Contemporary Authors

• Mediating Security: Comprehensive Approaches to an Ambiguous Subject: Festschrift for Otmar Höll Peter Lang Edition (Frankfurt am Main, German), 2013
• The Darkening Web: The War for Cyberspace Penguin Press (New York, NY), 2017

1. The darkening web : the war for cyberspace LCCN 2017008579 Type of material Book Personal name Klimburg, Alexander, 1976- author. Main title The darkening web : the war for cyberspace / Alexander Klimburg. Published/Produced New York : Penguin Press, 2017. Description xii, 420 pages ; 25 cm ISBN 9781594206665 (hardcover) CALL NUMBER JZ1254 .K56 2017 CABIN BRANCH Copy 1 Request in Jefferson or Adams Building Reading Rooms - STORED OFFSITE 2. Mediating security : comprehensive approaches to an ambiguous subject : Festschrift for Otmar Höll LCCN 2013036365 Type of material Book Main title Mediating security : comprehensive approaches to an ambiguous subject : Festschrift for Otmar Höll / edited by Alexander Klimburg and Jan Pospisil. Published/Produced Frankfurt am Main : Peter Lang Edition, [2013] Description 220 pages : illustrations ; 22 cm. ISBN 9783631643464 (hardcover) Shelf Location FLS2014 005757 CALL NUMBER JZ5595 .M44 2013 OVERFLOWA5S Request in Jefferson or Adams Building Reading Rooms (FLS1)

• NPR.org - https://www.npr.org/2017/07/11/536595548/author-governments-seek-to-dominate-the-wild-west-of-cyberspace

  QUOTE:
  that to understand Russia's recent cyber intrusions into U.S. politics, not to mention other countries with aggressive cyber agendas - think China - that you have to understand this. The world divides into two broad factions on the basic question of how the Internet should run.
  originally, Russia viewed cyber, which is an old term, as being helpful for government. They've been trying to build an Internet since the '50s. And they always construed it as being a means of control. That's actually also what cyber actually means. It means, means of control in man and machine, and from that point of view, always was seen as being something beneficial.

  But the Western view of the Internet and cyberspace, which is larger than the Internet, has always been disconnected from governments per se. So these different visions did compete, and one side, if you will, did win. But this is not the war that was won. It was just a battle overall. And the old views of seeing cyber as a means of control are still very much there.
  Author: Governments Seek To Dominate The 'Wild West' Of Cyberspace

  Listen· 7:18

  Toggle more options
  July 11, 20174:51 AM ET
  Heard on Morning Edition
  Mary Louise Kelly 2010
  MARY LOUISE KELLY

  In The Darkening Web, Alexander Klimburg warns that the threat of an international cyber war is as real as nuclear exchange during the Cold War — only "many orders of magnitude greater."

  MARY LOUISE KELLY, HOST:

  No country has dreamed about the potential of cyber longer than Russia. That's according to Alexander Klimburg, who argues that Russian cyber ambitions are nothing new, that for decades Russia has seen the potential for exercising control over information and over individuals. Klimburg is the author of a new book, "The Darkening Web." In it, Klimburg argues that to understand Russia's recent cyber intrusions into U.S. politics, not to mention other countries with aggressive cyber agendas - think China - that you have to understand this. The world divides into two broad factions on the basic question of how the Internet should run. I asked him, are those factions reconcilable?

  ALEXANDER KLIMBURG: Well, they're reconcilable when they concentrate on what their common nightmares are. But they're not reconcilable when they think about what their common dreams are. So if we see it this way, for instance, for the West, the biggest threat is only that of cyberwar, of lights going out, power stations failing and similar. But for countries like China and Russia, the biggest threat is that the Internet will be used against their rule, that their regime might be undermined from outside by hostile information warfare campaigns.

  KELLY: It sounds like what you're describing is almost a fundamentally different way of seeing the Internet - that a country like the United States sees it as an opportunity, a force for good, an an enabler. A country like Russia or China sees it as a threat.

  KLIMBURG: I totally agree. I mean, originally, Russia viewed cyber, which is an old term, as being helpful for government. They've been trying to build an Internet since the '50s. And they always construed it as being a means of control. That's actually also what cyber actually means. It means, means of control in man and machine, and from that point of view, always was seen as being something beneficial.

  But the Western view of the Internet and cyberspace, which is larger than the Internet, has always been disconnected from governments per se. So these different visions did compete, and one side, if you will, did win. But this is not the war that was won. It was just a battle overall. And the old views of seeing cyber as a means of control are still very much there.

  KELLY: So I guess what makes that so interesting is how you reconcile the idea of Russia seeing the Internet as a threat and yet as this incredible tool in its arsenal that allows Russia to punch above its weight on the global stage.

  KLIMBURG: I think that's an interesting question. I think the idea of Russia throwing its weight around more than it would otherwise be able to based on its economic might alone is a question that strategic observers have been debating for a number of years. But the other part of that question is that cyberspace fundamentally has been beneficial also to Russia, as it has been to China, particularly in economic ways. And therefore, now that they don't see themselves as being so reliant on a free Internet for economic growth, they are now trying to advance the control aspects. But to be frank, they've been doing that since the late '90s.

  KELLY: Do you see any sort of parallels between the way that Russia and China are running their cyber policy at this point? I mean, obviously we're talking about two authoritarian states which would like to exercise more state control over the Internet than Western governments. However, we don't see - we're not hearing about Chinese interference in U.S. elections, for example. Why not?

  KLIMBURG: Well, we were hearing a lot until quite recently about Chinese intellectual property theft. So we should keep in mind that when I started writing this book, the only thing people wanted to talk about was China. So China, after the prolonged intellectual property discussion or the theft of economic secrets, ended up making a deal under President Obama which did see theft of intellectual property decrease.

  It also coincided with a massive reform of the People's Liberation Army by Xi Jinping, which means that Chinese cyber is now changing its focus. And one of the predictions is it will start to look more like Russian cyber. It will be more associated with intelligence rather than the military side. And also, it will focus more, perhaps, on government espionage and information warfare activities.

  KELLY: This is really interesting. Do you have evidence of - that China is watching closely the way Russia is conducting itself in cyberspace and cyber warfare and learning accordingly?

