War by Other Means
Page 9
There is a tendency, especially among market watchers, to treat the fact that a SWF has a given economic return benchmark as somehow prima facie evidence of purely commercial motivations. (As one former IMF economist wrote, investments by Gulf-based SWFs are “based on pure economic criteria and are not politically motivated. For instance, ADIA, one of the world’s largest SWFs, sets a benchmark annual rate of return of 8% for its portfolio, and has met or beat this portfolio for several years.”56) But of course there is nothing to preclude the possibility of attractive geoeconomic investments that also happen to offer an 8 percent or better return. GeoEconomica, a SWF watchdog firm, recently singled out Qatar’s SWF for its failure to comply with the Santiago Principles, a compact meant to increase transparency and guard against political investments by SWFs. “Qatar’s foreign policy interests have strongly informed Qatari sovereign wealth management,” GeoEconomica said.57 Apparently whatever geopolitical adventures the Qatari SWF was getting into also made for good business, as the fund’s annual returns are reported to be close to 17 percent.58
And even where states are investing purely on the basis of economic considerations, it stands as a separate question whether these investments nonetheless alter the strategic landscape in some way. As Ashley Thomas Lenihan, a fellow at the London School of Economics, writes, SWFs “may be employed as a means to increase a state’s relative economic power, even when their individual investments are generally made on the basis of economic, market-driven, logic.”59 Because states, as sovereign actors, also have the advantage of advance knowledge of geopolitical events, and thus the unique ability to move their funds accordingly, other concerns center on a form of insider trading—the idea that sovereigns could tilt a policy environment, domestically or abroad, to place their investments on preferential market footing—and the notion that compared to private investors, SWFs are far less constrained by shareholder accountability, a fact that itself can give SWFs significant market advantages.60
Finally, where the pull of a country’s domestic market is strong enough, its handling of inbound investment can be as powerful a geoeconomic instrument as its outbound investment flows.61 While some countries place entire civilian sectors off-limits, others screen all forms of inbound foreign investment, rending approvals on a case-by-case basis in ways that invite geopolitics into the decision making. The U.S. investment screening process, carried out by the Committee on Foreign Investment in the United States (CFIUS), has come in for its share of criticism in recent years, but for all its infirmities, it is far more limited in scope than similar bodies in other countries, conducting only 193 investigations of inbound investment between 2009 and 2013 (or roughly 40 percent of “covered investments” potentially subject to investigation during those years).62
Again, even granting that much of today’s state-led investment is not geopolitically motivated, it can nevertheless carry real geopolitical consequences. The resulting impacts can be subtle, perhaps seen only in aggregate, and sometimes not even necessarily intended. As Chapter 4 illustrates, Chinese investment flows have begun to wear away at long-held assumptions about how certain markets operate. These flows have altered the foreign policy calculus for certain nations, widening the options of some and narrowing those of others. And in some cases they have also lent new arguments to supporters of China’s own military buildup.
Economic Sanctions
Sanctions, like trade and investment, have traditionally been a story about the perks of size. While most countries have practiced some form of sanctions, their effectiveness turns on two basic variables: domestic market size (the loss of America as a potential market for one’s exports versus, say, Lichtenstein) and global market share (some countries have a near monopoly on the production of certain goods).
