strategy

Strife Series on Cyberwarfare and State Perspectives: Strategic effectiveness in Cyberspace – Introduction

July 10, 2018 by Strife Staff

By Shivali Bhatt

Over the past couple of decades, the world has witnessed an unstoppable and almost inevitable rise in cyber-attacks and acts of digital warfare. Just over ten years ago, the Israeli government successfully disarmed the Syrian air defence system near a nuclear facility, allowing it to destroy the base without having to deal with the Syrians putting up a fight. This event marked a critical turning point for state warfare, as it exemplified the way in which cyberspace and digital technology can become an accessory to broader military strategy. A few years later, a joint built American/Israeli cyberweapon, also known as Stuxnet, unleashed havoc in Iran and a few other countries. This highly sophisticated attack not only managed to infiltrate a significant portion of cyberspace and thousands of computers but is believed to be an explanatory factor behind the rate at which states have been investing in, and advancing, their cyber capabilities.

Today, over two hundred thousand samples of malware get launched daily, and states are participating in a ‘cyber arms race’ or ‘technology arms race’. States, especially like the United States and China, are competing to acquire military edge by investing and developing skills in innovative technology, like artificial intelligence [1]. One of the main reasons behind the significant interest in technological superiority is because the rules to the global politics and warfare are changing. The instrument of cyberwarfare has and continues to become one of the most highly regarded domains for political strategy, yet each state has a different perspective and reality in this evolving context.

Therefore, the purpose of this series is to shed light on the perspectives of states, all of which possess varying cultural, geopolitical and economic contexts. A significant narrative today is how cyberwarfare and generally cyberspace are changing the balance of power in the international system. However, these arguments present themselves in the absence of critical analysis, which helps contextualise the reality and trajectory of modern cyberwarfare. The states examined in this series engage with cyberspace in different ways; at times, can be conceptualised by a set of underlying factors. They offer the reader a compelling contrast, and hopefully shall help them understand the scope for further discussion and research on the extent to which cyberwarfare is strategically effective.

In the first article, PhD researcher Andreas Haggman analyses the cyber capabilities of two ‘medium’ powers, Australia and Sweden. He identifies how they enhance their existing traditional military strategies, placing greater emphasis on the relevance of geopolitical context.

In the second article, PhD researcher Amy Ertan examines the strategic value of ‘false flags’ in a context of state-led cyberwarfare, using Russia as a critical case study. She analyses how geopolitics can act as a catalyst for those states faced with the problem of attribution.

In the final piece, Shivali Bhatt approaches the domain of cyberwarfare through the lens worn by American policymakers and critiques current narratives circulating in popular media and also specific academic communities today. Her lines of argument emphasise the underlying factors that in the case of the United States, increase strategic leverage.

We hope this series offers readers a greater insight into state perspectives on cyberwarfare and critical understanding of the domain’s strategic effectiveness.

Thanks for reading!

Shivali is currently pursuing her MA Intelligence and International Security at Department of War Studies, King’s College London. She is also a Series Editor at Strife, as well as a Creative Writer at cybersecurity startup PixelPin, where she contributes articles on ‘Thought Leadership’, encouraging readers to approach security issues through innovative means. Prior to that, she spent some time in Hong Kong under the InvestHK and EntrepreneurHK organisations, engaging with the cybersecurity and tech scene on the East Coast. Her core research interests include modern warfare and contemporary challenges, cybersecurity, and strategic policy analysis. You can follow her on @shivalixb

Strife Series on United Nations Peacekeeping, Part V – The Future of UN Peacekeeping Operations

April 17, 2018 by Strife Staff

By Felix Manig

UN Unmanned/Unarmed Aerial Vehicle (UAV) is prepared for take-off (Credit Image: UN Dispatch)

The nature of conflict is changing and so must UN peace operations if they are to remain an indispensable and effective tool in promoting international peace and security. What then UN Secretary-General Ban Ki Moon stated in 2014 echoes even louder today, given the ever more politically complex and high-risk environments UN peacekeepers operate in. While there is no one-size-fits-all peace operation, adopting a number of priorities can help all UN missions to move toward necessary reform. The future peacekeeping architecture should build on strategic and regional partnerships, strengthen conflict prevention capacities and harness emerging technologies to effectively sustain peace in the twenty-first century.