  KLIMBURG: Oh, there's abundant evidence for that because, obviously, China has been learning from Russia for decades. They are strategically aligned, at least in their philosophical outlook and also in their strategic thought. And much of what we actually know of Russian cyberthought comes through our interpretation of Chinese cyberthought, which is much easier to get ahold of. But it is clear that they are moving in a direction which is more aligned to what we think we know about Russian cyber capability.

  So on many different levels, there's a close alignment between Chinese and Russian cyberthought, although they have different interests. The Chinese interest is much more economic-orientated. They depend on the global Internet more than Russia does. And they also see themselves as a rising power who doesn't have to push its luck. Russia doesn't necessarily see itself as a rising power and, therefore, is more concerned in securing gains now.

  KELLY: Are Chinese cyber capabilities on a par with Russia? We hear so much about Russian capabilities here in the U.S. Are the Chinese just as good?

  KLIMBURG: So overall, they're not even close. Chinese capabilities are traditionally much less advanced than Russian capabilities. And Russian capabilities are second only to the U.S. in sophistication. The U.S., of course, dominates the space and is completely incomparable with all other actors. Having said that, the Russian capabilities are so good, in part, because of the involvement of the nonstate sector, the cybercriminals. And those cybercriminals also sometimes work with Chinese actors and other nations. So just to keep in mind, we're only talking about China and Russia here, but there are at least nearly three dozen nations that are actively looking for offensive cyber capabilities.

  KELLY: Well, let me end by asking you if you were to sit down and write the new edition for this book, what do you think the major threats would be? Where's all this going?

  KLIMBURG: So my concern is that by construing cyberspace as a place of conflict, we will effectively see a trend developing amongst Western governments that questions how the Internet is currently managed. Now, governments don't have that much to say in cyberspace currently. It's run by the private sector, and it's built by civil society, right? So that dialogue is changing. And it seems to be implying that we're shifting into a direction where government would take over much more responsibility than it's previously had.

  Now, this is exactly what countries like Russia and China would like. So it's really a case of trying to make sure that we, in the Western governments, don't allow our governments to be distracted. It's important to understand that cyberspace is an information domain. So all our political opinions, all our purchasing decisions, the way we educate our children, everything is in cyberspace. And we have to take extraordinary care that authoritarian interests don't gain more than a toehold in this domain.

  KELLY: Alex Klimburg, thanks very much.

  KLIMBURG: Thank you very much for your time.

  KELLY: Alex Klimburg of Harvard and The Hague Center for Strategic Studies. His new book is "The Darkening Web: The War For Cyberspace."

  (SOUNDBITE OF GOLD PANDA'S "SONG FOR A DEAD FRIEND (DAISUKE TANABE REMIX)")

• Atlantic Council - http://www.atlanticcouncil.org/about/experts/list/alexander-klimburg#fullbio

  QUOTE:
  focuses on reconciling norms of state behavior in international cyber security with the ongoing dialogue within internet governance, in particular with the role of nonstate actors.
  Full Bio
  Alexander Klimburg is a nonresident senior fellow with the Cyber Statecraft Initiative of the Scowcroft Center for Strategy and Security.

  Klimburg is also a senior research fellow at the Hague Centre for Security Studies, an affiliate and former Fellow of the Belfer Center of Harvard Kennedy School, and an associate fellow at the Austrian Institute of European and Security Policy.

  Klimburg has worked on numerous topics within the wider field of international cybersecurity since 2007. He has acted as an adviser to a number of governments and international organizations on national cybersecurity strategies, international norms of behavior in cyberspace and cyber-conflict (including war, cyber-crime, and cyber-espionage), critical infrastructure protection, and internet governance. He has participated in international and intergovernmental discussions within the European Union and the Organization for Security and Co-operation in Europe, has been a member of various national, international, NATO, and EU policy and working groups. He has been invited to give over seventy talks since 2010, including at NATO, the US Congress, and the European Parliament. He regularly participates and organizes track 1/1.5 diplomatic initiatives as well as technical research groups. He is author and editor of over a dozen books, research papers, and commentaries, and has often featured in the international media, including in Newsweek, Reuters, and others.

  Previously, Klimburg worked for eight years in Vienna as senior adviser at the Austrian Institute of International Affairs, and has been closely involved in a number of European cybersecurity policy initiatives. Prior to this Klimburg worked on ICT strategy issues in corporate finance and strategy consulting in Europe and Asia. A graduate (1st class degree) of the School of Oriental and African Studies and the London School of Economics, he is currently a PhD candidate at the University of Vienna. He is a member of the International Institute of Strategic Studies.

  Klimburg’s current research focuses on reconciling norms of state behavior in international cyber security with the ongoing dialogue within internet governance, in particular with the role of nonstate actors. Within this context he is currently writing a book on the various conflicting aspects of international cybersecurity, to be published by Penguin Press in early 2016.

• Atlantic Council - http://www.atlanticcouncil.org/about/experts/list/alexander-klimburg

  Alexander Klimburg
  Nonresident Senior Fellow, Cyber Statecraft Initiative

  Alexander Klimburg
  EXPERT CONNECT
  Press Inquiries
  Expertise
  Topics
  Cyber Security, International Norms, Internet Governance, NATO and its Partners, US Defense Policy
  Regions
  Europe
  Languages
  German

• Penguin Random House - https://www.penguinrandomhouse.com/authors/304689/alexander-klimburg

  Alexander Klimburg
  A K
  Photo: © Katja Leander/interfoto

  ABOUT THE AUTHOR
  Alexander Klimburg is a program director at The Hague Centre for Strategic Studies, a nonresident senior fellow at the Atlantic Council, and an associate and former fellow at the Belfer Center of the Harvard Kennedy School. He has acted as an advisor to a number of governments and international organizations on cybersecurity strategy and internet governance, and has participated in various national, international, NATO and EU policy groups. He splits his time between Boston, Vienna and The Hague.

Science & technology
Library Journal. 142.10 (June 1, 2017): p125+.
Copyright: COPYRIGHT 2017 Library Journals, LLC. A wholly owned subsidiary of Media Source, Inc. No redistribution permitted.
http://www.libraryjournal.com/
Listen
Full Text:

[...]

