of ensuring the continuation of
the state by any means necessary. Therefore, the only way to predict behaviour
is to predict survival. Realists do not see a set of behavioural guidelines but
a survival of the fittest in the ‘international jungle of world politics’. Or
as one might put it succinctly, ‘might is right’. To the realist, the
international order is that of ensuring that power relations are conducted in
such a manner that outcomes are mutually exclusive. One party will always gain
over the other so the purpose for the nation-state in any negotiations is to be
the winner. Where this cannot be achieved then the realist will view this as a
precarious position to be in. Realists’ view of the anarchical order can
describe the behaviour of nation-states in various ways from the classical
realist to the neorealist and several forms in between. Whichever view is
subscribed to, anarchy forms the basis of that world view and the expected
behaviour of nation-states (Heginbotham, 2015).

Liberalist recognise the importance of anarchy in the
international system in just the same way as the realists. Both liberal and
realist accept the absence of a supreme authority directing the affair of
nation-states. Where liberals and the liberal view differ on the subject is
what can be done within the anarchic system. Liberals believe that
nation-states and state actors can actually come together to build rules,
guideline, set up institutions and appoint various monitoring bodies to govern
or at least modify the behaviour of nation-states so that they can work
together for a common person (Barkawi, 2011).

Outcomes do not have to be mutually exclusive but can be
mutually beneficial in an anarchic system, according to the liberal view of
international relations. Through joint cooperation, liberals believe that the
behaviour of nation-states can be changed to achieve a level of power where
states feel secure about their relationships with other states and do not seek
to consolidate power at the expense of others. This classical liberal view can
be seen in the world today as neoliberalism. Liberals still see anarchy in the
international system but see it as something that can be overcome through a
concerted effort.

Whatever view one prescribes, the prevailing wisdom is that
nation states will shift between theories and concepts to advance their own
agenda and not confine themselves to an enduring guiding principle. The concept
of cyber warfare, I would argue, follows suit.

Defining the cyber world

Almost twenty-five years ago, ‘cyberspace’ as we know it did
not exist beyond the primitive computers placed in research laboratories and
academic institutions. In fact, cyberspace was merely a theoretical concept
that was considered unachievable. Today that has drastically changed. Our world
would be unfathomable without cyberspace. To put its vastness into
perspectives, approximately 4 billion people are online with roughly 50 billion
devices ranging from super computers to desktops to laptops to smartphones to
tablets. On a yearly basis, 90 trillion emails are sent and two trillion
transactions are conducted in cyberspace (Turns, 2012). Cyberspace
permeates are lives so much that we use it for everything from international
trade, to logistics, communications, record keeping, financial transactions to
sending flowers! All these positive contributions are the benevolent side of
cyberspace. The malevolent aspect of cyberspace is ignored by the public unless
a scare or scandal brings it to the surface. Figures estimate that on a daily
basis, around 55,000 pieces of malware are found, 200,000 computers are
‘hijacked’[1]as
well as the countless number of frauds that go unreported.

How exactly does one define cyberspace? That question is not
easy to answer as there are as many answers as there are experts in the field.
A notable expert worth considering is Daniel Kuehl who collected a series of
definitions from various sources and analysed his findings (Curran, et al., 2008). He concluded that
cyberspace consisted of a few dimensions namely;

• An operational space – it is an
  operational space where proponents of the domain ply their trade and perfect
  their skills.
• An electronic domain – it is an electronic
  network comprising of computers and a vast network of electromagnetic activity
• Information domain – it is a network of
  information that is not limited to a particular location, time and space

Kuehl analysed all these aspects and offered his own
definition which will be used in this dissertation:

“A global domain within the information environment whose distinctive and unique character is framed by the use of electronics and the electromagnetic spectrum to create, store, modify, exchange and exploit information via interdependent and interconnected networks using information-communication technologies.”

Kuehl, 2009

Cyber terrorism is a portmanteau of the words cyberspace and
terrorism and was first recognised and used in 1996 but became popular after a
1998 report from the Center for Strategic and International Studies titled Cybercrime, Cyberterrorism, Cyberwarfare:
Averting an Electronic Waterloo. The report discussed the possibilities of
an electronic attack, likely outcomes and expected methods (Carr, 2011). Three terms are
often confused when discussing Cyber terrorism so it is crucial that they are
defined here.

Cyber terrorism: “It is premeditated,
politically motivated attacks by sub national groups or clandestine agents, or
individuals against information and computer systems, computer programs, and
data that result in violence against non-combatant targets (Colarik & Janczewski,
2012).”

