Technogeopolitics of Militarization and Security in Cyberspace
By
Panayotis Alexander Yannakogeorgos
Graduate School Newark
Rutgers University, The State University of New Jersey
In partial fulfillment of the requirements
For the degree of
Doctor of Philosophy
Graduate Program in Global Affairs
written under the direction of
Dr. Norman Samuels
and approved by
……………………..
……………………..
……………………..
……………………..
Newark, New Jersey
May 2009
© Copyright 2009 Panayotis A. Yannakogeorgos
All Rights Reserved
Abstract
Based on democratic principles that encourage creation and transmission of information and knowledge using information and communication technologies, the Information
Society has become the organizing paradigm for a digital age. Humans residing in digital rich regions of the world rely on cyberspace, the Information Society’s enabling environment, for their business, commerce, education, socialization. Governments and industry are migrating their critical processes into this domain. These trends will intensify as more people realize cyberspace’s utility. However, the promises of the Information
Society may never transpire since there is a lack of trust and security in cyberspace.
These two concepts are the foundation on which the utility of inter networked ICTs, such as the Internet, are built. The increasing rate in the occurrence and sophistication of cybercrimes erodes users’ trust in subscribing to networked services Further the militarization of cyberspace by states as a new domain through which they conduct their operations also presents challenges to the Information Society. Both crime and conflict in cyberspace erode trust in digital networks.
The development of a comprehensive international law for cyberspace is essential to govern state and non state actor behavior in this global commonage. The formation of the World Summit on the Information Society (WSIS) in the early twenty first century marks the first time that state and non state actors convened to develop plans of action to guide the development of in the digital world. This project examines the negotiating positions of the United States, Russia and China in the area of cybersecurity through the lens of technogeopolitics. It is shown how the political and military interests of each
ii
affect their negotiating positions in the WSIS. The methods of content analyses on material from diplomatic archives, participant observation at international conferences and interview surveys of participants at these conferences are used to investigate the reasons why decision are made or not made in the field of international cybersecurity cooperation.
iii
Preface /Acknowledgements
This work grew out of a need identified during my year long tenure as an Adviser for
Greece at the United Nations Security Council in 2006. Sitting in consultations and listening to briefings, one would think that computer network technology had no impact on international peace and security. Generally, when discussions on the topic did occur, the main concern expressed by several states was focused on the question of how Council action might have affect freedom of speech. On these very rare occasions discussion was brief.
This study would not have been possible without the encouragement, advice and support of many people. I am particularly grateful to my thesis director, Norman
Samuels, for his insights on terrorism, and suggestions throughout the course of my research. Professors Yale H. Ferguson, and Richard Langhorne of the Division of Global
Affairs have also been extremely helpful providing insight and inspiration on the topic in during our discussions on the topic.
I am also grateful for having had the opportunity to work with the United Nations staff, and thank Greek Ambassadors Adamantios Vassilakis and Alexandros Rallis for entrusting me with the unique privileges rarely given to a scholar. Mr. Alexandros
Vidouris, Gregory Delavekouras Dr. George Papadatos. On the U.S. side, I am gracious to the insight provided by Ms. Jade Nester, Rhode Island State Senator Leonidas
Raptakis, Rhode Island U.S. Congresman James Langevin and Ms. Kim Casci for their contributions to my research. I am particularly grateful to men and women of whom little
iv
is known, and even less that can be told, who expressed interest in my project and offered invaluable information to guide my research.
The patience and support of Constantine, Evdokia and Ari Yannakogeorgos mean the most.
v
Without fail, a man harms his foes thus: those things that they most dread he discovers, carefully investigates, then inflicts on them.
