ArchiveOODA Original

Did Snowden Escalate the Cyberwar?

Edward Snowden is guilty of lot of things. But contrary to Kurt Eichenwald’s recent Newsweek analysis, he did not “escalate the cyberwar.”

Eichenwald interviews a host of business, intelligence, cybersecurity, and Asia experts and argues that Edward Snowden’s disclosures deep-sixed any American attempt to restrain China’s epidemic computerized corporate, technical, and military-intelligence espionage. Because the US’s own cyber-spying (particularly against Chinese targets) has been laid bare, American calls to pressure the Chinese to dial down on their hacking will fall on deaf ears. “You do it too!” is the obvious retort.

It is undeniable that Snowden has vastly complicated this aspect of US national security and foreign policy and potentially made influencing Beijing’s hackers impossible. But the claim that it was Snowden alone that led to this state of affairs rests on an implausible counterfactual. If Snowden, instead of running to Russia, had grumbled at his desk for the remainder of his career would the outcome be different? A review of some other relevant factors suggests not.

Spying, like any other sub rosa trend, is difficult to regulate and control. The only comparable phenomenon more widespread is drug trafficking, and the American government’s record with that does not inspire confidence. By vastly increasing the volume of information any one “agent” could take and enabling exploitation from a Beijing, Moscow, or Paris desktop (not a “dead drop location”), cyber-espionage ups the ante considerably. Second, spying is also one of the sovereignty-comprising aspects of the international system that is implicitly tolerated on a day to day basis. Political science scholar Stephen D. Krasner dubs this situation the “organized hypocrisy” of sovereignty.

States also do not really punish other states for spying in a way that would overcome a perceived national security, economic, or foreign policy decision advantage. US-Russia relations did not magically change when Anna Chapman and other members of her spy ring were caught. They were traded back to Moscow like baseball cards, and business as usual continued. The cloud of suspicion that Chinese computer firm Huawei fell under was evidently an acceptable price for the Chinese government to pay. The United States government’s own mass surveillance efforts were not deterred by the very real threat of harm to its software companies. France shamelessly engages in an industrial espionage and regards the health of its state industries as a national interest.

The idea that China could be coerced into ceasing its cyber-spying rested on a fantastic notion that the United States could somehow credibly punish it for doing so in a way that would outweigh the national security and economic imperatives that motivated such extensive spying in the first place. Beijing is hungry for technology that will give it an economic and military edge,  and it isn’t going to ask nicely for it. Instead, it has elected to take it by hook and crook. Ditto to the political and military intelligence that it desires to advantage itself in one of the world’s most tense neighborhoods.

Naming and shaming APT1, after all, only slowed the Shanghai hacker group down. After a decent interval, it was back to work cracking networks. And while intelligence professionals might regard Beijing’s technical espionage as being different from political-military intelligence, the rest of the world found such distinctions to be academic even before Snowden. If getting a great power to do what you want is contingent on the rest of the world being able to understand IC inside baseball, the US had already lost the battle.

Finally, it doesn’t help now that the world has seen (courtesy of Snowden) a demonstration of America’s formidable, well-resourced, and well-placed cyberintelligence power. Quite naturally, Europeans and others fear a superpower’s reach a good deal more than they fear an Asian state’s ambitions for regional hegemony and dominance. As the author joked to the Atlantic Council’s Jason Healey, a thousand Chinese or Russian intellectual property thefts is a statistic. Obama listening to Angela Merkel’s cell phone? Now that’s personal (said in action hero movie hero voice)!

The difficult reality is that the United States government, industry, academia, and international partners will have to collaborate in continuously adapting to well-financed state entities or their proxies carrying out political, military, and industrial espionage. It will fight a well-resourced set of adversaries across the globe, and APT1-like groups in particular, that live to break into Uncle Sam’s house and take his most valuable possessions. But that is the nature of intelligence.

The Soviet KGB was the best at the tactics and operations of espionage and active measures, bar none. The US could not prevent the Soviets from penetrating even the most secretive of circles. But the US also developed a formidable counterintelligence capability, rooting out spies and also penetrating Soviet circles as well. Lastly, all of the intelligence the Soviets were able to steal did not prevent their collapse in the Cold War. The US will have to develop cyber counterintelligence procedures for a new challenge, and simply cannot passively absorb nation-state espionage. But stern scoldings and hand-waving is unlikely to bear fruit either. Snowden’s disclosures make this obvious, but the realities of international politics outweigh the deeds of a leaky syasadmin.

Adam Elkus

Adam Elkus

Adam Elkus is an analyst specializing in foreign policy and security. He is also a Technology Research Analyst at CrucialPoint LLC, an Editor at Red Team Journal, and a PhD student in American University's School of International Service. He has published on technology, strategic theory, and emerging threats in The Atlantic, West Point Combating Terrorism Center Sentinel, Infantry, Small Wars Journal, and other publications. He holds an MA in Security Studies from Georgetown University.