But there are exceptions, especially where niche entities have adopted systemic importance. Virtually all electronic banking payments are executed via the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network, and the fact that SWIFT is domiciled in Belgium—as opposed to a country less sympathetic to U.S. and European geopolitical interests—made it considerably easier to leverage this network in the context of the Iran sanctions. Likewise, the fact that the United Kingdom remains such a dominating player in the shipping insurance industry has conferred considerable geoeconomic leverage for Western countries seeking to deter Iran’s nuclear ambitions. Maritime insurer Lloyd’s announced in July 2010 that it would stop underwriting gasoline imports to Iran, a move of compliance with the U.S.-led sanctions regime, and one that further exacerbated the plunge in the value of the Iranian rial and loss in foreign reserves.63 Just six months later, in January 2011, Lloyd’s issued a market bulletin providing guidance for subsequent compliance with U.S. and EU-led sanctions against Iran: no new contracts, renewals, or extensions for insurance to Iran or its government, Iranian citizens or entities, or those acting on behalf of Iran would be permitted.64 With no insurance for oil tankers, Iranian oil buyers were compelled to act in accordance with the sanctions regimes; India was forced to cancel an Iranian shipment, for instance, and Japanese oil refiners asked for clauses to be added to purchase contracts so they could back out if the requisite shipping insurance could not be obtained.65
As Chapter 6 explores in more detail, the strongest such systemic choke point remains the ubiquity of the U.S. dollar. Thanks to the dollar’s continued universality and America’s central role in financial markets, the U.S. Treasury Department is able to deliver a credible ultimatum to international banks: either do business in the U.S. dollar or do business with the target country or bank.66
Such choke points notwithstanding, sanctions regimes since the 1970s have had a decidedly mixed record when it comes to altering state geopolitical and domestic behavior. When one sizes up these cases, some lessons become clear. First, the use of sanctions between adversaries is more frequent (and more costly to the sanctioner) than sanctions applied between friendly states, and extract fewer geopolitical concessions, as adversaries tend to prefer near-term economic costs over longer-term geopolitical ones.67 This fact has accounted for the general failure of U.S. economic coercion to achieve its goals against Iraq, Cuba, China, and North Korea.68
Next, sanctions work best when the objectives are modest and the targets well-defined. This leads some experts to counsel restraint, arguing for example that “modern sanctions should be targeted at specific objectionable activities … or at the Swiss bank accounts of elites such as Iran’s Revolutionary Guard.”69 Certainly, changing specific behavior is of course easier than bringing down a regime, though foreign policymakers do not always have such luxury of choice, and in any case, modern sanctions have demonstrated an ability to help accomplish both.
And, of course, sanctions also need friends and allies. Washington learned this the hard way in early 1980 when it imposed a grain embargo on the Soviet Union to punish it for invading Afghanistan. The embargo failed to gain international support, even from strong allies such as Canada and Australia.70
Finally, sanctions also underscore the dependencies and tensions that can exist across various geoeconomic instruments. For example, certain financial sanctions—such as those on Iran’s central bank—are effective only because these entities deal in U.S. dollars. As such, each time the United States uses these sanctions, Washington may be hastening other countries’ search for alternatives to the dollar, which in turn would undercut the future effectiveness of sanctions. For example, Russia’s state-owned energy company Gazprom has started to accept payment in rubles and yuan, rather than euros and dollars, amid escalated sanctions toward Moscow over Ukraine.71
Cyber
While much about the precise nature and magnitude of cyberattacks remains fuzzy, there is good reason to view cyber as among the newest, most powerful geoeconomic instruments.72 Some aspects of the problem are clear: the overwhelming share of attacks can be traced back to IP addresses inside Russia and China.73 According to one private study, cyberatt
acks account for roughly 15 percent of global Internet traffic on any given day. This figure “plummeted to about 6.5%” around October 1, 2011, China’s National Day, “when many workers take leave.”74
Certainly not all cyberattacks are geoeconomic. One example is Russia’s July 2008 cyberattacks against Georgia’s Internet infrastructure in the run-up to hostilities between the two over South Ossetia; another is the 2009 Stuxnet attack against Iranian nuclear facilities, thought to have been launched by Israel and the United States in a bid to disrupt Iran’s nuclear weapons program; a third is Iran’s 2013 attacks on U.S. Navy computers, seen by some as possible retaliation over escalations in sanctions weeks earlier. All of these would be considered non-geoeconomic, as they all sought primarily to alter a given military equation between states. The same is true of the persistent attacks by Chinese hackers targeting private firms, typically government contractors, searching for information around U.S. military systems. According to press reports, these hacking attempts against the U.S. military and defense contractors have succeeded in stealing information from more than two dozen weapons programs, including the Patriot missile system, the F-35 joint strike fighter, and the navy’s new littoral combat ship; concerning as this is, it is not geoeconomic by our definition.75
To be considered geoeconomic, a cyberattack should meet two basic criteria. Because geoeconomics is necessarily concerned with state behavior, a geoeconomic cyberattack must be state sponsored (or at minimum, materially encouraged by government actors). It must also involve an attempt at economic influence. A cyberattack on a major Internet service provider for the sole purpose of reading emails would not be geoeconomic in nature, but attacking the same provider in a way that aimed to weaken the company itself or wreak economic havoc in the target country by causing widespread internet disruptions would be geoeconomic.
