Rising Powers and the End of Cyber Hegemony

Cyberspace as the New Battleground

In 2024, over 60 countries, plus the European Union, held elections, impacting half of the world’s population. From brutal DDoS attacks targeting election-related campaign websites in the United States and France, to government-initiated internet shutdowns in Comoros and Pakistan, it became clear that the digital impact of these elections reflect a broader political trend of the past few decades. Cyberspace has emerged as a new domain of power politics, with states willing to exploit its vulnerabilities to affect global and regional power dynamics. Interconnectivity of the cyber realm creates continuous contact among states, enabling them to employ various cyberstrategies, including disruption and espionage, to influence other’s behavior and enhance their relative power while avoiding direct confrontation.

Whether it is the disruption of information and communication technologies, or the physical destruction of critical infrastructure, these operations could be executed with one click of a mouse. They do not require expensive commitments or the mobilization of extensive military troops. The relatively accessible nature of cyberspace provides states with a platform for competition within a domain unconfined by geography or resources. Cyberconflicts, therefore, emerge as an alternative to conventional warfare, considering their low cost and the lack of international regulatory frameworks. 

Great powers (as well as great-powers-to-be) can leverage cyberstrategies during the escalation of state rivalry to shift the balance of power. For instance, China’s attempts to steal sensitive data on the US’s F-35 Joint Strike Fighter have reportedly resulted in the development of Chinese fifth-generation fighters, which are considered a key component in Chinese military modernization. The attempts to shift power distribution in Beijing’s favor illustrate the main challenge for political actors in the decentralized and borderless cyberspace: to secure influence over the resources and the behavior of others.

What is Cyber Hegemony and Why is it Under Pressure?

Hegemony refers to the concentration of material capabilities in the hands of one actor, and the ability and desire to project them. The hegemon of cyberspace would therefore possess unrivaled cyberwarfare capabilities and use them for coercive purposes. In July of 2010 “Stuxnet”, a malicious computer worm developed by the United States and Israel to disrupt the Iranian nuclear program, was uncovered. The operation marked a shift in the perception of cyberwarfare, and epitomized Washington’s interest in exercising cyberpower to achieve global outcomes. Stuxnet had damaged nearly 1,000 of uranium enrichment centrifuges, setting back Iran’s nuclear development by several years. The creation of the US Cyber Command in the same year, (initially targeted at protecting the US’s government networks and further expanded to develop offensive cyberstrategies) confirmed that the United States possesses all of the capabilities of the cyberhegemon. 

The escalation occurred rapidly. The 2013 Snowden revelation exposed the wide extent of US government surveillance, including direct access to servers from major internet companies like Google, Facebook, Apple, and Microsoft to track user communications. The leaks triggered strong international backlash, revealing that many foreign leaders had also been targeted. 

One of the earliest coordinated attempts to challenge the unipolar state control of the US followed a year later, when leading internet organizations met in San Paulo to discuss issues of internet governance. The meeting concluded with the non-binding NETmundial Multistakeholder Statement, that called for accelerating the globalization of Internet Corporation for Assigned Names and Numbers (ICANN) and Internet Assigned Numbers Authority (IANA) functions, moving away from oversight by a single, US-led government. The statement proposed a multistakeholder governance model that emphasizes openness, transparency, and inclusiveness, ensuring that no single group dominates decision-making. The principles were endorsed by most participants, however with notable reservations from several major states. In the aftermath of the revelation, the BRICS nations began to push for “cyber sovereignty”, advocating stronger state control over internet infrastructure in order to reduce dependencies on Western technology. At NETmundial, Russia and China further signaled their preference for a government-centered approach to internet governance. With countries that represent a significant proportion of the next billion internet users expressing skepticism toward multistakeholder governance, it became clear that states were unlikely to relinquish decisive authority over cyberspace. 

These early governance debates signalled that challenges to cyber hegemony would not be confined to covert operations or technical capabilities, but would unfold through struggles over authority, legitimacy, and control in the increasingly contested cyberspace. 

The Third Way

In a May 2022 report, a public WeChat account which deals with cybersecurity described the race for influence in cyberspace as the “digital chess game”, played between China, the US, and the European Union. According to the report, the digital economies of the EU and China cannot avoid the influence of American cyber hegemony. Chinese state media further called for actors around the world to form an alliance against the US domination of cyberspace.

The two conflicting models of cyber governance – Western-led multistakeholding and cyber sovereignty – rely on further expansion, with both American and Chinese officials putting in a lot of effort in their attempts to win over the undecided “swing states”. However, an often overlooked group of actors seems to be pursuing their own path that could reshape the future of cyberspace.