Klimburg, Alexander. The Darkening Web: The War for Cyberspace. Penguin Pr. Jul. 2017.432p. notes, index. ISBN 9781594206665. $28; ebk. ISBN 9780698402768. TECH

Klimburg (program director, Hague Ctr. for Strategic Studies) lays out in detail the perils posed by our growing dependence upon the Internet and warns how much more dangerous the situation may become. Starting with an explanation of how cyberspace works--from the hardware to the layers of software to the social interactions of users--he describes many points of system vulnerability. Klimburg recounts the history of attacks in which hackers have disabled portions of infrastructure, compromised data security, and influenced social and political behavior. Moreover, he indicates that the events known to the public represent only a fraction of the number of actual occurrences. The author asserts that cyberwarfare may be the greatest threat to democracy around the world and that the United States is being outperformed in both offensive and defensive activities by rivals Russia and China. In short, this is a very frightening book. Although parts of this title can be heavy going, reading it is well worth the effort. VERDICT Recommended for anyone interested in international affairs.--Harold D. Shane, Mathematics Emeritus, Baruch Coll. Lib., CUNY
"Science & technology." Library Journal, 1 June 2017, p. 125+. General OneFile, http://link.galegroup.com/apps/doc/A494891743/ITOF?u=schlager&sid=ITOF&xid=165b30ca. Accessed 28 Jan. 2018.

QUOTE:
articulates a powerful central thesis: The Internet has arrived at a historical inflection point, the author asserts, and today has become an arena for a massive international security competition fought in an increasingly Hobbesian ecosystem of digital aggression and overt information warfare.
As "The Darkening Web" demonstrates, explaining cyberspace and its acute geopolitical and geostrategic disruption is profoundly challenging; it is a history hurtling ahead at Internet speed.

Book World: The international war for digital dominance heats up
Gordon M. Goldstein
The Washington Post. (Aug. 4, 2017): News:
Copyright: COPYRIGHT 2017 The Washington Post
http://www.washingtonpost.com/
Listen
Full Text:
Byline: Gordon M. Goldstein

The Darkening Web: The War for Cyberspace

By Alexander Klimburg

Penguin Press. 420 pp. $30

---

Alexander Klimburg's "The Darkening Web: The War for Cyberspace" articulates a powerful central thesis: The Internet has arrived at a historical inflection point, the author asserts, and today has become an arena for a massive international security competition fought in an increasingly Hobbesian ecosystem of digital aggression and overt information warfare.

Nation-states of the 21st century, Klimburg explains, have become inextricably bound to "a digital Great Game - a chessboard on which their respective interests can be advanced, and key points captured, all toward the notion of occupying the commanding heights of what will be the dominant domain of the future: cyberspace." Far from the Web's early ethos as a benign realm for borderless information-sharing and communication, "states are making cyberspace a domain of conflict, and therefore increasingly threatening the overall stability and security not only of the Internet but also of our very societies."

It's unfortunate that Klimburg's book is diffuse, unfocused and feathered with egocentric first-person flourishes. Had the author presented his thoughts with more discipline and concision, his arguments might have had more impact. For the tale he tells is a chilling one.

A recent wave of cyberattacks that has spread around the world vividly dramatizes Klimburg's argument that states have pried open a technological Pandora's box that is rapidly reordering the global threat environment. In May, 200,000 computers in more than 150 countries were infected with the WannaCry malware virus, shutting down hospitals, rail traffic and production lines in an offensive that the Department of Homeland Security attributes to North Korea. In June another hack against Ukraine, which that country accuses Russia of instigating, spread to 2,000 targets in 65 countries. Remarkably, in both cases the attacks used cyberweapons stolen from the U.S. National Security Agency by a group called the Shadow Brokers, which first offered the malicious code for sale about one year ago.

Both the NSA debacle and many of the seminal disclosures related to the Kremlin's intervention in the 2016 U.S. presidential election - including Russian probes and possible penetration attempts into 21 state election systems - occurred after Klimburg completed his manuscript. Yet his treatment of Russia's vision of the Internet and its hyper-aggressive quest for supremacy in cyberspace still constitutes the most illuminating and absorbing passages in "The Darkening Web."

Applied domestically as an instrument of political control and internationally to advance a strategy of destabilization, Moscow's doctrine of cyber-dominance is ominous and increasingly effective. Klimburg cites a study concluding that "Russian Internet users have become so inured to the Kremlin narrative of the Internet as a tool of Western powers that two out of five Russians distrust foreign media and nearly half of Russians believe foreign news web sites need to be censored." RT, the television station formerly known as Russia Today, has a budget that rivals the world's largest media group, the BBC World Service. In the words of Russian President Vladimir Putin, RT is determined to break the "Anglo-Saxon monopoly on global information streams."

Supplementing its propaganda machine, the Kremlin employs hundreds of Internet trolls to spread disinformation and post antagonistic commentary in Western media, messages like "Putin makes Obama look weak!"

In Ukraine, a "Russian propaganda warfare offensive" was central to the 2014 occupation of Crimea and included fabricated claims that babies had been crucified by Ukrainian soldiers. "Russia's philosophy of information conflict is much older than the United States'," Klimburg observes. "In many ways, the rise of cyberspace has breathed new life into former Soviet military strategy." The author quotes a former KGB colonel on the Kremlin's effort to both sow discord among the United States and its allies and weaken American political institutions: "The most common subcategory of active measures is (BEGIN ITAL)dezinformatsiya ... (END ITAL) or disinformation: feverish, if believable lies cooked up by Moscow Centre and planted in friendly media outlets to make democratic nations look sinister."

"The Darkening Web" would be a better book if its six disjointed sections and 19 chapters, including a conclusion and epilogue, were substantially restructured and compressed. Much of the history of the Internet from the 1990s is more academic than essential, forcing the reader to join a sometimes tedious slog retracing "the individual footsteps in the sands of the history of the cyber-space domain." Acronyms abound, sometimes incomprehensibly: "This definition of IO clearly and troublingly puts equal emphasis on the CNO task and the psychological warfare components, PSYOPS and MILDEC." Personal conclusions by the author can be pedantic: "I have become increasingly doubtful that the Smith-Mundt Act - which has been amended a number of times since the 1950s - was really a bulwark against propaganda that could also inadvertently be consumed by US persons."

