December 5, 2023 — Cyber Persistence Theory provides an important discussion of the structural shift in cyber strategy necessary for taking U.S. cybersecurity to the next level. No other work has made such a convincing case for this structural shift as the au¬thors explain the current gap between cyber theory and observed cyber applica¬tion. This alternative to the cyber deterrence paradigm provides an in-depth, academic analysis of the modern cyberspace environment. The main takeaway of this thesis is that cyberspace activity, especially exploitation, is the primarily form of strategic competi¬tion, and that exploitation should be interpreted as an alternative to war wherein states quickly capitalize on other state’s cyberspace vulnerabilities rather than resorting to compellence. According to the authors, in cyberspace, states operate, at a low-cost, out of a structural need to persist and a strategic incentive to achieve short-term gains, without necessarily triggering an armed attack. MORE
|
December 5, 2023 — Cybersecurity is like the weather on a summer day; you can see out of your win-dow—just like you can see into your network—but you can’t see the storm on the other side of the mountain without a network of stations reporting what they can see. This analogy could be useful in thinking about forecasting for cyberse¬curity. This approach to cybersecurity—developing a “cyber-weather forecaster” —would enable defenders to see, predict and deal with threats in the same way that the National Weather Service (NWS) forecast helps us decide whether to bring an umbrella or leave it at home. As CISA’s Joint Cyber Defense Collaborative (JCDC) matures, developing “cyber weather forecasters” would provide an important improvement in gaining visibility into our networks and conducting predictive analysis. MORE
|
December 5, 2023 — As cybersecurity researchers and scholars of cyber conflict studies turn to think about the impact that artificial intelligence (AI) technologies will have on patterns of digi¬tal insecurity, it is important that they learn from the record of recent technological transformation of the national security enterprise. This research note considers the challenge of forthcoming changes in the dynamics of global cyber conflict brought about by AI. It identifies a tendency in the way commentators frame the intersection of these technological areas with known technical or operational touchstones. Specifical¬ly, commentary along both lines often ignores the question of evolving strategic context in much the same way that early scholars of cyber conflict often did, reducing any con¬clusion about the impact of AI on cyber conflict to a simplistic “bigger, faster, smarter, better” bottom line. In place of these frames, I suggest a simple four-part typology that envisions cyber conflict dynamics in which interaction (1) employs AI, (2) is conducted against AI, (3) is undertaken entirely by AI, and (4) is shaped and attenuated by AI. MORE
|
December 5, 2023 — This study explains the technological context and miscalculations that led to Rus-sia’s invasion of Ukraine and explores how public opinion shaped the technological factors that are helping Ukraine gain and maintain a competitive advantage. NATO overestimated Russia in information technology and did not account for collective hybrid efforts outside of Ukraine, emboldening Russia to push physical and ethical boundaries. However, Ukrainian forces and benefactors have been using informa¬tion technology more efficiently than Russia, among other enablers, to gain a com¬petitive advantage over its seemingly larger and more powerful adversary. Research must be conducted to understand the factors of Russia’s shortfalls, properly inte¬grate corporations using a common language, and establish rules of engagement among civilian and military agencies in the cyber domain. History and case study methodologies were used for this research. Russia’s historical identity and impunity emboldened the Kremlin to invade Ukraine, underestimating the impact technolog¬ical benefactors would have on Ukraine as a formidable competitor under Porter’s five forces model. This conflict exposes implications for industry integration to cyber defense exercises (CDX). This research is significant because it promotes a common language and framework to integrate private organizations in applying collaborative solutions and boundaries in a domain without borders and limited regulation. MORE
|
December 5, 2023 — The expanding use of cyber operations amid broadening geopolitical instability has implications for traditional middle powers, notably Canada, Australia, Nor¬way, and the Netherlands, among others. They occupy privileged positions at the core of the global political economy but have limited ability to shape the geopolitical envi-ronment and few resources to protect and project their national interests. Many of the world’s most influential middle powers are also longstanding U.S. allies, have high levels of digital connectivity, strong knowledge-based economies, leading research institutions, and membership in coveted multilateral groupings and security alliances. Compound¬ed by their hard-power resource constraints, for adversaries, middle powers represent low-risk, high-reward targets for exploitation in cyberspace. Middle powers thus have strong incentives but limited capacity to prevent the cyber-enabled degradation of their sovereignty, stabil¬ity, and economic competitiveness. MORE
