A popular joke circulating online among Russian dissidents goes something like this: A Moscovite wife asks her husband if he understands what the war in Ukraine is about. Yes, thunders the husband, repeating the regime’s talking points—it’s a Russian campaign against NATO’s aggression! The wife continues, asking how the war is going, and here the husband grows somber, saying that the brave Russian military has sustained heavy losses, including more than 18,000 dead. And how many casualties, the wife inquires, did NATO suffer? The husband shrugs his shoulders. “I don’t know,” he says. “NATO hasn’t showed up yet.”
Like all good punch lines, this one, too, is multilayered. Neatly folded into the blunt criticism of Putin’s bloodbath is a larger realization about the way we wage war these days, and about how the old structures erected to keep the world at peace are no longer working.
NATO, alas, is Exhibit A. How did the alliance, formed in the aftermath of World War II and designed to stop precisely the sort of aggression now displayed by Russia, respond to Putin’s invasion? The most honest assessment we have comes courtesy of Ukraine’s president. Speaking to a summit of NATO leaders earlier this spring, Volodymyr Zelensky checked off a long list of NATO failures, from refusing to set up a no-fly zone to delivering too few weapons and munitions. “All the people who will die from this day will die because of you as well,” Zelensky said.
This pressing criticism begs an equally pressing question: If NATO is no longer an effective bulwark to keep the world’s bad guys at bay, what might its replacement look like? Having made a career in cybersecurity, assessing and defending against a different and ascendant type of risk, permit me a modest proposal: If you want world peace, think less England, France, and Germany, and more Google, Apple, and PayPal.
Let’s review the evidence. For one thing, the multinational corporations that generate so much of our economic growth have the technological capacities—to say nothing of the budgets—to design and implement the sort of swift and effective deterrence no government could easily provide. When PayPal exited the Russian market in March, for example, it made it considerably more difficult for Russians to engage in cross-border e-commerce, which is to say buy or pay for almost anything online. That sort of impact on daily life used to take the prolonged concerted effort of nation states; today, companies can do much better, much faster.
Corporations, however, grow even more seminal to world peace if you consider the new fronts of world war. In April, for example, Viktor Zhora, a leading cybersecurity expert for the Ukrainian government, reported an attempt, early on in the war, by the GRU, Russia’s military intelligence agency, to shut down energy facilities, including some in and around the capital Kyiv, most likely as a prelude to ground operations.
The attempt was foiled, but it served as a necessary reminder that while images of destroyed buildings and displaced civilians pack an emotional punch, much of modern warfare is as likely to involve the computer keyboard as it is, say, a short-range missile. Recently, Tom Kellerman, a cybersecurity expert who is a member of the Secret Service’s Cyber Investigations Advisory Board, authored a report that argued that, while Russia might have been unsuccessful in launching efficient cyber attacks against Ukraine, it is behind a torrent of ransomware attacks worldwide that are used to finance the steep cost of Putin’s war.
What, then, are we to do now that “civilian” companies find themselves as enmeshed in mission critical conflicts as troops and military units? The answer is simple: We need a new NATO that revolves around collaborations between nations and these corporations, as well as other stakeholders that make the Information Age so perilous at this moment in history.
If you’re uncomfortable with the thought of tech CEOs taking a seat next to secretaries of state and army generals, I have some uneasy news to share: These interactions are already happening. Amazon, for example, recently renewed its $10 billion deal with the NSA, helping the intelligence agency store all of its highly sensitive data on its AWS servers. And while NATO and other national and international defense organizations all have cyber arms, none are equipped to address the thicket of complicated questions—legal, ethical, and tactical—that arise from a new reality in which nations and corporations find themselves shoulder to shoulder on the virtual battlefield.
What we need now, in other words, isn’t just more investment in cybersecurity—that, thankfully, is already happening—but a new institution that can help us uphold the peace even as challenges grow more intricate and diverse. We suggest a new Geneva convention that will set limitations on cyberwar targets, such as hospitals, old age homes and schools. And it could lead a collective investment in R&D that gives us the most advanced cyber defense systems available.
It’s a tall order, but too many lives are at stake for us to sit idly by. Big Tech takes pride in having disrupted every existing human industry, from health care to finance to logistics. It’s high time we learned how to disrupt war.
Shlomo Kramer is the co-founder and CEO of Cato Networks.