There are also peculiar discontinuities between Klimburg's analysis and prescriptive recommendations. The author correctly notes that within the United Nations there is a fierce geopolitical conflict over the future of the Internet, with Russia, China and many Arab states coalesced in one bloc and the United States and its allies in another. Klimburg is right that the "ideological differences between the Free Internet nations and the Cyber-sovereignty advocates is not too far away from the ideological confrontation that defined the Cold War." Although these two blocs are irreconcilably divided, the author proposes that the U.N. First Committee should be the driving force behind a new initiative to solve the horrendously complex international crisis in cybersecurity. It is a wholly unrealistic notion. With the exception the 1990-1991 Persian Gulf War, major powers in the U.N. system have almost never achieved consensus or mounted effective engagement in response to the hardest international security challenges, of which cybersecurity is certainly one.

Finally, despite its breadth and grand ambitions, "The Darkening Web" traverses little new intellectual territory. Klimburg devotes considerable effort to explaining the governance structure for the Internet, a theme already comprehensively addressed in the work of the outstanding scholar Laura DeNardis. While the author's conclusion that global powers have weaponized the Internet is self-evidently true, that book has already been written by Wall Street Journal reporter Shane Harris, in his methodically researched 2014 work, "@War: The Rise of the Internet-Military Complex." And while the evolution of American offensive cyber-capabilities is a subject of obvious import and interest, that narrative has already been written, too - by Slate columnist Fred Kaplan in his fascinating "Dark Territory: The Secret History of Cyber War," published while Klimburg was composing his own study.

As "The Darkening Web" demonstrates, explaining cyberspace and its acute geopolitical and geostrategic disruption is profoundly challenging; it is a history hurtling ahead at Internet speed.

---

Goldstein is an adjunct senior fellow at the Council on Foreign Relations.

Goldstein, Gordon M. "Book World: The international war for digital dominance heats up." Washington Post, 4 Aug. 2017. General OneFile, http://link.galegroup.com/apps/doc/A499897602/ITOF?u=schlager&sid=ITOF&xid=a53465f1. Accessed 28 Jan. 2018.

QUOTE:
quietly horrifying
With gut-clenching efficiency, Klimburg imagines plenty: power grids not only shut down but physically damaged, transportation networks disrupted or closed (80 percent of Americans live in cities, dependent on food supplies that would only last a day if stopped), telecommunications warped or terminated, financial information deleted, and of course the stereotypical nightmare scenario, which involves nuclear weapons, tens of thousands of which have command-and-control sequences that are now "cyber-enabled" - and therefore hackable.

'The Darkening Web' warns of destruction through cyber means
Steve Donoghue
The Christian Science Monitor. (Aug. 1, 2017): Arts and Entertainment:
Copyright: COPYRIGHT 2017 The Christian Science Publishing Society
http://www.csmonitor.com/About/The-Monitor-difference
Listen
Full Text:
Byline: Steve Donoghue

At the conclusion of his magisterial 2016 book "Cyberspace in Peace and War," US Naval Academy cybersecurity expert Martin Libicki takes a scolding tone toward rag-tag hackers who liked to demonstrate "their intelligence if not their maturity" and told his readers that cybersecurity was a three-star problem that was "hyped into a four-star problem, a standing that it never deserved."

It was an odd conclusion even in 2016 - after all, in 2015 there'd been an enormous coordinated cyber-attack on Ukraine's power system, in which a quarter of a million Ukrainians were deprived of power in the middle of winter. And from the vantage point of 2017, after the world watched in appalled horror at the 2016 US presidential election and its aftermath - in which Russian state agencies hacked US election rolls and perhaps did much more - Libicki's complacent conclusion seems downright naive.

Updating the picture is Alexander Klimburg's quietly horrifying new book The Darkening Web: The War for Cyberspace, which opens with a brutally sobering declaration about the kind and extent of damage that cyber warfare could inflict. "In reality," Klimburg writes, "pretty much any form of destruction is achievable through cyber means; for those with the resources, the only limitation is their own creativity."

With gut-clenching efficiency, Klimburg imagines plenty: power grids not only shut down but physically damaged, transportation networks disrupted or closed (80 percent of Americans live in cities, dependent on food supplies that would only last a day if stopped), telecommunications warped or terminated, financial information deleted, and of course the stereotypical nightmare scenario, which involves nuclear weapons, tens of thousands of which have command-and-control sequences that are now "cyber-enabled" - and therefore hackable. Planes fly - and land safely - guided not by human hands but entirely by software. Thousands of pieces of everyday technology are now interconnected in an elaborate ongoing electronic conversation with each other - the much-touted "Internet of things" - and all of those conversations can be not only interrupted but co-opted. The implication throughout the book couldn't be clearer: logging off Facebook or keeping a backyard garden is a fool's consolation. In cyber warfare, there are no civilians.

Naturally enough, the Russians figure prominently throughout "The Darkening Web."

"The extreme level of Russian involvement in the 2016 US presidential election is, at the time of finishing this book, just reaching fever pitch," Klimburg writes. "One June 2016 article clearly outlines how the Kremlin's troll army was being used to support the candidacy of Donald Trump, with a number of known trolls migrating their accounts to fake conservative personas."

Klimburg traces the long history of Russia's electronic espionage, including the entire generation of siloviki, former members of the Soviet security services, who've been put to new and nefarious uses in Putin's Russia. But the story also extends to the rise of state-sponsored hacking campaigns all around the world, from major actors like China and North Korea to tiny four-person cabals in Eastern Europe unleashing vast clouds of malicious bots for reasons of their own.

All these actors combine to form a vast crowd of opportunists creating millions of strains of malware, splicing and re-combining into "zombie armies" called botnets, which can form cybernetic terrains all their own. "Botnets are highly useful for those seeking to perpetrate cyber crime or even engage in state-affiliated cyber espionage," Klimburg writes. "Botnets can be used by hackers for a variety of tasks: they are truly the Swiss army knives of cyberattacks."

And alongside malicious human actors there's also the added danger of inhuman actors: malware communicating with malware, bots adapting themselves to other bots, often simulating the kind of artificial intelligence (AI) that no less an authority than Stephen Hawking warned might spell the end of humankind.

Whether its author intends it or not, "The Darkening Web" eventually accumulates the picture of an impending apocalypse, an utterly unwinnable war in which the world's few good guys - in this account, the liberal democracies that are interested in social freedom and the uncensored flow of information - are outgunned, outspent, and outmaneuvered at every stage of what Klimburg refers to as the great cyber game. The vending machine in your office's cafeteria communicates electronically - automatically and without supervision - with its stocking company when it's running low on snacks; the company's stocking software communicates - again, unsupervised - with the software of its distant suppliers. Those suppliers have software that communicates with various government regulatory agencies. All of it happens every day, and all of it is hackable. Multiply that a millionfold and you have the world of the darkening web.

