Nov. 14, 2022

The UN Cyber Norms: How Do They Guide the Responsible Development and Use of Offensive Cyber Capabilities?

In this article, I review how the international cybersecurity norms, agreed to in 2015 and reaffirmed in 2021 by the member countries of the United Nations (UN), provide guidance to states on their possession and use of offensive cyber capabilities. This is an important exploration given that UN negotiations have reached a provisional climax, and that more states, ranging from major cyber powers to developing cyber nations, are getting involved with offensive cyber activities. I consider the 11 UN norms and extract the specific guidance they offer both to states that conduct offensive cyber operations and to states who have been attacked by offensive cyber activities. Then, I consider the various types of cyber operations that could affect international peace and security before looking at ways through which governments, international bodies and communities of non-governmental organizations can support observance of the UN norms. Finally, I assert that responsible forms of offensive cyber will not be for all states, and that raising the bar – including through the UN norms – benefits all major cyber powers.

Nov. 14, 2022

Why the United States Must Win the Artificial Intelligence (AI) Race

An increasingly urgent debate rages in many circles about the “Artificial Intelligence (AI) Arms Race” rapidly progressing on a global scale. Among many unanswered questions, one is of particular interest to the United States (US) government: Where does the US stand in this race relative to China? This question is critical because the AI Arms Race “winner” will dominate how AI impacts myriad aspects of human society worldwide. For the US to lead the AI race, it will require a conscious partnership among public, private, and academic sectors, and a strategic alignment with our allies. Our relative position as a world leader, our relative position as an economic leader, and our standing as a moral force for all people’s good and ethical treatment are at risk.

Nov. 14, 2022

How China’s Cyber Operations During the COVID-19 Pandemic Worsened the United States Biodefense and National Security

Until 2020, biological warfare seemed like a remote threat to military operations and national security. Then, in March 2020, the novel SARS-associated coronavirus (SARS-CoV2) emerged and forced the world, including the Department of Defense (DoD), to acknowledge the calamitous potential of deadly virus pandemics. The United States 2018 National Biodefense Strategy (NBS) warns of the need to enhance biological threat responses to prevent such detrimental effects.1 It highlights the natural, isolated outbreaks of Systemic Acute Respiratory Syndrome (SARS), Ebola, and Zika viruses as potential agents on which clandestine bioweapon programs or terrorist groups seeking such programs could capitalize. The NBS outlines a plan to prevent, detect, and respond to biological threats, providing defense and deterrence strategies to avert bioweapon use on American civilians or military personnel. A nation with a strong biological defense decreases its population’s vulnerability to pathogens with aggressive exposure mitigation and effective treatment measures, which thereby increase the nation’s resiliency to public health crises. Such defense capabilities change an adversary’s cost-benefit balance so that it avoids initiating a biological attack, providing deterrence from future threats. The success of these response strategies requires cooperation among government, medical, public health personnel, and the general population.

Nov. 14, 2022

Seventh Service: Proposal for the United States Cyber Force

To fight and win in cyberspace, the United States needs a Cyber Force. During World War II, air power tipped the scale of victory in favor of the allies, as aviation proved to be an indispensable warfighting capability. The creation of the Air Force was predicated on the notion that the effective employment air power is not a matter of choice, but the very condition on which national survival rested. Today, cyber superiority has wider implications for US national security than air superiority had at the close of World War II; however, the federal government is not structured to effectively defend the US national interests. The current division of cyber authorities precludes comprehensive mitigation of cyber-enabled malicious activities. To effectively combat nation-state and non-state actors targeting US and allied interests in cyberspace, the US should establish a Cyber Force modeled on the U.S. Coast Guard with a reserve component modeled on the National Guard. Combining these models would allow for a single force capable of executing military operations, law enforcement activities, and intelligence collection at the direction of the Departments of Defense and Homeland Security, complemented by an expansive reserve component available to both state governors and the federal government.

Nov. 14, 2022

Everything Flows: Russian Information Warfare Forms and Tactics

This case study builds on previous analyses of Russian information warfare and covers the forms and tactics in simultaneous campaigns in Ukraine and the US between 2014 and 2020, using Daniel P. Bagge’s DOPES methodology to discern and analyze patterns within events data from the two campaigns. Use of DOPES illustrates that Russian information warfare possesses discernible forms and tactics across varying contextual situations and is highly flexible. The forms and tactics align with Russian information warfare (IW) doctrine and the goals of reflexive control. The case study concludes with a discussion of strategic and policy level recommendations to counter the effects of Russian IW.

