cyber posturing and the offense-defense balance

26
This article was downloaded by: [University of Illinois Chicago] On: 21 October 2014, At: 18:01 Publisher: Routledge Informa Ltd Registered in England and Wales Registered Number: 1072954 Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK Contemporary Security Policy Publication details, including instructions for authors and subscription information: http://www.tandfonline.com/loi/fcsp20 Cyber Posturing and the Offense-Defense Balance Ilai Saltzman Published online: 11 Mar 2013. To cite this article: Ilai Saltzman (2013) Cyber Posturing and the Offense- Defense Balance, Contemporary Security Policy, 34:1, 40-63, DOI: 10.1080/13523260.2013.771031 To link to this article: http://dx.doi.org/10.1080/13523260.2013.771031 PLEASE SCROLL DOWN FOR ARTICLE Taylor & Francis makes every effort to ensure the accuracy of all the information (the “Content”) contained in the publications on our platform. However, Taylor & Francis, our agents, and our licensors make no representations or warranties whatsoever as to the accuracy, completeness, or suitability for any purpose of the Content. Any opinions and views expressed in this publication are the opinions and views of the authors, and are not the views of or endorsed by Taylor & Francis. The accuracy of the Content should not be relied upon and should be independently verified with primary sources of information. Taylor and Francis shall not be liable for any losses, actions, claims, proceedings, demands, costs, expenses, damages, and other liabilities whatsoever or howsoever caused arising directly or indirectly in connection with, in relation to or arising out of the use of the Content. This article may be used for research, teaching, and private study purposes. Any substantial or systematic reproduction, redistribution, reselling, loan, sub- licensing, systematic supply, or distribution in any form to anyone is expressly

Upload: ilai

Post on 26-Feb-2017

220 views

Category:

Documents


6 download

TRANSCRIPT

Page 1: Cyber Posturing and the Offense-Defense Balance

This article was downloaded by: [University of Illinois Chicago]On: 21 October 2014, At: 18:01Publisher: RoutledgeInforma Ltd Registered in England and Wales Registered Number: 1072954Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH,UK

Contemporary Security PolicyPublication details, including instructions for authorsand subscription information:http://www.tandfonline.com/loi/fcsp20

Cyber Posturing and theOffense-Defense BalanceIlai SaltzmanPublished online: 11 Mar 2013.

To cite this article: Ilai Saltzman (2013) Cyber Posturing and the Offense-Defense Balance, Contemporary Security Policy, 34:1, 40-63, DOI:10.1080/13523260.2013.771031

To link to this article: http://dx.doi.org/10.1080/13523260.2013.771031

PLEASE SCROLL DOWN FOR ARTICLE

Taylor & Francis makes every effort to ensure the accuracy of all theinformation (the “Content”) contained in the publications on our platform.However, Taylor & Francis, our agents, and our licensors make norepresentations or warranties whatsoever as to the accuracy, completeness, orsuitability for any purpose of the Content. Any opinions and views expressedin this publication are the opinions and views of the authors, and are not theviews of or endorsed by Taylor & Francis. The accuracy of the Content shouldnot be relied upon and should be independently verified with primary sourcesof information. Taylor and Francis shall not be liable for any losses, actions,claims, proceedings, demands, costs, expenses, damages, and other liabilitieswhatsoever or howsoever caused arising directly or indirectly in connectionwith, in relation to or arising out of the use of the Content.

This article may be used for research, teaching, and private study purposes.Any substantial or systematic reproduction, redistribution, reselling, loan, sub-licensing, systematic supply, or distribution in any form to anyone is expressly

Page 2: Cyber Posturing and the Offense-Defense Balance

forbidden. Terms & Conditions of access and use can be found at http://www.tandfonline.com/page/terms-and-conditions

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 3: Cyber Posturing and the Offense-Defense Balance

Cyber Posturing and the Offense-DefenseBalance

ILAI SALTZMAN

For some realists, cyber warfare is ‘old wine in new bottles’, with marginal added value. Thismisses the larger possibilities for political/military chain reactions that cyber warfare mayprompt, possibly leading to armed conflict. This article utilizes Offense-Defense theory toappraise the influence of cyber warfare on international security and the prospects for conflict.Offense-Defense theory, as applied here, better explains the relationship between technologicalinnovation and international politics, and leads to different conclusions from other realistapproaches. Redefining the Offense-Defense balance to accommodate cyberspace leads toan emphasis on the offensive advantages of cyber capabilities. The offensive and defensivecyber postures of China, Russia, the United States, and NATO are examined here to empiricallyassess the role of cyber warfare in security policy. Evidence shows that innovations in Infor-mation and Communication Technology (ICT) allow states to take greater risks and adoptmore vigilant or offensive positions toward adversaries. Cyber capabilities do not causearmed conflict, but make decisions to escalate easier and cheaper. A strategic enabler that pro-vides attackers greater freedom of action, cyber warfare is becoming a necessary condition forthe conduct of war, even if it is not a sufficient one.

Introduction

In September 2007, Israeli military cyber warriors reportedly hacked into the Syrian

monitoring and anti-aircraft missile defences to allow Israeli fighter jets to bomb the

suspected nuclear reactor near Deir el-Zor.1 As described by one account:

[T]he main attack was preceded by an engagement with a single Syrian radar

site at Tall al-Abuad near the Turkish border. It was assaulted with what

appears to be a combination of electronic attack and precision bombs to

enable the Israeli force to enter and exit Syrian airspace. Almost immediately,

the entire Syrian radar system went off the air for a period of time that included

the raid.2

This incident, along with others discussed here, suggests that we are in the course

of a new era, similar to past transformations in international security, such as the air-

plane, the tank, or the nuclear bomb, innovations that culminated in radical departures

in strategic thinking and behaviour. Information and Communication Technology

(ICT) not only drives the internet, the iPhone, or the Global Positioning System

(GPS). Nowadays, ICT has become an integral and possibly an essential military

Contemporary Security Policy, Vol.34, No.1, 2013, pp.40–63http://dx.doi.org/10.1080/13523260.2013.771031 # 2013 Taylor & Francis

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 4: Cyber Posturing and the Offense-Defense Balance

capability. The cyber sphere of action it created is replacing the conventional

battlefield.3

Some observers argue that for realists cyber warfare is ‘old wine in a new bottle’;

its added value is rather marginal.4 This downplays the broader implications of cyber

warfare, stressing only technical aspects and focusing on information warfare (IW),

one operative manifestation of cyber warfare, rather than the possibilities for politi-

cal/military chain reaction that cyber warfare may prompt, ending in armed conflict.5

Consequently, this article is not concerned with specific cyber tactics like computer-

based commercial espionage or phishing per se. Rather, this analysis stresses the inte-

gration of ICT applications aimed at disrupting, paralysing, and possibly destroying

another state’s assets, with a direct bearing on national security and critical infrastruc-

ture, and especially its capacity to conduct military operations.6

This article has two main objectives. First, despite the large number of studies

dealing with cyber warfare, we are still lacking a realist theoretical conceptualization

of its influence on international security in general and on the pervasiveness of war in

particular.7 This analysis examines the relevance of realism as a technologically,

rather than a territorially, based explanation for international security in the infor-

mation age. Considering the fact that ‘[r]ealist theories . . . still provide a context

and motivation for many of the most important theoretical debates in the field’, as