The rising powers, such as India, Brazil, and Indonesia, tend to focus on strategic autonomy rather than ideological alignment. Their policies mostly address a unique dual pressure: managing growing international influence, while dealing with internal issues like poverty, healthcare, and digital infrastructure gaps. Their positions concerning global cyber governance are prioritizing their own development needs over great power competition. For the world’s leading powers, this strategy indicates a global shift. Both the Chinese and American strategies view these countries as “rule takers”,  presuming that they eventually will have to pick a side. But rising powers are determined to form their own coalitions and frameworks, reducing the influence of both Washington and Beijing in establishing global cyber rules. 

Case Study: India

In the case of India, the reasoning behind its push for strategic independence and non-alignment in cyberspace lies in the understanding of its vulnerabilities. Home to one of the world’s largest digital populations, India has embraced rapid digitalization through platforms that provide services such as payments, identification, and public service delivery. However, at the same time India has fallen victim to foreign technological over-dependence. 

Digital colonialism refers to the disproportionate influence of major technology companies and their allied governments over cyberspace. From the Indian perspective, this dynamic perpetuates the marginalization of the Global South and underscores the need to build independent digital platforms and reclaim digital agency.

Cybercriminals are now targeting India more than ever because of the rapid growth of its digital ecosystem. The Indian instant payment system, The Unified Payments Interface (UPI), has reached a historic milestone in terms of usage. The government has reported that UPI transactions in 2025 have touched a record of 230 lakh crore (US$ 2.56 trillion). This indicates massive, rapid adoption across all sectors, making it the primary driver of India's retail digital economy. 

The sharp rise in cyber threats has pushed policymakers towards adopting stronger data protection rules, particularly for market participants, with bodies like The Securities and Exchange Board of India (SEBI) adopting regulations that focus on real-time monitoring of data and cyber resilience. New norms move from focusing only on preventing attacks to a more proactive mindset, recognizing that the breaches are inevitable. Such a strategy emphasizes readiness, rapid detection, and recovery to strengthen the overall financial ecosystem. 

Internationally, India resists predefined labels of cyber governance. Resolving the dual dilemma of socio-economic development and security constraints requires diplomatic flexibility. To strengthen its presence in cyberspace India chooses to maintain strategic partnerships with as many countries as possible. During the UN debates over cybersecurity norms, India supported both of the contradictory resolutions proposed by the US and Russia, signaling its refusal to fully align itself with one governance model. While avoiding interpreting international law concerning cyberspace through a particular framework, the state has been clear and consistent on practical cybersecurity priorities. It has strongly emphasized securing supply chains, protecting critical infrastructure, and expanding capacity-building initiatives. Notably, India has advocated for a Global Cybersecurity Cooperation Portal to facilitate information sharing, archive key documents, and coordinate training and workshops — an initiative explicitly framed to support developing countries and reinforce India’s self-image as a representative of the Global South.

Case Study: Brazil

The Brazilian approach underscores finding a balance between the pursuit of strategic autonomy and global cooperation. With a reputation as one of the most passionate norm advocates, Brazil has been carefully measuring all the risks of possible internet fragmentation, and it understands the need for maintaining the openness and interoperability of cyberspace better than anyone.

On a national scope, Brazil aims to harmonize its cybersecurity legislation. With a new E-Ciber strategy prioritizing coordinated governance mechanisms, Brazil aims to promote a safe environment for its citizens and gradually bring back control over its essential services and critical infrastructure. The government also encourages cooperation between the public and private spheres in the policy-making process, hoping to gain a more diverse perspective on cyber governance.

Brazil’s digital diplomacy reflects an effort to contest cyber hegemony through norm-shaping, rather than coercion. The country has chaired the UN Group of Governmental Experts (GGE) meeting twice, facilitating discussions on national positions on international law in cyberspace. Brazil also actively participates in UN Open Ended Working Group (OEWG) discussions, supporting an open and inclusive process for developing state behavior norms.

Following India’s blueprint, Brazil remains pragmatic when it comes to ideological aligning and refuses to choose between great power poles. Siding with “Western” countries at some times and with the BRICS countries at other times has been a key feature of the country’s past decisions, more explicitly illustrated now in the context of emerging cyber threats. 

Conclusion

Rising powers are clearly vital for promoting multilateralism and fostering stability in an increasingly conflicted cyberspace. It is no wonder that they place their own developmental interests first and craft their engagement separately from ideological commitments. As digital dependence deepens and geopolitical rivalry intensifies, states like India and Brazil will continue to navigate the tension between global connectivity and national control. Whether this will result in a more inclusive digital order beyond hegemony will depend on how the great powers decide to treat rising states and their growing influence: as strategic partners, or as prizes to be won. 

Bibliography:

Aanonsen, C.E. (2025) ‘Stuxnet, revisited (again): producing the strategic relevance of cyber operations’, Journal of Cyber Policy, 10(1), pp. 1–17. doi: 10.1080/23738871.2025.2492570.

