Playing Chess with the Devil. Worlds security in a nutshell

By Vicente Gonzalvo Navarro

In Playing Chess with the Devil - Worlds Situation in a Nutshell, the Author offers a remarkable essay which can be considered a valid instrument to reflect about Humankind destiny. A deep study and research of great interest, as he says, to “all those attentive to the study of national security, geopolitics, economics, and interactions between states that may have, soon, obvious consequences for worlds safety”. History has always taught us that understanding its root causes is essential if we are to prevent future conflicts.
Interesting insights on the art of war, illuminating and cultured digressions on the whole world chessboard make this essay one of the most brilliant examples of reflection on highly topical issues.

Vicente Gonzalvo Navarro, was born in 1973, in Spain. Raised in a military family he belongs to the Armada; he is an officer of the Spanish Marine Corps since 1997. During his military assignments he has commanded different units, such as the Second Marines Battalion (Tercio de Armada), developing an intense professional life in different countries in Europe, America, Asia and Africa. He has a PhD in Law from the Carlos III University of Madrid and is a recognized author.​ Has lived and followed many of the conflicts and tensions he explains and analyses in this book, giving his unique point of view and contributing in this sense to the diffusion of the knowledge in the security and international relations domain.

• Language: English
• Publisher: Europa Edizioni
• Release date: Dec 31, 2022
• ISBN: 9791220137188

Book preview

Playing Chess with the Devil

Worlds Situation in a Nutshell

Acknowledgements

To the men and women of our Armed Forces

A España y a todas sus gentes.

PLAYING CHESS WITH THE DEVIL.

WORLDS SITUATION IN A NUTSHELL.

Men must be treated generously or destroyed because they take revenge for minor wounds, but not for serious ones.

Niccolò Machiavelli

Introduction

The current geopolitical landscape is changing profoundly. The well-known phenomenon of globalization, the appearance of armed violence again despite being prohibited by the charter of the United Nations (in conflicts such as Ukraine), and finally, the economic shock caused by the Covid 19 pandemic, along with another series of global phenomena (migrations, failed states, lack of raw materials) have led to a redefinition of international politics (and commercial exchanges).

Besides the security unrest and the geopolitical tensions, in the wake of the energy price premium and supply disruptions, inflation is higher and more widespread than expected, especially in countries such as the United States and in many emerging markets and developing economies. In addition, the supply chain endeavors and the contraction that China's real estate sector has been experiencing since the middle of last year and the unforeseen slowness of the recovery in private consumption has limited growth prospects worldwide. The US economy is struggling, not still in recession, but in a troubled state that affects other countries, as it is a major trading partner of many countries and US exports remain broadly significant to the GDP of many economies. As stated China’s economy is also showing weaknesses.

The recent political unrest lived in Europe, and the States, the expansion of NATO to previous neutral countries, the ongoing regional conflicts spread in Africa and central Asia, the slandering situation in Latin America, and the tensions in the Meridional Sea, Korea, Iran,…but also the strength of anti-establishment political movements, the anti-globalization drive, migration and increasing social differences among other social and political unrests (nationalism, religious extremism,…) led us to contemplate that "Man is a wolf to man from Thomas Hobbes work’s, The Leviathan (1651), which refers to man's natural state of continuous struggle against his neighbour, is pretty actual, and Rousseau’s man is born good and society corrupts him", as a complaint about the role of society, is still valid to explain what civilization is confronting nowadays.

The announced end of humanity claimed by Fukuyama, what is clear the ending of humanity’s sociocultural evolution and political struggle is not valid in any case. Mearsheimer realism is indeed fashionable". History seems to be written still and for that the appropriate knowledge of the world’s situation and its interactions remains compulsory for international analysts.

This informative book analyzes all these issues and for that is divided into three parts. Each part is separated in successive chapters that analyze each topic providing a conclusion. Finally, an overall assessment is made. Intention is to provide the reader a valid reference for general geopolitics analysis. The first part of the book deals with issues that, due to their strategic relevance, must be considered, to properly analyze the challenges to which we have referred. Specifically, we address the importance of cyberspace, relations between Ukraine and Russia, the growing geopolitical role of China, and the current situation in Africa. This part also includes, due to its importance, a brief mention of the so-called failed states and human movements to conclude with a specific reference to the situation in Latin America.

