SlideShare a Scribd company logo
UNDERSTANDING THE ‘PHYSICS’ OF CYBER-OPERATIONS
From Doctrine to Operations
From Operations to Doctrine
Pukhraj Singh
About me
• 13 years of off-and-on experience in cyber threat intelligence
• Made early attempts at fusing cyber with geopolitics
– Novel in 2010
• 5.5 years in the government
– “It was the best of times, it was the worst of times” – Charles Dickens
• I stand on the shoulders of giants
– Cyber is over-classified; completely lacks empirical data to see trends
– Experience is the only marker for cyber – I rely on operators with
much greater experience
• Product of a six-month research on a manuscript
Three interspersed narratives in this talk
• Understanding the ‘meta’ of cyber
– Shifts once in 5 years, on an average
• The underlying physics of cyber-operations
– All our assumptions are gravely wrong
– Gets re-written in 5 years, too
• The autonomous code will write the laws of war
– From operations to policy, strategy & doctrine, not
otherwise
– Cyber: Counter-insurgency as a strategy & realpolitik as a
policy
“The other domains [of war] are natural,
created by God & this one is the creation of
man”
-- Gen Michael Hayden, former director NSA & CIA
Let that sink in for a moment…
Four dimensions of power that absolutely
don’t work in cyberspace:
Territoriality, Causality, Proportionality & Legality
What are cyberweapons?
“Cyberweapons are power projection tools”
-- Dave Aitel, former NSA cyber-operative
But what REALLY are cyberweapons?
“Anything which changes the terrain of
cyberspace”
-- Gen. Michael Hayden, ex-NSA & CIA
It is not just about access
Anything which changes the terrain of cyberspace
• For example, availability is the most potent weapon
• Julian Assange/Wikileaks
– The strategic pivot of Russian Active Measures (INFOOPS)
– “Ahead of its time by many years” – Dave Aitel, ex-NSA
• Russian Active Measures in the 2016 US elections
– Weaponized the mere availability of crappy information
Three things where the generals may go wrong:
- Cyber is NOT fully asymmetric
- Cyber is NOT always non-kinetic
- Cyber is NOT mostly non-attributable
Stuxnet: costly than an airstrike
-- Rebecca Slayton, Cornell University
“The vast majority of cyber power projection tools are
built and maintained by non-state-actors… a vast
majority of the top tier hackers in the world are not
with nation-states or never were”
-- Dave Aitel, former NSA cyber-operative
“If we were to score cyber the way we score
soccer, the tally would be 462-456, twenty
minutes into the game”
-- Chris Inglis, former Deputy Director of NSA
Defense is an afterthought
“…the dual-hatting of the Director of NSA &
Commander of U.S. Cyber Command ought not be
undermined by nascent efforts to divide the two out of
a need for improved optics”
-- Gen. Keith Alexander, former director of NSA
Offense-Defense
• Mathematically indistinguishable
• Symbiotic
Cyber is the true dual-use technology
“I cannot change the reality that all security tools are dual-use”
-- Mike Walker, DARPA
• Offense-defense: symbiotic
• Antivirus is the APT: the Kaspersky example
• The Wassenaar debacle
• “The cyber security products that promise total surveillance over
the enterprise are, to my mind, an offensive strategy used for
defensive purposes” – Dan Geer, In-Q-Tel
• NSA’s DEFIANTWARRIOR, TURBULENCE & QUANTUMBOT
Thresholds of cyberwar would remain nebulous
“…fixation on defining the precise threshold for a digital act of
war (beyond the de facto effects-based analysis to be applied in
any actual scenario) distracts from the important question of
how cyber operations are actually being used today”
-- Sean Kanuck, former National Intelligence Officer for Cyber
Why?
Because the real intent & impact of a
cyberattack are objectively incalculable
Thresholds of cyberwar would remain nebulous
Why?
Because CNE, CNA & CND are indistinguishable
until fully manifested
Thresholds of cyberwar would remain nebulous
CNO
Matthew Monte, former cyber-operative with the CIA
Why?
“When evaluating potential cyber activities, US policymakers
