Global Cyber Rivalry Challenges American Geopolitical Leadership




The overthrow of the current world order Leaderand the leader of the next may well be determined by the winner of cyber warfare.  America’s current capabilities in this respect do not assure it of that role.  In fact, with every transaction that America executes as part of ‘America First’, it undermines the current world order, and potentially furthers the position of its rivals, leaving the US and its allies open to state and asymmetric cyber-attacks.  Leveraging cyber technology and the possibilities that it offers, China and Russia have a unique opportunity to precipitate the decline of American power in the first half of the 21st century, aided by a wide array of independent and semi-independent actors that see America as a target to be assaulted.  Should America’s allies, given their dislike of the current administration’s style and rhetoric, choose to quietly celebrate its losses from the sidelines, their democracy and freedoms are also at risk.  Further, lest America’s foes gloat, America will not go quietly and perceive their very existence as a threat by it.  This paper examines critical recent developments in the cyber arena, the components, catalysts and drivers of its rapid development and the risks it poses for the world, pointing to the need for a global cyber security order.  America’s leadership represents that best chance the world has for creating a stable cyber order as part of the emergence of a new world order.

10 key takeaways table


In the last five years, the cyber world has asserted itself into the most fundamental workings of the physical world.  The overthrow of industrial businesses by information ones in the top league of companies is one sign of the transition to a digital age.  However, the use of cyber to influence the outcome of elections in the West and the lack of any meaningful retaliation by the targets demonstrates that the lessons from this transition have not yet been internalised by the industrial age leaders, despite digital attacks that threaten to undermine the foundations of the democratic political systems of the west.

Five years ago, the Sign of the Times published a paper[1] on the strategic importance of cyber capabilities to the US and its importance to America’s pre-eminent position as a global superpower in the 21st century.  At the time, the focus was on the increasing importance of the cyber arena to America’s foreign, domestic and security policy.  Today, many of the core issues covered in the original paper remain unaddressed, even though the accelerating advances in digital technology, the ubiquity of networks and the documented cyber attacks on the US and its allies make the issues raised even more urgent now than they were are the time.  The spread of digital technology and its rising importance in multiple walks of life makes the case for cyber security across all of society, at the personal, community, corporate and government level, self-evident.  Since 2013 the percentage of the world’s population with online access has increased from one-third to currently one half.[2]  Today, seven of the ten most valuable companies in the world are technology companies, up from five years ago, and half of all global economic value is expected to be created in the digital sector by 2025[3] against less than 20% a few years ago.  With digital and networked technology integral to the global economy and increasingly society as well, its geo-economic importance cannot be understated.  In addition, both China and Russia have stated the importance of cyber warfare capabilities and, while accurate numbers are hard to determine, are believed to be investing heavily in building military cyber units.  Western intelligence agencies have also identified multi-faceted attempts by Russian state-supported actors to influence the outcome of democratic elections in the UK, Germany, France, the Netherlands and of course the United States.  The combination of the economic and political dimensions of digital elevates the importance of cyber to the geopolitical level.  Five years after the original piece, which focused on the importance of cyber for America’s continued superpower status, the Sign of the Times is revisiting the topic and assessing cyber security and warfare through a global lens, given that digital technology raises global issues that cannot be solved by one nation or group of leading nations alone.


Introduction: The Original Thesis Revisited

Cyber power remains a matter of grave importance for geopolitics, particularly for the rising competition between the prevailing great power America and the fastest growing superpower China.  Given the increasing integration of digital and physical systems across commerce, security and society, US supremacy in the physical world requires it to master the cyber arena too.  The last five years have validated the original thesis and several the key thrusts of that work remain relevant today:

