Cyber-attack as inevitable kinetic war

This paper poses the question as to whether a “cyber-attack” by a state against another state might breach of Article 2(4) of the United Nations Charter. Although this question is not new, and the answers to it are either by no means consistent or far too clear for the uncertainty of a military field, this paper expresses significant concerns that some of the basic military issues may have been overlooked in contextualizing cyber-attack in United Nations Charter jurisprudence. Its methodology is delimited to discussing the nature of cyber-attack, but only on a basis between one sovereign state and another sovereign state. The paper is further delimited by reference to Article 2(4) of the UN Charter, and how that article might be considered breached. Interwoven throughout the paper is a proposition that cyber-attack is intended to be a military action in the nature of maneuver warfare as an instance of Aristotelian ethical deliberation and action, and further, it is always intended to have military consequences.The inference from this is that a cyber-attack is intended to have kinetic effects in the same way as fraud and deception infer physical effects, and therefore, is intended to have effects similar to those of conventional warfare.The paper begins with an examination of kinetic precepts underlying cyber warfare. Then, the paper looks at how attacks on information might represent a kind of warfare. With an abiding concern to include practical military thought, to represent the uncertainty of war, the paper discusses the nature of maneuver warfare, based on Lind's practical military discussion of the term. The next phase of the paper surveys the relevant international law and international law precepts, followed by a brief look at relevant case law. The paper concludes with a suggestion that the information operations inherent in cyber-attacks are essentially and necessarily a priori to a kinetic consequence

Cyber defensive capacity and capability::A perspective from the financial sector of a small state

This thesis explores ways in which the financial sectors of small states are able todefend themselves against ever-growing cyber threats, as well as ways these states can improve their cyber defense capability in order to withstand current andfuture attacks. To date, the context of small states in general is understudied. This study presents the challenges faced by financial sectors in small states with regard to withstanding cyberattacks. This study applies a mixed method approach through the use of various surveys, brainstorming sessions with financial sector focus groups, interviews with critical infrastructure stakeholders, a literature review, a comparative analysis of secondary data and a theoretical narrative review. The findings suggest that, for the Aruban financial sector, compliance is important, as with minimal drivers, precautionary behavior is significant. Countermeasures of formal, informal, and technical controls need to be in place. This study indicates the view that defending a small state such as Aruba is challenging, yet enough economic indicators indicate it not being outside the realm of possibility. On a theoretical level, this thesis proposes a conceptual “whole-of-cyber” model inspired by military science and the VSM (Viable Systems Model). The concept of fighting power components and governance S4 function form cyber defensive capacity’s shield and capability. The “whole-of-cyber” approach may be a good way to compensate for the lack of resources of small states. Collaboration may be an only out, as the fastest-growing need will be for advanced IT skillsets

What Ukraine Taught NATO about Hybrid Warfare

Russia’s invasion of Ukraine in 2022 forced the United States and its NATO partners to be confronted with the impact of hybrid warfare far beyond the battlefield. Targeting Europe’s energy security, Russia’s malign influence campaigns and malicious cyber intrusions are affecting global gas prices, driving up food costs, disrupting supply chains and grids, and testing US and Allied military mobility. This study examines how hybrid warfare is being used by NATO’s adversaries, what vulnerabilities in energy security exist across the Alliance, and what mitigation strategies are available to the member states. Cyberattacks targeting the renewable energy landscape during Europe’s green transition are increasing, making it urgent that new tools are developed to protect these emerging technologies. No less significant are the cyber and information operations targeting energy security in Eastern Europe as it seeks to become independent from Russia. Economic coercion is being used against Western and Central Europe to stop gas from flowing. China’s malign investments in Southern and Mediterranean Europe are enabling Beijing to control several NATO member states’ critical energy infrastructure at a critical moment in the global balance of power. What Ukraine Taught NATO about Hybrid Warfare will be an important reference for NATO officials and US installations operating in the European theater.https://press.armywarcollege.edu/monographs/1952/thumbnail.jp

Prospects for Finland and Sweden to pursue closer defense cooperation with NATO

This thesis examines the potential advantages for Finland and Sweden in pursuing closer cooperation with the North Atlantic Treaty Organization (NATO) and possible membership. The security policy objectives of Finland and Sweden have largely been defensive in nature: to ensure national survival and protection of sovereignty. With the exception of Finland's opposition to the Soviet Union's aggression in 1939–1940 and 1941–1944 to defend its national independence, both countries have remained neutral in foreign and security policies. Sweden's geopolitical situation is advantageous in that the Baltic Sea hinders invasion and the country has positive relations with its immediate neighbors. In contrast, Finland shares a lengthy border with Russia and has a complex history of relations with Moscow. In 2009, Sweden pledged a Declaration of Solidarity that protects its neighboring Nordic states as well as European Union (EU) member states in an effort to strengthen and preserve peaceful relations and stability. The thesis concludes that the benefits of closer cooperation with the Alliance and possible membership, notably collective defense protection under Article 5 of the North Atlantic Treaty, are substantial. Russia's recent aggressive behavior may lead Finland and Sweden to seek closer cooperation with NATO and to give greater attention to the option of membership.http://archive.org/details/prospectsforfinl1094550465Lieutenant, United States NavyApproved for public release; distribution is unlimited

