This updated and expanded edition of Cyberspace in Peace and War by Martin C. Libicki presents a comprehensive understanding of cybersecurity, cyberwar, and cyber-terrorism. From basic concepts to advanced principles, Libicki examines the sources and consequences of system compromises, addresses strategic aspects of cyberwar, and defines cybersecurity in the context of military operations while highlighting unique aspects of the digital battleground and strategic uses of cyberwar. This new edition provides updated analysis on cyberespionage, including the enigmatic behavior of Russian actors, making this volume a timely and necessary addition to the cyber-practitioner's library. Cyberspace in Peace and War guides readers through the complexities of cybersecurity and cyberwar and challenges them to understand the topics in new ways. Libicki provides the technical and geopolitical foundations of cyberwar necessary to understand the policies, operations, and strategies required for safeguarding an increasingly online infrastructure.
With billions of computers in existence, cyberspace, 'the virtual world created when they are connected,' is said to be the new medium of power. Computer hackers operating from anywhere can enter cyberspace and take control of other people's computers, stealing their information, corrupting their workings, and shutting them down. Modern societies and militaries, both pervaded by computers, are supposedly at risk. As Conquest in Cyberspace explains, however, information systems and information itself are too easily conflated, and persistent mastery over the former is difficult to achieve. The author also investigates how far 'friendly conquest' in cyberspace extends, such as the power to persuade users to adopt new points of view. He discusses the role of public policy in managing cyberspace conquests and shows how the Internet is becoming more ubiquitous and complex, such as in the use of artificial intelligence.
The chances are growing that the United States will find itself in a crisis in cyberspace, with the escalation of tensions associated with a major cyberattack, suspicions that one has taken place, or fears that it might do so soon. The genesis for this work was the broader issue of how the Air Force should integrate kinetic and nonkinetic operations. Central to this process was careful consideration of how escalation options and risks should be treated, which, in turn, demanded a broader consideration across the entire crisis-management spectrum. Such crises can be managed by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise from crises."--P. [4] of cover.
This study explores U.S. policy options for managing cyberspace relations with China via agreements and norms of behavior. It considers two questions: Can negotiations lead to meaningful agreement on norms? If so, what does each side need to be prepared to exchange in order to achieve an acceptable outcome? This analysis should interest those concerned with U.S.-China relations and with developing norms of conduct in cyberspace.
This report, the second in a series, reveals insights from chief information security officers; examines network defense measures and attacker-created countermeasures; and explores software vulnerabilities and inherent weaknesses.
There is a general perception that there is a shortage of cybersecurity professionals within the United States, and a particular shortage of these professionals within the federal government, working on national security as well as intelligence. Shortages of this nature complicate securing the nation’s networks and may leave the United States ill-prepared to carry out conflict in cyberspace. RAND examined the current status of the labor market for cybersecurity professionals—with an emphasis on their being employed to defend the United States. This effort was in three parts: first, a review of the literature; second, interviews with managers and educators of cybersecurity professionals, supplemented by reportage; and third, an examination of the economic literature about labor markets. RAND also disaggregated the broad definition of cybersecurity professionals to unearth skills differentiation as relevant to this study. In general, we support the use of market forces (and preexisting government programs) to address the strong demand for cybersecurity professionals in longer run. Increases in educational opportunities and compensation packages will draw more workers into the profession over time. Cybersecurity professionals take time to reach their potential; drastic steps taken today to increase their quantity and quality would not bear fruit for another five to ten years. By then, the current concern over cybersecurity could easily abate, driven by new technology and more secure architectures. Pushing too many people into the profession now could leave an overabundance of highly trained and narrowly skilled individuals who could better be serving national needs in other vocations.
Cyberspace, where information--and hence serious value--is stored and manipulated, is a tempting target. An attacker could be a person, group, or state and may disrupt or corrupt the systems from which cyberspace is built. When states are involved, it is tempting to compare fights to warfare, but there are important differences. The author addresses these differences and ways the United States protect itself in the face of attack.
This book examines information technology standards and discusses what they are, what they do, how they originate, and how they evolve. While standards are important in improving system interoperability and thereby increasing economic productivity, they are unlikely to achieve their full potential due to a variety of factors, chief of which is the politics of the standard process itself. Libicki points out that the government is not likely the best source for designing and promoting standards. He does an excellent job of breaking down many complex technical issues and presenting them in a fashion that technical people can enjoy and policy makers can understand.