The Cyber Paradigm

The intervening period since the first paper has seen significant developments in technology, society and geopolitics and that have had a fundamental impact on the shape of cyber warfare and its likely conduct, during which time China has embarked on a rapid mission to buildout its own cyber capabilities to complement its increasing geostrategic assertiveness in the physical world.  America on the other hand, under the Trump Administration, has embarked on an ambitious agenda of engagement with the world in a series of transactions designed to place ‘America First’.  This is leading to its own allies in Europe, Japan and the broader Greater Pacific region[6] exploring plans for independent military capabilities to fill the void America’s actions are creating.  While it will take a long time for these to come to meaningful fruition, these developments indicate a loss of America’s role as the trusted rule-setter, not to mention as the security guarantor, among its allies.  The combined impact of these developments calls into question whether America will be the rule setter for cyber space or whether it will tolerate a chaotic and worldwide proliferation of cyber capabilities that provides others with the initiative.  Its prodigious cyber and physical arsenal will certainly allow it to retaliate against its enemies but that is a pattern that favours the threat of deterrence over pre-emptive action, a strategy that ignore one of the fundamental lessons of asymmetric warfare, namely that non-state actors are often not deterred by the threat of retaliation and even see it as the best way to precipitate a desired conflict.  Further, if its actions are not embedded in rules, America itself may be seen as a rogue power should it choose to preempt an attack and go on the offensive.




Part 1: Global Cyber-Driven Discontinuities

The physical world of five years ago feels like a very different place from today.  Barack Obama had just started his second term after defeating Mitt Romney in the US presidential election, Xi Jinping, China’s newly appointed president, had just announced an ambitious reform package for the country’s economy, Angela Merkel had just won re-election as Germany’s chancellor on record opinion poll numbers and the UK was an integral part of the European Union.  Fast forward five years and the West has seen a wave a political populism that has created the Trump presidency, seen the UK vote to leave the EU and Merkel announcing she will leave politics, while President Xi has established himself as a potential leader for life, centralising political power while slowing down China’s economic reform.  What is less obvious is that these changes have been matched if not exceeded by dramatic shifts in the digital world.  These changes augur an age in which the physical world order of the 20th century will be overturned by the cyber world; this process has indeed been accelerating during the last five years.  The key components of this overthrow are as follows:

I. Cyber Powers: US, China and Russia. Cyber warfare is a key element of great power politics.  China and the US were initially thought to be the natural leaders of the space, with superior capabilities and resources to build and entrench their global positions.  And while the past five years have in fact seen a massive cyber capability build up by China, it is Russia who has emerged as America’s principal agitator over the near-term, having compensated for its declining relevance in the international economy as well as its falling physical military strength with a systematic focus on cyber warfare.  Russia has integrated cyber as a core mechanism of its broader information warfare ambitions, which include electronic warfare, information operations and psychological operations and deployed its offensive capabilities across a range of geographies and arenas.  In addition to the widely accepted interference in the US presidential election Russia is also accused of among other things coordinated attacks on Estonia’s media and finance sector and government, and the Ukraine’s physical infrastructure during the invasion of Crimea, hacking into power plants and knocking out the electricity grid across parts of the country.  As a result, Russia has topped the list of nation-state cyber threats in the US’s annual Worldwide Threat Assessment report issued by the Director of National Intelligence since 2015.  After several decades of declining geostrategic importance in the physical world, it appears that Russia has both the capabilities and the will to be a global leader in the digital world.

II. Cyber Warfare: Cyber Attacks, Fake News and the Post Truth Society. Undermining beliefs and attitudes was identified as one of six core offensive cyber attack strategies in the original Sign paper.  What is astounding is how boldly this weapon has been deployed to attack western democracies in the past five years.  While propaganda has long been a component of any conflict, to this has been added the spreading misinformation through the manipulation of social media and networks on an unprecedented scale.  Russia, again, appears as a key player, accused of a massive campaign of disseminating fake news to influence the US presidential election, using bots and trolls[7] to seed and amplify ‘fake’ news on discussions forums and social media platforms like Facebook and Twitter.  Although there was plenty of misinformation spread, particularly about the Democrats[8], the main purpose of the Russian campaign appears to have been the deterioration of trust in online information generally and the reduction of space for effective political discussion on the internet by flooding social media with fake content.  This, coupled with the particular style of populism deployed by President Trump – involving attacks on the US press, the regular telling of untruths (often debunked but clearly not persuasively enough for his electoral base)[9], his support of right-wing, previously fringe media sources and his understandable conflict of interest that led him to deny the Russians had influenced his election – created the perfect storm for Russia to test its cyber capability and escape virtually unscathed.  The corrosive effect of this campaign on American democracy cannot yet be measured, but it is certainly feeding the division of its people and the dysfunctional bipartisanship that plagues the country today and may therefore be more effective than any direct cyber attack on US infrastructure or installations over the long run.

