It is to be said that nuclear weapons are legacy of 20th Century and cyber security is challenge of 21st Century. With the growing digitalization and amalgamation of cyber space in defense and security new threats coming into being.
Developing states like Pakistan are so engulfed in their traditional and conventional threats that emerging issues have failed to capture greater attention. But for how long can these issues with potential to be threat can be ignored and can Pakistan afford this kind of ignorance where threats are increasing by leaps and bounds? Furthermore, threats and security concerns don’t occur in a vacuum, rather they interact in presence of variables like national policies, and international or regional scenarios by interacting with other variables threats either resolved or become more complex. However, one thing is for sure and that is that the state cannot surpass these issues without solving them.
Cyber security is emerging as a new threat and states are yet in the process of making a framework to address this problem. But, as discussed above, cyber security risks are also emerging in the presence of a lot of other factors. One of these significant factors in the case of Pakistan is its nuclear capability and deterrence vis-à-vis India. India-Pakistan are practicing the arduous task of deterrence to reduce their security dilemmas. Deterrence has enabled both states to refrain from going in an all out war because of the unbearable costs. But, clearly it doesn’t mean that all is peaceful between both states. Many conflicts are ongoing and border skirmishes are daily routines between the hostile nuclear neighbors of South Asia. An alarming fact in the case of India-Pakistan is the realization that though the nuclear threshold is not crossable, there are levels below it and they should be explored. One of the potential levels below nuclear threshold could be of cyber space.
With the recent news of banning of access to social media in public office due to the detection that India plans to launch cyber attacks signifies that India can explore this domain in future. Contributing factors facilitating an Indian attack on the cyber space of Pakistan could be the rapid militarization that is raising stakes to for an actual war.
Secondly, recent doctrinal development- joint forces doctrine, cold start doctrine – in India indicates a desperation to develop counter measures against threats below the nuclear threshold. Indian joint force military doctrine declares cyber power “is the ability to use cyberspace freely and securely to gain an advantage over the adversary while denying the same to him. Under the light of this definition India’s future ambition is to strengthen its offensive cyber capability to seek more and more of an advantage.
Lastly, the most significant factor that could enable India’s exploitation of Pakistan’s cyber security is a lack of security measures in cyber realm by Pakistan itself.
Cyber security is a hush-hush matter in Pakistan. Public debates never entail this diverse and complex problem as society is rapidly moving towards digitalization.
According to estimates almost 16 million people were using the internet in Pakistan at the end of year 2014-2015 and this number is increasing day by day. Mostly when it comes to securitization of issues, Pakistani policy makers appear to wait until some catastrophe unfolds and then develop solutions to the problem. But, if India is sharpening its tools in the cyber domain Pakistan cannot just sit around. Rather than waiting and developing counter strategies against India’s ambitiousness why not think and prepare ourselves for future Indian plans, this way not only will our deterrence work at larger level, but at lower levels as well.
It is important for Pakistan to securitize its cyber space because otherwise communication system, working critical infrastructure, financial systems and conventional systems can become targets. However, the possibility of a cyber attack on strategic assets could be consequential in terms of the escalation of a cyber conflict into a war. Going to an all out war is the worst case scenario — what is more plausible is cyber skirmishes between India and Pakistan.
At present, due to lack of cyber securitization at societal level Pakistan’s cyber security is penetrable. In cyber attacks most enemies try to steal critical information or disrupt national critical infrastructure to create havoc and panic. It is an ideal tool between two nuclear, heavily armed opponents as it provides anonymity to the attacker with an available option to decline any linkages to the attacker.
At the moment what the Pakistani government is trying to do with regard to the cyber space is its politicization, which will not serve national interests in face of India’s emerging cyber capabilities. It is a matter of fact that the securitization of cyber space would not be easy due to claims of violations of human rights and democratic norms, but, there is no other option available to Pakistan.
Like many other technological innovations in realm of security, cyber security is also a grey area. States cannot afford to leave this grey area open for an enemy to exploit, disrupt or destruct just because a state as a physical entity is not damaged.
The writer is a research Associate at Islamabad based Think-tank “Strategic Vision Institute”.