This document provides a summary of a paper analyzing the cyber security dilemma between the United States and China. It begins with an introduction outlining increased cyber attacks and the resulting buildup of cyber capabilities in the US and China. It then provides definitions of key terms and reviews relevant literature on the modern security dilemma with China, US-China relations, and cyber security. The literature discusses factors that can exacerbate or alleviate security dilemmas and different viewpoints on China's rise and the threat it poses. The document aims to determine if the US and China are justified in their reactions or if their actions are contributing to an escalating cyber security dilemma.
This book review summarizes the key points of the book "Cyber War: The Next Threat to National Security and What to Do About It" by Richard Clarke and Robert Knake. The summary is as follows:
1. The book aims to warn Americans about the growing threat of cyber war and proposes a "Defensive Triad" strategy to protect critical infrastructure.
2. The first half documents evidence of current cyber attacks and outlines vulnerabilities in the US cyber defenses. The second half proposes the Defensive Triad of monitoring internet traffic, securing critical infrastructure like the power grid, and improving military cyber defenses.
3. While the authors are experts, the book provides no citations to support facts, leaving
The document summarizes a policy analysis paper that examines the nature of cyber conflict between states from 2000 to 2016. It finds that while cyber operations have not generally led to escalation, recent policy shifts in the US under the Trump administration increase the risk of inadvertent escalation. Specifically, the paper argues that adopting an offensive cyber strategy based on preemption is dangerous and counterproductive, as cyberspace has primarily involved covert operations for political signaling rather than direct attacks. The analysis recommends a more restrained defensive approach focused on intelligence sharing and hardening systems.
The document analyzes the 2001 cyber attacks between the United States and China following a collision between a U.S. plane and Chinese fighter jet. Chinese hackers began attacking U.S. websites in protest, and U.S. hackers retaliated, launching a 7-day cyber battle. The attacks involved web defacement, viruses, and DDoS attacks targeting government websites. Both sides were motivated by patriotism and tensions between the countries. The U.S. responded defensively while China took a more offensive approach. The attacks exposed vulnerabilities in how each country approached cyber defense and deterrence at the time.
The document discusses the United States' current cyber strategy and whether it supports offensive cyber operations. It analyzes several scholarly articles on cyber warfare doctrine and strategy. While the articles provide examples of states conducting offensive cyber attacks, the document's hypothesis is that the US cyber strategy focuses on defense and does not explicitly support offensive computer network attacks to achieve national security objectives. The purpose is to examine US cyber strategy and determine if it should incorporate offensive operations to help achieve national goals.
This summary provides an overview of the document, which appears to be an annotated bibliography written by Jerica Knox for an English class. The bibliography includes summaries of five sources that Knox will use for a research paper on airport security. The sources evaluate whether security measures are effective at preventing terrorist threats on planes and in airports. One source criticizes the Department of Homeland Security for failing to adequately protect infrastructure. Another argues new legislation has not improved security and expresses doubt about the ability to fully secure borders. A film segment discusses how explosives can evade x-ray detection. The bibliography demonstrates Knox has selected sources from diverse formats to incorporate differing viewpoints in her evaluation of airport security.
The document discusses the increasing tensions around cyber warfare between nations. It notes that in 2013, President Obama publicly accused the Chinese government of cyber attacks against the US. Experts predict that state-sponsored cyber attacks will become more common and potentially lethal in 2013. While there is no consensus on what constitutes an act of cyber war, events like US and Iranian attacks suggest the cyber war may already be underway. Nations are rapidly expanding their cyber military programs and capabilities. The US in particular is developing both defensive and offensive cyber strategies, but critical infrastructure remains vulnerable to disruptive attacks.
International Strategy for Cyberspace_ Kinetic Solutions to Virtual ChallengesChikere Uchegbu
- President Obama outlined a new U.S. strategy for cyberspace in 2011 that asserts the right to retaliate against cyber attacks using conventional military means.
- The strategy aims to deter cyber attacks, particularly from China which is viewed as the most prolific perpetrator of cyber espionage against the U.S.
- The document analyzes whether the new strategy could lead to a conventional war between the U.S. and China by examining their economic interdependence and applying international relations theories to assess the likelihood of conflict.
This book review summarizes the key points of the book "Cyber War: The Next Threat to National Security and What to Do About It" by Richard Clarke and Robert Knake. The summary is as follows:
1. The book aims to warn Americans about the growing threat of cyber war and proposes a "Defensive Triad" strategy to protect critical infrastructure.
2. The first half documents evidence of current cyber attacks and outlines vulnerabilities in the US cyber defenses. The second half proposes the Defensive Triad of monitoring internet traffic, securing critical infrastructure like the power grid, and improving military cyber defenses.
3. While the authors are experts, the book provides no citations to support facts, leaving
The document summarizes a policy analysis paper that examines the nature of cyber conflict between states from 2000 to 2016. It finds that while cyber operations have not generally led to escalation, recent policy shifts in the US under the Trump administration increase the risk of inadvertent escalation. Specifically, the paper argues that adopting an offensive cyber strategy based on preemption is dangerous and counterproductive, as cyberspace has primarily involved covert operations for political signaling rather than direct attacks. The analysis recommends a more restrained defensive approach focused on intelligence sharing and hardening systems.
The document analyzes the 2001 cyber attacks between the United States and China following a collision between a U.S. plane and Chinese fighter jet. Chinese hackers began attacking U.S. websites in protest, and U.S. hackers retaliated, launching a 7-day cyber battle. The attacks involved web defacement, viruses, and DDoS attacks targeting government websites. Both sides were motivated by patriotism and tensions between the countries. The U.S. responded defensively while China took a more offensive approach. The attacks exposed vulnerabilities in how each country approached cyber defense and deterrence at the time.
The document discusses the United States' current cyber strategy and whether it supports offensive cyber operations. It analyzes several scholarly articles on cyber warfare doctrine and strategy. While the articles provide examples of states conducting offensive cyber attacks, the document's hypothesis is that the US cyber strategy focuses on defense and does not explicitly support offensive computer network attacks to achieve national security objectives. The purpose is to examine US cyber strategy and determine if it should incorporate offensive operations to help achieve national goals.
This summary provides an overview of the document, which appears to be an annotated bibliography written by Jerica Knox for an English class. The bibliography includes summaries of five sources that Knox will use for a research paper on airport security. The sources evaluate whether security measures are effective at preventing terrorist threats on planes and in airports. One source criticizes the Department of Homeland Security for failing to adequately protect infrastructure. Another argues new legislation has not improved security and expresses doubt about the ability to fully secure borders. A film segment discusses how explosives can evade x-ray detection. The bibliography demonstrates Knox has selected sources from diverse formats to incorporate differing viewpoints in her evaluation of airport security.
The document discusses the increasing tensions around cyber warfare between nations. It notes that in 2013, President Obama publicly accused the Chinese government of cyber attacks against the US. Experts predict that state-sponsored cyber attacks will become more common and potentially lethal in 2013. While there is no consensus on what constitutes an act of cyber war, events like US and Iranian attacks suggest the cyber war may already be underway. Nations are rapidly expanding their cyber military programs and capabilities. The US in particular is developing both defensive and offensive cyber strategies, but critical infrastructure remains vulnerable to disruptive attacks.
International Strategy for Cyberspace_ Kinetic Solutions to Virtual ChallengesChikere Uchegbu
- President Obama outlined a new U.S. strategy for cyberspace in 2011 that asserts the right to retaliate against cyber attacks using conventional military means.
- The strategy aims to deter cyber attacks, particularly from China which is viewed as the most prolific perpetrator of cyber espionage against the U.S.
- The document analyzes whether the new strategy could lead to a conventional war between the U.S. and China by examining their economic interdependence and applying international relations theories to assess the likelihood of conflict.
The document analyzes the stump speeches of Republican and Democratic candidates campaigning in the 2002 midterm elections shortly after 9/11. The Republican argues that Iraq poses an imminent threat and supports invading Iraq to stimulate fears around national security and encourage votes. The Democrat argues there is no serious threat from Iraq and emphasizes traditional Democratic issues to concern voters more with those. Both candidates take the only viable positions given the public's associations between the parties and foreign policy versus domestic issues.
This document discusses improving the classification of terrorist attacks in Iraq through data preprocessing techniques applied to the Global Terrorism Database. It analyzes different methods for dealing with missing data values and data discretization and evaluates various classifiers. The study finds that data preprocessing significantly reduces classification error rates and adding GPS coordinates for attack locations can further improve accuracy. Traditional statistical modeling of terrorism has limitations that computational analysis and visualization tools can help address by revealing patterns in the data.
Chinese cyberattacks against the US pose long term threats to national security. The US power grid and critical infrastructure sectors are most vulnerable. While the daily number of attacks has decreased since 2015 agreements, China has increased sophistication so attacks are harder to detect. The US lacks effective countermeasures and China has no incentive to fully stop cyber espionage. Future disputes could prompt more attacks aimed at the US private sector.
The document summarizes a presentation arguing that existing international laws of war can adequately address issues raised by cyber warfare, without needing new treaties. It outlines the current legal framework, including when cyber attacks may constitute use of force or armed attacks. It also discusses challenges like attribution and dual-use networks. The presentation argues against new treaties for cyber warfare, saying adversaries would not comply and existing laws can adapt to technology changes.
This document is a chapter from a student paper that examines the theory that coevolution has led to the militarization of emergency management in the United States post-9/11. The chapter provides background on coevolution and discusses how it can be applied to explain changes in emergency management and homeland security frameworks over time. It also reviews literature on topics like the historical involvement of the military in disasters, the successes of FEMA under James Lee Witt, and the increased national security focus of homeland security after 9/11. The student argues that analyzing these issues through a longitudinal case study using coevolution as a framework can provide insights into how emergency management has become more militarized.
China poses the biggest long-term threat to U.S. cybersecurity through frequent cyberattacks. While attacks have decreased in recent years due to an agreement between the U.S. and China, the threat is expected to increase again over the long term as China has no incentive to fully stop attacks. The U.S. private sector and critical infrastructure are most vulnerable. A major international dispute could prompt a large-scale Chinese cyberattack against the U.S. as retaliation.
CJ513Unit 3 DQTopic #1The Definition of CyberterrorismDiVinaOconner450
CJ513
Unit 3 DQ
Topic #1
The Definition of Cyberterrorism
Discuss the current debate surrounding the definition of cyberterrorism. Why is there no common definition? What are some of the challenges associated with establishing a common definition? Provide examples of two competing definitions of cyberterrorism from different sources and discuss the differences between the definitions. What are the implications of these differences? Be sure to properly cite and reference sources used
Topic #1: Student Response #1(Respond to Joe)
Joe Cacioppo
Good evening class,
This was an interesting topic to research and had not given much thought to the nuances in defining and making a distinction between cyberterrorism and cybercrime. I was also surprised to hear there was not a common definition of cyberterrorism. I reviewed the United States Department of Justice Federal Bureau of Investigation website and found an article written by Tafoya (2011), who defined cyberterrorism as “the intimidation of civilian enterprise through the use of high technology to bring about political, religious, or ideological aims, actions that result in disabling or deleting critical infrastructure data or information.”
An alternate definition according to the Center for Strategic and International Studies (CSIS) defined cyberterrorism as, ““the use of computer network tools to shut down critical national infrastructures (e.g., energy, transportation, government operations) or to coerce or intimidate a government or civilian population.” (Tafoya, 2011.)
In comparing the two different definitions given, the similarities include the use of technology to coerce or intimidate to produce a change. The differences in the FBI definition have a better defined group of targeted populations for change, for example political, religious or ideological change. I have not seen an implication between the differences in the two given definitions. The end result, and the methods for cyberterrorism is similar.
Additional research on cyberterrorism described the activity as any premeditated, politically motivated attack against information systems, programs and data that results in violence against noncombatant targets by subnational groups of clandestine agents, (Hanna, et. al., nd.)
References:
Hanna, H.T., Ferguson, K, Rosencrance, L. (nd.) Techtarget network. Cyberterrorism. https://searchsecurity.techtarget.com/definition/cyberterrorism
Tafoya, W.L. 2011. The United States Department of Justice. Cyber Terror. https://leb.fbi.gov/articles/featured-articles/cyber-terror
Topic #1: Student Response #2(Respond to Elizabeth)
Elizabeth Stuart
Cyberterrorism, while understood by some on a basic level, remains an elusive concept to many. There is no agreed upon definition in academia or government for this term. Due to this, it can be difficult to pinpoint what exactly constitutes cyberterrorism. In their article, Klein (2018) utilized a definition by Denning (2000), who described cyber ...
This document discusses cyberterrorism and the challenges around defining it. It provides definitions of cyberterrorism from different sources, which vary in their descriptions of the perpetrator, motive, target, and intent. Specifically, the definitions differ most in their characterizations of the perpetrator and intent. The lack of a clear, agreed-upon definition has made it difficult to establish governance and laws around cyberterrorism. Having a shared understanding of what cyberterrorism is would help address this growing threat in a more coordinated way.
Appraising Security AssignmentAfter reading Keith Krause and Mi.docxjewisonantone
Appraising Security Assignment
After reading Keith Krause and Michael C. Williams, “Broadening the Agenda of Security Studies: Politics and Methods”
and
Buzan and Hansen, “The Evolution of International Security Studies, Ch.7: Widening and Deepening Security article”
.
