The geopolitics of cybersecurity

By Ian Bremmer and David Gordon

Individual hackers and organized crime organizations have targeted businesses for years, but cyberattacks have rarely created political risk. They do now. The centralization of data networks — both in energy distribution (the move to the smart grid) and information technology more broadly (the shift to cloud computing) — is increasing the vulnerability of states to potentially debilitating cyberattacks. As governments become more directly and actively involved in cyberspace, geopolitics and cybersecurity will collide in three major ways.

First, new cyber capacity allows governments to project power in a world where direct military strikes are much more costly and dangerous. There have been plenty of stories about well-funded efforts from inside China to manipulate access to the Internet, but it’s the almost-certainly state-sponsored Stuxnet attacks on Iran’s industrial infrastructure that provide the clearest early glimpse of what tomorrow’s carefully targeted state-sponsored attack might look like. When a missile is launched, everyone knows where it came from. Cyberattacks are a very different story.

Second, we’ll see more cyber conflicts between state-owned companies and multinational corporations, providing state capitalists with tools that give them a competitive commercial advantage. China and Chinese companies are by far the biggest concern here. Throw in Beijing’s indigenous innovation plans, which are designed to ensure that China develops its own advanced technology, and this is probably the world’s most important source of direct conflict between states and corporations.

Third, there is the increasing fallout from the WikiLeaks problem, as those sympathetic to Julian Assange unleash attacks on governments and the corporations that support them in targeting WikiLeaks and its founder. In fact, the principal cybersecurity concern of governments has shifted from potential attacks by al Qaeda or Chinese security forces to radicalized info — anarchists undertaking a debilitating attack against critical infrastructure, a key government agency, or a pillar of the financial system. Whether attacks are waged for power (state versus state), profit (particularly among state capitalists), or for ‘the people,’ (as in the WikiLeaks case), this will be a wildcard to watch in 2011.

On Friday, we’ll talk about Top Risk no. 4: China — and why its policymakers will frustrate much of the international community this year.

Ian Bremmer is president of Eurasia Group. David Gordon is the firm’s head of research.