"This is an Armageddon that all of us in liberal democracies have the power to avert," Klimburg writes, reminding his readers that "humanity has come together to deal with existential challenges before." In the wake of a presidential election hacked by an enemy power, with massive randomware viruses making the news by attacking dozens of countries simultaneously, the note of defiant optimism, however unrealistic, is desperately appreciated.
Donoghue, Steve. "'The Darkening Web' warns of destruction through cyber means." Christian Science Monitor, 1 Aug. 2017. General OneFile, http://link.galegroup.com/apps/doc/A499711291/ITOF?u=schlager&sid=ITOF&xid=659e3fd6. Accessed 28 Jan. 2018.

"Science & technology." Library Journal, 1 June 2017, p. 125+. General OneFile, http://link.galegroup.com/apps/doc/A494891743/ITOF?u=schlager&sid=ITOF&xid=165b30ca. Accessed 28 Jan. 2018. Goldstein, Gordon M. "Book World: The international war for digital dominance heats up." Washington Post, 4 Aug. 2017. General OneFile, http://link.galegroup.com/apps/doc/A499897602/ITOF?u=schlager&sid=ITOF&xid=a53465f1. Accessed 28 Jan. 2018. Donoghue, Steve. "'The Darkening Web' warns of destruction through cyber means." Christian Science Monitor, 1 Aug. 2017. General OneFile, http://link.galegroup.com/apps/doc/A499711291/ITOF?u=schlager&sid=ITOF&xid=659e3fd6. Accessed 28 Jan. 2018.

• Kirkus Reviews Online
  https://www.kirkusreviews.com/book-reviews/alexander-klimburg/the-darkening-web/
  Word count: 420

  QUOTE:
  Klimburg delivers an urgent warning that civil libertarians and cybernauts alike will want to heed.

  THE DARKENING WEB
  The War for Cyberspace
  by Alexander Klimburg
  BUY NOW FROM
  AMAZON
  GET WEEKLY BOOK RECOMMENDATIONS:
  Email Address
  Enter email
  Subscribe
  Email this review
  KIRKUS REVIEW
  Of the free internet and its discontents, who are many and powerful.

  “Governments did not make the Internet,” writes cybersecurity strategist Klimburg, the program director at The Hague Center for Strategic Studies. Never mind that the backbone of the internet was in fact the creation of scientists working under the American government, the fact remains that entrepreneurs, cyberpioneers, techno-anarchists, hackers, and other such independent-minded spirits have been the chief engineers of a place where pretty much anything goes. Those days may be coming to an end, Klimburg warns, as governments and corporations seek increasingly to control the internet, both to monitor the behavior of users and to seize the broadcast capabilities of the medium to serve up state propaganda. The United States, writes the author, has long held that the internet is “a largely non-state domain” that works pretty well as it is, while such governments as Putin’s Russia believe that they should control their own portions of the Web, a position that China and much of the developing world also seems to hold—though, Klimburg notes, powers such as India and Brazil seem to be moving away from it, even as efforts are mounting in the U.S. to restrict online freedom. Given the “great cyber game” that is raging among state powers—witness the role of Russian hackers in recent elections outside Russia—and these efforts at control, the author foresees the possibility that much online activity may move to the “dark web,” where criminality and illegality may in turn corrupt the free internet. He argues that the present multistakeholder approach to internet governance is the best of all possible cyberworlds, and he recommends the formation of a kind of organization akin to the Intergovernmental Panel on Climate Change to represent these many constituencies while allowing for internet independence and a fully engaged fight against cyberinstability.

  Klimburg delivers an urgent warning that civil libertarians and cybernauts alike will want to heed.

  Pub Date: July 11th, 2017
  ISBN: 978-1-59420-666-5
  Page count: 432pp
  Publisher: Penguin Press
  Review Posted Online: May 2nd, 2017
  Kirkus Reviews Issue: May 15th, 2017

• Publishers Weekly Online
  https://www.publishersweekly.com/978-1-59420-666-5
  Word count: 228

  QUOTE:
  The book serves as an excellent primer on cyberwarfare, especially useful in the context of the 2016 U.S. presidential election, as accusations of Russian interference continue to make headlines.

  The Darkening Web: The War for Cyberspace
  Alexander Klimburg. Penguin Press, $28 (400p) ISBN 978-1-59420-666-5

  The complex art of cyberwarfare and its global arena get a thorough examination by Klimburg, a cybersecurity expert at the Hague Centre for Strategic Studies. After an accessible explanation of the origins and underpinnings of the internet, Klimburg segues to an in-depth discussion of the major players in cyberwarfare—primarily the United States, Russia, and China—and then discusses his vision and fears for the future, depicting a chilling portrait of the interdependency of the cyberspace and its emergence as a domain for political conflict. Once Klimburg moves into policy and theory, his arguments get a little more abstract and may fly over the heads of those less grounded in the matter; he admits as much with a nod to the “virtual cyber veil of esoteric detail and complexity that has traditionally made this topic difficult even for experienced policy makers to grasp.” The book serves as an excellent primer on cyberwarfare, especially useful in the context of the 2016 U.S. presidential election, as accusations of Russian interference continue to make headlines. (July)

• Nature
  https://www.nature.com/articles/547030a
  Word count: 1201

  QUOTE:
  The Darkening Web provides a sweeping yet nuanced overview of how we got to where we are online, with ample backstory.

  Altmetric: 201More detail
  Books & Arts

  Cybersecurity: The cold war online
  Steven Aftergood
  Steven Aftergood weighs up an analysis of the fierce conflict destabilizing the Internet.

  The Darkening Web: The War for Cyberspace
  Alexander Klimburg

  Penguin: 2017. 9781594206665

  The Internet is under attack, and not just by hackers, thieves and spies. As Alexander Klimburg reports in The Darkening Web, governments that insist on their own primacy are increasingly assaulting the idea of this digitized landscape as a transnational commons. Cyberspace is becoming a war zone in a new era of ideological combat.

