WHY POLICING CYBERSPACE IS SO HARD

Cyberattacks that rip across the internet at light speed, election meddling and disinformation that tears at the fabric of democracy, the brazen theft of personal data and trade secrets – it’s the Wild West out there in cyberspace. This week, French President Emmanuel Macron called for an international agreement to bring some order to the electronic frontier.


The initiative condemns malicious cyber activities in peacetime and calls for governments to protect the basic functioning of the internet and work with the private sector to improve cybersecurity. But while more than 50 countries and dozens of private sector players signed up, some of the world’s biggest hacking powers – Russia, China, the US, and Israel, are so far absent from the list of signatories.

Here are three of the biggest reasons why establishing rules of the road in cyberspace is so difficult:

Blurred lines: They’re everywhere in cyberspace. Figuring out who launched an attack is hard when hackers from one country can launch viruses from servers in another. The boundaries between state-sponsored cyber operatives and criminal hackers are often fuzzy, giving governments plausible deniability when using these tools. Even more basic than that, there are many ways that governments can seek advantages in cyberspace short of what’s traditionally considered an act of war. Blowing up a power plant would clearly cross a line, but other disruptive activities like election meddling fall into a grey area. Blurred lines like this create space for governments to engage in mischief and make it hard to establish clear boundaries of acceptable behavior.

Cyber superpowers aren’t ready to relinquish their advantages: Some governments don’t want to be constrained by international agreements in cyberspace. Countries with more advanced cyber capabilities may calculate that the benefits they get from going on cyber offense (or even just the ability to threaten cyberattacks) outweigh the benefits they would receive from signing up to a pact that ties their hands. A seven-year UN effort to establish clear cyber norms ended in deadlock in 2017 after a handful of countries, including China and Russia, balked at a US-led attempt to get countries to agree on how international law should apply to the online realm. The US, which has recently staked out a new, more aggressive cyber strategy under President Trump and his national security adviser, John Bolton, is also reluctant to accept curbs on its ability to use hacking as a tool in the national arsenal.

Cyber conflict isn’t (yet) terribly lethal. Around 20 million people died in the First World War before the armistice signed 100 years ago this week. Four times as many died during World War II. In the aftermath of that carnage, the world came together to establish the modern Geneva Conventions to protect civilians during armed conflict and prosecute war crimes. In the 30 years that malware has been around, it has yet to produce a single, verifiable fatality. That day may be coming – there’s little doubt that a cyberattack that knocked out a hospital, power plant, or a city’s water system could cause a potentially significant loss of life. But as long as the main costs of cyber conflict are counted in dollars, and not in blood, it’s going to be hard to generate a consensus on the need for change.

 

The Paris Call for Trust and Security in Cyberspace launched in 2018 with the commitment of signatories to stand up to cyber threats like election interference, attacks on critical infrastructure, and supply chain vulnerabilities. Last week, on the first anniversary of the call, the number of signatories has nearly tripled to more than 1,000 and now includes 74 nations; more than 350 international, civil society and public sector organizations; and more than 600 private sector entities. These commitments to the Paris Call from around the world demonstrate a widespread, global, multi-stakeholder consensus about acceptable behavior in cyberspace.

Read More at Microsoft On The Issues.

What is a SPAC and how does it work?

So, SPAC is short for: Special Purpose Acquisition Company. That's when a company raises funds through an IPO and uses those funds to buy an operating business. You've seen SPACs grow in recent years and in fact, we just had one here. Virgin Galactic came public through a SPAC merger.

More Show less

In recent years, Republicans have come to dominate most of the state legislatures in the US. Ironically, it was during the Obama-era that the GOP made major headway in states that had long been considered safely blue. State legislatures are now redder than they've been in nearly a century, and in most parts of the country, one party holds all the levers of power (governorship and legislatures). For the first time since 1914, there's only one split legislature in the entire country: Minnesota. To be sure, some state races are bucking the trend: Kentucky and Louisiana, both deep-red states, recently elected Democratic governors. Here's a look at how Democratic and Republican control of state legislatures has evolved over the past four decades.