Building Cyber Defense Training Capacity

As society advances in terms of information technology, the dependency on cyber secure systems increases. Likewise, the need to enhance both the quality and relevance of education, training, and professional development for cybersecurity defenders increases proportionately. Without a continued supply of capable cyber defenders that can come to the challenge well-prepared and continuously advance their skills, the reliability and thus the value of information technology systems will be compromised to the point that new information-driven societal structures in commerce, banking, education, infrastructure, and others across the globe would be put be at risk.The body of research presented here provides a progressive building of capacity to support information technology, cybersecurity, and cyber defense training efforts. The work starts by designing infrastructure virtualization methods and problem modeling, then advances to creating and testing tunable models for both technical and social-psychological support capabilities. The initial research was designed to increase the capacity of Regis University in education simulations and cyber competitions. As this was achieved the goals evolved to include developing effective multi-agency cyber defense exercises for government and private sector participants. The research developing hands-on computer laboratory infrastructure presents novel methods for enhancing the delivery of training and cyber competition resources. The multi-method virtualization model describes a strategy for analyzing a broad range of virtualization services for making agile cyber competition, training, and laboratory spaces that are the technical underpinning of the effort. The work adapts the agile development method SCRUM for producing training events with limited resources. Parallel to agile training systems provisioning, the research includes designing a 3D virtual world avatar-based resource to help students develop spatial skills associated with physical security auditing. It consists of a virtual world datacenter and training program. The second category of contributions includes the presentation of new models for analyzing complex concepts in cybersecurity. These models provide students with tools that allow them to map out newly acquired skills and understanding within a larger context. One model maps how classical security challenges change as digital technologies are introduced using a concept called “bit induction.” The other model maps out how technology can affect one’s sense of identity, and how to manage its disruption. The third area of contribution includes a rapid form of psychometric feedback, a customized quantitative longitudinal capability assessments, and an agile framework that is an extension of the earlier agile method adaptations.The most recent category of contribution extends the training analysis to analyzing the resultant training capabilities and providing new models to describe live operation using operational load analysis to describe characteristic behaviors along an incident timeline.The results of this research include novel cybersecurity frameworks, analytical methods, and education deployment models along with interpretation and documented implementation to support education institutions in meeting the emerging risks of society. Specific contributions include new models for understanding the disruptiveness of cyberattacks,models for agilely and virtually deploying immersive hands-on laboratory experiences, and interdisciplinary approaches to education that meet new psycho-sociological challenges in cyber defense. These contributions extend the forefront of Cybersecurity education and training in a coordinated way to contribute to the effectiveness and relevance of education solutions as society’s cybersecurity needs evolve

Remote Controlled Restraint: The Effect of Remote Warfighting Technology on Crisis Escalation

How do technologies that remove warfighters from the front lines affect the frequency and intensity of military confrontations between states? Many scholars and policymakers fear that weapons that reduce the risks and costs of war – in blood and treasure – will lead states to resort to force more frequently during crises, destabilizing the international security environment. These concerns have featured prominently in debates surrounding the proliferation and use of remote warfighting technologies, such as drones. This project sets out to evaluate whether and how drones affect crisis escalation. Specifically, do drones allow decisionmakers to deploy military forces more frequently during interstate crises? Once deployed, how do these systems affect escalation dynamics? I argue that drones can help control escalation, raising questions about scholarly theories that suggest the world is more dangerous and less stable when technology makes conflict cheaper and less risky. At the core of this project is a theory of technology-enabled escalation control. The central argument is that technologies like drones that remove friendly forces from the battlefield may lead states to use force more frequently, but decrease the likelihood of escalation when used in lieu of inhabited platforms. More specifically, these technologies lower the political barriers to initiating military operations during crises, primarily by eliminating the risk of friendly force casualties and the associated domestic political consequences for launching military operations. At the same time, removing personnel from harm’s way may reduce demand for escalatory reprisals after remotely operated systems are lost to hostile action. Drones can also help to mitigate escalatory spirals by collecting intelligence that overcomes information asymmetries that often contribute to armed conflict, helping facilitate more measured decision-making and tailored targeting of enemy forces. By more fully considering how technology affects escalatory dynamics after the initial use of force, technology-enabled escalation control theory advances our understanding of the link between technology and conflict. I test the theory using a multi-method approach that combines case studies with original experiments embedded in surveys fielded on public and military samples. The dissertation also introduces a new research method for international relations research: experimental manipulations embedded in wargames with military participants. In Chapter 1 and 2, I define the concept of crisis escalation and review the literature that examines the effect of technology on escalation and conflict dynamics. I then introduce the theory of technology-enabled escalation control and outline four mechanisms that undergird the theory – increased initiation, tempered/tailored targeting, restrained retaliation, and amplified aggression. Each of these hypothesized mechanisms describes ways in which emerging technologies can prevent crises from escalating into broader or more intense conflicts. Chapter 3 describes each component of the multi-method research design that I use to test the theory in Chapters 4 through 7. Chapter 4 uses experiments embedded in surveys and wargames to assess whether and how drones allow states to more frequently initiate military operations. Chapter 5 tests whether drones enable decisionmakers to control escalation by restraining retaliation after attacks on a state’s drones. Chapter 6 and 7 test the theory in the context of U.S drone use during the Cold War and Israeli drone use from the 1960s through late-2010s. The findings of these empirical tests provide strong support for technology-enabled escalation control. In Chapter 8, I conclude with a summary of the analysis and test the generalizability of the theory beyond the state use of drones. I find that tenets of technology-enabled escalation control explain escalation dynamics associated with U.S. cyber operations against North Korea and Hezbollah’s use of drones against Israel and during the Syrian Civil War. The chapter also maps out pathways for future research and identifies policy implications. My findings suggest the growing proliferation of drones will increase the frequency of military confrontations during crises, yet these confrontations are unlikely to escalate. Even though drones may help control escalation, clearer doctrine, rules of engagement, and international agreements to govern their use will help to further avoid crisis escalation and conflict

