The Lexical Challenge of Cyber-War

The online version of The Economist recently hosted a three-day online debate entitled ‘Cyber-Warfare: Is the risk of cyber-warfare overrated?‘. The event pitted King’s College London’s foremost expert on e-conflict Dr. Thomas Rid against Richard Bejtlich, Chief Security Officer of the digital security firm heavyweight Mandiant. While the former defends his position against the existence of cyber-warfare as such in today’s world (a stance he further elucidates upon in his recently-released and appropriately titled Cyber War Will Not Take Place), Mr. Bajtlich contends that the lack of a singular, monolithic, and universal definition of ‘warfare’ means that cyber-attacks, and the threat they represent, are nothing short of a ‘historical reality’. [1.  http://www.economist.com/debate/days/view/997 ]

There is little doubt that we’re on the precipice of a brave new world in regards to the level of priority assigned to digital information security within the defence and security industries. The debate moderator, Edward Lucas, refers to the spectre of a ‘digital Pearl Harbour’ (sic). Despite his lack of any real clairvoyance, it would be dangerous to dismiss this suggestion as unrealistic. As noted by Mr. Lucas, the increasing sophistication of our globalised and networked society brings with it an equally disconcerting level of vulnerability. In the same way that the events of 11 September were required to incite re-examination as to the state of Western defence preparedness, it wouldn’t be unreasonable to assume that the World Trade Centers have a digital counterpart floating about somewhere in cyberspace. A significant portion of the reason that our current definition of cyber-warfare is so loosely defined comes from the fact that we lack any sort of precedent from which to draw reference.

cyber war toys
This may not have been what they had in mind. (Tech Week Europe)

However, as Mr. Rid noted in discussing the threat of digital sabotage, this line of thinking may not be warranted at all. While today’s intelligence may come in 140 characters or less from a battlefield that ends in .com, the advent of the internet and its popularization merely marked a new chapter in the history of (counter-) espionage. He explains that the World Wide Web is simply a new setting in which the traditional clash between intelligence and counter-intelligence efforts will play out. In his efforts to de-mystify the idea of cyber-war and return it to its rightful place, Rid explains that:

Soon it may be time to drop the “cyber” and call a spade a spade: espionage, plain and simple.

Mr. Bejtlich, however, rejects his opponent’s claim that warfare, as a concept, is inherently limited to characterising cases involving physical, violent, and ‘kinetic’ real-world repercussions. He instead embraces a more ‘holistic’ and ‘Eastern’ approach to defining war. He claims that the ambiguity surrounding the term ‘cyber-warfare’ contributes to the risk being ‘misunderstood, not overrated’, and that the entrance of cyber-war to the scene is reason to expand upon the aforementioned conventional Western definition. In completing his pivot to the East, Bejtlich highlights the disparity between Chinese and American conceptions as to the reality of the contemporary ‘digital arms race’. He explains that:

China’s awe at America’s “soft power” leads experts to conclude that China believes it is fighting a cyberwar with America now, and that America is the aggressor because of its cultural and media power alone.

The dichotomy between Eastern and Western conceptions of war seem to drive a significant portion of this debate. Again, the divide that appears between the two ‘schools’ (though they are hardly monolithic) is nothing new. Since its arrival in the West, scholars, strategists, and businessmen have combed through every page of Sun Tzu’s perennial treatise The Art of War for hidden gems that would give them unique insight into strategic thinking. While the knowledge contained in this particular work has long since become ubiquitous, the emergence of the cyber-threat (and, especially, China’s public enthusiasm towards cyber-preparedness) has re-emphasised the more general need to acknowledge diverse and un-orthodox conceptions of what constitutes war and how to think about. We’ve seen this occur with the explosion of more conventional counter-terrorist considerations in the wake of 9/11 and 7/7, and I believe the digital threat will bring a similarly inevitable need to re-prioritise. With the increasing frequency of episodes like that of the Stuxnet ‘worm’, which have demonstrated the willingness of Western governments to match China’s apparent investment in what may well be the future face of intergovernmental conflict, it’s plain to see that, regardless of the terminology used, the era of digital conflict is upon us.[2.  http://www.bbc.co.uk/news/technology-12465688 ]

What strikes me as the most interesting take-away from the Economist debate is the importance of lexicon. As the moderator has astutely observed, a large number of the contentions have spawned from linguistic disagreements. The ‘militarisation’ of the debate, which nearly single-handedly dictates represented therein, is highly contingent upon the language and media profile we bestow upon the issue. As a society, the ‘width’ of our definition of warfare has an enormous impact on how we perceive threat. The recent success of American ‘Honeypots’ (decoys target created for the purpose of detecting and analysing sources of cyber-attacks), appear to have justified previous allegations of the Chinese Army’s involvement in digital sabotage that spurred President Obama into signing a February 2013 Executive Order entitled ‘Executive Order — Improving Critical Infrastructure Cybersecurity’. [3.  http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity] As more and more legislation is formulated in Washington and other capitals across the globe, it has become increasingly essential to familiarise the public with the reality of the threat in order to avoid overzealous policy that follows in the wake of ignorance, fear, and hyperbole.