+ Thucydides, The Peloponnesian War , 6.91.6
vi
Table of Contents
Chapter One Introduction ...... 1
Part One | Cyberspace: the Electromagnetic Wilderness
Chapter Two The Environment of Cyberspace …..26 Chapter Three The Militarization of Cyberspace….. 47 Chapter Four The Athens Affair: The Limitations of Privatized Cybersecurity …82 Chapter Five Al-Qaida and the Taliban’s Misuse of Cyberspace to Circumvent U.N. Counterterrorism Sanctions …..100
Part Two | Negotiating Global Cybersecurity
Chapter Six Information Society Stakeholders …..120 Chapter Seven World Summit on the Information Society ….137 Chapter Nine Promises and Pitfalls of the U.S. National Strategy to Secure Cyberspace …..174 Chapter Ten Conclusion …..219 Bibliography ….225
APPENDICES
Appendix A - Relevant United States Policies ….249 Appendix B Interview-Survey ….271 Appendix C Council of Europe Convention on Cybercrime …..267
Curriculum vitae
vii
viii
List of Figures
Number of Participants at the WSIS ….127 Number of Entities Represented at the WSIS ….142 United States Cybersecurity Federal Chain of Command …..195 United States Federal IT Spending 206
ix
List of Abbreviations
ADAE Authority for the Assurance of LAN Local Area Network Communications Security and Privacy LI Lawful Interception (Greece) MAC Media Access Control protocol B2B Business to Business networks NATO North Atlantic Treaty CALEA Communications Assistance for Organization Law Enforcement Act (United States) OSI Open Systems Interconnection CERT Computer Emergency Response P3 Public Private Partnerships Teams RES Remote control Equipment CTC Counter Terrorism Committee Subsystem (United Nations) RMA Revolution in Military Affairs CTED Counter Terrorism Executive SFITS Federal Information and Directorate (United Nations) Telecommunications System (Russian) DNS Domain Name System SWIFT Society for Worldwide Interbank DOD Department of Defense Financial Transactions ECLAC Economic Commission for TCP/IP Transmision Control Latin America and the Caribbean Protoco/Internet Protocol Suite FAPSI Russian Federal Agency for UNGA United Nations General Government Communications and Assembly Information UNSC United Nations Security Council FTP File Transfer Protocol VNSA Violent Non State Actors GCA Global Cybersecurity Agenda VOIP Voice over Internet Protocol GCC Global Culture of Cybersecurity WEOG Western European and Others GIG Global Information Grid Group HLEG High Level Experts Group WGIG Working Group on Internet ICANN Internet Corporation for Governance Assigned Names and Numbers WSIS World Summit on the Information ICT Information and Communication Society Technologies WWW World Wide Web IIIC International Independent Investigation Commission (United Nations) IMPACT International Multilateral Partnership Against Cyber Threats IMS Interception Management System IMS Interception Management System IP Internet Protocol IR International Relations ISO International Standards Organization ITI IT infrastructures ITU International Telecommunications Union JFCC Joint Functional Component Command
x 1
Chapter One Introduction
Cyberspace is a global commonage that enabling the existence and growth of the digital Information Society that has emerged in the developed world. Information and communication technology (ICT) using the electromagnetic spectrum to network computers are not readily available to all communities. This is considered by the United
Nations and national governments as a serious hindrance to development goals. To resolve this, there exists a worldwide movement to see that no society is left on the wrong side of the digital divide. 1 The establishment of cyberspaces in underdeveloped countries is aided through programs, such as One Laptop Per Child, designed to bridge the digital divide and network the world. 2 The critical issue is not solely how to bridge the digital divide, but how to create e commerce, e learning and e government programs, all of which are important in assuring the development and expansion of an Information
Society. However, in order for any of these programs to achieve their promised potential, cyberspace requires security regulations mandated by national government that are guided by an international law fostering international cooperation to govern global ICT such as the Internet.
Cyberspace is an electromagnetic wilderness. Unlike the other commonages (sea, air and outer space), this environment lacks a comprehensive international treaty
1 John Feather, “Information Rich and Information Poor” in The Information Society: A Study of Continuity and Change, 4 th Edition (London, UK: Facet Publishing, 2004) 111 136. 2 U.N. General Assembly, United Nations Millennium Declaration , Resolution 55/2, 18 September 2000 Also see: Laptop.org "China To Produce Low Cost Computers of Its Own" Xinhua 14March, 2006, NewsEdge Document Number: 200603141477.1_22a40018245f4430. 2 regulating its use. Forging a secure enabling environment for the Information Society requires more than just installing sophisticated hardware and software to secure information systems. The ability to launch attacks in cyberspace from any point on Earth with a degree of anonymity indicates the global nature of the problem. Advanced cybersecurity measures might fluster a computer cracker trying to penetrate a network to steal valuable private information such as credit card numbers. In the case of a successful attack, a knowledgeable attacker will use the current state of cyberanarchy to his or her advantage to avoid discovery. International cooperation is essential to address the global cybersecurity challenge.
As evidenced in negotiations at the United Nations, World Summit for the
Information Society (WSIS) and related conferences and forums, the international community is aware of the need to harmonize domestic laws and create international norms for the governance of cyberspace. However, competing national interests are impeding progress in these efforts. Although much has been written on the need for such a body of law, there are numerous technological and geopolitical challenges to achieving this desired goal.
Misuses of cyberspace by violent non state actors (VNSA), such as organized criminals and terrorists, and the increasing proliferation of strategic information warfare programs amongst militaries have raised awareness of the need to incorporate cybersecurity strategies as part of foreign and security policies. However, legal and technical complexities present challenges to authorities tasked with responding to acts of cyberwar and preventing, identifying and prosecuting perpetrators of cybercrime and cyberterrorism.