Subsequently, the book examines, in a second portion, the importance of certain strategic military tools (specifically special ops, airpower, including a brief mention of outer space and information operations) that provide a premeditated advantage to today’s superpowers. The art of war since Sun Tzu is based on deception, it is the most powerful tool that, through information operations, together with the use of very specialized forces in certain areas allows to obtain a decisive military advantage.

The third part of the book depicts the situation in various international struggles with world political relevance, such as North Korea, Taiwan, Iran, and Afghanistan, and how the situation in these areas affects international security. To conclude this part with a reflection which is made about the importance of the XXI century international security, relations, and its relations with maps.

International security is experiencing a situation characterized by the interrelation of different issues in which, as can be seen, war, geopolitical predominance and economic power are mixed. However, its span transcends the domain of military statecraft. It goes much further; this unfolding confrontation must also be understood as a major clash in the rising strategic competition between the US, and its geopolitical primary tool, which is NATO, and China, that will determine the future architecture of the global international security system that will be characterized along with the text.

As a final point, a general conclusion of the world’s international situation is provided summarizing the conclusions made along with the text. We hope that reading the book will be of interest to all those attentive to the study of national security, geopolitics, economics, and interactions between states that may have, soon, obvious consequences for worlds safety.

The Internet is becoming the village square of tomorrow's global village.

Bill Gates

Chapter 1 

Cybersecurity: a focal point for the governance and states relevance. 

Introduction to cyberspace situation.

Primarily, to deep into this unknown but challenging topic, think it is worth starting from the basics to try to finally pontificate some ideas about this relevant matter (which indeed is affecting our security and international relations). Notwithstanding the influence all over our lives and even perceptions, first, we should convene what are we talking about, so: what is the cyberspace?

From a theoretical approach cyberspace is not limited to, but at its core consists of, a computerized environment, which is artificially constructed and constantly undergrowth and developing. Cyberspace infrastructure is largely globally interconnected, as it is known. However, geographic boundaries do apply in the cyberspace context of jurisdiction, with respected nationstate responsibilities. Therefore, the assignment of classical operational boundaries, that is setting what is the battlefield (in all the domains: land, maritime, and airspace), in cyberspace is particularly difficult. 

Cyber generically is not only in constant flux but also even more importantly, it might be used by anyone for almost any kind of dangerous purpose. Cyberspace is also distinct in that its underlying physical elements are entirely manufactured (machine and computersupported), which is different from land, air, space, and sea. Risks in cyberspace might be managed through manipulation of the domain itself¹.

Cyber defense is precisely a domain where decentralization and networking are needed. Today’s complex threats could not be managed in another sense. Words like collaboration, trust, and leadership appear surprisingly in this field, where self-confidence and human networking are more important than ever.

We have indeed listened many times about the nationstate wars and conflicts, but in the so-called network, there are also indeed personas, criminal organizations, and of course states, that take advantage of the connectivity of the network for their own benefit. Moreover, social media has become a platform for diversity in psychological activities and processes of a coercive, deceptive, alienating, and defensive nature. People receive most of their information daily via Facebook, Instagram, Tik/Tok, and other online social media platforms.

Specifically, there is a logically separated network for these obscure purposes: the so-called dark web (that part of the Internet where criminals can buy and sell goods such as botnets and stolen credit card numbers anonymously). It is usually accessed through the Tor browser or I2P, which provides an anonymous way to search the Internet. In some ways, these dark websites operate (incredibly) like conventional online shops or retailers. Amazingly, they may provide customer guarantees, discounts, and user ratings.

Cybercriminals have developed a business model that works somewhat this way: more sophisticated offenders create botnets and sell or lease them to less sophisticated cybercriminals on the dark web. Botnets, for example, are leased on the dark web for as little as a couple of hundred euros. Various dark websites also sell a wide range of illegal goods, services, and stolen data. Not cumbersome at all. Afterwards, these take advantage, and profits from these criminal activities. 

