Cyber Warfare: Defense and Offense

The following sample Political Science research paper is 3183 words long, in MLA format, and written at the undergraduate level. It has been downloaded 655 times and is available for you to use, free of charge.

I. Introduction

Man’s greatest endeavors have yet to yield a totally secure or impenetrable computer system. Any computer system has its weakness, and there are committed individuals who seek to exploit any weakness they can find. Therefore, there must be an equal number of committed individuals dedicated to the integrity of the computer system for the sake of public security. Man has designed great innovations in technology from the development of the spear to vast computer networks where so much information is communicated among computers that space, where this information is transmitted, has been called cyberspace.

Although cyberspace does not really exist, it has been decided that it is a place for warfare. For every element of daily life that is surrendered to computer control, there comes the risk of a breakdown or worse control of the system falling into nefarious hands. The United States government, specifically the Department of Defense and the entire economy is inextricably linked to computer systems communicating in cyberspace. For whatever motive, these technological systems are under constant attack for a variety of reasons from people anywhere in the world. Since national security in persons and commerce is a primary concern of government, that government must take every precaution to ensure the integrity of the system. In the United States, the Central Intelligence Agency, as well as the Department of Defense, have undertaken programs to maintain the integrity of their computer networks. Going further, the Department of Defense has not only worked toward defending military integrity against cyber attack, but they have also developed a mechanism to commit cyber-attacks. This is the new age of cyber warfare, it is the perfect marriage of intelligence, defense, and offensive tactics for the sake of national security. 

This research paper traces the evolution of cyber warfare evaluating the role of intelligence and the expansion of the U.S. military into cyberspace as the next theatre for warfare both as a mode of defense as well as offense. Presented here are the key developments and paradigm shifts that motivated this evolution. Modern warfare has evolved beyond the physical act of aggression from a state, a terrorist group, or even a lone terrorist wrapped in leaderless resistance. Although car bombs and physical terror attacks still occur, the greater vulnerabilities exist in cyberspace where there are no borders, and attribution for attacks is difficult depending on the sophistication of the perpetrator as well as the investigator. 

II. Cyberspace

Prevalence of complex computer systems can be seen in everyday encounters. From the delivery of water, electricity, or the management of public transit to the systems the average person isn’t acutely aware of.  Each of these systems is vulnerable to the cyber-attack. Other vulnerable systems include banking, and private industry communicating sensitive corporate secrets through internal computer systems.  Each of these entities has seen attacks on their systems motivated by simple disruption to designs on corporate espionage. Individuals, corporations, and governments are all at risk for a cyber-attack from identity theft to the possibility that the President would not be unable to order a strike due to system failure. Modern systems are not stand-alone isolated systems. In almost all cases, there is a connection to the internet and therefore an opportunity for a cyber-attack.  It follows then, while defensive posturing to protect the nation’s security and economy is necessary, cyber-attacks should be taken seriously especially in the post-September 11th era. Intelligence and defensive strategies for cybersecurity have been developed over the years by the United States Department of Defense (DOD) as it wages war against terror. 

III. Cyber Attacks

The nature of cyber threats has been extensively discussed and analyzed in recent years as a type of terrorism. In 2001, Michael Vatis, Director of the Institute for Security Technology Studies at Dartmouth presented a predictive analysis for the inclusion of cyberattacks during the war on terrorism. Through a series of case studies, he concluded that “1. Cyber-attacks immediately accompany physical attacks, 2. Cyber-attacks are increasing in volume, sophistication, and coordination, and 3. Cyber attackers are attracted to high-value targets” (Vatis 1). Vatis identified four sources for cyber-attacks including terrorist groups, terrorist sympathizers and anti-U.S. hackers, targeted nation-states, and thrill-seekers. High-value targets include banking institutions, voice communication systems, electrical grids, water resources, oil and gas infrastructures (Vatis 18). The post-September 11 worlds presented a new kind of war, a war against an ideology, or a mode of political expression. In the information age, the enemy may not be a nation-state but could be a rogue terrorist, or a nation-state using a proxy to commit cyber-attacks. Frustrating to defense is returning a proportional response to the entity perfecting the cyber-attack. Problems with attribution continue, but with advances in technology, this process has become easier. Having identified these elements of cyber threats, the task of identifying potential instigators as well as targets becomes more manageable.

