On March 22,2013, I gave the closing lecture at a conference titled, “A World in Flux: The Movement of conflict in the 21st Century”, held at the Munk School of Global Affairs at the University of Toronto. The conference examined the evolution of global conflict in the early 21st century, exploring, among other drivers of change, the role of technological innovation and the increased mobility of people. It was a fitting time to discuss the shifting nature of conflict just days after the tenth anniversary of the U.S. intervention in Iraq and one year shy of Western disengagement from the war in Afghanistan. The two, largely failed, interventions have elicited one clear shift in global conflict for the foreseeable future, an end to grand Western military interventions and state-building projects. When it comes to Western military adventures in the decade ahead, we are more likely to see limited engagements like that in Libya or Mali (featuring reliance on airpower and some special forces and intelligence assets) or covert, indirect proxy engagements like that in Syria (with Western states arming and training rebel forces).
The 1990s and early 2000s was a period of substantial change in global conflict dynamics with an increase in asymmetric violence and warfare, marked by the rising use of terrorism and insurgent/guerilla tactics. This provided a means for weak states and non-state groups to narrow the global power imbalance. The so-called “new wars” of this period, were characterized by increased violence against civilians, the blurring of lines between military and civilian activity. This era saw the gradual globalization of conflicts via diaspora communities and advancements in communications and transportation technologies. Today’s conflict shifts represent a natural evolution from these earlier developments.
Conflict today is being waged in a more detached or disconnected fashion than ever before. The U.S. can now wage war across the globe via remote controlled unmanned aerial vehicles (drones) and sophisticated computer viruses. These weapons can be deployed from the safety of the U.S. Military Central Command in Tampa, Florida or the headquarters of the Central Intelligence Agency in Langley, Virginia without putting a single US soldier or civilian in harm’s way. But these are not just weapons of the powerful. Their accessibility, particularly in the case of cyber weapons, makes them a great equalizer in the world of conflict. These 21st century tools of war are leveling the conflict playing field, not just among states but also non-state actors. Michael Ignatieff said that terrorism “collapsed distance” between the West and the global periphery. Today’s cyber and robotic weapons have wholly outmoded notions of distance, creating a spatial revolution in modern warfare.
It has been a truism in international relations for some time that no conflict is an island. Since the end of the Cold War we have tended to speak of regional conflict formations in difficult neighborhoods like the Great Lakes region of Africa or the perennial hotspot of the Middle East. Today the world is moving from regional conflicts, where borders were merely permeable, to global conflicts where borders are becoming irrelevant.
Revolutionary advancements in communications technology have enabled new types of trans-national alliances and networks. Some of these new networks can be seen as a positive development, evinced by the relationships formed between Egyptian antigovernment protesters, Silicon Valley programmers, Egyptian diaspora communities and pro-democracy advocates around the world that facilitated the collapse of the Mubarak regime. But others are worrying, such as emerging shadow networks linking a mélange of dangerous groups such as organized crime enterprises, militant movements, hackers, smugglers and terrorists. The links between the Islamist militant group, Hezbollah and Mexican drug cartels like Los Zetas demonstrate the shady underbelly of this brave new interconnected world.
Let’s look a little deeper at these changing conflict dynamics and threats and explore how they can be mitigated or at least contained.
Once merely a curiosity, a subject for science fiction, the threat of cyber war is now taken very seriously in capitals around the world. The front pages of Western newspapers feature almost daily reporting on brazen cyber crime and cyber attacks, with political leaders now delivering ominous warnings of cyber doomsday scenarios. Outgoing U.S. Defense Secretary Panetta called a potential cyber attack on U.S. critical infrastructure, a “cyber-Pearl Harbor” as he termed it, as his worst nightmare, which “could be every bit as destructive as 9/11.” There is no shortage of incidents to raise alarm bells, and they are increasing with frequency and intensity. Over the past six months alone, there were over 140 significant cyber attacks on Wall Street firms. In August 2012, a destructive attack on Saudi Arabia’s state oil company destroyed data on over 30,000 systems. According to one estimate, cyber-criminals steal up to US$4 trillion annually, with companies spending up to US$15 trillion to protect their networks. A report in February from IT security firm Mandiant alleged a specialized Chinese military unit was behind the hacking of 141 companies over the last six years. Perhaps most disturbing of all, the Department of Homeland Security reported a 52 percent increase in the number of attacks on critical infrastructure reported to its cybersecurity response team, with 41 percent of those attacks directed against energy suppliers, 15 percent on water providers and 6 percent on nuclear facilities.
Major vulnerabilities in many U.S. critical systems have been discovered through testing in recent years, causing some analysts to believe that a successful attack is just a matter of time.