Jack Donnelly asserts, it is almost inconceivable that realism will not take a shot at

explaining the dramatic technological shift in the security environment caused by

cyber warfare.8 This article employs realist Offense-Defense theory to evaluate the

expected effect of ICT on the prevalence of war, using the most suitable realist frame-

work to explore the nexus between technological innovation and international poli-

tics, and especially questions of war and peace.9 In contrast to other scholars, who

apply Offense-Defense theory to support cyber deterrence, this treatment stresses

the need to dramatically modify Offense-Defense terminology to better address

cyber warfare’s unique and revolutionary features.10

Second, this article tests this Offense-Defense framework, empirically evaluating

the role of cyber warfare in contemporary military strategic thinking and state behav-

iour. The evolving cyber postures of China, Russia, NATO, and the United States

show to what extent cyber warfare concepts have gained traction among leaders, stra-

tegists, and military planners. Since we are dealing with ongoing technological devel-

opments, their policy implications far from determined, this study is more of a probe

into a possible future rather than a final ruling. Nevertheless, from existing evidence it

is possible to infer that ICT allows states to take greater risks and thus adopt more

vigilant or offensive positions vis-a-vis their adversaries. Cyber capabilities do not

cause armed conflict, but their existence makes the decision to escalate armed conflict

easier and considerably cheaper. ICT can be considered a strategic enabler and an

efficient force multiplier that provides the attacker with greater freedom of action.

The article first, briefly, discusses the current status of Offense-Defense theory

and suggests a fundamental conceptual amendment to allow realism to better incor-

porate cyber warfare into accounts of contemporary international security. It then

proceeds to evaluate the cyber Offense-Defense balance to locate its strategic orien-

tation. The cyber posture of four of the prominent actors in contemporary world

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 41

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 5: Cyber Posturing and the Offense-Defense Balance

affairs – China, Russia, NATO, and the United States – are examined in order to

assess the effect of the cyber Offense-Defense balance on their security policies.

It is the conclusion of this article that for realism to maintain its relevance, it must

transcend traditional territorial and kinetic traits of international security, or at least

give more room for novel technological factors, and consider cyberspace as an

alternative realm that states utilize to attack others. ICT and employment of cyber

warfare is becoming a necessary condition for the conduct of war, even if not a suffi-

cient one, and realism must adjust its theoretical foundations and predictions accord-

ingly. At a minimum, cyber warfare is an influential force multiplier or conflict

enabler. At a maximum, it is a strategic game changer.11 But while the potential of

cyber warfare to revolutionize international security and interstate conflict is dra-

matic, the scale of this transformation will be determined by political rather than tech-

nological considerations.

Cybernating Offense-Defense Theory

Offense-Defense theory has generated heated debates ever since it was introduced by

Robert Jervis and George Quester in the late 1970s.12 Jervis contended that the orien-

tation of different military capabilities and weaponry systems may influence inter-

state security dilemmas and therefore the prevalence of war or peace. ‘When we

say that the offense has the advantage, we simply mean that it is easier to destroy

the other’s army’, he explains. ‘When the defense has the advantage, it is easier to

protect and hold than it is to move forward, destroy and take.’ Quester, applying

the same logic, concluded that ‘likelihoods of war are thus clearly influenced by

how effective the offensive weapon seems to be, as compared with the defensive’.13

Offense-Defense theory was heavily criticized for both its methodological foun-

dation and empirical applicability.14 Thus, various attempts were made to salvage the

theory and present an amended version that would bolster its standing as a leading

realist theory.15 One of the most lethal criticisms had to do with the difficulty of dif-

ferentiating between the offensive or defensive nature of military capabilities or tech-

nologies. In response, Charles Glaser and Chaim Kaufmann, for example, suggested

that the Offense-Defense balance – the driving engine of the theory – should be con-

sidered as the ‘. . . ratio of the cost of the forces the attacker requires to take territory to

the cost of the forces the defender has deployed’.16

Still, the traditional interpretation of Offense-Defense theory, as stipulated by

both advocates and critics, is somewhat anachronistic and to some extent irrelevant

to the information age. It presumes that war is conducted and concluded according

to a kinetic basis and a territorial logic. Furthermore, the determinism of offensive

and defensive capabilities, the security dilemma and armed conflict, is simplistic.

It fosters a flawed ‘major war pathology’ that does not necessarily exist today. One

can plausibly imagine an armed conflict that is not necessarily aimed at unconditional

surrender or territorial occupation, but tends to be much more limited, although it can

turn into an all-out war of course, a kind of slippery slope interstate militarized

dynamics.17 Second, and more importantly, since the conduct of contemporary

warfare is dependent on ICT infrastructure, cyberspace becomes a contested

42 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 6: Cyber Posturing and the Offense-Defense Balance

domain in which cyberwar, or major technological conflicts, may take place or even

be determined.18 As James Adams notes, ‘[a]round the world, information technol-

ogy increasingly pervades weapons systems, defense infrastructures and national

economies. As a result, cyberspace has become a new international battlefield’.19

Cyberwar may not solely determine the outcomes of future armed conflicts and

interstate rivalries, but it can influence leaders’ determination to prefer military

options over political solutions. Since the early 1990s, policymakers have become

deeply aware of ICT-based systems’ vulnerability, their influence on states’ national

security posture, and the ability to conduct military operations.20 Former American

Deputy Secretary of Defense William Lynn recently acknowledged that ICT

enables almost everything the US military does: logistical support and global

command and control of forces, real-time provision of intelligence, and

remote operations . . . The US government’s digital infrastructure now gives

the United States critical advantages over any adversary, but its reliance on

computer networks also potentially enables adversaries to gain valuable intelli-

gence about US capabilities and operations, to impede the United States’ con-

ventional military forces, and to disrupt the US economy.21

But is cyberspace defence or offence oriented? According to Lynn, the answer is

straightforward: ‘In cyberspace, the offense has the upper hand’.22 This may be intui-

tively correct, and surely this position is shared by the vast majority of scholars and

practitioners, but how can Offense-Defense theory provide a more founded answer to

this question? This article suggests that Offense-Defense theory can effectively

perform this task after updating its conceptual basis. Essentially, the balance

between offence and defence is determined, in the traditional fashion, according to

two key factors: mobility enhancement and firepower’s degree of destructiveness.23

However, these determinants are not necessarily relevant to cyber warfare and thus

must be redefined in order to address the technologically different security environ-

ment we are dealing with in the information age and the various expressions of cyber

warfare.24

From Mobility to ‘Versatility’

Unlike the customary kinetic and territorially based interpretation of the term mobi-

lity in Offense-Defense theory literature that relates to the possibility of relocating

combatants at the strategic, operational, and tactical levels,25 in cyberspace mobility

actually relates to the capacity to technologically attack different types of ICT-based

targets at the strategic, operational, and tactical levels. Rather than thinking in terms

of the physical allocation of armed forces across or between combat zones, in cyber-

war we should talk of cyber versatility that corresponds to levels of war hierarchy.26

Strategic targets or critical infrastructures consist of vital or centre-of-gravity

assets whose destruction may have a colossal effect on a state’s national security

and its capacity to operate normally.27 Such elements include a state’s military

constellations, defence industrial base, satellite communication, electrical power

grid, internet connectivity, central banking system, stock market, ministries, and