John Serbian of the Central Intelligence Agency (CIA) delivered testimony to the United States Congress in February of 2000 emphasizing the critical threat of cyber-attacks. Noting who would be capable of an attack he stated, “Given the availability of sophisticated technology and the seemingly limited investment required, potential attackers can include national intelligence and military organizations, terrorists, criminals, industrial competitors, hackers, and disgruntled or disloyal insiders” (Serabian). There are two points here. First, that the barriers to entry to cyber warfare are considerably low and widely accessible. Second, identifying the perpetrators of cyberattacks is a unique challenge. “Unlike the threats of the cold war, cyber threats can come from almost anywhere. They can originate from any location, affect systems anywhere in the world, disguise origins and travel routes, and do it all instantaneously” (Serabian). With some skill and easily attainable hardware, the origins of a cyber-attack can easily be masked. Because of this intelligence gathering plays a crucial role in cybersecurity.  

In response to the concern over the vulnerabilities of the nation’s computers systems, the 107th United States Congress passed the “Cyber Security Research and Development Act” in 2002. This act appropriated money for academic research into understanding the cybersecurity threat as well as the development of data mining application technology for cybersecurity. However, substantial change to the act has not occurred despite the introduction of forty bills in the 112th Congress and sixty bills in the 111th Congress directly addressing cybersecurity (Tehan 1). In this legislative vacuum, governmental action to develop defenses and offensives in cyber warfare and cyber intelligence gathering has occurred through various Presidential Directives and Executive Orders (Tehan 13). 

As Vatis predicted, attacks to critical systems in the United States increased. In June of 2012, the U.S. Industrial Control System Cyber Emergency Response Team (ICS-CERT) reported that the number of cyberattacks on water sector systems increased from 9 in 2009 to 198 in 2011 (Tehan 16). The ICS-CERT was unable to identify the sources of these attacks, whether they occurred by thrill-seeking hackers or by intentional anti-American entities. The concern is that there were constant attacks on an important system. These attacks represent a drop in the bucket compared to the daily onslaught of attempted hacking on the DOD’s over 14,000 individual computer systems.    

IV. Cyber Defense

The Department of Defense’s strategy in response to the deluge of cyber-attacks started with the internal security of their systems. Eventually, the DOD began exploring ways to use cyberattacks offensively in what it dubbed, “Operations in cyberspace”, in July of 2011 (Tehan 25). This followed the White House’s release in May of 2011 of its, “International Strategy for Cyberspace”.  “The strategy marks the first time any administration has attempted to set forth in one document the U.S. government’s vision for cyberspace, including goals for defense, diplomacy, and international development” (Tehan 30). In this document, the administration claimed cyberspace as a place where warfare can be conducted. The DOD acknowledged that the threats to systems through cyberspace are substantially equivalent to those on land, in the sea, or the air. “When warranted, we will respond to hostile attacks in cyberspace as we would to any other threat to our country. We reserve the right to use all necessary means - diplomatic, informational, military and economic - to defend our nation, our allies, our partners, and our interests” (Tehan 49). This statement reified the government's position to expand its influence in cyberspace. 

The DOD position is important because it mentions not only the security of the U.S., but also allies, partners, and interests. As a NATO member, the U.S. is obliged to assist in the defense of other allies. In April 2007, Estonia was essentially crippled for 22 days by a cyber-attack. (Tehan 53) The form of the attack disrupted public systems and served as a wake-up call to other NATO members that cyberattacks cause real problems and international strategies should be considered to minimize the effect of these attacks. Another important point made by the DOD is that cyber warfare is a complement to other options including military and diplomatic. It’s another type of weapon that can foster deterrence.  

