To what extent do cyberspace operations increase the risks of escalation between nation-state rivals? Scholars and practitioners have been concerned about cyber escalation for decades, but the question remains hotly debated. The issue is increasingly important for international politics as more states develop and employ offensive cyber capabilities, and as the international system is increasingly characterized by emergent multipolarity. In Escalation Dynamics in Cyberspace, Erica D. Lonergan and Shawn W. Lonergan tackle this question head-on, presenting a comprehensive theory that explains the conditions under which cyber operations may lead to escalation. In doing so, they challenge long-held assumptions about strategic interactions in cyberspace, arguing that cyberspace is not as dangerous as the conventional wisdom might suggest. In some cases, cyber operations could even facilitate the de-escalation of international crises. To support their claims, Lonergan and Lonergan test their theory against a range of in-depth case studies, including strategic interactions between the United States and key rivals; a series of case studies of the role of cyber operations in international crises; and plausible future scenarios involving cyber operations during conflict. They then apply their analytical insights to policymaking, making the case that skepticism is warranted about the overall efficacy of employing cyber power for strategic ends. By exploring the role of cyber operations in routine competition, crises, and warfighting, Escalation Dynamics in Cyberspace presents nuanced insights about how cyberspace affects international politics.

“We are dropping cyber bombs. We have never done that before.”—U.S. Defense Department official A new era of war fighting is emerging for the U.S. military. Hi-tech weapons have given way to hi tech in a number of instances recently: A computer virus is unleashed that destroys centrifuges in Iran, slowing that country’s attempt to build a nuclear weapon. ISIS, which has made the internet the backbone of its terror operations, finds its network-based command and control systems are overwhelmed in a cyber attack. A number of North Korean ballistic missiles fail on launch, reportedly because their systems were compromised by a cyber campaign. Offensive cyber operations like these have become important components of U.S. defense strategy and their role will grow larger. But just what offensive cyber weapons are and how they could be used remains clouded by secrecy. This new volume by Amy Zegart and Herb Lin is a groundbreaking discussion and exploration of cyber weapons with a focus on their strategic dimensions. It brings together many of the leading specialists in the field to provide new and incisive analysis of what former CIA director Michael Hayden has called “digital combat power” and how the United States should incorporate that power into its national security strategy.

Cyber conflict is real, but is not changing the dynamics of international politics. In this study, the authors provide a realistic evaluation of the tactic in modern international interactions using a detailed examination of several famous cyber incidents and disputes in the last decade.

Some pundits claim cyber weaponry is the most important military innovation in decades, a transformative new technology that promises a paralyzing first-strike advantage difficult for opponents to deter. Yet, what is cyber strategy? How do actors use cyber capabilities to achieve a position of advantage against rival states? This book examines the emerging art of cyber strategy and its integration as part of a larger approach to coercion by states in the international system between 2000 and 2014. To this end, the book establishes a theoretical framework in the coercion literature for evaluating the efficacy of cyber operations. Cyber coercion represents the use of manipulation, denial, and punishment strategies in the digital frontier to achieve some strategic end. As a contemporary form of covert action and political warfare, cyber operations rarely produce concessions and tend to achieve only limited, signaling objectives. When cyber operations do produce concessions between rival states, they tend to be part of a larger integrated coercive strategy that combines network intrusions with other traditional forms of statecraft such as military threats, economic sanctions, and diplomacy. The books finds that cyber operations rarely produce concessions in isolation. They are additive instruments that complement traditional statecraft and coercive diplomacy. The book combines an analysis of cyber exchanges between rival states and broader event data on political, military, and economic interactions with case studies on the leading cyber powers: Russia, China, and the United States. The authors investigate cyber strategies in their integrated and isolated contexts, demonstrating that they are useful for maximizing informational asymmetries and disruptions, and thus are important, but limited coercive tools. This empirical foundation allows the authors to explore how leading actors employ cyber strategy and the implications for international relations in the 21st century. While most military plans involving cyber attributes remain highly classified, the authors piece together strategies based on observations of attacks over time and through the policy discussion in unclassified space. The result will be the first broad evaluation of the efficacy of various strategic options in a digital world.

