Saudi Arabia is the most targeted country in the Middle East, particularly the Kingdom’s oil, infrastructure and telecommunications sectors.
Saudi Arabia has had two major cyber-attacks by state and non-state actors that affected its national security and as a result, steps to enhance the Kingdom’s cybersecurity were taken. In 2012, Saudi Arabia’s economic growth and national security was challenged by the Iranian-attributed “Shamoon virus” against Saudi Aramco. The virus infected the computer network of the company, and deleted 85 percent of the company’s devices and hard drives. Furthermore, non-state cyber actors such as the Houthi-backed Yemen Cyber Army affiliates hacked the Kingdom’s online system of the Ministry of Foreign Affairs.
Several strategies and cybersecurity methods have been used to influence and enhance the national security of Saudi Arabia, such as blockchain technology and foreign policy instruments. Moreover, cybersecurity institutions influence and enhance the Kingdom’s national security, with some institutions newly developed to focus on this very recent problem, such as Saudi Telecom Company (STC), National Information Security Strategy (NISS), National Cybersecurity Centre (NCSC), and Saudi Arabian Monetary Authority (SAMA).
In the context of international relations, the referent object of cybersecurity is the state that exists to practice and pursue security and consequently ensures the protection of individuals. Scholars in the context of international relations, increasingly focus on cybersecurity implications on international and national security, and the main theoretical paradigms in international relations (realism, liberalism and constructivism).
Realists tackle the challenge of cyber-threat in much the same way as they have tackled previous challenges of globalization; for example, realists consider globalization as epiphenomena that have a minor effect on the state’s domestic structure. However, they argue that cyber-threats and attacks affect some policies and structures of nations; therefore, they does not affect the primacy of any nation.
Liberalists argue that national security is jeopardized because soft power has become more significant in the digital age because of the development of several channels of global communication that transcend sovereign boundaries, adding that the adoption of cyber-technology and security has become important in order to assess whether a regime is powerful enough to respond to cyber-attacks and develop cybersecurity.
Constructivism scholars focus on how cyber-technology enables the spread of ideas that lead to change in perception and identities that threaten national security, adding that cybersecurity and technology can be used as a powerful tool to transmit information and messages that can promote change in the identities of people and thus reform political boundaries.
Cyber-technology is increasingly being used by terrorists and groups to obtain money in different ways. For example, Daesh (the self-proclaimed IS) invested in online strategies establishing successful use of social media and cyber-technology for recruitment and propaganda. A basic part of Daesh’s efforts was to expose its ideology worldwide by the usage of cyber-technology to influence the younger generation.
Cryptocurrencies have had both positive and negative effects on cybersecurity. Anonymity is one of the main reasons bitcoin became so popular with users, as it liberates them from government control. The increased dependency on technology has created more opportunities that cyber attackers can exploit.
Blockchain technology provides solutions to help address these cyber concerns. It can be used for various things, such as hospital records and government data. Blockchain is neither an application nor a company but is a new technology that will complement the Internet, by allowing digital information to be distributed but not copied. Unfortunately, criminals and hackers enjoy the same anonymity as citizens who have valid reasons for protecting their privacy.
Cyber-threat has proven to be revolutionary in political terms, by threatening or transforming existing global or regional power structures. Thus, more effort needs to be made to strengthen and improve the legal response against cyber-attacks and crimes under Saudi law. As discussed earlier, Saudi Arabia has been affected twice by major cyber-attacks - Aramco in 2012 and the Ministry of Foreign Affairs in 2015.
The Kingdom’s adoption of cybersecurity has enhanced and developed the Kingdom’s national security and increased the confidence of government entities, security facilities and foreign investors.
However, in Saudi Arabia the cyber-attacks were treated as domestic affairs, with no foreign policy involved; therefore, it is necessary to focus on foreign policy instruments and diplomats in this regard.
Strengthening national security in cyberspace requires governments to deal in a more effective cooperative way in order to establish a unified system that protects each state, and thus each individual, from cyber-attacks and threats.The author is a Saudi political analyst specialized in International Relations. She can be reached at: firstname.lastname@example.org Twitter: @EkleelBS