Some sideways thinking about cyberwarfare

Cyberwarfare needs to be framed far more broadly.

When we hear the term “cyberwarfare” we think of government-backed hackers stealing data, or releasing viruses or other software exploits to disrupt another country’s capabilities, communications, or operations. We imagine terrorists or foreign hackers planning to destroy America’s power grid, financial systems, or communications networks, or stealing our secrets.

I’ve been thinking, though, that it may be useful to frame the notion of cyberwarfare far more broadly.  What if we thought of JP Morgan’s recent trading losses not simply as a “bad bet” but as the outcome of a cyberwar between JP Morgan and hedge funds?  More importantly, what if we thought of the Euro’s current troubles in part as the result of a cyberwar between the financial industry and the EU?

When two nations with differing goals attack each other, we call it warfare.  But when financial firms attack each other, or the financial industry attacks the economy of nations, we tell ourselves that it’s “the efficient market” at work.  In fact the Eurozone crisis is  a tooth-and-claw battle between central bankers and firms seeking  profit for themselves despite damage to the livelihoods of millions.

When I see headlines like “Merkel says Euro Rescue Funds Needed Against Speculators” or “Speculators Attacking the Euro” or “Banksters Take Us to the Brink” it’s pretty clear to me that we need to stop thinking of the self-interested choices made by financial firms as “just how it is,” and to think of them instead as hostile activities.  And these activities are largely carried out by software trading bots, making them, essentially, a cyberwar between profiteers and national economies (i.e. the rest of us).

I know that the reality is more complex than those statements might suggest, but reality always is. Financial firms have legitimate interests in profit seeking, and sometimes the discipline of the market is just what national economies need. But when does it go too far? The US and Israel had legitimate security interests in undermining the Iranian nuclear program too.  That doesn’t mean that we didn’t call Stuxnet an act of cyberwarfare.

One of the things we try to do on the Radar blog is to frame things in a way that help people to see the future more broadly.  I do believe that one of the major long-term trends that we need to include in our thinking is that foreign policy (including the possibility of cyberwarfare) is no longer just between nations, but between nations and individuals (whether the collective activists of popular revolutions or the terrorist as the oft-discussed “violent non-state actor“), between nations and big companies, and between companies and industries.

And just as we expect nations not to act out of untrammeled self-interest lest the world go to hell in a handbasket, I think it’s reasonable to ask financial firms to show self-restraint as well. Either that, or expect that at some point, nations may decide to fight back with more than their central banks.

tags: ,