III. Technology: Big Data and Artificial Intelligence. Technologies like artificial intelligence (AI) (and machine learning) are emerging as game changers across a wide range of industries, including in the cyber arena.  Quote whoever becomes the leaderAI is fundamentally transforming cyber security and cryptography, and automating core security processes.  Moreover, the application of AI to big data analytics promises to unlock a step change in value from information, with AI estimated to add US$15.7 trillion to global GDP by 2030.  Given its economic and security disruption potential, both China and the US are racing to develop AI technologies and establish a leadership position in a 21st century ‘space race’, with China’s national AI strategic plan targeting a leadership position in AI by 2025.[11]  China’s annual AI spending is projected to increase from US$12bn in 2017 to US$70bn by 2020, and China’s plan is built on private-public collaboration, envisaging innovation to be leveraged from private sector companies like Alibaba and Tencent for applications in warfare and espionage.  The US on the other hand has not announced a comprehensive government strategy for accelerating AI development and adoption, and so the perception is that innovation to date is largely being driven (and paid for) by the private sector.  If the US government is covertly pursuing such a programme, it is doing so quite differently from the post-World War II era when it financed IBM’s development of mainframe and computational technologies that dominated the world for decades.[12]  , America for the time being it continues to lead the field, with over three times as many AI companies and twice the number of AI patents as China has today.[13]  America has a natural advantage as an open society that provides widespread access to information and ideas, enabling mass innovation.  However, the question remains whether China can overcome this advantage by throwing money at the problem and focusing on one objective, cyber warfare capability, rather than America Inc’s myriad objectives and applications.

IV. Cyber Attack: Shift from Commercial and Military to Political Targets.  While first generation cyber attack capabilities focused on information gathering and espionage from both commercial and military targets, second generation capabilities have focused on compromising military and civilian infrastructure.  Cybertheft of intellectual property is a classic example of the first, while the Stuxnet virus that infected the controls of 3,000 uranium centrifuges in Iran in 2010 and crippled the Iranian nuclear programme is a good example of the second generation.  The emerging third generation of cyber attack capabilities however is focusing not on economic or military targets but on countries’ entire political systems.  As stated above, Russian interference in the US elections incorporated a wide range of tactics and technologies, some of which, like hacking and leaking confidential information, were tried and tested, while others such as social media manipulation, were novel and are still evolving.  Beyond economic, political and military engagement strategies, cyber technology is adding an additional dimension of engagement for countries seeking to systematically influence strategic opponents.  Moreover, cyber is both cheap and more or less covert (for now), allowing national actors to wield influence at the fraction of the cost that more overt engagement strategies would incur, and at lower risk levels, too.  This widening of cyber attack targets to political systems requires a rethink of cyber defence strategies: while protecting electronic voting machines from hacking is likely to use well established cyber security technologies, preventing the spread of misinformation on social networks is likely to require a new set of defences, both legal and technological.

