By Sher Bano*
In the present world cyber warfare is considered to be the most formidable means of non-kinetic war fighting. In South Asia the probability of eruption of an unintentional war as the result of cyber-attack has also increased many folds. Hence it has become necessary to build a stable environment in information space in order to avoid certain large scale cyber-attacks that can lead towards inadvertent war. Pakistan has been the main target of India’s cyber-attack in the past few years and it aspires to further militarize cyberspace. As cyber space is the area that does not have any legally binding obligation, the only way to control the malicious cyber behavior is by building effective “Confidence Building Measures (CBMs)” between India and Pakistan.
Building the information space CBMs was first discussed at the WSIS Summit in 2005 at Tunis. Everyone agreed that in order to strengthen the trust framework it is essential to build network security, consumer protection, information security, authentication and privacy that are considered to be the prerequisite to develop an Information society. It can only be achieved by building a cyber-security culture globally that would ensure the protection of privacy and data. Similarly having some credible cyber space CBMs between both Pakistan-India can ensure cyber security in South Asia. The prerequisite of having an effective CBM between the two states is to have effective national cyber-security practices and policies in order to protect the critical infrastructure. As all the countries are linked digitally, it has also increased their mutual interdependence. Hence the implications of the national cyber activities can be both international and national meaning having weak cyber infrastructure could weaken the cyber defenses collectively. It is in the interest of all the individual users, businesses and governments that have larger capacity to assist those businesses and governments that do not have such capacity. These steps will develop the trust and confidence among the states and will globally strengthen cyber security.
The first step in institutionalizing the CBMs in information space between Pakistan and India is by creating the basic awareness among common man, governments and organizations to understand this concept. At present the policy makers are not fully aware of the vulnerabilities of the ICT tools that are used for management and governance. One can request assistance from the local NGO’s or international organizations in this regard. The roadmap of building cyber CBMs between India and Pakistan must include increased cyber contact among the technical societies of both states that are working on the issues related to cyber security. These societies must collaborate to create a regional hub that would determine the ground rules related to cyber security in South Asia. The governments must support such societies by organizing international and local workshops.
Both India and Pakistan are not the signatories of “Council of Europe Convention on Cybercrime”. Both can collectively agree to sign CEC agreement and also can have bilateral agreements on Cyber Space among themselves in order to minimize the transnational cybercrime. They can work mutually in organizing seminars and workshops and build capacities of policy experts in building effective cyber laws. In order to strengthen the ‘military information CBMs’ India and Pakistan must predefine the redlines that could initiate a response. One can define areas where cyber operations are not permitted. A cyber hotline could be created that would allow the policy makers and professionals to immediately react if there is an alarming situation and make the political leadership to quickly take the de-escalatory measures. The next step would be strengthening cyber security through cyber treaties among two states. Both states can efficiently fight against cyber-crime by signing bilateral treaties. Such treaties would help building trust and will enable them to fight cybercrime collectively. A joint cyber space monitoring cell can also be created that can monitor any malicious cyber activity and both countries can also share important information. Lastly, both the states must refrain from hostile propaganda against each other. Social media is one of the major platforms that is used for spreading false information and hatred among the states. Both states should come up with means to control such activities that aggravate the already intimidating situation.
There are various factors that need to be considered while developing information space CBMs. One such factor is that the process should be kept away from the media. The process must start informally and slowly move towards the official level. Only a regional approach toward building confidence measures could allow Pakistan and India to end this long term bilateral animosity. The essential condition for maintaining peace is to maintain a balance between non-military and military CBMs. CBMs cannot become successful overnight, they will take time but the need to begin negotiations in the cyber domain among India and Pakistan is immediate.
*The writer is working as a Research Affiliate at the Strategic Vision Institute (SVI), a non-partisan think-tank based out of Islamabad, Pakistan