To explain the efficiency, and the simplicity of the attacks, we could give an example. A well widespread type of outbreak is the so-named botnets attack; those are used to create an HTTP or HTTPS flood. The botnet of computers is used to send what appear to be legitimate HTTP or HTTPS requests (check your internet bar) to attack and overwhelm a webserver. HTTP - short for hypertext transfer protocol - what is the protocol that controls how messages are formatted and transmitted. An HTTP request can be either a get request or a post request. Here is the difference: A get request is one where information is retrieved from a server. A post request is one where information is requested to be uploaded and stored. This type of request requires greater use of resources by the targeted web server²…That is indeed a well-known way to provoke the fall of a service or a web page; it is only an example, but cybercriminals are always ready to improve their methods and tactics…

In 2020 during the Covid pandemic, the systems of the Spanish state public employment system (as others: Germany, US…) were attacked by unknown authors, stopping the processing of cancellations, economic transfers... The virus in question was from the 'ransomware' family, a type of program harmful to computer systems that manage to access files and hijack data to later ask for a ransom in return. Hackers accessed the system very easily by phishing an employee. This was an attack that stopped the Spanish administration for two weeks. The same has happened in many other places likewise. The issue is either if someone is tracking or controlling these statistics of attacks to have a cyberCOP (Common operational picture, in the military jargon) to manage, or at least, all these incidents against western interests. 

Not talking about a cyber-centre of excellence (as NATO already has), should be more of an operational tool to handle these dangerous and abnormal situations…Will come back to this subject later.

On the other hand, we have the measures designed to protect ourselves from all these specific threats. It is the protection of internet-connected systems such as hardware, software, and data from cyber threats. 

These practices are used by individuals and enterprises, to protect against unauthorized access to data centres and other computerized systems. As a kind of reference, explanatory, for CISCO (a company undoubtedly in the group leading this area) cybersecurity would be the practice of protecting systems, networks, and programs from digital attacks.

However, why is cyber a focal point for governance? 

The answer is somewhat easy; nowadays everything is digital, and the web is interconnected. Good governance refers to mobilizing the people of a country in the best direction possible promoting the rule of law and facilitating consensus, managing public resources wisely, facilitating a transparent and stable economic and regulatory environment conducive to private sector activities... It requires the unity of people in society and motivates them to attain political objectivity. 

With this definition considering governance factors³ that could promote social development as participation, transparency, responsiveness, society consensus-oriented equity and inclusiveness, effectiveness (and efficiency), and accountability, are factors that could be boosted with the means that provide us information and communications technology and the computerized environment (specifically that can be used in cyberspace).

Likewise, cybercrime, an issue completely against governance, has become in recent years one of the most important economic challenges on a global scale. The development of new technologies has allowed more and more information and more data to be stored in the cloud. This trend has also increased due to the COVID-19 pandemic.

It’s a key subject; the NotPetya cyberattack (ransomware related)⁴, considered the most harmful in history (up to now), meant FedEx, a multinational courier company listed on the New York Stock Exchange, more than 300 million dollars in losses, in 2017. Cyber security is equally important for local, state, and central governance as these organizations maintain a huge amount of private data and records concerning the country, its enterprises, and its citizens (what is truly an incredible responsibility).

Not considering the cyber portion in the governance of our countries is an error whose consequences can be very important for all organizations, in a positive key (for the benefits it can bring) and in a negative key (for the damages that mismanagement of cyberspace can cause).

What is cybersecurity nowadays?

Particularly, once made this initial introduction, referring to the object of this chapter, cybersecurity, its governance bid refers to the component of an organization's governance that addresses its dependence on cyberspace in the presence of adversaries⁵. 

Traditionally, cybersecurity was viewed through the lens of a technical or operational issue to be handled in the technology or cyberspace domain. Nevertheless, Cybersecurity needs to transition from a back-office operational function (support) and move into its area aligned with operational factors: law, privacy, and state and enterprises’ risks. 

Responsible heads of cybersecurity should be represented in the cabinets that support state Prime Ministers (PM), and besides, the Chief Information Security Officer (CISO) of a company should have a seat at the table alongside the CIO, COO, CFO, and the CEO. Nonetheless, today the Cybersecurity governance approach is carried out in different ways. There could be various models and in fact, could be adapted but there are a few steps that can help an organization grow and sharpen its cybersecurity governance program. 

First, determine the current state, approach cybersecurity from a comprehensive approach lens⁶, secondly increase cybersecurity awareness and training, cyber risk operations (first defensive and adding offensive capabilities) and finally monitor measure, analyze, report, and improve (this last always).