V. Threat Origins: From a Game of Great Powers to Proliferation of Capabilities. Finally, and perhaps most importantly, the world has seen an unprecedented proliferation of cyber warfare capabilities.  The past five years have seen countries with formerly virtually no recognised cybercapabilities emerge on the world stage.  Iran and North Korea, two countries facing significant technology embargos, for example, have launched credible attacks on targets, with the former attacking banks and brokerages on Wall Street and the latter successfully hacking Sony Entertainment to thwart the launch of a movie it deemed offensive to North Korean President Kim Jong Un.  From only a few, mainly highly industrialised countries a few years ago, there are now more than 30 countries building cyber warfare capabilities.[14]  Moreover, in many countries, governments are working closely with private groups on cyberwar capability build out, defraying costs to the government but creating further capability proliferation.  Given the massive physical destruction potential of cyber attacks (e.g. hacking avionics on aircraft or control systems on dams and power plants), this proliferation of capabilities poses a global security risk.  By way of comparison, cyber capabilities with potentially nuclear-level destructive capabilities are already more widely spread today than nuclear ones were at the time the Non-Proliferation Treaty was signed.  At the time, the existence of only five nuclear states and the risks their capabilities represented were enough to call into life a treaty signed by over 190 countries.


Today cyberspace is the only domain of warfare in which the United States faces near-peer competition, as well as multiple state and non-state actors that can and do freely attack the US homeland.  While the US enjoys the largest tech industry, has the world’s largest military and potentially the largest cyber budget, foreign actors have recognised the asymmetric nature of cyberpower and their ability to compete with or at least disrupt US interests using much fewer resources.  This growth and diversification of the geopolitical cyber landscape is likely to have an impact on the shape of future cyber conflicts.  Rather than being like protracted wars between nation states that had defined beginnings, phases and endings, cyber conflicts of the future are likely to fall into the category of ‘perpetual conflict’.  They are set to be continual and multi-dimensional, fought with the use of both direct resources and proxies, leading to a constant barrage of attacks against military, government, economic and civilian targets.  However, while cyber attacks will have varying levels of intensity, under most circumstances they likely remain under the threshold that triggers a physical response by the US, where it can bring superior resources to bear and outmatch any opponent, (provided that it can identify the source of such an attack and formulate an effective response).  For the most part, cyber threats to the US will therefore be more like terrorist attacks than like conventional attacks that could be construed as an act of war, and American cyber defence and counterattack capabilities will need to be organised accordingly.  This of course does not mean that cyber attacks may not have devastating effects: just like 9/11 showed the destructive potential of physical terrorist attacks, cyber attacks can cause massive infrastructure destruction and loss of life, and American policy makers and defence planners will need to account for these types of attacks as well.  Of course, America may well also be faced with ‘conventional’ cyber threats by other state actors and even other superpowers.  China’s cyber efforts during the past five years mean that it is potentially the most likely candidate in this regard.


Part 2: China – An Emerging Cyber Superpower


Among nation-states, the only country with the potential to rival the US as a superpower, Quote Cyberspace has become a new pillarcyber or otherwise, is China.  In parallel to its expanding cyber warfare capability, its military, economic and technological cyber capability is expanding rapidly and its stated ambitions in the space appears to exceed that of America’s.  China during the past five years has fully woken up to the importance of the cyber dimension, recognising the need for it to become a cyber power in tandem with its economic, political and increasingly military rise.  President Xi Jinping, in 2017, announced China’s ambition to achieve cyber superpower’, status kicking off a multi-pronged development strategy to build its technological capabilities.  This build-out comprehensively covers both economic and military considerations, recognising on the one hand the fact that ‘without cyber security there is no national securityand on the other hand the fact that China’s economy too will need to adapt to the information age, given that its existing economic strategies are insufficient to maintain the growth rates required to satisfy the demands of its population and keep the Communist Party of China (CPC) China’s Military Strategy, May 2015[15]                                 in power over the long term.  Accordingly, the priorities of China’s cyber build-out are both comprehensive and ambitious,                                                                                      covering the following eight objectives:



Will China succeed?  With the world’s largest internet user base (800m), China has an invaluable platform for domestic technology development and deployment, leading the world, for example, in the roll-out of 5G networks.  Further, its online population generates massive amounts of data critical for analytics and AI, and loose data privacy laws ensure that this data can be used freely.  The close collaboration between government and the private sector is another strength: it is home to four of world top ten internet companies by market cap, and China’s government has designated specific partners to lead the development of key technologies: e.g. supporting Tencent’s development activities in driverless cars and Baidu’s AI efforts.  The concentration of funds and resources is allowing China’s companies to quickly close the gaps on US technology leads that have been years in the making.  In the meantime, America appears to be inwardly focused on its own divisions.

