3. What’s our MOOSE MUSS for cyberwar?
Conventional (US Military) Net-Centric Cyber
Mass N/A ???
Objective N/A ???
Offensive Opportunity ???
Security N/A ???
Economy of Force Economy of Force ???
Manoeuvre Dislocation ???
Unity of command N/A ???
Surprise Surprise ???
Simplicity N/A ???
4. What’s our MOOSE MUSS for cyberwar?
Principles of War for the Information Age, Lt Col Robert Leonhard, 1998
5. Spectrum of cyber conflict
Cognitive effects for below-threshold/quasi hot wars:
Cyber-enabled information/psychological operations
Power projection
Political coercion/blackmail
Regime instability
Narrative wars
Separatism & insurgency
Data-driven behaviour modelling
Shooting wars
Sabotaging morale, cohesion & will to fight
Societal chaos
No such
thing as
TOTAL
CYBER
WAR
Strategic Cyber
Electromagnetic
Activities
Breaking nuclear
deterrence
Breaking M.A.D
Cyber Commitment
Problem
6. No such thing as Total Cyber War
In cyber, the grey zone is the red zone, and the red zone is the grey zone
Kinetic, cyber-physical or blow-stuff-up cyber is a MYTH
Cyber as a force-multiplier for a hot war has had little success
7. Cyber war & peace
The nature of war hasn’t changed, the nature of peace has.
-- Edward Sobiesk, US Army Cyber Institute
8. Cyber war & peace
In the 21st century, we have seen a tendency toward blurring
the lines between the states of war and peace. Wars are no
longer declared and, having begun, proceed according to an
unfamiliar template.
-- Valery Gerasimov, Chief of General Staff, Russian Armed Forces
10. Cyber conflict is truly cognitive
Stuxnet
• “Not just a cyber effort against Iran’s nuclear capability but the announcement of a team. A rather huge team
that has been playing World-Cup level soccer on the cyber battlefield for a decade and a half.” – Dave Aitel, ex-
NSA
• It had the “whiff of August 1945.” – Gen Michael Hayden, ex-NSA & CIA
• “Continues to be misunderstood by many as a straightforward destruction event.” – Joe Slowik, ex-US Navy
Sandworm
• “Sandworm operations targeting Ukrainian electric infrastructure undermined public confidence in
stability/integrity of critical infrastructure and key resources.” -- Joe Slowik, ex-US Navy
12. Cyber conflict is truly cognitive
The objective is not kinetic but cognitive effect, the
manipulation of information to change thoughts and
behaviors. In essence, the strategic goal is to affect morale,
cohesion, political stability, and, ultimately, diminish the
opponent’s will to resist.
-- James Lewis, Centre for Strategic & International Studies
13. Cyber conflict is truly cognitive
“Offensive cyber operations act most directly on intangibles -- information,
knowledge, and confidence.”
-- Herbert Lin, Stanford
14. Cyber conflict is truly cognitive
Cyber effects are a subset of “full-spectrum information operations.”
Full-spectrum information operations capabilities can yield powerful results - including changing
the behaviour of an adversary national command authority - without resorting to traditional
force-related actions.
-- Joe Slowik, ex-US Navy
16. US cyber apparatus
Continued export of conventional parameters &
principles
Very kinetic mentality
Fixation with the Law of Armed Conflict-governed,
legally-sanctioned effects (5Ds)
Slight aversion to info ops due to legal ambiguity
Russian cyber apparatus
Totally in the cognitive dimension
Export of cognitive parameters like “reflexive control;”
many decades of experience
Subset of full-spectrum info ops under hybrid war
Pre-empted the exploitation of legal ambiguity on cyber &
info ops to carve new thresholds
Dirt cheap
Shifting from kinetic to cognitive: parameters
17. “Offer” as an extremely powerful cyberweapon (e.g. hack-and-leak ops)
- Wikileaks
- DNC Hack
- Panama Papers
- Paradise Papers
- CNBT Leak
- Disabling the Great Firewall
- Cyber National Mission Force’s declaratory signalling on VirusTotal
Shifting from kinetic to cognitive: parameters
18. • All cyber operations are information operations in disguise
• All cyber operations could be deemed as information operations even after full denouement
• Cyber-enabled information operations, too, exploit the cybersecurity triad: confidentiality, integrity
& availability
-- “Applying Information Security Paradigms to Misinformation Campaigns” by Misinfosec
Shifting from kinetic to cognitive: parameters
19. Jackie Schneider, former US Naval War College
She’s mainly talking about cyber-physical ops
Shifting from kinetic to cognitive: parameters
20. • Deterrence
• Proportional response
• Theatre of operations
Actually, every cyber-military parameter could be cognitive
22. Daniel Moore of King’s College London divides cyber operations into two broad
categories:
Event-based & Presence-based
Broad categorisation of cyber operations
24. Presence-based operations prime the battlefield for event-based operations.
“At a place & time of choosing…”
Broad categorisation of cyber operations
26. The adversarial environment is perpetually in a state of violent flux:
• Basically millions of layers of architectural abstractions & interfaces
• Configurations change, users log-out, patches get applied, trust relationships alter &
applications get updated
Broad categorisation of cyber operations
27. In cyberspace, a small change in configuration of the target machine, system, or network can often
negate the effectiveness of a cyber weapon against it. This is not true with weapons in other physical
domains…The nature of target-weapon interaction with kinetic weapons can usually be estimated on
the basis of physics experimentation and calculation. Not so with cyber weapons. For offensive cyber
operations, this extreme “target dependence” means that intelligence information on target
characteristics must be precise, high-volume, high-quality, current, and available at the time of the
weapon’s use.
