Cover
Title Page
Copyright
Contents
List of Illustrations
List of Acronyms and Abbreviations
Introduction
Part I. Foundations
Chapter 1. Emblematic Attacks
Prototypical Events
Cybercrime and Other System Intrusions
Advanced Persistent Threat
Distributed Denial-of-Service Attacks
Disruptive and Destructive Attacks
Doxing Attacks
Conclusions
Chapter 2. Some Basic Principles
Cyberwar and Cyberspace
Layers
How Hacks Work
Agoras and Castles
Most Cyberattacks Have Transitory Effects
Chapter 3. How to Compromise a Computer
Abuses by Random External Users
Abuses by Authorized Internal Users
Altered Instructions via Supply-Chain Attack
Malware
Conclusions
Chapter 4. Cybersecurity as a Systems Problem
Applications Are Often the Weak Links in the Security Chain
The Role of Input Filtering
The Role of Browsers and Operating Systems
The Role of People
The Role of Cryptography
A Role for Firewalls?
The Role of Air-Gapping
Relationships among Machines, Systems, and Engineering
Cybersecurity as a Business Process Problem
Measures and Countermeasures
Lessons from the OPM Hack
Chapter 5. Defending against Deep and Wide Attacks
Deep Attacks
Identifying Near-Catastrophes to Get Ahead of Catastrophes
Hedging to Deal with Exceptions to the Power-Law Rule
Attacks of Broad Consequence
Scalability Influences How Well a Near-Catastrophe Predicts a Catastrophe
Implications for Learning
Is Information Sharing a Panacea?
Chapter 6. Deterrence by Denial
What Is Being Discouraged?
Complicating Psychological Factors
Dissuading Cyberattack by Defeating Its Strategy
Is Deterrence by Denial Transferable?
Part II. Operations
Chapter 7. Tactical Cyberwar
Possible Effects
Timing Cyberattacks
The Role of Surprise
A Tactical Cyberwar Scenario
Would China Use Tactical Cyberwar the Same Way?
Why Supremacy Is Meaningless and Superiority Unnecessary
Conclusions
Chapter 8. Organizing a Cyberwar Campaign
Why a Campaign?
Whose Campaign?
The Challenge of Skepticism over the Potential of Tactical Cyberwar
The Insertion of Tactical Cyberwar into Kinetic Operations
Escalation and Tactical Cyberwar
Chapter 9. Professionalizing Cyberwar
Battle Damage Assessment
Collateral Damage
Other Weaponization Parameters
Should Cyberwar Authority Be Predelegated?
A Hacker Way of Warfare
Programming and Budgeting for Cyberwar
Chapter 10. Is Cyberspace a Warfighting Domain?
Cyberwar Operations Are about Usurping Command and Control
Cyberspace as Multiple Media
Defend the Domain or Ensure Missions?
Offensive Operations
Cyberspace as a Warfighting Domain and DDOS Attacks
Other Errors from Calling Cyberspace a Warfighting Domain
No Domain, No Cyber Equivalent of Billy Mitchell
Conclusions
Chapter 11. Strategic Implications of Tactical Cyberwar
Influencing Others against Digitization
Cyberattacks and the Correlation of Forces
The Challenge of Alliance Defense in Cyberspace
Chapter 12. Stability Implications of Tactical Cyberwar
Attack Wins
Getting the Jump Wins
The Risks of Acting Are Reduced
The Risks of Not Acting Are Increased
A Missing Element of Caution
A Quick Comparison to Nuclear Weapons
Do Cyberattack Options Reduce Violence?
Conclusions
Part III. Strategies
Chapter 13. Strategic Cyberwar
Strategic Cyberwar May Focus on Power Grids and Banks
How Coercive Can a Strategic Cyberwar Campaign Be?
The Conduct of Strategic Cyberwar
Indications and Warnings
A Cyber SIOP?
Keeping Targets in Reserve
Terminating Cyberwar
Conclusions
Chapter 14. Cyberwar Threats as Deterrence and Compulsion
The Anger/Fear Balance
The Difficulty of Evaluating a Coercive Campaign
A Stalling Strategy for Compulsion
A Deterrence Response Window
Chapter 15. The Unexpected Asymmetry of Cyberwar
The Third World Disadvantage
The Particular U.S. Advantage
Was This All an Exercise in Nostalgia?
A Silver Lining Arising from Kerckhoffsβs Principle
The Influence of Third Parties on the Balance of Power in Cyberspace
Chapter 16. Responding to Cyberattack
First-Strike Cyberattacks May Have a Variety of Motives
What Looks like an Unprovoked Cyberattack May Not Be
Should the Target Reveal the Cyberattackβand When?
A Delayed Response
Responding without Force
Economic Responses
Sanctions until the Behavior Ends
The Perils of an Easy Response
Sub-Rosa Cyberwar
A Drawback to Any Response
How Will the Attacker Respond to Retaliation?
Conclusions
Chapter 17. Deterrence Fundamentals
Cyberdeterrence Differs from Nuclear and Criminal Deterrence
The Rationale for Deterrence
What Makes Deterrence Work?