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 43

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 7: Cyber Posturing and the Offense-Defense Balance

governmental agencies.28 On the operational level, where the focus is on related ICT-

based systems, cyber warfare may foil the use of military and warning systems such

as anti-aircraft missile systems, reconnaissance capabilities, or the hacking into an

enemy’s technological capabilities such as drones and other unmanned aerial

vehicles (UAVs).29 On the tactical level, when the focus is on a particular and

segmented ICT-based system, cyber warfare may interrupt battlefield communication

and coordination, disrupt electronic signals such as radio and GPS signals, or elimin-

ate them completely.30

From Firepower to ‘Byte Power’

Unlike the customary territorially based interpretation of this feature in the Offense-

Defense theory literature that primarily revolves around accuracy and destructiveness

of certain weapons, in cyberspace firepower actually relates to the degree of techno-

logical damage that can be inflicted on the enemy’s ICT-based infrastructure at the

strategic, operational, and tactical levels. Rather than talk of kinetic firepower, in

cyber warfare the idea is to examine how much byte power a state can extract and

direct towards an adversary’s ICT-based targets.

While the Offense-Defense theory literature typically maintains that the greater a

weapon’s firepower the greater its contribution to the defence,31 this assertion is chal-

lenged by prominent Offense-Defense theorists and it seems largely misguided in

cyberspace. Glaser and Kaufman argue, for example, that ‘. . . there can be exceptions

when specific firepower innovations are differentially useful against defender’.32 It

seems that moving from the territorial and/or the kinetic to cyberspace allows

such an exception, especially if we are dealing with highly accurate and low-signature

cyber capabilities that allow the attacking and possible neutralization of an enemy’s

defence systems with virtual anonymity.33 Furthermore, and primarily as a comp-

lementary mechanism, selective or surgical cyberattacks may greatly improve the

effectiveness of offensive conventional weapons by creating a cyber window of

opportunity for conventional activities through which both combatants and equip-

ment can penetrate more easily an otherwise unassailable target.34

To sum up this section, ICT-induced cyber capabilities tilt the Offense-Defense

balance in favour of the offence, not in the prospects of gaining and maintaining

control over territory and material resources as a manifestation of victory, but

rather in the actual possibility to paralyse the enemy’s military deployment and civi-

lian preparedness and drastically limit its retaliatory potential. Since the use of cyber

capabilities according to both indicators suggests that offence has the advantage, let

us turn to evaluate the relevance of cyber warfare to the process of policymaking. For

offence-dominant cyber capabilities to actually influence calculations and decisions

in matters of war and peace, leaders and policymakers must be aware of these tech-

nologically advanced capabilities and acknowledge their strategic advantages. In the

words of Keir Lieber, the influence of technological innovation ‘. . . is always filtered

through the strategies that state decision makers employ in pursuit of their political

goals. In simplest terms, politics – more than technology – is the master’.35

The aim is not, however, to meticulously describe the evolution of American,

Chinese, NATO, and Russian cyber postures, i.e. the overall strategy designed to

44 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 8: Cyber Posturing and the Offense-Defense Balance

address different ICT-based challenges and threats by applying a multitude of proac-

tive and passive measures. Rather, I present a succinct account to highlight key fea-

tures and contemporary ramifications for war and peace. Given their offensive nature,

the following section will try to assess whether the use of cyber capabilities actually

prompted armed conflict, and under what conditions.

The Politics of Cyberwar and Peace

Generally speaking, America, China, and Russia have long histories of attempting to

combine political aims with advanced technology, while NATO primarily benefited

from the American efforts.36 The Revolution in Military Affairs (RMA), warmly

adopted by the Americans in the late 1980s and successfully implemented during

the Gulf War, was in fact an adaptation of the 1970s Soviet Military-Technical Revo-

lution (MTR).37 As Elliot Cohen observes, the idea was to promote ‘. . . an imminent

technical revolution that would give conventional weapons a level of effectiveness in

the field comparable to that of small tactical nuclear weapons’.38

The following accounts describe the evolution of American, Chinese, NATO, and

Russian cyber postures to assess the influence of ICT-based capabilities on strategic

thinking and behaviour. There is an important caveat to this analysis; cyber warfare

suffers from a major problem of attributing attacks to specific state actors. Some of

the cases discussed below include acts by non-state actors such as individuals, hack-

tivists, netizens, or more organized cyber militias and cyber gangs. Nevertheless,

there is a growing consensus in the literature that these non-state actors mostly

operate in tandem with national governments and follow their lead as proxies and

their contribution should be considered an integral part of a state’s overall cyber

policy.39

American Cyber Posture

It seems that the most robust, sophisticated, and technically and institutionally up-to-

date cyber posture is the American one, despite its paradoxical defensive nature.

While the United States is the primary target for different forms of cyber warfare,

especially cyber spying and phishing, it also possesses the highest potential to

become a cyber superpower with the most vigorous state-run ICT-based posture.

In the early 1990s, the Gulf War exhibited American technological superiority in

terms of both hardware and software as countless stealth fighters bombarded Iraq

without being detected by Iraqi anti-aircraft missile systems using state of the art pre-

cision-guided munitions (PGMs).40 American technological superiority was a deci-

sive factor in defeating Iraq. As commander of US Central Command during the

Gulf War, Norman Schwarzkopf argued that technological innovation worked

‘beyond our wildest expectations’.41

Given America’s growing reliance on ICT in the battlefield and in the supportive

and logistical military formations, and repeated reports concerning a breach of com-

puter networks such as in the case of the air force’s Rome Air Development Center in

March 1994, it became clear that this virtual Achilles heel must be protected. In 1995,

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 45

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 9: Cyber Posturing and the Offense-Defense Balance

the Clinton administration’s national security strategy proclaimed that ‘the threat of

intrusions to our military and commercial information systems poses a significant risk

to national security and must be addressed’.42 In June 1997 the US government con-

ducted Eligible Receiver, the very first information warfare (IW) exercise that

exposed the vulnerability of American military and civilian critical infrastructures

in case of a coordinated cyberattack.43

But as American policymakers and strategists feared their vital technological

structures, they also become increasingly interested in exploiting this new strategic

domain in their favour. Indeed, while the Kosovo war was overwhelmingly won by

conducting conventional massive air bombing against Serb targets, some observers

asserted that the accuracy and efficiency of these aerial campaigns were the

outcome of cyber warfare-like operations, especially in directing the bombers to

their targets from the ground.44 Furthermore, while it is not exactly clear what

additional cyber measures were used against Serb targets, it was reported that the

United States and NATO conducted various sophisticated cyberattacks that included

penetrations of Serbian ICT systems and overloading them with data or manipulating

their databases. Hence the use of cyber capabilities at the operational level was not

only disruptive in nature but also proactive and offensive in its attempt to frustrate

