The document discusses the United States' current cyber strategy and whether it supports offensive cyber operations. It analyzes several scholarly articles on cyber warfare doctrine and strategy. While the articles provide examples of states conducting offensive cyber attacks, the document's hypothesis is that the US cyber strategy focuses on defense and does not explicitly support offensive computer network attacks to achieve national security objectives. The purpose is to examine US cyber strategy and determine if it should incorporate offensive operations to help achieve national goals.
As the Trump administration has provided a limited framework on cybersecurity issues, opportunities still exist for companies to involve themselves in the formation of this agenda. Companies looking to influence the cyber policy debate should reach out to the administration and influential parties early to participate in this rapidly changing conversation.
Brunswick’s cybersecurity experts provide insight into who the prominent policy influencers are and the likely cyber issues confronting the Trump administration.
Contact our Washington DC office for more information: http://www.brunswickgroup.com/contact-us/washington-dc/
As the Trump administration has provided a limited framework on cybersecurity issues, opportunities still exist for companies to involve themselves in the formation of this agenda. Companies looking to influence the cyber policy debate should reach out to the administration and influential parties early to participate in this rapidly changing conversation.
Brunswick’s cybersecurity experts provide insight into who the prominent policy influencers are and the likely cyber issues confronting the Trump administration.
Contact our Washington DC office for more information: http://www.brunswickgroup.com/contact-us/washington-dc/
Is 2014 the year for Cyber Militias ?
Examination of the Congressional mandate for the Pentagon to address the use of cyber militias in responding to cyber warfare. Is a network breach and act of war?
Cybersecurity
Description: Protecting against damage to, unauthorized use of, and/or malicious exploitation of (and, if needed, the restoration of) electronic communications systems and services (and the information contained therein).
Cybersecurity activities ensure the security, reliability, integrity, and availability of critical information, records, and communications systems and services through collaborative cybersecurity initiatives and efforts. These activities also include procedures to detect malicious activity and to conduct technical and investigative-based countermeasures, mitigation activities, and operations against malicious actors to counter existing and emerging cyber-based threats, consistent with established protocols.
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
This presentation will analyze the Information Warfare scenarios, technical and legal backgrounds, highlighting as well the importance of the terminologies and bringing to the audience real-life examples and known incidents. The last part of the talk will focus on two theorical case studies and on one, very special, theorical case study.
TOTEM: Threat Observation, Tracking, and Evaluation ModelJohn Gerber
Merriam-Webster defines a totem as any supposed entity that watches over or assists a group of people, such as a family, clan, or tribe. In this presentation I will focus on how TOTEM assists in watching over and evaluating the threat an IP represents. The idea behind TOTEM is simple: compare threat information from sources such as watchlists (DShield, Emerging Threats, SenderBase, etc.) to activities with the organization (IDS/IPS, flow logs, etc.) and other locations (SANS ISC, DOE federated model, etc.). As new threat information and activity sources are added, a better evaluation can be rendered.
Is 2014 the year for Cyber Militias ?
Examination of the Congressional mandate for the Pentagon to address the use of cyber militias in responding to cyber warfare. Is a network breach and act of war?
Cybersecurity
Description: Protecting against damage to, unauthorized use of, and/or malicious exploitation of (and, if needed, the restoration of) electronic communications systems and services (and the information contained therein).
Cybersecurity activities ensure the security, reliability, integrity, and availability of critical information, records, and communications systems and services through collaborative cybersecurity initiatives and efforts. These activities also include procedures to detect malicious activity and to conduct technical and investigative-based countermeasures, mitigation activities, and operations against malicious actors to counter existing and emerging cyber-based threats, consistent with established protocols.
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
This presentation will analyze the Information Warfare scenarios, technical and legal backgrounds, highlighting as well the importance of the terminologies and bringing to the audience real-life examples and known incidents. The last part of the talk will focus on two theorical case studies and on one, very special, theorical case study.
TOTEM: Threat Observation, Tracking, and Evaluation ModelJohn Gerber
Merriam-Webster defines a totem as any supposed entity that watches over or assists a group of people, such as a family, clan, or tribe. In this presentation I will focus on how TOTEM assists in watching over and evaluating the threat an IP represents. The idea behind TOTEM is simple: compare threat information from sources such as watchlists (DShield, Emerging Threats, SenderBase, etc.) to activities with the organization (IDS/IPS, flow logs, etc.) and other locations (SANS ISC, DOE federated model, etc.). As new threat information and activity sources are added, a better evaluation can be rendered.
Программа контроля качества переговоров по телефону (колл-центр, клиентская и агентская поддержка, продажи, развитие сети, др.).
Стандарты / критерии оценки качества телефонного обслуживания.
Система оценки телефонных переговоров на соответствие установленным стандартам качества.
#shestopalova #шестопалова #service #quality
1Running head CYBERWARCYBER WAR9Outstanding title.docxfelicidaddinwoodie
1
Running head: CYBERWAR
CYBER WAR
9
Outstanding title page formatting
Cyber War
Name
University
Professor
04/28/2018
Introduction Cyber War
Cyber warfare refers to a computer or network-based conflict that disrupts the activities of a state or
organization by deliberate attacking critical infrastructures. Cyber attacks can also be described as an attack by hostile groups such as terrorist or hacker groups aimed, at furthering the goals of a given nation. To have a better understanding, cyber warfare can take different forms such as; viruses that can take down water supplies, military systems, transportation systems, hacking and theft of critical data from government and private institutions. This paper will focus on assessing various mechanism applied in different articles to counter cybersecurity and protect critical infrastructure. Further, by analyzing the results and experience in Xia, Becerra-Fernandez, Gudi, & Rocha-Mier (2011), the essay will also show how
the findings can be utilized in real life scenario.