Information warfare: “It is a
planned attack by nations or their agents against information and computer
systems, computer programs, and data that result in enemy losses (Colarik & Janczewski,
2012).”

Cyber crime: “Cyber crime is
a crime committed through the use of information technology (Colarik & Janczewski,
2008).”
This is more of the documented cyber related terms because it has received
adequate coverage due to its proliferation in domestic law enforcement. In the
U.S., the Computer Fraud and Abuse Act defines Internet criminal acts (Jensen, 2009). Furthermore, the “European
Union members of the NATO alliance have domestic laws implementing the 1995
E.U. Data Privacy Directive” (Knapp & Boulton, 2006). For argument’s
sake, cybercrime includes offences such as;

• the impairment of data,
• misuse of devices,
• interception of data offenses.
• traditional criminal offenses facilitated
  through the use of the internet, e.g. fraud, copyright infringement, child
  pornography

Cybercrime has received a lot of
international attention and was formally discussed at the Council of Europe’s
2001 Convention on Cybercrime (Robinson, et al., 2015). This convention is
still the only international understanding in place that exclusively focusses
on cybercrimes.

Terrorism: “The unlawful use
or threatened use of force or violence by a person or an organized group
against people or property with the intention of intimidating or coercing
societies or governments, often for ideological or political reasons (Dragan, et al., 2012).”

Research Approach

Research Questions

This
research will attempt to explore and answer three questions regarding the broad
themes that preliminary research has shown and in line with the gaps in current
academic research;

1. What exactly is cyber space?
2. Is an information war a ‘war’ in the conventional sense?
3. Is Russia engaging in a cyber war with the West?

The
dissertation considered various approaches to address the questions above as
well as examine different options such as sources of data, type of research
framework, timescale and methodology. In trying to answer any of the research
questions, it was clear that any primary data used to carry out the research
and with the available time limit would not be possible or indeed produce
valuable information. This dissertation needed to design an analytical
framework to counter this problem. Thus, I attempt to make a justification for
carrying out secondary analysis of qualitative data and the benefits and
limitations of the approach

Secondary Data Collection

In setting
about the data collection, it was imperative I included boundaries for the study,
the protocol for recording the data as well as the methodology for analysing it
which are all set out below. The secondary data included qualitative documents
and qualitative audio and visual materials. The list of secondary evidences
kept evolving and the research continued. However, below is the final list of
secondary evidences used.

• Data from various government departments
• News articles from newspapers
• Data and analysis from periodicals, books, journals etc.
• Data from non-governmental agencies and public bodies
• Data from online sources

Secondary Analysis of Qualitative Data

Secondary
data analysis is essentially re-analysis of data collected by another
researcher (Elliot, 2015). Andrews et al gave a definition of secondary
data analysis as the collection and use of previously collected data for
another purpose (Andrews, et al., 2012). In
addition, they also explained that the use of secondary data analysis first
appeared when one of the founders of Grounded Theory (Glaser) discussed the
possibility of re-analysing data that had already been collected for other
purposes (Andrews, et al., 2012).
Notwithstanding, secondary analysis is still not very popular and there have
been very limited reviews of its use (Hinds, et al., 1997).

At this
point, it is pertinent that a distinction be made between secondary analysis,
documentary analysis, systemic reviews and meta-analysis. Secondary data
analysis is the examination of primary data^[2]
from previous research studies. Such data would include examples such as
semi-structured interviews, research diaries, responses to open-ended questions
in questionnaires, transcripts of interviews/conversations etc. On the other
hand, documentary analysis would involve the analysis of data such as
auto-biographies, personal diaries, photographs etc. Heaton does point out that
there could be some considerable overlap between secondary analysis and
documentary analysis (Heaton, 2008).
Meta-analysis and Systematic Reviews both involve both involve going over
published findings of previous research studies unlike secondary data analysis
that looks at the primary data and not just the published findings.

Review & Discussion

Introduction

Cyber warfare has different definitions depending on which
theorist is applying it and which country is examining and applying the
concept; for example, the U.S. military view cyber warfare in very different
terms from the Russians. To begin with the word “cyber” is a completely new
phenomenon that arose after the dot com boom and the start of the 4^th
Revolution. Not surprisingly, it has not filtered into the established rules of
war or armed conflict adhered to by other nation states (Chen, 2010). For starters, the
word “cyber” is not found in the 1949 Geneva Conventions and any of the
additional Protocols (it has not been inserted there). The word, in common
usage, relates to a whole host of things ranging from computers and their
networks to the information in these computers to even the process of uploading
and retrieving this information.