Serbian defensive formation and retaliatory military options.45

During the War on Terror campaigns in Afghanistan and Iraq, following the ter-

rorist attacks of September 11, cyber warfare did not play a significant role. In both

cases, the United States had virtually no critical ICT assets to attack or disrupt and the

focus was on traditional, if irregular, combat operations.46 Nevertheless, it was

reported that a month before the Iraq War began, President Bush signed a secret direc-

tive ordering the development of an American strategy for large-scale pre-emptive

cyberattacks against adversaries of the United States.47

It was then reported that the United States was pre-emptively cutting off the Iraqi

computer network and internet grid that connected civilian and government agencies

before war began in March 2003. According to Richard Clarke, the Iraqi Defense

Ministry’s email system was hacked by the Americans in order to warn high-

ranking officers about opposing the future invasion and to assure them that the objec-

tive was to overthrow Saddam Hussein and not to destroy Iraq’s political, military,

and socioeconomic structures. Another path that was explored but not pursued was

hacking into the regime’s financial institutions and foreign bank accounts in order

to locate Saddam Hussein’s hidden assets.48

At about the same time, Chinese hackers apparently orchestrated a major cyber-

attack on American computer systems at NASA and Sandia National Laboratories.49

It was made clearer following these incidents and others that the United States must

re-evaluate its cyber policy and possibly change its approach. Yet the discourse

remained rather defensive, primarily focused on protecting American critical infra-

structure and confidential databases.50 When George W. Bush published his admin-

istration’s National Strategy to Secure Cyberspace in 2003, its objective was ‘. . . to

secure the portions of cyberspace that they own, operate, control, or with which they

interact’.51 The military establishment, on the other hand, was much more assertive in

its approach to cyber warfare, as the 2004 Military Strategy asserted:

46 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 10: Cyber Posturing and the Offense-Defense Balance

The Armed Forces must have the ability to operate across the air, land, sea,

space and cyberspace domains of the battlespace . . . The non-linear nature of

the current security environment requires multi-layered active and passive

measures to counter numerous diverse conventional and asymmetric threats

. . . They also include threats in cyberspace aimed at networks and data critical

to US information-enabled systems. Such threats require a comprehensive

concept of deterrence encompassing traditional adversaries, terrorist networks

and rogue states able to employ any range of capabilities.52

The 2005 National Defense Strategy further proclaimed that alongside traditional

and irregular security challenges the United States confronts, cyberwarfare may con-

stitute a threat that under certain conditions “. . . can fundamentally alter long-estab-

lished concepts of warfare. Some potential adversaries are seeking disruptive

capabilities to exploit US vulnerabilities and offset the current advantages of the

United States and its partners’.53 Consequently, the stated military applications of

cyber capabilities were made more offensive than ever a year later when the 2006

National Military Strategy for Cyberspace Operations noted:

[T]he United States must have cyberspace superiority to ensure our freedom of

action and deny the same to our adversaries through the integration of network

defense, exploitation, and attack . . . Offensive capabilities in cyberspace offer

the United States and our adversaries an opportunity to gain and maintain the

initiative. DOD cyberspace operations are strongest when offensive and defen-

sive capabilities are mutually supporting. This requires a long-range focus and

dedicated resources to achieve this goal.54

The director of the National Security Agency (NSA), Keith Alexander, argued in

2007 that the United States should reformulate the operational and institutional foun-

dations of its cyber posture in order to address the technologically induced security

environment, since

while we have ample national level strategies, we have yet to translate these

strategies into operational art through development of joint doctrine for cyber-

space. Through the doctrine vetting process, we can develop a common under-

standing of what it means to conduct warfare within and through cyberspace.55

Indeed, in early 2008 President Bush issued a directive that allows American intel-

ligence agencies, especially the NSA, to monitor all internet traffic of the federal gov-

ernment in order to protect vital assets from cyberattacks. What makes this directive a

major turning point in American cyber warfare evolution is that under Bush’s initiative,

the NSA with the Federal Bureau of Investigations (FBI) and the Central Intelligence

Agency (CIA) could provide the Pentagon with evidence that a pre-emptive cyberattack

is crucial in order to protect American critical infrastructure.56

In early 2009, soon after taking office, President Barack Obama announced his

administration’s cyber policy, which remained rather committed to the defensive

notion of protecting and securing critical infrastructure in what was often referred

to as cyber security.57 Yet in April it was reported that the White House was, in

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 47

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 11: Cyber Posturing and the Offense-Defense Balance

fact, in the final stages of establishing a new cyber agency under the Pentagon’s auth-

ority which could develop offensive cyber weapons alongside defending American

ICT critical infrastructure.58 Former director of the NSA, Keith Alexander, was

appointed as director of the Cyber Command (USCYBERCOM) and while he was

rather cautious in attributing any offensive aspects to the new command, the Pentagon

declared that the mission of this new agency was to:

[d]irect the operations and defence of specified Department of Defense infor-

mation networks [involving some 90,000 military personnel] and prepare to,

when directed, conduct full-spectrum military cyberspace operations in order

to enable actions in all domains, [to] ensure US allied freedom of action in

cyberspace and deny the same to our adversaries.59

More recently, it was reported that the Pentagon is formulating a particular strat-

egy that will engage the threats emanating from cyber warfare under the premise that

any such attack on behalf of a foreign country constitutes a declaration of war that

may result in armed conflict.60 In effect, however, President Obama did not

approve a pre-emptive cyber offensive against Libya before the United States led

the military campaign against Muammar Qaddafi in March 2011. The idea was to

use cyber warfare in order to hinder Libya’s air defence systems, but the option

was abandoned, according to some government officials, because the Obama admin-

istration feared it would act as a precedent for Russian or Chinese future offensive

attacks. One Defense Department official said the cyber options ‘. . . were seriously

considered because they could cripple Libya’s air defense and lower the risk to

pilots, but it just didn’t pan out’. Another White House official argued that ‘[t]hese

cybercapabilities are still like the Ferrari that you keep in the garage and only take

out for the big race and not just for a run around town, unless nothing else can get

you there’.61

In the aftermath of the war in Libya, the White House attempted to provide the

most comprehensive and inclusive cyber strategy to date. But despite the clear defen-

sive tone of the document, especially when considering the ambiguity of the parts

relating to cyber deterrence mechanisms, there was more than a hint of offensive

reasoning:

When warranted, the United States will respond to hostile acts in cyberspace as

we would to any other threat to our country. All states possess an inherent right

to self-defense, and we recognize that certain hostile acts conducted through

cyberspace could compel actions under the commitments we have with our

military treaty partners. We reserve the right to use all necessary means – dip-

lomatic, informational, military, and economic – as appropriate and consistent

with applicable international law, in order to defend our Nation, our allies, our

partners, and our interests.62

The debate concerning the defensive or offensive posture of American cyber

strategy or its passive or proactive nature is still ongoing. Recently, General

Robert Kehler, Commander of US Strategic Command that oversees CYBERCOM,

commented that the optimal solution would involve both: ‘I think we are looking at

48 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 12: Cyber Posturing and the Offense-Defense Balance

what an offensive component would be: what does that look like? What kind of

options would we want to be able to offer? I think that we have always said that

there needs to be an offense and defense mix’.63 These questions remain unanswered.

Chinese Cyber Posture

It is extremely difficult to fully account for the cyber posture of China and its devel-

opment over the years. In China, defence-related transparency is a rare commodity.