All these advantages still may not lead to China surpassing the US, of course.  However, the threat though is that much like it did with its industrial build out, any shortfall can be overcome with a combination of scale and capital to spur innovation and any gaps can be compensated for with imports, acquisitions and commercial espionage.  Over the long term, only China has the potential to be a geostrategic competitor to the United States.  Moreover, as China’s capabilities grow, it will increasingly find itself at loggerheads with the US on questions of cyber warfare, cyber espionage, e-commerce, and cyber law, just like it is coming up against America on the equivalent topics in the physical world.  However, given the nature of cyber, there will always be less powerful nations with assets and capabilities to at least disrupt the actions and policies of cyber giants like China and the US.  Accordingly, the cyberpower paradigm will not be a bipolar or even a multi-polar one but a complex multidimensional one.


Part 3: A Roadmap for US-led 21st Century Cyber Security

While cyber capabilities will be a critical and increasingly important component of what it takes be a superpower in the 21st century, advanced cyber capabilities will not be the exclusive preserve of superpowers, requiring a fundamental rethink of what a future security architecture might look like.  Rapid capability proliferation and the diversification of technology will likely make a Cold War-era ‘tit-for-tat’ paradigm of measure-countermeasure development moot.  Critically, conventional thinking and strategies are irrelevant to the cyber dimension; America can watch and wait safely until it believes an Iran or North Korea have developed an intercontinental nuclear capability before it feels the security threat, but with cyber the domain is immediately global, and can reach instantaneously into the US heartland.

With cyber attacks potentially crippling national civilian infrastructure such as power, water, and emergency services, or crashing global equity markets and triggering a worldwide recession, or even launching automated nuclear counter-attacks, cyber warfare transcends being a tool for superpowers to leverage in their quest for dominance and becomes an issue for all nations to consider, one that can only be only be satisfactorily managed through the establishment of new rules of engagement.  Realistically, there is only one country with the assets and capabilities standing to secure cyberspace globally in the 21st century: the United States.  The issue of global cyber security is not just one of rule-making, but also of rule enforcement.  Other countries and institutions lack either the credibility to make rules (like China) or the will and capabilities to enforce them by necessary means (like the EU).  American diplomacy and power will be fully tested in this endeavor:  rule making will require encompassing a rapidly expanding set of countries with independent competitive cyber attack capabilities, while rule enforcement will require building and maintaining both physical and digital retaliation capabilities to respond to cyber attacks.

The summary roadmap of a US-led security environment for 21st cyber space would encompass the following elements, consisting of both international and national developments:


I. International Engagement: Reaffirm International Leadership and Principles.  America cannot establish rules (or leadership) alone.  Repudiating ‘America First’ as the governing principle of policy in favour of ‘America and allies first’ allows the US to (re-)build a scaled coalition that can support its rule-making and enforcement initiatives.  Further, cyber rules of conduct will require a platform of values and principles upon which to be based.  Globalisation, free trade, and the respect for human rights underpinned an order that witnessed the greatest increase in global prosperity and the greatest decline in violence in history.[24]  While these principles may need to be updated (for example for a plural world order  or for an environmentally challenged planet), they represent the best option upon which America can establish new rules for the 21st century, and America will need to reaffirm these principles if it is to rally the support it needs.

II. International Rules of Engagement: Determine Globally Accepted Set of Cyber Warfare Laws, Treaties, Protocols and Governance.II The current rules of war cannot be applied to cover the breadth of cyber attack and defence options so new rules will be required.  Based on a set of established principles, these rules will need to accede to the status of international laws to be universally accepted, and not stop short at the level of bilateral treaties that China believes should govern cyber warfare.  Rules will need to cover a wide range of issues including an agreed-upon scope (e.g. agreeing what constitutes a cyber attack and how is it delineated from, say, cyber crime or cyber espionage),[25] rules of engagement for cyber attacks and defence (e.g. the hierarchy of acceptable responses, both digital and physical, to attacks and escalation/de-escalation protocols), and the establishment of absolute boundaries outside of which no actions can ever be legitimate (the cyber equivalent of biological or chemical weapons).

