To be successful in today's modern warfare, a nation must control not only the land, sea and air, but also cyberspace. 

How should Japan and the United States, two close allies, cooperate in tackling the demands and challenges of such a new, invisible battlefield?

Linton Wells, a former U.S. Navy officer who served in senior government positions in national security affairs, including acting assistant secretary of defense for Networks and Information Integration and Department of Defense chief information officer, was asked about his views on the future of the bilateral cyberspace coalition.

Wells currently serves as special advisor to Resilience Japan.

Excerpts of the interview follow:

***

SUPERIORITY IN CYBER HELP JAPAN’S DEFENSE

QUESTION: How important are the new domains, such as cyber, electromagnetic spectrum (EMS) and space, in current warfare compared to conventional warfare?

Linton Wells: All three domains are essential to conducting warfare effectively today and will become even more important in the future. Superiority in cyber and EMS can help Japan prevent conflict by controlling the “escalation ladder,” in other words, encouraging an opponent not to escalate a confrontation to the use of “kinetic” weapons by demonstrating that Japan and the Japan-U.S. alliance are superior in those domains.

Q: Japanese government institutions and defense-related industries have been harmed by cyberattacks and espionage by people who are likely acting on behalf of another state. Do you think such cyberespionage activities can lead to serious cyberwarfare?

A: Cyberespionage is a modern instantiation of traditional espionage. In itself, espionage rarely leads to warfare, though it certainly supports it. Cyber adds speed and reach, but most wartime cyberattacks so far have been conducted in conjunction with other forms of attacks.

However, the growing linkage between the internet and “cyberphysical systems” means that cyber can do extensive physical damage to systems like power grids, communications networks, water systems, and other critical infrastructures.

Many states have said that severe cyberattacks could justify warfighting responses, but most have not revealed the “red lines,” or thresholds, that would trigger such behavior.

Q: What kind of cyber activities would be considered as a so-called “armed attack” in the context of international law? Do you think that states have the right of collective defense to counter some cyberattacks?

A: Presumably, cyberattacks that caused extensive loss of life, say through the destruction of critical infrastructure, have been discussed as being equivalent to armed attack. This also could trigger the right of collective defense.

In August 2019, Jens Stoltenberg, NATO secretary-general, stated, “A serious cyberattack could trigger Article 5, where an attack against one ally is treated as an attack against all.” In April 2019, the United States and Japan agreed that their mutual security treaty will also cover serious cyberattacks against both countries.

However, putting this into practice will be hampered by a lack of a legal framework, the difficulty in deciding on responses and red lines, and the difficulty of predicting the context in which the cyberattacks would occur.

Q: Do you consider a cyberattack a crime, or a military attack? How do you distinguish between the two?

A: Attribution is likely to remain a very hard problem in the cyber domain. Many clever techniques have been developed to geolocate attackers, and a variety of cybersecurity models are continuously being upgraded. But the tension between security and privacy is one factor that is likely to limit unambiguous attribution, at least in the West.

Q: Can you describe the current state of international laws and regulations regarding cyber activities and weapons?

A: The Tallinn Manual is a first step, but it hasn’t been universally accepted. After initial progress, discussions by the U.N. Group of Governmental Experts (GGE) seem to have stalled. Compounding this are fundamentally different views of what constitute cyberattacks among the United States, Russia and China, as well as others.

Q: The latest 2015 Guidelines for U.S.-Japan Defense Cooperation emphasized the importance of bilateral cooperation and coordination on cyber domains. How do you evaluate their significance?

A: This is crucial. Japan and the United States must develop cyber resilience, which involves the ability to anticipate, withstand and recover from disruptions, as well as to adapt to new post-disruption conditions.

An effective approach can’t just be passive. “Active defense” models may provide a way to be less passive while respecting Japan’s domestic concerns. Interoperability is key, which, in turn, depends on information sharing. In this context, Japan’s information security system is a source of concern in many quarters.

Q: If U.S. Forces Japan is attacked by cybertools from other countries and critically damaged, how do you think the United States will respond? Do you think Japan will exercise its right to collective defense?

A: The specifics of any response will involve highly sensitive capabilities and intelligence, on which I can’t comment. Still, while striving for maximum interoperability and collaboration, the United States needs to be sensitive to Japan’s national constraints and issues.

CITIZENS AND BUSINESSES NEED TO SHARE AWARENESS

Q: How do you evaluate organizations inside the Japanese government in terms of their handling of cyberattacks?

A: Japan’s cyberpolicies and strategies are reasonable, but they must be executed effectively, and citizens and business leaders need to be convinced that cyber is important.

Q: The United States and Japan have also begun to strengthen cooperation for Space Situational Awareness (SSA) in the space domain. What do you think about it? And can you explain the difference between SSA and Space Domain Awareness (SDA)?

A: National Defense Program Guidelines 2018 added space as a domain in which to protect Japan’s national interests, and Japanese nationals’ life, person and property. This is not the same as a “warfighting domain” in U.S. military context.

However, Japan will promote partnership and cooperation including the SSA and mission assurance of the entire space system, through consultations and information sharing and multilateral exercises. Japan’s capabilities could reduce the likelihood of conflict.

The SDA (that the U.S. forces hope to achieve) requires more than SSA. SDA must be backed up by “effective defense capability.” One interpretation of SSA is to detect, track and identify all artificial objects in Earth orbit and maintain a catalog of them, while SDA requires more.

For Japan, SDA means integrating SSA with intelligence and other factors to be able to defend Japan’s satellites and ensure superiority in the use of space at all stages from peacetime to armed contingencies. Other countries have different interpretations, which may involve offensive actions.

Q: What kind of capabilities do you expect Japan to have in the space domain? Are there any difficulties to overcome from the standpoints of Japanese domestic constitutional debate or government institutional structure?

A: The future space domain in 2030 will include operations around and beyond the moon (cislunar operations). There will be many more satellites near Earth. There also will be many more players--more countries, more nongovernmental organizations, more commercial players.

We can expect to see dramatic technology changes, probably including quantum computing. This is not just a technology issue. We should plan with a forward-looking view to adapt to changes in the space environment. Collaboration will be key--public-private, whole-of-government, transnational. Operational and infrastructural resilience will need to be designed in from the beginning.