By extension, the word cyber warfare will include acts
committed in furtherance of any act against and adversary using everything that
is considered part of the ‘cyber’ domain. In looking at acts, cyber warfare
would include offensive acts, defensive acts or acts of deterrence. By this
explanation, it will include disseminating offensive information through
computers or computer networks (Andress & Winterfeld,
2011).
Cyber warfare is one that has no clear boundaries or actors which makes a lot
of the current legislation unhelpful. Acts of war or states of war are usually
assigned to recognised states and combatants. But in this case, cyber warfare
can be conducted by states, agents of states, non-state actors, international
groups or any collection of people with a single vested interest or even one
individual (Cornish, et al., 2010). 

Cyber Warfare and the legal question

This dissertation started off with trying to determine if
cyber warfare is the new arena of conflict. Even though I have attempted to
define ‘cyber’ and ‘cyber warfare’, there are still large parts of this area of
study that need to be examined. A lot of the current research already makes the
assumption that cyber warfare is warfare because of its obvious name or that a
few of the permanent members of the UN Security Council are making the case.
But what is the legal argument to justify treating cyber warfare as warfare?

Let’s begin with the least disputed agreement and definition
of what leads to armed conflict. It is generally accepted that “armed force” is
the necessary requirement for “armed conflict”. The UN Charter Article 2(4)
provides,

“All members [of the UN] shall refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any State . . .,. Exceptions are use of force authorized by the Security Council, and self-defence pursuant to Article 5 1.”

Even customary law that applies to non-UN members still has
the expectation of the same necessary requirement although it must be pointed
out that this is only applicable to state actors (Kelsey, 2008). Non-state actors
where not envisioned when the Charter was framed. Nonetheless, this is still
the legal argument as it stands. Cyber warfare does not seem to meet the
threshold of ‘armed force’ although many would argue otherwise. And it is this
argument that is usually translated into the foreign policy of some states (Gompert & Libicki,
2014).
Even the UN Charter Article 51 still proposes that a response to attack is only
justified if the initial or first attack is an armed attack. As it stands today,
cyber warfare is not recognised as a legitimate war just in the same way that
the ‘War on Terror’ is not a legitimate war but a cornerstone of US foreign
policy.

By extension, it stands to reason that a cyber attack is not
in reality an attack recognised by the UN (Droege., 2012). Ultimately the view
of whether an act is a cyber attack or part of cyber warfare is merely one that
is only determined by the recipient of the act and how they choose to respond;
through dialogue or retaliation? In addition, the judgement of the
international community plays a significant part even though state actors often
form alliances that ensures that an attack on one nation state could be an
attack on the entire alliance; e.g. a cyber attack on a NATO member state. Not
having a legal basis for an action does not in any way imply that it is not
treated as a conflict or war. We only have to look at the U.S. justifications
for bombing, Iraq, Afghanistan and Syria in clear violation of the U.N. Charter;
none of these states had perpetrated an armed attack against the U.S. The
international community enjoined the U.S. even though other states had pointed
out at the clear hypocrisy being committed by the U.S. If one is to consider
cyber warfare and cyber attacks, then answering the legal question is
insufficient. One must refer to the prevailing theory of international
relations one subscribes to or comment on wider matters governing a state’s
behaviour. This dissertation will look at empirical examples of cyber warfare.

Global Cyber warfare: China vs US

“In today’s information age, the People’s Republic of China has replaced and even improved upon KGB methods of industrial espionage to the point that the People’s Republic of China now presents one of the most capable threats to U.S. technology leadership and by extension its national security.”

Dan Verton, Cyber Warfare Expert (Hjortdal, 2011)

It is easy to
forget that in 1820, Greece had revolted against the Ottoman Empire, Britain
had opened the first modern railway and was on its way to an exploding
industrial revolution, Brazil had nervously declared independence from Portugal
and that China was the world’s superpower with the largest share of global GDP.
In fact, it is easy to forget because history has been written specifically to
gloss over these facts. Western academia has repeatedly highlighted China as a
collective of starved, dispossessed and slaughtered people and not a
prosperous, dynamic and global power from 1100 – 1820. From 1078, China was the
world’s major producer of steel, the world’s leader in technical innovations,
the world’s leading trading nation, possessed the largest commercial ships and
these are just to mention a few.

Few
academics would now dispute that China was the world’s hyperpower for 800 years before the rise of British imperialism in
the 19^th century. Western imperialism and China’s decline has been
documented in detail which this book cannot do justice to. The rise of Chinese
economic and political strength is unquestionably due to the Communist Party of
China which began when the Third Plenary Session of the 11th Central Committee
of Communist Party of China adopted a reform policy triggering the private
sector^[3].  Since 1978, entrepreneurship has driven the
Chinese economy and the economic and political changes since then remain
unprecedented. So transformative has this change been that China is now a
threat to the US in the information superhighway. A recent event in 2016 puts
this threat into context.