Students will ask
three individuals
- a grandparent, family member, and/or friend - about their knowledge of the most pressing security concerns today and in twenty years. Once you have conducted the interview (questions available in Canvas) and collected information from the interview, you will write a synopsis about the individuals you interviewed and provide an analysis utilizing the reading listed above.
Why is this an important activity?
Learning about and writing an analysis of individuals perception aids students in distinguishing between stories that are fictional and the real-life dynamics of our world. In addition, it aids in understanding the evolution of security concerns and how those concerns are compared to peoples’ values; thus, mindset (view of the world).
Final Submission must include:
(between 4 ½ - 5 pages- does not include the reference page or appendix)
-
Due June 20th
Utilize the following resources for this assignment.
Appraising Security Interview Guide.pdf
INR 3081 Appraising Security Interview Form .docx
Make sure each of the three sections/headers below is outlined accordingly in your final submission. Simply, add section headers to your submission.
Interviewee Observation and Application:
10 points
In your submission
describe
what you have drawn (broad assumptions) about the experiences of
each
person interviewed. (2 paragraph)
Reference each interview in the context of your analysis with either the respondents’ alias (a name you made up) or as Respondent 1, Respondent 2, or Respondent 3.
Then,
compare and contrast
each respondents’ answers regarding security concerns to the arguments brought forth in the Keith Krause and Michael C. Williams, “Broadening the Agenda of Security Studies: Politics and Methods” and Buzan and Hansen, “The Evolution of International Security Studies,
7
: Widening and Deepening Security article (2 paragraphs –one paragraph per article)
Draw specific assertions from the reading
to compare to the respondents’ responses (in-text citation is required)
Self-Analysis and Application:
14 points
Discuss
how this assignment and course impacted your thoughts about security and how individuals define what is security and its correlation to our values. (2 paragraphs)
What do
you
(not the respondents) believe is the most pressing security
concerns in the world
today
? (1paragraph)
How
has nationalism
influenced the most pressing security concerns in the world today? (1paragraph)
What do you
(not the respondents)
believe will be the most pressing security challenges
in twenty years
? (1paragraph)
How would you
resolve this forecasted (in twenty years) sec.
Cyber Security and Terrorism Research Article2Cybe.docxrandyburney60861
Cyber Security and Terrorism Research Article
2
Cyber Security and Terrorism Research Article
Senior Capstone
Introduction
Homeland Security has a wide range of organizations that fills in as a way to deal with shielding the United States locally and universally. These offices incorporate however are not restricted to U.S. Customs and Border Patrol, Transportation Security Administration, United States Coast Guard, Cybersecurity and Infrastructure, and so forth. These offices serves the administration in tending to at least one stages. For instance, The Federal Emergency Management Agency, otherwise called FEMA, is an organization that serves numerous partners in mitigating, planning, responding, and recovering from catastrophic events.
On a bigger degree, Cybersecurity is a developing and learning field that is utilized in Cybersecurity and Infrastructure and different organizations to shield significant specialized data from fear monger assaults, for example, hacking. Its primary unit of examination is the administration where relieving is the stage being polished. This principle point is basic to the Homeland Security and Emergency Management's (HSEM) discipline. As of now, there is an issue of how does Cybersecurity adequately change the danger of psychological militant assaults, wherein there are sure and negative credits to its methods for assurance. Innovation, organize security, basic frameworks including PC frameworks, and so forth is the thing that makes up Cybersecurity.
In spite of the fact that there might be a comprehension of what fear based oppression is, there has not yet been an unequivocal meaning of psychological oppression. As per Wilson, a few definitions for digital fear mongering can result from the assailants expectation while others centers on the impacts of the assault itself (Wilson, 2007). A few assaults can bring about mischief causing the death toll or harm while different assaults may bring about troublesome PCs and dread equivalents to fear based oppression. There should be a control on the yield of what dread is truly delegated with regards to an assault. When an infection occurs on a PC, is the proprietor of that PC apprehensive? On the off chance that the proprietor is apprehensive does it add up to a similar sort of dread starting at an aggressor from an alternate nation causing the infection? This can be alluded to what was the reason for that infection in any case.
When managing Cybersecurity and fear based oppression, there should be a decent measure of assaults occurring on the double or sequentially to cause dread inside the organization or nation. Digital fear mongers are seen assaulting different organizations consecutive for an extensive stretch in result accomplishing their objectives or if nothing else making consideration them (Lewis, 2002). In the event that the fear based oppressor neglects to increase any profit by their assault on a lot of PC frameworks, at that point it would n.
HOW REVERSIBILITY DIFFERENTIATES CYBER FROM KINETIC WARFARE: A CASE STUDY IN ...ijsptm
A pair of attacks on energy sector assets offers a unique opportunity to better understand the differences in
impact from cyber and kinetic warfare. A review of the 2021 cyber attack on Colonial Pipeline and the
missile strike on the Syvash wind farm demonstrates the principle of reversibility in action, particularly in
regard to the short-lived nature of cyber attacks. Within the context of security and strategy, particularly at
the cyber/energy security nexus, this means that traditional state security thinking needs to evolve to
address threats in the cyber domain rather than try to retrofit dated strategies. The two cases compared
offer lessons that can be applied more broadly in the formation of state-level cyber and energy strategic
thinking, ultimately improving resilience and the appropriateness of protection.
This document is a thesis submitted to Keele University in 2009 by Gordon Stuart Rhoads investigating multi-organizational confluence in security policy in the United States post 9/11. It examines the creation and implementation of new security policies through the lens of securitization theory and analyzes the localized response in Metropolitan Philadelphia. The thesis focuses on identifying security actors and objects involved in counterterrorism efforts and the challenges that arise from the interplay between organizations under the Department of Homeland Security umbrella.
The document discusses two articles related to cybercrime issues. The first article examines the possibility of establishing an international agreement or declaration for cyberspace to address cyber conflict and retaliation. The second article analyzes the legal and technical uncertainties surrounding strategic retaliatory countermeasures to cyber attacks for both nation-states and private entities. It discusses challenges in attributing attacks and risks of escalation, as well as limitations of applying international laws on use of force to the digital domain. The document also provides background on debates around active defense strategies following large-scale cyber attacks.
Actions Speak Louder Than Words Preventive Self-Defense As A Cascading NormBrandi Gonzales
This document discusses the emerging norm of preventive self-defense and its spread among states. The authors argue that the US setting precedents through its actions in Iraq and drone strikes has challenged established international norms restricting preemptive force. While this norm was initially contested, some powerful states have embraced preventive self-defense in both rhetoric and actions. The authors present evidence that this norm is diffusing to states like India, Russia, Germany and China as their security interests evolve.
Marriage of Cyber Security with Emergency Management -- NEMADavid Sweigert
The document is a statement from the National Emergency Management Association (NEMA) to the House Committee on cyber incident response. It summarizes that a cyber attack could have catastrophic consequences comparable to a major natural disaster. It calls for emergency managers and cybersecurity experts to work together to understand vulnerabilities, plan coordinated responses, and ensure authorities and resources are adequate to address consequences. The threat is complex, involving threats from nations, hackers, and terrorists, and attacks could impact critical infrastructure systems. States are still determining roles and responsibilities for cyber response, so federal coordination and support is needed.
1) The document discusses the challenges nation-states face in policing cyber-space due to its unique nature. Unlike physical domains, cyber-space was constructed by humans and threats can be anonymous and originate across borders.
2) Cooperation is necessary for nation-states to adequately police cyber-space because threats are difficult to attribute due to anonymity and lack of international laws. However, cooperation also presents challenges if states become too reliant on external actors.
3) The paper argues that states must develop reliable relationships with other actors through cooperation to police cyber-space, but also maintain independence and not become dependent on any single entity. Balance between cooperation and reliance is needed.
1Running head CYBERWARCYBER WAR9Outstanding title.docxfelicidaddinwoodie
1
Running head: CYBERWAR
CYBER WAR
9
Outstanding title page formatting
Cyber War
Name
University
Professor
04/28/2018
Introduction Cyber War
Cyber warfare refers to a computer or network-based conflict that disrupts the activities of a state or
organization by deliberate attacking critical infrastructures. Cyber attacks can also be described as an attack by hostile groups such as terrorist or hacker groups aimed, at furthering the goals of a given nation. To have a better understanding, cyber warfare can take different forms such as; viruses that can take down water supplies, military systems, transportation systems, hacking and theft of critical data from government and private institutions. This paper will focus on assessing various mechanism applied in different articles to counter cybersecurity and protect critical infrastructure. Further, by analyzing the results and experience in Xia, Becerra-Fernandez, Gudi, & Rocha-Mier (2011), the essay will also show how
the findings can be utilized in real life scenario.
1. What do the articles have in common?
According to Clemente (2011), the advancement of interconnection between different infrastructures sectors has boosted by the escalation of cyberspace. The author points out that the security
implications are inevitable especially in this era of cyberspace and infrastructure. The main idea in the article involves around the definition of ‘critical’ infrastructure to enable effective prioritization and protection of nodes and connection points. FEMA (2013
), points out that the United States well being relies upon secure critical infrastructure that forms American society. According to Saadawi, & Jordan
, (2011), there is need to establish an international cyber union that will help overcome cybersecurity challenges in securing cyberinfrastructure. This article considers the practical considerations that are associated with EINSTEIN 3 and how this can be used to ensure effective protection of critical infrastructure networks. Having evaluated the main argument of these articles, they all share the aspect of understanding cybersecurity and different ways ensuring infrastructure protection.
2. What are the differences in their assessment of cybersecurity and critical infrastructure protection?
The above articles portray some distinction in their evaluation of cyber war and protection of vital infrastructure. The first article by Clemente (2011), tries to examine how cybersecurity challenges can be overcome by understanding various components in society. The article offers more theoretical approaches to counterattack cybersecurity and protection of critical infrastructures. The second article by FEMA (2013
) is more detailed and comprehensive on the issue of cybersecurity and protection of critical infrastructures in the society. For instance, it offers a plan that will require a federal agency (SSA) to lead a coordinated process for vital infrastructure security within criti ...
A View Of Cyberterrorism Five Years LaterJulie Davis
This document provides an assessment of the threat of cyberterrorism five years after an initial assessment. It discusses five categories of indicators that demonstrate terrorist capability or intent to conduct cyberattacks: 1) execution of cyber attacks, 2) acquisition of cyber weapons, 3) statements about cyber attacks, 4) formal IT education, and 5) general cyberspace experience. Two prior studies from 1999-2000 concluded cyberterrorism posed a low threat then, but this assessment is based on evidence found within these five categories to evaluate the current threat, finding some evidence within each category but no acts meeting the definition of cyberterrorism to date.
The document analyzes the stump speeches of Republican and Democratic candidates campaigning in the 2002 midterm elections shortly after 9/11. The Republican argues that Iraq poses an imminent threat and supports invading Iraq to stimulate fears around national security and encourage votes. The Democrat argues there is no serious threat from Iraq and emphasizes traditional Democratic issues to concern voters more with those. Both candidates take the only viable positions given the public's associations between the parties and foreign policy versus domestic issues.
This document discusses improving the classification of terrorist attacks in Iraq through data preprocessing techniques applied to the Global Terrorism Database. It analyzes different methods for dealing with missing data values and data discretization and evaluates various classifiers. The study finds that data preprocessing significantly reduces classification error rates and adding GPS coordinates for attack locations can further improve accuracy. Traditional statistical modeling of terrorism has limitations that computational analysis and visualization tools can help address by revealing patterns in the data.
Chinese cyberattacks against the US pose long term threats to national security. The US power grid and critical infrastructure sectors are most vulnerable. While the daily number of attacks has decreased since 2015 agreements, China has increased sophistication so attacks are harder to detect. The US lacks effective countermeasures and China has no incentive to fully stop cyber espionage. Future disputes could prompt more attacks aimed at the US private sector.
The document summarizes a presentation arguing that existing international laws of war can adequately address issues raised by cyber warfare, without needing new treaties. It outlines the current legal framework, including when cyber attacks may constitute use of force or armed attacks. It also discusses challenges like attribution and dual-use networks. The presentation argues against new treaties for cyber warfare, saying adversaries would not comply and existing laws can adapt to technology changes.
This document is a chapter from a student paper that examines the theory that coevolution has led to the militarization of emergency management in the United States post-9/11. The chapter provides background on coevolution and discusses how it can be applied to explain changes in emergency management and homeland security frameworks over time. It also reviews literature on topics like the historical involvement of the military in disasters, the successes of FEMA under James Lee Witt, and the increased national security focus of homeland security after 9/11. The student argues that analyzing these issues through a longitudinal case study using coevolution as a framework can provide insights into how emergency management has become more militarized.
China poses the biggest long-term threat to U.S. cybersecurity through frequent cyberattacks. While attacks have decreased in recent years due to an agreement between the U.S. and China, the threat is expected to increase again over the long term as China has no incentive to fully stop attacks. The U.S. private sector and critical infrastructure are most vulnerable. A major international dispute could prompt a large-scale Chinese cyberattack against the U.S. as retaliation.