Yet it is widely known and established that the Chinese pursued a robust moderniz-

ation in military technology and tactics from the late 1970s. Maoist ideology not only

determined the political and societal structure of the People’s Republic of China

(PRC) from its inception in 1949, it also served as China’s military national

defence strategy in that it revolved around the concept of ‘People’s War’ and the

mobilization of the masses for a protracted armed conflict.64 After the death of

Mao in 1976, and under Deng Xiaoping’s leadership, a new conceptualization of

Chinese warfare emerged that gradually became highly receptive to technological,

industrial, and economic developments, making the entire defence apparatus much

more open to engage the challenge of future armed conflict in the information

age.65 From an operative vantage point, China gradually abandoned Mao’s con-

ception of active defence in favour of a pre-emptive military orientation that advo-

cates a first strike mentality.66

The 1989 Tiananmen Square incident, which strained Sino-American relations,

highlighted historical anti-Western sentiments and created a shaky setting for the

post-Cold War era.67 Consequently, by the mid 1990s China was caught paradoxi-

cally in an international constellation that was just as challenging as the Cold War

international system.68 American intentions to redraw the global and regional land-

scape, and especially Washington’s reactions to the Tiananmen Square demon-

strations, were badly received in Beijing. Consequently, the United States was

increasingly considered to be a major source of danger to China’s national interests

and political order.69

American military performance during the Gulf War highlighted the technologi-

cal inferiority of the PLA and encouraged the Chinese leadership to accelerate and

broaden existing plans to modernize and improve the army’s capabilities for the

purpose of potentially waging a limited or local war.70 Indeed, newly elected

General Secretary of the Chinese Communist Party (CCP) Jiang Zemin was confident

that a comprehensive modernization of the Chinese armed forces amid what he con-

sidered American military superiority and interference in China’s internal affairs was

of great importance. Thus, he encouraged technological modernization according to

American standards when he told members of the Central Military Commission

(CMC) in early 1993 that ‘[w]e must win high-tech, small-scale wars under

modern conditions’.71 Similarly, the Chairman of the Commission on Science, Tech-

nology and National Defense Industry (COSTIND) General Ding Henggao warned

that ‘[t]he one who possesses high-tech superiority will have the upper hand on the

battlefield’.72

Modernizing and increasing the professionalism of the People’s Liberation Army

(PLA) was also matched with vigorous ICT-based innovation.73 As Major General

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 49

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 13: Cyber Posturing and the Offense-Defense Balance

Weng Pufang, former director of the Strategy Department of the Chinese Academy of

Military Science, argued in a 1995 article he published in a Chinese military journal:

The thrust of China’s military construction and development of weapons and

equipment will no longer be toward strengthening the ‘firepower antipersonnel

system’ of the industrial age, but toward the strengthening of information tech-

nology, information weapons and information networking. Our sights must not

be fixed on the firepower warfare of the industrial age, rather they must be

trained on the information warfare of the information age.74

The PLA became highly interested in exploiting these technological innovations

and restructured its ICT-based military units to comprise the Third Department of

the PLA General Staff Department (GSD), currently entrusted with exploitation of

foreign computer networks, whereas the Fourth Department of the GSD is responsible

for attacking foreign computer networks.75 Indeed, after an agreement with Cuba was

signed in February 1998, China built two cyber warfare stations, one eavesdropping tel-

ephone and internet communications in the United States and the other more concerned

with monitoring American military satellite systems.76 But in addition to these military

units, the Chinese government has reportedly outsourced some of its cyber warfare

tasks to civilian groups that are systematically activated and thus enable greater inter-

national flexibility due to cyber warfare’s attribution problem.77

In the early 2000s, Beijing was ostensibly involved in numerous successful

attempts to hack into American databases and critical infrastructure such as

nuclear and electric power plants, satellite systems, and a number of Department

of Defense contractors that store confidential information and blueprints of future

weapon systems.78 China also launched an ambitious anti-satellite weapons

program aimed at levelling the odds against American espionage and to attack satel-

lite systems that are perceived by Beijing as utterly anti-Chinese in nature.79 Hence,

China’s cyber posture is primarily a deterrent against American military superiority

but it has deep and conscious long-term advantages that Beijing may cash in on in

time of need. In fact, China’s cyber posture will only benefit an offensive orientation

compared with the current defensive traits of the American cyber posture if Beijing

needs to prevent Washington from interfering in matters related to Taiwan, for

example.80 China’s 2000 Defense White Paper explicitly adhered to this transforma-

tive phase of the PLA’s posture into an ICT-based modernized army:

Faced with the world’s military developments and the characteristics of modern

warfare, the Chinese armed forces will, in the course of modernizing

their weaponry, devote themselves to transforming semi-mechanized and

mechanized weapon systems to automatized and informationized systems as

soon as possible, so that they can possess weapons as advanced as possible

and assure the accomplishment of the sacred missions assigned to them by

the nation.81

A report submitted to the American Congress in 2007 argued that China not only

possesses the cyber capabilities required to conduct comprehensive offensive cyber-

attacks against the United States: ‘In 2005, the PLA began to incorporate offensive

50 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 14: Cyber Posturing and the Offense-Defense Balance

Computer Network Operations (CNOs) into its exercises, primarily in first strikes

against enemy networks’.82 Indeed, China’s 2008 Defense White Paper proclaimed

in the sections dealing with the technological dimensions of modern warfare that

China is accelerating reform and innovation in its defense-related science, tech-

nology and industry . . . Defense-related science, technology and industry are

striving to enhance the informationization of weaponry and equipment

design and development, and to render product design more digitalized, mod-

ularized, standardized and reliable.83

In sum, the Chinese consider cyber warfare and its auxiliary elements as a power

multiplier, integral to their national security strategy. Thus far, China has refrained

from presenting a comprehensive cyber strategy but in practice it has primarily

involved strategic and tactical hacking into American and other Western countries’

databases and internet systems for reasons of technological and operative military

espionage. While there were numerous indications of China’s involvement in pene-

trating critical ICT-based infrastructure in the United States, Beijing has not used its

existing cyber assets thus far to directly attack American strategic military assets in

order to neutralize them but instead has focused on cyber spying. This pattern may

change under certain conditions, especially if Beijing wishes to diversify its policy

alternatives in case of a Sino-American confrontation.84

Russian Cyber Posture

Whereas in the two previous cases the strategizing of ICT as military capabilities was

ambiguous at best, and there was certainly no actual use of cyber warfare as part of

armed conflict, the case of Russia in the first decade of the 21st century can be easily

dubbed as an exemplary case for the opposite. To begin with, during most of the

1990s Russia was grappling with the devastating economic, social, and political

effects of the collapse of the Soviet Union. According to Foreign Minister Andrei

Kozyrev, Russian foreign and defence policy was primarily focused on ‘. . . disarma-

ment and limitation of the arms race – in terms of releasing as many resources as

possible and creating the most favorable conditions for the implementation of our

socioeconomic reforms’.85

In December 1994, Russian president Boris Yeltsin signalled his intention to alter