1. What do the articles have in common?
According to Clemente (2011), the advancement of interconnection between different infrastructures sectors has boosted by the escalation of cyberspace. The author points out that the security
implications are inevitable especially in this era of cyberspace and infrastructure. The main idea in the article involves around the definition of ‘critical’ infrastructure to enable effective prioritization and protection of nodes and connection points. FEMA (2013
), points out that the United States well being relies upon secure critical infrastructure that forms American society. According to Saadawi, & Jordan
, (2011), there is need to establish an international cyber union that will help overcome cybersecurity challenges in securing cyberinfrastructure. This article considers the practical considerations that are associated with EINSTEIN 3 and how this can be used to ensure effective protection of critical infrastructure networks. Having evaluated the main argument of these articles, they all share the aspect of understanding cybersecurity and different ways ensuring infrastructure protection.
2. What are the differences in their assessment of cybersecurity and critical infrastructure protection?
The above articles portray some distinction in their evaluation of cyber war and protection of vital infrastructure. The first article by Clemente (2011), tries to examine how cybersecurity challenges can be overcome by understanding various components in society. The article offers more theoretical approaches to counterattack cybersecurity and protection of critical infrastructures. The second article by FEMA (2013
) is more detailed and comprehensive on the issue of cybersecurity and protection of critical infrastructures in the society. For instance, it offers a plan that will require a federal agency (SSA) to lead a coordinated process for vital infrastructure security within criti ...
Why Great Powers Launch Destructive Cyber Operations and What to Do About It ...Snarky Security
Here we have the German Council on Foreign Relations (DGAP), those paragons of geopolitical insight, serving up a dish of the obvious with a side of "tell me something I don't know" in their publication. It's a riveting tale of how big, bad countries flex their digital muscles to wreak havoc on the less fortunate. The whole DGAP article looks like a story about a midlife crisis: with the cybersecurity aspects of smart cities and the existential fear of technological addiction. To enhance the effect, they link cyberwarfare and the proliferation of weapons of mass destruction and here we learn that great powers launch cyberattacks for the same reasons they do anything else: power, money, other things everyone loves. And of course, the author decided to hype and remind about the role of machine learning in cyber operations.
Brian Wrote There is a wide range of cybersecurity initiatives .docxhartrobert670
Brian Wrote :
There is a wide range of cybersecurity initiatives that exist on the international level through collaborative efforts between the Department of Homeland Security (DHS) and numerous organizational units (UMUC, 2012). According to UMUC (2012), some examples of these initiatives are:
· Federal Law Enforcement Training Center
· National Cyber Security Division
· National Communications System
· Office of Infrastructure Protection
· Office of Operations Coordination
· Privacy Office
· U.S. Secret Service
· U.S. Immigration and Customs Enforcement
· Organization of American States Assistance
“The National Cyber Security Division works to secure cyberspace and America’s cyber assets in cooperation with public, private, and international entities” (UMUC, 2012). This is done using several strategic plans and directives, such as the Presidential Decision Directive 7, the Information Technology Sector Specific Plan, the National Strategy to Secure Cyber Space, National Infrastructure Preparedness Plan, and the National Response Plan (UMUC, 2012). A challenge that the National Cyber Security Division faces in providing an effective deterrent to cybersecurity threats are the constant evolving technologies. These include for both good and bad. Cyber attacks are constantly evolving and so are the technologies use to protect from them. In order for the National Cyber Security Division to effectively deter them not only do they have to stay up-to-date but also so do all of the strategic plans and directives that they use.
Another initiative is the Federal Law Enforcement Training Center (FLETC) that emerged in the 1980s. This initiative puts forth “efforts to counter international hijackings and financial crimes” (UMUC, 2012). It now also extends law enforcement abroad to help against terrorist activity, international crime, and drug-trafficking (UMUC, 2012). It does those with the partner of Department of State. A challenge that the FLETC faces in providing an effective deterrent to cybersecurity threats are their international limitations. All though they have partnered abroad with select foreign nations they still have restrictions and limitations as to what exactly they can do.
Justin Wrote:
Mutual Legal Assistance Treaties (MLATs) are established between two or more nations and provide a formal means of exchanging evidence and information pertaining to criminal acts or cases that occur outside of a nation’s legal jurisdiction. The primary issue associated with MLATs and cybercrime is the inconsistency of host nation laws. Many nations feel that the idea of a global anti-crime initiative may contradict a nation’s fundamental principles (Finklea & Theohary, 2012, p.24). There is no standardized definition for cybercrime which means that one nation may view a virtual act as a crime and the other, with which the MLAT exists, may not. If the two nations agree on the legality of the act then the requesting nation may sub ...