-- Chris Inglis, former Deputy Director, NSA
Cyber-ISR frameworks: Extreme target dependence
28. Inglis argues that fielding “ubiquitous, real-time and persistent” intelligence, surveillance
and reconnaissance (ISR) frameworks is crucial for mustering the ability to produce
cyber effects at a place and time of choosing.
Cyber-ISR frameworks: Extreme target dependence
29. This is your offensive toolchain
Only 20% of it actually manifests over
adversarial infrastructure An exploit could be just this
30. You need a lot of people to have a small number of hackers hacking.
-- Grugq
31. • Nation-state (internal)
• Nation-state (blended)
• Nation-state (external)
• Mercenary configurations (criminal)
• Mercenary configurations (hacktivist)
• Mercenary configurations (private sector)
• Mercenary configurations (former/parallel)
-- “Draw me like one of your French APTs – expanding our descriptive palette for cyber threat
actors,” Juan Andres Guerrero-Saade
Offensive toolchains: organisational structures
32. Would you ever outsource a surgical strike to a private mercenary, because
that’s what we are doing.
Offensive toolchains: organisational structures
34. Successful strategies must proceed from the premise that cyberspace is continuously contested
territory in which we can control memory and operating capabilities some of the time but cannot
be assured of complete control all of the time or even of any control at any particular time.
-- Surviving on a Diet of Poisoned Fruit, Richard Danzig
Defend Forward as a forward-operated counterinsurgency
35. • Highly attritive
• Necessitates persistent engagement
• Will remain fully extrajudicial
Defend Forward as a forward-operated counterinsurgency
36. LOAC doesn’t work in cyberspace
• Rear Admiral Mohit Gupta’s assertion is misplaced
• Cyber doctrines are assiduously divorcing themselves from the impracticality & dogma of law of
armed conflict
• Cyber effects are too cascading & cognitive to ever be accounted for like munitions
• The generals should be leading from behind
37. LOAC doesn’t work in cyberspace
Augustine and Aquinas (and Mahabharat) had a stunningly long run…today’s world, based as it is on
digital information and increasingly intelligent information-processing, points the way to a beast so big
and so radically different, that the core of this duo’s insights needs to be radically extended.
-- Selmer Bringsjord, Rensselaer Polytechnic Institute
38. LOAC doesn’t work in cyberspace
Paul Ney, the General Counsel of the U.S. Department of Defence:
He talked about cyberspace, postulating a “common understanding” that international law principles
apply, coupled with much disagreement about details, including the presumptive validity of “territorial
analogies and precedents.” At the same time, he stressed the need for law to be cognizant of the U.S.
cyber-strategy to “defend forward,” which did not necessarily line up neatly to “international
territorial boundary lines.
40. This multidimensional space [of data-driven behavioural modelling] is the battlefield…
this abstract space of ideas. Adversaries are now able to visualise at that level.
-- Dr David Perlman, applied physics from Caltech, electrical engineering at the University of
Washington & cognitive sciences doctorate at University of Wisconsin-Madison
Battlespace as an abstract space of ideas
44. Wg Cdr Keith Dear
• RAF Intelligence Officer: Innovation lead in the UK’s Joint Warfare directorate & Air Staff’s Fellow,
Research Fellow at Oxford’s Changing Character of War Programme
• Warfare is fundamentally persuasive. So, it has a psychological/cognitive premise. Psychology must
play a much greater role in your operational, tactical & strategic planning
• Humans really are “biochemical algorithms, reducible to input-output mechanisms”
• Kahneman-Tversky showed that we make probabilistic, predictable, replicable errors which’re
exploitable (wow!)
45. Wg Cdr Keith Dear
• By 2020, data brokers would’ve 5200 GB of data/person. Imagine the role of intel officers
• Netflix’s recommendation is quite akin to the military perspective of “reinforcing success.” PW Singer calls it
weaponised experimentation
• Bank of England replaces public opinion surveys with Spotify data (you can depress an adversary, too)
• Shared stage with Dominic Cummings, key orchestrator of Brexit. Cummings at a behavioural science
conference: “I didn’t employ anyone like you. I employed physicists & mathematicians for micro-targeting”
• 1. Our social structures remain same throughout life (people change). That’s how you target Putin. 2. Most of our
decisions are pre-ordained. 3. Germans, by creating the staff system, modelled Napoleon out of every soldier
(humans = algorithms)