Originally published on Tripwire, May 24, 2017
Understandably, a few eyebrows raise up when I suggest today’s cybersecurity challenges started nearly 370 years ago, some 300 years before the invention of ENIAC (the world’s first digital computer). But I stand by this observation because of the unintended clash of two systems: the nation-state and the Internet.
Many of the institutions, social constructs and domains we have accepted as norms came out of the Peace of Westphalia, a series of treaties to end the 30 Years War. No, the problems do not stem from the fact that many of us wish to throw our devices out the window when things go wrong or we find ourselves in disagreement with technology. (Though defenestration does sometimes feel like a natural response to many of our cybersecurity problems.)
Rather, the problems stem from the boundaries that the Peace of Westphalia established. Consider the three principles that the Peace of Westphalia established:
- Sovereignty
- Legal equality
- Policy of non-interventionism
In lay terms, these principles translate into the following: defined boundaries, jurisdiction, and “keep out of my house.” These basic principles have served – and continue to serve – as the bedrock principles of our foreign relations, forming the system we know today: the modern-day nation-state.
Without this system of the nation-state, it is quite possible continental Europe would have spun further out of control, continuing to tear itself apart, as it was in the 15th and 16th Centuries. If that chaos had continued, the world would certainly look much different today.
In the simplest sense, the Peace of Westphalia established norms that most persons (particularly of the ruling class) were willing to accept. Even those who have wildly different worldviews on how to live life are able to agree on what “a country” is. (Disclaimer: okay, I am not as confident as I was a couple of years ago on this argument given recent social discourse and public debate.)
Fast forward to the 1960s, and we see how the clash of systems begins. The development of ARPANET (the beginning of the Internet) and the years shortly thereafter spurred a debate regarding what type of controls the network should have. Fred Kaplan’s book Dark Territory: The Secret History of Cyber War sheds light into this debate with some detail, but I will try to simplify: should the network be secured in some manner with controls, or should the network be open, allowing the freest flow of information sharing?
The latter argument eventually won out (which is why the Internet today is inherently vulnerable), but I hope you are starting to see how this emerging system (the Internet) has developing features that are in direct opposition to an established system (the nation-state).