Understanding the Methods behind Cyber TerrorismMaurice Dawson
Cyber security has become a matter of national, international, economic, and societal importance that affects multiple nations (Walker, 2012). Since the 1990s users have exploited vulnerabilities to gain access to networks for malicious purposes. In recent years the number of attacks on U.S. networks has continued to grow at an exponential rate. This includes malicious embedded code, exploitation of backdoors, and more. These attacks can be initiated from anywhere in the world from behind a computer with a masked Internet Protocol (IP) address. This type of warfare, cyber warfare, changes the landscape of war itself (Beidleman, 2009). This type of warfare removes the need to have a physically capable military and requires the demand for a force that has a strong technical capacity e.g. computer science skills. The U.S. and other countries have come to understand that this is an issue and has developed policies to handle this in an effort to mitigate the threats.
In Estonia and Georgia there were direct attacks on government cyber infrastructure (Beildleman, 2009). The attacks in Estonia rendered the government’s infrastructure useless. The government and other associated entities heavily relied upon this e-government infrastructure. These attacks help lead to the development of cyber defense organizations within Europe.
talks about the present status of the cyber security in India. The policy of cyber security is also discussed. the general principles of the cyber security is highlighted.
Legal position of cyber security and instances of breach of information technology code is also discussed.
The Future of National and International Security on the InternetMaurice Dawson
Hyperconnectivity is a growing trend that is driving cyber security experts to develop new security architectures for multiple platforms such as mobile devices, laptops, and even wearable displays. The futures of national and international security rely on complex countermeasures to ensure that a proper security posture is maintained during this state of hyperconnectivity. To protect these systems from exploitation of vulnerabilities it is essential to understand current and future threats to include the laws that drive their need to be secured. Examined within this chapter are the potential security-related threats with the use of social media, mobile devices, virtual worlds, augmented reality, and mixed reality. Further reviewed are some examples of the complex attacks that could interrupt human-robot interaction, children-computer interaction, mobile computing, social networks, and human-centered issues in security design.
61Shackelford & Bohm - Securing North American Critical Infrasimisterchristen
61Shackelford & Bohm - Securing North American Critical Infrastructure
Securing North American Critical
Infrastructure:
A Comparative Case Study in
Cybersecurity Regulation
Scott J. Shackelford, J.D., Ph.D. * & Zachery Bohm**
Abstract: The United States and Canada are interdependent along a number of
dimensions, such as their mutual reliance on shared critical infrastructure. As a result,
regulatory efforts aimed at securing critical infrastructure in one nation impact the other,
including in the cybersecurity context. This article explores one such innovation in the
form of the 2014 National Institute for Standards and Technology (“NIST”)
Cybersecurity Framework. It reviews the evolution of the NIST Framework, comparing
and contrasting it with ongoing Canadian efforts to secure vulnerable critical
infrastructure against cyber threats. Its purpose is to discover North American governance
trends that could impact wider debates about the appropriate role of the public and private
sectors in enhancing cybersecurity.
Ta b l e of C o n t e n t s
I. Introduction........................................................................................................... 61
II. Unpacking the Cyber Threat Affecting North American Critical
Infrastructure............................................................................................................ 63
III. U.S. Approaches to Securing Critical Infrastructure: Enter the NIST
Framework............................................................................................................... 65
IV. An Introduction to Canadian Critical Infrastructure Cybersecurity Law
and Policy................................................................................................................. 66
V. Conclusion........................................................................................................... 69
I. In t r o d u c t io n
Neither the United States nor Canada is a stranger to cyber attacks. These
have increasingly targeted both the private and public sectors to steal valuable
intellectual property, such as state and trade secrets. In one instance, the
Canadian government reported a major cyber attack in 2011 that forced the
Finance Department and Treasury Board, Canada’s main economic agencies, to
disconnect from the Internet.1 Hundreds of systems within the United States
* Assistant Professor of Business Law and Ethics, Indiana University; Senior Fellow, Indiana
University Center for Applied Cybersecurity Research; W. Glenn Campbell and Rita Ricardo-
Campbell National Fellow, Stanford University Hoover Institution.
** Senior, Indiana University School of Public and Environmental Affairs.
62 CANADA-UNITED STATES LAW JOURNAL [Vol. 40, 2016]
Department of Commerce have similarly been forced offline due to cyber attacks
in recent years.” In total, more than 40 million global cyber attacks were reported
in 2014, representing a nearly 50% increas ...
HM502
Unit 5 DQ
Topic 1: Infrastructure Protection
A detailed discussion of threats to and the process of protecting critical infrastructure and key resources (CI/KR) sectors from man-made and natural disasters are essential for understanding one of the main missions of the U.S. Department of Homeland Security (DHS). In detailed analysis of threats and protection challenges, several CI/KR sectors have emerged that require the attention of DHS professionals. These sectors include:
· Agriculture and Food
· Banking and Finance
· Communications
· Defense Industrial Base
· Energy
· Information Technology
· National Monuments and Icons
· Transportation Systems
· Water
What are some of the major threats to the CI/KR sectors identified above? Discuss some of the critical vulnerabilities of these CI/KR sectors. What are some of the prime consequences if these CI/KR sectors are damaged or destroyed? Describe DHS plans to deter threats, mitigate vulnerabilities, and minimize consequences.
Topic 1 Student Response #1 (Respond to Jeffery)
Jeffery Bailey
Hello classmates/Professor
The Homeland Security Act of 2002 provides the basis for Department of Homeland Security (DHS) responsibilities in the protection of the Nation’s CIKR. The act assigns DHS the responsibility for developing a comprehensive national plan for securing CIKR and for recommending the “measures necessary to protect the key resources and critical infrastructure of the United States coordination with other agencies of the Federal Government and in cooperation with State and
local government agencies and authorities, the private sector, and other entities. (Chertoff, 2009) The NIPP defines the organizational structures that provide
the framework for coordination of CIKR protection efforts at all levels of government, their framework includes the action of setting goals and objectives, Identify Assets, Systems and Networks, Assess Risk, consequences, vulnerabilities, and threats. Prioritize, Implement Programs and Measure effectiveness.