CJ513Unit 3 DQTopic #1The Definition of CyberterrorismDiVinaOconner450
CJ513
Unit 3 DQ
Topic #1
The Definition of Cyberterrorism
Discuss the current debate surrounding the definition of cyberterrorism. Why is there no common definition? What are some of the challenges associated with establishing a common definition? Provide examples of two competing definitions of cyberterrorism from different sources and discuss the differences between the definitions. What are the implications of these differences? Be sure to properly cite and reference sources used
Topic #1: Student Response #1(Respond to Joe)
Joe Cacioppo
Good evening class,
This was an interesting topic to research and had not given much thought to the nuances in defining and making a distinction between cyberterrorism and cybercrime. I was also surprised to hear there was not a common definition of cyberterrorism. I reviewed the United States Department of Justice Federal Bureau of Investigation website and found an article written by Tafoya (2011), who defined cyberterrorism as “the intimidation of civilian enterprise through the use of high technology to bring about political, religious, or ideological aims, actions that result in disabling or deleting critical infrastructure data or information.”
An alternate definition according to the Center for Strategic and International Studies (CSIS) defined cyberterrorism as, ““the use of computer network tools to shut down critical national infrastructures (e.g., energy, transportation, government operations) or to coerce or intimidate a government or civilian population.” (Tafoya, 2011.)
In comparing the two different definitions given, the similarities include the use of technology to coerce or intimidate to produce a change. The differences in the FBI definition have a better defined group of targeted populations for change, for example political, religious or ideological change. I have not seen an implication between the differences in the two given definitions. The end result, and the methods for cyberterrorism is similar.
Additional research on cyberterrorism described the activity as any premeditated, politically motivated attack against information systems, programs and data that results in violence against noncombatant targets by subnational groups of clandestine agents, (Hanna, et. al., nd.)
References:
Hanna, H.T., Ferguson, K, Rosencrance, L. (nd.) Techtarget network. Cyberterrorism. https://searchsecurity.techtarget.com/definition/cyberterrorism
Tafoya, W.L. 2011. The United States Department of Justice. Cyber Terror. https://leb.fbi.gov/articles/featured-articles/cyber-terror
Topic #1: Student Response #2(Respond to Elizabeth)
Elizabeth Stuart
Cyberterrorism, while understood by some on a basic level, remains an elusive concept to many. There is no agreed upon definition in academia or government for this term. Due to this, it can be difficult to pinpoint what exactly constitutes cyberterrorism. In their article, Klein (2018) utilized a definition by Denning (2000), who described cyber ...
This document discusses cyberterrorism and the challenges around defining it. It provides definitions of cyberterrorism from different sources, which vary in their descriptions of the perpetrator, motive, target, and intent. Specifically, the definitions differ most in their characterizations of the perpetrator and intent. The lack of a clear, agreed-upon definition has made it difficult to establish governance and laws around cyberterrorism. Having a shared understanding of what cyberterrorism is would help address this growing threat in a more coordinated way.
Appraising Security AssignmentAfter reading Keith Krause and Mi.docxjewisonantone
Appraising Security Assignment
After reading Keith Krause and Michael C. Williams, “Broadening the Agenda of Security Studies: Politics and Methods”
and
Buzan and Hansen, “The Evolution of International Security Studies, Ch.7: Widening and Deepening Security article”
.
Students will ask
three individuals
- a grandparent, family member, and/or friend - about their knowledge of the most pressing security concerns today and in twenty years. Once you have conducted the interview (questions available in Canvas) and collected information from the interview, you will write a synopsis about the individuals you interviewed and provide an analysis utilizing the reading listed above.
Why is this an important activity?
Learning about and writing an analysis of individuals perception aids students in distinguishing between stories that are fictional and the real-life dynamics of our world. In addition, it aids in understanding the evolution of security concerns and how those concerns are compared to peoples’ values; thus, mindset (view of the world).
Final Submission must include:
(between 4 ½ - 5 pages- does not include the reference page or appendix)
-
Due June 20th
Utilize the following resources for this assignment.
Appraising Security Interview Guide.pdf
INR 3081 Appraising Security Interview Form .docx
Make sure each of the three sections/headers below is outlined accordingly in your final submission. Simply, add section headers to your submission.
Interviewee Observation and Application:
10 points
In your submission
describe
what you have drawn (broad assumptions) about the experiences of
each
person interviewed. (2 paragraph)
Reference each interview in the context of your analysis with either the respondents’ alias (a name you made up) or as Respondent 1, Respondent 2, or Respondent 3.
Then,
compare and contrast
each respondents’ answers regarding security concerns to the arguments brought forth in the Keith Krause and Michael C. Williams, “Broadening the Agenda of Security Studies: Politics and Methods” and Buzan and Hansen, “The Evolution of International Security Studies,
7
: Widening and Deepening Security article (2 paragraphs –one paragraph per article)
Draw specific assertions from the reading
to compare to the respondents’ responses (in-text citation is required)
Self-Analysis and Application:
14 points
Discuss
how this assignment and course impacted your thoughts about security and how individuals define what is security and its correlation to our values. (2 paragraphs)
What do
you
(not the respondents) believe is the most pressing security
concerns in the world
today
? (1paragraph)
How
has nationalism
influenced the most pressing security concerns in the world today? (1paragraph)
What do you
(not the respondents)
believe will be the most pressing security challenges
in twenty years
? (1paragraph)
How would you
resolve this forecasted (in twenty years) sec.
Cyber Security and Terrorism Research Article2Cybe.docxrandyburney60861
Cyber Security and Terrorism Research Article
2
Cyber Security and Terrorism Research Article
Senior Capstone
Introduction
Homeland Security has a wide range of organizations that fills in as a way to deal with shielding the United States locally and universally. These offices incorporate however are not restricted to U.S. Customs and Border Patrol, Transportation Security Administration, United States Coast Guard, Cybersecurity and Infrastructure, and so forth. These offices serves the administration in tending to at least one stages. For instance, The Federal Emergency Management Agency, otherwise called FEMA, is an organization that serves numerous partners in mitigating, planning, responding, and recovering from catastrophic events.
On a bigger degree, Cybersecurity is a developing and learning field that is utilized in Cybersecurity and Infrastructure and different organizations to shield significant specialized data from fear monger assaults, for example, hacking. Its primary unit of examination is the administration where relieving is the stage being polished. This principle point is basic to the Homeland Security and Emergency Management's (HSEM) discipline. As of now, there is an issue of how does Cybersecurity adequately change the danger of psychological militant assaults, wherein there are sure and negative credits to its methods for assurance. Innovation, organize security, basic frameworks including PC frameworks, and so forth is the thing that makes up Cybersecurity.
In spite of the fact that there might be a comprehension of what fear based oppression is, there has not yet been an unequivocal meaning of psychological oppression. As per Wilson, a few definitions for digital fear mongering can result from the assailants expectation while others centers on the impacts of the assault itself (Wilson, 2007). A few assaults can bring about mischief causing the death toll or harm while different assaults may bring about troublesome PCs and dread equivalents to fear based oppression. There should be a control on the yield of what dread is truly delegated with regards to an assault. When an infection occurs on a PC, is the proprietor of that PC apprehensive? On the off chance that the proprietor is apprehensive does it add up to a similar sort of dread starting at an aggressor from an alternate nation causing the infection? This can be alluded to what was the reason for that infection in any case.
When managing Cybersecurity and fear based oppression, there should be a decent measure of assaults occurring on the double or sequentially to cause dread inside the organization or nation. Digital fear mongers are seen assaulting different organizations consecutive for an extensive stretch in result accomplishing their objectives or if nothing else making consideration them (Lewis, 2002). In the event that the fear based oppressor neglects to increase any profit by their assault on a lot of PC frameworks, at that point it would n.
HOW REVERSIBILITY DIFFERENTIATES CYBER FROM KINETIC WARFARE: A CASE STUDY IN ...ijsptm
A pair of attacks on energy sector assets offers a unique opportunity to better understand the differences in
impact from cyber and kinetic warfare. A review of the 2021 cyber attack on Colonial Pipeline and the
missile strike on the Syvash wind farm demonstrates the principle of reversibility in action, particularly in
regard to the short-lived nature of cyber attacks. Within the context of security and strategy, particularly at
the cyber/energy security nexus, this means that traditional state security thinking needs to evolve to
address threats in the cyber domain rather than try to retrofit dated strategies. The two cases compared
offer lessons that can be applied more broadly in the formation of state-level cyber and energy strategic
thinking, ultimately improving resilience and the appropriateness of protection.
This document is a thesis submitted to Keele University in 2009 by Gordon Stuart Rhoads investigating multi-organizational confluence in security policy in the United States post 9/11. It examines the creation and implementation of new security policies through the lens of securitization theory and analyzes the localized response in Metropolitan Philadelphia. The thesis focuses on identifying security actors and objects involved in counterterrorism efforts and the challenges that arise from the interplay between organizations under the Department of Homeland Security umbrella.
The document discusses two articles related to cybercrime issues. The first article examines the possibility of establishing an international agreement or declaration for cyberspace to address cyber conflict and retaliation. The second article analyzes the legal and technical uncertainties surrounding strategic retaliatory countermeasures to cyber attacks for both nation-states and private entities. It discusses challenges in attributing attacks and risks of escalation, as well as limitations of applying international laws on use of force to the digital domain. The document also provides background on debates around active defense strategies following large-scale cyber attacks.
Actions Speak Louder Than Words Preventive Self-Defense As A Cascading NormBrandi Gonzales
This document discusses the emerging norm of preventive self-defense and its spread among states. The authors argue that the US setting precedents through its actions in Iraq and drone strikes has challenged established international norms restricting preemptive force. While this norm was initially contested, some powerful states have embraced preventive self-defense in both rhetoric and actions. The authors present evidence that this norm is diffusing to states like India, Russia, Germany and China as their security interests evolve.
Marriage of Cyber Security with Emergency Management -- NEMADavid Sweigert
The document is a statement from the National Emergency Management Association (NEMA) to the House Committee on cyber incident response. It summarizes that a cyber attack could have catastrophic consequences comparable to a major natural disaster. It calls for emergency managers and cybersecurity experts to work together to understand vulnerabilities, plan coordinated responses, and ensure authorities and resources are adequate to address consequences. The threat is complex, involving threats from nations, hackers, and terrorists, and attacks could impact critical infrastructure systems. States are still determining roles and responsibilities for cyber response, so federal coordination and support is needed.
1) The document discusses the challenges nation-states face in policing cyber-space due to its unique nature. Unlike physical domains, cyber-space was constructed by humans and threats can be anonymous and originate across borders.
2) Cooperation is necessary for nation-states to adequately police cyber-space because threats are difficult to attribute due to anonymity and lack of international laws. However, cooperation also presents challenges if states become too reliant on external actors.
3) The paper argues that states must develop reliable relationships with other actors through cooperation to police cyber-space, but also maintain independence and not become dependent on any single entity. Balance between cooperation and reliance is needed.
1Running head CYBERWARCYBER WAR9Outstanding title.docxfelicidaddinwoodie
1
Running head: CYBERWAR
CYBER WAR
9
Outstanding title page formatting
Cyber War
Name
University
Professor
04/28/2018
Introduction Cyber War
Cyber warfare refers to a computer or network-based conflict that disrupts the activities of a state or
organization by deliberate attacking critical infrastructures. Cyber attacks can also be described as an attack by hostile groups such as terrorist or hacker groups aimed, at furthering the goals of a given nation. To have a better understanding, cyber warfare can take different forms such as; viruses that can take down water supplies, military systems, transportation systems, hacking and theft of critical data from government and private institutions. This paper will focus on assessing various mechanism applied in different articles to counter cybersecurity and protect critical infrastructure. Further, by analyzing the results and experience in Xia, Becerra-Fernandez, Gudi, & Rocha-Mier (2011), the essay will also show how
the findings can be utilized in real life scenario.
1. What do the articles have in common?
According to Clemente (2011), the advancement of interconnection between different infrastructures sectors has boosted by the escalation of cyberspace. The author points out that the security
implications are inevitable especially in this era of cyberspace and infrastructure. The main idea in the article involves around the definition of ‘critical’ infrastructure to enable effective prioritization and protection of nodes and connection points. FEMA (2013
), points out that the United States well being relies upon secure critical infrastructure that forms American society. According to Saadawi, & Jordan
, (2011), there is need to establish an international cyber union that will help overcome cybersecurity challenges in securing cyberinfrastructure. This article considers the practical considerations that are associated with EINSTEIN 3 and how this can be used to ensure effective protection of critical infrastructure networks. Having evaluated the main argument of these articles, they all share the aspect of understanding cybersecurity and different ways ensuring infrastructure protection.
2. What are the differences in their assessment of cybersecurity and critical infrastructure protection?
The above articles portray some distinction in their evaluation of cyber war and protection of vital infrastructure. The first article by Clemente (2011), tries to examine how cybersecurity challenges can be overcome by understanding various components in society. The article offers more theoretical approaches to counterattack cybersecurity and protection of critical infrastructures. The second article by FEMA (2013
) is more detailed and comprehensive on the issue of cybersecurity and protection of critical infrastructures in the society. For instance, it offers a plan that will require a federal agency (SSA) to lead a coordinated process for vital infrastructure security within criti ...
