Solorigate attack — the challenge to cyber deterrence

The exploitation of SolarWinds’ network tool at a grand scale, based on publicly disseminated information from Congress and media, represents not only a threat to national security — but also puts the concept of cyber deterrence in question. My concern: Is there a disconnect between the operational environment and the academic research that we generally assume supports the national security enterprise? Apparently, whomever launched the Solorigate attack was undeterred, based on the publicly disclosed size and scope of the breach. If cyber deterrence is not to be a functional component to change potential adversaries’ behavior, why is cyber deterrence given so much attention? Maybe it is because we want it to exist. We want there to be a silver bullet out there that will prevent future cyberattacks, and if we want it to exist, then any support for the existence of cyber deterrence feeds our confirmation bias. Herman Kahn and Irwin Mann’s RAND memo Ten Common Pitfalls from 1957 points out the intellectual traps when trying to make military analysis in an uncertain world. That we listen to what is supporting our general belief is natural — it is in the human psyche to do so, but it can mislead. Here is my main argument — there is a misalignment between civilian academic research and the cyber operational environment. There are at least a few hundred academic papers published on cyber deterrence, from different intellectual angles and a variety of venues, seeking to investigate, explain and create an intellectual model how cyber deterrence is achieved. Many of these papers transpose traditional models from political science, security studies, behavioral science, criminology and other disciplines, and arrange these established models to fit a cyber narrative. The models were never designed for cyber; the models are designed to address other deviate behavior. I do not rule out their relevance in some form, but I also do not assume that they are relevant. The root causes of this misalignment I would like to categorize in three different, hopefully plausible explanations. First, few of our university researchers have military experience, and with an increasingly narrower group that volunteer to the serve, the problem escalates. This divide between civilian academia and the military is a national vulnerability

What is the rationale behind election interference?

Any attempt to interfere with democratic elections, and the peaceful transition of power that is the result of these elections, is an attack on the country itself as it seeks to destabilize and undermine the core societal functions and constitutional framework. We all agree on the severity of these attempts and that it is a real, ongoing concern for our democratic republic. That is all good, and democracies have to safeguard the integrity of their electoral processes. But what is less discussed is why the main perpetrator — Russia, according to media — is seeking to interfere with the U.S. election. What is the Russian rationale behind these information operations targeting the electoral system? The Russian information operations in the fault lines of American society, seeking to make America more divisive and weakened, has a more evident rationale. These operations seek to expand cleavages, misunderstandings and conflicts within the population. That can affect military recruiting, national obedience in an national emergency, and have long-term effects on trust and confidence in the society. So seeking to attack the American cognitive space, in pursuit of split and division in this democratic republic, has a more obvious goal. But what is the Russian return on investment for the electoral operations

Bye bye, cyber Pearl Harbor

The repeated cyber analogy from the US historical past invokes the concept of a “cyber Pearl Harbor,” a story of a pot massive cyber-attack that, with no warning, would knock out American infrastructure and leave the U.S. vulnerable a response. The concept of a cyber Pearl Harbor assumes a surprise attack by a prepared and determined adversary lau premeditated sneak attack that has a systematic and crippling impact on the United States

Leader Loss: Russian Junior Officer Casualties

Open-source researchers at Killed in Ukraine have confirmed 800-plusRussian senior lieutenants and captains KIA. When the loss of wounded inaction (WIA) is added, it is likely that half of all competent ground-fightingcompany commanders in the Russian force in Ukraine are either KIA or WIA.Russia may be running out of missiles, but these can be bought andmanufactured; what they are more certainly lacking is able tactical leaders. Why does this matter? First, tactical leaders are essential to executecombined arms, and company commanders lead the fight by synchronizingfires, movement, and supporting units. A company commander is also thehighest-level officer who knows each soldier in their unit, and can drive theexecution of a mission by his presence. This matters to the Russian army.Motivation and the will to fight have deteriorated over time

Prioritize NATO integration for multidomain operations

After U.S. forces implement the multidomain operations (MDO) concept, they will have entered a new level of complexity, with multidomain rapid execution and increased technical abilities and capacities. The U.S. modernization efforts enhance the country’s forces, but they also increase the technological disparity and challenges for NATO. A future fight in Europe is likely to be a rapidly unfolding event, which could occur as an fait accompli attack on the NATO Eastern front. A rapid advancement from the adversary to gain as much terrain and bargaining power before the arrival of major U.S. formations from the continental U.S. According to the U.S. Army Training and Doctrine Command (TRADOC) Pamphlet 525-3-1, “The U.S. Army in Multi-Domain Operations 2028,” a “fait accompli attack is intended to achieve military and political objectives rapidly and then to quickly consolidate those gains so that any attempt to reverse the action by the [United States] would entail unacceptable cost and risk.” In a fait accompli scenario, limited U.S. Forces are in theater, and the initial fight rely on the abilities of the East European NATO forces. The mix is a high-low composition of highly capable but small, rapid response units from major NATO countries and regional friendly forces with less ability. The wartime mobilization units and reserves of the East European NATO forces follow a 1990s standard, to a high degree, with partial upgrades in communications and technical systems. They represent a technical generation behind today’s U.S. forces. Even if these dedicated NATO allies are launching modernization initiatives and replace old legacy hardware (T72, BTR, BMP, post-Cold War-donated NATO surplus) with modern equipment, it is a replacement cycle that will require up to two decades before it is completed. Smaller East European NATO nations tend to have faster executed modernization programs, due to the limited number of units, but they still face the issue of integrating a variety of inherited hardware, donated Cold War surplus, and recently purchased equipment

