An internet era that that started with promise and potential has come to an end. Roughly 30 years after the United States served as the principal catalyst for the creation of the internet, the global network has experienced a profound transformation.
Originally characterized as being open, secure, reliable and largely apolitical, the contemporary internet is now fragmented and distorted, and increasingly manipulated as an instrument of repressive governments, cyber criminals, and a disparate spectrum of malicious actors.
The time has come for American foreign policy to confront this disruptive new reality and implement strategies to help protect our increasingly entwined national security, geopolitical, and economic interests in cyberspace.
THE RUSSIAN CYBER THREAT IS HERE TO STAY AND NATO NEEDS TO UNDERSTAND IT
The internet was launched with a benign and, for some, a utopian vision. It was intended be an engine for innovation, free expression, secure communication, and entrepreneurial creativity.
America is at an inflection point. The risks in cyberspace are growing while incumbent strategies to address an expanding crisis are failing.
The United States largely believed this concept of the internet would be embraced by countries around the world. It was not. In the past seven years, sixty nations have temporarily shut down the internet within their borders more than 900 times.
The internet remains a central backbone for critical civilian infrastructure, the main artery of global digital trade, and an indispensable resource for billions of people around the globe. Yet the dangers of the modern internet are now manifold and undeniable.
Malicious actors have penetrated and exploited social media platforms, launched sophisticated disinformation campaigns, utilized diverse tactics to sway political elections and policy outcomes, engendered violence against vulnerable minorities, fomented toxic forms of civic division, and attacked critical infrastructure including hospitals, schools, energy pipelines, and electrical grids.
AS RUSSIAN CYBERATTACK LOOMS, CYBERSPACE IS '21ST CENTURY BATTLEGROUND': EXPERTS
Cybercrime—ranging from prosaic phishing attacks to highly sophisticated ransomware exploits—is a daily occurrence. In recent years cyber espionage aimed at political and commercial targets has been rampant.
In a widely publicized breach, an estimated 250,000 Microsoft Exchange Servers fell victim to a Chinese hack, and Russian hackers added malicious code to software developed by the company SolarWinds and widely used in the government and private sectors. The hackers targeted Microsoft, Cisco, and Intel as well as the Pentagon, the Department of Homeland Security, the State Department, the Department of Energy, the National Nuclear Security Administration, and the Treasury.
The WannaCry ransomware attack, believed to be the work of North Korean hackers, remains among the most damaging in history. And recently Microsoft reported that since the launch of the war in Ukraine, Russia, with an uneven record of success, has launched 128 network intrusions in 42 countries.
The United States must urgently and imaginatively revisit inherited patterns of ineffectual performance on cyber strategy, an enterprise that must be applied across all dimensions of our government.
Private companies, some based here and in allied countries like Israel, sell sophisticated surveillance technologies that have been used to target opposition politicians and human rights activists.
Exacerbating an accelerating threat, the so-called Internet of Things will connect tens of billions of devices ranging from refrigerators and pacemakers to automobiles and military aircraft. Increased digitization will increase vulnerability, as nearly every aspect of business and statecraft is exposed to disruption, theft, or manipulation.
The United States has struggled to deter or effectively defend against these incursions. Most cyberattacks remain below the threshold for the use of force or armed attack. The effort to identify individual foreign antagonists and impose legal sanctions against them has been a mostly marginal and failed effort.
FBI DISRUPTS RUSSIAN MILITARY HACKERS, PREVENTING BOTNET AMID UKRAINE WAR
America is at an inflection point. The risks in cyberspace are growing while incumbent strategies to address an expanding crisis are failing. Our new bipartisan consensus Task Force report, produced by the Council of Foreign Relations, outlines a new cyber foreign policy that is grounded in reality and is based on three pillars.
First, the United States should consolidate a coalition of allies and friends around a vision of the internet that preserves—to the greatest degree possible—a trusted and protected international communications platform, even if it is limited to participating countries.
Such a cohort of nations would not necessarily be an alliance of democracies but rather agree to a digital architecture promoting the trusted flow of data and embracing transparent international standards. For its part, the U.S. government should adopt a policy on digital privacy that is interoperable with Europe’s General Data Protection Regulation (GDPR).
This coalition of trusted states should build an international cybercrime center, support cyber capacity development in developing economies, and cooperate on technological innovation in sectors critical to offensive and defensive cyber operations.
CLICK HERE TO GET THE OPINION NEWSLETTER
Second, the United States must seek to build a consensus among both its allies and adversaries on limitations to certain cyber operations that are particularly disruptive and destructive, such as attacks on state financial and electoral systems.
Despite the potential difficulties of achieving agreement, America should nonetheless pursue talks with Russia and China to preclude threats to strategic stability posed by cyberattacks on nuclear command and control systems, limiting the risk of misperception and miscalculation among nuclear powers that could lead to catastrophic outcomes.
In addition, the United States and its coalition partners should apply meaningful costs on states that deliberately provide cybercriminal safe havens.
Third, America needs to put its domestic house in order, prioritizing enhanced international digital competitiveness across the various components of its national security strategy. All of the government’s seventeen intelligence agencies should be tasked to enumerate and help to mitigate cybersecurity risks.
Finally, the U.S. government should actively encourage the flow of cybersecurity talent among coalition partners and develop the expertise required to conduct a multifaceted program of U.S. cyber foreign policy.
CLICK HERE TO GET THE FOX NEWS APP
The United States must urgently and imaginatively revisit inherited patterns of ineffectual performance on cyber strategy, an enterprise that must be applied across all dimensions of our government.
Failure to act boldly in response to this seminal twenty-first century challenge will profoundly degrade American national security, geopolitical, and economic interests.
Adam Segal serves as director, and Gordon Goldstein as deputy director of the Council on Foreign Relations-sponsored Independent Task Force on Cybersecurity.