Strategic and Regional Partnerships

A key challenge for UN Peacekeeping Operations (UNPKOs) is to compel states with more advanced military capabilities and technical expertise to contribute more meaningfully to missions in the future. Perhaps the most promising path for this lies in building on the strategic partnership with the European Union (EU), which vowed to cooperate more closely with the UN on peacekeeping and crisis management. The EU is uniquely qualified to aid the UN in capacity building for the maintenance of international peace and security, especially in complex operations for which regular troop contributing countries are ill-equipped. In fact, EU member states collectively represent the largest financial contributor to UNPKOs and UN peace operations also address key EU foreign and security policy priorities in counterterrorism, the rule of law and promoting the role of women in peace and security. The initial results of increased policy coherence, joint training exercises and EU engagement in support of UN peacekeeping over the last years appear promising. In Mali, EU military and civilian support helped MINUSMA to strengthen local internal security forces. In the Central African Republic, the EU’s EUFOR RCA operation set the foundation for the later UN-led MINUSCA mission.

In Africa, where the UN currently conducts the majority of its peacekeeping missions, building on partnerships means strengthening collaboration with the African Union (AU) and other regional and sub-regional organisations such as ECOWAS or IGAD. While the UN already cooperates with the AU in conflict prevention, mediation and peacekeeping, simultaneous or complementary deployments by the UN and AU will likely feature more prominently in the future. These hybrid mandates can add important political capital to operations and prove valuable during peace negotiations, such as in the Central African Republic, where local and regional knowledge may be indispensable.

Strengthen Conflict Prevention

In his vision statement, Secretary-General António Guterres stressed his commitment to a “culture of prevention” to bring about peace, political solutions and sustainable development to crisis hotspots. One major strategy to promote stability and prevent conflict is to include more women in UN peacekeeping, both as security sector officials within operations and in critical decision-making bodies for conflict resolution. Passing UN Security Council resolution 1325 on women, peace and security was a historic and important step. However, the UN must act more decisively to build up women’s participation and turn the resolution’s pledges into a reality. Given that it is the responsibility of UN member states to commit peacekeeping personnel, the organisation should feature its gender mainstreaming strategy more prominently and boost the reach and responsibility of its Gender Advisers to encourage troop contributing countries to increase the share of female staff. Strong evidence shows that women’s participation in peace and security processes improves the safety of peacekeepers, leads to more successful radicalisation prevention programmes, and improves the economic recovery in conflict-affected regions. Perhaps most importantly, peace agreements in which women participated meaningfully are 35% more likely to last at least 15 years than agreements which were concluded by male-only signatories.

Harnessing Emerging Technologies

The reform agenda introduced by the Secretary-General equally calls for scaling up the technological capabilities of UNPKOs to make peacekeepers more flexible and mobile. In 2015, an independent Expert Panel on Technology and Innovation found that many UN field operations were lacking the technological tools considered necessary by militaries and law enforcement agencies to operate effectively. The report also drew a direct connection between these deficiencies and the reluctance of developed countries to meaningfully contribute troops to existing operations.

An improved understanding of operating environments as well as the presence or intent of adversaries are key components for risk reduction in conflict. Harnessing emerging technologies such as unmanned aerial vehicles (UAVs) is one way to move into this direction. Unarmed UAVs were first used by the UN MONUSCO operation in December 2013, helping peacekeepers to improve their situational awareness, monitor migration movements and track armed groups in the mountainous terrain of the eastern Democratic Republic of Congo. Since then, camera and sensor-equipped UAVs have become increasingly common in other UNPKOs, including in Mali and the Central African Republic, and their use should be expanded to other operations as needed.

The UN should also push for more intelligence gathering and monitoring tools within UNPKOs of the future. From satellite reconnaissance to ground surveillance radars and acoustic or seismic sensors, the cost of such once exclusive technologies has now fallen so dramatically that even the small peacekeeping budget allows investment in them. The collection and analysis of data about movements, crime and conflict can then produce intelligence which in turn can be used to shorten warning and response times for peacekeepers on the ground. Systematic and data-driven monitoring and mapping of crises can also promote patterns and models to make the prevention of human rights abuses or cease-fire violations more efficient and cost-effective.

Looking Forward

A meaningful implementation of the above recommendations depends, as always, on the necessary funding and political will of UN member states. Threats by the US administration to cut its share of the already meagre $6.8 billion peacekeeping budget, which is less than half of one per cent of world military expenditures, sends a troubling sign to multilateral efforts at maintaining peace and security. For UNPKOs, gaining the necessary political will largely depends on the strategic interests of P5 members in conflict regions. In this sense, geopolitical competition and the current stalemate at the UN Security Council around humanitarian crises such as in Syria or Yemen represent major challenges to the UN peacekeeping architecture.

However, the UN is not in an existential crisis. Since taking office, the Secretary-General has made reform a priority for the UN and the organisation is responding to the justifiable criticisms. The UN realised the changing nature of conflict and is in the process of adapting its prevention and peacekeeping missions to this new threat landscape. Although the UN may sometimes seem like a relic of the 20^th century, it has the ability and necessary vision under its current leadership to evolve and remain irreplaceable for promoting international peace and security.

