Cyber Capabilities as Favourable Instruments in the Pacific Century (original) (raw)
Related papers
Deciphering Cyberpower: Strategic Purpose in Peace and War
Strategic Studies Quarterly, 2011
What is the strategic purpose of cyberpower? All too many works on cyberspace and cyberpower are focused on the technical, tactical, and operational aspects of operating in the cyber domain. These are undoubtedly important topics, but very few address the strategic purpose of cyberpower for the ends of policy. Understanding its strategic purpose is important if policy makers, senior commanders, and strategists are to make informed judgments about its use. Cyberpower does indeed have strategic purpose relevant to achieving policy objectives. This strategic purpose revolves around the ability in peace and war to manipulate perceptions of the strategic environment to one's advantage while at the same time degrading the ability of an adversary to comprehend that same environment. While it is proper to pay attention to the technological, tactical, and operational implications, challenges, and opportunities of cyberspace, this article concerns itself with its use-"the ability to use cyberspace to create advantages and influence events in all the operational environments and across the instruments of power"-for achieving the policy objectives of the nation. 1 Transforming the effects of cyberpower into policy objectives is the art and science of strategy, defined as "managing context for continuing advantage according to policy" (emphasis in original). 2 The definition provides the overall strategic impetus for the use of cyberpower. To fully understand the power of cyber, one must acknowledge the character of cyber-power and cyberspace. The linkage between strategic context, strategy, and
IAFOR Journal of Politics, Economics & Law, 2017
A review of state-associated incidents in cyberspace over the past decade reveals that over two thirds of these involved actors within the Asia-Pacific, often occurring in the context of politico-economic disputes. These activities, ranging from attempts at espionage to coercion, in all appearance appears to confirm the domain's increasing strategic value. But upon closer inspection, only half of these have resulted in meeting their political objectives. Moreover, these have involved notable regional powers employing relatively unsophisticated tools and tactics in cyberspace. This challenges the prevailing notion that cyberspace provides an asymmetric advantage for middling and/or weak powers due to its low cost of entry and the increasing technological dependence of targets. With growing tensions in the Asia-Pacific, the need to better understand the strategic utilization of this domain is paramount. In so doing, this paper argues that coercive success in cyberspace is not determined solely by an aggressor's technological prowess but depends crucially on appropriate force employment and an understanding of the domain's unique geography. Through the analysis of the Stuxnet operation, the paper demonstrates that careful consideration of these factors may better account for the success or failure of coercion in the domain.
2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace, 2015
While many states are developing national cyber security strategies, the exact role and responsibilities of the armed forces in cyberspace often remain unclear. Although attention has been devoted to acquiring specific technical capacities and expertise to act in cyberspace, decision-making processes, doctrines for deployment, and procedures generally lack systematic analysis. The first part of this article therefore focuses on whether militaries in their own national context contribute to defensive cyber security tasks. Common national challenges are identified, as are approaches that potentially improve cyber security through better civil-military cooperation. The article then examines the organisational structures in place across Asia and Europe to enable better international military cooperation for cyber related incidents. It outlines how international cooperation might assist a better exchange of information to increase cyber defence effectiveness, specifically between Asia and Europe.
Covert or not Covert: National Strategies During Cyber Conflict
T. Minárik et al. (eds), 11th International Conference on Cyber Conflict: Silent Battle, 2019, 2019
Anonymity is considered to be a key characteristic of cyber conflict. Indeed, existing accounts in the literature focus on the advantages of the non-disclosure of cyber attacks. Such focus inspires the expectation that countries would opt to maintain covertness. This hypothesis is rejected in an empirical investigation we conducted on victims’ strategies during cyber conflict: in numerous cases, victim states choose to publicly reveal the fact that they had been attacked. These counterintuitive findings are important empirically, but even more so theoretically. They motivate an investigation into the decision to forsake covertness. What does actually motivate states to move into the international arena and publicly expose a cyber attack? The goal of this paper is to understand why and under which geopolitical circumstances countries choose to give up the advantages of anonymity. Whether they wish to Name and Shame opponents for ignoring international norms or whether they try to avoid public humiliation, victims of cyber attacks occasionally reveal the fact that they had been attacked. There is tension between such motivations and the will to protect intelligence sources and the incentives to prevent escalation if an attack is revealed, even more so if the attacker is exposed. Indeed, we find that sunk costs, counterescalation risks and the need to signal resolve—while critical in motivating victims to keep cyber attacks secret—may not suffice under such specific circumstances. By focusing on the victim’s side, we draw inspiration from data on real-world cyber attacks in order to place cyber operations in the larger context of secrecy and covert actions in the international arena. In so doing, the aim is to advance the use of empirical data for understanding the dynamics of cyber conflict and the decision-making process of states operating in this increasingly complex domain.