In July 2011, the Department of Defense released its defense strategy for operating in cyberspace. In their report, they identified five strategic initiatives. The first initiative was to “treat cyberspace as an operational domain to organize, train and equip so that DOD can take full advantage of cyberspace’s potential” (“Department of Defense Cyberspace Policy Report” 1). The report noted that global internet usage had surged during the decade between 2000 and 2010 from 360 million users to over 2 billion users (“Department of Defense Cyberspace Policy Report” 1). The sheer explosion of people using the internet was worthy of the DOD's attention because that surge in internet usage also represented how people were using the internet. Most information flowed electronically through the internet and most banking is done over the internet. Commerce itself is profoundly influenced by an online presence. The information age has brought nearly all aspects of commerce into the internet and the role of computers is essential from a national security standpoint. Unlike traditional warfare, planes, bombs, and troops are expensive yielding physical damage. Cyberwarfare, in contrast, has a low barrier to entry, requires very little direct risk but can be as disruptive as any other form of attack. Therefore, it is logical for the DOD to devote resources to its cyber presence. 

The second strategic initiative for the DOD is to employ operational changes to protect the systems the DOD relies upon to meet its mission. “DOD is enhancing its cyber hygiene best practices to improve cybersecurity” (“Department of Defense Cyberspace Policy Report” 12). Every large organization relying on a complex computer system is vulnerable to cyber-attacks, including banking and large private companies. The DOD has operations spread throughout the world operating at least 14,000 independent computer networks and systems simultaneously. It is critical that the largest department of the federal government has its cyber house in order. 

Since attribution remains a problem once an attack has been attempted, the threats exist for all large organizations with computer systems. Attacks on the system have been motivated by corporate espionage or generalized disruption. The suggestions to all entities with critical systems are to work to ensure the internal integrity of their systems, and this is DOD's statement of this effort as well. This statement naturally connects with the third strategic initiative to partner with other departments in government as well as the private sector. “Neither government nor the private sector nor individual citizens can meet this challenge alone - we will expand the ways we work together” (“Department of Defense Cyberspace Policy Report” 14). An example of intergovernmental cooperation is the combination to the head of the National Security Agency with the head of the U.S. Cyber Command at DOD with General Keith Alexander its current head. Additional cooperation includes working with the CIA as well as the Department of State. However, DOD must also work with banking and other public/private entities running critical public infrastructure systems. 

Along with internal cooperation with the U.S., the Estonian experience showed the necessity of international cooperation as well. Further, this attack highlighted the effect of a transnational attack where attribution proved to be very difficult to attain. Since cyberspace extends beyond borders and exists essentially in the ether, security against cyber-attacks is a problem affecting each technology-reliant country. 

The fifth strategic initiative includes leveraging the nation’s ingenuity through rapid technological innovation. This initiative continues the intentions of the Cyber Security Research and Development Act of 2002. The unstated continuation of this initiative includes using skills in cyberspace for offensive uses as well. Although this is not directly stated in the DOD's report. Promoting the education of so-called “Cyber Sentries” requires a strong emphasis on quality education of cyber warriors. Some weaknesses in the breadth of the skills of the DOD's cyber command were exposed in 2008 

The infection of the DOD's Middle east computer systems in 2008 by the virus “agent.btz” took 14 months to contain in an operation called Buckshot Yankee. The infection was caused by the single insertion of a tainted thumb drive (Reid 5). Commenting on the effect the virus on DOD's computers, Brookings Institution Fellow Noah Shachtman stated, “The havoc caused by agent.btz has little to do with the worm’s complexity...and everything to do with the military’s inability to cope with even a minor threat” (Reid 5). Shachtman exposed a weakness in the DOD's ambitions to rule cyberspace. Cyber warrior training is still in development. Many of the brightest information technology minds are still not trained in cyber warfare. However, the nature of cyberspace and cyber warfare is that it is inherently dynamic. In 2012, the DOD announced that it is now capable of perfecting a cyber-attack. 

V. Cyber Defense

Then-Secretary of Defense Leon Panetta reported in October 2012 that the US military had acquired the ability to carry out cyber warfare. At the time of his speech, the Pentagon was drafting new rules of engagement for cyber warfare. Panetta had previously told Congress that expanding capabilities in cyber warfare expanded the options for the President in protecting the nation. “For these kinds of scenarios [DOD] has developed the capability to conduct effective operations to counter threats to our national interests in cyberspace” (Muńoz). With the expansion of DOD presence into cyberspace, the Secretary had rationalized that there is a compelling security interest as some threats to national security could include limiting the options of the President to respond to an attack. Without an offensive ability in cyberspace, the President is limited to addressing certain security threats. With the ability to wage cyberwar, the President has more tools to address security concerns once it is ascertained where a cyber-attack had originated from.   