China builds world’s fastest supercomputer without U.S.
chips

“China on Monday revealed its latest supercomputer, a monolithic system with 10.65 million compute cores built entirely with Chinese microprocessors. This follows a U.S. government decision last year to deny China access to Intel’s fastest microprocessors. There is no U.S.-made system that comes close to the performance of China’s new system, the Sunway TaihuLight. Its theoretical peak performance is 124.5 petaflops, according to the latest biannual release today of the world’s Top500 supercomputers. It is the first system to exceed 100 petaflops. A petaflop equals one thousand trillion (one quadrillion) sustained floating-point operations per second.”

ComputerWorld (June 20, 2016 – http://www.computerworld.com/article/3085483/high-performance-computing/china-builds-world-s-fastest-supercomputer-without-u-s-chips.html)

It has earlier been argued that cyberspace is open to both
state actors and non-state actors. Because actions can be taken by an
individual in a state, it is extremely hard to prove culpability of the state.
In other words, a cyber attack from a computer in China in no way implies that
the cyber attack was orchestrated by the Chinese state. Proving culpability is
extremely hard and this fact alone hinders the argument that cyber warfare
could be a new arena of conflict. Having said this, the media is awash with
stories of Chinese cyber attacks on the U.S. but it is always lacking in
evidence. Ironically, one never hears of U.S. cyber attacks on China or at the
very least the mainstream media never reports it. Despite China’s repeated
denials of culpability and its demand for proof that its citizens are
responsible for cyber attacks on U.S. interests, the U.S. have taken the bold
step in 2011 to issue a statement from the National Counterintelligence
Executive that China is the “most active and persistent perpetrator of cyber intrusions
into the United States” (Heginbotham, 2015).  

As there are no clearly defined rules on cyber warfare, any
escalation of tensions between China and the U.S. could be construed and framed
in the words of a potential conflict similar to the rhetoric that started and
fuelled the Cold War between the U.S. and the U.S.S.R. This Cold War metaphor
is how commentators are viewing the Cyber race between China and the U.S.
According to President Barack Obama’s 2011 Cyberspace Policy Review,
“cybersecurity risks pose some of the most serious economic and national
security challenges of the 21^st century” (Solis, 2014). This rhetoric is
backed up by the steps the U.S. has taken to secure its strategic advantage in
the domain. In 2009, the U.S. created the Cyber Command under the National
Security Agency (NSA) with the express purpose of putting cyber warfare in the
forefront of its military and defensive strategy. In addition, the Department
of Defence (DoD) also has the Pentagon Strategy for Operating in Cyberspace with
China clearly set in its sights.

These aggressive overtures by the U.S. have not been
ignored. According to the Chinese Ministry of Public Security, they are of the
opinion that cyber attacks on Chinese computer installations grow at a rate of
80% annually making China the largest and most venerable recipient of cyber
attacks  (Robinson, et al., 2015). To put it into
context, in 2011, China succumbed to a cyber attack where 100 million
usernames, passwords and emails were leaked unto the internet.

What is commonly acknowledge is that the U.S. practically
controls the entire internet and other states are using every means possible to
reduce the influence of that control and threat even though the US was
instrumental in the development of the internet. For the global internet to be
fully operational, it requires 13 root serves. 10 of the 13 are based in the US
and the other 3 are based in Japan, Sweden and the Netherlands. ICANN, the body
that authorises domain names and designations is based in the U.S. With these
facts in mind, the U.S. has the most potential to turn cyber space into a cyber
threat. At least that is the argument posed by China and they insist on being
able to protect their national interests. With both sides staking a national
interest priority, it is not surprising that cyber warfare could be the next
arena between the U.S. and China (Lieberthal & Singer,
2012).

Global Cyber warfare: Russia vs the rest of the world

The Russians view cyber and cyberspace in completely
contradictory terms to the U.S. and the West in general. First and foremost,
the Russians do not generally refer to the term cyber as a distinct concept in
the way political theorists in the West do. Russia, and to some extent China,
have a wider understanding of information and its control regardless of the
medium chosen. So, given its long history with controlling information about
and through the state during the era of the Soviet Union, electronic information
is just one conduit or category of information that can be utilized,
manipulated and harnessed for the greater good of the state. That is to say
that the notion of cyber is just another mechanism by which information is
relayed and does not take priority over other mechanisms in importance just in
practical relevance.