Nov. 14, 2022

A Military of Influencers: The U.S. Army Social Media, and Winning Narrative Conflicts

In the interconnected era of the Internet, the military must confront the new face of an old threat: narrative conflict. Where states once maintained nearly absolute domestic control of the narratives surrounding their military engagements, social media have created a wide array of perspectives, arguments, and disinformation campaigns that constantly affect both the civilian and military populations. These campaigns encourage the questioning of state objectives and threaten the identity of the individual and the collective ontological identity of the society, making it more difficult for states to maintain momentum and support for their military endeavors. Without that support, military campaigns can collapse, regardless of the skill or preparedness of warfighters. This research explores three topics relevant to the U.S. Army in hopes of helping it better equip itself to succeed in narrative conflicts: the strategic impacts of commander’s decisions on the battlefield, the need to control signals emissions, and the consequences of bulk internet data sales. It then concludes by providing brief policy suggestions for mitigating these issues.

Nov. 14, 2022

Deterrence Thru Transparent Offensive Cyber Persistence

State-enabled cyber campaigns are achieving cumulative, strategic effects on the United States. A lack of transparency limits offensive cyber capabilities from affecting the cost-benefit decisions of malicious cyber actors. However, recent operations suggest the United States can positively attribute malicious cyber activities, impose significant consequences with offensive cyber force, and translate those actions into deterrence of specific malicious activities using public communication. Persistent, public disclosure is necessary for offensive cyberspace operations to deter malicious cyber activities, nested with US strategic guidance, and achievable based on recent cyberspace operations. Transparent Offensive Cyber Persistence combines persistence with post factum, public disclosure of the justification, targets, and impacts of offensive cyber force, exchanging information for deterrence credibility. This work evaluates its suitability, acceptability, feasibility, and risks. Transparent Offensive Cyber Persistence exploits the relative advantages of offense in cyberspace to impose costs directly on malicious cyber actors, compel targets to defend everywhere, dissuade other actors, set a legitimate narrative of consequences for unacceptable malicious cyber activities, and shape international norms.

Nov. 14, 2022

Ethical Assessment of Russian Election Interference

The consistent development of information and communication technologies poses new ethical challenges for military leaders and policymakers in the fifth domain of warfare—cyberspace. This article engages a relatively new ethical framework known as Just Information Warfare (JIW) to assess one of the highest profile instances of information warfare in recent years—Russian interference in the 2016 US presidential election. First, we define information warfare and describe how concepts from two well-known ethical theories—Just War Theory and Information Ethics—merge to create JIW. Next, we analyze Russian military officers' 2016 election interference efforts and the corresponding US response through a JIW lens. Finally, we offer three key takeaways from our analysis that warrant further thought.

Nov. 14, 2022

Regulating Cyber Warfare Through the United Nations

Cyber warfare is an emerging type of conflict threatening international establishments such as international humanitarian law and the norms guiding interactions between states. Currently, with no means to slow down their use, the rate at which cyber weapons are being produced and launched between states is growing. One organization that can change that is the United Nations. The United Nations possesses several facilities that make it a powerful tool to address the ever-expanding problem of international cyber security. While other options for imposing regulations exist, state governments should favor the United Nations as the premier platform to address this issue.

Nov. 14, 2022

Cyberspace in Peace and War, 2nd Edition (Book Review)

Martin Libicki’s Cyberspace in Peace and War (2nd Edition) is a cyberwar strategy masterpiece. At this point in my career, rarely do I read books that are so impactful. Readers of Libicki’s second edition will ultimately understand almost all aspects of deterrence, the shifting thinking on cyberspace-based effects as an element of national power, and whether cyber deterrence is achievable. Most importantly, readers will be treated to a sober assessment of "cyberwar" rather than predictions of an imminent "cyber-9/11" This important difference takes the focus off preventing a single catastrophic event and instead highlights the increasing complexity of executing cyber operations in a world of digital connectivity. Libicki claims this distinction, plus the many actors utilizing cyberspace, causes difficulties in establishing deterrence in and through cyberspace.