Cyber Operations In Wartime

Headlines about cyber warfare often focus on doomsday scenarios, with depictions of nation-states using “cyber bombs” to remotely dismantle electric grids and other critical infrastructure

Yet recent events, including Russia’s use of cyber operations for information warfare and propaganda, suggest that policymakers and military leaders need to broaden their assumptions about how state and non-state actors are likely to use such operations in future conflicts. 

To investigate the role of cyber operations in diverse crisis scenarios, the UC Berkeley Center for Long-Term Cybersecurity  (CLTC) has developed two distinct wargame formats the use  innovative methodology for investigating competition among diverse actors to determine their likely strategic preferences.

Island Impact & Netwar

In the Island Impact game, players represented either the US or China in a simulated crisis in the South China Sea. In Netwar the players took on the role of either a national government or one of three opposition groups (a violent non-state actor, major international firm, or cyber activist network) in the context of an escalating conflict.

  • CLTC first ran these games with university students and national security professionals to examine how the participants approached incorporating cyber capabilities with more conventional tools of statecraft.
  • CLTC then constructed a survey experiment involving more than 3,000 internet users to identify which of the strategies identified in the wargame they preferred.

The wargames and survey experiments both showed that cyber capabilities produce a moderating influence on coercive exchanges and crisis escalation.

Cyber-based instruments of power appear to offer states a means of managing escalation ‘in the shadows’.

Cyber conflict appears in these simulations to resemble covert action and looks more like the ‘political warfare’ of the Cold War than it does a military revolution. The research work suggests that leaders should think about cyber exchanges in crisis settings more as political warfare and subterfuge than as traditional warfighting. 

Among The  CLTC's Key Findings:

Cyber exchanges will not necessarily be escalatory:

Particularly in state-to-state crises, participants were restrained in their use of cyber tools, suggesting that cyber capabilities may not necessarily be a preferred choice for provocative escalations.

Cyber deterrence may be overhyped:

In the context of cyberspace, the logic of coer-cion—the use of threats and limited action to alter behavio is less about deterrence (i.e. the threat of force) than about signaling resolve and undermining adversaries from within.

Power disparities had limited influence on decision-making:

Even players who were more powerful than their opponents used restraint, suggesting that cyber operations may in fact help stabilize strategic interactions between rivals.

Regime type informs cyber strategy preferences: 

Actors took a more defensive posture when the polity they were contesting was a democracy, as opposed to an autocracy.

Cyber strategy is “issue-agnostic”:

The nature of the conflict has little impact on the use of cyber capabilities, as different issues driving conflict, ideology or ethnic minority rights, did not produce observable differences in cyber strategy preferences.

The report, sponsored by the UC Berkeley, gives an overview of the implications for policymakers and military leaders as they make decisions about cybersecurity and anticipate how rivals will use cyber space in future crises linked below. 

Academia. Edu:

You Might Also Read: 

Reshaping The Future Of War With Malware:

 

« Alarming Surge In Malicious Apps
Endpoint Security Is More Important Than Ever »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

CyberVista

CyberVista

CyberVista is a cybersecurity training education and workforce development company. Our mission is to eliminate the skills gap by creating job ready professionals.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

Yelbridges

Yelbridges

Yelbridges is your reliable partner in all fields of IT-Security, from developing of Security Policies and Guidelines to the design and implementation of secure processes.

Cyber Physical Security Research Center (CPSEC)

Cyber Physical Security Research Center (CPSEC)

CPSEC aims to contribute to the security enhancement of industrial infrastructure that creates value across cyber space and physical space.

Quantstamp

Quantstamp

Quantstamp are experts in Smart Contract Security Audits. We provide verification that your decentralized system works as intended.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

Allthenticate

Allthenticate

Allthenticate Single Device Authentication (SDA), enables seamless authentication in both the physical and digital words while unifying management in one easy-to-use interface.

Cybersecure Policy Exchange (CPX)

Cybersecure Policy Exchange (CPX)

Cybersecure Policy Exchange is a new initiative dedicated to advancing effective and innovative public policy in cybersecurity and digital privacy.

Barikat Cyber Security

Barikat Cyber Security

Barikat is a provider of information security solution and services including security analysis and compliance, security testing, managed security services, incident response and training.

CITRA - Information Security and Emergency Response

CITRA - Information Security and Emergency Response

CITRA is responsible for overseeing the telecommunications sector, monitoring and protecting the interests of users and service providers, and regulating the services of telecomms networks in Kuwait.

Advantage

Advantage

Advantage exists to provide peace of mind in an evolving technology reliant world. We were created by visionaries who for nearly 4-decades have been passionate about providing world-class solutions.

Celebrus

Celebrus

Celebrus Fraud Data Platform, by D4t4 Solutions, works with existing fraud structures to augment functionality and turn fraud management into true fraud prevention.

McAfee

McAfee

McAfee is a worldwide leader in online protection. We’re focused on protecting people, not devices. Our solutions adapt to our customers’ needs and empower them to confidently experience life online.

HWG

HWG

HWG is a company specialized in providing cyber security solutions and consulting services.