A View Of Cyberterrorism Five Years LaterJulie Davis
This document provides an assessment of the threat of cyberterrorism five years after an initial assessment. It discusses five categories of indicators that demonstrate terrorist capability or intent to conduct cyberattacks: 1) execution of cyber attacks, 2) acquisition of cyber weapons, 3) statements about cyber attacks, 4) formal IT education, and 5) general cyberspace experience. Two prior studies from 1999-2000 concluded cyberterrorism posed a low threat then, but this assessment is based on evidence found within these five categories to evaluate the current threat, finding some evidence within each category but no acts meeting the definition of cyberterrorism to date.
The document discusses the debate around cybersecurity, politics, and interests. It summarizes that the threat of cyber attacks has driven increased spending on security by states and corporations. However, critics argue the threats are exaggerated and that the response is overly militarized and risks wasting resources. The debate has implications for the future of internet governance and privacy as states consider greater regulation and monitoring of internet traffic.
1)Using general mass-media (such as news sites) identify a recent co.pdfezzi552
1)Using general mass-media (such as news sites) identify a recent computer security incident.
Discuss the incident in few sentences. Next, find at least three articles on computer security sites
that
discuss the technology behind the attack / prevention / reaction etc. for the incident. Remember
to
provide the links also
Solution
Cyberterrorism is also clearly an emerging threat. Terrorist groups are increasingly computer
savvy, and some probably are acquiring the ability to use cyber attacks to inflict isolated and
brief disruptions of US infrastructure. Due to the prevalence of publicly available hacker tools,
many of these groups probably already have the capability to launch denial-of-service and other
nuisance attacks against Internet-connected systems. As terrorists become more computer savvy,
their attack options will only increase.” (War on Terrorism, 2003)
This is what Robert Mueller, FBI Director, testified on 11 February 2003 before the US Senate
on a hearing about War On Terrorism against Al-Qaeda and other terrorist organizations. The US
and global media organizations picked up this testimony and begun speculating on the possibility
of a large-scale Cyberterrorist attack. So far, such an attack has not materialised. At the same
time a similar term, Cybercrime, is used to describe criminal activities on the Internet such as
identity theft, copyright infringement and bank fraud, but many times these two terms
(Cybercrime and Cyberterrorism) end up been used inter-changeably and their meaning,
especially to the public, becomes blurred and unclear. Governments, policy networks and the
media around the globe have engaged in an effort to build defences against Cyberattacks, bring
new regulations in effect while maintaining an almost mythological atmosphere over the threats
and risks of potential Cybercrime and Cyberterrorist attacks.
This essay will explore the concepts of Cybercrime and Cyberterrorism, how such acts are
portrayed in the media and the government policies that come in effect. The focus will be on how
all these processes affect people’s psychology in regards to induced feelings of anxiety and fear
and not the illegal activities themselves. In essence the essay aims to investigate Furedi’s (2002,
p. 34) statement that “what we already fear can now thrive in the new space provided by the
Internet”..
Cyberpower and National SecurityRelated titles.docxaryan532920
Cyberpower and
National Security
Related titles fRom Potomac Books
Asymmetrical Warfare: Today’s Challenge to U.S. Military Power
by Roger W. Barnett
The Future of War : Organizations as Weapons
by Mark D. Mandeles
Information Operations: Warfare and the Hard Reality of Soft Power
edited by E. Leigh Armistead
Information Warfare: Separating Hype from Reality
edited by E. Leigh Armistead
Leading at the Speed of Light: New Strategies for
U.S. Security in the Information Age
by Daniel M. Gerstein
Nontraditional Warfare: Twenty-first Century Threats and Responses
by William R. Schilling
Terror on the Internet: The New Arena, the New Challenges
by Gabriel Weimann
Center for teChnology and national SeCurity PoliCy
Edited by Franklin D. Kramer,
Stuart H. Starr, and Larry K. Wentz
PotomaC BookS, inC.national defenSe univerSity PreSS
WaShington, d.C.
Cyberpower and
National Security
Copublished in the United States by National Defense University Press and Potomac Books,
Inc. The opinions, conclusions, and recommendations expressed or implied within are those of
the authors and do not necessarily reflect the views of the Department of Defense or any other
agency of the Federal Government. This publication is cleared for public release; distribution
unlimited. Portions of this book may be quoted or reprinted without further permission, with
credit to both National Defense University Press and Potomac Books, Inc.
Library of Congress Cataloging-in-Publication Data
Cyberpower and national security / edited by Franklin D. Kramer, Stuart H. Starr, and Larry K.
Wentz. — 1st ed.
p. cm.
Includes bibliographical references and index.
ISBN 978-1-59797-423-3 (pbk. : alk. paper)
1. National security—United States. 2. Information technology—Government policy—United
States. 3. Cyberspace—Government policy—United States. 4. Cyberterrorism—United States—
Prevention. I. Kramer, Franklin D., 1945– II. Starr, Stuart H. III. Wentz, Larry K.
UA23.C929 2009
355.3’43—dc22
2009003301
Printed in the United States of America on acid-free paper that meets the American National
Standards Institute Z39-48 Standard.
Potomac Books, Inc.
22841 Quicksilver Drive
Dulles, Virginia 20166
First Edition
10 9 8 7 6 5 4 3 2 1
List of Illustrations ix
Preface xiii
Introduction xv
Part I. Foundation and Overview
1 Cyberpower and National Security: Policy Recommendations
for a Strategic Framework
Franklin D. Kramer 3
2 From Cyberspace to Cyberpower: Defining the Problem
Daniel T. Kuehl 24
3 Toward a Preliminary Theory of Cyberpower
Stuart H. Starr 43
Part II. Cyberspace
4 A Graphical Introduction to the Structural Elements of Cyberspace
Elihu Zimet and Edward Skoudis 91
5 Cyberspace and Infrastructure
William D. O’Neil 113
6 Evolutionary Trends in Cyberspace
Edward Skoudis 147
7 Information Secur ...
Bashar H. Malkawi, The Forum on National Security LawBashar H. Malkawi
The National Security Law Brief is excited to publish the second issue of the Forum on National Security Law. This issue, completed with the help and support of the Volume IX editorial board, is a project designed to increase the Brief’s scope by providing an opportunity for practitioners and students alike to explore debates in national security law and policy through short, topical pieces.
Similar to Capstone Final Draft Rev 2 - The Cyber-Security Dilemma_ The ’Cyber-Army’ Buildup Between China and the U.S. (Rev 2) (20)
Bashar H. Malkawi, The Forum on National Security Law
Capstone Final Draft Rev 2 - The Cyber-Security Dilemma_ The ’Cyber-Army’ Buildup Between China and the U.S. (Rev 2)
1. Creamer 1
The U.S.-China Cyber-Security Dilemma: Real, or Really
Hyped? What is Means for Foreign Policy Advisors
James Creamer III, M.S. Security and Resilience Studies Graduate Student
Capstone (POLS 7980), Political Science Department, Northeastern University
The focus of this paper is to address the concerns regarding the new generation of the
security dilemma referred to as the ’cyber-security dilemma’ or the ‘cyber-arms race’
between China and the United States. Opposing viewpoints see this arms race as
justified and warranted, while others believe it to be an over-reaction. The purpose of
this paper is to conduct a qualitative case study analysis based a dataset collected by
scholars at Northeastern University to determine which sides arguments holds to be
more accurate based on the actual impact (severity and damage) of cyber-incidents, is
the response we are seeing from the U.S. and China align with the security dilemma?
This paper seeks to find out and its format proceeds as follows: introduction to the
issue and a literature review discussing the modern security dilemma in China, U.S.-
Sino relations, and Cyber-security. This will be followed by a list of terms and
definitions, research design, qualitative analysis, implications for policy makers and
conclusions.
Keywords: Cyber; Conflict; Attack; United States; China; Security; Dilemma; Critical;
Infrastructure; DDOS; Hacking; Arms; Race
Part I: Introduction
Cyber-attacks have saturated the western media so far in 2015, and there appears no
end in sight. Major security breaches at Target, Sony Pictures Studios, and most recently, the
U.S. Office of Personnel Management, are common place. They have brought the attention to
the public that the Internet was never designed with security in mind. This inherent insecurity
has lead to a new security dilemma; the last one this prevalent was during the Cold War with
nuclear weapons, and now hacking has taken its place and cyber-war appears imminent
(Penn: Correa: Snyder: Gewirtz). As a result of this cyber-security dilemma, we have seen major
pushes toward increased offensive and defensive cyber-capabilities among state actors (Gertz:
Shall & Selyukh). The two states that receive the most attention are the United States and
China. With this buildup of ‘cyber-armies’ on either side, one must wonder whether or not
these nations are justly reacting to current threats.
President Obama has made cyber-security a priority since he stepped into office.
However, most recently he has made the strongest push forward to making cyber-security one
of his top agendas (Daniel). But why does any of this matter between the U.S. and China? That
2. Creamer 2
is because according to the Elcano Institute, the U.S. and China are two of the world’s most
powerful countries (Elcano 13). The U.S. was ranked number one in the 2014 economic
presence ranking, while China number two (Elcano 18). The U.S. also held the number one
spot for the 2014 military presence ranking, and China number five (Elcano 19). Cloud services
and security firm Akamai Technologies reported that in 2014, based on originating cyber-attack
location, China lead the world with 41% of all attacks, followed by the United States with 13%
(Akamai). Many believe we are beginning to see the start of the next generation of conflict
between two of the world’s largest and most powerful countries. Being able to make effective
and well-informed policy decisions regarding cyber-security should be a top priority for both
sides; this is why it matters.
Several scholars have examined a variety of similar topics in the years past. Academics
including Charles Glaser, Jason Douglas, Ling Li et al., Andrew Scobell and Adam Liff have
focused on the modern security dilemma in regards to China. Others including Avery Goldstein,
Phillip Saunders and Michael Tai have examined U.S.-Sino relations at varying levels. More
specifically in this topics context, academics including Myruam Dunn Cavelty, Jyh-An Lee, Nir
Kshetri and Jon Lindsay, have written on cyber-security between the United States and China.
This paper examines the reactions of China and the United States regarding the cyber-
security dilemma by utilizing the existing literature in conjunction with a recently constructed
dataset by Creamer, Valeriano and Maness to determine whether or not we see a cyber-
security dilemma unfolding. This research is limited in scope as these cases are limited to the
most recently discovered events. Based on facts of these U.S.-China dyadic incidents, do we
see a new security dilemma unfolding? Since this question is founded in the gaps of existing
literature, this research paper will use relevant theories of security studies in conjunction with
data from a qualitative analysis. The following paragraphs will provide a summary of relevant
terminology for this paper, as well as a summary of the existing scholarly literature. Following
the literature review will be the research design, qualitative analysis, implications for policy
makers and conclusions.
3. Creamer 3
Part II: Terminology
Since the audience of this paper will vary widely, it is deemed appropriate to include a
section of terminology in order to specifically define certain political and technical concepts in
respect to this paper. Maness and Valeriano indemnify an issue that plagues this research; the
lack of consistency among definitions and terminology (Valeriano and Maness “Cyber War
versus Cyber Realities” 20). The following paragraphs include definitions for “security
dilemma”, “cyber-army”, "cyber-attack", “cyber-incident”, “cyber-conflict”, “hack”, “breach”
and ”(distributed) denial of service”, as used for the purposes of this paper.
The security dilemma is a scenario that arises due to states seeking to increase their
own security and survival. According to the international relations theory of realism, states’
primary motivation is survival. Since states are seeking this, it creates a paradox. The more
powerful a state becomes, the more likely other states will try to increase their own power for
survival. This continues to spiral with each action causing the other side to react, and so on
and so forth (Jervis). The term cyber-arm(ies) is in reference to state-actor’s military/security
assets that have the capability to operate in cyber-space and attack or defend against targets
through various cyber-related methods. In the context of this paper, cyber-armies can be public
actors or private state-sponsored actors. A cyber-attack is one individual instance of using a
cyber-method of attack against a state or non-state actor. This can occur in many forms
including DDoS, APT, and Spear Phishing. Cyber-incident is a similar reference to cyber-attack,
but is used in a less offensive tone. It uses a more objective connotation to state that an
incident has occurred, as opposed to using the term attack which implies it was an aggressive
move .On the other hand, a cyber-conflict implies a series of cyber-incidents where two actors
are engaged in conflict with one another, but does not escalate to a level consistent with
warfare (Valeriano and Maness 32).
A cyber-incident that was the result of a hack means that someone gained unauthorized
access to a system/service/information. Hack is a generally used term and could range from
describing a particular incident (noun) or could be the general description of the method of
4. Creamer 4
attack (verb). Another generally used term is breach or security breach, and this has a similar
meaning to hack. It refers to the unauthorized access of a system, service, or information. One
of the most common methods of attack is a denial of service or distributed denial of service
(DDoS) attack. This occurs when a IP-connected target is flooded with requests and as a
result, becomes overwhelmed and is disabled. All terminology relating to the qualitative
research and the dataset created by Creamer, Valeriano and Maness can be found in
Appendix A.
Part III: Literature Review
Section A: Modern Security Dilemma and China
Author Charles Glaser is noted for discussing possible security dilemma outcomes for
China based on international relations theories, factors that impact the security dilemma, and
the dangers of exaggeration (Glaser). Most international theorists predict three different
situations emerging between China and the international community, one liberal and two realist
(Glaser). The liberal theory states that China can rise peacefully due to international economic
and political forces (Glaser). One realist theory states that China’s “growing strength” will turn
into a more aggressive strategy for them, and ultimately predicts a Cold War type standoff
between them and the U.S. (Glaser). The other realist theory states that the likelihood of
conflict between major powers is minimal because of structural forces in the international
system, but “secondary disputes” within the region are what are expected to be seen (Glaser).