Generally speaking, geoeconomic cyberattacks are those making use of economic or financial market mechanisms and seeking to impose economic costs as part of a larger geopolitical agenda. In practice, this will entail cyberattacks meant to degrade or compromise another country’s critical economic or financial infrastructure or its major economic or commercial entities (whether such infrastructure or entities are privately or publicly owned)—again, in a way that produces actual or potential geopolitical benefits for the attacking country. In addition to massive theft of commercial intellectual property, geoeconomically directed cyber capabilities provide governments the means to bring down individual companies, undermine entire national economic sectors, and compromise basic infrastructure from electrical grids to banking systems. All this over time can produce weaker nation states more susceptible to external geopolitical manipulation, including in times of crisis.76
Of course, as a practical matter, distinctions are hard to come by. Some cyberattacks manifestly involve both geoeconomic and non-geoeconomic elements. In 2007, in what were the first known state-sponsored cyberattacks leveled against another country, Russia unleashed a three-week wave of massive distributed denial-of-service (DDoS) cyberattacks on Estonia. The attacks came amid a heated row between the two states over the Estonian government’s removal of a Soviet war monument from the city center in Tallinn to a military cemetery. Websites were suddenly swamped by tens of thousands of visits, thus disabling them. According to reports, the main victims of these attacks were a mix of geopolitical and geoeconomic targets: the websites of the Estonian presidency and parliament, Estonian government ministries, political parties, three of the six major news organizations, two national banks, and one communications firm.77
In the days and weeks following the ordeal, most of the headlines focused on the attacks against government targets; the private targets got relatively little notice. But Estonian officials saw in the latter far greater reason for concern. “All major commercial banks, telcos, media outlets, and name servers—the phone books of the Internet—felt the impact,” Estonian defense minister Jaak Aaviksoo explained at the time.78 Aaviksoo was quick to stress that while the medium of influence may have been economic, the scope and effects of the ordeal were unambiguously geopolitical: “This was the first time that a botnet threatened the national security of an entire nation.”79 Much in the way the Russian government has employed other geoeconomic tools, Moscow’s cyber intimidation was about reminding Estonia (and other Baltic states) of Russia’s continued status as the region’s dominant actor and geopolitical arbiter.
As with most geoeconomic instruments, cyber is a tool better suited to some countries than others.80 Not only do countries such as Russia, Iran, North Korea, and China face fewer legal and popular constraints in committing cyberattacks against private firms, but they also tend to be adroit at translating the stolen data into national security gains without ever leaving the remit of state-controlled channels.
