Capacity to contain and respond to biological threats varies considerably across the world. Yet such preparedness is vital for prevention, impact-reduction and resilience in the face of biological events, whether they be natural or deliberate outbreaks.

Chatham House is conducting a series of meetings to strengthen urban preparedness for, and resilience against, biological threats in African countries. This meeting will examine the preparedness and prevention mechanisms in Accra, reviewing the comprehensiveness of city-level preparedness.  

This meeting will focus on the formation and implementation of city-level action plans in the context of preparedness for managing biological threats. It will also explore how local authorities are contributing to this effort with their knowledge and expertise.

Attendance at this event is by invitation only.

This workshop is the second in a series in the 'Implementing the Commonwealth Cybersecurity Agenda' project. The workshop aims to provide a multi-stakeholder pan-Commonwealth platform to discuss how to take the implementation of the 'Commonwealth Cyber Declaration' forward with a focus on the second pillar of the declaration – building the foundations of an effective national cybersecurity response with eight action points. 

As such, the workshop gathers different project implementers under the UK Foreign and Commonwealth Office’s Cyber Programme, in addition to other key relevant stakeholders from the global level, to explore ongoing initiatives which aim to deliver one or more of pillar two’s action points.

The workshop addresses issues from a global perspective and a Commonwealth perspective and will include presentations from selected partners from different Commonwealth countries.

Internet regulation is increasing around the world creating positive obligations on internet providers and exerting negative unintended consequences on the internet infrastructure. In some ways, most of this regulatory activity is justifiable. Governments are concerned about the increased risk that the use of the internet brings to societies. As a response, many governments have been enacting regulations as their main approach to dealing with these concerns. The main challenge is that most of the current regulations are either ill-defined or unworkable.  

On the one hand, several governments have established procedures that seek to analyze the impacts of new regulatory proposals before they were adopted. However, there hasn’t been enough attention aimed at analyzing regulations after they have been adopted and only a few have measures in place to evaluate the impacts of the procedures and practices that govern the regulatory process itself.

On the other hand, much of the regulation creates unintended consequences to the internet itself. It undermines many of its fundamental properties and challenges the integrity and resiliency of its infrastructure.  

This event discusses current practices in internet-related regulation and the related challenges. Panellists will discuss how governments can enforce regulations that achieve their intended purpose while at the same time protecting the internet’s core infrastructure and its properties, including its openness, interoperability and global reach.

• The risks and challenges of the increasing number and arming of drones. 
• The risks for countries of not doing so in terms of geostrategic interests and the future battlefield.
• Opportunities for developing common standards on drone transfers and deployment across EU member states.
• Sharing and cooperation on drone use.
• What legal and policy implications might arise for European states as a result.

With Brexit on the horizon, participants will also consider what impact this may have on future drone developments in Europe.

Attendance at this event is by invitation only.

The 1967 Outer Space Treaty (OST) is the mainframe for space law. It recognizes the importance of the use and scientific exploration of outer space for the benefit and in the interests of all countries. It also prohibits national sovereignty in space, including of the Moon and other celestial bodies.

The OST prohibits all weapons of mass destruction in space – in orbit or on other planets and moons – and does not allow the establishment of military infrastructure, manoeuvres or the testing of any type of weapon on planets or moons. As the treaty makes clear, outer space is for peaceful purposes only. Except of course, it is not – nor has it ever been so.

The very first satellite, Sputnik, was a military satellite which kicked off the Cold War space race between the US and the USSR. The militaries of many countries followed suit, and space is now used for military communication, signals intelligence, imaging, targeting, arms control verification and so on.

However, in keeping with international aspirations, space is also being used for all kinds of peaceful purposes such as environmental monitoring, broadcast communications, delivering the internet, weather prediction, navigation, scientific exploration and – very importantly – monitoring the ‘space weather’ (including the activity from the Sun).

There are several other international agreements on space, such as on the rescue of astronauts, the registration of satellites and liability for damage caused by space objects. There is also the Moon Treaty, which governs activities on the Moon and other moons, asteroids and planets.[i]

More recently, states at the UN Committee on the Peaceful Uses of Outer Space (COPUOS) in Vienna have agreed on guidelines to deal with the worrying situation of space debris which is cluttering up orbits and posing a danger to satellites, the space station and astronauts.

The problem the international community now faces is that the use of space is changing dramatically and rapidly. There are more satellites than ever – well over 1,000 – and more owners of satellites – almost every country uses information generated from space. Increasingly, however, those owners are not countries, militaries or international organizations but the commercial sector. Very soon, the owners will even include individuals.

Small ‘mini-satellites’ or ‘cube-sats’ are poised to be deployed in space. These can act independently or in ‘swarms’, and are so small that they piggy-back on the launching of other satellites and so are very cheap to launch. This is changing the cost–benefit equation of satellite ownership and use. Developing countries are increasingly dependent on space for communications, the internet and information on, for example, weather systems, coastal activities and agriculture. 

Another major development is the advent of asteroid mining. Asteroids contain a wide range of metals and minerals – some asteroids are more promising than others, and some are closer to Earth than others. Several companies have been set up and registered around the world to begin the exploitation of asteroids for precious metals (such as platinum) and compounds (such as rare-earth minerals).