have tended to view cyber operations as strictly delineated:
offense or defense; espionage or military operations. Reality
defies such stark categorization; determining when one type of
cyber operation ends & another begins is challenging. Rather
than establishing strict categories into which cyber activities are
sorted, it may be best to view cyber operations along a
spectrum”
-- Col. Gary D. Brown, former staff judge advocate for
U.S. Cyber Command
Thresholds of cyberwar would remain nebulous
So, what is a reasonable marker?
“Surviving on a diet of poisoned fruit”
“The US cannot allow the insecurity of our cyber
systems to reach a point where weaknesses in those
systems would likely render the United States unwilling
to make a decision or unable to act on a decision
fundamental to our national security”
-- Richard A. Danzig, former member of the Defense
Policy & Intelligence Advisory Boards
“Cyber & Crisis Escalation:
Insights from Wargaming”
“Data from a crisis wargame conducted at the U.S. Naval War
College from 2011 to 2016”
“Decision-makers view cyber operations as highly
escalatory…cautious about using offensive cyber operations & cyber
network exploitation, even after conventional conflict has begun”
“Despite their concern about escalation— chose not to respond to
cyber attacks by the adversary in any of the wargames”
-- Jacquelyn Schneider, United States Naval War College
“Cyber & Crisis Escalation:
Insights from Wargaming”
“Data from a crisis wargame conducted at the U.S. Naval War
College from 2011 to 2016”
“Significant strides toward our understanding of the impact of cyber
on crisis stability by shifting from an analysis of capabilities to an
exploration of states’ perceptions about the impact of cyber on
escalation. By bypassing technical questions of capabilities, we can
focus instead on how decision-makers process the uncertainties of
cyber, with implications not only for potential behaviors during crisis
situations but also for understanding the variables that shape foreign
policy decision-makers’ understandings of the cyber domain”
-- Jacquelyn Schneider, United States Naval War College
Finally, is cyber-deterrence a chimera?
“Deterrence is largely a function of perception”
“For deterrence to be effective, the adversaries must believe
that our ability to respond to an attack will result in
unacceptable costs imposed on them. Costs may be imposed
through a variety of mechanisms, including economic sanctions,
diplomacy, law enforcement, & military action”
-- Aaron G. Hughes, former U.S. deputy assistant secretary of
defense for cyber policy
Bureaucracy: the most persistent technical
signature of a cyber attack
“Your cyber adversary has a boss & a
budget”
-- The Grugq
Bureaucracy: the most persistent technical
signature of a cyber attack
“Map the adversarial ecosystem of cyberspace in
anthropological detail with the aim of increasing our
understanding of our adversaries & our own incentives
& methods of operation”
-- Richard A. Danzig, Surviving On A Diet of Poisoned
Fruit
Bureaucracy: the most persistent technical
signature of a cyber attack
Prevalent operational structures
-- Dave Aitel, former NSA cyber-operative
Three real asymmetries of cyberwar
-- Matthew Monte, former CIA cyber-operative
Book: Networks Attacks & Exploitation
Overview: China
• Two 3PLA cyber feeder programs
– Apart from tech, HUGE focus on language
– Jiao Tong, Shanghai International Studies University
• Tiered competency
• Loose C&C
– OPSEC relies on plausible deniability
• Fusion centers for economic espionage
• Unified war component: Strategic Support Force
Overview: China
-- Dave Aitel, former NSA cyber-operative
Overview: China
• Efficient economic espionage
– “The largest transfer of wealth in history” -- Gen. Keith Alexander
– A major part of the 30% self-sustenance component of PLA
• Declassifies stolen intelligence downstream
– Via fusion centers: National Technology Transfer Centers or
National Demonstration Organizations
– “Convert advanced foreign technology into domestic innovation
ability”