This viewpoint also states that “conflict is not predetermined” and through not over reacting to
threats or making “uncomfortable concessions”, one can avoid conflict (Glaser). Glaser states
that the perceived threat, and associated security dilemma response, can be dramatic when
“attacking is easy” (Glaser). This translates into “a spiral of fear and arming” (Glaser). He also
mentions the opposite, that if “defending and deterring are easy” that rush to arm is subsided
(Glaser). One’s perceived beliefs about a nation’s “motives and goals” can impact that
response to arm in either direction (Glaser). Glaser believes that given the current state of
5. Creamer 5
nuclear arms in both countries, and our geographical boundaries and obstacles, that the
security dilemma should stay at a moderate level (Glaser). According to Glaser, this should help
“facilitate cooperation” between the two nations (Glaser).
Neo-isolationists believe that it is not the rise of China that could impact the security of
the United States, but the relationships that we have with regional allies (Glaser). According to
this viewpoint, the U.S. has the capability to deter homeland conflicts from China, and that any
further relationships create “unnecessary [risk]” (Glaser). On the other hand, some scholars
argue that “selective engagement” is an effective tool at “[preventing eruption] of a conflict in
the first place” (Glaser). Similarly to the U.S. strategic plan during the Cold War, their
commitment to allies, along with military footholds and nuclear capabilities are considered to
be sufficient to “deter a Chinese attack” on the regional allies (Glaser). Furthermore, given the
current and potential “conventional military [and nuclear] capabilities” of regional allies, if the
U.S. disassociated with the region, there would be a sufficient deterrent from China striving to
become the regional hegemonic power (Glaser). According to Glaser, it is in fact in China’s best
interest to have U.S. influence in the region, as they see Japan as more of a threat, and U.S.
relations provide stability (Glaser). The exception to this analysis is Taiwan; with their history
with China, and geopolitical value to the U.S., slowly receding U.S. commitment to Taiwan is
seen as a favorable option to prevent conflict (Glaser). Glaser states that U.S. leaders make
decisions on the realist “assumption that states accurately perceive and respond” to situations
(Glaser). However, in the event this assumption is incorrect, it actually increases the risk for
future conflict (Glaser). This lack of understanding and misperception directly influences the
severity of the security dilemma (Glaser). Glaser believes that to date, the U.S. has not
overreacted to China’s military growth, but given the U.S. National Security Strategy, we
certainly could (Glaser). The exaggeration of threats, i.e. China’s military buildup and nuclear
capabilities, may in fact strain relations and create more conflict (Glaser).
Scholar Jason Douglas has examined the current security dilemma regarding U.S.-Sino
nuclear proliferation (Douglas 125). This security dilemma stems from the United States’ stance
6. Creamer 6
on developing advanced defensive nuclear capabilities and China’s development of offensive
nuclear capabilities (Douglas 126). Douglas mentions that a “missile defense system is an
attractive option for Americans trying to prevent a nuclear strike on US territory”, but comes
with the unintended consequences that other states perceive as a threat to their “nuclear
deterrent” capabilities (Douglas 128). President Obama has stood fast in supporting an “Asian
missile defense system” for US allies, a stance that been seen by the Chinese as an aggressive
move into their territory to limit their sovereignty (Douglas 129-130). Due to recent Japanese
military enhancements for ballistic missile defense, China has begun massive expansion of
military capabilities, which as Douglas writes, “could lead to what has been termed an offense︎-
defense arms race, with each side developing capabilities in order to counteract those of the
other” (Douglas 130-131). Historically speaking, China has a “no-first-strike” policy, whereby
they limit the number of nuclear weapons to a quantity suitable for second strike capabilities
only (Douglas 131). However, with the recent modernization of American nuclear arms, China
does not have a credible second strike capability (Douglas 132). This has led to further Chinese
nuclear expansion, which is thus seen by the U.S. as an aggressive offensive posture (Douglas
133).
Douglas highlights a concept to counter the realist approach to the anarchic system,
what Ken Booth and Nicholas Wheeler call, “security dilemma sensibility” (Douglas 138). The
definition of this concept is “an actor’s intention and capacity to perceive the motives behind,
and to show responsiveness towards, the potential complexity of the military intentions of
others” (Douglas 138). Both states cannot completely understand each others “motives and
intentions”, but understanding how your actions may be perceived by the other can impact
your own decisions and prevent future conflict (Douglas 138). Understanding the perspective of
the other state is the key to this sensibility, however this viewpoint is lost on many policy and
decision makers (Douglas 138).
Authors Ling Li, Ruixing Huang and Dewei Wang have empirically tested the security
dilemma between China and the United States (Ling et al. 153). Ling et al. take a quantitative
7. Creamer 7
approach to a historically qualitative analysis to determine whether the Chinese security
dilemma is “subjective inference” or is it actually grounded in quantitative support (Ling et al.
153). The authors use military expenditure as their measure for improvement of national and
military power (Ling et al. 153). Their research analyzed the military expenditures of China, the
United States, Japan, Indian, Taiwan, Vietnam and South Korea (Ling et al. 155). The analysis
determined that the only statistically significant reactions to China’s military spending were
from the U.S. and its allies, Japan and South Korea (Ling et al. 155). According to the authors,
China’s military spending is predominantly defensive in nature, and when the United States and
allies increase their expenditures as a result of China’s spending, it negates the impact of that
spending (Ling et al. 156). This evidence supports the belief that the reactions by the U.S.,
Japan and South Korea directly contribute to the security dilemma, and that this dilemma is
factual and not just a perceived deduction (Ling et al 156).
Scholar Andrew Scobell discussed the security dilemma from the viewpoint of the
Peoples Republic of China (PRC) (Scobell 713). The premise of Scobell’s argument is grounded
on the theory that the PRC has always viewed itself as an underdog in the international
community (Scobell 75). Scobell provides evidence that supports the claim that under the Mao
Zedong era, Deng Xiaoping era and post-economic reform era that the Chinese government
has viewed itself as such (Scobell 715-718). Scobell argues that while the concept of the
security dilemma is present within the academic community in China, it is “one step removed
from decision makers” (Scobell 718). Those in power in Beijing adhere to the ‘New Security
Concept’ or the ‘peaceful rise and development’ (Scobell 718). They view the military
expansion as a way to defend themselves from external threats, and acknowledging the
security dilemma would mean that China is admitting their own actions have caused this
(Scobell 717-718). China’s reputation in the international community is reflective of their power
in the international community (Scobell 719). Scobell notes Ian Johnston’s belief that if China
does not recognize the security dilemma, they will always be “convinced that the [U.S.] is intent
on their demise” (Scobell 719). Similar issues can be found within the United States too; that
8. Creamer 8
the security dilemma falls only on the ears of academics, and that U.S. policy makers ignore its
existence (Scobell 719). Scobell offers three possible ideas to help curb the security dilemma
(Scobell 719). These include “encourag[ing] senior policy makers on both sides to put the
security dilemma on the agenda” and begin an open dialogue, “ton[ing] down the inflammatory
rhetoric” on both sides as it only negatively contributes to a resolution, and lastly for the U.S.
and China to openly and directly discuss their national security interests and concerns (Scobell
719-720).
Authors Adam Liff and G. John Ikenberry have discussed the security dilemma through
the context of China’s rise and military competition in the Asia pacific (Liff & Ikenberry 88). Liff
and Ikenberry determine that at this point in time, there is no “full-scale security dilemma” due
to a traditional arms race between China and other states (Liff & Ikenberry 88). However, they
do admit that they do expect that situation to “[gradually] spiral” as military expenditures
increase (Liff & Ikenberry 88). Liff and Ikenberry identify two issues exacerbating the situation
between China, the U.S. and regional actors; the first is Beijing’s response in terms of military
policy, and the later is “misinterpret[ation]” by Beijing regarding the U.S. and other states’
desire to keep the “status quo” (Liff & Ikenberry 88). Beijing’s response includes their “pace
and scale” of military development, their low level of interest in “other states’ concerns” and
their lack of transparency (Liff & Ikenberry 88). The misinterpretation has resulted in a
“confrontational” view from Beijing’s perspective (Liff & Ikenberry 88). The authors conclude
with five policy recommendations to minimize the likelihood of conflict between the U.S. and
China (Liff & Ikenberry 88). Both governments must admit that they are caught in this security
dilemma in order to make meaningful progress forward (Liff & Ikenberry 88-89). Additionally, it
is recommend that they increase their information sharing in regards to their interpretations of
one another policies (Liff & Ikenberry 89). Furthermore, it is recommended that each side
increase their transparency regarding “military capabilities, strategic objectives, and military
policy decision making” (Liff & Ikenberry 89). The fourth recommendation is that both
government need to “strengthen diplomatic mechanisms for bargaining” so that both sides can
9. Creamer 9
more effectively manage crosses (Liff & Ikenberry 90). The last recommendation that Liff and
Ikenberry provide is that all states involved must “continue to shape and improve the wider
political and strategic context in which military competition is unfolding” so that they can
increase military cooperation and reduce rivalries (Liff & Ikenberry 90).
These authors make a wide variety of implications based on their work on the modern
security dilemma between the U.S. and China. While there focus is not on cyber-security, the
situation unfolding is quite similar to a traditional security dilemma and the political fallout that
comes along with it. The most important take aways and how they relate to the cyber-arms
race is as follows. One of Glaser’s realist theories predicts the cyber-arms race well. Glaser
previously mentions that the arms-race response is more dramatic when attacking is easy, and
that defending and deterring are difficult. Since the Internet was not designed with security in
mind, it is becoming increasingly difficult to defend and deter, and easy to attack without
retribution. Based on Douglas’s analysis of China’s nuclear arms policy, it appears similar to
their cyber-security policy since it is used for defensive purposes only. However, like with the
modernization of U.S. nuclear weapons, China’s response to the NSA leaks has been what
some would consider an aggressive posture. Douglas believes that “security dilemma
sensibility”, or the ability to understand how your actions may be perceived by others can
impact your own decisions is key to reducing the standoff. This same sensibility applies to the
cyber-security dilemma. The key applicable lessons from Li, Huang and Wang are that China’s
military expenditures are mostly defensive in nature, and that when the U.S. notices the
increase in spending, they respond with increasing their own spending. This negates the
impact of China’s defensive spending and causes the cycle to repeat. This same scenario
exists in the world of cyber-spending and is important to recognize and understand that.
Scobell’s primary take away relevant to the cyber-security dilemma is that
the concept of the security dilemma at all is removed from policy makers in China and the
United States. By failing to acknowledge its existence, they are contributing to its growth.
Scobell’s lessons on encouraging senior policy makers to engage in dialog, conversing more
10. Creamer 10
calmly, and openly discuss interests and concerns are all applicable to handling the growth of
cyber-arms race. Liff and Ikenberry’s contribution to this cyber-arms research is that as military
expenditure increase, we see a spiraling effect into the security dilemma. An increase in cyber-
related spending can have the same effect. In order to address this, Liff and Ikenberry argue
that they need to stop presuming the motives of the other, acknowledge the security dilemma,
and increase transparency in decision making. All of these actions are applicable to cyber-
decisions between China and the U.S. The take aways mentioned above can all impact the
ability of both countries to effectively manage the cyber-security dilemma. However,
understanding more broadly U.S.-China relations is also important to effective decision making
and is discussed in the following section.
Section B: U.S.-Sino Relations
Author Avery Goldstein has previously discussed the potential for a “serious U.S.-China
crisis”, the specific features making a crisis “so dangerous” and also the “general features of
crisis stability” (Goldstein 50). Goldstein concludes that the risks involved with striking first in
“conventional and nuclear” conflict are so high, it produces a dis-incentive for doing so
(Goldstein 88). Furthermore, Goldstein states that since each party “desire[s]… a favorable
outcome”, it actually creates a desire to “manipulate risk” and use force to get ”the upper
hand” (Goldstein 88). This is a direct outcome of a misunderstanding about the viewpoints of
the other party or a lack of perspective regarding a crisis (Goldstein 88). Goldstein argues that
this rationale alone should be enough for policy makers to take this into consideration when
discussing potential conflict (Goldstein 88-89). Goldstein concludes by stating that while China
being a “true peer competitor” to the U.S. is far away, policy makers must focus on the
“immediate danger of instability” and focus far less on issues of conventional war and nuclear
capabilities (Goldstein 89).