The Impact of Cyber Conflict on International Interactions
Analysts suggest that the rise of the cyber domain of combat has led to a revolution in military affairs and have greatly changed how society interacts with the Internet. The structure and content of interactions on the battlefield have supposedly changed in light of this development. In the rush to note the changing face of conflict, few scholars have actually examined the impact of cyber conflict on foreign policy relationships. Here we use weekly events data to examine exactly what happens between countries when cyber conflict is utilized as a foreign policy choice. Using a previously constructed data set of cyber actions, we measure conflict and cooperation after a cyber operation to understand the true impact of this new way to arm a state and society. We find that only one method of cyber malice, denial of service, and one tactical goal, seeking a change in behavior in the opposing side, impacts conflict-cooperation dynamics between states.
Cyberwar and Rivalry: The Dynamics of Cyber Conflict between Antagonists, 2001-2011 by
The goal of this research is to exhaustively collect information on all cyber attacks in the last decade so that we can delineate the patterns of cyberwar as reflected by evidence. Much talk about the concept of cyberwar and the changing dynamic of future conflict is founded on the study of spectacular flights of imagination of what could be. Our theory is that deterrence and regionalism should be expected in cyber conflict, counterintuitive to conventional wisdom. We find here that the actual magnitude and pace of cyber attacks among rivals does not match up to popular perception. Only 20 of 124 active rivals engaged in cyber conflict between 2001 and 2011. The attacks that were uncovered were limited in terms of magnitude and frequency. The coming era of cyberwar should continue to exhibit these patterns despite fears mentioned by media pundits and government agencies. Cyberwar is a reality, but it is a little used tactic that has not changed the shape of international interactions.
CYBER WAR, CYBERED CONFLICT, AND THE MARITIME DOMAIN
How cyber assaults and government responses have been interpreted is not uniform, however, especially with regard to whether the world will eventually engage in “cyber war.” There is a community of scholars and analysts who argue that cyber war will not happen or that the impact of cyberspace on armed conflict will be limited. Others in the broad field of security studies, traditional computer science, or corporate communities claim that while some form of conflict is happening, government officials, military officers, and legislators are suffering from “threat inflation.” They argue that hyperbolic projections are leading to bad policy decisions, especially with regard to specific adversaries, and that there has been overinvestment in offensive cyber weapons rather than prudent defensivemeasures. A best-selling nonfiction book has been criticized for contributing unnecessarily to public fears about the potential for cyber warfare. Many of these critics argue that what are being called “cyber attacks” are really instances of espionage, allowed by international law, or simply crime, which is not the mission area of the nation’s military services. Some analysts detect the influence of the military-industrial complex on policy debates. If hackers, official or not, from China and Russia, terrorists, and criminals use the Internet to penetrate U.S government systems, contractors see opportunities for increased revenue. As two observers of cyberspace argue, “There’s an arms race in cyberspace, and a massively exploding new cyber-industrial complex that serves it.” Our position on this ongoing debate is that neither side has it right.
Cyber Attack: A Dull Tool To Shape Foreign Policy
NATO Cooperative Cyber Defence Centre of Excellence, 2013
This paper examines how nation states unsuccessfully attempt to use cyber attacks as instruments to support their foreign policy objectives. By analyzing three prominent case studies, I show that as a result of geopolitical tensions, cyber attacks were implemented to further nation state objectives in support of foreign policy considerations and failed to achieve their respective outcomes despite successful deployment against their intended targets. The three case studies, hypothetical scenarios inspired by real events, include: (1) the October 2012 distributed denial of service attacks targeting the U.S. banking sector;
Jus ad Bellum and Cyber Warfare in Northeast Asia
Cyber attacks have become a grave threat to international peace and security. Northeast Asia is a critical point of many of these cyber operations. First, South Korea has been the target of cyber attacks from North Korea. Second, there are harsh debates on this matter between the US and China. While the United States have expressed their concerns about the growing threat of cyber intrusions from China, the People’s Republic of China has blamed the US for attacks against their respective computer networks. From the perspective of the jus ad bellum, potential cyber attacks raise a number of difficult and complex issues. The following article examines which cyber operations amount to the use of force as stipulated in Article 2(4) of the UN Charter and discusses the conditions under which type of cyber attacks could trigger the right to self-defense. In addition, other available remedies outside the framework of Article 51 of the UN Charter will be discussed. Keywords: Cyber Attack, Jus ad Bellum, Right to Self-defense, Armed Attack, Preemptive Self-defense, Security Council, ICJ, ICC, Counter-Measures
State Cyberspace Operations: Proposing a Cyber Response Framework
RUSI Occasional Paper, 2020
Cyberspace is the battleground of the new century – one that is likely to witness increased and diversified forms of aggression with the recent rise of world tension, driven by disputes over trade, territory and the coronavirus pandemic. Yet, increased tensions mean an increased chance of miscalculated intent. States would all benefit from a shared understanding of normal state behaviour in cyberspace. That common understanding must include shared intentions about appropriate responses to cyber incidents, especially in relation to determining which cyber operations are likely to elicit aggressive responses and which are considered part of the cost of doing business in international relations. States are understandably reluctant to reveal their thinking on this issue because they do not wish to encourage cyber misbehaviour below that threshold. In this paper, the author suggests that a framework establishing categories of incidents and possible responses could be helpful in avoiding actions in cyberspace that would unintentionally push states to engage in armed conflict. Further, the tiered response framework proposed mitigates the downside of increased transparency.