Returning to the debate for a moment, in his concluding review moderator Edward Lucas remarks:

I am glad we moved away from the questions of semantics. These are important, but the real question is what actions we take, not what words we use to describe them.

This is a sentiment that I couldn’t possible agree with any less. In my opinion, semantics and the use of precise language occupy a space at the core of the debate over cyber-terrorism and cyber-warfare. The fact that we are continuing to struggle in producing a singular definition for concepts like ‘terrorism’ and ‘cyber-crime’ functions only to increase the importance of which words we use to frame the dialogue. It would seem as though Dr. Rid’s concluding remarks concur.

Is the risk of cyberwar overrated? The answer, as several readers have pointed out, indeed hinges on terminology. But the argument—talk of cyberwar is wrong—is not just semantic. Language matters. Language frames ideas. And ideas are powerful: ideas determine how we see the problem, what we do to solve it, who we think should be in charge, and how governments spend taxpayers’ money.

The emergence of cyber-warfare will popularise a whole new array of household vocabulary. Buzzwords like ‘viruses’, ‘worms’, ‘trojans’, and other techno-jargon have the potential to become much more than words parents use to dissuade their children from clicking pop-up advertisements. I wouldn’t be surprised to see a smattering of 21st century Wargames-esque films or the post-Craig James Bond wielding a threatening micro-SD chip in a theatre near you. The age of digital e-terrorism is approaching, ‘Pearl Harbour moment’ or not.  You can bet on seeing a copy of Sun Tzu’s Art of Cyber-War grace the shelves of bookshops everywhere in the near future.

As Dr. Rid has indicated, the importance of language to the debate is central and unavoidable. In our post-Iraq invasion world, we  quite simply can not afford to allow sensationalism and cherry-picked intelligence to drive political decision-making and public opinion. The rhetoric that academics, politicians, and ‘experts’ use to engage the public discourse not only colours popular perceptions of the issue, but can often quite literally define it. This is exactly why the debate over the vocabulary we use in discussing cyber-war, cyber-crime, and cyber-terrorism is not simply an issue of semantics.

The Future of File Sharing

As a life-long nerd, I’ve followed the development of online piracy and the ensuing industry backlash since the days of Napster (which, I might add, was developed by Shawn Fanning, a high-profile dropout of my alma mater, Northeastern University). The advent of publicly-available, affordable, and easily-accessible broadband internet and the introduction of file-sharing software to the mainstream user have ushered in a new realm of intellectual property challenges. The spectre of widespread online piracy has emerged as a  thorn in the side of entertainment and legal entities worldwide.

On the more aggressive end of the prosecution spectrum, you find agencies such as the American Department of Homeland Security’s Intellectual Property Rights Center (DHS IPR) and its long list of partner agencies. [1. http://www.iprcenter.gov/ ] Among the  DHS’ most visible ties are those to the Recording Industry Association of America (RIAA), which is most notorious for its string of hawkish and costly lawsuits  throughout the mid-2000s. The series of lawsuits emptied their pockets to the tune of $64,000,000 over a three year period, while only to returning a paltry $1,500,000 in damages ($1.5 for every $64 spent), [2. http://www.techdirt.com/articles/20100713/17400810200.shtml] and pursuing legal action against high school cheerleaders (after labelling them ‘vexacious’ after not agreeing to settle for $200 per song). [3. http://www.wired.com/threatlevel/2008/10/riaa-decries-te] For a comprehensive look at the RIAA’s legal crusade between 2003 and 2008, check out RIAA v. The People: Five Years Later on the Electronic Frontier Foundation’s website.

Das tut uns leid.
Das tut uns leid.

Obtuse and heavy-handed copyright enforcement hasn’t been limited to the sue-happy legal culture of America, though. An honorable mention goes out to the German Gesellschaft für musikalische Aufführungs-und mechanische Vervielfältigungsrechte (GEMA), which takes its duties as seriously as its name scheme would suggest. If you’ve ever lived or travelled in Deutschland, I’m sure you will have been made intimately familiar with the preceding image. They have been accused for single-handedly putting Germany back into the ‘digital dark ages’ by making an obscene proportion of Youtube videos unavailable to the general public. [4. http://www.thelocal.de/sci-tech/20130130-47633.html]

The entertainment faces a significant reshuffling with the dawn of quickly accessible online content. No longer are the industry’s middle men be able to extort exorbitant fees for an obsolete service. Equally, rights-holding companies will be less empowered to use the technical limitations of media ‘artifacts’ (i.e. CDs, DVDs, etc.) to maximise profits and resist technological progress until it is economic convenient. As a result, a series of comically absurd anti-piracy advertisements have been produced, as seen below.