In Russian military doctrine, information and disinformation
go hand in hand and are tools used by the state apparatus to achieve a desired
objective for its citizens or against its adversaries. It is utilized with
judicious foresight towards a purpose in addition to other traditional methods
and processes. In practical terms, if information (or disinformation) helps
another weapon to tool, then Russian military theorists see electronic
information merely as an enabler or facilitator. Therefore information is
relevant to already established practices of the state such as disinformation
operations, electronic warfare, Psychology Operations (also known as PsyOps),
political subversion and subterfuge, economic warfare etc. According to (Carr, 2011),

“this is stated clearly in the Military Doctrine of the Russian Federation (2010) ………….. features of modern military conflicts is the prior implementation of measures of information warfare in order to achieve political objectives without the utilization of military force and, subsequently, in the interest of shaping a favourable response from the world community to the utilization of military force.”

Carr, 2011

Cyber warfare, according to Russian theorists, is just
information warfare by another means but more efficient than other types of
information warfare. Cyber warfare is a legitimate tool of the state, so the
argument goes, in peacetime and in conflict. It does not hold a special
prominence like it does in the U.S. Cyber warfare is regulated to accompanying
other tools of the state but given its nature, it has no set rules, no
boundaries, no prescribed limits and no real restrictions or applications. Such
a view is diametrically opposite to that of the concept of cyberspace held in
the West. In support of this theory, the Russian state apparatus is structured
quite differently from the U.S.

Cyberspace and cyber warfare started under the remit of the Federal
Security Service (Federal’naya Sluzhba Bezopastnosti: FSB) which was tasked
with initiating information and disinformation wars using whatever means
necessary including cyber warfare. The FSB also maintains and controls SORM, the
State’s internal cyber surveillance system. In addition to the FSB, The Federal
Service for Supervision in the Sphere of Telecommunications, Information
Technologies and Mass Communications (Roskomnadzor), is also tasked with
controlling the civilian media, telecommunications, the internet, the radio and
any electronic media.

Russia’s strategy of seeing cyber warfare as a continuation
of normal political and military overtures was witnessed in the war with
Georgia in 2008 (Robinson, et al., 2015). To date, Russia is
still the only country to use all three of military, economic and cyber warfare
on an adversary in the international arena. Russia had a two-pronged attack
when it used military weapons and cyber warfare to defeat Georgia. Similarly,
in its conflict with Ukraine in 2014, its conventional use of military weapons and
cyber warfare resulted in Ukrainian government websites being shut down,
massive ‘denial of service’ attacks being reported and energy installations
being hacked into. This is the first of many of these sorts of ‘total warfare’
that will continue in the new future. One only has to read newspaper reports of
cyber attacks occurring on a daily basis. But does this constitute a new arena
of conflict? I think given what is already going on in conflicts around the
world, the question has already been answered. Whether by design or accident,
states are using cyber warfare as a tool against their adversary (Lieberthal & Singer,
2012).

World’s first Cyber War

No other body of research could be
more persuasive that presenting details of the world’s first cyber war to
support the argument that cyber warfare is now a new arena of conflict. The
first known incident of an entire country being subjected to an all out cyber
war was Estonia. To understand the gravity of this event is to look at the
history of Estonia.  Estonia was
controlled by the Soviet Union for nearly 50 years and obtained its
independence in 1991. Then it was a desolate country which has been starved of
infrastructure and economic development. With a population of just under 2
million, it has carved a future for itself as one of the most wired and
technological advanced countries in the world. It is truly a model of a smart
country with widespread ecommerce and e-government services almost unparalleled
anywhere in the world.

As a state once controlled by the Soviets until 1991, the country is punctuated with Soviet history and struggle. The capital city, Tallinn, had monuments erected to the Soviet soldiers who fought and died in the struggle to keep Germany out of Russia. Estonia, as it is their right, decided to move the monument to a cemetery which met angry objections from Russian leaders and the large Russian community that grew out of a 50 year occupation. Russia saw Estonia as a symbol of struggle and the Estonians saw Russia as a symbol of oppression. After altercations in the city centre following the removal of the monument, Estonia found that its entire electronic infrastructure was disrupted. The state administration was paralysed, banks and companies had to freeze their operations, the internet was practically down and nothing was working. Culpability was had to prove but it was the first recorded total cyber war against a state. Again, there is no proof that the perpetrators were state sponsored or indeed it was a malicious attack but the timing and the magnitude points to more than a criminal cohort (there was no financial advantage gained in the event) and to a state sponsored cyber attack. More importantly, Estonians pointed the finger at Russia and being members of NATO, they retained the prerogative to invoke Article 5 of NATO: an attack against one is an attack against all.