The world has been sleep-walking into cyber chaos. The spread of misinformation via social media and the theft of data and intellectual property, along with regular cyberattacks, threaten the fabric of modern societies. All the while, the Internet of Things increases the vulnerability of computer systems, including those controlling critical infrastructure. What can be done to tackle these problems? Does diplomacy offer ways of managing security and containing conflict online? In this provocative book, Shaun Riordan shows how traditional diplomatic skills and mindsets can be combined with new technologies to bring order and enhance international cooperation. He explains what cyberdiplomacy means for diplomats, foreign services and corporations and explores how it can be applied to issues such as internet governance, cybersecurity, cybercrime and information warfare. Cyberspace, he argues, is too important to leave to technicians. Using the vital tools offered by cyberdiplomacy, we can reduce the escalation and proliferation of cyberconflicts by proactively promoting negotiation and collaboration online.

We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. Modern military forces use weapons that are increasingly coordinated through computer-based networks. Cybersecurity is vital to protecting all of these functions. Cyberspace is vulnerable to a broad spectrum of hackers, criminals, terrorists, and state actors. Working in cyberspace, these malevolent actors can steal money, intellectual property, or classified information; impersonate law-abiding parties for their own purposes; damage important data; or deny the availability of normally accessible services. Cybersecurity issues arise because of three factors taken together - the presence of malevolent actors in cyberspace, societal reliance on IT for many important functions, and the presence of vulnerabilities in IT systems. What steps can policy makers take to protect our government, businesses, and the public from those would take advantage of system vulnerabilities? At the Nexus of Cybersecurity and Public Policy offers a wealth of information on practical measures, technical and nontechnical challenges, and potential policy responses. According to this report, cybersecurity is a never-ending battle; threats will evolve as adversaries adopt new tools and techniques to compromise security. Cybersecurity is therefore an ongoing process that needs to evolve as new threats are identified. At the Nexus of Cybersecurity and Public Policy is a call for action to make cybersecurity a public safety priority. For a number of years, the cybersecurity issue has received increasing public attention; however, most policy focus has been on the short-term costs of improving systems. In its explanation of the fundamentals of cybersecurity and the discussion of potential policy responses, this book will be a resource for policy makers, cybersecurity and IT professionals, and anyone who wants to understand threats to cyberspace.

In a world of increasing dependence on information technology, the prevention of cyberattacks on a nation's important computer and communications systems and networks is a problem that looms large. Given the demonstrated limitations of passive cybersecurity defense measures, it is natural to consider the possibility that deterrence might play a useful role in preventing cyberattacks against the United States and its vital interests. At the request of the Office of the Director of National Intelligence, the National Research Council undertook a two-phase project aimed to foster a broad, multidisciplinary examination of strategies for deterring cyberattacks on the United States and of the possible utility of these strategies for the U.S. government. The first phase produced a letter report providing basic information needed to understand the nature of the problem and to articulate important questions that can drive research regarding ways of more effectively preventing, discouraging, and inhibiting hostile activity against important U.S. information systems and networks. The second phase of the project entailed selecting appropriate experts to write papers on questions raised in the letter report. A number of experts, identified by the committee, were commissioned to write these papers under contract with the National Academy of Sciences. Commissioned papers were discussed at a public workshop held June 10-11, 2010, in Washington, D.C., and authors revised their papers after the workshop. Although the authors were selected and the papers reviewed and discussed by the committee, the individually authored papers do not reflect consensus views of the committee, and the reader should view these papers as offering points of departure that can stimulate further work on the topics discussed. The papers presented in this volume are published essentially as received from the authors, with some proofreading corrections made as limited time allowed.