Cyber Operations In Wartime

Uploaded on 2021-11-12 in TECHNOLOGY-Key Areas-Social Media, GOVERNMENT-Defence, FREE TO VIEW

Headlines about cyber warfare often focus on doomsday scenarios, with depictions of nation-states using “cyber bombs” to remotely dismantle electric grids and other critical infrastructure

Yet recent events, including Russia’s use of cyber operations for information warfare and propaganda, suggest that policymakers and military leaders need to broaden their assumptions about how state and non-state actors are likely to use such operations in future conflicts. 

To investigate the role of cyber operations in diverse crisis scenarios, the UC Berkeley Center for Long-Term Cybersecurity  (CLTC) has developed two distinct wargame formats the use  innovative methodology for investigating competition among diverse actors to determine their likely strategic preferences.

Island Impact & Netwar

In the Island Impact game, players represented either the US or China in a simulated crisis in the South China Sea. In Netwar the players took on the role of either a national government or one of three opposition groups (a violent non-state actor, major international firm, or cyber activist network) in the context of an escalating conflict.

  • CLTC first ran these games with university students and national security professionals to examine how the participants approached incorporating cyber capabilities with more conventional tools of statecraft.
  • CLTC then constructed a survey experiment involving more than 3,000 internet users to identify which of the strategies identified in the wargame they preferred.

The wargames and survey experiments both showed that cyber capabilities produce a moderating influence on coercive exchanges and crisis escalation.

Cyber-based instruments of power appear to offer states a means of managing escalation ‘in the shadows’.

Cyber conflict appears in these simulations to resemble covert action and looks more like the ‘political warfare’ of the Cold War than it does a military revolution. The research work suggests that leaders should think about cyber exchanges in crisis settings more as political warfare and subterfuge than as traditional warfighting. 

Among The  CLTC's Key Findings:

Cyber exchanges will not necessarily be escalatory:

Particularly in state-to-state crises, participants were restrained in their use of cyber tools, suggesting that cyber capabilities may not necessarily be a preferred choice for provocative escalations.

Cyber deterrence may be overhyped:

In the context of cyberspace, the logic of coer-cion—the use of threats and limited action to alter behavio is less about deterrence (i.e. the threat of force) than about signaling resolve and undermining adversaries from within.

Power disparities had limited influence on decision-making:

Even players who were more powerful than their opponents used restraint, suggesting that cyber operations may in fact help stabilize strategic interactions between rivals.

Regime type informs cyber strategy preferences: 

Actors took a more defensive posture when the polity they were contesting was a democracy, as opposed to an autocracy.

Cyber strategy is “issue-agnostic”:

The nature of the conflict has little impact on the use of cyber capabilities, as different issues driving conflict, ideology or ethnic minority rights, did not produce observable differences in cyber strategy preferences.

The report, sponsored by the UC Berkeley, gives an overview of the implications for policymakers and military leaders as they make decisions about cybersecurity and anticipate how rivals will use cyber space in future crises linked below. 

Academia. Edu:

You Might Also Read: 

Reshaping The Future Of War With Malware:

 

« Alarming Surge In Malicious Apps
Endpoint Security Is More Important Than Ever »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions is the manufacturer of the mobile device management solution Cortado MDM.

MSG Systems

MSG Systems

MSG are committed to intelligent IT and industry solutions and offer independent consulting on all aspects of information security.

Tessian

Tessian

Tessian (formerly CheckRecipient) is a next-generation email security platform that helps enterprises counteract human error and significantly reduce the risk of data loss.

Auxilium Cyber Security

Auxilium Cyber Security

Auxilium Cyber Security is independent information security consultancy company.

Slovenian Digital Coalition

Slovenian Digital Coalition

Slovenian Digital Coalition is a coalition working in the field of smart cities, e-commerce, e-skills, e-inclusion, cyber security, internet and other areas related to developing the digital society.

Zivaro

Zivaro

Zivaro provides transformational consulting and technology services to help clients attain real business value from their technology investments.

DataArt

DataArt

DataArt is a global technology consultancy that designs, develops and supports unique software solutions. Areas of activity include software security testing.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

Touchstone Security

Touchstone Security

Touchstone Security is a company with a passion for technology, a hyper-focus on cybersecurity, and a special affinity for cloud technology.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Consulting Services to help you secure your mission-critical systems.

International Cybersecurity Forum (FIC)

International Cybersecurity Forum (FIC)

The International Cybersecurity Forum (FIC) has established itself as the benchmark event in Europe in terms of digital security and trust.

Prodera Group

Prodera Group

Prodera Group is a specialist technology consulting partner trusted to help navigate the complex and dynamic lifecycle of change and transformation.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

CertiProf

CertiProf

CertiProf has been enhancing professional lives since 2015, offering a wide range of IT certifications and agile framework training.

Castlepoint Systems

Castlepoint Systems

Castlepoint Systems is a pioneer in information governance, risk and compliance as a service. An all-in-one solution offering powerful risk management, built in compliance, cybersecurity and audit.

RKON

RKON

RKON Technologies provides managed IT and cybersecurity services to organizations across various industries, helping businesses mitigate risks and secure their digital infrastructures.