The NIPP Conducts research and development and using technology to improve CIKR protection-related capabilities to ensure refined risk assessments for many years into the future. The NIPP assistance programs offers Federal grant assistance to State, local, tribal, and territorial entities; and complement relevant private sector activities. Part of their mission is to make America safer and more secure from cyber attacks and also both man made and natural disasters. Together, the NIPP and SSPs provide the mechanisms for identifying critical assets, systems, and networks, and their associated sectors. In dealing with risk and emergencies the NIPP has Sector Specific Agencies that are assigned certain areas of responsibilities such as Agriculture, Food, Energy and Water. Banking and Finance Communications, in dealing with the potential risk that may befall any of these entities the NIPP takes critical steps to assess, mitigate, protect, and plan for futur ...
Research in Information Security and Information Warfare- The economics, warf...Quinnipiac University
These days, Information Security and Information Warfare are now looked upon as a very important and vital concept among various military organizations. Since the revolution of this concept in military science is viewed as a major reformation regarding the technology utilized; military leaders believe that this technology and more specifically, the information: gives an advantage in military training, strategy, tactics, and organization, leaving no reason to believe otherwise on how technology impacts a nation‟s army. In this research paper, we will examine a deeper understanding of Information Security and Information Warfare; the economics, warfare, features, policies, and even some common technical aspects on why Information Security is so vital to one, to an organization, to a nation.
Bashar H. Malkawi, The Forum on National Security LawBashar H. Malkawi
The National Security Law Brief is excited to publish the second issue of the Forum on National Security Law. This issue, completed with the help and support of the Volume IX editorial board, is a project designed to increase the Brief’s scope by providing an opportunity for practitioners and students alike to explore debates in national security law and policy through short, topical pieces.
Battlefield Cyberspace: Exploitation of Hyperconnectivity and Internet of ThingsMaurice Dawson
The threat of cyber terrorism has become a reality with recent attacks such as Stuxtnet, Flame, Sony Pictures, and North Korea's websites. As the Internet of Things (IoT) continues to become more hyperconnected it will be imperative that cyber security experts to develop new security architectures for multiple platforms such as mobile devices, laptops, embedded systems, and even wearable displays. The futures of national and international security rely on complex countermeasures to ensure that a proper security posture is maintained during this state of hyperconnectivity. To protect these systems from exploitation of vulnerabilities it is essential to understand current and future threats to include the laws that drive their need to be secured. Examined within this chapter are the potential security related threats with the use of social media, mobile devices, virtual worlds, augmented reality, and mixed reality.
Cyber Security and Terrorism Research Article2Cybe.docxrandyburney60861
Cyber Security and Terrorism Research Article
2
Cyber Security and Terrorism Research Article
Senior Capstone
Introduction
Homeland Security has a wide range of organizations that fills in as a way to deal with shielding the United States locally and universally. These offices incorporate however are not restricted to U.S. Customs and Border Patrol, Transportation Security Administration, United States Coast Guard, Cybersecurity and Infrastructure, and so forth. These offices serves the administration in tending to at least one stages. For instance, The Federal Emergency Management Agency, otherwise called FEMA, is an organization that serves numerous partners in mitigating, planning, responding, and recovering from catastrophic events.
On a bigger degree, Cybersecurity is a developing and learning field that is utilized in Cybersecurity and Infrastructure and different organizations to shield significant specialized data from fear monger assaults, for example, hacking. Its primary unit of examination is the administration where relieving is the stage being polished. This principle point is basic to the Homeland Security and Emergency Management's (HSEM) discipline. As of now, there is an issue of how does Cybersecurity adequately change the danger of psychological militant assaults, wherein there are sure and negative credits to its methods for assurance. Innovation, organize security, basic frameworks including PC frameworks, and so forth is the thing that makes up Cybersecurity.
In spite of the fact that there might be a comprehension of what fear based oppression is, there has not yet been an unequivocal meaning of psychological oppression. As per Wilson, a few definitions for digital fear mongering can result from the assailants expectation while others centers on the impacts of the assault itself (Wilson, 2007). A few assaults can bring about mischief causing the death toll or harm while different assaults may bring about troublesome PCs and dread equivalents to fear based oppression. There should be a control on the yield of what dread is truly delegated with regards to an assault. When an infection occurs on a PC, is the proprietor of that PC apprehensive? On the off chance that the proprietor is apprehensive does it add up to a similar sort of dread starting at an aggressor from an alternate nation causing the infection? This can be alluded to what was the reason for that infection in any case.
When managing Cybersecurity and fear based oppression, there should be a decent measure of assaults occurring on the double or sequentially to cause dread inside the organization or nation. Digital fear mongers are seen assaulting different organizations consecutive for an extensive stretch in result accomplishing their objectives or if nothing else making consideration them (Lewis, 2002). In the event that the fear based oppressor neglects to increase any profit by their assault on a lot of PC frameworks, at that point it would n.
2. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 1 of 14
Introduction
Computer Network Operations (CNO), or “cyber operations”, have become an important
element of modern warfare. As part of cyber warfare, offensive cyber operations may be
executed by a nation to disrupt, deny, degrade or destroy the information which resides in
computers or the networks in which the computers are members of. These actions can be taken
either as a prelude to conventional, kinetic war or even in lieu of war if the actions are taken to
further a national security policy objective. In May of 2011, the Obama administration published
its “International Strategy for Cyberspace” which aims to “build and sustain an environment in
which norms of responsible behavior guide states’ actions, sustain partnerships, and support the
rule of law in cyberspace” (White House 2011). In April of 2015, the Department of Defense
(DoD) released its own cyber-strategy document which is intended to act as a guide for
developing DoD’s own cyber forces while also strengthening cyber defense and improving cyber
deterrence (DoD 2015, 2). It is widely recognized that all cyber strategies published to date
necessarily include elements of defense. However, a well-defined cyber-strategy should also
explicitly contain a blueprint for offensive cyber operations which could be used in support of
military operations or to achieve national security objectives.
Purpose of the Study
The purpose of this study is to examine the United States’ existing cyber-strategy in order to
determine if offensive computer network operations are supported or if current strategy should
be revised to incorporate offensive operations. Offensive cyber operations, if supported, could be
invaluable in helping the United States achieve its national security objectives.
3. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 2 of 14
Research Question and Hypothesis
The primary research question this study will attempt to answer is: what elements of the United
States' current cyber-strategy support offensive computer network attacks? A secondary question
which the research will hope to answer is: why would the United States or any nation conduct
offensive computer network attacks? The tentative hypothesis to answer the primary question is
that while current cyber-strategy provides an adequate defensive approach for United States’
military and non-military computer networks, the strategy does not explicitly support the use of
computer network attacks to further national security.
Research Strategy
This study will utilize a qualitative research strategy to identify the parameters, if any, for
conducting offensive cyber operations. Current elements of national cyber-strategy will be
examined to determine the strategy’s objectives paying special attention to the concept of
offensive operations. The study will also explore the doctrine of conducting pre-emptive strikes
and their appropriateness within the context of cyber operations. Lastly, the current national
cyber-strategy will be compared to existing international cyber-strategy in order to highlight gaps
in United States’ strategy and identify areas for improvement.
Literature Review
Dr. Andrew M. Colarik is an independent consultant, researcher and author of multiple security
books and publications covering cyber terrorism, information warfare and cyber security. Dr.
Lech Janczewski has over thirty-five years of experience in information technology with
extensive research in cyber terrorism. Their co-authored article in the Journal of Strategic
Security, “Establishing Cyber Warfare Doctrine”, examines the theoretical foundation of current
cyber warfare research, what has been learned to date about its application and some of the
4. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 3 of 14
emerging themes to be considered including the development of a national cyber warfare
doctrine.
Considered in the article by Colarik and Janczewski is why computer systems and the
infrastructures which support them should be included as valid military targets and further
highlights several recent events to support this assertion. The authors postulate that “modern
nations lack a grand strategy for handling cyber-attacks, one that gathers and coordinates their
national resources for shared security and prosperity” (Colarik and Janczewski 2012, 32). As
mentioned above, this perspective places the focus of cyber-strategy solely on defense and
ignores the benefits an offensive strategy could have for the United States.
Recent examples of cyber-attacks are reviewed by Colarik and Janczewski which is applicable to
this research because they serve as examples where offensive computer network attacks were
conducted by states or their proxies in order to further their own national strategy. For example,
a series of Distributed Denial of Service (DDoS) attacks against Estonia in 2007 forced the
country to isolate itself digitally in order to prevent the nation from being crippled. Also
examined are the attacks against the former Soviet-bloc state of Georgia which utilized similar
methods to the Estonian attacks, and the Stuxnet worm which targeted Iran’s Bushehr nuclear
power plant and set Iran’s nuclear program back by several years (Colarik and Janczewski 2012,
34). While these events demonstrate previous incidents of offensive computer network attacks,
the authors do not indicate if this approach is permitted within the context of United States’
current cyber-strategy.
Mark D. Young is a Special Counsel for Defense Intelligence, House Permanent Select
Committee on Intelligence. In the Journal of National Security Law & Policy, Young also takes a
look at the implementation of United States’ cyber-strategy in his article titled “National cyber
5. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 4 of 14
doctrine: The missing link in the application of American cyber power”. Unfortunately, the
article is slightly dated since it was written a year before the Obama administration published its
“International Strategy for Cyberspace” in 2011. In his article, Young makes the argument that a
national cyber doctrine is necessary but shows there is no doctrine which guides the application
of the nation’s cyber-power, at least at the time the article was written (Young 2010, 174). The
author suggests that a national cyber doctrine would encourage the integration between the
commercial, academic and government sectors and focus the application of the United States’
cyber-power (Young 2010, 176). Once again, however, this integration is for the application of
cyber-power from a defensive mind-set instead of offensive.
Like Colarik and Janczewski, Young details recent cyber-attack events to show that offensive
operations are not unprecedented, at least by nations other than the United States (Young 2010,
173). And also like Colarik and Janczewski, Young fails to indicate if these operations are part
of current United States’ cyber-strategy. The author elaborates on existing cyber operations
documents by reviewing the Joint Chiefs of Staff’s “Joint Publication 3-13”, which defines
information operations, electronic warfare, computer network operations, psychological
operations, military deception and operations security (Young 2010, 178). These definitions
certainly allow for, or at least imply, the capabilities of offensive attacks. Also examined by
Young are the United States Army and Air Force cyber doctrines which demonstrate that
offensive attacks could be taken by military units if deemed within the national interest, even if
the strategy does not explicitly call for them (Young 2010, 182).
