Cyber Operations In Wartime

Uploaded on 2021-11-12 in TECHNOLOGY-Key Areas-Social Media, GOVERNMENT-Defence, FREE TO VIEW

Headlines about cyber warfare often focus on doomsday scenarios, with depictions of nation-states using “cyber bombs” to remotely dismantle electric grids and other critical infrastructure

Yet recent events, including Russia’s use of cyber operations for information warfare and propaganda, suggest that policymakers and military leaders need to broaden their assumptions about how state and non-state actors are likely to use such operations in future conflicts. 

To investigate the role of cyber operations in diverse crisis scenarios, the UC Berkeley Center for Long-Term Cybersecurity  (CLTC) has developed two distinct wargame formats the use  innovative methodology for investigating competition among diverse actors to determine their likely strategic preferences.

Island Impact & Netwar

In the Island Impact game, players represented either the US or China in a simulated crisis in the South China Sea. In Netwar the players took on the role of either a national government or one of three opposition groups (a violent non-state actor, major international firm, or cyber activist network) in the context of an escalating conflict.

  • CLTC first ran these games with university students and national security professionals to examine how the participants approached incorporating cyber capabilities with more conventional tools of statecraft.
  • CLTC then constructed a survey experiment involving more than 3,000 internet users to identify which of the strategies identified in the wargame they preferred.

The wargames and survey experiments both showed that cyber capabilities produce a moderating influence on coercive exchanges and crisis escalation.

Cyber-based instruments of power appear to offer states a means of managing escalation ‘in the shadows’.

Cyber conflict appears in these simulations to resemble covert action and looks more like the ‘political warfare’ of the Cold War than it does a military revolution. The research work suggests that leaders should think about cyber exchanges in crisis settings more as political warfare and subterfuge than as traditional warfighting. 

Among The  CLTC's Key Findings:

Cyber exchanges will not necessarily be escalatory:

Particularly in state-to-state crises, participants were restrained in their use of cyber tools, suggesting that cyber capabilities may not necessarily be a preferred choice for provocative escalations.

Cyber deterrence may be overhyped:

In the context of cyberspace, the logic of coer-cion—the use of threats and limited action to alter behavio is less about deterrence (i.e. the threat of force) than about signaling resolve and undermining adversaries from within.

Power disparities had limited influence on decision-making:

Even players who were more powerful than their opponents used restraint, suggesting that cyber operations may in fact help stabilize strategic interactions between rivals.

Regime type informs cyber strategy preferences: 

Actors took a more defensive posture when the polity they were contesting was a democracy, as opposed to an autocracy.

Cyber strategy is “issue-agnostic”:

The nature of the conflict has little impact on the use of cyber capabilities, as different issues driving conflict, ideology or ethnic minority rights, did not produce observable differences in cyber strategy preferences.

The report, sponsored by the UC Berkeley, gives an overview of the implications for policymakers and military leaders as they make decisions about cybersecurity and anticipate how rivals will use cyber space in future crises linked below. 

Academia. Edu:

You Might Also Read: 

Reshaping The Future Of War With Malware:

 

« Alarming Surge In Malicious Apps
Endpoint Security Is More Important Than Ever »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

HANDD Business Solutions

HANDD Business Solutions

HANDD are independent specialists in data protection with expertise at every stage of the Protect, Detect and Respond cycle, from consultancy and design, right through to installation.

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

HDI Global SE

HDI Global SE

HDI Global SE provides customised insurance solutions for industrial and commercial clients worldwide including Cyber Liability insurance.

Sandline Discovery

Sandline Discovery

Sandline Discovery provides digital forensics, eDiscovery solutions, managed review and litigation consulting services.

FTAPI Software

FTAPI Software

FTAPI SecuTransfer is a software solution for end-to-end encrypted data exchange of large and sensitive data with customers and partners.

Secucloud

Secucloud

Secucloud GmbH is a provider of high-availability cyber-security solutions, offering a cloud-based security-as-a-service platform, particularly for providers.

ECOLUX

ECOLUX

ECOLUX is a professional IoT security service company committed to developing world-leading “IoT Lifecycle Security” technologies and products.

NETRIO

NETRIO

If you are looking for a highly mature, exceptionally competent Managed Service Provider, NETRIO has solutions to keep your business running at warp speed with zero disruptions.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

AutoSec

AutoSec

AutoSec supports the FFI program Electronics, Software and Communication by dissemination and exploitation of the results of projects related to automotive cybersecurity.

TokenEx

TokenEx

TokenEx Cloud Security Platform protects sensitive data to strengthen our clients' security postures while future-proofing their operations.

The IoT Academy

The IoT Academy

The IoT Academy is a reputed Ed-Tech Institute that provides training in emerging technologies such as embedded systems, the Internet of Things (IoT), Data Science and many more.

Heron Technology

Heron Technology

Heron Technology are a technology solutions consultancy with core competencies in the areas of Cyber Security and Digital Aviation.

Hook Security

Hook Security

Setting a new standard in security awareness. Hook Security is a people-first company that uses psychological security training to help companies create security-aware culture.

Bastazo

Bastazo

Bastazo provides tools for vulnerability and patch management. Focus your cybersecurity operations on vulnerabilities with the highest risk of exploitation.