III. International Agencies: Share Data and Collaborate with Allies. At a minimum, effective cyber defence requires collaborating with other state’s law enforcement agencies to counter attacks from international non-state actors.  In practice though, this requires working closely with other nations on threat detection and prevention too.  An example of this is Europol’s European Cybercrime Centre, a joint cybercrime task force executing global operations.  These types of collaborations will need to be expanded beyond private sector cybercrime to cover cyber warfare and military issues as well, and supercede geography, given the cross-border nature and impacts of cyber threats.

IV. National Security: Strengthen Domestic Infrastructure. All countries need effective cyber defence for their civil-military infrastructure, protecting against attacks by rivals’ powers, rogue states, non-state actors and simple criminal activity.  Civil infrastructure is particularly susceptible to cyber attacks as it typically has lower grade cyber protection in place than government or military infrastructure.  Guarding against these attacks will require close collaboration between government agencies and the private sector enterprises at risk, with intelligence agencies helping companies to address, rather than exploit network security issues, as they have on numerous occasions in the past.[26]

V. National Rules of Engagement: Create Responsible Technology Development. Given the high rate of ongoing technological development the world-over, countries will require permanent and adequately funded cyber development (and defence) programmes.  In what promises to be a cyber arms race, countries will need to consider carefully how they develop and deploy their innnovations and deploy effective protections.  Leading technologists are becoming increasingly concerned at the potential existential risk posed by AI, fearing that the current rate of development is outpacing our ability to implement safety mechanisms for our protection.  While this risk is unlikely to deter countries from the further AI research, guardrails around existing and future development efforts need to be considered.  Similarly, social media and other technology platforms need to become accountable for the impact they have on society, which will require them to create and enforce a set of agreed upon principles and rules.  The recent experience in the US shows that this is unlikely to happen without at least some government participation, though.  Over time, one can expect a massive and powerful cyber security (weapons and defence) industry to develop that sells tools to the world, on par with or exceeding today’s conventional arms industry.

VI. National Defence and Deterrence: Create and Execute Tailored Deterrence Campaigns. Given the enormous potential destructiveness of cyber attacks and the difficulty of defending against them, cyber defence strategies need to be based on deterrence.  The US will need to create bespoke deterrence strategies tailored to specific threats and attackers, planning for massive retaliation on an equal or even greater scale.  This requires having a ‘library’ of various attack plans ready for execution against all potential state and non-state cyberthreats.  Moreover, for its position as the guarantor of a 21st century cyber security order to be credible the US will likely need to demonstrate its ability and willingness to execute such a plan in responses to a transgressor of rules.  Given that the most likely instigators of overt cyber attacks against America and its allies are already states that it considers to be rivals, like China and Russia, and others that it (mostly) considers to be ‘rogue’, like North Korea and Iran, the US will need to calibrate its responses carefully given the wider geopolitical rivalry that exists with these nations in the physical world.

Creating the rules of engagement for the cyber world is unlikely to succeed if the role, legitimacy, integrity and efficacy of the current platform (UN, the World Bank, World Trade Organisation, the International Criminal Court, the EU, NATO in particular) for the physical world is put into doubt. The leaders of almost all these institutions have found that American commitment to their organisations under the Trump Administration has diminished or is in active opposition. Clearly, the administration’s current definition of ‘America First’ may have seen the challenging of these institutions as an essential part of their agenda. However, winning in the short term by undermining the rules of physical engagement has the likely implication of allowing others to legitimately claim there is no agreed basis upon which to build the rules for cyber engagement.