– “Making technology transfer even more the core feature of our
technology innovation”
– Project 863, 973 & 211
– Under the 61 Research Institute of 3PLA
– Corrupt generals
Overview: US
• Cyber competency: Medium-tiered
• Medium C&C
• Extremely high covertness
• “Doesn't try to controlling the world but prevents surprise” – The Grugq
• A million cleared people - 17 agencies competing for budget
• Contractor rot; high attrition
Overview: Russia
• Good fusion of CYBEROPS with INFOOPS
• Disinformation goes all the way back to Stalin
• Remnant of the massive Soviet-era Active Measures
machinery
– $3-4 billion budget in 1982 ($9.5-12.6 billion in today’s
terms) > budget of the NSA
Overview: Russia
• Non-linear war: Gerasimov Doctrine
– Peak build-up during & after Crimea
• Competing agencies -- GRU, FSB & SVR
• Very low covertness
• Extension of the state-criminal nexus
– Multiple operational components
– Strategic cyber reserve
Overview: Israel
• Purely an extension of skilling – unique
• Completely disrupts conventional population-
based competencies (lesson for India)
• Feeders for 8200: starts from school
– Magshimim, Talpiot
• Vets bring almost $10 billion per year post-
retirement
– That’s roughly $700 per capita
India?
???
☹
The worst kind of insurgency
• Col. Gary D. Brown on why we won’t see international norms in
cyber:
– Laws came from customs & practices of nations – how do we
account for the massive non-state component?
– Functional entropy. Every cyberweapon can command its own law
– Most conflict laws written around kinetic impact
– Whatever rules we may create around cyber for would also affect
other bodies like kinetic warfare
– No letting go of offensive capabilities. “The strong do what they
can, & the weak suffer what they must”
– Internal (inter-agency) lack of cohesion is extreme
Cyber from a subcontinental perspective
• “States not defining their limits & capabilities is an impediment
to cyber law” -- Col. Gary D. Brown
– Maintains escalatory control
• “Vast majority of our key networked infrastructure is owned &
operated by the private sector… must learn to work together to
defend our nation in cyberspace” -- Gen. Keith Alexander
– Private sector would always be in the cross-hairs
– Active Defence (Offensive Defence)
– “Private companies… providing threat intelligence that is
steadily approaching the all-source format” – Sean Kanuck
Cyber from a subcontinental perspective
• “We are fighting at the intersection of a Venn diagram
where the finances of a non-state actor meet the
capabilities of a state actor” – Le me
• “Offense’s superiority means that it a utopian fantasy
to believe that information can be protected from
leakage, & so the counter-offense of disinformation is
what we must deploy in return” – Dan Geer
Cyber from a subcontinental perspective
• “Espionage & war are the same thing now”
• “Information is capabilities”
• “Lines of communications are lines of attack”
• “Passive can turn into active at a heartbeat”
• “Motivations dictate methodology”
• “Capabilities can scale”
• “Cyber attacks ideologies best”
• “Banks evolved from a physical place to software services
provider that conducts financial transactions… so too are
countries becoming increasingly defined by code, rather
than physical, tangible assets”
– Dave Aitel
Cyber from a subcontinental perspective
• “Most common threat vector within the cyber
environment displays characteristics of a classical
insurgent force” -- Maj. GB Parisien, Canadian Forces
College
• Cyber feeder program – Cyber NDA
– Skilling would be the most effective & cheapest force
multiplier for the Indian Armed Forces
• Focus on tooling & toolchains rather than hacks
– Controls resource & manpower attrition
Cyber from a subcontinental perspective
• Cyber is the strategic pivot of symmetric war, not
otherwise
• A highly regulated non-state actor engagement model
– Cyber-military industrial complex
• For India, cyber-deterrence may mostly be realized
through geopolitical alliances as the capability build-up
is slow & weak
Thanks
pukhraj@gmail.com