Michael Tai discussed international security in the context of China and the United
States (Tai 137). Notable topics include conventional warfare forces, nuclear capabilities, and
11. Creamer 11
cyber warfare (Tai 139-144). Tai notes that after the the conventional military forces in China are
not capable of taking on the United States, due to many issues including older soviet-era
weaponry and logistical issues (Tai 139-140). While the U.S. sees the recent buildup of Chinese
armed forces as a threat, it is more likely that the Chinese are building up to protect themselves
from regional forces including Japan and Taiwan (Tai 140). The United States began to view
China as the next conventional threat “after the demise of the Soviet Union” and that is where
the attention has remained (Tai 143). When comparing nuclear capabilities, it is estimated that
the United States has somewhere in the range of 7,700 nuclear weapons with 2,000 of them
“on hair-trigger alert” (Tai 143). This is in comparison to China’s 250 nuclear weapons and an
administration which pledges a no-strike first policy (Tai 144). In order for the U.S. to use
nuclear weapons, all that is requires is a “20-minute deliberation between the president and
two or three of his advisors” (Tai 143). In regards to cyber-warfare, the U.S. has publicly been
accusing the People’s Liberation Army of hacking public and private American organizations
since 2013 (Tai 144). It was revealed by Edward Snowden later that year that the NSA had been
conducting espionage on “major Chinese telecommunications companies, network backbones
at Chinese universities… and the Hong kong headquarters of Packet” (Tai 144). This revelation
had caused great concern for Beijing which has translated into a more hawkish stance and a
viewpoint where the U.S. is trying to overthrow the Chinese government (Tai 144).
Author Phillip Saunders elaborated on the ‘post-War On Terror’ strategic pivot, or what
is being referred to as the United States ”return to Asia” (Saunders). Saunders differentiates
that this “rebalance” is not the same as the “balance of power” (Saunders). Saunders drives
home five key points throughout his article. The first is that this pivot back to Asia is in
response to the “increased economic and strategic weight” of Asia and has the goal of brining
“diplomatic, economic, and military resource[s]” to our allies (Saunders). Secondly, it is
expected that it will be difficult to find a sweet-spot of rebalance that provides adequate
reassurance to U.S. allies, but not so dramatic to make Chinese leadership weary of
“cooperation with Washington” (Saunders). Furthermore, the strategy as a whole provides
12. Creamer 12
“more attention” to other Asian regions other than China, such as those in “Southeast Asia
[and] the Indian Ocean” (Saunders). The forth important point to understand is that China is
weary of this strategic move by the U.S., but at the same time are also moving forward with
“efforts to stabilize Sino-U.S. relations” (Saunders). The final takeaway from Saunders’ article is
that in order to minimize conflict within this strategy, more cooperation is required between
both governments on both areas of similar interests as well as conflicting viewpoints
(Saunders).
While these scholars focus on a variety of U.S.-Sino relations topics, there are many
important lessons to extract from their work. Lessons from Goldstein’s work boil down to
misunderstanding viewpoints of each party and lacking perspective during a crisis contribute
to escalating it. Policy makers should take this into consideration when handling cyber-related
crises, and that focusing on the “immediate danger of instability” is most important. Tai’s
contribution to the cyber-security dilemma is mainly that due to the actions of both Beijing and
Washington regarding cyber-espionage and cyber-attacks, each capital is more hawkish
toward each other, which undermines the trust and ability to communicate required for open
dialogue. The most important take aways from Saunders’ work is that the U.S. needs to
recognize that China is weary of the U.S. strategic pivot back into Asia, and that in order to
minimize conflict, more cooperation is required on similar and opposing interests. With the
strategic pivot, it would be expected to assume that China will want to acquire as much
information about U.S. strategy as possible, and cyber-attacks will be one method in doing so.
That makes cooperation between the two governments more important than ever to minimize
the damage caused by cyber-attacks. Taking lessons away from traditional U.S.-Sino relations
is imperative to understand this new dilemma. By understanding previous crises, instability and
political relationships, policy makers can make better decisions in order to stabilize
relationships. Perhaps even more important though, is taking lessons away from our current
body of knowledge on cyber-security, which is examined in the following section.
13. Creamer 13
Section C: Cyber-Security
Author Myruam Dunn Cavelty discusses the ‘cyber-security dilemma’ that we face in
the 21st century, how our actions have made “the real world less… secure” and suggests ways
in which to resolve this dilemma (Cavelty 702). Cavelty points out that our current stance
toward cyber-security is focused on on the threat of those responsible for initiating attacks
(hackers), as opposed to those responsible for the data (system admins) (Cavelty 703).
Furthermore, Cavelty notes that we don’t look at the threat impacting human security (the
individual), but rather “information technologies, economic performance and ‘critical’ functions
of infrastructures” (Cavelty 704). Cavelty argues that the influential players of cyber-security
today have no interest in actually keeping individuals secure because of big data marketing
and advertisements, as well as intelligence gathering (Cavelty 704-705). Furthermore, it is also
mentioned that the increasing role in the private sector of protecting critical infrastructure has
made it so that the focus on protecting the infrastructure for the sake of human security has
faded, and ensuring “business continuity”, protecting the private organization has become the
goal (Cavelty 706).
Cavelty raises an important notion that has received little attention previously in cyber-
security discussions; that the “myths of a stable political world order [are] based on state
power” feed into this view that governments and the military should be establishing borders in
cyber-space, and that state-control of that space is a national security issue (Cavelty 708). This
idea in itself “directly fuel[s] the cyber-security dilemma as we have seen” (Cavelty 708).
Cavelty also argues that we should be addressing the vulnerabilities within cyber-space in
order to make our national security more secure, but given the current incentive structure by
influential actors, it seems unlikely (Cavelty 711). By closing these vulnerabilities, and focusing
on ensuring privacy rights are protected by using encryption more on the individual level, we
can actually create a safer and more resilient cyberspace (Cavelty 711-712).
Jyh-An Lee discusses the importance of the current relationship between the U.S. and
China and the roles that U.S. President Obama and Chinese President Xi play in that, the threat
14. Creamer 14
that China poses to the U.S. regarding cyber-attacks, and possible legal remedies to these
international incidents (Lee 951-959). It has been compared to by many that the meeting
between “Barack Obama and… Xi Jinping… in June 2013” was the most important meeting
between the two nations leaders since Nixon and Mao (Lee 951). Obama has pressed Xi on the
wave of recent attacks on American companies, to which has been referred to by many as
“cyber espionage” (Lee 956). Historically, one the differences that sets China’s alleged actions
away from other espionage is that it is focused on both the public and private sectors, as
opposed to just the public sector (Lee 956). China’s stance is that they too are victims of cyber-
attacks and that they “and the United States both…[face] with similar challenges” Lee 958).
Lee discusses three legal approaches to help eliminate or reduce the number of attacks
between the two nations (Lee 960). These include using China to develop international norms
in regards to cyber-security, creating bilateral agreements between the two states on cyber-
security, and creating the most effective multilateral agreements with support of the “United
States, Russia, China, and the European Union” (Lee 960-963).
Nir Kshetri wrote about the landscape of cyber-crimes originating from China. Kshetri
focuses on the “typology of cybercrimes in China”, domestic and “international dimensions of
cybercrime” in China, and implications for these findings (Kshetri 43-63). Through Kshetri’s
research, he determined that while attacks “originating from China arguably have caused
substantial economic damage to the Western economies”, cyber-crimes within the country
itself have created a slew domestic issues as well (Kshetri 63). Professional hacking
organizations have begun emerging within the country, which has provided a false sense of
“legitimacy to such attacks”, and a sense of patriotism has begun to arise from these attacks
too (Kshetri 63). However, given the current strained political relationship between the U.S. and
China (due to the NSA leaks and the Chinese People’s Liberation Army indictments) extraditing
citizens to the U.S. is “next to impossible” (Kshetri 63). The increasing number of cyber-attacks
supposedly initiating from China are having a dramatic hand in “shaping [U.S.] institutions” and
risk assessment (Kshetri 63). As a result, more “collaborations co-operations and partnerships”
15. Creamer 15
are being formed to “enhance cyber-security measures” globally (Kshetri 63). One key take
away Kshetri mentions is that the domestic views within China are “more supportive and less
hostile to cybercrimes” when compared to Western countries (Kshetri 64).
Author Jon Lindsay discusses four areas of debate regarding China and cybersecurity
(Lindsay 9). These areas of debate include “political, espionage, military, and institutional cyber
threats” (Lindsay 9). Lindsay concludes that in each of these areas of debate, the “threat from
China is exaggerated” while on the other hand, the “threat to China is underappreciated”
(Lindsay 44). As a result of placing “political information control” as a higher priority above
“technical cyber defense”, China has actually weakened its ability to protect itself from “foreign
infiltration” (Lindsay 44). Lindsay argues that China actually stands to benefit from “institutional
reform” and “multistakeholder governance” (Lindsay 44). Ultimately, Lindsay believes that the
small cyber-disputes are the “price of doing business” on the internet, and that both nations
are better off now then they ever would be without it (Lindsay 45). Lindsay’s main concern’s
however stem from misperceptions above the others intentions (Lindsay 46). In order to
minimize the impact of this friction, Lindsay recommends that the U.S. and China “discuss the
interaction of cybersecurity and traditional military force in depth and take steps to limit
misunderstandings about the other’s intentions” (Lindsay 47). Lindsay believes that “the
emergence of complex cyber threats” could potentially lead to a “positive development… in
global security” (Lindsay 47).
The lessons from these scholars are directly applicable to the cyber-security dilemma.
Cavelty’s important take aways as they related the U.S. and China are that we should be
focusing on closing the vulnerabilities in cyber-space and privacy rights for individuals to make
our nations more secure. Establishing cyber-space borders should not be part of the plan to do
it. By focusing on the aspects of cyber-security that can be controled, as opposed to focusing
on those responsible, we can more effectively protect our human security, businesses, and
critical infrastructure. Lee’s main take away is that the U.S. should continue to develop
international norms with China and create bi-/multilateral agreements to hold each other
16. Creamer 16
responsible for our actions, which will limit our ability and reason for a cyber-arms race.
According to Kshetri’s research, the U.S. should seek out more collaborative partnerships with
China to build up cyber-security measures. Kshetri importantly notes that each countries
domestic views are different regarding cyber-crime, and must be taken into consideration. Jon
Lindsay reiterates previous security dilemma scholars and holds that one major issue
contributing to cyber-security problems is that we often misinterpret each others intentions.
This holds true for this new cyber-arms race. All the above are lessons we should be taking
into consideration when we discuss cyber-security between the U.S. and China.
Part IV: Research Design
Given this current body of knowledge, I argue that the United States and China will
continue to have this ‘cold-war-esque’ standoff, the cyber-security dilemma, as long as the two
nations continue to probe, intrude and disrupt each others computer networks and systems,
even if the outcomes of these events do not have a direct and immediate impact to the national
security of either country. In order to examine this relationship, a qualitative case study case
been conducted below in which nine dyadic incidents between the U.S. and China are the case
subjects. These nine incidents will examined by utilizing the criteria outlined by Valeriano and
Maness in their codebook for for the Dyadic Cyber Incident and Dispute Data, Version 1.5
(Valeriano and Maness “Dynamics of Cyber Conflict"). These criteria include the method of
interaction/incident, type of interaction, type of target, objective for initiator, specific political
objective and it’s success, government issued statements, severity, and damage type. These
criteria are selected for analysis overall because they can contribute to the overall perception of
fallout due to a cyber-attack.
These nine examples include the (1) Wen Jiabao retaliation, (2) Anthem breach, (3)
Github.com attack, (4) Primera Blue Cross breach, (5) New Zealand Chinese MFA hack, (6)
PennState hack, (7) Register.com attack, (8) Ocean Lotus, and (9) the U.S. Office of Personnel
Management hack. These nine cases were specifically selected from the dataset because they
17. Creamer 17
are all attacks on or by U.S. or Chinese state assets. This qualitative analysis is organized into
sections according to each cyber-incident. Within each section contains a breakdown of
criteria mentioned above, and includes an a brief analysis of the various hypothesis listed
below based on the reaction of the target nation. Following these findings will include
summarization of what they mean for the U.S. and Chinese policy makers, predictions based
on current data, and determination on whether or not the buildup of cyber-armies is a justified
reaction.
In accordance with the existing literature, and this papers main argument, two
hypotheses are listed below:
1. Due to security dilemma dynamics, cyber-attacks will lead to government foreign
policy responses of escalation.
2. Due to security dilemma dynamics, cyber-attacks resulting in any type of damage will
lead to government foreign policy responses of escalation.
These two hypotheses were created based on the existing literature, previous theories and the
current media attention and associated response regarding cyber-attacks. There was not
enough data to conduct a larger qualitative analysis. However, the analysis of these
hypotheses are still insightful for policy makers none-the-less.
Part V: Qualitative Analysis and Dataset
Based on the qualitative analysis, the resulting data produced (see Table 1.1) and follow
up research, there have been limited responses from the governments of China and the United
States post-cyber-attack. Out of the nine case studies, eight of them do not show significant
signs of escalation as a result of a cyber-attack. One of them shows some signs of escalation,
but not enough to contribute to the security dilemma. In both the Wen Jiabao Retaliation
incident and the Github.com attack, the interaction type was classified as a
‘nuisance’ (Creamer, Maness and Valeriano). In the other seven incidents the interaction type
were classified as ‘offensive strikes’ (Creamer, Maness and Valeriano). The method of attack
18. Creamer 18
stayed consistent among seven of the incidents, classified as ‘intrusion’ (Creamer, Maness and
Valeriano). The other two incidents, Github.com and Ocean Lotus, were classified as ‘denial of
service’ and ‘infiltration’ respectfully (Creamer, Maness and Valeriano). Out of the nine
incidents, only the Ocean Lotus incident used an ‘advanced persistent threat’ process
(Creamer, Maness and Valeriano). Five of the nine cyber-incidents occurred on target types
classified as ‘private/non-state actors’, opposed to the four against ‘government non-military’
targets (Creamer, Maness and Valeriano).
