The diversity of the cyberattacks demonstrated to the incoming Trump administration that it must try to stop any possible attacks, while improving its ability to be pro-active and retaliate
This election season, we witnessed one of the most interesting competitions between two candidates and one of the most surprising electoral outcomes in the last few decades. Together with the international community, everybody in the U.S. witnessed a dramatic transition in the meaning and definition of security. In the previous decade, when candidates discussed their policy proposals about security, issues such as nuclear proliferation and threats from rogue regimes toward the U.S were priorities. More recently after 9/11, the main security concern became international terrorism and the stabilization of failed states. However, in this election, although nuclear proliferation and international terrorism, particularly in the context of Daesh, were debated by the candidates, especially with the hacking of the emails of the Democratic National Convention, one of the main security problems turned out to be cyber security.
During the Obama presidency, we have seen a silent but important shift in the security doctrine of the U.S. First, David Sanger's reporting in regards to "Operation Olympic Games" demonstrated that the U.S. has already started to conduct cyber-warfare against countries, such as Iran's nuclear program. A cyber operation - STuxnet - showed potential outcomes and impacts of cyber capability on the security policy of countries. Around the same time, the Pentagon made cyber space an operational domain and released its first Strategy for Operating in Cyberspace, providing a framework to understand how the U.S. can utilize this new operational realm to enhance security and counter potential challenges.
However, soon after these developments the U.S. security establishment figured out that some other countries were already using this realm in operations against the U.S. In Obama's second term, a debate started concerning Chinese cyber operations against the U.S. In various reports and documents U.S. intelligence agencies emphasized increasing cyber activity from China, including cyber espionage and attempts to steal U.S. technology and intellectual property. A recent report by the U.S.-China Economic and Security Review Commission stated, "The loss of these and other sensitive defense technologies undermines U.S. military superiority by accelerating China's military modernization and giving China insight into the capabilities and operation of U.S. weapons and weapons systems."
While U.S. intelligence agencies were trying to deal with this threat, an attack by North Korea against Sony Pictures Entertainment due to the release of the film "Interview" demonstrated how countries use such capabilities. There were already some signs of the presence of such an operational capability in Pyongyang when in 2013 it organized a comprehensive cyber attack on banks and corporations in South Korea. However, the U.S. faced the real threat when it successfully attacked Sony in 2014.
The real debate about the cyber realm, however, started a few years ago when Edward Snowden sought refuge in Russia. Due to his possession of numerous secrets, his stay in Russia generated major tension between the two countries. However, the real tension started with the hacking of the DNC, revealing emails by Clinton campaign managers during the election season. Although Russia denied these allegations, after the election, U.S. intelligence agencies prepared a report that states that Russia intervened in the 2016 election to "help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system." President Obama in a press conference stated that the U.S. would retaliate, and shortly after expelled 35 Russian diplomats, some of whom were allegedly linked to the hacking of U.S. computer systems. Last week the intelligence community briefed President-elect Donald Trump, who has rejected these allegations from the start and released an unclassified version of their findings for public consumption. Following this briefing President-elect Trump mentioned that Russia is likely behind the cyber attacks against U.S. political parties. In the meantime in their confirmation hearings, both Secretary of State nominee Tillerson and CIA Director nominee Pompeo said they believe Russia is behind the election hackings.
Of course, this is just the start of the cyber issue debate in the U.S. The defensive posture of U.S. cyber strategy proved to have many weaknesses with regards to protecting political institutions, technological corporations and intellectual property rights. Every intelligence agency and many major corporations have been complaining about these cyber attacks. Of course, what we see is probably the tip of the iceberg in terms of American vulnerabilities around the world.
The diversity of the attacks demonstrated for the incoming administration that it must try to stop any possible attacks, while improving its ability to be pro-active and retaliate.
This new policy may expedite and escalate cyber tension among various countries, resulting in further "proliferations" of cyber war. This will definitely pave the way for a new period in conceptualizing and defining security for the U.S. and international cooperation.
About the author
Kılıç Buğra Kanat is Research Director at SETA Foundation at Washington, D.C. He is an assistant professor of Political Science at Penn State University, Erie.