Forty years ago, Islamic extremists angry at the Saudi government's experiments with social liberalization laid siege to the Grand Mosque of Mecca, the holiest site in Islam.

To regain control, the House of Saud had to strike a deal with key conservative clerics whose blessing they needed in order to send troops into the mosque . The monarchy agreed to roll back all liberalization at home, and pledged to actively fund the spread of conservative wahhabi Islamic teachings around the globe.

To understand better how the repercussions of those choices are still with us today, we put some questions to Yaroslav Trofimov, chief foreign affairs correspondent for the Wall Street Journal, and author of the magnificently written 2007 book The Siege of Mecca.

His answers have been lightly edited for clarity.

Why is it important to mark the 40th anniversary of the siege?

YT: We are at a historic moment once again in Saudi Arabia, with Crown Prince Mohammed bin Salman openly talking about how he wants to rectify the errors of 1979 and bring the country into a more socially liberal system. And he has done a lot already, allowing women to drive and lifting many other restrictions, allowing pop concerts, cinemas, tourism — all those things that remained banned in Saudi Arabia because of the 1979 deal between the House of Saud and the clerics. We are obviously talking about social as opposed to political liberalization now, as the kingdom's political system remains as oppressive as ever.

How did the event change Saudi Arabia's society?

YT: The 1979 events gave the upper hand to religious conservatives for nearly four decades, freezing the social reforms and keeping the kingdom's population under control of the religious establishment and its Vice and Virtue Police. That had repercussions in every sector, most notably education, which created a new generation steeped in ultra-conservative Islamic values. It is only after the 2001 attacks [of 9/11] that this began to change, with the most dramatic erosion of the clerics' power happening since 2016.

How did the siege affect Riyadh's foreign policy?

YT: The new pact between the clerics and the House of Saud also meant that the Saudi oil money was to be used to spread its ultra-conservative version of Islam around the world, at the expense of more moderate and open interpretations. That changed the discourse in Islamic countries all over, and indirectly fostered the rise of extremism.

The siege came a few months after the Iranian revolution, how did that play into things?

YT: There was a lot of confusion at first, as the US blamed Iran for the Mecca events and Iran blamed the US. But, all in all, the siege taught the Saudi royal family that the best way to confront Iran's aspirations to lead the pan-Islamic revolution was to stoke Sunni sectarianism that dismissed Iranians as not really Muslim because of their Shiite faith.

That became a point of convergence between the supporters of Juhayman [al-Oteibi, leader of the siege], the Saudi clerics, and the Saudi government. And we see the repercussions of that rise of Sunni-Shiite sectarianism across the region today.

Saudi Crown Prince Mohammed bin Salman says he is trying to move Saudi Arabia back onto the pre-1979 course of social liberalization. Is that possible?

YT: Well, empirically it is happening. I refer you to the piece I just wrote from Saudi Arabia for the WSJ. Times are changing and the influence of social media and the internet in general on young Saudis is massive, opening up their minds. Also, hundreds of thousands of young Saudis have traveled to the US to study on King Abdullah scholarships in the past decade, bringing back fresh ideas.

So far the backlash to the changes in the kingdom has been very limited. The question is: is Prince Mohammed dragging a reluctant kingdom into modernity, or was the society changed and reachable all along? We'll see what happens in the coming years.

In many ways the Siege of Mecca is the story of unintended consequences: of leaders tolerating (and even supported) extremists who ended up turning on their masters. Is there a comparable situation today that worries you?

YT: Well, history is full of unintended consequences. Did Putin expect Ukraine to harden as a nation-state and decisively turn toward the West as a result of his [invasion of the country] in 2014? My guess is no: he expected it to crumble.

On the question of jihadists, I think countries have learned since 2001 and since the rise of Islamic State that extremist proxies are dangerous. How long will that lesson hold?

Time will tell.