  Members of the US Navy Cyber Defense Operations Command monitor unauthorized network activity. Image: US DOE

  Klimburg — director of cyber policy at the Hague Centre for Strategic Studies in the Netherlands — sees the combatants as belonging to two groups. The forces of the 'free Internet' favour the unconstrained flow of information, independent of national borders or cultural barriers. The 'cybersovereignty' camp, led by Russia and China, demands greater government control of the Internet and of information. To sustain its massive censorship operation, China's 'Great Firewall' employs more people than serve in the country's armed forces.

  The stakes are enormously high, writes Klimburg. Will the Internet be permitted to realize its potential to support a global civilization? Or will it be turned on itself to reinforce historical divisions between nations — another chapter in an interrupted cold war? Aggression and suppression online are commonplace. A diplomatic crisis in the Middle East and Africa this year may have been triggered by Russian hackers planting a false story in the Qatari state news agency. The Turkish government cut off access to Wikipedia in April after critical commentary appeared in the online encyclopaedia. Yet cooperative efforts to improve cyberdefences — such as an agreement between Vietnam and Japan in April, and between Singapore and Australia in June — are also on the rise.

  “Hacking has made dramatically clear the possibilities of weaponizing information.”

  The Darkening Web provides a sweeping yet nuanced overview of how we got to where we are online, with ample backstory. Klimburg describes how the Internet's operation depends on many discrete parts and participants, including governments, the private sector, civil society, academics and private individuals. Together, they provide the infrastructure, coding and content that comprise cyberspace, as well as the increasingly required capacity for emergency incident response. The multistakeholder model of Internet governance is part of what enables it to transcend national boundaries. Remarkably, Klimburg notes, “all nations that participate in the Internet already accept a certain loss of sovereignty”. An international non-profit organization, the Internet Corporation for Assigned Names and Numbers, has more authority over the domain-name system than has any individual government.

  Information overload

  Yet proponents of cybersovereignty have an advantage. They are, Klimburg says, perpetually on the offensive, using information as a weapon to advance national interests. The free Internet side, by contrast, struggles to defend a status quo based on international transparency and cooperation. The ultimate goal of the cybersovereignty advocates, Klimburg says, is nothing less than “a reconceptualization of the entire Western-defined global order”. And they seem to have the wind at their backs. Heightened concerns about online security are leading to increased governmental policing of cyberspace. Russian hacking of political campaigns and manipulative 'influence operations' during the 2016 US presidential election made dramatically clear the possibilities of weaponizing information. Rising nationalism and political polarization in the West may exacerbate the situation.

  Writing in The Wall Street Journal in May, White House national security adviser H. R. McMaster and National Economic Council director Gary Cohn said: “The world is not a 'global community' but an arena where nations, nongovernmental actors and businesses engage and compete for advantage.” They continued: “Rather than deny this elemental nature of international affairs, we embrace it.” Substitute 'cyberspace' for 'the world' here, and it amounts to a US affirmation of the push for cybersovereignty. Furthermore, after the London Bridge terror attack on 3 June, UK Prime Minister Theresa May seemed to endorse new government restrictions on online information when she called for “international agreements to regulate cyberspace to prevent the spread of extremism and terrorism planning”.

  Problem areas are unequivocally legion, and include 'bad content' online, such as incitement, libel and child pornography. Yet, Klimburg notes, from a free Internet perspective these should be dealt with as a law-enforcement matter, not by pre-emptively restricting communication. The defence of the Internet has to be conducted on multiple levels. There is, however, an ongoing semantic struggle over the very terminology of cybersecurity, as each side attempts to import or exclude specific connotations. As Klimburg writes, Russia and China define 'information security' in a way that mirrors their aim of legitimizing state control over information.

  There are efforts through the United Nations and other forums to devise norms for conduct in cyberspace, which may either enhance or diminish national power over the Internet. For example, the US Defense Science Board asked in a report this year: “Is it acceptable or unacceptable for nations to pre-position malicious software in each other's electrical grids, as appears to have occurred to the United States?” If it is acceptable, the board advised, the United States should do it too, if only as a deterrent. If it is not, the perpetrators should be identified and punished. Meanwhile, international diplomacy is there for resolving conflicts and, although an apparently weak reed, can sometimes be fruitful. A US–China agreement in September 2015 resulted, Klimburg notes, in “the most massive reversal in the history of cyber conflict”, with Chinese cyberattacks on US firms dropping sharply.

  The Darkening Web is not a full account of current events. It barely touches on Russian intervention in the US presidential election. It does not mention the hacking group The Shadow Brokers, which acquired stolen intelligence tools from the US National Security Agency (NSA) in 2016; the global WannaCry ransomware episode in May this year; or the new Chinese cybersecurity law that vaguely aims to regulate “cross-border movement of data”. What it does provide is a thoughtful framework for assessing developments in this fast-moving area.

  At its best, the book questions its own premises and reflects on them. Klimburg admits that those in the West rarely see opposing perspectives clearly. So if it is hard to understand Russia's “overt level of aggression” on the Internet, that may be because other nations are ignorant of Russia's own burden of cyberattacks. The West itself, he argues, has eroded the trust that is the foundation of the free Internet by engaging in indiscriminate surveillance activities, such as some of those enacted by the NSA and disclosed in 2013 by former contractor Edward Snowden.

  Ultimately, Klimburg concludes, the battle for a free Internet “is nothing less than the struggle for the heart of modern democratic society”. It will be up to the democratically inclined to defend it as best they can.

  Related links

• Wall Street Journal Online
  https://www.wsj.com/articles/the-coming-war-for-cyberspace-1500051589
  Word count: 1678

  The Coming War for Cyberspace
  A leading cyber security expert warns that the Web could one day darken due to international conflict, turning a boon to mankind into a tool for political and ideological control and domination. Stephen Budiansky reviews ‘The Darkening Web’ by Alexander Klimburg.
  The ‘ransomware’ program known as Petya locks infected computers and displays this graphic.
  The ‘ransomware’ program known as Petya locks infected computers and displays this graphic.
  By Stephen Budiansky
  July 14, 2017 12:59 p.m. ET
  11 COMMENTS
  Alexander Klimburg thinks we are not nearly as worried as we should be about internet-borne mayhem in our increasingly interconnected world. His timing couldn’t be better. “The Internet, a fabulous artifice of human civilization largely perceived today as a domain for advancing freedoms and prosperity,” he writes in the introduction to “The Darkening Web,” “could become instead a dark web of subjugation.” He foresees a not too distant future in which cyberspace is primarily “a domain of conflict . . . threatening the overall stability and security not only of the Internet but also of our very societies.”