Cybersecurity is carried out by all governmental and non-governmental organizations. In the US for example, the National Strategy to Secure Cyberspace is part of the overall effort to protect the nation. It is an implementing component of the National Strategy for Homeland Security; as stated cyberspace is an integral component of all facets of daily life, including our economy and defense. Notwithstanding the possible implication of the development soon of the metaverse: a virtual world that is always active.

Nevertheless, describing as they find themselves (as for example Xi Jinping would do following The three kingdoms paradigm...), will give us an idea of how the superpowers deal with these issues.

Source: Author (from ESP MoD). Domains of operations and relations.

China’s cyber capabilities.

Chinese hackers were among the first to come together in defense of their country. Their first operation against the U.S. occurred in 1999 during the Kosovo conflict, when the U.S. accidentally bombed the Chinese embassy in Belgrade, killing three Chinese reporters. The patriotic hackers planted messages denouncing NATO’s brutal action on several U.S. government websites⁷.

Most recently, still a few years ago, not too many, Major General Li Deyi, at a time the deputy chair of the Department of Warfare Theory and Strategic Research at the (Chinese) Academy of Military Sciences, noted in 2007, that information deterrence was rising to a strategic level. He explained it would achieve a level of importance second only to nuclear deterrence; possibly, we are already at this stage. 

A year afterwards, in 2008, the Chinese carried out a well-known attack supposedly. At that time, the creator of another zero-days exploit used to target US companies in the fall of 2008…, this one developed the code in Chinese and on a machine with Chinese set, as the default language indicating that this individual was also likely a native or fluent speaker... Little additional detail about the developer’s identity was at that time available from forensic analysis but it reinforces the assertion that a relationship already existed at that time between Chinese black hat programmers and individuals responsible for those first intrusions into US networks. 

Moreover, that year 2008, media sources reported that Chinese hackers penetrated the White House information system on numerous occasions, obtaining valuable info for brief periods before systems were patched⁸.

At that time US companies began receiving small waves of spam-like emails with a Microsoft Write (.wri) file attachment containing a small piece of malicious software that acted as a Trojan, enabling the attackers to gain complete access to the targeted computers, a hallmark of the computer network exploitation

tradecraft attributed to China. The malware exploited a zero-day vulnerability in Microsoft’s Write application.

The attachment sent in these email attacks contained two components: an English language carrier document that appeared to be a generic contract template for a defense firm to use with a sub-contractor, and the Chinese language exploit code inserted inside the carrier document. When the recipient of the apparent spam email attempted to open the attached .pdf file, the file installed both the malware and a backdoor service on the targeted machine that was designed to execute the next time the user logged in.

The malware, sent in a wave of spear-phishing attacks against various US companies, was intended to provide the intruder with the ability to remotely access and control the targeted computers…, another common characteristic of computer network exploitation activity attributed to China, as we all know and even have suffered. In 2009, a well-known study named Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation stated that the government of the People’s Republic of China (PRC) is a decade into a sweeping military modernization program that has fundamentally transformed its ability to fight high tech wars. 

The Chinese military, using increasingly networked forces capable of communicating across service arms and among all echelons of command, is pushing beyond its traditional missions (focused perhaps on Taiwan) and towards a more regional defense posture (focused on the meridional Sea). This modernization effort is guided by the doctrine of fighting "Local War Under informationized Conditions," which refers to the PLA’s (Population Liberation Army) ongoing effort to develop a fully networked architecture capable of coordinating military operations on land, in air, at sea, in space, and across the whole electromagnetic spectrum.

Also,      yet in 2011, U.S. Director of National Intelligence James Clapper alleged that China had made a substantial investment in cyberwarfare and intelligence-gathering techniques, calling the Chinese effort pretty aggressive. Beijing, for its part, has repeatedly denied responsibility for international hacking attacks. 

As stated in the report in a conflict with the US, China most likely would use its Critical Network Operations (CNO) capabilities to attack select nodes on the military’s Non-classified Internet Protocol Router Network (known as the NIPR net) and unclassified US Department of Defense (DoD). Finally civilian contractor logistics networks in the continental US (CONUS) and allied countries in the Asia-Pacific region. 