Policy adviser at the French Ministry of Defence (Directorate for Strategic Affairs) and adjunct
lecturer in international security at the French Institute for Political Sciences, Jean-Loup Samaan
writes in The RUSI Journal regarding the US efforts to develop a coherent cyber-strategy and the
6. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 5 of 14
divide in the interpretation of the conduct of cyber-warfare. The challenges with developing a
coherent cyber-strategy have been expounded on by Samaan in his article “Cyber Command:
The Rift in US Military Cyber-Strategy”. In the article, a background on the newly created
Cyber Command is given along with the supposition the United States government would place
more focus on cyber defense with the creation of this unit (Samaan 2010, 16). Samaan also
touches on the concept of cyber-warfare and the fact that any cyber-war could have economic
and psychological effects which should call for a robust doctrine of cyber-deterrence (Samaan
2010, 17). This would seem to support the implementation of offensive computer network
attacks and warrant their inclusion as part of the national cyber-strategy. However, the author is
silent on whether or not offensive operations are supported by current cyber-strategy.
Unlike the previous authors mentioned above, Samaan points out some parties involved in cyber-
strategy have complained that cyber-deterrence is misleading and irrelevant (Samaan 2010, 18).
Part of the reason for this is the challenges with attribution which prevents retaliation since the
attacker often cannot be determined. Without the ability to accurately prove the attacker’s
identity, there is no way of knowing if the attacks originated from a state or an individual non-
state actor. What Samaan fails to acknowledge though, is that the lack of ability to attribute
attacks is also a good reason for the United States to include offensive cyber operations as part of
its national cyber-strategy.
The author of “Rewired warfare: rethinking the law of cyber attack”, Michael N. Schmitt is the
Director of the Stockton Center for the Study of International Law, United States Naval War
College; Professor of Public International Law at Exeter University; and Senior Fellow at the
NATO Cyber Defence Centre of Excellence with extensive experience working with multiple
international expert working groups on cyber-strategy. In his article published in the
7. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 6 of 14
International Review of the Red Cross, Schmitt discusses the relation of international
humanitarian law to cyber operations. The author analyzes the debate between the permissive
approach which allows for a more extensive use of cyber-attacks even to the point of targeting
non-military targets during an attack, and a restrictive approach which holds to a more narrow
view of when cyber-attacks may be used and that targets must be confined to those of a military
nature (Schmitt 2014, 196). While these comparisons are interesting from an academic
viewpoint, they hold little value with regards to the topic of this study beyond what may be
targeted if an offensive cyber-strategy is implemented. This debate becomes more relevant if the
research concludes current cyber-strategy already incorporates offensive computer network
attacks.
Dr. Kenneth Geers is the Senior Executive in the U.S. Naval Criminal Investigative Service
(NCIS) as a cyber Subject Matter Expert and was the first U.S. Representative to the NATO
Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia. Geers describes four
nation-state approaches to mitigating cyber-attacks in “Strategic Cyber Defense: Which Way
Forward?” published in the Journal of Homeland Security and Emergency Management. These
various approaches make use of new and improved technology, doctrine, deterrence and arms
control in order to limit the threat from cyber-attacks (Geers 2012, 1). These defense
mechanisms are necessary because the Internet can easily increase the speed, scale and power of
any cyber-attack. Because of these factors, Geers emphasizes the need for military strategists to
include cyber-attacks as well as defense into military doctrine (Geers 2012, 3). It is increasingly
more likely that cyber-attacks will play a prominent role in future wars with fighting taking place
over the entire length and breadth of cyberspace. This may not necessarily be negative since
conflicts could be shorter and incur minimal loss of life. While this advances support for
8. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 7 of 14
offensive cyber operations, the author does not indicate that such operations are part of current
cyber-strategy.
Geers’ article is unique to this research in that the author touches upon the revolutionary aspects
of cyber conflict such as the fact that cyberspace is an artificial environment, cyber conflict
favors the attacker and physical proximity between the attacker and the target is not required
(Geers 2012, 4). But Geers’ article suffers from the same gaps as the previous authors in that it
does not approach computer network operations from an offensive standpoint, but treats the
strategy as purely a defensive one. Even the revolutionary aspects should be treated as positive
conditions which could be used to benefit the United States if offensive cyber-attacks are
included in the national cyber-strategy.
Current literature primarily focuses on the defensive aspect of current cyber-strategy. Recent
history contains examples of offensive computer network attacks used to further states’ national
interests and current definitions of information operations, and electronic warfare which certainly
imply the capabilities of the United States to use offensive cyber operations. The same pitfalls
which signify the importance of defending against cyber-attacks can also be shown in a positive
light if viewed from an offensive perspective. If research confirms the absence of a national
offensive cyber-strategy, steps may be taken to rectify those gaps and advocate the inclusion of
an offensive strategy.
Methodology
This qualitative research project was undertaken by examining current United States' cyber-
strategy. Elements of the strategy were reviewed to determine if any aspects support the concept
of offensive cyber operations. The variables identified during this research are offensive cyber
9. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 8 of 14
operations, currently published national cyber-strategy, preemptive strikes in accordance with
Bush Doctrine, international cyber-strategy and international humanitarian law.