Conclusion: The Case for America to Reaffirm Inclusive Leadership

Cyber arms and defence technologies are the nuclear weapons of the digital age. Their preponderance is occurring as part of a series of fundamental shifts: of human civilisation from the industrial to the information age, the explosion of the world’s population to almost 10 billion people, the shift of energy resources away from carbon, the inevitable decline of America’s global share of industrial output and power, and the continuing integration of peoples across the world in an open information and access society. If America fails to embrace and lead in these changes it will be replaced just as other great powers have been displaced by newer ones throughout history. In the last five years the role of cyber in reshaping the world has advanced at a greater pace than seemed possible. The contours of the new game of power are becoming clearer.

The Shift to the information age sets up a new security paradigm and an acceleration of US-China adversity. The shift underway in the world today, most acutely felt in developed countries for the time being, from the industrial age to the information age is undeniable. Information and computing technology is transforming the structure of politics, societies, economies, industries and individuals’ lives by disrupting existing physical systems. Nearly every pillar of global civilisation – political, economic, social and military – is becoming more and more digital and therefore any conceivable future world order, short of a post-apocalyptic one, will be cyber enabled, cyber enhanced and most importantly cyber dependent, making cyber one of, if not the most critical control point for future superpowers to occupy. The US and China are the only real candidates with sufficient scale today to compete for supremacy.

Industrial age thinking and policies cannot create information age supremacy. However, at this time, industrial age thinking is driving American policy, and America First, popular thought it may be, appears to be seeking to hold on to is leadership position in the physical world using industrial age methods and tools. This effort, while it may bring some benefits in the short term, appears to be doomed to fail in the longer term, even if the US wins in every trade dispute that it launches, including extracting US$200bn from China. Even without the disruption of cyber on the industrial age, America’s relative decline in the physical world – based on GDP, trade, physical resources, and so forth – is inevitable as a simple matter of arithmetic: a country with less than 5% of the global population cannot produce 25% of the world’s GDP or control 40% of its wealth indefinitely. ‘America First’ fails to recognise this reality, attempting to bring back manufacturing jobs to the US that will likely be automated in a few years, or restrict immigration to protect ‘American’ jobs, restricting technology companies’ traditional access to international talent. By looking backward to a fleeting purported ‘Golden Age’ in the past, America risks falling behind in reaching a potential one in the future.

China has fully grasped the importance of cyber in superpower positioning and is investing with the intent to lead. America’s loss is China’s gain. China is showing signs of better grasping that the way to secure its future is to add cyber capabilities across its industrial base and economy. Despite its lower level of industrial development relative to the US, the country’s leaders have recognised that its industrial base, including manufacturing, requires ‘informatisation’ and the integration of digital technologies to generate the productivity required to remain globally competitive over the long term. China already has the world’s largest e-commerce market and is fast becoming a cashless economy through e-finance, with China processing 40x the volume of e-payments as the US. Importantly too, however, China has recognised the importance of cyber for national security and its future power position and is building a scaled cyber warfare capability to augment its growing conventional military capabilities and to counter future cyber threats.

America holds cyber primacy and the most powerful position in rule setting; both are its to lose. Despite America’s recent actions to the contrary, it is still the best placed country to embrace cyber and complete the economic transition to the information age, creating a cyber security architecture for the 21st century and thereby ensuring its superpower position in the next world order. Doing so however requires political commitment and international engagement on levels last demonstrated during the Cold War. America’s technological, economic and (open) societal superiority over China may be diminishing but is still there for America to leverage if it chooses. Moreover, as the architect of the current global rules of engagement, America is best placed to defend what is defendable, reform what needs reforming and replace the obsolete, preferably in partnership with its traditional allies. These revised and updated rules provide the best platform upon which any future cyber security architecture can be built, while the alternatives are recipes for failure.