Russia’s foreign and defence orientation when he decided to invade Chechnya, a

conflict that ‘. . . demonstrated the full extent of the armed forces’ decline. In vir-

tually every respect, the Russian military failed the challenge it was supposed to

easily master’.86 By 1996, in face of failure in Chechnya and growing domestic

opposition, Yeltsin moved to replace the moderate and pro-Western Kozyrev with

Yevgeny Primakov who also served as Prime Minister between September 1998

and May 1999. Indicatively, in his first press conference Primakov asserted that

‘Russia was and remains a great power. Her foreign policy should correspond to

that status’.87

The weaknesses of Russia’s conventional and non-conventional military postures

led many Russian military thinkers and officials to regard ICT-based capabilities as a

way to compensate for strategic inferiority. During the mid 1990s, the Russian Army

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 51

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 15: Cyber Posturing and the Offense-Defense Balance

and Defense Ministry began seriously examining the nexus between technology and

the regular military structure.88 Russia was openly using IW during the second

Chechen war.89 The first major indication of coordinated Russian cyber warfare (in

addition to IW) took place in Estonia in 2007, after a monument commemorating

the Red Army’s re-conquest of Estonia during the Second World War was moved

despite the Kremlin’s explicit warning.90

Rather than exclusively resorting to military force in order to resolve what

Moscow considered explicit anti-Russian reactionary sentiments and policies, as

they did during the Chechen military campaigns in 1994 and 1999 for example,

this time Moscow pursued a much more sophisticated approach that included indu-

cing political riots in Estonia and targeting Estonia’s ICT infrastructure such as the

banking sector, parliament’s website and email system, emergency phone lines, hos-

pitals, and universities.91 During a period of several weeks in May 2007, after the

statue was relocated, official Estonian governmental websites and vital telecommuni-

cations infrastructure were attacked and rendered inactive, according to most

accounts, by Russian perpetrators.92

Russian policymakers began to appreciate the role of ICT and cyber warfare as an

auxiliary instrument of coercion and statecraft against what they considered unco-

operative regimes in the post-Soviet rim. And the lessons learned during the Estonian

affair were apparently applied as part of Russia’s involvement in the Georgian war in

August 2008.93 Essentially, in response to Georgia’s attack against South Ossetia,

Russian forces invaded Georgia and practically subdued it within a matter of days.

Yet even before the first bullet was fired, the Kremlin decided to employ a pre-

emptive strategic disruptive cyber attack.94

In mid July, several cyberattacks were waged against Georgian websites and two

weeks later a second wave of cyberattacks on Georgian targets was detected. A few

days into the war, the vast majority of Georgian government websites were not func-

tioning; in effect, the Georgian government was, as one study asserted, ‘cyber-

locked’, without viable access to the internet and to its state-run agencies including

the National Bank of Georgia.95 No less important, the Georgian government was

unable to communicate with the citizens or conduct its own retaliatory IW against

Russia.96 Fortunately for Georgia, and unlike in the Estonian case, critical infrastruc-

ture such as the electrical power grid is far less modernized and consequently more

difficult to damage by using ICT-based capabilities.97

In February 2010, Russian president Dmitry Medvedev approved the new Mili-

tary Doctrine of the Russian Federation where some key references to the use of

cyber warfare as an instrumental offensive military capability can be clearly

observed. For example, when dealing with the features of modern military conflicts,

the document states that such one trait, from Russia’s perspective, is the ‘. . . early

conduct [of] information warfare activities to achieve political objectives without

the use of military force, and subsequently – in the interest of creating a favorable

reaction of the international community – to use military force’. And when referring

to Russian future acquisition plans for the armed forces, the doctrine highlights that a

key task involves the ‘. . . development of the forces and means of information

warfare’.98

52 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 16: Cyber Posturing and the Offense-Defense Balance

In early 2012 the Russian Ministry of Defense revealed the Kremlin’s cyber strat-

egy under the title Conceptual Views Regarding the Activity of the Armed Forces of

the Russian Federation in the Information Space. It refrains from referring to offen-

sive cyber warfare, but it does address issues pertaining to control, prevention, and

solution of cyber conflicts. The document acknowledges the right of Russia to

employ counteroffensive cyber warfare: ‘The escalation of a conflict in the cyber-

space and its turn into a crisis gives the right to an individual or collective self-

defense and the use of any means necessary that do not contradict the universally

accepted norms and the principles of international law’.99 Based on Russia’s past be-

haviour and the recent proclamation of its cyber strategy, it appears that Moscow may

be more than willing to use different forms of cyber warfare should political needs

emerge.

NATO Cyber Posture

Thus far, our empirical description has exclusively focused on state actors, but since

NATO plays such a major role in the contemporary security environment it seems

that examining the way it relates to cyber warfare will present a more accurate

account for our purposes. Interestingly enough, despite NATO’s transparency on

the whole, there is very little access to the more operational and sometimes technical

aspects of the Alliance’s cyber strategy. Nevertheless, from the available materials

we can identify NATO’s defensive approach to cyber warfare and cyber security.100

Originally, NATO was not only established to address the Soviet threat in Europe.

Lord Ismay, NATO’s first Secretary General, contended that its objectives were to

keep ‘the Russians out, the Germans down, and the Americans in’.101 After the

Cold War had ended and the Soviet Union collapsed, NATO had to reinvent itself

and identify new objectives in order to preserve its relevance and mere existence.

The multiplicity of political and military goals combined with the willingness of

its member states enabled NATO to successfully overcome this transitional period

and undergo a process of remarkable institutional change that resulted in a

renewed transatlantic mandate to develop new mechanisms and strategies in order

to cope with the changing security environment.102

The treatment of cyber warfare as part of NATO’s evolving security concerns

became decidedly evident in the early 2000s. Unlike the United States, China, or

Russia, who were individually concerned with cyber warfare of various kinds and

for different reasons as described earlier, throughout the 1990s NATO was primarily

focused on its internal restructuring, the expansion eastwards to include Poland,

Hungary, and the Czech Republic, and, of course, militarily operating in the

Balkans following the disintegration of Yugoslavia.103

The 1999 Strategic Concept declared that ‘[s]tate and non-state adversaries may

try to exploit the Alliance’s growing reliance on information systems through infor-

mation operations designed to disrupt such systems. They may attempt to use strat-

egies of this kind to counter NATO’s superiority in traditional weaponry’.104 Yet

the first explicit reference to cyber warfare was actually made in November 2002

during NATO’s Prague summit, when it was declared that the member countries

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 53

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 17: Cyber Posturing and the Offense-Defense Balance

decided to ‘. . . strengthen our capabilities to defend against cyber attacks’.105 One

operative outcome was the establishment of NATO’s Computer Incident

Response Capability (NCIRC), which was charged with the task of protecting

ICT infrastructure and networks from unauthorized intrusion for espionage purposes

or attempts to infect them with viruses. But this was a rather technical organ lacking

any long-term military planning capacity, a feature that did not change significantly

even following NATO’s summit in Riga in November 2006 which further called

for developing cyber-deterrence capabilities and doctrines. Russian cyberattacks

against Estonia in 2007 explicated NATO’s military, infrastructural, and political

weaknesses in the face of this new form of security threat, but the response as articu-

lated by NATO’s defence ministers was remarkably protective, arguing that ‘[u]rgent

work is needed to enhance the ability to protect information systems of critical

importance’.106

In early 2008 it was reported that NATO officials further debated the need to

protect the Alliance’s assets against future cyberattacks, claiming that ‘[c]yber

defence is now mentioned at the highest level along with missile defence and

energy security’.107 While the attacks against Estonia did not result in the application

of the collective security clause of the treaty, it did trigger a prompt institutional

response. In January the Policy on Cyber Defence was presented and approved.