Postscript

If there was any uncertainty about cyber warfare becoming
the new arena of conflict then the headlines below might seem ominous as they
are similar to the headlines that preceded the First World War and the Second
World War. And these were in just over 3 days.

“Malta accuses Russia of cyber-attacks in run-up to election”

The embattled Maltese government has claimed that it has come
under attack from a Russian-backed campaign to undermine it, amid worsening
relations with the Kremlin.

Malta assumed the presidency of Europe’s Council of Ministers
in January, an important position under which it chairs high-level meetings in
Brussels and sets Europe’s political agenda. Since then, the Maltese
government’s IT systems have seen a rise in attacks, according to a source
working within its information technology agency, a government body. He claimed
the attacks, which have increased ahead of next month’s general election, are
designed to damage the government. “In the last two quarters of last year and
the first part of this year, attacks on our servers have increased,” the source
said.” (Doward, 2017)

“Trump executive order aims to protect US from ‘catastrophic’ cyber attack”
US President Donald Trump this month signed an executive order that aims to increase protection for US essential services in case of a cyber attack that results in catastrophic regional or national effects on public health or safety, economic security, or national security”. (Kuchler, 2017)

Nth Korea launches cyber attacks on US

North Korea’s main spy agency has a special cell called Unit 180 that
is likely to have launched some of its most daring and successful cyber
attacks, according to defectors, officials and internet security experts. North
Korea has been blamed in recent years for a series of online attacks, mostly on
financial networks, in the United States, South Korea and over a dozen other
countries. Cyber security researchers have also said they have found technical
evidence that could link North Korea with the global WannaCry ‘ransomware’
cyber attack that infected more than 300,000 computers in 150 countries this
month.  Pyongyang has called the
allegation ‘ridiculous’. (Reuters, 2017)

The research question of
whether cyber warfare is a new arena of conflict is probably not in any doubt.
The argument reverts back to the beginning of this research when examined the
realist approach to international relations. Even if one were to look at the
vast number of institutions in the international system and make a please for
calmer heads prevailing, the realpolitik of
current geopolitics shows that cyber attacks can, and will most likely, be used
as a pretext and as a tool of war. It is no longer a question of if but when.

Bibliography

Andersen, P. H. & Kragh, H., 2011. Beyond the
inductive myth: New approaches to the role of existing theory in case
research. . In: R. Marschan-Piekkari & C. Welch, eds. Rethinking the
case study in international business and management research. s.l.:Edward
Elgar Publishing Ltd, pp. 146-167.

Andress, J. &
Winterfeld, S., 2011. Cyber Warfare – Techniques, tactics and Tools for
Security Practitioners. s.l.:Elsevier Science.

Andrews, L., Higgins,
A., Andrews, M. & Lalor, J., 2012. Classic Grounded Theory to Analyze
Data: Reality and Reffecions. Grounded Theory Review: An International
Journal, June.11(1).

Barkawi, T., 2011.
From War to Security: Security Studies, the Wider Agenda and the Fate of the
Study of War. Millenium: Journal of International Studies, Volume
39(Issue 3), pp. 701-716.

Bernard, H. R., 2011.
Research methods in anthropology: Qualitative and quantitative
approaches.. s.l.:Rowman Altamira..

Carr, J., 2011. Inside
cyber warfare: Mapping the cyber underworld. Sebastopol: O’Reilly Media,
Inc..

Chen, T., 2010.
Stuxnet, the real start of cyber warfare?. IEEE Network, Volume
24(Issue 6), pp. 2-3.

Cobban, S. J.,
Edgington, E. M. & Pimlott, J. F., 2008. An ethical perspective on
research using shared data.. Canadian Journal of Dental Hygiene, 42(5),
pp. 233-238.

Colarik, A. &
Janczewski, L., 2008. Introduction to Cyber Warfare and. In: L. Janczewski
& A. Colarik, eds. Cyber Warfare and Cyber Terrorism. New York:
Information Science Reference.

Colarik, A. &
Janczewski, L., 2012. Establishing Cyber Warfare Doctrine. Journal of
Strategic Security, Volume 5(Issue 1), pp. 31-48.

Cornish, P.,
Livingstone, D., Clemente, D. & Yorke, C., 2010. On Cyber Warfare. London:
Chatham House.

Corti, L. &
Bishop, L., 2005. Strategies in teaching secondary analysis of qualitative
data. Forum: Qualitative Social Research, 6(1).