The State Department's Bureau of Democracy, Human Rights, and Labor (DRL), as part of its broader effort to protect and advance political and economic freedoms and human rights, champions the United States' strategy for cyberspace to advocate for fundamental freedoms of speech and association through cyberspace; empower civil society actors, human rights activists, and journalists in their use of digital media; and encourage governments to limit neither the freedom of expression nor the free flow of information. To this end, DRL funds the development of many cyber security and privacy software programs. However, there are trade-offs associated with any such investment. On one hand, security and privacy tools can provide safe, reliable, and anonymous Internet access to people who could otherwise be censored, filtered, or punished for communicating electronically. On the other hand, these tools could also be used to conceal or commit illegal activity. This report examines the portfolio of tools funded by DRL that helps support Internet freedom and assesses the impact of these tools in promoting U.S. interests. First, we note the benefits of these tools in promoting DRL's mission of Internet freedom across the world. Second, we examine their potential for, and examples of, their illicit use. Third, we consider the ability of comparable tools, not funded by the DRL, to be used for such purposes. And fourth, we examine safeguards and design and service models that could limit or restrict the use of the technologies for illicit purposes. The report concludes that DRL's support for Internet freedom tools has not made them more likely to be used for illicit purposes, relative to alternative technologies not funded by the DRL"--Back cover.
Deterrence is possible only when others have at least a good idea of possible U.S. military reprisals, but cyberattack capabilities resist such demonstration. This report explores ways they can be and under what circumstances, then goes on to examine the difficulties and the drawbacks. Such "brandishing" is no panacea and could even backfire if misinterpreted. Its success also relies on the strength of other elements of the deterrence posture.
U.S. counterinsurgency efforts in Iraq and Afghanistan have failed to exploit information power, which could be a U.S. advantage but instead is being used advantageously by insurgents. Because insurgency and counterinsurgency involve a battle for the allegiance of a population between a government and an armed opposition movement, the key to exploiting information power is to connect with and learn from the population itself, increasing the effectiveness of both the local government and the U.S. military and civilian services engaged in supporting it. Utilizing mostly available networking technology, the United States could achieve early, affordable, and substantial gains in the effectiveness of counterinsurgency by more open, integrated, and inclusive information networking with the population, local authorities, and coalition partners. The most basic information link with the population would be an information technology (IT)-enhanced, fraud-resistant registry-census. The most promising link would come from utilizing local cell phone networks, which are proliferating even among poor countries. Access to data routinely collected by such networks can form the basis for security services such as enhanced-911 and forensics. The cell phones of a well-wired citizenry can be made tantamount to sensor fields in settled areas. They can link indigenous forces with each other and with U.S. forces without interoperability problems; they can also track the responses of such forces to emergencies. Going further, outfitting weaponry with video cameras would bolster surveillance, provide lessons learned, and guard against operator misconduct. Establishing a national Wiki can help citizens describe their neighborhoods to familiarize U.S. forces with them and can promote accountable service delivery. All such information can improve counterinsurgency operations by making U.S. forces and agencies far better informed than they are at present. The authors argue that today?s military and intelligence networks-being closed, compartmentalized, controlled by information providers instead of users, and limited to U.S. war fighters-hamper counterinsurgency and deprive the United States of what ought to be a strategic advantage. In contrast, based on a review of 160 requirements for counterinsurgency, the authors call for current networks to be replaced by an integrated counterinsurgency operating network (ICON) linking U.S. and indigenous operators, based on principles of inclusiveness, integration, and user preeminence. Utilizing the proposed ways of gathering information from the population, ICON would improve the timeliness, reliability, and relevance of information, while focusing security restrictions on truly sensitive information. The complexity and sensitivity of counterinsurgency call for vastly better use of IT than has been seen in Iraq and Afghanistan. Here is a practical plan for just that.
