icon caret Arrow Down Arrow Left Arrow Right Arrow Up Line Camera icon set icon set Ellipsis icon set Facebook Favorite Globe Hamburger List Mail Map Marker Map Microphone Minus PDF Play Print RSS Search Share Trash Crisiswatch Alerts and Trends Box - 1080/761 Copy Twitter Video Camera  copyview Whatsapp Youtube
The Cybersecurity Paradox
The Cybersecurity Paradox
France’s Troop Withdrawal from Mali
France’s Troop Withdrawal from Mali
Decentralised, networked self-defence may well shape the future of national security. FLICKR/Yuri Samoilov
Commentary / Global

The Cybersecurity Paradox

There is a paradox in the quest for cybersecurity which lies at the heart of the polemics around whether or not Apple should help the U.S. Federal Bureau of Investigation (FBI) break the encryption on an iPhone used by the pro-Islamic State killers in San Bernardino.

The unexpected truth is that the world is made a safer place by allowing public access to full encryption technology and sharing responsibility for action. When it comes to encryption, it is wrong to give into fears of terrorism and to take refuge in misguided illusions of total top-down control.

Violent extremists have already understood more quickly than most states the implications of a networked world. They know that a terrorist attack in Paris or Istanbul immediately reverberates worldwide, and the so-called Islamic State (IS) makes astute use of gruesome videos to terrify as well as to recruit. The number of victims matters less than the number of “impressions”, as Twitter users would say.

States are relatively comfortable fighting for territory, whether it is to destroy the territory of the enemy – bombing IS in Syria and Iraq – or defending their own. But how does one win in the digital space?

As the FBI’s demands on Apple to help them investigate the San Bernardino shooters have shown, security officials are unsurprisingly trying to maximise the comparative advantages provided by state resources and authority. Many have the capacity to access countless sources of data, to process them with ever increasing computing power and eventually to find the terrorist needle in the haystack of law-abiding citizens. They are also keen to retain the capacity to access all digital communications through back doors, so that encryption does not protect criminal enterprises.

Human rights concerns have so far had limited impact on this trend. In the U.S. and Europe, infringements on rights are seen as a lesser evil than the alternative of more terrorist attacks, especially when one considers their potential political consequences: authoritarian populists who would go much further in the destruction of civil liberties.

But centralising state national security may not work. Behind closed doors, a growing number of professionals question the effectiveness of systematic reliance on data-mining, noting that too many false alerts mean that security services are spread thin. Most of the terrorists involved in the recent Paris attacks were not unknown to the police, but the thousands of people who are now listed in databanks could only be effectively monitored by tens of thousands of intelligence operatives.

Excessive reliance on signal intelligence generates too much noise. It may be more effective to focus on targeted electronic surveillance and focused human intelligence. The critical ingredient of volunteered help is also more likely if genuinely inclusive policies can win over allies among disadvantaged communities and countries.

The received wisdom that state surveillance requires back doors to encryption programs was being questioned well before Apple took its stand. If there are secret keys for the authorities to access data, it is wishful thinking to believe that criminals won’t find them too. In fact, making unbreakable encryption widely available might strengthen overall security, not weaken it. Violent extremists and criminals will have the benefit of secure communications, but so will many more millions of citizens and systems threatened by their hacking.

In cyberspace, attack is cheaper than defence: criminals engaged in fraudulent schemes are already exploiting that asymmetry. Perhaps already, and certainly tomorrow, it will be terrorist organisations – and legal states – which will exploit it with lethal effectiveness. Critical infrastructures, transport, and industry have become increasingly dependent on digital processes. Encryption, while it can have an offensive use, may become the ultimate defensive weapon that will help limit the imbalance between offence and defence in cyber-warfare.

This idea of decentralised defence allows individuals and corporations to become providers of security as they strengthen their firewalls and create a resilient society.

It points to a broader trend for nation states too. National security structures are not going to become redundant, but in a world that is both asymmetric and networked, the centralised organisation of power may not be the most effective organising principle. A nation state’s remit is not broad enough to effectively confront global threats; but at the same time, the concentration of power that it embodies provides an attractive target for weak but nimble enemies.

One way to fight asymmetric wars is to deprive the enemy of a strategic target by distributing power rather than concentrating it, copying the way terrorists make themselves elusive targets for states. Unarmed civilians will continue to provide easy soft targets for terrorists, but attacks against them will have less strategic impact, and therefore be less attractive, if power is more dispersed.

Distribution of security measures among a multiplicity of actors – neighbourhoods, cities, private stakeholders – will make society more resilient. And over time, smaller but well-connected communities may be more effective at preventing and identifying terrorist threats among their members. Decentralised, networked self-defence may well shape the future of national security.

Podcast / Africa

France’s Troop Withdrawal from Mali

In this episode of Hold Your Fire!, Richard Atwood and Naz Modirzadeh talk with Sahel experts Ibrahim Yahaya Ibrahim and Richard Moncrieff about France’s announcement it will pull troops from Mali, and what the withdrawal means for the fighting against jihadist insurgents.

On 17 February, President Emmanuel Macron announced he would withdraw all French troops from Mali after a deployment in the country of almost ten years. In early 2013, French forces together with Chadian troops ousted jihadists from cities and towns in northern Mali, which created space for a peace deal between Bamako and other, non-jihadist rebels. Since then, however, the French-led campaign against militants in the Sahel has struggled against local al-Qaeda and Islamic State branches. French operations have killed jihadist leaders, but militants have extended their reach from northern Mali to its centre and to parts of Niger, Burkina Faso and even Gulf of Guinea countries. Inter-ethnic violence has ballooned. Mali has also suffered two coups over the past couple of years. Relations between Paris and the junta currently holding power have deteriorated sharply, partly because Mali’s military leaders had agreed, mid-2021, to the deployment of Russian private military contractors to help fight jihadists. Popular anger toward France’s deployment has also mounted, seemingly partly fuelled by disinformation. 

This week on Hold Your Fire!, Richard Atwood and Naz Modirzadeh talk with Ibrahim Yahaya Ibrahim and Richard Moncrieff, respectively Crisis Group’s senior Sahel analyst and interim Sahel director, about the French decision, its causes and its implications. They look at the collapse in relations between Bamako and Paris, the direction the junta is currently taking Mali and how other countries in the region have responded. They talk through what the French departure might mean for other forces, including the UN force in Mali and the G5 Sahel regional force. They also examine the repercussions for the balance of force between jihadists and their enemies in the Sahel and ask what a future French presence in the region might look like after the withdrawal from Mali. 

Click here to listen on Apple Podcasts or Spotify.

N.B. This episode was recorded before Russia’s invasion of Ukraine. 

For more information, explore Crisis Group’s analysis on our Sahel regional page. For our analysis of African perspectives of the Ukraine War, check out our commentary ‘The Ukraine War: A Global Crisis’.


Executive Vice President
Naz Modirzadeh
Board Member and Harvard Professor of International Law and Armed Conflicts
Consulting Analyst, Sahel
Project Director, Sahel (Interim)