Curran, K.,
Concannon, K. & McKeever, S., 2008. Cyber Terrorism Attacks. In: A.
Colarik & L. Janczewski, eds. Cyber Warfare and Cyber Terrorism. New
York: Infformation Science Reference.

DeWeese, S., 2009. Capability
of the People’s Republic of China (PRC) to conduct cyber warfare and computer
network exploitation. s.l.:Diane Publishing.

Doward, J., 2017. Malta
accuses Russia of cyber-attacks in run-up to election. [Online] Available
at: https://www.theguardian.com/world/2017/may/27/russia-behind-cyber-attacks-says-malta-jseph-muscat
[Accessed 29 May 2017].

Dragan, M., Danko, M.
& Mirjana, D., 2012. Defining Cyber Warfare. Vojnotehnički Glasnik, Volume
60(Issue 2), pp. 84-117.

Droege., C., 2012.
Get off my cloud: cyber warfare, international humanitarian law, and the
protection of civilians. International Review of the Red Cross,, Volume
94(Issue 886), pp. 533-578.

Elliot, D. C., 2015.
SECONDARY DATA ANALYSIS. In: F. Stage & K. Manning, eds. Research in
the College Context: Approaches and Methods. s.l.:s.n.

Elman, C., Gerring,
J. & Mahoney, J., 2016. Case Study Research: Putting the Quant Into the
Qual. Sociological Methods & Research, 45(3), pp. 375-391.

Fielding , N., 2004.
Geting the most from archived qualitative data: epistemological, practical
and professional obstacles. International Journal of Social Research
Methodology, 7(1), pp. 97-104.

Gladstone, B. M.,
Volpe, T. & Boydell, K. M., 2007. Issues encountered in a qualitative
secondary analysis of help seeking in the prodrome to psychosis. The
Journal of behavioural Health Sciences and Research, 34(4), pp. 431-442.

Gompert, D. &
Libicki, M., 2014. Cyber Warfare and Sino-American Crisis Instability. Survival,
Volume 56(Issue 4), pp. 7-22.

Heaton, J., 1998.
Secondary analysis of qualitative data. Social Research Update, Issue
22.

Heaton, J., 2004. Reworking
Qualitative Data. London: Sage Publications Ltd.

Heaton, J., 2008.
Secondary Analysis of Qualitative Data: An Overview. Historical Social
Research, 3(3).

Heginbotham, E.,
2015. The U.S.-China Military Scorecard – Forces, Geography, and the
Evolving Balance of Power 1996-2017, Santa Monica: The RAND Corporation.

Hinds, P. S., Vogel,
R. J. & Clarke-Steffen, L., 1997. The Possibilities and Pitfalls of Doing
a Secondary Data Analysis of Qualitative Data Set. Qualitative Health
Research, 7(3), pp. 408-424.

Hjortdal, M., 2011.
China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence. Journal
of Strategic Security, Volume 4(Issue 2), pp. 1-24.

Hjortdal, M., 2011.
China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence. Journal
of Strategic Security, Volume 4(2), pp. 1-24.

Irwin, S., Bornat, J.
& Winterton, M., 2012. Timescapes secondary analysis: Comparison, context
and working across data sets. Qualitative Research, 12(1), pp. 66-80.

Jensen, E. T., 2009.
Cyber warfare and precautions against the effects of attacks. Texas law
review, Volume Volume 88, p. 1533.

Johnston, M., 2014.
Secondary Data Analysis. A Method of which Time Has Come, Volume 3,
pp. 619-626.

Kelsey, J. T., 2008.
Hacking into international humanitarian law: The principles of distinction
and neutrality in the age of cyber warfare. Michigan Law Review, pp.
1427-1451.

Knapp, K. J. &
Boulton, W. R., 2006. Cyber-warfare threatens corporations: expansion into
commercial environments. Information Systems Management, Volume
23(Issue 2), p. 76.

Krasner, S., 1983. International
Regimes. Ithaca: Cornell University Press.

Kuchler, H., 2017. Trump
executive order aims to protect US from ‘catastrophic’ cyber attack. [Online]
Available at: https://www.ft.com/content/1e46dd84-2422-11e7-a34a-538b4cb30025
[Accessed 29 May 2017].

Kuehl, D., 2009. From
cyberspace to cyberpower: Defining the problem.. In: F. Kramer, S. Starr
& K. Wentz, eds. Cyberpower and national security. Washington
D.C.: Potomac Books Inc., pp. 24-42.

Lagner, R., 2011.
Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy, Volume
9(Issue 3), pp. 49-51.