During the Bucharest summit in April, the Cyber Defense Management Authority

(CDMA) and the Cooperative Cyber Defense Center of Excellence (CCDCOE)

were established. Whereas the CDMA was entrusted with overseeing NATO’s

cyber defence efforts and providing guidance and assistance to the member countries

in case of cyber-related crises, the CCDCOE, located in Estonia, was designed ‘. . . to

enhance the capability, cooperation and information sharing among NATO, NATO

nations and partners in cyber defence by virtue of education, research and develop-

ment, lessons learned and consultation’.108

Both agencies represent a highly defensive reaction to NATO’s security chal-

lenges involving cyber warfare. As the Bucharest summit declaration proclaimed,

the official cyber policy ‘. . . emphasizes the need for NATO and nations to protect

key information systems in accordance with their respective responsibilities; share

best practices; and provide a capability to assist Allied nations, upon request, to

counter a cyber attack’.109 Yet Russia’s continued use of cyber warfare during the

war in Georgia highlighted its escalatory nature and the possible negative impli-

cations on conventional military conflicts. In April 2009, as part of the Declaration

on Alliance Security, NATO moved further to identify cyberattacks alongside terror-

ism and the proliferation of weapons of mass destruction (WMD) as the key global

threats to member states and the international community.110

But the major breakthrough in NATO strategic thinking regarding cyber warfare,

which went beyond the strictly technical aspect of network protection, occurred

during mid 2010. A team of leading experts in matters of security, headed by

former American Secretary of State Madeleine Albright, was asked to prepare a pre-

liminary report to be used as a basis for NATO’s new Strategic Concept. According to

this report, entitled NATO 2020: Assured Security; Dynamic Engagement and sub-

mitted in May:

54 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 18: Cyber Posturing and the Offense-Defense Balance

The next significant attack on the Alliance may well come down a fibre [sic]

optic cable. Already, cyber attacks against NATO systems occur frequently,

but most often below the threshold of political concern. However, the risk of

a large-scale attack on NATO’s command and control systems or energy

grids could readily warrant consultations under Article 4 and could possibly

lead to collective defence measures under Article 5. Effective cyber defence

requires the means to prevent, detect, respond to, and recover from attacks.111

Still, the recommendations reflected the defensive posture that was already advo-

cated and implemented thus far by NATO. Furthermore, and extremely relevant to

the Alliance’s strategic planners, the Albright Commission was reluctant to engage

the question of whether cyberattacks against NATO member states would constitute

a direct act of aggression that would trigger the collective security clause. Instead, it

defined a rather ambiguous principle according to which such a decision must be

made considering ‘. . . the nature, source, scope, and other aspects of the particular

security challenge’.112 The same defensive reasoning can be observed in the

ensuing final version of the Strategic Concept adopted at the Lisbon summit six

months later. In the words of the document, NATO will:

develop further our ability to prevent, detect, defend against and recover from

cyberattacks, including by using the NATO planning process to enhance and

coordinate national cyber-defence capabilities, bringing all NATO bodies

under centralized cyber protection, and better integrating NATO cyber aware-

ness, warning and response with member nations.113

Yet again, the numerous references to cyber warfare as a security threat were

extremely narrow to include at best espionage, hacking, or disruption and there

was no discussion about the possibility to conduct pre-emptive or retaliatory cyber

warfare.114 In fact, Stephane Abrial, commander of Allied Command Transformation

(ACT) responsible for leading the Alliance’s transformation of capabilities and

forces, was against defining the Strategic Concept’s notion of ‘in-depth cyberdefense’

as a ‘military-only, or even a military-centric, strategy’. Instead, Abrial focuses on

NATO’s ‘permanent mission [which] involves countering the daily attempts made

by hackers to break into our systems, which are by necessity interconnected,

making a weakness in one country’s systems a weakness in all’.115 Other key

NATO officials, including General Secretary Anders Fogh Rasmussen, continued

to conceptualize cyber warfare in defensive terms, arguing that recent cyberattacks

‘. . . increased the urgency to strengthen cyber defences not only at NATO, but

across the Alliance as a whole’. There is no public discourse involving NATO offi-

cials that suggests treating cyber capabilities as an offensive feature of the Alliance’s

cyber strategy. The most proactive proposal to date was the option to dispatch

NATO’s cyber Rapid Reaction Teams in order to assist member countries suffering

from cyberattacks, or ‘incidents’ as Rasmussen calls them, should they ask for such

assistance.116

It appears that NATO is focused on prevention of attacks on its institutional assets

and member countries rather than initiating cyberattacks against others. As the

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 55

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 19: Cyber Posturing and the Offense-Defense Balance

American representative to the CCDCOE concluded, when it comes to NATO, its

major contribution to cyber defence will probably involve eroding the ‘. . . hacker’s

greatest advantages – anonymity’.117 NATO’s strategic thinking will continue to

utilize its pooled capabilities in order to promote defensive solutions to cyber

warfare of various kinds and it will continue to treat it as a threat rather than as an

offensive feature to be proactively utilized.

Conclusions

Cyber warfare has become the latest buzzword in security studies, but some analysts

downplay its importance for both policymakers and military strategists, calling it a

‘distracting and nonsensical’ term.118 Yet while other observers also treat it as a com-

plimentary aspect of modern warfare, they nonetheless underline its unique features,

as Lynn publicly did:

The cyberthreat does not involve the existential implications ushered in by the

nuclear age, but there are important similarities. Cyberattacks offer a means for

potential adversaries to overcome overwhelming US advantages in convention-

al military power and to do so in ways that are instantaneous and exceedingly

hard to trace.119

The article initially identified the conceptual factors that determine the offensive

or defensive nature of certain military technologies. Then it adjusted these elements

in order to fit the information age and its a-territorial nature. Instead of evaluating

strategic orientation by traditional Offense-Defensive characteristics like mobility

and firepower, the cyber Offense-Defense balance is better assessed for its techno-

logical versatility and byte power; the capacity to attack an enemy’s assets on differ-

ent levels (strategic, operative, and tactical), and the degree of destruction that can be

inflicted on enemy assets at each of these levels.