Seven out of nine attacks were launched by the China, leaving U.S. responsible for
launching two of them (Creamer, Maness and Valeriano). In two of the attacks the initiators’
objective was ‘disruption’ and the other seven attacks the initiators’ objective was ‘theft/
espionage’ (Creamer, Maness and Valeriano). Only four of the attacks had a clear political
objective (Creamer, Maness and Valeriano). This included the retaliation for the Wen Jiabao
NYTimes article, limiting the ability to circumvent the Great Firewall in China to limit free
speech, curbing China’s expansion into territorial waters, and several plausible explanations for
the OPM hack (Creamer, Maness and Valeriano). The only attack that had political objective
success was the Github.com attack, but it was only temporary (Creamer, Maness and
Valeriano). In the majority of attacks, the initiating state issued a statement of denial five of the
nine times (Creamer, Maness and Valeriano).
The severity of the nine attacks varies widely. In the Register.com attack, the incident
only amounted to the low end of the scale with ‘probing without kinetic cyber’ (Creamer,
Maness and Valeriano). Two of the attacks were rated ‘harassment, propaganda, nuisance
disruption’, with a potential third that bordered on ‘stealing targeted critical
information’ (Creamer, Maness and Valeriano). Four others were classified as ‘stealing targeted
critical information’ (Creamer, Maness and Valeriano). The most severe incident was the OPM
breach which was classified as ‘widespread government, economic, military or critical private
sector theft of information’ (Creamer, Maness and Valeriano). In the same two incidents
whether the objective was ‘disruption’, the damage type was ‘direct and immediate’ (Creamer,
19. Creamer 19
Maness and Valeriano). The other seven incidents all have damage types classified as ‘indirect
and delayed’ (Creamer, Maness and Valeriano).
Table 1.1
In four of the nine cases, there appeared to be no meaningful response by the attacked
state, and no evidence of escalation. This was the case regarding the Wen Jiabao incident as
there does not seem to be an official U.S. government response published regarding the attack
against the New York Times. In the New Zealand Chinese MFA Hack, there was no support for
either hypotheses, as the only response on record was that of the Chinese Foreign Ministry
stating that they were “seriously concerned” with the information revealed. However, there is
no direct link between this incident and a direct escalation. The PennState hack did not
provoke any major response by the United States, the President, Congress, or any other
government agency that would support the claims regarding escalation. Lastly, the
Register.com hack would also show no response by United States officials that would support
the claim of either hypothesis.
20. Creamer 20
In another four of the cases, there was a meaningful response by the victim state.
However, these responses would not turn into escalation. The LA Times reported that Anthem
officials were to meet with the Congressional committee involving cybersecurity to discuss the
breach and the steps moving forward (Terhune). Both federal and state inquiries have been
launched regarding this attack (Terhune). Additionally, the White House has pressured
Congress to take action to protect consumers with new legislation (Dorning). These federal and
state actions do not provide evidence to support for these hypotheses, as there has been no
public documentation of escalation. U.S. President Barak Obama issued an executive order
"blocking the property of certain persons engaging in significant malicious cyber-enabled
activities” in response to the Github.com DDoS attack (Obama: Fernholz). Given the attack’s
severity and damage type, this response by the U.S. favors the two hypotheses ever so slightly.
This could appear to be a slight escalation as the blocking of properties could be seen as an
aggressive move.
After the Premera Blue Cross breach, both Democratic and Republican representatives,
including the chairman of the Committee on Homeland Security, issued statements that United
States needs to crack down on these incidents and form new legislation to address them
(Bennett: McCaul). These statements do not show support for the aforementioned hypotheses
as there is no direct escalation against China in this case. After the Ocean Lotus incident, the
Chinese Foreign Ministry stated that this attack “proves once again that China is the victim of
hacker attacks” (Foreign). Additionally, Chinese government stated that “it is ready to work with
the international community to step up cyber security cooperation based on mutual respect
and mutual trust, lay down a code of conduct for countries in the cyber space, fight against
cyber attacks and build a cyber space featuring peace, security, openness and
cooperation” (Foreign). This response alone is not enough to provide sufficient evidence of any
direct actions of escalation.
In only one of the nine cases, did any evidence show an escalation response. After the
Office of Personnel Management hack, the Obama administration stated that they have
21. Creamer 21
decided that retaliation is required against China for the breach (Sanger). It is still unclear as to
what type of response will be made or when a response will come (Sanger). Until this
statement, the U.S. had decided against publicly or officially blaming China for the attack, for
fear of increased tensions and cyber-conflict (Nakashima, Ellen). Furthermore, reports indicate
that the U.S. Central Intelligence Agency has considered pulling its assets out of China for the
attack has almost certainly compromised their identities (Stone). President Obama also ordered
the development of a new supercomputer to dwarf that of the world’s fastest supercomputer,
the Milky Way-2 in Guangzhou, China (Neuman). These actions taken together appear to be in
direct response to the OPM hack, and given the attack’s severity and damage type, these
responses can be considered to escalations. However, it does not mean that the U.S. will hack
the Chinese government with a more severe incident. It only means that actions will be taking
moving forward. As such, they do not directly escalate the security dilemma as the hypotheses
suggest.
Part VI: Implications for Policy Makers
With the political fallout of the Office of Personnel Management still unfolding, and the
certainty of more cyber-attacks to follow, it is imperative to extract information from these case
studies and get to the heart of the issue; based on the impact of these cyber-attacks, is the
response in accordance with the security dilemma? According to this research, there is no
security dilemma unfolding. There is very limited responses on behalf of both countries post-
cyber-attack. It does not appear that escalation is occurring the same way that the security
dilemma would predict that we do. The rhetoric being used to discuss the cyber-attacks in the
media is not justified, and is exacerbating the hawkish foreign policy experts. Based on the
existing scholarly literature and the qualitative research for this paper, the most important
implications for policy makers are as follows:
1. The cyber-security dilemma does not exist, but the media makes it appear as such. Policy
makers must acknowledge this. We cannot over-react to incidents where there is not a
22. Creamer 22
immediate danger to our national security. Just because sensitive information or systems
are compromised does not mean that escalation is an appropriate response.
2. The inherent insecurity of the Internet makes it difficult to defend and deter, and easy to
attack without retribution. This is the largest flaw contributing to the arms-race. We should
focus on closing the vulnerabilities in cyber-space that we can control, instead of focusing
on establishing cyber-space borders. Additionally, we should focus on privacy rights for
individuals and making human security a priority. Doing so will help protect businesses and
critical infrastructure.
3. When cyber-security dilemma issues arise, policy makers must make decisions using
“security dilemma sensibility” and take perspective on their own actions before following
through. Focus on the immediate dangers of the cyber-crisis at hand. Doing so will
deescalate the situation, allow for further communication and discussion, and will prevent
aggressive moves that will cause escalation.
4. Acknowledge that our spending increases will correlate with their spending increases, and
this cycle will continue. If policy makers continue to push for a larger budget for cyber-
armies, other actors will too. We must stop presuming the motives of others, which is
common regarding spending. Instead, we must engage in open and calm dialog to
discuss interests and concerns. This will allow states to openly air out their concerns and
proceed in meaningful diplomatic relations.
5. Cooperation is the key to success. Engaging in bi- and multi-lateral agreements helps
create international norms for countries to abide by. These can be used to hold countries
accountable, but also ensure that everyone gets a fair chance at input. If the cyber-security
dilemma and cyber-arms race are not treated with cooperation and perspective taking, it
will continue to grow and become a larger problem.
23. Creamer 23
Part VII: Conclusions
According to this qualitative research, we can conclude that there is not sufficient
evidence to support the claim that the cyber-security dilemma exists. However, we cannot
confidently state that this is the only theory explaining the cyber-arms race given the limited
number of cases in the study. Eight of the nine case studies showed no support for the
hypotheses, and one showed little support. Only one case involved an Advanced Persistent
Threat, and only four had possible specific political objectives. Out of those four cases, only
one had limited, temporary success. Of all nine cases, the highest level of severity reached was
‘widespread government, economic, military or critical private sector theft of information’.
Based on the impact of these cyber-attacks alone, the lack of an escalation response on behalf
of both countries is warranted. The hawkish foreign policy experts and the media appear to
have more of an over-reaction. Recommendations to policy makers have been made based
solely on existing literature and the outcomes of these nine case studies. These findings are
not conclusive and should be taken into consideration with caution. The case studies that
these conclusions are based off lack sufficient data to draw significance from them. However,
this case study lays the foundation for future scholars to create comparative case studies on
these cyber-attacks. This research was constrained by time restrictions and the availability of
data, which significantly hindered the proper data collection process. If this research were to
be conducted over a multi-year period, it would have more resources allocated into identifying
the missing pieces of data required to make significant claims. Should more evidence suggest
that the implications for decision makers listed are appropriate, they should be incorporated
into the U.S. and Chinese national security strategies. This paper intends to urge scholars to
continue research based on this analysis; with these cyber-attacks occurring more frequently
and more drastically, this topic will surely be salient for decades to come. It is in the best
interest of the international community to continue on with this work.
28. Creamer 28
Works Cited
Akamai's "State of the Internet", Q4 2014. Rep. Akamai Technologies, 29 Jan. 2015. Web. 21
June 2015. <http://www.akamai.com/html/about/press/releases/2015/
press-012915.html>.
"APT OceanLotus (APT-C-00)." Skyeye.360safe.com. SkyEye, May 2015. Web. 03 Aug. 2015.
<https://skyeye.360safe.com/>.
Bennett, Corey. "Senate Dem 'seriously Concerned' by Premera Breach." TheHill.com. Capital
Hill Publishing Corp., 31 Mar. 2015. Web. 03 Aug. 2015. <http://thehill.com/policy/
cybersecurity/237495-senate-dem-still-seriously-concerned-by-premera-breach>.
Buddington, Bill. "China Uses Unencrypted Websites to Hijack Browsers in GitHub Attack."
EFF.org. Electronic Frontier Foundation, 01 Apr. 2015. Web. 03 Aug. 2015. <https://
www.eff.org/deeplinks/2015/04/china-uses-unencrypted-websites-to-hijack-
browsers-in-github-attack>.
Cavelty, Myriam Dunn. "Breaking the Cyber-Security Dilemma: Aligning Security Needs and
Removing Vulnerabilities." Sci Eng Ethics Science and Engineering Ethics 20.3 (2014):
701-15. SpringerLink. Web. 11 June 2015.
Creamer, James, III, Ryan Maness, and Brandon Valeriano. Dyadic Cyber Incident and Dispute
Data. 6 Aug. 2015. Raw data. Northeastern University, Boston, MA.
Chon, Gina, Hannah Kuchler, and Kara Scannell. "FBI Probes Possible China Military
Involvement in Cyber Attack - FT.com." FT.com. The Financial Times LTD., 18 Mar.
2015. Web. 03 Aug. 2015. <http://www.ft.com/cms/s/0/ab5d5736-cd24-11e4-
b5a5-00144feab7de.html>.
Correa, Danielle. "US Agencies Join Brits in Cyberwar Games." SCMagazineUK.com.
Haymarket Media, Inc., 06 July 2015. Web. 09 July 2015. <http://
www.scmagazineuk.com/us-agencies-join-brits-in-cyber-war-games/article/424710>.
Daniel, Michael. "What You Need to Know About President Obama's New Steps on
Cybersecurity." Whitehouse.gov. The White House, 14 Jan. 2015. Web. 21 June 2015.
29. Creamer 29
<https://www.whitehouse.gov/blog/2015/01/14/what-you-need-know-about-
president-obama-s-new-steps-cybersecurity>.
Dorning, Mike. "White House Urges Fast Action on Data Breaches After Anthem Hack."
Bloomberg.com. Bloomberg, 5 Feb. 2015. Web. 03 Aug. 2015. <http://
www.bloomberg.com/news/articles/2015-02-05/white-house-urges-fast-action-on-
data-breaches-after-anthem-hack>.
Douglas, Jason. "In the Eyes of Others: Ballistic Missile Defense and the Sino—US Security
Dilemma." Irish Studies in International Affairs 23.1 (2012): 125-41. Web. <https://
www.academia.edu/2309172/
In_The_Eyes_of_Others_Ballistic_Missile_Defence_and_the_Sino-
US_Security_Dilemma>.
Elcano Global Presence Report 2015. Rep. Real Instituto Elcano, 2015. Web. 21 June 2015.
<http://www.globalpresence.realinstitutoelcano.org/en/data/
Global_Presence_2015.pdf>.
Fernholz, Tim. "A Fed-up Obama Has Declared a “national Emergency” for Cyberattacks in the
US." Qz.com. Quartz, 1 Apr. 2015. Web. 03 Aug. 2015. <http://qz.com/374452/a-fed-
up-obama-has-declared-a-state-of-emergency-for-cyberattacks-in-the-us/>.
Finkle, Jim. "Premera Blue Cross Hacked, Medical Information Of 11 Million Customers
Exposed." TheHuffingtonPost.com. The Huffington Post, 17 Mar. 2015. Web. 03 Aug.
2015. <http://www.huffingtonpost.com/2015/03/17/premera-blue-cross-
cybera_n_6890194.html>.