Felix Manig is a postgraduate in International Relations at King’s College London. He focuses on global governance, conflict resolution strategies, and cybersecurity. Outside of academia, he is Series Editor at Strife and writes for the Peacekeeping Project at the United Nations Association of Germany. You can follow him on Twitter @felix_manig

Image Source: https://www.undispatch.com/un-learning-love-drones/

The Cyber Hangover: British cyber strategy before and after WannaCry

February 5, 2018 by Strife Staff

By Clément Briens

This article is a follow-up to my previous blog entry, that examined French national cyber strategy, and which can be found here.

The UK Prime Minister, Theresa May (Photo Credit: AFP)

More fear than harm

The WannaCry ransomware that plagued the National Health Service (NHS) in May 2017 served as a wake-up call for many, as it demonstrated the vulnerability of the UK’s critical infrastructure. Public dialogue concerning the state of the British cyber policy and security has ensued following this attack, with the USA pointing fingers at North Korea for the aggression and many British news outlets questioning the government’s cyber defence capabilities. While WannaCry was relatively harmless, and it is still unclear if it was an intentional attack on the UK or simply a viral malware, one can imagine the potentially disastrous consequences of future cyber-attacks on other parts of the UK’s national infrastructure.

Fortunately, UK policymakers have heeded this warning, and have allocated an extra £21 million “to increase the cyber resilience of major trauma sites as an immediate priority”. This response is a first real-world application of the UK’s 2016–2021 National Cyber Security Strategy paper, and the first successful application of its principles. This article will argue that such a strategy paper is a leading example of how to deploy a national cyber strategy, although it is not perfect.

The strategy’s main strengths are that it seeks to build up resilience rather than just blindly upping the offensive ante; to raise public awareness and initiate a public dialogue; and to invest in the country’s youth to find the solutions to future problems. The first part of this article will be spent examining how these aims have successfully been translated into practice. However, the second part of the paper will observe how the UK is failing to secure its election infrastructure, which is a major shortcoming in its national strategy.

Reaffirming resilience

As mentioned above, government responses have sprung relatively quickly following the WannaCry intrusion of the NHS to give it the tools it needs to fend off future attacks and malware. This rapid cure to the national security hangover demonstrates one of the tenets the application of the main principles outlined in the paper, the “3-D” strategy: defend, deter, and develop.

Excerpts from the National Cyber Security Strategy paper

Developing resilience is an objective that involves all three aspects of this 3-D strategy. Indeed, UK businesses should collaborate with public actors to develop security solutions for both sectors in order to help defend companies and public organisations more effectively, which hopefully will deter future attacks.

This strategy has been taken very seriously by Chancellor Phillip Hammond, who in 2016 had pledged £1.9 billion in support of these cyber initiatives. Such an effort provides resources for the main UK actors such as the National Cyber Security Centre (NCSC) and Government Communication Headquarters (GCHQ); and it also supports the creation of the Cyber Security Research Institute (CSRI).

Policy Parley

Another crucial aspect of the 2016–2021 National Cyber Security Strategy paper is public engagement and training. To this extent, a plethora of government initiatives have been enforced, with the objectives to raise awareness and construct dialogue with the individuals, companies and academics. Two of these campaigns are known as Cyber Aware and Cyber Streetwise, the former of these being explicitly aimed towards small businesses:

Furthermore, efforts have been made to keep academics in the loop. The NCSC’s Cyber Security Body of Knowledge initiative, dubbed CyBOK, has united an academic consortium including professors from Oxford, Imperial, UCL and others, with their aim being “to codify the cyber security knowledge which underpins the profession”.

Screenshot from the Cyber Accelerator website

Meanwhile, the NCSC is debuting its “Cyber security academic startups programme”, which aims to provide academic startups with grants up to £16,000, GCHQ are also holding their Cyber Accelerator programme to challenge the cyber-security startup community to “ develop new tools and prototypes that enhance or enable security on existing devices”.

Training Teens

Another of the key points of the National Strategy is to tap into the vast potential of young adults and others that have benefited from the democratisation of cyber tools and refine this raw talent into a key asset. Efforts have been made to recruit imaginative youths with coding skills: the development of interactive websites such as the Cyber Discovery website acts as an assessment tool for the Cyber Schools programme, which aims to recruit teenagers from ages 14–18.

Screenshot from the Cyber Discovery website

The Catch

The conclusion of the first part of this article is that the UK is excelling in building resilience and investing in cyber security, two edges of the same cyber-sword that provides protection to the country.