The current course is alienating allies and creating the conditions under which American cannot lead, or lead only through tyranny. However, the reaffirmation and reform of old principles alongside the formation of new (cyber) ones cannot succeed without America realising that its self-interest is best served by uniting and leading its allies, rather than by extracting short term gains from them. This would accordingly require the current administration to support a united EU rather than supporting Brexit, stop fighting all its allies on trade, taking a more balanced position in the Middle East, and to cease undermining international institutions, in short, the effective abandonment of the current conception of “America First”. The necessity to change course is immediate: America will need to move quickly to (re-establish) leadership and to counter the moves that its potential rivals have been making, not just in cyber warfare but in commerce, finance and other areas, too. In parallel to its own build-out and preparation for a cyber future, America will need to slow down the efforts of countries like Russia and China with a combination of pressure on trade, sanctions on IP theft, restrictions FDI in the US tech sector, and enhanced cyber threat detection, prevention, and if required, retaliation to minimize the impact they can have on the US.


While the shape of the coming world order, its organising principles and its beneficiaries and losers might still be uncertain, its contours are becoming clearer. Cyber will play a critical role in this order, and will therefore need to be embedded into the international institutions that set the rules of engagement. What is also clear is that in human societies, order still requires leadership, and history teaches that in the absence of leadership, the transition from one order to another is typically accompanied by extreme violence. The transition of human civilisation to the information age provides America with not just a potential reset of its position in an otherwise inevitable relative decline in its industrial might and therefore overall geopolitical power position, but also with the ability to underpin global security and prosperity for decades to come. With a prize of this size, if America chooses not to act, others surely will.




Cyberwarfare| Cybersecurity | Liberal world order| Geopolitics | America First | US-Russia Engagement | US-China Engagement

1. See the July 2013 Sign of the Times: Cyber Attack, Defence and Security in the Making and Preserving of Superpowers
2. International Telecommunications Union
3. Source: McKinsey Global Institute
4. Source: The New York Times, DoJ Special Counsel investigation,
5. Source: Whistleblower disclosure to Channel 4 News
6. The Asia-Pacific region with South Asia
7. Bots are computer algorithms that can continuously perform a specified task, such as sending spam mail to millions of addresses or tweeting and retweeting messages with certain defined parameters on social networks. Trolls are human actors that influence information on the internet, leveraging anonymity to disseminate information and influence
8. Overall, pro-Trump bots generated five times as much activity at key moments of the campaign as pro-Clinton ones. These Twitter bots—which often had zero followers—copied each other’s messages and sent out advertisements alongside political content.
9. Source: According to Politifact, 78% of 158 of Trump’s campaign statement from the first half of 2016 sampled were found to be false or mostly false.
10. Source: CNN
11. Source: “New Generation Artificial Intelligence Development Plan” Jun 20, 2017
12. Clearly in a fragmented digital innovation scenario, the government would back a wide array of established and innovative newcomers
13. Source: Goldman Sachs Economic Research
14. Source: Joint statement by the NSA and the Director of National Intelligence
15. Source: http://www.chinadaily.com.cn/china/2015-05/26/content_20820628.htm
17. Source: Cyberspace Administration of China’s Theoretical Studies Center Group article published in Qiushi, Sept 2017
18. Source: How the Chinese Government Fabricates Social Media; Gary King, Jennifer Pan and Margaret Roberts, Havard University, 2016
19. Importing semiconductors c.US$230bn in 2016)
20. Compared with deals worth only $214 million from 2000 to 2013
21. Source: https://www.cnas.org/publications/reports/strategic-competition-in-an-era-of-artificial-intelligence
22. https://ustr.gov/sites/default/files/301/2017%20Special%20301%20Report%20FINAL.PDF
23. Source: https://www.newamerica.org/cybersecurity-initiative/blog/chinas-strategic-thinking-building-power-cyberspace
24. Cf. “The Better Angels of Our Nature: Why Violence as Declined”, Pinker Steven, Viking Books, 2011
25. These differences matter: Under China’s interpretation of cyber sovereignty an action such as posting a New York Times article on Chinese social media could meet the standard of a cyberattack
26. Examples: The Microsoft Windows security backdoor discovered by NSA, the news of which was not disclosed by the NSA but eventually leaked to the press
27. Allianz Global Wealth Report 2015
28. See the March 2017 Sign of the Times, The Shape of the World to Come – Part III: The Path to a New World Order and the May 29. 2016 Sign The Trump Doctrine and the Future of American Power