More Related Content

What's hot

Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéll
Jarno Limnéll
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
Aurin Sheikh
 
Cyberwarfare
CyberwarfareCyberwarfare
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...
AFCEA International
 
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
Sara-Jayne Terp
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
shifahirani
 
Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other things
Sara-Jayne Terp
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
tnwac
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy
Sara-Jayne Terp
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
Udaysharma3
 
About cyber war
About cyber warAbout cyber war
About cyber war
eugenvaleriu
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
David Willson, Attorney, CISSP, Security +
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
Dominic Karunesudas
 
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
CODE BLUE
 
Why_TG
Why_TGWhy_TG
Why_TG
TOP GUN
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO Compliance
PECB
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
Cyber Security Alliance
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law Please
William McBorrough
 
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Dr. Lydia Kostopoulos
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance  and security in the energy sectorsInformation warfare, assurance  and security in the energy sectors
Information warfare, assurance and security in the energy sectors
Love Steven
 

What's hot (20)

Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéll
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...
 
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other things
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
 
About cyber war
About cyber warAbout cyber war
About cyber war
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
 
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
 
Why_TG
Why_TGWhy_TG
Why_TG
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO Compliance
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law Please
 
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance  and security in the energy sectorsInformation warfare, assurance  and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 

Similar to Understanding the 'physics' of cyber-operations - Pukhraj Singh

The rise of cyberpower
The rise of cyberpowerThe rise of cyberpower
The rise of cyberpower
Noelle Cowling
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
Boston Global Forum
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas
mariaidga
 
USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert Lin
AFCEA International
 
Cybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingCybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit Meeting
David Opderbeck
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
Chuck Brooks
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWAR
Talwant Singh
 
Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015
AFCEA International
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
Phil Agcaoili
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
Jack Whitsitt
 
61Shackelford & Bohm - Securing North American Critical Infra
61Shackelford & Bohm -  Securing North American Critical Infra61Shackelford & Bohm -  Securing North American Critical Infra
61Shackelford & Bohm - Securing North American Critical Infra
simisterchristen
 
Advancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National PriorityAdvancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National Priority
Career Communications Group
 
Ed Rios - New ncc brief
Ed Rios - New ncc briefEd Rios - New ncc brief
Ed Rios - New ncc brief
Trish McGinity, CCSK
 
Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber Warfare
Amit Anand
 
Pa862
Pa862Pa862
A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030
Scott Dickson
 
C3 Cyber
C3 CyberC3 Cyber
Cybercrime & global mapping
Cybercrime & global mappingCybercrime & global mapping
Cybercrime & global mapping
Fred Zimmerman
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final Report
Landon Harrell
 

Similar to Understanding the 'physics' of cyber-operations - Pukhraj Singh (20)

The rise of cyberpower
The rise of cyberpowerThe rise of cyberpower
The rise of cyberpower
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas
 
USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert Lin
 
Cybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingCybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit Meeting
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWAR
 
Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
 
61Shackelford & Bohm - Securing North American Critical Infra
61Shackelford & Bohm -  Securing North American Critical Infra61Shackelford & Bohm -  Securing North American Critical Infra
61Shackelford & Bohm - Securing North American Critical Infra
 
Advancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National PriorityAdvancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National Priority
 
Ed Rios - New ncc brief
Ed Rios - New ncc briefEd Rios - New ncc brief
Ed Rios - New ncc brief
 
Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber Warfare
 
Pa862
Pa862Pa862
Pa862
 
A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030A US Cybersecurity Strategy for 2030
A US Cybersecurity Strategy for 2030
 
C3 Cyber
C3 CyberC3 Cyber
C3 Cyber
 
Cybercrime & global mapping
Cybercrime & global mappingCybercrime & global mapping
Cybercrime & global mapping
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final Report
 

