August 16, 2022 — Cyber-enabled information operations that exploit social media to shape narratives and societal perception vex Western democracies which have long treated the free flow of information as a virtue. Despite these tensions, Western democracies have sought to adapt their cyber forces both to counter and to manipulate social media and other information operations as an offensive weapon. This article evaluates how these democracies thus far have responded to information operations with a focus on offensive information and cyber operations. The article analyzes three topics relevant to the future of democracies and cyber-enabled information operations. First, is an explanation as to why Western democracies failed to anticipate the threat of cyber-enabled information operations. Second, the article catalogs and compares how four major Western democracies have responded to information operations—US, UK, France, and Germany. The final section evaluates whether and how democracies should practice offensive cyber-enabled information operations, and why, in the end, the article concludes that democracies should avoid offensive cyber-enabled information operations because they pose three tensions that undermine democracy: Internet fragmentation, violations of democratic norms, and blowback. MORE
|
August 16, 2022 — From 2018, members of the coalition fighting against the Islamic State in Iraq and Syria confirmed that they had been conducting offensive cyber activities as part of the campaign in an operation given the codename GLOWING SYMPHONY.[1] While the details of these operations largely remain highly classified, they are the first example of states publicly admitting to such operations during armed conflict. They are also notable as while Fleming in his speech cited above emphasized that the UK effort resulted from cooperation between its signals intelligence (SIGINT) agency GCHQ and the Ministry of Defence (MOD), one of the other partners, Australia, emphasized the role of civilian personnel from its SIGINT organization, the Australian Signals Directorate. This was arguably the first public recognition of the extent to which, at least in some states, intelligence organizations and the military were entwined in the conduct of contemporary offensive cyber operations. MORE
|
August 16, 2022 — This article explores a variety of opportunities and challenges with the use of cyberspace countermeasures. It critically assesses a set of conditions under which countermeasures can be an appropriate means of offensive cyber: limited aim of defense and deterrence, protection of critical infrastructure, and compliance with rules of behavior. Here, the article shows that countermeasures must be taken for the purpose of active defense and deterrence. Second, they can be appropriate as a means of defending critical infrastructure. Finally, they should be executed by state actors who comply with existing principles of cyberspace behavior. While cyberspace countermeasures can become a socially accepted, legitimate means of active defense and deterrence, the article shows that there are several challenges connected with each of these conditions. For one, there are various degrees of feasibility about what conditions are appropriate for countermeasures. The article also discusses inherent problems in the application of international law, from which rules of engagement are drawn, to cyberspace. The challenges are hard to solve, which may explain why it has been so difficult for the international community to produce a set of agreeable criteria for active defense measures. MORE
|
August 16, 2022 — This article has two aims: first, to examine the future of cyber conflict studies and how the study of cyber security can develop in a more interdisciplinary way; second, to assess the meaning of “offensive” and “defensive” cyber security from the perspective of a variety of different academic disciplines. The article argues that a more holistic and nuanced understanding of cyber offence and defence can be achieved if some of the intellectual silos and disagreements that have characterised the debate so far can be deconstructed and overcome. The article is in three parts. The first section briefly outlines some of the definitional fog that has plagued the cyber security discipline, including over what constitutes cyber offense and defence. The paper then summarises four different subcultures of cyber conflict studies that understand and study cyber security in different ways: International Relations (IR), Political Psychology, International Law, and Computer Science. The concluding section discusses how the cyber conflict studies discipline can move forward, be made more rigorous, and less prone to pathology and dead ends, including through the formation of a cohesive but heterogenous epistemic community. MORE
|
August 16, 2022 — The idea of offensive advantage dominates the cyber security field, a framework originating from research on the offense/defense balance in conventional warfare. The basic theory is that the balance of offensive and defensive forces determines what kind of strategy will be most effective. The field of cyber security consistently tries to build on offense/defense balance frameworks with little awareness of the inherent problems of the theory. If the offense is dominant, then the defense would supposedly never win against an aggressive adversary due to the compounding nature of failure. The only solution would be going on the offensive in return. This article identifies three core problems with applying the offensive/defensive balance to cyberspace: (1) the inability to distinguish between the two frames, (2) the failure to understand the impact of perceptions, and (3) the inaccuracy of measurement. The pathology of offensive advantage and being under siege as a defender can only continue to lead to strategic malaise and constant attacks as the defender fails to shore up vulnerabilities due to the mistaken belief in the ascendancy of the offense. MORE
|
August 16, 2022 — This article highlights the importance of offensive cyber as an instrument for Russia to generate strategic effect against NATO and its core states. It focuses on the use of offensive cyber by the Russian military at the strategic level. This military is perceived to be the lead actor in the operationalization of offensive cyber by Moscow. Because the Russian military sees itself at an overall disadvantage vis-à-vis NATO’s conventional capabilities, it is offensive cyber that it is looking to provide a means of fundamentally redressing this imbalance. Offensive cyber is a vital tool for the Russian armed forces. It is indeed viewed as being the only available instrument that can, short of the use of nuclear weapons, bring about the neutralization of core NATO states; that is, to defeat them. This neutralization can be engendered, according to Russian military logic, in two ways: either through cyber-psychological or cyber-technical attacks. This article unpacks these terms and indicates how both can theoretically generate the degree of impact that could lead to the neutralization of core NATO states. Finally, there will be a review of the Russian use of offensive cyber in the Ukraine conflict. MORE
|
|
May 17, 2022 — As I read through the Spring CDR, I found that the war in Ukraine was on my mind and that I analyzed the articles through that lens. During my reading of each article, I kept asking myself the following:
-
How does this relate to the current and evolving situation in Ukraine?