Campaigners hold placards for ‘Britain Stronger in Europe’, the official ‘Remain’ campaign group seeking to avoid a Brexit, ahead of the forthcoming EU referendum, in London on June 20, 2016 (Photo credit: JUSTIN TALLIS/AFP/Getty Images)

However, there is a significant flaw in the National Cyber Security Strategy: the absence of a classification of voting technology and the electoral process at large as part of the country’s Critical National Infrastructure (CNI). This prevents voting technology from benefitting from CNI-grade cyber security. The WannaCry blunder has demonstrated how actors can easily paralyze the UK’s health system, which is why Britain urgently needs to secure other aspects of its critical infrastructure, such as its democratic institutions.

Cyber-crime poses a major threat to Western democracies, as official reports are accusing foreign groups of interference in the recent American, French, German, Spanish, and British elections via cyberspace. The risk for upcoming elections in Italy in March and the EU Parliament next year is genuine. Theresa May has already expressed her concerns with the meddling in the Brexit referendum in particular.

However, in practice, not much has been done to bolster cyber security in regards to voting technologies. For example, a May 2017 Parliamentary Office of Security and Technology (POST) report analyses foreign involvement in British CNI. However it only identifies such involvement in two sectors: supply chain involvement (Chinese hardware being used by various critical sectors) and foreign investment and direction.

Furthermore, a US Senate Committee of Foreign Relations report published January 10thexamining the impact of Russian interference on Western democracies holds a particular statement concerning the UK:

“British officials stated after the poll that there was ‘‘no successful Russian cyber intervention’’ into the election process seen and asserted that systems were in place to protect against electoral fraud at all levels, though it is unclear the extent to which the lack of meddling may have also been due to a shift in the Kremlin’s approach.”

Over-confidence in capabilities has never been a good sign in military history; cyber security is no exception. Projects of introducing online voting by 2020 will only exacerbate the risk that foreign governments or independent actors will seek to influence the outcome of British democratic processes. Voter identity theft is now a frightening possibility, as hackers can purchase massive datasets of voter information on the dark web in order to usurp voter identities online and alter votes. The modification of voter locations, hence making their votes void, is also a concern. While the rise of blockchain technology may be the solution for both transparency and security in online election processes, a reverse trend can be found in other European countries such as the Netherlands and France that are in fact abandoning online voting.

Curbing the Hubris

Introducing online voting would be a step in the wrong direction towards safeguarding British democracy, as it would expose voting to the same risks as other CNI sectors that are now controlled though the internet, without putting it under security standards that CNI benefits from. Placing British election infrastructure under CNI security standards would be the better option in this matter.

Another broad conclusion that we can make is that this 2016 paper may already be outdated. Five-year plans in the age of cyber security may not be the best answer, as the boundaries of cyber criminality and foreign interference are being pushed every day. Regular updates must be publicly and periodically published to address recent developments such as the WannaCry attack, the alleged Russian interference in US elections, and how the British government plans on dealing with these developments.

Clément Briens is a second year War Studies & History Bachelor’s degree student. His main interests lie in cyber security, counterinsurgency theory, and nuclear proliferation. You can follow him on Twitter @ClementBriens

Image Credits

Banner: https://www.welt.de/politik/ausland/article170410006/Was-die-Regierung-derzeit-macht-ist-ein-einziges-Chaos.html

Image 1: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/national_cyber_security_strategy_2016.pdf

Image 2: http://arenaillustration.com/blog/steve-may-cyber-streetwise-website-billboards/

Image 3: https://wayra.co.uk/gchq/

Image 4: https://joincyberdiscovery.com/

Image 5: https://www.politico.eu/article/why-we-lost-the-brexit-vote-former-uk-prime-minister-david-cameron/

France Must Address its Threats in Cyberspace or Face the Consequences

November 30, 2017 by Strife Staff

By Clément Briens

Florence Parly, the new French Minister of the Armed Forces, now has the challenge of leading national strategy- where does cyber security situate in her administration’s vision of French security? (Credit: Wikimedia Commons)

On the 13th of October, the French Ministry of Defense, led by Florence Parly, Minister of the Armed Forces, published a white paper, the “Strategic Review of Defence and National Security”. It was the Ministry’s first major publication since the 2013 white paper, which quickly had been outdated following recent developments such as the wave of jihadist terrorist attacks on French soil; and the rise of attacks in French cyberspace. While the former is a byproduct of a complex geopolitical issue that existed at the time of the previous white paper, the latter is a relatively new development in French security, e.g. the hack of the pro-presidential party En Marche! ‘s campaign as a prime example.
This article will argue that, while the paper is comprehensive in its evaluation of the underlying nature of cyber warfare and properly provides the essential principles for a national cyber-doctrine, it fails to address current threats to France’s cyber infrastructures and democratic institutions.