The stated goal in targeting these systems would be to delay US possible deployments and impact the combat effectiveness of troops already in the theatre. The Chinese might attempt to target potentially vulnerable networks associated for example with strategic civilian ports, shipping terminals, or railheads that are supporting the military’s movement of critical supplies and personnel.

Achieving information dominance is one of the key goals for the PLA at the strategic and campaign level, according to The Science of Military Strategy and The Science of Campaigns, two of the PLA’s most authoritative public statements on its doctrine for military operations⁹.

In that sense, Proponents of the INEW (Integrated Network Electronic Warfare) strategy specify that the goal is to attack only the key nodes through which enemy command and control data and logistics information passes. 

These are the ones that are most likely to support the campaign’s strategic objectives, suggesting that this strategy has influenced PLA’s planners toward a qualitative and possibly effects-based approach to IW targeting. It is known that some PLA advocates of CNO perceive it as a strategic deterrent comparable to nuclear weapons but possessing greater precision…, leaving far fewer casualties, and possessing a longer range than any weapon in the PLA’s arsenal.

The Chinese doctrinal orientation toward attacking an enemy’s information flow suggests that if a classified network is attacked; it will likely be intended to impede encrypted traffic flow if it moves across an unclassified backbone rather than attempting to decrypt data or penetrate the network.

More recently, in 2015, the USA and other foreign users visited sites running analytics software from the Chinese search engine provider Baidu unwittingly picked up malware. The malicious code was injected into traffic going back to the users by a device collocated with the Great Firewall. The malware then launched DDoS

(Distributed Denial of service)¹⁰ attacks against GreatFire.org, a site that helps Chinese users evade censorship, and the Chinese language edition of The New York Times. 

More recently, in 2016, Dyn, a major domain name system provider (or DNS) was hit with a massive DDoS¹¹ attack that took down major websites and services, including Airbnb, CNN, Netflix, PayPal, Spotify, Visa, Amazon, The New York Times, Reddit, and GitHub.

In addition, as everybody already knows, the overall effort likely consists of multiple groups and skilled individuals operating against different targets given the high operational tempo and diversity of targeting observed to date. These operators, some possibly affiliated with PRC government or military organizations and others probably freelance hackers, would have access to software developers capable of developing zero-day exploits and using tools that are often created on computers with Chinese language settings or Chinese language developer kits.

On the other hand, the implication of China in espionage is widely known, watching the press or the other media, though the activities are not really defined, or settled, but well known, by the global adversary. Cyber espionage is as well the main activity of the Chinese. By 2003, China's interest in cyber espionage was apparent: a series of cumbersome cyber intrusions that U.S. investigators code-named Titan Rain was traced back to computers in southern China. 

The hackers, believed by some to be from the Chinese army, had invaded and stolen sensitive data from computers belonging to the USA DoD, Defense contractors, and other Government Agencies. Titan Rain was followed by a rash of espionage incidents that originated in China and were given code names like Byzantine Hades, GhostNet and Aurora. The thieves were after a wide range of data.

We can affirm that the Chinese overall espionage effort likely consists of multiple groups and skilled individuals operating against different targets given the high operational tempo and diversity of targeting observed to date. These operators, some possibly affiliated with PRC government or military organizations and others probably freelance hackers, would have access to software developers capable of developing zero-day exploits and using tools that are often created on computers with Chinese language settings or Chinese language developer’s kits.

Over a multi-day period during Titan Rain, intruders staged a complex data exfiltration operation; and while the activity associated with this incident occurred within a relatively short period, the preparations and reconnaissance necessary to support it had likely been ongoing for months... The teams or individuals who would have carried out this operation displayed discipline and deep knowledge of the network architecture they targeted (USA, NATO, and Western countries), suggesting that these operators had likely spent months patiently assembling a detailed picture of this network.

In 2013, the American cyber intelligence firm Mandiant, formerly part of FireEye, issued a landmark report on a Chinese espionage group named Advanced Persistent Threat 1. According to the report, APT1 had stolen hundreds of terabytes of data from at least 141 organizations since 2006… 

Currently, according to different organizations and think tanks, China’s espionage supports the country’s 14th Five-Year Plan (covering the years 2021 to 2025), which calls for technology innovations and socioeconomic reforms. The goal is innovative, coordinated, green, open and inclusive growth. In its

2015 Global Threat Report, the American cyberintelligence firm CrowdStrike identified dozens of Chinese adversaries targeting business sectors that are key to the Five-Year Plan. It found 28 groups going after defense and law enforcement systems alone. Other sectors victimized worldwide-included energy, transportation, government, technology, health care, finance, telecommunications, media, manufacturing, and agriculture.