Fisher, David. "Leaked Papers Reveal NZ Plan to Spy on China for US - National - NZ Herald
News." Nzherald.com. The New Zealand Herald, 19 Apr. 2015. Web. 03 Aug. 2015.
<http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11434886>.Gertz,
Bill. "China Sharply Boosts Cyber Warfare Funding." Freebeacon.com. The
Washington Free Beacon, 1 Apr. 2015. Web. 09 July 2015. <http://freebeacon.com/
national-security/china-sharply-boosts-cyber-warfare-funding/>.
30. Creamer 30
"Foreign Ministry Spokesperson Hua Chunying's Regular Press Conference." Fmprc.gov.cn.
Ministry of Foreign Affairs of the People's Republic of China, 2 June 2015. Web. 03
Aug. 2015. <http://www.fmprc.gov.cn/mfa_eng/xwfw_665399/s2510_665401/
t1269493.shtml>.
Gewirtz, David. "Why the next World War Will Be a Cyberwar First, and a Shooting War
Second." ZDNet.com. CBS Interactive Inc., 22 June 2015. Web. 09 July 2015. <http://
www.zdnet.com/article/the-next-world-war-will-be-a-cyberwar-first-and-a-shooting-
war-a-distant-second/>.
Glaser, Charles. "Will China's Rise Lead to War? Why Realism Does Not Mean Pessimism."
Foreign Affairs March-April 2011: 80. Academic OneFile. Web. 11 June 2015. <http://
go.galegroup.com.ezproxy.neu.edu/ps/i.do?id=GALE|
A254244918&v=2.1&u=mlin_b_northest&it=r&p=AONE&sw=w&asid=5112aaf81f4045
2be72a7474a46e70c5>.
Goldstein, Avery. "First Things First: The Pressing Danger of Crisis Instability in U.S.-China
Relations." International Security 37.4 (2013): 49-89. MIT Press Journals. Web. 11
June 2015.
Jervis, Robert. “Cooperation Under the Security Dilemma,” World Politics, Vol. 30, No. 2
(January 1978), p. 194
Kshetri, Nir. "Cybercrime and Cyber-security Issues Associated with China: Some Economic
and Institutional Considerations." Electronic Commerce Research 13.1 (2013): 41-69.
SpringerLink. Web. 11 June 2015.
Lee, Jason. "Chinese Military Denies Role in Reported U.S. Hacking." Reuters.com. Thomson
Reuters, 20 Mar. 2015. Web. 03 Aug. 2015. <http://www.reuters.com/article/
2015/03/20/us-china-usa-cybersecurity-idUSKBN0MG0TT20150320>.
Lee, Jyh-An. "The Red Storm In Uncharted Waters: China and International Cyber Security."
University of Missouri-Kansas City Law Review 82.4 (2014): n. pag. Social Science
Research Network. Web. 11 June 2015.
31. Creamer 31
Lemos, Robert. "Anthem Breach Evidence Points to China, Security Researchers Say."
Eweek.com. Quinstreet Enterprise, 28 Feb. 2015. Web. 03 Aug. 2015. <http://
www.eweek.com/security/anthem-breach-evidence-points-to-china-security-
researchers-say.html>.
Levine, Mike. "China Is 'Leading Suspect' in Massive Hack of US Government Networks."
ABC.com. ABC News Network, 25 June 2015. Web. 03 Aug. 2015. <http://
abcnews.go.com/US/china-leading-suspect-massive-hack-us-government-networks/
story?id=32036222>.
Levine, Mike, and Jack Date. "22 Million Affected by OPM Hack, Officials Say." ABC.com. ABC
News Network, 9 July 2015. Web. 03 Aug. 2015. <http://abcnews.go.com/US/
exclusive-25-million-affected-opm-hack-sources/story?id=32332731>.
Li, Ling, Ruixing Huang, and Dewei Wang. "Military Expenditure and Security Dilemma in
China." Industrial Engineering and Manufacturing Technology: Proceedings of the
2014 International Conference on Industrial Engineering and Manufacturing
Technology. 1st ed. Vol. 4. London, UK: CRC, 2015. 153-56. Print.
Liff, Adam P., and G. John Ikenberry. "Racing toward Tragedy?: China's Rise, Military
Competition in the Asia Pacific, and the Security Dilemma." International Security 39.2
(2014): 52-91. MIT Press Journals. Web. 11 June 2015.
Lindsay, Jon R. "The Impact of China on Cybersecurity: Fiction and Friction." International
Security 39.3 (2015): 7-47. Project Muse Standard Collection. Web. 11 June 2015.
Mathews, Anna. "Anthem: Hacked Database Included 78.8 Million People." <i>WSJ.com</i>.
Wall Street Journal, 24 Feb. 2015. Web. 03 Aug. 2015. <http://www.wsj.com/articles/
anthem-hacked-database-included-78-8-million-people-1424807364>.
Mathews, Anna, and Danny Yadron. "Premera Blue Cross Says Cyberattack Could Affect 11
Million Members." WSJ.com. Wall Street Journal, 17 Mar. 2015. Web. 03 Aug. 2015.
<http://www.wsj.com/articles/premera-blue-cross-says-cyberattack-could-affect-11-
million-members-1426627752>.
32. Creamer 32
McCaul, Michael. "McCaul Statement on Premera Blue Cross Cyber Attack."
Homeland.house.gov. Committee on Homeland Security, 18 Mar. 2015. Web. 03 Aug.
2015. <http://homeland.house.gov/press-release/mccaul-statement-premera-blue-
cross-cyber-attack>.
Nakashima, Ellen. "Hacks of OPM Databases Compromised 22.1 Million People, Federal
Authorities Say." WashingtonPost.com. The Washington Post, 9 July 2015. Web. 03
Aug. 2015. <http://www.washingtonpost.com/blogs/federal-eye/wp/2015/07/09/
hack-of-security-clearance-system-affected-21-5-million-people-federal-authorities-
say/>.
Nakashima, Ellen. "U.S. Decides against Publicly Blaming China for Data Hack."
WashingtonPost.com. The Washington Post, 21 July 2015. Web. 03 Aug. 2015.
<https://www.washingtonpost.com/world/national-security/us-avoids-blaming-china-
in-data-theft-seen-as-fair-game-in-espionage/
2015/07/21/03779096-2eee-11e5-8353-1215475949f4_story.html>.
Neuman, Scott. "Obama Orders Development Of Supercomputer To Rival China's 'Milky Way'"
NPR.com. National Public Radio, 30 July 2015. Web. 03 Aug. 2015. <http://
www.npr.org/sections/thetwo-way/2015/07/30/427727355/obama-orders-
development-of-supercomputer-to-rival-chinas-milky-way?
utm_source=facebook.com&utm_medium=social&utm_campaign=npr&utm_term=npr
news&utm_content=20150730>.
Obama, Barak. "Executive Order -- "Blocking the Property of Certain Persons Engaging in
Significant Malicious Cyber-Enabled Activities"" Whitehouse.gov. The White House,
01 Apr. 2015. Web. 03 Aug. 2015. <https://www.whitehouse.gov/the-press-office/
2015/04/01/executive-order-blocking-property-certain-persons-engaging-significant-
m>.
33. Creamer 33
Pagliery, Jose. "OPM Hack's Unprecedented Haul: 1.1 Million Fingerprints." CNN.com. Cable
News Network, 10 July 2015. Web. 03 Aug. 2015. <http://money.cnn.com/
2015/07/10/technology/opm-hack-fingerprints/>.
Penn, Megan. "NATO and the Cybersecurity Dilemma." FreedomObservatory.org. Freedom
Observatory, 27 Oct. 2014. Web. 09 July 2015. <http://www.freedomobservatory.org/
nato-and-the-cybersecurity-dilemma/>.
"Premera Blue Cross Breach Exposes Financial, Medical Records." Krebsonsecurity.com.
Krebs on Security, 17 Mar. 2015. Web. 03 Aug. 2015. <http://krebsonsecurity.com/
2015/03/premera-blue-cross-breach-exposes-financial-medical-records/>.
Ragan, Steve. "Anthem Confirms Data Breach, but Full Extent Remains Unknown."
<i>CSOOnline.com</i>. CXO Media, Inc., 4 Feb. 2015. Web. 03 Aug. 2015. <http://
www.csoonline.com/article/2880352/disaster-recovery/anthem-confirms-data-
breach-but-full-extent-remains-unknown.html>.
Sanders, James. "Chinese Government Linked to Largest DDoS Attack in GitHub History."
TechRepublic.com. CBS Interactive Inc., 03 Apr. 2015. Web. 03 Aug. 2015. <http://
www.techrepublic.com/article/chinese-government-linked-to-largest-ddos-attack-in-
github-history/>.
Sanger, David E. "U.S. Decides to Retaliate Against China’s Hacking." NYTimes.com. The New
York Times, 31 July 2015. Web. 03 Aug. 2015. <http://www.nytimes.com/2015/08/01/
world/asia/us-decides-to-retaliate-against-chinas-hacking.html>.
Saunders, Phillip C. "The Rebalance to Asia: U.S.-China Relations and Regional Security."
Strategic Forum (2013): n. pag. Questa.com. Gale, Cengage Learning, Aug. 2013.
Web. 23 June 2015. <https://www.questia.com/read/1G1-354248510/the-rebalance-
to-asia-u-s-china-relations-and-regional>.
Scobell, Andrew. "Learning to Rise Peacefully? China and the Security Dilemma." Journal of
Contemporary China 21.76 (2012): 713-21. Scholar OneSearch. Web. 11 June 2015.
34. Creamer 34
Segal, Adam. "OceanLotus: China Hits Back With Its Own Cybersecurity Report." CFR.org.
Council on Foreign Relations, 03 June 2015. Web. 03 Aug. 2015. <http://blogs.cfr.org/
cyber/2015/06/03/oceanlotus-china-fights-back-with-its-own-cybersecurity-report/>.
Shalal, Andrea, and Alina Selyukh. "Obama Seeks $14 Billion to Boost U..S Cybersecurity
Defenses." Reuters.com. Thomas Reuters, 2 Feb. 2015. Web. 9 July 2015. <http%3A
%2F%2Fwww.reuters.com%2Farticle%2F2015%2F02%2F02%2Fus-usa-budget-
cybersecurity-idUSKBN0L61WQ20150202>.
Snyder, Christopher. "Iran and Saudi Arabia Edge towards Cyber War, Study Says."
FoxNews.com. Fox News Network, LLC., 29 June 2015. Web. 09 July 2015. <http://
www.foxnews.com/tech/2015/06/29/iran-and-saudi-arabia-edge-towards-cyber-war-
study-says/>.
Sternstein, Aliya, and Jack Moore. "Timeline: What We Know About the OPM Breach
(UPDATED)." Nextgov.com. National Journal Group, Inc., 17 June 2015. Web. 03 Aug.
2015. <http://www.nextgov.com/cybersecurity/2015/06/timeline-what-we-know-
about-opm-breach/115603/>.
Stone, Jeff. "CIA Mulls Pulling US Spies Out Of China After Massive OPM Hack Likely
Compromised American Identities: Report." IBTimes.com. International Business
Times, 26 July 2015. Web. 03 Aug. 2015. <http://www.ibtimes.com/cia-mulls-pulling-
us-spies-out-china-after-massive-opm-hack-likely-compromised-2024894>.
Tai, Michael. "International Security." US-China Relations in the Twenty-first Century: A
Question of Trust. Abingdon, OX: Routledge, 2015. 137-44. Print.
Terhune, Chad. "Federal, State Officials Launch Inquiries into Anthem Data Breach."
Latimes.com. Los Angeles Times, 6 Feb. 2015. Web. 03 Aug. 2015. <http://
www.latimes.com/business/la-fi-anthem-hack-20150206-story.html>.
Valeriano, Brandon, and Ryan C. Maness. Cyber War versus Cyber Realities: Cyber Conflict in
the International System. New York: Oxford U, 2015. Print.
35. Creamer 35
Valeriano, Brandon, and Ryan C. Maness. "The Dynamics of Cyber Conflict between Rival
Antagonists, 2001-11." Journal of Peace Research 51.3 (2014): 347-60. Web. 13 Aug.
2015.
Viebeck, Elise. "Penn State Discloses Major Cyberattack by China." TheHill.com. Capital Hill
Publishing Corp., 15 May 2015. Web. 03 Aug. 2015. <http://thehill.com/policy/
cybersecurity/242230-penn-state-discloses-major-cyberattack-by-china>.
Vinton, Kate. "Penn State College Of Engineering Network Disabled Following Two "Incredibly
Serious" Cyber Attacks." Forbes.com. Forbes Magazine, 15 May 2015. Web. 03 Aug.
2015. <http://www.forbes.com/sites/katevinton/2015/05/15/penn-state-college-of-
engineering-network-disabled-following-two-incredibly-serious-cyber-attacks/>.
Wheeler, Carolynne. "New York Times Cyber Attacked by Chinese Hackers for Four Months
after Wen Jiabao Investigation." Telegraph.com. Telegraph Media Group, 31 Jan.
2013. Web. 03 Aug. 2015. <http://www.telegraph.co.uk/news/9840125/New-York-
Times-cyber-attacked-by-Chinese-hackers-for-four-months-after-Wen-Jiabao-
investigation.html>.