-
Is Ukraine validating many of our assumptions of modern, multi-domain operations?
-
Or is it a return to more traditional/conventional warfare?
-
Finally, how are other adversaries, such as China, leveraging the situation to their own benefit?
While not written with Ukraine in mind, I think you’ll find many relevant articles in this issue that highlight the need for continued thought leadership in cyberspace, which plays a crucial role in current and future competition and conflicts.
MORE
|
May 17, 2022 — Over the past two decades, global society has shifted significant portions of its social and economic activities online. In the US alone, Internet Association experts estimate that Internet-based commerce accounted for about $2.1 trillion, or 10% of GDP, in 2019. With this rise in economic and social activity, the world has witnessed a dramatic rise in cyber-attacks, mostly by criminal actors seeking to steal assets, defraud victims, and ransom decryption keys. One expert projects that by 2025, worldwide cyber-crime losses will reach a staggering $10.5 trillion, making cyber-crime—were it a country—the world’s third largest economy. For victims, the harm includes not only the cost of cleanup, but the loss of tangible assets such as stolen funds and fraudulent credit card charges, as well as harder-to-quantify figures for businesses that shut down operations or lose valuable intellectual property that finds its way into competitors’ hands. Thus, the consequences for business owners and everyday citizens are severe. Yet progress in stemming the flow of cyber-attacks in the US seems stymied. The White House’s 30-nation meeting on ransomware in October 2021 was a promising initiative, but lacked any mention of private-sector active defense measures. As noted in the 2016 "Into the Gray Zone" report co-authored by ADM Dennis Blair, one of this article’s authors, the US must take active steps not only to protect networks, but also to hunt down threat actors. Doing this at scale will require robust private sector participation. This article suggests one way to achieve this. MORE
|
May 17, 2022 — At a time when crippling ransomware incidents have drawn awareness to the risks of cyberattack as perhaps never before—and in which cyber criminals often enjoy toleration and a symbiotic relationship with the government in safe haven jurisdictions such as Russia—cybersecurity and cyber defense are topics of critical importance. In response to these threats, government officials and private cybersecurity experts alike seek effective responses, which increasingly involves cybersecurity-focused diplomatic engagement. This article offers a tentative framework for conceptualizing this challenge and developing more systematic approaches for cybersecurity policy interventions that will support and facilitate cyber diplomacy. MORE
|
|
May 17, 2022 —
As the proliferation of cyber threats continues and the complexity and number of online systems grows, the need for updated cyber defenses to appropriately combat the threat will continue to expand into the future. The public and private sectors both heavily rely on accessing and using secure networks. The requirements for defense already outstrip the current capacity the US government has and needs reinforcement.
A cyber auxiliary can provide several ways to augment our cyber defense capacity. Education programs can equip the population with skills and awareness to serve as a solid front-line defense. A cadet program could enhance the educational approach and expose a larger population to in-depth knowledge of cyber defense and network operations, building a cadre for the future. Adult auxiliary members can add capacity to current cyber-defense organizations and be critical actors in aiding civil defense and even DoD. Much like the change in warfare observed during and after World War I, cyberspace is changing and growing. It is time to recognize both the environmental shifts and the opportunities available to the nation to get ahead of the coming cyber tsunami.
MORE
|