Chinese have been also targeted. Hackers linked to the Islamic State militant group (ISIS) defaced the website of one of China's top universities in what is believed to be the first time the organization has carried out a cyberattack on a Chinese target. The homepage of Tsinghua University was replaced in January 2016 with an image of masked equestrians carrying an ISIS flag, together with the popular quote: "Everything is okay in the end. If it's not okay, then it's not the end." The server of the website was subsequently shut down by university technicians, resulting in several web pages associated with the university going offline.

Finally, we should consider seven of China’s eight long-distance international terrestrial cables run through Russia. If Russia’s business and political environment were more welcoming, it could serve as a larger communications hub between Europe and China.

Because of the current sanctions, it is not worth using this connectivity by China. However, China and Russia’s visions for internet sovereignty limit also cross-border activities, up to now.

A frightening situation that might impulse our interest in forging the necessary capabilities in this issue and in the other hand, in which China is definitively engaged.

Russia cyber threat.

Understanding Russian cyber-attack motivation is important in considering the difference between espionage, disruption, and destruction, but to understand nation-state cyber-attacks, we need to understand the nation-state itself. 

Russia, the former USSR (now split into 12

countries…), their past and their history also. This is a key point as Russia is fighting for what they consider being their country, regardless of if it is it or not… As recently said by Putin (early 2022), they are not planning to provoke a war, or invade Ukraine (…), but to maintain western missiles far from their borders, which might be somewhat true.

Indeed in the 1920s, the ancient Russian Empire included during this period not only the region of Russia but also today’s territories of Ukraine, Belarus, Poland, Lithuania, Estonia, Latvia, Moldavia, and the Caucasian and Central Asian countries, at that time the Soviet government pursued a policy of eliminating illiteracy called Likbez. 

After industrialization, massive urbanization began in the USSR. In the field of national policy in the 1920s, the so-named Korenizatsiya was carried out. However, from the mid-30s, the Stalinist government returned to the tsarist policy of russification of the outskirts. In particular, the languages of all the nations of the USSR have been translated into the Cyrillic alphabet: the Cyrillization. The years from 1929 to 1939 comprised a tumultuous decade in Soviet history - a period of massive industrialization and internal struggles as Joseph Stalin established near-total control over Soviet society, wielding virtually unrestrained power. 

Following Lenin’s death, Stalin wrestled to gain control of the Soviet Union with rival factions in the Politburo, especially Leon Trotsky’s. By 1928, with the Trotskyists either exiled or rendered powerless, Stalin was ready to put a radical program of industrialization into action. 

In 1929 Stalin proposed the first five-year plan... Abolishing the NEP¹², was the first of several plans aimed at swift accumulation of capital resources through the build-up of heavy industry, the collectivization of agriculture, and the limited manufacture of consumer goods. 

For the first time in history, a government-controlled all economic activity, a situation that with known changes has been maintained all along these years… The rapid growth of production capacity and the volume of production of heavy industry was of great importance for ensuring economic independence from western countries and strengthening the country's defense capability. At this time, the Soviet Union made the transition from an agrarian country to an industrial one (regardless of the social, environmental considerations, and possibly other issues). 

After World War II, many years later, the foremost objectives of Soviet foreign policy were the maintenance and enhancement of national security and the maintenance of hegemony over Eastern Europe. 

The Soviet Union maintained its dominance over the Warsaw Pact by suppressing the called Prague-Spring in Czechoslovakia in 1968, and supporting the suppression of the Solidarity movement in Poland in the early 1980s. The Soviet Union opposed the United States in several proxy conflicts (all over the world), including the Korean and Vietnam Wars.

As the Soviet Union continued to maintain tight control over its sphere of influence in Eastern Europe, the Cold War gave way to deterrence (in a conventional way) and a more complicated pattern of international relations in the 1970s. The wearing nuclear race continued, and the number