24Dec16
GlobalSecurityinCrisis:
TheDeepeningCracksintheRulesBasedInternationalOrder,theRiseof
RadicalIslam,theCyberThreat,andFalteringglobalization
SummaryandFindings
"ClearlyNATOhasneverbeenmorerelevant,butithasneverbeenmorechallengedbythreatsthat
aremoredangerousthaneverinitshistory.ThekeycomponentoftheAlliance—mutualtrustand
confidence—needstoberestored.YetIamnotconfidentitwillbe.Thenextsixmonths
willbecriticalforboththeAllianceandtheUnitedStatesofAmerica."
-GeneralGeorgeJoulwan,USA(Ret.),11thSupremeAlliedCommander,Europe(SACEUR)
Finding1.Globalsecurityisundergoingconcurrentdisruptionsthatarecreatingdeepanddangerous
cracksintheinternationalorder.
Brexit,thesurprisingtriumphofDonaldTrump,thedefeatoftheItalianreferendum,andtheriseoffar-right
politicalgroupssuggestthatdeepcracksareopeningupintheinternationalsecuritysystem,partlyduetothe
rejectionofglobalization’sundesirablesideeffects(growinginequality,austeritypolicies,andrefugeeflows);
spreadingterrorismfueledbythestrictSalafist/WahhabistbrandsofIslamandnewinternetandother
technologiesthatamplifytheseforces.ThesedisruptionswillbeexploitedbyRussiaandotherstateactors,by
terrorists,andbycriminalgroups.
Finding2.Oneoftheseriousdisruptionsistheextraordinaryvulnerabilitytocyberattacksofmost
organizations—includingmultinationalcorporations,governments,andinternationalorganizationslike
NATOortheEU.Allofthemmustsignificantlyincreasetheresourcesallocatedtocyberdefensesandtake
newapproachestoimproveoverallcyberresilience—orfacetheconsequences.
Thereisanextreme“lackofcybermaturity”withinmostofthelargestinternationalcorporations,governments,
andotherorganizations.”Consequently,eventhelargestcorporategiants—CocaCola,Exxon,Boeing,or
Volkswagen—orgovernmentsareatrisk.
Sogreataretheweaknessesthat“thereneedstobeanincreaseoffully100to150%incyberresources—to
effectivelyrecruit,retrain,andultimatelyretainthemosttalentedengineers”todealwiththesedangerous
vulnerabilitiesandimproveorganizationalcyberreadiness.Criticalcapabilityimprovementprioritiesinclude
(1)addressingsystemicapplicationvulnerabilities(2)improvingbreachdetectionandresponseand(3)
reducingsecuritysystemcomplexities.
Finding3.AccordingtosecretCIAassessments,RussiaisbelievedtohaveintervenedintheU.S.
PresidentialElectioncampaignwithamassivecyberinfluenceoperationandultimatelysawitspreferred
candidate,DonaldTrump,triumphasthePresident-elect.1
Withanintensiveandhighlyeffectivecyberinfluenceoperation,Russiaisbelievedtohavetargetedthe
DemocraticNationalCommittee(DNC).TheattacksucceededinobtainingemailsofHillaryClinton’s
presidentialcampaign,whichwerereleasedthroughWikiLeaks.Sincetheelectionwasclose—withHillary
Clintonactuallywinningthepopularvotewithanearly3millionvotemargin,Russiaappearstohavebeen
influentialintippingtheraceinfavorofitspreferredcandidate,DonaldTrump.
“SecretCIAassessmentsaysRussiawastryingtohelpTrumpwinWhiteHouse.”Entous,Adam,Nakashima,Ellen,andMiller,Greg.
WashingtonPost,10Dec2016.Pg.1.
1
Tellingly,theelectiondoesnotseemtohavebeendecidedbythesubstanceofthematerialsreleasedbyRussian
hackinggroupsbutinsteadbythe"unrelentingdripfeedofemailleaks…noneofthemcontainedanydamningor
evenfaintlycompromisingmaterial…[but]theconstantflowandtheFBIinterventionitprovokedcreatedthe
impressionthattherewassomethingmurkyandsuspicious.”Worse,“fakenews”ontheelectionswere
amplifiedbyFacebookandGooglealgorithmsaswellastweetsfromTrumpsupporterstoreachmillionsof
votersinthefinaldaysofthecampaign.