Legally, however, this will be a murky venture. The current international treaty regime prohibits the ownership of a celestial body by a country – space is for all. But does international law prohibit the ownership or exploitation of a celestial body by a private company? The law has yet to be tested, but there are space lawyers who think that companies are exempt. Luxembourg and Australia are two countries that have already begun the registration of interest for space-mining companies.

As humanity becomes more dependent on information that is generated in or transmitted through space, the vulnerability to the manipulation of space data is increasing. The demands on the use of communications frequencies (the issue of spectrum availability and rights), managed by the International Telecommunication Union (ITU),[ii] need to be urgently addressed.

There are now constant cyberattacks in space and on the digital information on which our systems rely. For example, position, navigation and timing information such as from GPS or Galileo is not only vital for getting us safely from A to B, but also for fast-moving financial transactions that require accurate timing signals.

Almost all of our electronic systems depend on those timing signals for synchronization and basic functioning. Cyber hacks, digital spoofing and ‘fake’ information are now a real possibility. There is no rules-based order in place that is fit to deal with these types of attacks.

Cyberweapons are only part of the problem. It is assumed that states, if they haven’t already done so, will be positioning ‘defensive’ space weaponry to protect their satellites. The protection may be intended to be against space debris – nets, grabber bars and harpoons, for example, are all being investigated.

All of these ideas, however, could be used as offensive weapons. Once one satellite operator decides to equip its assets with such devices, many others will follow. The weaponization of space is in the horizon.

There are no international rules or agreements to manage these developments. Attempts in Geneva to address the arms race in space have floundered alongside the inability of the Conference on Disarmament to negotiate any instrument since 1996.

Attempts to develop rules of the road and codes of conduct, or even to begin negotiations to prohibit weapons in space, have failed again and again. There are no agreed rules to govern cyber activity. The Tallinn Manuals[iii] that address how international law is applicable to cyberwarfare also address the laws of armed conflict in space, but data spoofing and cyber hacking in space exist in far murkier legal frameworks.

The current system of international space law – which does not even allow for a regular review and consideration of the OST – is struggling to keep up. Space is the inheritance of humankind, yet the current generation of elders – as they have done with so many other parts of our global environment – have let things go and failed to shepherd in the much-needed system of rules to protect space for future generations.

It is not too late, but it will require international cooperation among the major space players: Russia, the US, China, India and Europe – hardly a promising line-up of collaborators in the current political climate.

Filling the governance gaps

Norms of behaviour and rules of the road need to be established for space before it becomes a 21st-century ‘wild west’ of technology and activity. Issues such as cleaning up space debris, the principle of non-interference, and how close satellites can manoeuvre to each other (proximity rules) need to be agreed as a set of international norms for space behaviour.

A cross-regional group of like-minded countries (for example Algeria, Canada, Chile, France, India, Kazakhstan, Malaysia, Nigeria, Sweden, the UAE and the UK) should link up with UN bodies, including the Office for Outer Space Affairs (UNOOSA), COPUOS and ITU, and key private-sector companies to kick-start a new process for a global code of conduct to establish norms and regulate behaviour in space.

The UN could be the host entity for this new approach – or it could be established in the way the Ottawa process for landmines was established, by a group of like-minded states with collective responsibility for, and collective hosting and funding of, the negotiations.

A new approach should also cover cybersecurity in space. The UN processes on space and cyber should intersect more to find ways to create synergies in their endeavours. And the problems ahead as regards spectrum management – particularly given the large number of small satellites and constellations that are to be launched in the near future – need urgent attention in ITU.

Notes

[i] All of these treaties and other documents can be found at UN Office for Outer Space Affairs (2002), United Nations Treaties and Principles on Outer Space, http://www.unoosa.org/pdf/publications/STSPACE11E.pdf.

[ii] ITU (undated), ‘ITU Radiocommunication Sector’, https://www.itu.int/en/ITU-R/Pages/default.aspx.

[iii] The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), ‘Tallinn Manual 2.0’, https://ccdcoe.org/research/tallinn-manual/.

This essay was produced for the 2019 edition of Chatham House Expert Perspectives – our annual survey of risks and opportunities in global affairs – in which our researchers identify areas where the current sets of rules, institutions and mechanisms for peaceful international cooperation are falling short, and present ideas for reform and modernization.