…as well as the Motion Picture Association’s much-lampooned ‘Piracy, It’s a Crime’ campaign.

The notion that motor vehicle theft and downloading unlicensed media exist in the same legal realm is rather absurd. While the circumvention of legal avenues for  acquiring media is at best a snub of the social contract and by no means something that should be encouraged or perpetuated, nor is it something that can be effectively advocated on ethical grounds, the knee-jerk reaction that ‘piracy is bad for the entertainment industry’ may not be as cut-and-dry as it initially appears.

Allegations of lost profits made by the various trade associations (and government agencies on their behalf) fail to take into account the reticence of the industry to accept the new order that began with the modern internet. As peer-to-peer networks have demonstrated, there is absolutely no need to provide the consumer with physical media any longer. To claim that this has no impact on the products final cost is rather absurd. I would argue that media is now much more susceptible to legitimate market forces, as consumers are now able to obtain the film or album in an illegal manner with little to no additional effort. Compounding things is the fact that the entertainment industry’s attempt to halt technological progress with the invention of the DVD, it’s not only becoming easier to acquire things illegally, but you’re often left with an equally high-quality piece of media without having to first invest in expensive and superfluous ‘flavor-of-the-month’ hardware with which to play the media. Ironically, those who choose to view the media illegally also avoid the un-fast-forward-able anti-piracy messages that plague the first thirty seconds of DVD offerings.

Unfortunately for the profit margins of the media conglomerates up in arms with the common downloader, there is mounting evidence to suggest that piracy does very little to erode the sales of popular media. The wildly popular HBO-adaptation of George R. R. Martin’s Game of Thrones series was recently revealed to have made back-to-back claims to the title of most frequently illegally downloaded television series, (even if the most conservative figures are consulted) with about 5.2 million ‘pirates’ compared to 5.5 million network viewers.[5. http://mashable.com/2013/06/24/game-of-thrones-most-pirated/ ] What’s interesting, however, is that Season 2 of the show has thus-far topped Amazon.com’s Best-Sellers list for television shows in 2013. [6. http://phx.corporate-ir.net/phoenix.zhtml?c=176060&p=RssLanding&cat=news&id=1838005 ]

Other evidence has appeared through events like comedian Louis C.K.’s experimental release of a self-produced release, entitled Live at the Beacon Theater, which was distributed independently via his website in late 2011. In avoiding the traditional channels of diffusion (namely broadcast and physical media), C.K. provided fans with the performance for a fraction of the traditional price. Wrapped up in a few sincere words from the comedian himself that reiterate his belief that a strengthened fan-artist relationship and reasonable pricing scheme deter piracy, the consumer was provided with access to multiple digital downloads and an online streaming version of the performance free of any sort of annoying digital rights management (DRM) schemes for a mere $5. As a result, the comedian accrued over $1,000,000 in sales in only twelve days (of which $280,000,000, arguably a conservative estimation of the amount that would have been claimed by a production company, went to charity) .[7. https://buy.louisck.net/news/another-statement-from-louis-c-k]

What’s the point of all of this? You certainly don’t have to declare yourself a fan of illegal downloading to participate in the ongoing dialogue regarding the evolution of intellectual property, the entertainment industry, and most importantly, the willingness of governments to devote valuable resources to the prosecution of those who choosing to commit illegal acts that have been demonstrated to have little consequence on society at large. It’s at this point that parallels can be drawn to the failed War on Drugs. In the same way that one can support the redirection of government funding and energy away from the futile and destructive battle against illicit drugs without actually supporting their use or taking them personally, it’s possible to speak out against government subservience to legal teams of the entertainment industry and the conscious effort to impede technological progress and the benefit that it brings consumers without actually participating in the activities yourself.

While the moral and ethical arguments against the infringement of intellectual freedom touted by prominent actors such as Kim Dot Com (of Megaupload fame), the Pirate’s Bay trio (Gottfrid Svartholm, Peter Sunde, and Fredrik Neijj) [8. TPB AFK: The Pirate Bay Away From Keyboard, a documentary about the three founders of the Swedish file sharing monolith can be found at http://www.youtube.com/watch?v=eTOKXCEwo_8], and Anonymous can be difficult for the average internet user to identify with, they do not detract from the importance of the larger debate. The recent mass-market appearance of technology like the 3D Printer only increased the stakes of this debate, as the nexus of file-sharing and intellectual property will involve an even more immediate assortment of real-life consequences. The new ground being broken by today’s legal debates has the potential to set a series of precedents for years to come.

How will the issue change when the average citizen can download the plans to ‘print’ an assault rifle? In what ways, legally-speaking, will that data be treated differently from a unpurchased film? While we have the distinct generational privilege of witnessing the debate unfold in front of our eyes, I’m optimistic that our children’s children will be able to watch it online, instead of buying the DVD.