Finding4.IftheCIA’sattributioniscorrect,RussianinterventionintheU.S.election2mayhavebeenoneof
themostseriouscyberinfluenceoperationseverconducted,sinceitunderminedtrustinelectoral
processes.The2017FrenchandGermanelectionsfacerisksofdisruptionaswell.
TheRussianhackingshouldbetakenasanurgentwarningtotheinternationalcommunity—especiallysince
RussiaiswidelybelievedtohaveinfluencedtheBrexitvoteintheUKaswellasregionalelectionsinGermany.It
iscurrentlywieldinginfluenceintheFrenchPresidentialelection,whereaRussianbankisfinancingthe
campaignofMarineLePen—and“iftheUScouldn'tstoptheinterference,doEuropeanStateshaveanychance
ofpreventingasimilarattack/intervention?”
Finding5.AstheirCaliphateweakens,ISIS/Daeshwillneedtofindnewwaystomountterroristattacks.
Organizedgroupsofcybercriminals(cybermercenaries)andIslamicterroristgroupssuchasISIS/Daesh
mayeventuallycometogethertocreateviolentcyberattacks.
Todealwiththisdanger,“weneedacoalitionofgovernments,privatecitizens,internetserviceproviders,
informationtechnologycompanies,andNGOstocombattheuseofthewebbyterroristsandJihadists.”
Therearereasonsforgreatconcern:“mafias,linkedtoorganizedcrime—andsometimesevenprotectedby
states,havethemeanstoexecuteextremelyviolentattacks.”AndterroristgroupssuchasISIS/Daeshhave
wealthySalafist/Wahhabistsupporterswhowanttospreadterroristattacks.Consequently,theprobabilitythat
cybermercenariesandtheseterroristgroups“willcometogether,iftheyhavenotdonesoalready,isevidently
extremelyhigh.”
Finding6.DealingwithISIS/DaeshrequiresrecognizingthattheenemyisSalafistjihadismthatseeks
globalsupremacythroughthereplacementofWesterninfluencesbyaCaliphateandtheuseofviolence.
Yet,mostgovernmentscurrentlyprioritizethefinancialbenefitsofstrongrelationshipswiththeoil-rich
GulfStatesthatcontinuetofundradicalIslam.3
Mostgovernmentsandlargeinternationalorganizationsarereluctanttoattributethespreadingterrorist
attacksto“radicalIslam,”“politicalIslam,”“Salafism,”or“Wahhabism.”Andtheytakegreatpainstonotmention
thefinancialsourcesfortheseterroristactivitiesintheGulfStates(Kuwait,Qatar,orSaudiArabia).Accordingto
abroadconsensusthathasheldfordecades,itispreferabletoacceptthespreadofSalafismratherthanrisk
losinginvestmentsfromwealthyoil-richcountriesoraccesstotheirarmaments,civilaviation,infrastructure,or
othermarkets.
Nonetheless,wemaybewitnessingaseachange—withpoliticalfiguresrangingfromtheleadingPresidential
candidateinFrance,FrançoisFillon,toDonaldTrumpproposingextrememeasurestostopthespreadofradical
Islamintheircountries.
Finding7.Whilepublicoppositiontotradeagreements(TTIP,TISA,NAFTA)appearstobeakeyfactor
behindBrexitandotherongoingpoliticalupheavals,someprovisionsofthesetreatiesmayalsohave
unexpectedcybersecurityconsequences:theymaylimitorevenblocktheabilityofcountriestoimpose
certainvitalcybersecuritystandardsthatwillprotecttheircitizens.
Thecybersecurityimplicationsofso-calledtradeagreementslikeTTIP,TISA,orNAFTAarenotwellknown.
Willtheinvestorprotectionprovisionsofsuchagreementslimitorblocktheabilityofcountriestoimposecyber
securitystandardssuchasthosethatANSSIconsiderstobevitalinFrance?Willtheypreventcountriesfrom
imposinglocalizationrequirementssothatcertaincriticaldatacanremainwithintheirnationalborders?