Neo-conservatism theory, also known as the “Bush Doctrine", supports the use of preemptive
strikes to achieve national security objectives. This doctrine was first announced by President
George W. Bush in a 2002 speech to West Point cadets and was a significant shift in U.S.
military policy. As Kellner notes, this new policy replaced "the Cold War doctrine of
containment and deterrence with a new policy of preemptive strikes" (Kellner 2004, 417).
Neo-conservatives operate under the belief that the United States has the most powerful military
in the world and that same military should be used to shape the world according to U.S. interests.
Due to this military might, the rest of the world should fear the United States and hesitate to
openly and even in some cases, covertly stand against the U.S. This is a form of deterrence
which also directly applies to the cyber domain.
The faith of neo-conservatives to deter actions by other nations is in large part based on the
modern revolution of military affairs (RMA). This faith causes policy-makers and military
strategists to believe that instead of relying on large armies, "the United States could rely on
stealth technology, air-delivered precision-guided weapons, and small but highly mobile ground
forces to win quick and decisive victories" (Mearsheimer 2005, 2). Cyber operations are a
natural extension of RMA given the low cost of entry to perform operations, attackers and targets
do not need to be within the same physical proximity and the relative size, speed and scale of
cyber-attacks. These factors mean that cyber operations can be used as a projection of military
power which fits nicely into the neo-conservatism theory.
10. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 9 of 14
Findings and Analysis
Computers and their networks have become an integral part of modern societies. In ways never
seen before, information technology is fostering the flow of goods and services around the globe
as well as facilitating the exchange of information and ideas. This infrastructure also supports
safely controlling air traffic, delivering water and electricity to communities and maintaining a
robust financial system. States have come to the realization that targeting the infrastructure of
other nations during conflicts could result in fewer lives lost as well as facilitate economic
recovery after the cessation of hostilities. Deterring these cyber operations has often been futile
which points to deterrence in general as a misleading and irrelevant idea. Attribution, which
identifies the attacker in cyber space, is a key limitation to deterrence since the attacker often
cannot be positively identified. This makes it clear that cyber conflict always favors the attacker.
In light of this revelation, if it were in the national security interests of the United States to
disrupt, deny, degrade or destroy key infrastructure or military systems of an adversary, would
the current national cyber-strategy support these offensive operations?
In determining if current United States' cyber strategy supports the use of offensive cyber-
attacks, it is necessary to begin by examining the Obama administration's "International Strategy
for Cyberspace" published in 2011. This strategy outlines the principles the United States will
adhere to when confronting the challenges of operating in cyberspace. The principles reflect a
commitment to the free flow of information and exchange and uninhibited communication which
are considered fundamental freedoms. Along with these freedoms is the obligation to protect
individual privacy through oversight and judicial review balanced with investigative authorities
for law enforcement (White House 2011, 5).
11. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 10 of 14
Another important concept included in "International Strategy for Cyberspace" is the
establishment of norms of behavior. It is the Obama administration's standpoint that already
existing international norms which guide the behavior of states still apply in the domain of
cyberspace (White House 2001, 9). In addition to the principles previously reviewed, additional
principles which support norms may include protection from crime, right of self-defense, global
interoperability, network stability and governance. While the principles outlined here are
important to ensuring national security, it is apparent they are most applicable to defending
against cyber-attacks instead of conducting them. Several of these factors, such as network
stability and protecting privacy, also enable and encourage computer network operations against
the United States. Still other principles, for example uninhibited communication and network
stability, should discourage the United States from using computer network operations against
targets since such operations run counter to the principles defined. Either way, the published
strategy neither supports nor forbids the use of offensive cyber operations.
The cyber strategy as laid out by the Department of Defense (DoD) and published in April 2015
contains an admission of the advantages which offensive computer network operations contain
for a state. In fact, the DoD begins with the assumption that potential adversaries would attempt
to target United States infrastructure and military systems in order to gain the upper hand in a
conflict. To neutralize those threats, the DoD "has developed capabilities for cyber operations
and is integrating those capabilities into a full array of tools that the United States government
uses to defend U. S. National interests, including diplomatic, informational, military, economic,
financial, and law enforcement tools" (DoD 2015, 2). If the US government is aware of the need
to defend against these threats, it is plausible to assume the government understands the
advantage to be gained by targeting these sectors offensively.
12. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 11 of 14
The DoD's cyberspace strategy outlines three primary cyber missions. First and foremost is the
mission to defend the networks, systems and information which are part of the DoD's domain.
DoD's closely related second mission is to ensure its agencies are prepared to defend its interests
as well against cyber-attacks. Under this mission, the United States military may be directed by
the President or Secretary of Defense to conduct cyber operations which would attempt to thwart
an on-going or imminent attack in cyberspace, thus preventing the destruction of property or loss
of life (DoD 2015, 5). However, neither counter-attacks nor offensive operations are explicitly
supported under this mission.
The DoD's third mission is the most relevant for this research which states that the DoD must be
able to integrate cyber operations in support of military operations and contingency plans if so
directed by the President or the Secretary of Defense (DoD 2015, 5). The addition of this
mission recognizes the possibility the President or Secretary of Defense could make a
determination that it would be advantageous for the military to conduct cyber operations which
are intended to disrupt, deny, degrade or destroy an adversary's military networks or
infrastructure. The support of this mission would allow the United States military to protect and
further U.S. interests in whatever area of operations the military finds itself.