Recently uploaded

Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
LucaBarbaro3
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
HarisZaheer8
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
maazsz111
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 

Recently uploaded (20)

Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 

Understanding the 'physics' of cyber-operations - Pukhraj Singh

  • 1. UNDERSTANDING THE ‘PHYSICS’ OF CYBER-OPERATIONS From Doctrine to Operations From Operations to Doctrine Pukhraj Singh
  • 2. About me • 13 years of off-and-on experience in cyber threat intelligence • Made early attempts at fusing cyber with geopolitics – Novel in 2010 • 5.5 years in the government – “It was the best of times, it was the worst of times” – Charles Dickens • I stand on the shoulders of giants – Cyber is over-classified; completely lacks empirical data to see trends – Experience is the only marker for cyber – I rely on operators with much greater experience • Product of a six-month research on a manuscript
  • 3. Three interspersed narratives in this talk • Understanding the ‘meta’ of cyber – Shifts once in 5 years, on an average • The underlying physics of cyber-operations – All our assumptions are gravely wrong – Gets re-written in 5 years, too • The autonomous code will write the laws of war – From operations to policy, strategy & doctrine, not otherwise – Cyber: Counter-insurgency as a strategy & realpolitik as a policy
  • 4. “The other domains [of war] are natural, created by God & this one is the creation of man” -- Gen Michael Hayden, former director NSA & CIA Let that sink in for a moment…
  • 5. Four dimensions of power that absolutely don’t work in cyberspace: Territoriality, Causality, Proportionality & Legality
  • 6. What are cyberweapons? “Cyberweapons are power projection tools” -- Dave Aitel, former NSA cyber-operative
  • 7. But what REALLY are cyberweapons? “Anything which changes the terrain of cyberspace” -- Gen. Michael Hayden, ex-NSA & CIA It is not just about access
  • 8. Anything which changes the terrain of cyberspace • For example, availability is the most potent weapon • Julian Assange/Wikileaks – The strategic pivot of Russian Active Measures (INFOOPS) – “Ahead of its time by many years” – Dave Aitel, ex-NSA • Russian Active Measures in the 2016 US elections – Weaponized the mere availability of crappy information
  • 9. Three things where the generals may go wrong: - Cyber is NOT fully asymmetric - Cyber is NOT always non-kinetic - Cyber is NOT mostly non-attributable
  • 10. Stuxnet: costly than an airstrike -- Rebecca Slayton, Cornell University
  • 11. “The vast majority of cyber power projection tools are built and maintained by non-state-actors… a vast majority of the top tier hackers in the world are not with nation-states or never were” -- Dave Aitel, former NSA cyber-operative
  • 12. “If we were to score cyber the way we score soccer, the tally would be 462-456, twenty minutes into the game” -- Chris Inglis, former Deputy Director of NSA Defense is an afterthought
  • 13. “…the dual-hatting of the Director of NSA & Commander of U.S. Cyber Command ought not be undermined by nascent efforts to divide the two out of a need for improved optics” -- Gen. Keith Alexander, former director of NSA Offense-Defense • Mathematically indistinguishable • Symbiotic
  • 14. Cyber is the true dual-use technology “I cannot change the reality that all security tools are dual-use” -- Mike Walker, DARPA • Offense-defense: symbiotic • Antivirus is the APT: the Kaspersky example • The Wassenaar debacle • “The cyber security products that promise total surveillance over the enterprise are, to my mind, an offensive strategy used for defensive purposes” – Dan Geer, In-Q-Tel • NSA’s DEFIANTWARRIOR, TURBULENCE & QUANTUMBOT
  • 15. Thresholds of cyberwar would remain nebulous “…fixation on defining the precise threshold for a digital act of war (beyond the de facto effects-based analysis to be applied in any actual scenario) distracts from the important question of how cyber operations are actually being used today” -- Sean Kanuck, former National Intelligence Officer for Cyber
  • 16. Why? Because the real intent & impact of a cyberattack are objectively incalculable Thresholds of cyberwar would remain nebulous