To date most cyber attacks have followed a Guerilla war style hit and run logic, focusing on destabilizing networks and stealing money and secrets. The capacity certainly exists to undertake more catastrophic assaults. As Panetta told Time Magazine in October 2012
“It is the kind of capability that can basically take down a power grid, take down a water system, take down a transportation system, take down a financial system…We are now in a world in which countries are developing the capability to engage in the kind of attacks that can virtually paralyze a country.”
With this in mind, it is not surprising that the U.S. Intelligence Community’s most recent World Wide Threat Assessment, listed cyber threats at the top of its threat list, ahead of terrorism.
The major dilemma presented by a cyber attack, beyond its potential destructiveness and human cost, is the issue of attribution, determining with certainty the identity of the perpetrator. Unlike the real attack on Pearl Harbor in 1941, cyber warriors don’t wear uniforms or fly flags; they leave no physical evidence. Cyber strikes can be effectively masked or routed through another country’s networks. It is almost impossible to present a viable strategy of deterrence without knowing whom to deter. The list of potential perpetrators is also not limited to states. One world class hacker in the employ of a small state or non-state actor can do as much damage as 100 mediocre hackers in the employ of a superpower; economies of scale don’t provide the same advantage in today’s technology-driven wars as they did in past kinetic conflict.
This has fostered a debate among security strategists on how to address the cyber threat. One response has been to build cyber conflict capacity. The Pentagon has established a Cyber Command. In addition to 917 troops and civilians at the Command headquarters in Maryland (with a budget for FY13 of $191 million), there are more than 11,000 people from all four armed services working on cyber issues in the US military. This will surely help the U.S identify attackers and defend U.S. networks, but how will it deter major attacks? An answer came in March 2013, when the Cyber Command announced that it is fielding 13 offensive cyber teams tasked with deterring destructive cyber attacks against the United States. This seemingly resolved for the U.S. one of the big debates surrounding cyber wars: do you go offensive or defensive? The U.S. has chosen the former. Of course this approach is not exactly novel. The U.S. has all but admitted to creating the Stuxnet computer worm that hobbled Iranian nuclear systems in 2010, a code that has worryingly since been replicated by private hackers. U.S. military commanders have also admitted to deploying offensive cyber weapons against the Taliban in its counter-insurgency campaign.
While the offensive military posture of the U.S. and many other Western countries raises serious questions about the dangers of precipitating war, there are other more worrying schools of thought. There are those who believe that the only credible deterrent to cyber threats is the prospect of a conventional military response, which, considering the concerns of attribution could be a slippery slope to tragedy. Others believe that to confront the cyber threat the U.S. should work not just to secure existing networks but establish tighter restrictions across the Internet, a new regime of security and censorship facilitated by a mushrooming cyber-security military industrial complex that has caused advocates for a free Internet to bristle.
Just like the threat of cyber war, drones have been a topic du jour in the United States for over a year now, due in large part to the enthusiasm of the Obama administration in employing them against terrorist targets in hotspots like Pakistan and Yemen and the furor caused by the U.S. government’s justification of their use against US citizens abroad—and potentially within the U.S.— believed to be collaborating with terrorist organizations. In Pakistan alone, the U.S. has conducted at least 330 drone strikes since 2004, causing roughly 2,200 deaths.
While the use of drones has been commonplace as an intelligence-gathering tool among modern militaries across the world for some time now, the U.S. has been a forerunner in their use as offensive military weapon. But as with most new weapons technologies, that advantage will gradually fade over time as the technology proliferates. A basic Internet search will already yield scores of public websites with instructions on how to construct drones of varying sophistication (see DIY Drones).
The inevitability of offensive drone proliferation—of the U.S. one day losing its technological superiority in the drone race—coupled with the realization that the unpopularity of drones abroad has stoked resentment of the U.S., has prompted some high ranking U.S. military officials like Generals Stanley McChrystal and James E. Cartwright to warn of the potential “blowback” and “unintended consequences” of US overreliance on the weapon. The potential for U.S. drones to be captured and/or hacked, a feat Iran claims to have achieved, could accelerate the ability of states to catch up in the drone race and pose new dangers. Apart from restricting the use of drone strikes by the U.S. and the prospect of establishing an international regulatory regime governing their use—an idea that lacks powerful proponents— there are few good ideas on how to contain this potential threat, to put the genie back in the bottle.