While the DoD's third mission does explicitly support the use of offensive cyber operations, the
strategy also dictates the United States "will always conduct cyber operations under a doctrine of
restraint as required to protect human lives and to prevent the destruction of property" (DoD
2015, 6). Presumably, any decision which is made to conduct cyber operations on networks
which fall outside of the DoD's network domain would be made with serious deliberation and
with strict oversight which conforms to the law of armed conflict (LOAC). Does adherence to
13. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 12 of 14
this international law, also sometimes referred to as International Humanitarian Law (IHL),
hamper the ability of the U.S. to effectively conduct offensive cyber operations?
One of the principles of LOAC is that the attacking party should do everything which is feasible
in order to ensure the target is military in nature. This does not mean that proof must be
absolutely conclusive, however, any commander should be able to reasonably conclude the target
is a military objective (Dunlap 2011, 91). Finding targets of a military nature in cyberspace can
be a great challenge, especially when viewed from the standpoint that billions of machines may
be connected to the Internet at any one time. It becomes necessary, therefore, to determine that
the potential target computer or network first belongs to the adversary and then identify if the
target is also a viable military target in order to conform to LOAC.
Some strategists dispute this restrictive approach and argue that cyber operations which are
directed towards civilian infrastructure but do not cause damage are indeed permissible because
operations without damage do not qualify as an attack (Schmitt 2014, 191). This approach can be
considered "effects based" and would appear to allow for the "neutralization" of computer
systems and networks as long as there is no loss of life which could be directly associated with
the attack and any resulting damage is not permanent. These opposing viewpoints are still open
for debate and should be evaluated by commanders before undertaking any offensive cyber
operations.
An additional challenge is that by applying LOAC to cyber operations, only members of the
states’ armed forces are allowed to conduct cyber-warfare and offensive computer network
operations. As Dunlap indicates, "This means so long as LOAC is otherwise observed, military
personnel are legally permitted to engage in killing and destruction in war without fear of
prosecution for doing so" (Dunlap 2011, 91). Therefore, when conducting offensive cyber
14. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 13 of 14
operations which are lethal or as destructive when compared to kinetic attacks, the operations
must be performed by uniformed military personnel. This is a significant limitation to engaging
in offensive cyber operations since cyber agencies like the NSA are not uniformed members of
the United States military and could theoretically face international prosecution for engaging in
offensive cyber operations.
Conclusion
As the research shows, the International Strategy for Cyberspace which the Obama
administration published in 2011 outlines the principles the United States will adhere to when
confronting the challenges of cyberspace. While the principles outlined in the strategy are
critical for ensuring national security, close examination shows they strictly relate to defending
against cyber-attacks. The Department of Defense’s Cyber Strategy publication expands on the
Obama administration’s international strategy and defines three primary cyber missions. Two of
the missions are associated with defending military networks and the United States’ national
interests. The third mission, however, explicitly supports the use of offensive cyber operations if
directed by the President or the Secretary of Defense and refutes the hypothesis of the primary
research question. Although permissible according to current strategy, any offensive cyber
operations conducted should operate within the previously defined law of armed conflict
(LOAC) whenever possible. Unfortunately, operating under this international paradigm leaves
significant gaps, such as which targets are permissible to attack, the amount of damage allowable
and which agencies are legally permitted to mount an attack. These gaps should be further
explored and the national cyber strategy continue to be refined in accordance with international
norms.
15. U.S. Cyber Strategy and Offensive Cyber Operations NSEC506 – Nov/Dec 2015
Mark Raduenzel Page 14 of 14
References
Colarik, Andrew M. and Lech Janczewski. 2012. "Establishing Cyber Warfare Doctrine."
Journal of Strategic Security 5, no. 1: 31-48.
Department of Defense. 2015. “The Department of Defense Cyber Strategy.” April.
Dunlap, Charles J. 2011. "Perspectives for Cyber Strategists on Law for Cyberwar." Strategic
Studies Quarterly. Spring: 81-99.
Farnsworth, Timothy. 2011. "Pentagon Issues Cyber Strategy." Arms Control Today 41, no. 7:
37-38.
Geers, Kenneth. 2012. "Strategic Cyber Defense: Which Way Forward?" Journal of Homeland
Security and Emergency Management 9, no. 1: 1-10.
Kellner, Douglas. 2004. "Preemptive strikes and the war on Iraq: a critique of Bush
administration unilateralism and militarism." New Political Science 26, no. 3: 417-440.
Mearsheimer, John. 2005. "Hans Morgenthau and the Iraq war: realism versus neo-
conservatism." opendemocracy.com, posted May 19.
Samaan, Jean-Loup. 2010. "Cyber Command: The Rift in US Military Cyber-Strategy." The
RUSI Journal vol. 155, no. 6: 16-21.
Schmitt, Michael N. 2014. "Rewired warfare: rethinking the law of cyber attack." International
Review of the Red Cross 96, no. 893: 189-206.
Young, Mark D. 2010. "National cyber doctrine: the missing link in the application of American
cyber power." Journal of National Security Law & Policy vol. 4, no. 1: 173-196.
White House. 2011. “International Strategy for Cyberspace: Prosperity, Security, and Openness
in a Networked World.” May.