  The cyber attacks in May and June that shut down hospitals in Britain and the United States, ATMs in Ukraine, railways in Germany, and tens of thousands of other targets around the globe were vivid illustrations of a concern that Mr. Klimburg, a cybersecurity researcher and senior fellow at the Atlantic Council, emphasizes throughout: that the United States government, in focusing single-mindedly on developing its own offensive cyber capability, has set off an “international arms race in cyber.” The recent attacks in fact used malicious computer code originally developed by the U.S. National Security Agency; the malware fell into the hands of rogue hackers when it was stolen and openly published last year under circumstances that are still unclear.

  THE DARKENING WEB
  By Alexander Klimburg

  Penguin Press, 420 pages, $30

  Like the Stuxnet virus that the NSA, CIA and Israel reportedly employed to sabotage centrifuges in Iran’s nuclear enrichment facility, the weapons used in recent attacks were crafted to penetrate the Windows operating system and exploit security flaws unknown to Microsoft at the time they were developed. Once inside a system, they can be commanded to steal data, monitor communications or engage in more disruptive attacks by disabling key functions.

  In a world where these kinds of destructive attacks become the norm, Mr. Klimburg argues, it is the U.S. that has the most to lose. Or, as he more sweepingly asserts, the U.S. effort “to achieve total dominance” in offensive cyber capability “can be safely said to have totally backfired.”

  Mr. Klimburg is particularly dismayed by the two-handed game that the NSA has been playing: outwardly working with technology companies to improve security for all, while secretly withholding knowledge of key weaknesses in the internet and computer software that the agency wants to exploit for its own intelligence or cyber operations. And he warns that the West’s responses to growing cyber threats run the risk of playing right into the “ambitions of authoritarian states,” which have long sought to control the flow of information through propaganda and censorship. Another recent front-page story offers a case in point: the discovery that hacking tools sold to the Mexican government by an Israeli security firm—and supposedly restricted to use against terrorists and criminals—had been used by the government instead to harass and spy on domestic critics.

  Part of the difficulty that Western governments face in responding to these challenges is that a number of very different kinds of threats are lumped together under the catchall terms “cyber attack” or “cyber war.” Broadly speaking, Mr. Klimburg explains, there are at least three types of cyber attacks, each quite distinct.

  The attacks that most resemble true warfare are those that aim to achieve the results that were once the sole business of bombers or commando teams armed with “kinetic” weapons: taking out an air-defense system or destroying a strategic target such as a power station, dam or command post.

  A second type of attack is the natural outgrowth of the NSA’s longstanding efforts to penetrate global communications. What in the old days was done by monitoring radio transmissions and codebreaking is today a game of penetrating computers and swiping information at the source—a skill at which the Chinese and Russians have proved as adept as the NSA.

  And then there is the nebulous but burgeoning field of propaganda and information warfare, alarmingly on display during the 2016 election. An army of Russia-based human and automated attackers (“robo-trolls”) deluged the United States with pro-Trump disinformation, while Russian-government controlled or sponsored groups hacked the Democratic National Committee and other U.S. targets in search of potentially embarrassing or damaging information to influence the outcome.

  Mr. Klimburg is not the most lucid or engaging guide through the technicalities of the subject. He is overly enamored of poli-sci speak and the jargon of international bureaucracy, devoting pages to discussions of “path dependency” in the government decision-making process and the nuances of the “multistakeholder approach.” He offers up the inevitable allusions to Clausewitz and Tom Friedman, and never seems to have met an acronym he didn’t like. At crucial moments he retreats into vagueness and platitudes (“this is not an easy task”).

  The more disappointing deficiency in “The Darkening Web” is the failure to engage the inescapable trade-offs that all of these challenges pose. Mr. Klimburg asserts that “to keep the Internet free, we need to keep Internet governance free” and insists that any move toward government regulation falls into a “trap” that Russia and China will eagerly exploit to clamp down further on their own citizens’ free use of the internet. Yet as the security expert Bruce Schneier has argued, only by setting regulatory standards for software security is there now a prayer of keeping up with the threat. Large companies like Apple and Microsoft have done a creditable job deploying quick patches as new threats emerge: Microsoft issued a patch as soon as the NSA hacking tools were published, and the computers affected in recent attacks were ones whose users hadn’t bothered to install the update.

  But the explosion of the “Internet of Things”—everything from camcorders to cars to thermostats—has led to a deluge of shoddy and vulnerable code from companies too small to afford investing in security updates, or even to care. According to one recent estimate Mr. Klimburg cites, there are already 25 billion devices connected to the internet, more than three for every human being on the planet. This ever-expanding vulnerability, Mr. Schneier has argued, can only be addressed through a regulatory body that deals with security across the entire internet.

  While insisting that the U.S. ought to devote far more resources to cyber defense and deemphasize what he sees as its no-win pursuit of an offensive dominance that has accelerated the “militarization” of cyberspace, Mr. Klimburg acknowledges a fundamental asymmetry at work. The U.S. is especially vulnerable to hackers given its ubiquitous embrace of technology. And the nature of the game virtually ensures that offense will always dominate: it is simply much easier and cheaper to create malicious code than to develop effective counters to it. He quotes Chris Inglis, the former NSA deputy director, who wryly observed that if cyber war were soccer, the score would be 462 to 456 after the first 20 minutes. He also quotes two “truisms” of cyber security: “that the majority of attacks could be avoided by taking basic defense measures,” notably by updating software immediately, but “that a dedicated attacker will always get in, no matter what.”

  In places, Mr. Klimburg concedes the moral ambiguities of the situation, noting for example that the best hackers make the best security professionals. But he never comes to grips with the fundamental question of whether there is any practical alternative to the U.S. maintaining an overwhelming offensive cyber capability—at least when it comes to deterring state actors from carrying out the most threatening attacks, those aiming to wreak physical havoc on factories, pipelines, electric grids and other vital infrastructure. If “a dedicated attacker will always get in,” the situation is very analogous to nuclear warfare: Only the threat of massive retaliation can deter an attack in the first place. Of course, that assumes that one knows who the attacker is, and the author is skeptical of recent NSA hints that it has solved the problem of “attribution,” tracing an attack to its source.