The Core Message of Deterrence
Tailored Deterrence
The Problematic Nature of Cyberdeterrence
Chapter 18. The Will to Retaliate
The Risks of Reprisals
Third-Party Cyberattacks
Retaliation May Be Stymied by Bigger Issues on the Table
Credibility May Not Be Easy to Establish
The Signals Associated with Carrying Out Reprisals May Get Lost in the Noise
The Impact of Good Defenses on Credibility Is Mixed
Can Extended Deterrence Work in Cyberspace?
A Baltic Cyberspace Alliance?
Conclusions
Chapter 19. Attribution
What Will Convince Others of Your Attribution?
How Good Would Attribution Be?
What Could Make Attribution So Hard?
When Attribution Seems to Work
When Can Countries Be Blamed for What Starts within Their Borders?
Why Credibility Makes Attribution an Issue
Will the Attacker Always Avoid Attribution?
Why an Attacker May Favor Ambiguous Attribution over None at All
What Should Be Revealed about Attribution?
Attribution in a Post-Truth World
Conclusion
Chapter 20. What Threshold for Response?
A Zero-Tolerance Policy?
Non-Zero Thresholds
Did NotPetya Cross What Would Be a Reasonable Threshold?
Should Pulled or Failed Punches Merit Retaliation?
Compulsion versus Deterrence
Threshold Issues Complicate Retaliating against Cyberespionage
Chapter 21. A Deterministic Posture
Advantages of Determinism
Advantages of a Probabilistic Deterrence Posture
The Choice to Retaliate under Uncertainty
Chapter 22. Punishment and Holding Targets at Risk
The Lack of Good Targets for Intradomain Deterrence
The Temptations of Cross-Domain Deterrence
Will Targets Actually Hit Back at All?
Can Secondary Deterrence Address the Problems of Primary Deterrence?
Persistent Engagement qua Deterrence
Summary Observations on Cyberdeterrence
Chapter 23. Cyberwar Escalation
The Purpose and Risks of Escalation
Escalation in Strategic Cyberwar
The Difficulties of Tit-for-Tat Management
Escalation into Kinetic Warfare
Escalation Risks from Proxy Cyberwar
Proxy Cyberattacks
Conclusions
Chapter 24. Brandishing Cyberattack Capabilities
What Brandishing Is
Your Power or Their Powerlessness?
How to Brandish Cyberattack Capabilities
Brandishing Implants
Escalation Dominance and Brandishing
Counter-Brandishing
Caveats and Cautions
Chapter 25. Narratives and Signals
Narratives to Facilitate Crisis Control
A Narrative Framework for Cyberspace
Narratives as Morality Plays
Narratives to Walk Back a Crisis
Narrative, Attribution, and Response
Signaling
What Can We Say with Signals That Would Come as News to Others?
Ambiguity in Signaling
Why Narratives Matter to Signals
Chapter 26. Cyberattack Inferences from Cyberespionage
Inferring Cyberattacks from Cyberespionage
Inferences from the Fact of Cyberespionage Alone
How to Continue with Cyberespionage with Less Risk
Stick with Attacks on Offensive Systems?
The Defenderβs Options
Deliberate Signaling, Both Friendly and Hostile
Conclusions
Chapter 27. Strategic Stability
Would Nuclear Dilemmas Echo in Cyberspace?
Misperception as a Source of Crisis
Excessive Confidence in Attribution or Preemption
Can There Be a Cuban Missile Crisis in Cyberspace?
Conclusions
Part IV. Norms
Chapter 28. Norms for Cyberspace
Unilateral Red Lines and Multilateral Norms
Red Lines versus Norms
The Criminalization of Hacking
Norms on Attribution
Arms Control
Normalization
Law of Armed Conflict: Jus in bello
Law of Armed Conflict: Jus ad bellum
From the Tallinn Manual to Las Vegas Rules
What the Tallinn Manual Says
Viva Las Vegas
But Not So Fast
Why Not Las Vegas Rules for Outer Space as Well?
Conclusions
Chapter 29. The Rocky Road to Cyberespionage Norms
Norms against Economically Motivated Cyberespionage
The Cybercrime Markets Norm
The No-Political-Doxing Norm
Prohibiting Certain Targets to Prohibit Unwelcome Uses of Purloined Information
Cyberespionage against Critical Infrastructure
Getting to Norms
Chapter 30. Sino-American Relations and Norms in Cyberspace
The United States Advocates Its Norms
Can We Trade?
The Deal That Was Struck
Chapter 31. The Enigma of Russian Behavior in Cyberspace
The Early Years
After Maidan
What Happened to Cyberwar in the RussoβUkraine Conflict?
Cyberattacks to Support Narratives
Conclusions
Chapter 32. Cybersecurity Futures
Better Offense
A Larger Attack Surface
Better Defense
Artificial Intelligence
A Three Mile Island in Cyberspace
Chapter 33. Cyberwar: What Is It Good For?
Notes
Bibliography
Index
About the Author