One oft-cited example is China’s Project 863, thought to be at least twenty-five years old, which reportedly provides central government funding and guidance for clandestine efforts to acquire U.S. technology and sensitive economic information.81 It is clear that these attacks have yielded details with vital national security consequences for the United States, including the 2015 theft of the confidential personnel records of millions of U.S. government employees. Leading news outlets as well as private security firms such as Mandiant conclude that the Chinese military may have “obtain[ed] the ability to manipulate American critical infrastructure: power grids and other utilities.”82 And, say outside experts, still other attacks may yield similarly detailed blueprints, although for designs too sophisticated for Chinese targeting entities to translate into immediate operational use.83
Also like most other geoeconomic forms of statecraft, the motives and nature of geoeconomic cyberattacks can vary. While many are about industrial espionage in sensitive or strategic sectors and tend toward stealing data, others are more straightforwardly retaliatory.84 Most analysts took the 2010 attacks on Google and the 2013 attacks against the New York Times (following David Barboza’s exposé on Chinese premier Wen Jiabao’s personal wealth) as primarily acts of intimidation.85 In September 2012, Telvent, a firm that monitors more than half of North America’s oil and gas pipelines, learned that Chinese hackers had penetrated its computer systems. Concerned that the Chinese military was attempting to plant bugs that would cut off energy supplies and shut down the power grid during a future U.S.-China crisis, Telvent was forced to immediately stop remote access to its clients’ systems.86 The Telvent case, say some experts, may be a deterrent signal—a sign that, to quote one Asia expert, “the U.S. shouldn’t think that a regional conflict [in the South China Sea or Taiwan Strait] won’t touch the U.S. homeland.”87
Attacks can persist undetected for years, in some cases reportedly draining terabytes of data. Even once attacks are discovered, attribution is extremely difficult (especially when attacks are state sponsored, as states tend to be particularly adroit at covering their tracks). And even when attribution is possible, it remains politically fraught. In the spring of 2013, U.S. officials began openly accusing the Chinese government of persistent cyberattacks against private U.S. firms and critical infrastructure—but this was only after investigative work by private entities produced a strong body of open-source evidence linking the overwhelming share of Chinese-origin cyberattacks to the Chinese army.88 In its 2014 indictment of five Chinese military members, the U.S. Department of Justice alleges that the Chinese military targeted a number of America’s top manufacturers over an eight-year period, from 2006 through early 2014, including nuclear power plant maker Westinghouse Electric, a U.S.-based subsidiary of SolarWorld AG, United States Steel, Allegheny Technologies, and Alcoa. According to press reporting, sources suggest the U.S. government had been readying the case for years, with much of the wait simply over convincing the affected firms to go public.89
The sectors most often targeted—finance, energy, IT, aerospace, automotive—are by and large also those sectors that Chinese officials have designated as priority, or �
��strategic emerging industries.”90 DuPont, Johnson & Johnson, General Electric, RSA, Epsilon, NASDAQ, hundreds more—attacks linked to the Chinese government have grown so pervasive in recent years that most mid- and large-scale U.S. and Western firms now accept that when they express interest in entering the Chinese market (or find themselves bidding against a Chinese firm), cyberattacks will follow.91
In one 2009 episode, soon after Chinese state mining giant Chinalco launched its bid to gain a controlling share of Australian mining firm Rio Tinto, Rio Tinto along with two other leading Australian mining companies were hit by crippling cyberattacks. Australian authorities noted more than two hundred attempts to hack into Rio Tinto’s networks. The attacks—which continued for the duration of Rio Tinto’s negotiations with Chinalco—succeeded in gaining confidential information related to major contract negotiations. Ultimately the talks collapsed. More interesting than the outcome is how the cyberattacks against Rio Tinto figured alongside other, uniquely sovereign bargaining tools Chinese officials openly wielded in pursuit of a deal in a sector Beijing considered “strategic.” As Australian press covering the cyberattacks reminded readers, “Rio Tinto Group faced cyber-attacks from China at about the time of the arrest of four executives in the country, while BHP Billiton Ltd. and Fortescue Metals Group Ltd. have also been hit … by hackers during a takeover bid for Rio.”
And even with sectors that are not particularly strategic, sheer deal size can be threatening to the Chinese government, especially when it comes in the form of foreign direct investment seeking entry into China’s domestic market. Coca-Cola was penetrated by Chinese hackers in 2009, amid a failed $2.4 billion bid to acquire the China Huiyuan Juice Group.92 Had it been concluded, that agreement would have been the largest foreign acquisition of a Chinese company; as such, it would have weakened the Chinese government’s own hold on the market, theoretically opening up new avenues of political influence inside China by non-Chinese firms. For the Chinese Communist Party, whose political survival is linked to the degree of economic control the Party holds over the country’s domestic markets and factors of production, deals of a certain size necessarily stimulate security concerns. Unsurprisingly, such cases provoke geoeconomic hacking attempts that are, at least in the view of the sponsoring government, meant to protect against national security threats.