Gamification as a neuroergonomic approach to improving interpersonal situational awareness in cyber defense

In cyber threat situations, the establishment of a shared situational awareness as a basis for cyber defense decision-making results from adequate communication of a Recognized Cyber Picture (RCP). RCPs consist of actively selected information and have the goal of accurately presenting the severity and potential consequences of the situation. RCPs must be communicated between individuals, but also between organizations, and often from technical to non-/less technical personnel. The communication of RCPs is subject to many challenges that may affect the transfer of critical information between individuals. There are currently no common best practices for training communication for shared situational awareness among cyber defense personnel. The Orient, Locate, Bridge (OLB) model is a pedagogic tool to improve communication between individuals during a cyber threat situation. According to the model, an individual must apply meta-cognitive awareness (O), perspective taking (L), and communication skills (B) to successfully communicate the RCP. Gamification (applying game elements to non-game contexts) has shown promise as an approach to learning. We propose a novel OLB-based Gamification design to improve dyadic communication for shared situational awareness among (technical and non-technical) individuals during a cyber threat situation. The design includes the Gamification elements of narrative, scoring, feedback, and judgment of self. The proposed concept contributes to the educational development of cyber operators from both military and civilian organizations responsible for defending and securing digital infrastructure. This is achieved by combining the elements of a novel communication model with Gamification in a context in urgent need for educational input.publishedVersio

Cyber Security Politics

This book examines new and challenging political aspects of cyber security and presents it as an issue defined by socio-technological uncertainty and political fragmentation. Structured along two broad themes and providing empirical examples for how socio-technical changes and political responses interact, the first part of the book looks at the current use of cyber space in conflictual settings, while the second focuses on political responses by state and non-state actors in an environment defined by uncertainties. Within this, it highlights four key debates that encapsulate the complexities and paradoxes of cyber security politics from a Western perspective – how much political influence states can achieve via cyber operations and what context factors condition the (limited) strategic utility of such operations; the role of emerging digital technologies and how the dynamics of the tech innovation process reinforce the fragmentation of the governance space; how states attempt to uphold stability in cyberspace and, more generally, in their strategic relations; and how the shared responsibility of state, economy, and society for cyber security continues to be re-negotiated in an increasingly trans-sectoral and transnational governance space. This book will be of much interest to students of cyber security, global governance, technology studies, and international relations

Cyber Threats and NATO 2030: Horizon Scanning and Analysis

The book includes 13 chapters that look ahead to how NATO can best address the cyber threats, as well as opportunities and challenges from emerging and disruptive technologies in the cyber domain over the next decade. The present volume addresses these conceptual and practical requirements and contributes constructively to the NATO 2030 discussions. The book is arranged in five short parts...All the chapters in this book have undergone double-blind peer review by at least two external experts.https://scholarworks.wm.edu/asbook/1038/thumbnail.jp

Modelling and Design of Resilient Networks under Challenges

Communication networks, in particular the Internet, face a variety of challenges that can disrupt our daily lives resulting in the loss of human lives and significant financial costs in the worst cases. We define challenges as external events that trigger faults that eventually result in service failures. Understanding these challenges accordingly is essential for improvement of the current networks and for designing Future Internet architectures. This dissertation presents a taxonomy of challenges that can help evaluate design choices for the current and Future Internet. Graph models to analyse critical infrastructures are examined and a multilevel graph model is developed to study interdependencies between different networks. Furthermore, graph-theoretic heuristic optimisation algorithms are developed. These heuristic algorithms add links to increase the resilience of networks in the least costly manner and they are computationally less expensive than an exhaustive search algorithm. The performance of networks under random failures, targeted attacks, and correlated area-based challenges are evaluated by the challenge simulation module that we developed. The GpENI Future Internet testbed is used to conduct experiments to evaluate the performance of the heuristic algorithms developed