A hawkish call to cyber arms

All conferences have their buzzwords. One of these took shape during the 52nd edition of the Munich Security Conference. It’s called “hybrid warfare“. No head of state, defense minister or general was willing to omit the term.

As with all buzzwords the meaning of “hybrid“ is dubious. For some, it is good old propaganda pouring in via Twitter and a proxy, meant to hide its origin and blur the narratives of conflict – as best illustrated in the Ukraine conflict. For others, it is the targeting of critical infrastructures and cyber warfare. According to industry analyst, Frank Mattern, Senior Director at McKinsey, what's urgently needed is: “offline and online surveillance, information and warfare“. A scary idea voiced in a conference far removed from those privacy calls of last year’s edition: the post-Snowden edition.

German Defense Minister Ursula von der Leyen was the first who tried to give a definition of “hybrid warfare” at this year’s Munich Security Conference, which accentuated the German-US-debate over potential weapon supplies for Ukraine's army. “Hybrid“ according to von der Leyen includes “covert infiltration of intelligence services, political destabilisation and massive information campaigns to disavow the established order“ - all more traditional warfare propaganda tools – plus the “use of social media to influence public opinion“ or “attacks on the IT structures of the opponent“. Beside propaganda, cyber warfare is being waged in the Ukraine war, experts claimed in Munich.

The conflict in the Ukraine was quoted throughout the three days as the very example of the new version of hybrid warfare, especially with regard to propaganda over whom is fighting there, but also the distortion of communication channels of Ukrainian forces during the Crimean occupation.

One problem for military forces in digital times is that they have to communicate across their respective communication systems, but at the same time want to keep their systems secure, said Frederick Hodges, Lieutenant Commander US Army in Europe. “If you can tell me how to solve that problem, please talk to me“, Hodges said to a predominantly young audience during a public debate on the eve of the Security Conference titled “Privacy, Security and You“.

A hawkish call to cyber arms

An urgent need for what he called “defense 4.0“ capabilities was claimed by analyst Mattern. “Our opponents are using digital means“, he said. ISIS was using digital means for propaganda and social media for recruitment and funds. In the Ukraine conflict spyware had been found on systems of the Ukrainian government and embassies. At the same time the attacks on Sony and even against the conference app of the Munich Security Conference itself – a denial of service attack according to the conference organiser Wolfgang Ischinger – illustrated the changed nature of the battle.

Mattern's list of “promising tools“ for western defense 4.0 self-defense included the Argus camera that could track moving systems within 36 square miles, the X-47 drones for which a pilot only needed to plan the route and the Israeli “Tzayad digital command-and-control network“ that allowed highest commanders to be linked to the “shooters“ on the ground. Countries had to invest much more in these tools of data gathering, data analytics and data networks, Mattern demanded, and the traditional defense industry had to make the necessary adaptations. US defense contractor Raytheon International's CEO John Harris, acknowledged that in fact some components of his company in some years might look a little bit more like Google.

Cooperation between the IT sector and the defense sector is on the way in the US. On the other hand, it would present a challenge to the European defense industry because there is no European alternative to the GAFAs (Google, Apple, Facebook, Amazon, etc.), sourly said Airbus Group CEO Tom Enders.

Need for drone convention? Not (yet), according to US Senator

Given the deadly toll of drone strikes which the US not only undertook in war zones, but also in countries like Yemen and Pakistan, German Green Party member Omid Nouripour asked US Senator Sheldon Whitehouse (Democrat) if there was no urgent need for talks between the allies. Whitehouse said: “We are confident in how we use it for now.“ Yet if the technology would not be owned by the US alone, that could change, he acknowledged.

At the same time the Democrat rejected Nouripour's criticism about civilian victims, which he said, has been used to “make a case“ against what had been a very useful and effective weapon. The call made recently by former Green Party defense policy expert Angelika Beer, now a Pirate Party member, for a digital arms convention, looks very much in vain given such a reaction – proliferation as in the case of the atomic, biological and chemical weapons might in the future change this. The new Iraqi Prime Minister Haider al Abadi, when asked if he might consider to rely on drone killings against leaders of the Islamic State, answered with a categorical “no“.

Cyberattack, a case for Article 5?

Another big legal question resulting from the hybrid war in general and the cyber attacks in particular is: will they in the future trigger a joint response by the NATO alliance according to Article 5 of the Washington Treaty. According to Article 5, an attack against one or more of the NATO countries “shall be considered an attack against them all“ and trigger “individual or collective self-defense“.

While many or all nations were developing offensive cyber capabilities at least as a tool for deterrence, said Hodges, around half of the countries so far seemingly were not considering a cyber attack a case

for the mutual self defense. Christopher Painter, Coordinator for Cyber Issues at the US State Department pointed out NATO's position to decide on a case by case based on whether or not the clause of mutual self-defense was met. Law is certainly once more trailing behind technology and yes, it is scary.