  • 17. Why? Because CNE, CNA & CND are indistinguishable until fully manifested Thresholds of cyberwar would remain nebulous
  • 18. CNO Matthew Monte, former cyber-operative with the CIA
  • 19. Why? “When evaluating potential cyber activities, US policymakers have tended to view cyber operations as strictly delineated: offense or defense; espionage or military operations. Reality defies such stark categorization; determining when one type of cyber operation ends & another begins is challenging. Rather than establishing strict categories into which cyber activities are sorted, it may be best to view cyber operations along a spectrum” -- Col. Gary D. Brown, former staff judge advocate for U.S. Cyber Command Thresholds of cyberwar would remain nebulous
  • 20. So, what is a reasonable marker? “Surviving on a diet of poisoned fruit” “The US cannot allow the insecurity of our cyber systems to reach a point where weaknesses in those systems would likely render the United States unwilling to make a decision or unable to act on a decision fundamental to our national security” -- Richard A. Danzig, former member of the Defense Policy & Intelligence Advisory Boards
  • 21. “Cyber & Crisis Escalation: Insights from Wargaming” “Data from a crisis wargame conducted at the U.S. Naval War College from 2011 to 2016” “Decision-makers view cyber operations as highly escalatory…cautious about using offensive cyber operations & cyber network exploitation, even after conventional conflict has begun” “Despite their concern about escalation— chose not to respond to cyber attacks by the adversary in any of the wargames” -- Jacquelyn Schneider, United States Naval War College
  • 22. “Cyber & Crisis Escalation: Insights from Wargaming” “Data from a crisis wargame conducted at the U.S. Naval War College from 2011 to 2016” “Significant strides toward our understanding of the impact of cyber on crisis stability by shifting from an analysis of capabilities to an exploration of states’ perceptions about the impact of cyber on escalation. By bypassing technical questions of capabilities, we can focus instead on how decision-makers process the uncertainties of cyber, with implications not only for potential behaviors during crisis situations but also for understanding the variables that shape foreign policy decision-makers’ understandings of the cyber domain” -- Jacquelyn Schneider, United States Naval War College
  • 23. Finally, is cyber-deterrence a chimera? “Deterrence is largely a function of perception” “For deterrence to be effective, the adversaries must believe that our ability to respond to an attack will result in unacceptable costs imposed on them. Costs may be imposed through a variety of mechanisms, including economic sanctions, diplomacy, law enforcement, & military action” -- Aaron G. Hughes, former U.S. deputy assistant secretary of defense for cyber policy
  • 24. Bureaucracy: the most persistent technical signature of a cyber attack
  • 25. “Your cyber adversary has a boss & a budget” -- The Grugq Bureaucracy: the most persistent technical signature of a cyber attack
  • 26. “Map the adversarial ecosystem of cyberspace in anthropological detail with the aim of increasing our understanding of our adversaries & our own incentives & methods of operation” -- Richard A. Danzig, Surviving On A Diet of Poisoned Fruit Bureaucracy: the most persistent technical signature of a cyber attack
  • 27. Prevalent operational structures -- Dave Aitel, former NSA cyber-operative
  • 28. Three real asymmetries of cyberwar -- Matthew Monte, former CIA cyber-operative Book: Networks Attacks & Exploitation
  • 29. Overview: China • Two 3PLA cyber feeder programs – Apart from tech, HUGE focus on language – Jiao Tong, Shanghai International Studies University • Tiered competency • Loose C&C – OPSEC relies on plausible deniability • Fusion centers for economic espionage • Unified war component: Strategic Support Force
  • 30. Overview: China -- Dave Aitel, former NSA cyber-operative