|
December 5, 2023 — Recent cybersecurity events have prompted the federal government to begin inves-tigating strategies to transition to Zero Trust Architectures (ZTA) for federal infor-mation systems. Within federated mission networks, ZTA provides means to mini-mize the potential for unauthorized release and disclosure of information outside bilateral and multilateral agreements. But when federating with mission partners, there are potential risks that may undermine the benefits of Zero Trust. This article explores risks associated with integrating multiple identity models and proposes two potential avenues to investigate mitigation of these risks. MORE
|
December 5, 2023 — In 1984, Glenn H. Snyder wrote an analysis of states’ dilemmas in alliances with this issue at its core that has demonstrably had excellent explanatory and predictive power.1 In the Cold War’s technological strategic context of nuclear and conventional military means, he found that: “In general, entrapment is a more serious concern for the lesser allies than for the superpowers […] because the superpowers have a much greater capacity for taking ini¬tiatives (notably nuclear initiatives).” In NATO, the US controls much of the alliance’s conventional military capabilities and most of its nuclear weapons. Applying Snyder’s analysis, this vests the US with a sufficient level of control over NATO’s crisis management, to minimize the US’ risk of en¬trapment in conflicts. Emergence of cyberspace as a new venue for military operations changes the US strategic environment. MORE
|
December 5, 2023 — In a world of ubiquitous connections, cybersecurity is everyone’s responsibility. Gone are the days when the actions of others had little impact on a person’s day-to-day ac¬tivities. We are now completely digitally interdependent, meaning the actions of one individual can be the vulnerability that allows adversaries to target a soft spot in the United States’ (U.S.) digital infrastructure. We argue a whole-of-society approach to cybersecurity is needed. The involvement of all members of society is required to de¬fend against the scourge of cyber intrusions emanating from Russia, China, North Korea, and Iran. We do not promote individuals or corporations engaging in offensive cyber operations, but instead advocate that the U.S. already has a non-governmental model for citizen involvement in entities like the Civil Air Patrol (CAP), to adopt for cyberspace. We build on Estonia’s Cyber Defense League (CDL) organizational model and the works of others, advocating for establishing a Civil Cyber Defense (CCD) in the U.S. We conclude with specific actions this new entity could take to increase the overall cybersecurity posture of the U.S. and identify potential issues with our CCD concept. MORE
|
December 5, 2023 — Information and cyber action have been important but ancillary components of the Ukraine war since its outbreak on February 24, 2022. We offer a set of observations:
• A form of cyber conflict has emerged in which Russia often attempts to aggres¬sively deny service or purloin information, while Ukraine and its allies often blunt the attacks;
• Communications security for Russian forces from the tactical- to theater-level has frequently failed, often with disastrous consequences, as signals intelligence information has been employed to target military command echelons;
• Unmanned aircraft have come to occupy a critical intelligence and air support function for Ukraine, although Russia is increasingly able to employ drones as well;
• Intelligence support from the West to Ukraine appears highly significant and useful, possibly substantially shaping Ukrainian strategy and tactics;
• The infrastructure and technical expertise of large tech firms such as Google, Microsoft, and SpaceX also helped Ukraine stay abreast of the Russian cyber threats; and
• Propaganda operations by Ukraine have had tremendous reach in Europe and continue to elicit support, while those of Russia have been largely inward-facing and designed to shore up support for the war among the Russian public.
We also consider what cyber tools and effects might be employed as the war continues. MORE
|
December 5, 2023 — The United States risks losing its information advantage over its near-peer compet-itors, specifically China. One reason behind this possibility is that the U.S. lacks a coherent doctrine of information warfare, which has put the U.S. at a disadvantage. Considering the Russian interference in elections of several North Atlantic Treaty Organization (NATO) states and allies, including Ukraine, Germany, and the United States, most stunningly in the 2016 presidential election, this article addresses the question: What is to be done? Before delving into possible solutions, the exact nature of the complex problem must be explored. The purpose of this article is to investigate the ways the U.S. could improve in information warfare, specifically against one of its top near-peer competitors, China. First, this article summarizes how China com¬pares with the U.S. concerning information warfare and influence opera¬tions. Second, it delves into some of the definitional chaos in which the U.S. is mired. Thirdly, the article illustrates the doctrinal and data policies of the U.S. Department of Defense. Finally, it concludes with policy recommendations. MORE
|