Summary

• All satellites depend on cyber technology including software, hardware and other digital components. Any threat to a satellite’s control system or available bandwidth poses a direct challenge to national critical assets.
• NATO’s missions and operations are conducted in the air, land, cyber and maritime domains. Space-based architecture is fundamental to the provision of data and services in each of these contexts. The critical dependency on space has resulted in new cyber risks that disproportionately affect mission assurance. Investing in mitigation measures and in the resilience of space systems for the military is key to achieving protection in all domains.
• Almost all modern military engagements rely on space-based assets. During the US-led invasion of Iraq in 2003, 68 per cent of US munitions were guided utilizing space-based means (including laser-, infrared- and satellite-guided munitions); up sharply from 10 per cent in 1990–91, during the first Gulf war. In 2001, 60 per cent of the weapons used by the US in Afghanistan were precision-guided munitions, many of which had the capability to use information provided by space-based assets to correct their own positioning to hit a target.
• NATO does not own satellites. It owns and operates a few terrestrial elements, such as satellite communications anchor stations and terminals. It requests access to products and services – such as space weather reports and satellite overflight reports provided via satellite reconnaissance advance notice systems – but does not have direct access to satellites: it is up to individual NATO member states to determine whether they allow access.
• Cyber vulnerabilities undermine confidence in the performance of strategic systems. As a result, rising uncertainty in information and analysis continues to impact the credibility of deterrence and strategic stability. Loss of trust in technology also has implications for determining the source of a malicious attack (attribution), strategic calculus in crisis decision-making and may increase the risk of misperception.

After President Trump decided to halt a missile attack on Iran in response to the downing of a US drone, it was revealed that the US had conducted cyberattacks on Iranian weapons systems to prevent Iran launching missiles against US assets in the region.

This ‘left-of-launch’ strategy – the pre-emptive action to prevent an adversary launch missiles – has been part of the US missile defence strategy for some time now. President George W Bush asked the US military and intelligence community to infiltrate the supply chain of North Korean missiles. It was claimed that the US hacked the North Korean ballistic missile programme, causing a failed ballistic missile test, in 2012.

It was not clear then – or now – whether these ‘left-of-launch’ cyberattacks aimed at North Korea were successful as described or whether they were primarily a bluff. But that is somewhat irrelevant; the belief in the possibility and the understanding of the potential impact of such cyber capabilities undermines North Korean or Iranian confidence in their abilities to launch their missiles. In times of conflict, loss of confidence in weapons systems may lead to escalation.

In other words, the adversary may be left with no option but to take the chance to use these missiles or to lose them in a conflict setting. ‘Left of launch’ is a dangerous game. If it is based on a bluff, it could be called upon and lead to deterrence failure. If it is based on real action, then it could create an asymmetrical power struggle. If the attacker establishes false confidence in the power of a cyber weapon, then it might lead to false signalling and messaging.

This is the new normal. The cat-and-mouse game has to be taken seriously, not least because missile systems are so vulnerable.

There are several ways an offensive cyber operation against missile systems might work. These include exploiting missile designs, altering software or hardware, or creating clandestine pathways to the missile command and control systems.

They can also be attacked in space, targeting space assets and their link to strategic systems.

Most missile systems rely, at least in part, on digital information that comes from or via space-based or space-dependent assets such as: communication satellites; satellites that provide position, navigation and timing (PNT) information (for example GPS or Galileo); weather satellites to help predict flight paths, accurate targeting and launch conditions; and remote imagery satellites to assist with information and intelligence for the planning and targeting.

Missile launches themselves depend on 1) the command and control systems of the missiles, 2) the way in which information is transmitted to the missile launch facilities and 3) the way in which information is transmitted to the missiles themselves in flight. All these aspects rely on space technology.

In addition, the ground stations that transmit and receive data to and from satellites are also vulnerable to cyberattack – either through their known and unknown internet connectivity or through malicious use of flash drives that contain a deliberate cyber infection.

Non-space-based communications systems that use cable and ground-to-air-to-ground masts are likewise under threat from cyberattacks that find their way in via internet connectivity, proximity interference or memory sticks. Human error in introducing connectivity via phones, laptops and external drives, and in clicking on malicious links in sophisticated phishing lures, is common in facilitating inadvertent connectivity and malware infection.

All of these can create a military capacity able to interfere with missile launches. Malware might have been sitting on the missile command and control system for months or even years, remaining inactivated until a chosen time or by a trigger that sets in motion a disruption either to the launch or to the flight path of the missile. The country that launches the missile that either fails to launch or fails to reach the target may never know if this was the result of a design flaw, a common malfunction or a deliberate cyberattack.

States with these capabilities must exercise caution: cyber offence manoeuvres may prevent the launch of missile attacks against US assets in the Middle East or in the Pacific regions, but they may also interfere with US missile launches in the future. Even, as has recently been revealed, US cyber weapons targeting an adversary may blow back and inadvertently infect US systems. Nobody is invulnerable.

With the increased use of armed drones in recent years, ethical and legal concerns have been raised in regard to civilian casualties, secrecy and lack of transparency and accountability for drone strikes.

This project brings together experts on the use of armed drones, including current and former military officials, academia, think-tanks and NGOs, to discuss and exchange perspectives based on their different experiences, with the aim of sharing knowledge and increasing understanding on these issues, and to inform and provide input into the European debate. The experts explore the issues and controversies surrounding the use of drones outside formal armed conflict and study the broader policy implications in detail, particularly with regards to what this means for the UK and other European countries.

Building on the findings from the workshops, this project will hold a simulation exercise to stress test critical areas of concern around the use of armed drones that are relevant for the UK and other EU member states.

The discussions and the simulation exercise will provide opportunities for policy input on areas of mutual concern and feed into practical policy recommendations on the use of armed drones.

This project builds on previous work on armed drones by the International Security Department and is funded by the Open Society Foundations.