Lieberthal, K. &
Singer, P., 2012. Cybersecurity and U.S.-China Relations. [Online]
Availableat:https://www.brookings.edu/wpcontent/uploads/2016/06/0223_cybersecurity_china_us_lieberthal_singer_pdf_english.pdf
[Accessed 25 May 2017].

Lindsay, J. R., 2013.
Stuxnet and the limits of cyber warfare. Security Studies, Volume
22(Issue 3), pp. 365-404.

Long-Sutehall, T.,
Sque, M. & Addington-Hall, J., 2011. Secondary analysis of qualitative
data: A valuable method for exploring sensitive issues with an elusive
population. Journal of Research in Nursing, 16(4), pp. 335-344.

Mackenzie, N. &
Knipe, S., 2006. Research dilemmas: Paradigms, methods and methodology.. Issues
In Educational Research, 16(2), pp. 193-205.

Marwil, J., 2000. Photography
at War. [Online] Available at: http://www.historytoday.com/jonathan-marwil/photography-war
[Accessed 21 May 2017].

Nicholson, A. et al.,
2012. SCADA security in the light of Cyber-Warfare.. Computers &
Security, Volume 31(Issue 4), pp. 418-436.

Palys, T., 2008.
Purposive Sampling. In: L. M. Given, ed. The Sage Encyclopedia of
Qualitative Research Methods. Los Angeles: Sage, pp. 697-698.

Reuters, 2017. Nth
Korea launches cyber attacks on US. [Online] Available at: http://www.skynews.com.au/news/world/asiapacific/2017/05/21/nth-korea-launches-cyber-attacks-on-us.html
[Accessed 29 May 2017].

Robinson, M., Jones,
K. & Janicke, H., 2015. Cyber warfare: Issues and challenges. Computers
& Security, Volume Volume 49, pp. 70-94.

Robinson, M., Jones,
K. & Janicke, H., 2015. Cyber warfare: Issues and challenges. Computers
& Security,, Volume 49(Issue 25), p. 70.

Shakarian, P.,
Shakarian, J. & Ruef, A., 2013. Introduction to cyber-warfare: A
multidisciplinary approach. Oxford: Newnes.

Solis, G., 2014.
Cyber Warfare. Military Law Review, Volume Volume 219, pp. 1-52.

Stavrianakis, A.
& Selby, J., 2012. Militarism and International Relations. In: A.
Stavrianakis & J. Selby, eds. Militarism and International Relations –
Political Economy, Security and Theory. s.l.:Taylor and Francis.

Tashakkori, A. &
Teddlie, C., 2010. Sage handbook of mixed methods in social &
behavioral research. s.l.:Sage.

Tennis, J. T., 2008.
Epistemology, Theory and Methodology in Knowledge Organization: Toward a
Classification, Metatheory, and Research Framework. In Knowledge
Organization, 35(2/3), pp. 102-112.

Tesch, R., 1990. Qualitative
research: Analysis types and software tools.. New York: Falmer.

Thorne, S., 1990.
Secondary Analysis in Qualitative Research: Issues and Implications. In: J.
M. Morse, ed. Critical Issues in Qualitative Research Methods. London:
Sage.

Turns, D., 2012.
Cyber Warfare and the Notion of Direct Participation in Hostilities. Journal
of Conflict and Security Law,, Volume 17(Issue 2), pp. 279-297.

Van den Berg, H.,
2005. Reanalyzing qualitative interviews from different angles: the risk of
de-contextualization and other problems of sharing qualitative data.. Forum:
Qualitative Social Research, , 6(1).

Vasilachis De
Gialdino, I., 2009. Ontological and Epistemological Foundations of
Qualitative Research. Forum: Qualitative Social Research, 10(2), pp.
1438-5627..

Wang, H. & Wang,
S., 2004. Cyber warfare: steganography vs. steganalysis. Communications of
the ACM, Volume 47(Issue 10), pp. 76-82.

Wolcott, H. T., 2009.
Writing up qualitative research. Thousand Oaks, California: Sage.

[1]
These are computers that have
been hijacked and remotely taken over by a person other than the owner.

[2]
Primary
data is that which is from a study where the researcher personally collects the
information but secondary data is data that has already been collected (Andrews,
et al., 2012).

[3]
From December 18 to 22, 1978, the Third Plenary Session of the 11th Central
Committee of Communist Party of China was held in Beijing. The party decided
that China should start shift its economic focus from “class
struggle-oriented” to “economic construction-oriented”, from
“semi-rigid/rigid” to comprehensive reform, and, from
“semi-closed/closed” to “opening up.”Invalid source
specified.