Cyberspace as an equalizer

The review acknowledges how cyberspace has become a tool for asymmetrical warfare. It outlines that on one hand, while the proliferation of cyber weapons has spread, nation states have become increasingly vulnerable to the use of such weapons. This dual dynamic effectively levels the playing field between militarily advanced states such as France and sub-state groups.

Furthermore, the white paper establishes that a variety of cyber tools have become widely accessible and distributed in various channels of the dark web. For instance, the proliferation of botnets has given a significant advantage to groups that lack the processing power to conduct large-scale operations. Botnets can be defined as networks of infected computers that contribute processing power to the hacker that infected it.[1] These were used as early as April 2007 by – allegedly Russian – hackers against Estonian infrastructure. They managed to effectively down Estonia’s credit and mobile systems as well as blocking access to government websites.[2]

The paper also acknowledges that France and moreover the EU have become increasingly vulnerable to the use of these cyber weapons. System integration and connection to the Internet has accelerated; energy, healthcare, and transport systems now all rely on vulnerable centralized systems that become targets for foreign hackers.

The problem of attribution

Another issue highlighted by the review is the accessibility to tools that provide anonymity to online users, making attacks extremely hard to trace and subsequently there is a genuine issue as to attributing attacks to specific states or groups. A Virtual Private Network (VPN) and other anonymity tools such as the The Onion Router (TOR) are now freely distributed on the internet, giving users access to military-grade technology for dissimulation of their online identities, as it was originally developed to protect intelligence communications. [3]

This makes nuclear-era principles such as deterrence much harder to implement, as it is now fairly easy for states to mask their attacks by originating them from neighboring countries, or routing their attacks from countries from other parts of the world. While we are now instantly able to detect missile launches from anywhere and determine their trajectory, cyber-attacks are now nearly instantaneous and anonymous.

The equivalence principle

The review puts forward the principle of cyber-physical equivalence, a key principle to the establishment of a national cyber doctrine. The principle states destructive cyber-attacks will be met with an equally destructive response, not necessarily only by cyber means but also by conventional physical means. The review cites Article 51 of the UN Charter on legitimate self-defense to justify this doctrine. [4] This principle can be considered a tool to theoretically deter sub-state actors from attacking France and its allies with impunity, who will now face the threat of law enforcement. However, one may question the ability to democratic states that abide by such international norms to effectively deter authoritarian states such as Russia, China, Iran and North Korea, who supposedly, in Clausewitzian terms, have more powerful means and less political reserve to conduct such operations.

A failure to assess the current threats: what can go wrong?

Hence France’s Ministry of Defense has effectively addressed the main challenges and characteristics of cyber warfare. However the main drawback to this theoretical exercise is the failure to address current threats to France and its Allies. The main identified threat to French cyberspace is foreign interference in its democratic processes, as demonstrated by recent reports concerning possible Russian involvement in the recent American and French elections, or the EU referendum in the UK.[5] [6] [7]

The interference is twofold: the penetration of websites and databases relating to the elections as well as propaganda campaigns on social media.

This interference is especially problematic considering foreign activity targeting President Emmanuel Macron’s own party, En Marche! during his campaign, where hacker groups released thousands of documents from the party on the internet days before the second round of the French elections.

Existence of claimed interference in the French elections has not only manifested itself through the leak that had the clear aim of damaging Macron’s party, but also through a propaganda campaign waged on social media with bot-controlled Twitter accounts to support the leaks. Some of these bots were shown to be retweeting #Macrongate leak-related tweets several thousand times a day. [8] This is a similar method as what was observed on social media during the Brexit referendum.[9]

Despite the challenge of attribution outlined above, Taiwanese cyber security firm Trend Micro claims the attacks originated from APT 28, a group thought to be linked to Russia’s military intelligence unit, the GRU, whereas the French cyber security agency ANSSI acknowledged the attacks but failed to comment on the authors’ identity.[10]

Trend Micro’s report has serious implications for French cyber security. APT 28 had already been linked to attacks on the French-owned TV5 channel in 2015. [11] Nonetheless this time around it seems that the group has vastly escalated in its methods employed and in its ambition to challenge French cybersecurity; hence one may wonder why the review ignores this very real and recurring threat. The degree of direct involvement of the Kremlin in the “hacking” of Western elections through the use of groups such as APT 28 remains unclear, which makes the task of cyber policy formulation understandably even harder.