“ThePerfectWeapon:HowRussianCyberpowerInvadedtheU.S.”Lipton,Eric,Sanger,DavidE.,andShane,Scott.NewYorkTimes.Pg1.
Dec.13,2016Isthisthe“CyberPearlHarbor”ofwhichSecretaryofDefenseLeonPanettawarnedin2012?
2
Suchapproachescanbelikenedtotheidiomsof“runningwiththehareandhuntingwiththehounds”or“ménagerlachèvreetlechou”
(accommodatingboththegoatandthecabbage).
3
Finding8.TheexponentialgrowthoftheInternetofThings(IoT)—headedtoward50billionconnected
devices—opensupvastvulnerabilitiesthatrangefromcybercrimetocyberattacksoncritical
infrastructure.(AMiraimalwareattackrecentlyexploited100,000poorlyprotecteddevicesincluding
surveillancecamerasinordertotakedownaportionoftheinternet.)
SincetheMiraimalwarewasabletogenerateamassive1terrabyteperseconddistributeddenialofservice
attack(DDoS)using100,000internet-connectedsecuritycameras,a10terrabytepersecondattackcannotbe
toofarbehind.Andevenlargeattackscouldcomelater,potentiallytakingdownalargesectionoftheinternet
backbone.AMiraibotnetcanberentedbyanyofusfor7,500eurosaweek,andtheavailabilityofa400,000
devicebotnetisalreadybeingtoutedonthedarkweb.
Finding9.Governmentscannolongerrelyonmarketforcestoprotecttheirsocieties.Thisapproachhas
failed.Instead,governmentsandindustrymustworktogethertodevelopstandardsthatwillprotectthe
internetandtheircitizensfromevenlargerattacks.Asfortheterroristthreat,itmayrequirecoordinated
actionbyNATO,theEU,ortheUN.
Inordertoinvolveeveryoneincybersecurity,everycountryneeds“alargescalecybercampaign,bothin
schoolsandthepublicarena”and,tomakethispossible,ahighlyvisiblegovernmentministerresponsiblefor
cyber.Cyberprogramsareneedednotjustforschoolsandthepublic,buttotraintensofthousandsofcyber
professionals.Shouldtherighttousetheinternetdependonpassingatestsimilartoadriver’slicenseexam?
Finding10.Whatmattersmostarethesocial,economic,andpoliticalimpactsonoursocieties—ahospital
patientwhoseoperationisblocked,atelecomcompanythatlosesover100,000customersafteracyber
attack,acountrylikeUkrainewhoseelectricalgridisshutdown,oracountrylikeGermanythatreportsa
lossofmorethan1%ofGDPtocyberattacks.And,now,perhapsforthefirsttime,citizensintheU.S.are
losingtrustintheirgovernmentsbecauseanothercountryisreportedtohaveinterferedinitselections.
Post-workshopnote.Theabovefindingsdonotaccountforcertaininfluencesthatwerenotfullyunderstoodatthe
timeoftheworkshop—suchastheroleof“fakenews”inelectionsandreferendums,ortheharmfuleffectsofsocial
mediainacceleratingtheirspread.Strategieswillbeneededtocurbtheireffectsbeforeothercountriesare
harmed.
Preparedby:
RogerWeissinger-Baylon,Ph.D.,
WorkshopChairmanandFounder;Director,CenterforStrategicDecisionResearch
Email:[email protected]:https://www.csdr.org
The33rdInternationalWorkshoponGlobalSecurityispresentedbyCenterforStrategicDecisionResearch
(CSDR)andInstitutdeshautesétudesdedéfensenationale(IHEDN),withthesponsorshipofthefollowing
governmentsandorganizations:
MAJORSPONSORS
ASSOCIATESPONSORS
ACKNOWLEDGEMENTSTOPASTHOSTANDSPONSORGOVERNMENTS CzechRepublic
KingdomofDenmark
FederalRepublicofGermany
RepublicofHungary
RepublicofPortugal
MinistryofDefenseofAustria
MinistryofDefenseofFrance
MinistryofDefenseofItaly
KingdomoftheNetherlands
MinistryofDefenseofTurkey
KingdomofNorway
CanadianArmedForces
RepublicofGreece
RussianFederation’sMinistryofIndustry,Science&Technology
RepublicofPoland