  Those charged with walking this tightrope of competing goals more astutely recognize that everything is a matter of degree. Michael Hayden, the former NSA director, has suggested that American policy must balance defense and offense on a case-by-case basis and has hinted that the NSA is keeping to itself knowledge of only the small number of software vulnerabilities that it is confident are beyond the means of anyone but the United States government to exploit. In that, the situation is no different from the challenge that NSA cryptologists faced throughout the Cold War, when they struggled to fine-tune the balance between codemaking and codebreaking in the hope that America’s allies would be equipped with codes secure enough to keep everyone in the world from cracking them—except for the NSA.

  Mr. Klimburg effectively outlines the dangers we face but, when it comes to solutions, offers little more than abstractions about international governance mechanisms. And he does not even mention what Mr. Schneier posits as, ultimately, the only real way out: If we truly wish to keep our devices safe from attackers out to take over what is becoming a single world-wide robot, we need to start unplugging things from the far-too-ubiquitous web.

  —Mr. Budiansky’s latest book is “Code Warriors: NSA’s Codebreakers and the Secret Intelligence War Against the Soviet Union.”

• New Scientist
  https://www.newscientist.com/article/mg23531410-700-in-the-darkening-web-misinformation-is-the-most-powerful-cyber-weapon/
  Word count: 963

  QUOTE:
  Klimburg’s warnings regarding Russian cyber-aspirations, however, are on the money. He does not think the US election was turned around solely by Russia’s campaigns and incursions. Still, his recommendations might have helped the Obama administration retaliate while evading charges of partisanship. Klimburg argues that governments should be clear and transparent about what types of cyberattacks they face and what “deterrence by cyber-means” should entail.

  MENU SUBSCRIBE LOG IN
  HomeCultureTechnology
  39
  REVIEW 30 August 2017
  The Darkening Web: Misinformation is the strongest cyberweapon
  China watches what its own people say, Russia spreads its own version of events and the US brags. A new book shows that cyber-conflict is largely a war of words

  Cyberwarfare attacks citizens' minds as well as their infrastructure
  Cyberwarfare attacks citizens’ minds as well as their infrastructure
  Kirll Kudryavtsev/AFP/Getty Images
  By Nina Jankowicz

  IN LATE June, I was leaving for a flight from Kiev’s Boryspil Airport as news broke that Ukraine was the victim of another massive cyberattack. ATMs, gas pumps and supermarket checkouts were frozen. Government computers appeared to be seized by ransomware. Chernobyl’s radiation monitoring system was affected. There were reports that the attack had grounded planes at the airport. Not that I could get there: I couldn’t seem to catch a cab on a single ride-sharing app. The attack spread with frightening speed, but I eventually made it to Boryspil, where everything seemed to be functioning normally. Frankly, though, the thought of hurtling through the air in a metal tube guided by computers during a global cyberattack did give me pause.

  9781594206665
  It’s this type of worldwide cyber-chaos – the type that could down airplanes, turn off respirators and plunge millions into darkness – that Alexander Klimburg warns of in The Darkening Web. And it’s much closer to crippling our societies than world leaders would like to believe.

  Deadly ignorance
  Klimburg, a strategic analyst in this field, compares cyberwarfare to the threat posed by nuclear weapons. But there is one critical difference: while “the horror of the nuclear mushroom cloud [has been] burned into the minds of a generation of decision makers”, there is little understanding within government, never mind outside it, of the consequences of all-out cyberwar. Without such a basic understanding, along with a more transparent policy, we risk being plunged into total cyber-conflict.

  Having put the fear of God in us, Klimburg tells the story of the internet: how it was built and how it is governed – as a way of asserting US dominance, according to a few nations. He also talks about hackers, who are not the “400-pound guys” of President Trump’s imagination, but complex beings who just as often work for governments as against them. We find out how they exploit the internet’s vulnerabilities.

  One of the key vulnerabilities in US cyber-policy, Klimburg says, is “cyber-innuendo”. If governments were teenage boys, Washington would be the kid boasting about his latest escapades with the prettiest girl in class. His embellishments on a kernel of truth are meant to inspire shock and awe, but succeed in egging other boys on to sharing or pursuing even fiercer strategies of their own. Information about US cyber-dominance is established through strategic leaks, but these only serve to encourage actors like Russia and China to beef up their own capabilities and train their sights on the US and, increasingly, on their own people.

  In China, for example, the Great Firewall “protects” citizens from problematic content, and political discussions are deflected by government contractors. Citizens’ behaviour on social media is meticulously monitored and may soon be assigned a government “social credit score”.

  The Russian cyberthreat is, by contrast, meant “not to compete with the United States and the West, but somehow to catastrophically weaken them”. Klimburg does a fine job explaining the various structures within Russia’s security services that handle cyberwarfare. His definition encompasses not only the hacking to which the West has now grown accustomed, but also the widespread information warfare equally capable of influencing policy and populations.

  Despite being well aware of the dangers of Russian information war, Klimburg falls victim to it, referring to the Russian invasion of eastern Ukraine as an “insurgency… and resulting civil war”. This is exactly the narrative that Russia peddled after it invaded Ukraine’s sovereign territory, sending troops, weapons and money to so-called separatists in the Donbas for three years, at a cost of 10,000 lives. With his knowledge of Russia, Klimburg should know better than to buy into this lexicon.

  Klimburg’s warnings regarding Russian cyber-aspirations, however, are on the money. He does not think the US election was turned around solely by Russia’s campaigns and incursions. Still, his recommendations might have helped the Obama administration retaliate while evading charges of partisanship. Klimburg argues that governments should be clear and transparent about what types of cyberattacks they face and what “deterrence by cyber-means” should entail.

  “In China, behaviour on social media may soon be assigned a government ‘social credit score’”
  Time treats books in strange ways. Seven months into the Trump administration, which is actively working to unravel the freedom of the internet and aiding the spread of disinformation from the Oval Office itself, The Darkening Web feels less like a work of advocacy, more like a cry for help. If only we had known, perhaps we could have staged an intervention.

  The Darkening Web

  Alexander Klimburg

  Penguin Press

  This article appeared in print under the headline “Ending the world with a nod and a wink”

Word Count