Market Manipulation & Economic Warfare
Intricately linked to the threat of cyber conflict is the prospect of a manufactured economic crisis or economic conflict. The 2008 economic crisis acutely demonstrated how shocks in key parts of the global economy could reverberate globally and cause social, political and economic tumult. The deeply interconnected nature of the global financial system — coupled with the absence of effective international regulatory tools capable of managing increasingly complex and out of control markets — has created new opportunities for provocateurs and states with ill intent to project instability. Recognizing this threat, in 2009 the U.S. Pentagon sponsored a war game on how hostile nations might seek to cripple the U.S. economy. Involved in the game were hedge-fund managers, professors and executives from investment banks. The war game demonstrated the potential of some states, particularly China and Russia, to cause havoc with the U.S. economy. China alone holds $1 trillion in US bond holdings, giving it tremendous leverage. But we have also seen in recent years rogue traders bring down centuries old investment banks and cause losses in the billions of dollars. It is not impossible to imagine that malicious manipulations by non-state group in key sectors of the global economy could cause a chain reaction across the system. Preparing the economy to weather economic storms as seen in 2008 has proven difficult, particularly in the U.S., where calls for regulation of the financial sector have yielded little. Without some tightening of global financial regulations, the system will continue to be prone to economic threats.
In July 2011, the U.S. government released a Transnational Organized Crime strategy. It explained in stark relief how “today’s criminal networks are fluid, striking new alliances with other networks around the world and engaging in a wide range of illicit activities, including cybercrime and providing support for terrorism.” The growing nexus between organized crime, cyber criminals, and militant/terrorist groups has made transnational criminal groups an increasing threat to states and a major driver of conflict and instability. Mexico provides a clear example of the dangers such entities pose. Mexican President Felipe Calderon told the United Nations General Assembly in 2011: “organized crime is killing more people and more youngsters than all the dictatorships put together” More than 70,000 Mexicans have been killed in the country’s Drug War since 2006. According to the World Bank, transnational crime and its accompanying violence have cost Central American states up to eight percent of their gross domestic product.
Having a base in Mexico, the major Mexican cartels have worked assiduously to expand their presence in the United States, the their most important market that yields US $64 billion in profit each year. In 2009-10, Mexican cartels were operating in 1286 U.S. cities, more than five times the number in 2008. The cartels are sending growing numbers of agents into the US and recruiting key local personnel, making them, in the eyes of many U.S. law enforcement personnel, domestic public number one.
In a January 2011 speech, FBI Director Robert Mueller captured the problem of transnational crime and its amorphousness well: “These groups may infiltrate our businesses. They may provide logistical support to hostile foreign powers. They may try to manipulate those at the highest levels of government. Indeed, these so-called ‘iron triangles’ of organized criminals, corrupt government officials, and business leaders pose a significant national security threat.” The scale of the problem of transnational crime, which has been magnified by their embrace of cyber tactics, demands larger and more complex responses. Could we see military intervention in states with major problems with organized crime? We have seen interventions to deprive terrorist groups of sanctuaries, why not organized crime? In some ways Mexican cartels and al-Qaeda aren’t that different, with the exception of motivations, one religious the other profit. The other difference is that in 2013 the cartels are probably far more dangerous.
Technology is changing the nature of warfare, fostering a spatial revolution in conflict. It is not that older, more conventional threats—nuclear proliferation, civil war, state failure and even inter-state war—are gone, but they are gradually being eclipsed by a new wave of technology-driven conflicts and threats. They are more fluid, amorphous, decentralized and disconnected than those of the past. They feature tools that are not limited to the strong but available to a wide variety of state and non-state actors. Just as the nature of conflict is changing, so too must our capability to mitigate it.
While states are awakening to the challenge of these technology-driven conflicts, many would say that the West is still behind the curve in confronting its true scale. After all the budget of the US cyber command could be considered loose change in the overall Pentagon budget. What may be required is a paradigmatic shift in strategic thinking comparable to that which occurred when the world entered the nuclear age. Traditional great power balancing and deterrence thinking are outmoded in this new flat, hyper-polar world in which strong and weak actors, state and non-state, operate on the same playing field. States will be challenged to keep up with evolving threats, which constantly change and adapt. To do so, they may have to consider new approaches, including more sophisticated public-private partnerships with non-traditional civil society actors. There is a need to move beyond, what University of Toronto Professor Ron Diebert calls “traditional top-down, state-centered models of security” which are no longer viable in todays decentralized world.
Just as technology-driven conflicts can be perpetrated by a wide variety of global actors, they have the capacity to threaten and affect wide swathes of society. Like the new wars of the 1990s in the global periphery the techno wars of the early 21st century are notable for their propensity to target people rather than merely combatants, but this time Western populations will no longer be insulated by geography and wealth. Global responses to shifts in conflict dynamics may threaten civil liberties and deeply change the way of life in Western states. States and populations face the challenge of balancing the imperatives of security with the societal costs they may impose.