However, one can refer to Richard C. Clarke’s theory of national cyberspace accountability and obligation to assist, two corollaries of the cyber equivalency principle outlined in the white paper. [12] National cyberspace accountability applied in this case means that France should hold the Russian state accountable for the actions of its citizens, which helps circumvent the problem of exact attribution. Furthermore, a refusal from Moscow to assist French authorities in targeting and shutting down groups such as APT28 would result in increasing suspicion about the Kremlin’s support of such groups. Using these two components to the cyber equivalency principle would have been useful in the context of the review, and would have allowed for more transparency in dealing with the problem of attribution pertaining to the hacking of Western elections.

Conclusion

In any case, this article recommends that public dialogue be initiated concerning the state of cybersecurity in France and that the French Ministry of Defense address the foreign involvement publicly. Without resorting to alarmism, public dialogue is an integral part of a country’s cyber policy, much how it was crucial in the development of a nuclear policy in the US in the 1950’s. This dialogue has been initiated in the US in light of the alleged Russian interference in the latest presidential elections, with wide media coverage and even legal action being made public.[13] The Strategic Review of Defense and National Security was the opportunity for Florence Parly to do so, but the Ministry have fallen short of assessing the threat, informing the public, and formulating coherent policy to counter this threat.

Must foreign groups be allowed to meddle with Western democratic processes with impunity?
And should the French government deal with these issues in secret, or rather initiate broad public dialogue on a national level, and hold states accountable to international norms as they would for kinetic attacks?

Clément Briens is a second year War Studies & History Bachelor’s degree student. His main interests lie in cyber security, counterinsurgency theory, and nuclear proliferation.

Notes:

[1] Casserly, Martyn. 2017. “What Is A Botnet? How To Protect Your Devices From The Reaper Malware Threat”. Tech Advisor. http://www.techadvisor.co.uk/feature/security/what-is-botnet-reaper-3666159/.

[2] Davis, Joshua. 2017. “Hackers Take Down The Most Wired Country In Europe”. WIRED. https://www.wired.com/2007/08/ff-estonia/.

[3] Matthews, Lee. 2017. “What Tor Is, And Why You Should Use It To Protect Your Privacy”. Forbes.Com. https://www.forbes.com/sites/leemathews/2017/01/27/what-is-tor-and-why-do-people-use-it/.

[4] “Chapter VII”. 2017. Un.Org. http://www.un.org/en/sections/un-charter/chapter-vii/index.html.

[5] Smith, David, and Jon Swaine. 2017. “Russian Agents Hacked US Voting System Manufacturer Before US Election – Report”. The Guardian. https://www.theguardian.com/technology/2017/jun/05/russia-us-election-hack-voting-system-nsa-report.

[6] Greenberg, Andy, Andrew Selbst, Brian Barrett, Andy Greenberg, Issie Lapowsky, and Garrett Graff. 2017. “NSA Director Confirms That Russia Really Did Hack The French Election”. WIRED. https://www.wired.com/2017/05/nsa-director-confirms-russia-hacked-french-election-infrastructure/.

[7] “Brexit Referendum Website Might Have Been Hacked: UK Lawmakers”. 2017. U.K.. https://uk.reuters.com/article/us-britain-eu-website/brexit-referendum-website-might-have-been-hacked-uk-lawmakers-idUKKBN17E0NS.

[8] Glaser, April. 2017. “Twitter Bots Are Being Weaponized To Spread Information On The French Presidential Campaign Hack”. Recode. https://www.recode.net/2017/5/6/15568582/twitter-bots-macron-french-presidential-candidates-hacked-emails.

[9] Burgess, Matt. 2017. “Here’s The First Evidence Russia Used Twitter To Influence Brexit”. Wired.Co.Uk. http://www.wired.co.uk/article/brexit-russia-influence-twitter-bots-internet-research-agency.

[10] “Macron Campaign Was Target Of Cyber Attacks By Spy-Linked Group”. 2017. U.S.. https://www.reuters.com/article/us-france-election-macron-cyber/macron-campaign-was-target-of-cyber-attacks-by-spy-linked-group-idUSKBN17Q200.

[11] “How France’s TV5 Was Almost Destroyed”. 2017. BBC News. http://www.bbc.co.uk/news/technology-37590375.

[12] Clarke, Richard A., and Robert K. Knake. n.d. Cyber War. Harper Collins p.178

[13] Feldman, Brian. 2017. “DNI Report: High Confidence Russia Interfered With U.S. Election”. Select All. http://nymag.com/selectall/2017/01/report-high-confidence-russia-interfered-with-u-s-election.html.