  • 31. Overview: China • Efficient economic espionage – “The largest transfer of wealth in history” -- Gen. Keith Alexander – A major part of the 30% self-sustenance component of PLA • Declassifies stolen intelligence downstream – Via fusion centers: National Technology Transfer Centers or National Demonstration Organizations – “Convert advanced foreign technology into domestic innovation ability” – “Making technology transfer even more the core feature of our technology innovation” – Project 863, 973 & 211 – Under the 61 Research Institute of 3PLA – Corrupt generals
  • 32. Overview: US • Cyber competency: Medium-tiered • Medium C&C • Extremely high covertness • “Doesn't try to controlling the world but prevents surprise” – The Grugq • A million cleared people - 17 agencies competing for budget • Contractor rot; high attrition
  • 33. Overview: Russia • Good fusion of CYBEROPS with INFOOPS • Disinformation goes all the way back to Stalin • Remnant of the massive Soviet-era Active Measures machinery – $3-4 billion budget in 1982 ($9.5-12.6 billion in today’s terms) > budget of the NSA
  • 34. Overview: Russia • Non-linear war: Gerasimov Doctrine – Peak build-up during & after Crimea • Competing agencies -- GRU, FSB & SVR • Very low covertness • Extension of the state-criminal nexus – Multiple operational components – Strategic cyber reserve
  • 35. Overview: Israel • Purely an extension of skilling – unique • Completely disrupts conventional population- based competencies (lesson for India) • Feeders for 8200: starts from school – Magshimim, Talpiot • Vets bring almost $10 billion per year post- retirement – That’s roughly $700 per capita
  • 38. The worst kind of insurgency • Col. Gary D. Brown on why we won’t see international norms in cyber: – Laws came from customs & practices of nations – how do we account for the massive non-state component? – Functional entropy. Every cyberweapon can command its own law – Most conflict laws written around kinetic impact – Whatever rules we may create around cyber for would also affect other bodies like kinetic warfare – No letting go of offensive capabilities. “The strong do what they can, & the weak suffer what they must” – Internal (inter-agency) lack of cohesion is extreme
  • 39. Cyber from a subcontinental perspective • “States not defining their limits & capabilities is an impediment to cyber law” -- Col. Gary D. Brown – Maintains escalatory control • “Vast majority of our key networked infrastructure is owned & operated by the private sector… must learn to work together to defend our nation in cyberspace” -- Gen. Keith Alexander – Private sector would always be in the cross-hairs – Active Defence (Offensive Defence) – “Private companies… providing threat intelligence that is steadily approaching the all-source format” – Sean Kanuck
  • 40. Cyber from a subcontinental perspective • “We are fighting at the intersection of a Venn diagram where the finances of a non-state actor meet the capabilities of a state actor” – Le me • “Offense’s superiority means that it a utopian fantasy to believe that information can be protected from leakage, & so the counter-offense of disinformation is what we must deploy in return” – Dan Geer
  • 41. Cyber from a subcontinental perspective • “Espionage & war are the same thing now” • “Information is capabilities” • “Lines of communications are lines of attack” • “Passive can turn into active at a heartbeat” • “Motivations dictate methodology” • “Capabilities can scale” • “Cyber attacks ideologies best” • “Banks evolved from a physical place to software services provider that conducts financial transactions… so too are countries becoming increasingly defined by code, rather than physical, tangible assets” – Dave Aitel
  • 42. Cyber from a subcontinental perspective • “Most common threat vector within the cyber environment displays characteristics of a classical insurgent force” -- Maj. GB Parisien, Canadian Forces College • Cyber feeder program – Cyber NDA – Skilling would be the most effective & cheapest force multiplier for the Indian Armed Forces • Focus on tooling & toolchains rather than hacks – Controls resource & manpower attrition
  • 43. Cyber from a subcontinental perspective • Cyber is the strategic pivot of symmetric war, not otherwise • A highly regulated non-state actor engagement model – Cyber-military industrial complex • For India, cyber-deterrence may mostly be realized through geopolitical alliances as the capability build-up is slow & weak