It is still easy to underestimate how much the collapse of the Soviet Union and the end of the Cold War?--and then the terrorist attacks of September 11, 2001?--transformed the task of American foreign and defense policymaking. In place of predictability (if a sometimes terrifying predictability), the world is now very unpredictable. In place of a single overriding threat and benchmark by which all else could be measured, a number of possible threats have arisen, not all of them states. In place of force-on-force engagements, U.S. defense planners have to assume "asymmetric" threats?--ways not to defeat U.S. power but to render it irrelevant. This book frames the challenges for defense policy that the transformed world engenders, and it sketches new tools for dealing with those challenges?--from new techniques in modeling and gaming, to planning based on capabilities rather than threats, to personnel planning and making use of "best practices" from the private sector.
The U.S. military is ill-equipped to strike at extremists who hide in populations. Using deadly force against them can harm and alienate the very people whose cooperation U.S. forces are trying to earn. To solve this problem, a new RAND study proposes a "continuum of force"--a suite of capabilities that includes sound, light, lasers, cell phones, and video cameras. These technologies are available but have received insufficient attention.
Criminal activities in cyberspace are increasingly facilitated by burgeoning black markets. This report characterizes these markets and how they have grown into their current state to provide insight into how their existence can harm the information security environment. Understanding these markets lays the groundwork for exploring options to minimize their potentially harmful influence.
How terrorist groups end -- Policing and Japan's Aum Shinrikyo -- Politics and the FMLN in El Salvador -- Military force and Al Qa'ida in Iraq -- The limits of America's Al Qa'ida strategy -- Ending the 'war' on terrorism.
Insurgencies have dominated the focus of the U.S. military for the past seven years, but they have a much longer history than that and are likely to figure prominently in future U.S. military operations. Thus, the general characteristics of insurgencies and, more important, how they end are of great interest to U.S. policymakers. This study constitutes the unclassified portion of a two-part study that examines insurgencies in great detail. The research documented in this monograph focuses on insurgency endings generally. Its findings are based on a quantitative examination of 89 cases.
Since the early 1980's , the U.S. has encouraged industry to partner with Fed. agencies to transfer and commercialize federally funded R&D. This report, written in support of the Ballistic Missile Defense Organization's (BMDO's) Tech. Applications program, is intended to put the electric utility industry in touch with developers of a wide range of highly advanced technology funded by BMDO that could assist those utilities in meeting a more competitive environment. Includes: transmission and distribution systems, fossil fuel power generation, environmental compliance, and load mgmt. Contacts provided.
Al Qaeda seeks a restored caliphate free of Western influence, using terror as its means. But how does terrorism serve the ends of Al Qaeda? Based on the analysis of 14 major terrorist attacks, this book seeks to understand its strategic logic and suggest what types of U.S. targets it might seek and why. It examines four different hypotheses : coercion, damage, rally and franchise, to link means and ends.
What is the impact of demographics on the prospective production of military power and the causes of war? This monograph analyzes this issue by projecting working-age populations through 2050; assessing the influence of demographics on manpower, national income and expenditures, and human capital; and examining how changes in these factors may affect the ability of states to carry out military missions.
Information warfare, as any casual observer of the Pentagon can attest, remains a hot-button topic in the military community. Thus does war follow commerce into cyberspace, pitting foes against one another for control of this clearly critical high ground. But does this facile comparison have a basis in reality? In this iconoclastic spirit, the six essays in this book are characterized by a continuing search for the meaning of information warfare.
Information provided to warfighters only gave them broad situational awareness, today, information from sensors and databases can help target past what they can see. This has prompted the Department of Defense (DoD) to build a military analog to the Internet, to be a font of warfighting information and system services. But how should responsibility for providing information and services be shared between global external sources and organic local sources. Thus, tools are needed to let commanders use information from whatever sources fits their needs. A strong bias toward interoperability would foster universal access to information. Liberal distribution of unit-level sensors and connectivity should help warfighters develop and share operational information. Better technology is needed to marry local and global information sources easily. Finally, some entity within DoD should review current information services and lay out a road map for filling in the blanks.
Across a wide variety of endeavors, failure to anticipate disaster has been ascribed to the inability to "connect the dots." But to "connect the dots," one must first "collect the dots." The authors investigate the barriers to circulating important information and describes approaches for bringing information together in a meaningful way and describe a formal process for collecting the dots.
Thank you for visiting our website. Would you like to provide feedback on how we could improve your experience?
This site does not use any third party cookies with one exception — it uses cookies from Google to deliver its services and to analyze traffic.Learn More.