Image Source:

https://upload.wikimedia.org/wikipedia/commons/0/0c/Informal_meeting_of_defence_ministers_%28FAC%29._Arrivals_Florence_Parly_%2836937726031%29.jpg

Libya’s civil war & the importance of strategic sequencing

May 6, 2016 by Strife Staff

By: Robert Andrea

Secretary_Kerry_Sits_With_Italian_Foreign_Minister_Gentiloni_and_UN_Special_Representative_for_Libya_Kobler_at_the_Italian_Foreign_Ministry_in_Rome_(23090680244) — US Secretary of State John Kerry at a 2015 meeting for the future of Libya in Rome. Source: Wikimedia

One of the most overlooked aspects in strategic deliberations is that of sequencing. It is much more common for the ‘what’ and the ‘how’ of a policy to receive the lion’s share of analysis. Despite this, the order in which the segments of a strategy are implemented can often be just as important. And while this may not always be the case, the cost of not giving due consideration to sequence can be painfully high. The ongoing Libyan Civil War provides a contemporary case study into how important sequencing can end up being in the pursuit of strategic interests.

Concerning Libya

In the immediate term, Western states appear to see (based on the different types of policy approaches on the table) two broadly defined interests in Libya. One is resolving the civil war that has been ongoing since 2014. The second is counterterrorism, primarily with regard to the increasing presence in Libya of the so-called Islamic State, but also of groups like the AQ-linked Ansar al-Sharia.

In terms of the civil war, the international community (particularly the United States and European Union) is committed to a diplomatic resolution of the conflict via the UN-led peace process. Dealing with the counterterrorism issue, on the other hand, will almost definitely involve a more kinetic approach.

Without the proper sequencing of these respective policies, however, neither issue will be solved effectively. Worse still, the situation on the ground would likely deteriorate significantly if the major actors fail to appreciate this.

Civil war

Following the overthrow of Colonel Muammar al-Qaddafi by NATO-backed rebels in 2011, Libya has struggled to rebuild effective state institutions, culminating in another civil war in 2014. This current conflict has essentially been fought between two rival entities – both claiming to be the legitimate government of Libya – each with their respective loyalists.

On one hand, there is the General National Congress. Often referred to as the Tripoli government or the Libya Dawn Coalition, the General National Congress (GNC) is comprised largely of Islamist militias and political blocs including the Justice and Construction party – considered by some to be the Libyan branch of the Muslim Brotherhood. The GNC and its allied militias are backed by Qatar, Turkey, and Sudan.

The rival of the GNC is the Tobruk-based House of Representatives, alternatively known as the Council of Deputies or the Tobruk government. Comprised of supposedly secular-leaning opponents of the Islamist-dominated GNC, the House of Representatives (HoR) is internationally recognized as the legitimate elected government of Libya. The HoR also maintains the loyalty of General Khalifa Haftar and his loyalists in the Libyan National Army.

In an effort to end hostilities, a U.N.-led diplomatic effort has produced a roadmap towards reconciliation.

In January of this year, a Government of National Accord (GNA) was announced, which, it is hoped, will unite the warring factions. For security reasons, the GNA (led by chairman and prime minister Fayez al-Sarraj) was not able to enter Libya until 30 March of this year, when he landed in Tripoli. In a somewhat surprising move, the Tripoli-based GNC announced shortly thereafter that it would remove itself from power in favor of the U.N.-backed unity government.

As of yet, the HoR has not ratified the agreement, as certain clauses would call for Haftar to step down as their army chief.

New place. Same threat. Same policy.

Taking advantage of the chaos during the civil war, the Islamic State has managed to establish a major foothold in Libya. This presence includes, but is not limited to, control of the coastal city Sirte. Increasingly concerned about these developments, Western states have been mulling more direct military options to combat the growing jihadist threat in Libya.

Earlier this year, a U.S. airstrike against an Islamic State camp in Sabratha, western Libya, killed around 50 people, including Noureddine Chouchane. Chouchane is thought to have been a key player in the two attacks last year targeting a museum and a beach resort in Tunisia. The attacks have been claimed by the Islamic State. However, this was a fairly isolated operation and there has yet to be a sustained Western airstrike programme conducted in Libya.

In terms of ground forces, part of the agreement that led to the GNA includes plans for an Italian-led multinational force of 6,000 troops to be deployed to Libya. It is still unclear what part of that force will be specifically devoted to counterterrorist operations and, for now, it is still a theoretical force. There doesn’t appear to be any reports of conventional Western troops actually in Libya currently, though multiple reports do place U.S., U.K., and French special operations forces in the country.

The foregoing reveals nothing to suggest that the counterterrorism programme in Libya will consist of anything tactically different than the ones implemented (mostly by the United States) in places like Yemen, Syria, or Somalia: Drone/airstrikes as well as occasional direct action raids by special operations forces (SOF). As we have learned time and time again though, airstrikes and SOF operations alone are usually insufficient in countering jihadist insurgencies. In the absence of a sizeable deployment of conventional Western troops, partnership with local ground forces would additionally be required to make these airstrike/SOF programmes effective.

