Nation alliances may have once intimidated traditional warfare adversaries, but may now leave more vulnerabilities than security to participating nations. Alliances are contingent on economic and military relationships, diplomatic agreements, and mutual support in times of crisis. This model was effective against traditional warfare, but is uncertain in modern cyber-warfare. Cyber threats represent a major threat to the United States and its allies because countries’ infrastructures are increasingly co-dependent in our globalizing world, cyber threats evolve faster than do the creation and enforcement of cyber policies, and because retaliation efforts on behalf on an ally are hindered by attribution difficulties.
With globalization, the U.S. and its allies are increasingly co-dependent in both economic and military means, leaving them progressively vulnerable to cyber threats. While intra-alliance dependency perhaps fosters diplomatic communication between the U.S. and its allies, it also makes the U.S. more exposed to not only domestic, but also international cyber threats. Estonia’s 2007 denial of service attack that took down banks, police, and the national government epitomizes infrastructure vulnerability to modern cyber threats (O’Neill). A similar attack on an ally could indirectly compromise the U.S.’s national security and economy. For instance, an attacker who infiltrates the U.K.’s banks could then undermine U.S.-U.K. trade and overall economic relationships. Likewise, an attack on South Korea or Germany’s military networks could affect the U.S. who stations thousands of troops there. An attack could also flow the other direction where the U.S.’s economy or military is first targeted to then indirectly affect dependent ally nations. In short, ally relationships and dependencies can foster economic trade and diplomacy, but also leave the U.S. and its allies more vulnerable to cyber threats.
Additionally, U.S. ally relationships are threatened because cyber-attacks often evolve faster than international cyber policies. Cyber operations and methodology is quickly changing and increasingly complex. However, policy making is notoriously slow and often hindered by diplomatic disagreements. In general, cyber security and Internet policies are lacking due to a scholarly void where policymakers do not know about computers and software security. Moreover, “most important tactical maneuvers in cyberspace remain shrouded in secrecy,” meaning policy lags and if created it is typically in response to an already carried-out cyber-attack (Kello, 10). For example, NATO re-evaluated their policies regarding cyber warfare after the Estonia 2007 attacks (O’Neill). According to the initial NATO policies, Article 5 stated that “an assault on one allied country obligates the alliance to attack the aggressor” (Davis). NATO allies were then faced with questions on whether the article’s usage of “attack” included cyber-attacks. Policies can act as a guide for allies under cyber-attack, but to provide a quick cyber defense response they are relatively contingent on being accepted between allies before a cyber-attack. Thus, cyber threats will continue to be a major existential threat to the U.S. and its allies because international policies regarding cyber-attacks are difficult to create and update to rapidly evolving cyber operations.
Finally, cyber threats jeopardize U.S. ally relationships because retaliation efforts on behalf of an ally are hindered by attribution issues. Continuing with the Estonia 2007 example, even if NATO cyber policies were clearly defined prior to the attack, attribution issues left NATO allies unsure of which specific aggressor to retaliate against. IP sourcing and the political-nature of the attack enabled the Estonian Foreign Minister to accuse Russia (O’Neill). However, the attacks were not able to be attributed to a specific person or group with evidence, thus complicating NATO alliance responses. Even if the attribution barrier was overcome, ally nations will face a new policy barrier on determining an appropriate retaliation response to a cyber-attack. Briefly, both identifying and appropriately punishing the aggressor is comparatively more complex in cyberattacks than traditional warfare. Consequently, strong alliances may no longer intimidate aggressors in modern cyber threats as they once did in traditional methods of war. Overall, the attribution problem complicates and threatens US alliances’ traditional roles of support and retaliation.
In conclusion, cyber threats imperil the U.S. and its allies because of vulnerabilities in economic and military dependencies, the lack of intra-alliance cyber policies, and because the attribution problem challenges the traditional role of an ally. Nations must be wary of increasing technical dependency on cross-national economic and military infrastructures. A more expansive trade relationship or combined military between multiple nations may seem powerful, but is also quite vulnerable to attackers targeting multiple countries at once. Likewise, the U.S. and its allies need to reevaluate their policies and protocols for cyber threats, and combine their human capitals of policymakers knowledgeable in cyber security to update current policies. If not, alliances may become the welcomer and not the averter of modern day cyber threats.
Davis, Joshua. “Hackers Take Down the Most Wired Country in Europe.” Wired. Conde Nast, 21 Aug. 2007. Web. 04 Mar. 2017. <https://www.wired.com/2007/08/ff-estonia/>.
Kello, Lucas. “The Meaning of the Cyber Revolution Perils to Theory and Statecraft.”International Security 38.2 (2013): 7-40. President and Fellows of Harvard College and the Massachusetts Institute of Technology, 2013. Web. 4 Mar. 2017.<http://www.belfercenter.org/sites/default/files/files/publication/IS3802_pp007-040.pdf>.
O’Neill, Patrick Howell. “Web War I: The Cyberattack That Changed the World.” The Daily Dot. The Daily Dot, 24 Feb. 2017. Web. 04 Mar. 2017.<https://www.dailydot.com/layer8/web-war-cyberattack-russia-estonia/>.