Defence
The Emerging Cyber Bloc Party: Cyber Balkanisation Rears its Head
Are we seeing the emergence of cyber balkanisation? SecureData chief security strategy officer Charl van der Walt thinks so. We’re heading for cyber balkanisation levels not seen since the Cold War, he tells Elliot Gardner. But what are the implications for enterprise security and international relations?
Cyber balkanisation, splinternet, the cyber cold war – whatever you want to call it, the division of the internet into smaller parts due to technological, political, economic or nationalistic agendas is a real prospect.
Fearmongers have questioned the nature of internet freedom for decades but, with high-profile cyber security companies like Kaspersky getting caught in the crossfire between recent Russian and American politics, many are now asking how other companies, and indeed how nation states, can protect themselves from having to fall in line behind the emerging cyber superpowers.
“The idea of cyber balkanisation is something that you see in contrast to an idealised internet that is open and free and accessible by everyone; one that allows uninterrupted and unmonitored direct communication from person to person,” comments SecureData chief security strategy officer Charl van der Walt. “For me, that's the promise that the internet holds, and balkanisation is really the slow degradation of that.
“It isn't a new thing. For example; the vendor that produces your desktop also wants to own your view of the internet as they want to drive traffic to websites that bring them money. When a country censors content online, that’s another example.”
The Kaspersky controversy
Van der Walt has spoken at length of the likelihood of cyber balkanisation following Kaspersky Lab’s tussle with Donald Trump’s US administration last year, but despite the significance of the US government’s ban of the company’s Russian-made antivirus software, he believes the incident only serves as a marker in the wider discussion surrounding balkanisation, turning heads and raising awareness of the role that security plays in the splintering of the internet.
“It doesn't really matter whether Kaspersky was guilty or not – the seed of the question has now been planted,” he says, “and it’s a very logical question for governments to ask 'why are we allowing this level of software to run on government intelligence machines?' The problem with opening this level of Pandora's Box is where does it end?”
If the US government is happy to ban Russian software because of security problems, it stands to reason that Chinese software would follow suit, and therein lies the wider issue; the next step is to begin banning software other than anti-virus protocols, for the ‘protection’ of national infrastructure. When security is used as a motive, the internet has the potential to very quickly become nationalised in a specific country.
“People feel as though the internet is a zone of combat; that they can’t defend themselves from being targeted by the NSA or PLA”
Fortunately van der Walt claims that there are several counterexamples that suggest that a balkanisation-type scenario might be further away than feared.
“A very good example is Huawei in the UK. When the Americans blacklisted Kaspersky, the British followed quite quickly, but when the Americans blacklisted Huawei, the British didn’t,” he explains. “As I understand it, one of the reasons is that the UK has a collaboration programme with the Chinese, so if commercial interests are strong enough, then I think you can counter the issue.
“People feel as though the internet is a zone of combat; that they can’t defend themselves from being targeted by the NSA or PLA. I can imagine the situation degrading quite quickly if we allow ourselves to be manipulated that way, but if sound minds and reasonable people prevail, I don’t think it will happen.”
Enforcing opinions and morals across the globe
Not long after the Kaspersky incident, Noboru Nakatani, executive director of Interpol’s Global Complex for Innovation, commented that balkanisation in the cyber security community was already underway. He said that in reality, criminals work together across borders to share information, but governments and the ‘good people’ don’t.
“I think it’s a very astute statement,” comments van der Walt. “We're fundamentally presented with a situation where the internet trends towards globalisation, but governments and political systems are so inherently nationalised.”
But governments aren’t the only problem. He also raises the issue of private companies operating on an international scale, for example Facebook. Few would argue against the regulation of certain content – such as adult material – and ads on Facebook’s website, but Facebook is used daily by millions of people, and can be a powerful platform for changing public opinion.
“Most people accept that Facebook must be regulated, but the obvious next question is by whom? Whose standards and values and morals do you apply?” he asks. “On the one hand the United States is where they're located and that’s where they pay their taxes, but on the other it is very apparent that Facebook is a global platform.”
Add into the mix that one of the few markets that Facebook has struggled to breach is Russia, where competitor VKontakte is preferred, and you begin to see where issues crop up – if most of the world is moderated to US standards, except for Russian-speaking countries, a natural gulf forms that can span much farther than social media sites.
Protection from the superstates
The obvious question, then, is how can smaller countries possibly hope to protect themselves from having to fall in line behind these emerging cyber superstates? While van der Walt believes there will be outliers, he claims that several countries inevitably won’t have much of a say in their own future, and will be bullied into following another larger nation’s cyber guidelines.
“The bullying can even be commercial,” explains van der Walt. “Say if Microsoft ‘sponsored’ all the universities in Africa and provided all their computers, you’d have a situation where they establish themselves as the base platform everyone knows and uses; before you know it the entire state uses Microsoft ecosystems and other vendors get excluded.”
The scenario is not uncommon, and is a way for a company to integrate itself into a country’s ecosystem. Of course if that company is based in the US, or Russia, or China, the argument could be made that that specific state would have more control over the country using the commercial goods.
“Given the rapid escalation of security countermeasures by the big governments, smaller governments rapidly reach a point where it is unreasonable to expect them to be able to defend themselves anymore.”
There is the counterpoint that economic control might be the protection smaller nations need. An oil-rich nation, for example, would want to keep their markets and vendors open to as many parties as possible, but this economic protection would only really be available to wealthy countries that can afford to be on both sides of the fence, certainly not developing nations.
“Another form of bullying is in the area of security,” says van der Walt. “Given the rapid escalation of security countermeasures by the big governments, smaller governments rapidly reach a point where it is unreasonable to expect them to be able to defend themselves anymore.”
In other words, because of the constant development of cybersecurity and increasing sophistication of attacks within the larger blocs, it quickly becomes infeasible for smaller countries to defend their computer systems.
“If you're a smaller developing country, you have a couple of choices. You can try and salvage your IT, but in doing that you have to make a platform choice, and whichever platform choice you make, effectively puts you under the control of that country. Or you just leave it as it is, and expect that larger nation-states just have control over your IT, and let the strongest player win.”
Of course in either scenario, that country is subject to the whims of larger players.
Conventional warfare: the future is digital
The term ‘cyber cold war’ is becoming increasingly relevant. While most areas of the cyber balkanisation discussion involve some discussion of conflict, the most direct comparison with post-war political tension comes from the military implications of modern-day cybersecurity.
Cyber warfare has become increasingly ingrained in conventional warfare, so a splintering of the internet is inevitably going to have a detrimental effect on geopolitical military tensions.
“Military strategists actually need to think ahead of political strategy and start planning for when military cyber capabilities are going to be needed,” says van der Walt.
“Military strategists actually need to think ahead of political strategy and start planning for when military cyber capabilities are going to be needed.”
What this means is that, similar to the philosophy of ‘preparing the battlefield’, we should assume that at any given time any nation’s cybersecurity system is being tested for flaws and information that could give useful information to attackers, or defenders.
Van der Walt frames the situation as expecting that “all cyber superpowers are engaging in this activity, which presents smaller or developing nation-states with a challenge.
“As recent history and basic logic clearly shows, for a nation-state that does not have the skill, finance or other resources required to secure and control the hardware and software it uses all the way from the up, it is effectively impossible to protect itself from the offensive operations of more capable nations.”
These nation states are therefore forced to choose the lesser of several evils - an adage that aptly sums up cyber balkanisation as a whole. While we can hope that “sound minds and reasonable people” prevail, and attempt to not be drawn in by rhetoric from governments and hyperbolic media coverage, in the end countries and companies may well find themselves desperately trying to find the path of least resistance.