If examined purely at a tactical level, the disparate nature of the two policies (conflict resolution and counterterrorism) would theoretically allow them to be pursued concurrently. That would be a very serious mistake – doing so would essentially ignore sequencing considerations and would likely end in catastrophe.

Enter the role of sequencing

It is critical to the long term effectiveness of both the political solution to the civil war and the West’s counterterrorism programme in Libya that the diplomatic portion of the strategy be conducted first. Only after the civil war has ended and the Libyan factions reach a modicum of unity, should counterterrorist operations against the Islamic State and other groups begin.

Without reaching a settlement to the civil war first, there will not be a single unified Libyan state to serve as a local military partner to foreign-led counterterrorism efforts. Rather, the prevailing status of a martially factionalized Libya would be the environment in which these counterterrorism operations would have to take place. In such a situation, the West would probably be forced to pick a side in the domestic conflict to act as its partner. This would undoubtedly result in an even more protracted civil war. Only now, it would be a civil war in which Western forces might find themselves as a target.

In the event of such a scenario, it’s more than likely that the Western powers would choose to side with the HoR and, specifically, Haftar over the GNC. For one, the HoR and Haftar are favoured by close partners of the West in the Middle East, Egypt and the United Arab Emirates. Furthermore, the Libyan National Army, under the command of Haftar, has proven to be the most capable fighting force in the country and has already shown a willingness to fight the Islamic State.

However, Haftar is also predisposed to fighting Islamists in general. This includes the Islamist-dominated GNC, which he labels (in its entirety) as terrorists. A foreign intervention siding with their chief rival would almost assuredly incense and seriously threaten the GNC.

Not only would this be a death blow to the diplomatic efforts towards national reconciliation, it would also seriously hamper counterterrorism operations. If they were to feel threatened by an HoR backed with Western military support, it is more than conceivable that some of the more hardline elements in the GNC might make common cause with the very jihadist organisations being targeted. This should not be viewed as a hypothetical. Certain GNC-aligned elements already cooperate from time to time with these jihadist groups.

Take the Benghazi Revolutionary Shura Council as an example. The Benghazi Revolutionary Shura Council (BRSC) is one of the primary elements fighting Haftar’s forces in the east and has often allied with the GNC. Comprised of multiple Islamist militias, the BRSC is led by Ansar al-Sharia in Libya (ASL). Both ASL, the group behind the 2012 attack on the US consulate in Benghazi, and the BRSC at large have periodically cooperated with the Islamic State against Haftar’s forces.

This places the GNC only one degree of separation away from the Islamic State. This is not to say that in the event of a foreign counterterrorism intervention that the GNC would swear the bay’ah to the caliphate en masse. It is entirely plausible however, that at least some of these forces decide to enhance their level of cooperation with the Islamic State if they were to perceive the West’s backing of their arch rival, Haftar, as a threat.

Such a strategic blunder would leave foreign counterterrorism forces facing an already capable enemy, but now potentially reinforced with thousands of new fighters.

If the aforementioned scenario were to occur, the chances for a political settlement to the Libyan Civil War would evaporate almost instantly and the jihadist threat that Libya already poses to the West (particularly to Europe) would increase drastically. Or, to put it succinctly: It would be an unmitigated strategic failure for the West.

To their credit, both the Western states and the U.N.-supported unity government are trying their best to properly sequence their strategies in Libya. Italy, who will be leading the eventual international troop deployment, has said it will refuse to lead the operation until the GNA is ratified by all parties and the Libyan military command structure is clarified. Even more recently, the GNA itself called on all military factions to hold off on any military operation against Sirte until a unified military structure is established.

So it would seem that, for now, the policymakers handling the Libya file in the West are aware of the importance of taking sequence into account.

Conclusion

All of this is not to say that utilising proper sequencing will guarantee success in Libya. The road ahead contains a veritable minefield of challenges to reaching some semblance of stability. In such a complicated political and security landscape, there is nothing to say that the peace process and/or counterterrorism operations in Libya might not face serious challenges in the future. That said, while sequencing might not be the most stimulating aspect of policy analysis, as we see in the case of the Libyan Civil War, failure to fully appreciate its necessity could lead to disastrous consequences.

Robert Andrea is an incoming MA student in War Studies at King’s College London. His research interests include U.S. and Iranian foreign policy, diplomatic strategy, and proxy warfare. He can be found on Twitter at @Bob__Andrea

strategy

Footer

Contact

Recent Posts

Tags