Access Now (2024) 2024 Elections and Internet Shutdowns Watch. Available at: https://www.accessnow.org/campaign/2024-elections-and-internet-shutdowns-watch/ 

Akdağ, Y. (2025). ‘Great Power Cyberpolitics and Global Cyberhegemony’, Perspectives on Politics, pp. 1-22. Available at: https://www.researchgate.net/publication/390276313_Great_Power_Cyberpolitics_and_Global_Cyberhegemony

Bajaj General Insurance (2025) Cybersecurity Strategy India 2026: All You Need to Know. Available at: https://www.bajajgeneralinsurance.com/blog/cyber-insurance-articles/cybersecurity-strategy-india-2026.html 

Basu, A. (2024) Ideological Agnosticism and Selective Engagement: How India Sees the Global Cybersecurity Norms Debate. Center for the Advanced Study of India (CASI). Available at: https://casi.sas.upenn.edu/iit/arindrajitbasu

Basu, A. (2026) What India’s Push for Global Digital Repositories Tells Us About Its Tech Diplomacy. Tech Policy Press. Available at: https://www.techpolicy.press/what-indias-push-for-global-digital-repositories-tells-us-about-its-tech-diplomacy/ 

Chen, S. (2022) Digital Hegemony. China Media Project. Available at: https://chinamediaproject.org/the_ccp_dictionary/digital-hegemony/

Corwin, P.S. (2014) NETmundial Multistakeholder Statement Concludes Act One of 2014 Internet Governance Trifecta. CircleID. Available at: https://circleid.com/posts/20140504_netmundial_multistakeholder_statement_concludes_act_one_of_2014 

Hurel, L.M. (2022) Unpacking Brazil’s Cyber Diplomacy. EU Cyber Direct. Available at: https://eucyberdirect.eu/blog/unpacking-brazil-s-cyber-diplomacy 

IBEF (2025) UPI transactions hit record high of Rs. 230 lakh crore (US$ 2.56 trillion) in FY25-26 till Dec. India Brand Equity Foundation. Available at: https://www.ibef.org/news/upi-transactions-hit-record-high-of-rs-230-lakh-crore-us-2-56-trillion-in-fy25-26-till-dec 

India (2021) India’s Submission on the proposal for a Global ICT Security Cooperation and Capacity-Building Portal. UNODA. Available at: https://docs-library.unoda.org/Open-Ended_Working_Group_on_Information_and_Communication_Technologies_-_(2021)/India.pdf 

International Cyber Law Interactive Toolkit (2021) National position of Brazil. CCDCOE. Available at: https://cyberlaw.ccdcoe.org/wiki/National_position_of_Brazil_(2021)

Kushner, D. (2013) The Real Story of Stuxnet. IEEE Spectrum. Available at: https://spectrum.ieee.org/the-real-story-of-stuxnet 

Maurer, T. and Morgus, R. (2014) Tipping the Scale: An Analysis of Global Swing States in the Internet Governance Debate. CIGI. Available at: https://www.cigionline.org/static/documents/gcig_paper_no2.pdf 

Philanthropy Communications (2024) What’s Digital Sovereignty? Lessons from Brazil to the World. Internet Society Foundation. Available at: https://www.isocfoundation.org/2024/10/whats-digital-sovereignty-lessons-from-brazil-to-the-world-implications-risks-and-global-insights/ 

Radwan, A. (2025) Digital Colonialism: The Global South Facing Closed Screens. Al Jazeera Media Institute. Available at: https://institute.aljazeera.net/en/ajr/article/2962 

Tomé, J. and Woolbright, J. (2024) Exploring Internet traffic shifts and cyber attacks during the 2024 US election. The Cloudflare Blog. Available at: https://blog.cloudflare.com/exploring-internet-traffic-shifts-and-cyber-attacks-during-the-2024-us-election/ 

UNODA (2022) Statement Brazil - Topic 10 - further development. Open-Ended Working Group on Reducing Space Threats. Available at: https://docs-library.unoda.org/Open-Ended_Working_Group_on_Reducing_Space_Threats_-(2022)/Statement_Brazil-Topic_10-_further_development.pdf 

Único (2023) Brazil’s new ‘E-Ciber’ National Cybersecurity Strategy established via decree. Mattos Filho. Available at: https://www.mattosfilho.com.br/en/unico/cybersecurity-strategy-decree/ 

Washington Free Beacon (2015) Stolen F-35 secrets now showing up in China’s stealth fighter. Fox News. Available at: https://www.foxnews.com/politics/stolen-f-35-secrets-now-showing-up-in-chinas-stealth-fighter 

Younger, N. (2020) The case of Edward Snowden. National Whistleblower Center. Available at: https://www.whistleblowers.org/news/the-case-of-edward-snowden/