If China loses a future war, entropy could be imminent

What happens if China engages in a great power conflict and loses? Will the Chinese Communist Party’s control over the society survive a horrifying defeat? The People’s Liberation Army last fought a massive-scale war during the invasion of Vietnam in 1979, which was a failed operation to punish Vietnam for toppling the Khmer Rouge regime of Cambodia. Since 1979, the PLA has been engaged in shelling Vietnam at different occasions and involved in other border skirmishes, but not fought a full-scale war. In the last decades, China increased its defense spending and modernized its military, including advanced air defenses and cruise missiles; fielded advanced military hardware; and built a high sea navy from scratch. But there is significant uncertainty of how the Chinese military will perform. Modern warfare is integration, joint operations, command, control, intelligence, and the ability to understand and execute the ongoing, all-domain fight. War is a complex machinery with low margins of error and can have devastating outcomes for the ill-prepared. It does not matter if you are against or for the U.S. military operations the last three decades; the fact is that the prolonged conflict and engagement have made the U.S. experienced. The Chinese inexperience, in combination with unrealistic expansionist ambitions, can be the downfall of the regime. Dry swimmers maybe train the basics, but they are never great swimmers

The long-term cost of cyber overreaction

The default modus operandi when facing negative cyber events is to overreact. It is essential to highlight the cost of overreaction, which needs to be a part of calculating when to engage and how. For an adversary probing cyber defenses, reactions provide information that can aggregate a clear picture of the defendant’s capabilities and preauthorization thresholds. Ideally, potential adversaries cannot assess our strategic and tactical cyber capacities, but over time and numerous responses, the information advantage evaporates. A reactive culture triggered by cyberattacks provides significant information to a probing adversary, which seeks to understand underlying authorities and tactics, techniques and procedures (TTP). The more we act, the more the potential adversary understands our capacity, ability, techniques and limitations. I am not advocating a passive stance, but I want to highlight the price of acting against a potential adversary. With each reaction, that competitor gainscertainty about what we can do and how. The political scientist Kenneth N. Waltz said that the power of nuclear arms resides with what you could do and not within what you do. A large part of the cyber force strength resides in the uncertainty in what it can do, which should be difficult for a potential adversary to assess and gauge. Why does it matter? In an operational environment where the adversaries operate under the threshold for open conflict, in sub-threshold cyber campaigns, an adversary will seek to probe in order to determine the threshold, and to ensure that it can operate effectively in the space below the threshold. If a potential adversary cannot gauge the threshold, it will curb its activities as its cyber operations must remain adequately distanced to a potential, unknown threshold to avoid unwanted escalation

Russia’s Military — Losing the Will to Fight

News commentaries, opinion pieces, and editorials tend to focus on the bigger picture. These outlets discuss the clash between political systems, the force ratio, and differences in macroeconomics, and seek to understand the leader’s intent. But the soldier’s view is much more personal —seeing a continuous stream of fellow soldiers die or suffer wounds for months on end; ordered to launch futile attacks the Ukrainians repel; suffering strikes from modern Western weapons with unprecedented effects when you least expect it; daily witnessing spirals of smoke from knocked out tanks, vehicles; barely any company commanders left alive along the front, while more senior officers worrying about HIMARS attacks hide in shelters far from the front; intermittent starvation due to a failed logistic chain; and on top of all this, a national leader in denial. These developments compound one another. A significant number of Russian units have now lost the will to fight (as on the Kharkiv front), placing greater pressure on those with a continuing esprit de corps, and ultimately paving the way for Russian defeat. It doesn’t matter whether Russia has lost 1,500 or 500 tanks; what matters is when Russian troops lose the will to fight. As units start to disintegrate, their casualties soar; Nazi Germany’s casualties on the Eastern front skyrocketed after the fall of 1943, when they lost the initiative and beaten units with intermittent supply and coordination straggled back towards the River Oder and Berlin. Ukraine’s current dual counteroffensive matters because it once again signals to Russian soldiers that their cause is lost, that there is no successful endgame, and that there is only pain and death in front of them. Putin’s grip over Russia is sliding away in slow motion, a drip-drip of authority that increases with every tank turret blasted into the Ukrainian sky. For an authoritarian regime, this is a disaster, and brings nearer the day when the military loses its fear of ignoring or disobeying orders, ceases to fight, and instead trains its disillusioned eyes on the man in the Kremlin who made this mess