Attribution remains one of the greatest challenges in cyber warfare. While the DOD has developed the ability to conduct cyber-attacks, the rules of engagement still require that retaliation be exacted against the perpetrator. In the realm of corporate espionage, China has been employing hackers to hack top American companies raiding trade secrets. The political and economic ties between China and the U.S. make any sort of cybersecurity issue more delicate but they aren’t the only nation-states engaging in cyber espionage. Iran is accused of using the Shamoon virus to cripple thousands of computers in Saudi Arabia (Muńoz). However, the U.S. in cooperation with Israel is credited with hatching the Stuxnet worm in 2010 designed to paralyze Iranian uranium centrifuges (Munoz). This was a cyberattack by the U.S. and it worked in delaying Iran’s uranium enrichment program for four months, but it also taught the Iranians the weaknesses of their system which they have since corrected. This is the nature of cyber warfare, essentially the attacker gets one shot and depending on the success of that one shot, retribution could be much greater.  

For a country or entity considering cyber attacking the U.S., it might think twice if annoyance cannot be assured. The reason being, if actual harm is caused, then the U.S. is obliged toward a proportional response. Some countries with limited resources may devote those resources to cyber warfare, however, cyber warfare is only one of the many different weapons the U.S. has at its disposal. Secretary Panetta stated, “Potential aggressors should be aware that the United States has the capacity to locate them and hold them accountable for actions that harm America or its interests” (Munoz). Pursuant to Section 934 of the National Defense Authorization Act, the DOD was asked to return to Congress a report on its cyber activities. In this document, the DOD reinforced its position that developing cyber warfare capabilities were a part of the general theory of deterrence. Along with military options, the DOD was now expanding into cyber options. 

VI. Conclusion

Cyberspace is the new frontier of the information age. The world’s largest economy protected by the world’s most sophisticated military is largely dependent on computer systems. These systems are subject to constant cyber-attacks. The government has responded by developing comprehensive defensive strategies to protect the integrity of its computer systems. When attacked, the military, the CIA, as well as major public entities work together to gather intelligence to minimize the effect of the attack, correct any system failure, and then seek the perpetrator. Expanding on this, the military has now developed the ability to commit a cyberattack, claiming cyberspace as a viable venue for military intervention. This is a prudent step forward as it expands the military’s arsenal to match the attacks of others. Further, it expands the ability of the United States to provide for national security and protect the economy. Ultimately the ability to protect national interests without the risk of loss of life is a good use of force. 

This research paper summarized the motivations and evolution of the military’s entry into cyberspace and cyber warfare. It was showed that this move into cyber warfare is a necessary and proper action for the military to protect the integrity of the military and to better provide for national security. Cyberwarfare has motivated international and intergovernmental partnership to face a common enemy with unique abilities. With the continued innovation of technology, attacks will continue, the framework for offensive and defensive cyber warfare will keep pace and this framework will continue to be honed, meeting each new threat for the information age.

Works Cited

"Department of Defense Cyberspace Policy Report." United States Department of Defense, n.d. www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf.

Munoz, Carlo. "Panetta acknowledges US has the capacity to wage cyber warfare - The Hill's Hillicon Valley." The Hill, 12 Oct. 2012. http://thehill.com/blogs/defcon-hill/policy-and-strategy/261705-panetta-unveils-aggressive-new-cyberwarsafre-strategy-.

Reid, Jr. , Lt. Col. Desmond. "Cyber Sentries: Preparing Defenders to Win in a Contested Domain." Strategy Research Project, vol. 1, 2012, pp. 1-30. 

Serabian, Jr. , John. "Statement for the Record Before the Joint Economic Committee on Cyber Threats." Joint Committee on Cyber Threats and the US Economy. United States Congress. United States Capitol, Washington, DC. 23 Feb. 2000. 

Tehan, Rita . Cybersecurity: Authoritative Reports and Resources. Washington, D.C.: Congressional Research Service, 2012. 

Vatis, Michael. "Cyber Attacks During the War on Terrorism: A Predictive Analysis." OAI. Dartmouth College Hanover New Hampshire Institute for Security Studies, 22 Sept. 2001. http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA395300.