With Twitter revolutions, state-sponsored hacking and the Stuxnet virus driving rapid change in the cyber-age battlefield, this World Politics Review special report examines the state of cyber power through articles published in the past year.
Increasingly, the power of a large, complex, wired nation like the United States rests on its ability to disrupt would-be cyber attacks and to be resilient against a successful attack or recurring campaign. Addressing the concerns of both theorists and those on the national security front lines, Chris C. Demchak presents a unified strategy for survival in an interconnected, ever-messier, more surprising cybered world and examines the institutional adaptations required of our defense, intelligence, energy, and other critical sectors for national security.
Demchak introduces a strategy of “security resilience” against surprise attacks for a cybered world that is divided between modern, digitally vulnerable city-states and more dysfunctional global regions. Its key concepts build on theories of international relations, complexity in social-technical systems, and organizational-institutional adaptation. Demchak tests the strategy for reasonableness in history’s few examples of states disrupting rather than conquering and being resilient to attacks, including ancient Athens and Sparta, several British colonial wars, and two American limited wars. She applies the strategy to modern political, social, and technical challenges and presents three kinds of institutional adaptation that predicate the success of the security resilience strategy in response. Finally, Demchak discusses implications for the future including new forms of cyber aggression like the Stuxnet worm, the rise of the cyber-command concept, and the competition between the U.S. and China as global cyber leaders.
Wars of Disruption and Resilience offers a blueprint for a national cyber-power strategy that is long in time horizon, flexible in target and scale, and practical enough to maintain the security of a digitized nation facing violent cybered conflict.
With the end of the Cold War, U.S. national security perceptions concerning “Who is the threat?” have been thrown into free fall along with those governmental and military institutions meant to contend with it. Resulting from the spreading chaos and ambiguity in the nation-state system, which stem from the simultaneous processes of fragmentation and regionalization, a new question now needs to be asked—“What is the threat?” Increasingly, national security experts have argued that gray area phenomena,“. . . where control has shifted from legitimate governments to new half political, half-criminal powers,” will become the dominant threat.1 Such entities flourish in the growing failed-state operational environment where a condition of “not war–not crime” prevails and nation-state forces operating within it find themselves facing a severe capability gap.2 These entities disregard Western based “laws of war” and “rules of engagement” and are not concerned about such conventions as “legitimacy” or “public opinion.” Of further significance is the recognition that we are beginning the transition from the modern to the postmodern epoch in Western civilization. Past periods of transition such as this have historically witnessed the two collinear trends of the blurring of crime and war, along with shifts in social classes, economic modes, and motive sources which ultimately result in the fall of one civilization and its replacement by another more advanced one. 3 During the earlier shift from the medieval to the modern epoch, three new forms of social and political organization developed dynastic- (proto nation-) states, city-states, and city-leagues—as competitors to the then dominant feudal structure,4 in tandem with the domination of the battlefield by the non state soldier. Ultimately the early nation-state form and its mercenary armies won out over both these competitors and the preexisting civilization based upon Church, empire, and fief. As the shift to the post-modern epoch becomes more pronounced, we can expect similar competitors to the nation-state form and our modern civilization to emerge along with the accompanying non-state soldier. One such projected warmaking entity, “Black,” and its advanced means of waging war will be discussed in this paper. It is based upon an organizational structure far different than the classical hierarchy to which we are accustomed. Rather, it is nonlinear in function, composed of informational paths analogous to webs and nets, and basic units characterized as nodes and free floating cells.5 Such an organizational structure allows for the greater exploitation of postmechanical energy sources, advanced technologies, and new warfighting concepts which will come to dominate what we will term “war” in the decades to come.
All political and military conflicts now have a cyber dimension, the size and impact of which are difficult to predict. Internet-enabled propaganda, espionage and attacks on critical infrastructure can target decision makers, weapons systems and citizens in general, during times of peace or war. Traditional threats to national security now have a digital delivery mechanism which would increase the speed, diffusion and power of an attack. There have been no true cyber wars to date, but cyber battles of great consequence are easy to find. This book is divided into two sections – Strategic Viewpoints and Technical Challenges & Solutions – and highlights the growing connection between computer security and national security.
IOS Press is an international science, technical and medical publisher of high-quality books for academics, scientists, and professionals in all fields.
Some of the areas we publish in:
-Databases and information systems
-All aspects of physics
-The knowledge economy
-Understanding and responding to terrorism
The United States, our allies, and our partners face a spectrum of challenges, including violent transnational extremist networks, hostile states armed with weapons of mass destruction, rising regional powers, emerging space and cyber threats, natural and pandemic disasters, and a growing competition for resources. The Department of Defense must respond to these challenges while anticipating and preparing for those of tomorrow. We must balance strategic risk across our responses, making the best use of the tools at hand within the U.S. Government and among our international partners. To succeed, we must harness and integrate all aspects of national power and work closely with a wide range of allies, friends and partners. We cannot prevail if we act alone.
As noted in the 2006 QDR, state actors no longer have a monopoly over the catastrophic use of violence. Small groups or individuals can harness chemical, biological, or even crude radiological or nuclear devices to cause extensive damage and harm. Similarly, they can attack vulnerable points in cyberspace and disrupt commerce and daily life in the United States, causing economic damage, compromising sensitive information and materials, and interrupting critical services such as power and information networks. National security and domestic resources may be at risk, and the Department must help respond to protect lives and national assets. The Department will continue to be both bulwark and active protector in these areas. Yet, in the long run the Department of Defense is neither the best source of resources and capabilities nor the appropriate authority to shoulder these tasks. The comparative advantage, and applicable authorities, for action reside elsewhere in the U.S. Government, at other levels of government, in the private sector, and with partner nations. DoD should expect and plan to play a key supporting role in an interagency effort to combat these threats, and to help develop new capacities and capabilities, while protecting its own vulnerabilities.
In the contemporary strategic environment, the challenge is one of deterring or dissuading a range of potential adversaries from taking a variety of actions against the U.S. and our allies and interests. These adversaries could be states or non-state actors; they could use nuclear, conventional, or unconventional weapons; and they could exploit terrorism, electronic, cyber and other forms of warfare. Economic interdependence and the growth of global communications further complicate the situation. Not only do they blur the types of threats, they also exacerbate sensitivity to the effects of attacks and in some cases make it more difficult to attribute or trace them. Finally, the number of potential adversaries, the breadth of their capabilities, and the need to design approaches to deterrence for each, create new challenges.
An underlying assumption in our understanding of the strategic environment is that the predominant near-term challenges to the United States will come from state and non-state actors using irregular and catastrophic capabilities. Although our advanced space and cyber-space assets give us unparalleled advantages on the traditional battlefield, they also entail vulnerabilities.
China is developing technologies to disrupt our traditional advantages. Examples include development of anti-satellite capabilities and cyber warfare. Other actors, particularly non-state actors, are developing asymmetric tactics, techniques, and procedures that seek to avoid situations where our advantages come into play.