The article then turned to evaluate the practical influence of cyber warfare on

policy and behaviour. The American case, while perhaps being the less confronta-

tional since there was no report of meaningful offensive American use of cyber capa-

bilities against a foreign country or since the United States is able to avoid any direct

attribution,120 was the most documented and comprehensive from an institutional/organizational perspective. The intellectual evolutionary process pursued by officials

in the military and civil branches of government is still ongoing, and the United States

is far from having a comprehensive cyber strategy. The creation of USCYBERCOM

is a significant step, but it is certainly not enough since apparently there is still no

highly structured and comprehensive ideational, institutional, and operational

outline for American cyber warfare and cyber defence.121

The case of China is similar in its ambiguity, but for different reasons. Unlike the

United States, Beijing is rather secretive in treating its cyber posture just as it is gen-

erally reluctant to fully expose its military apparatus, causing American policy-

makers, military officials, and legislators to repeatedly criticize China’s lack of

transparency in matters related to its defence budget and the People’s Liberation

Army (PLA)’s modernization.122 Nevertheless, the evidence suggests that China

56 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 20: Cyber Posturing and the Offense-Defense Balance

not only has a very clear vision for its cyber posture as part of the country’s wider

military and technological modernization process, but it is also willing to use these

capabilities in order to erode American military advantage. While Beijing is allegedly

more interested in cyber espionage in order to obtain secret and up-to-date infor-

mation about American capabilities and critical infrastructure, it will probably not

shy away from using the same technology in order to curtail certain American

assets, primarily non-combative ones (electric power plants etc.) and this may indi-

cate that future Sino-American armed conflict will be augmented with vigorous

cyber warfare.123 As a recent report submitted to Congress asserted, China’s

history of cyber warfare and its growing integration into the country’s military strat-

egy ‘suggests that the PLA may strike with Computer Network Operations (CNOs)

and Electronic Warfare (EW) weapons in the opening phases of a conflict to

degrade enemy information systems rather than attempt a traditional force-on-force

attack directly where the PLA is at a disadvantage against more technologically

advanced countries like the US’.124

The Russian case seemingly presents a better opportunity to observe the influence

of cyber warfare on decisions of war and peace. From the empirical record it is

evident that Russia explicitly used its cyber capabilities in both the Estonian and

Georgian incidents, even if Moscow also used by-proxy entities for that

purpose.125 The first incident was, of course, more of a diplomatic manoeuvre in

order to curb Estonia’s anti-Russian attitudes as the Kremlin perceived the matter.

There was classical Soviet-era use of Russian ‘political activists’ in order to encou-

rage street unrest and orchestrated anti-government protests, but there was also the

use of cyber warfare in order to paralyse then Estonian banking system and other

key government agencies. Thus, one should treat this episode as an experiment in uti-

lizing cyber capabilities in order to obtain certain political means. As the case of the

Georgian war illustrated, this time cyber warfare was an integral, if not a decisive,

part of the policymaking process and the military activities aimed at subduing the

‘defiant’ Saakashvili administration. Clearly, the conventional dimension of the con-

flict was predominant, mainly due to the technological profile of Georgia’s critical

infrastructure, but the Russian use of cyberattacks hampered Georgian domestic

vital communications between different branches of the government and completely

prevented any Georgian IW counterattack.126

NATO’s cyber posture reflects the Alliance’s historical defensive raison d’etre

that was articulated during the Cold War and reaffirmed following its end. For

NATO officials, cyber warfare relates primarily to attempts by foreign actors to pene-

trate the organization’s computer and information networks in order to retrieve con-

fidential data. They are deeply reluctant to widen their approach to define such attacks

as a cause for triggering the collective security clause of the treaty. Hence when

Estonia was under Russian cyberattack, the most that NATO was able to offer

Tallinn was technical assistance in reactivating and protecting its ICT networks

from future attacks. Furthermore, even amid the Albright Commission’s call to

devise and implement a comprehensive cyber strategy, the institutional response

was minor and essentially focused on network protection rather than explicit cyber

deterrence, let alone an offensive reorientation.

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 57

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 21: Cyber Posturing and the Offense-Defense Balance

The use of cyber capabilities makes a difference for policymakers since it allows

them to minimize the risks of taking certain offensive actions and it is a relatively

effective low-cost alternative, as the Israeli attack on Syria suggests, and it will

become more common in the future. Cyber warfare, like all other forms of combat,

is a political expression nonetheless in that there is a need for a conscious decision

to apply it in order to achieve certain objectives. In the cases reviewed in this

article, cyber capabilities were used selectively and in different intensities, as illus-

trated by the American reluctance to use pre-emptive cyber warfare against Libya.

Hence future research should look at the way cyber warfare is prioritized over con-

ventional/kinetic options in order to elucidate the conditions under which policy-

makers will prefer the former over the latter and vice versa. Furthermore, such

studies should empirically appraise how integral cyber warfare has become at the

strategic, operative, and tactical levels.

Overall, cyber warfare is becoming an accepted military expedient since it allows

leaders to achieve their political objectives with much less risk in the short term, even

if in the long term it may actually lead to ‘non-cyber’ escalation.127 Prussian strategist

and military thinker Carl von Clausewitz wrote long ago that ‘. . . a prince or a general

can best demonstrate his genius by managing a campaign exactly to suit his objectives

and his resources, doing neither too much nor too little’.128 Cyber warfare allows pol-

icymakers and the military to do exactly that, and with additional adjustments realism

can help to better explain the process even if there is more work to be done in pursuit

of this goal.

A C K N O W L E D G E M E N T S

An earlier version of this article was presented at the annual meeting of the Israeli Association for Inter-national Studies (IAIS), Herzliya, 25 December 2011. The author would like to thank Chaka Ferguson,Keir Lieber, the anonymous reviewers for CSP, and Aaron Karp for their invaluable comments andsuggestions.

N O T E S

1. See, for example, David E. Sanger and Mark Mazzetti, ‘Israel Struck Syrian Nuclear Project, AnalystsSay’, New York Times, 14 October 2007. Former American president George Bush testified in hismemoirs that it was Israel that attacked the suspected Syrian nuclear facility. See GeorgeW. Bush, Decision Points (New York: Crown Publishers, 2010), pp. 421–2.

2. David A. Fulghum, Robert Wall, and Amy Butler, ‘Cyber-Combat’s First Shot’, Aviation Week &Space Technology, Vol. 167, No. 21 (November 2007), p. 28.

3. Athina Karatzogiann, The Politics of Cyberconflict (London: Routledge, 2006), p. 94.4. Johan Eriksson and Giampiero Giacomello, ‘The Information Revolution, Security, and International

Relations: (IR)relevant Theory?’, International Political Science Review, Vol. 27, No. 3 (July 2006),p. 229.

5. E. Anders Eriksson, ‘Information Warfare: Hype or Reality?’, The Nonproliferation Review, Vol. 6,No. 3 (Spring–Summer 1999), pp. 57–64.

6. For a similar definition, see Charles Billo and Welton Chang, Cyber Warfare: An Analysis of theMeans and Motivations of Selected Nation States (Hanover, NH: Institute for Security TechnologyStudies, 2004), p. 140.

7. Myriam Dunn Cavelty, ‘Cyberwar’, in George Kassimeris and John D. Buckle (eds), The AshgateResearch Companion to Modern Warfare (Farnham, UK: Ashgate, 2010), p. 125. For a broad

58 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 22: Cyber Posturing and the Offense-Defense Balance

theoretical treatment of cyber warfare, see Johan Eriksson and Giampiero Giacomello (eds), Inter-national Relations and Security in the Digital Age (London: Routledge, 2007).

8. Jack Donnelly, Realism and International Relations (Cambridge: Cambridge University Press, 2000),p. 1.

9. Keir A. Lieber, War and the Engineers: The Primacy of Politics over Technology (Ithaca, NY:Cornell University Press, 2005), p. 1.

10. Richard J. Harknett, John P. Callaghan, and Rudi Kauffman, ‘Leaving Deterrence Behind: War-Fighting and National Cybersecurity’, Journal of Homeland Security & Emergency Management,Vol. 7, No. 1 (2010), pp. 1–24. On American cyber deterrence, see Tim Stevens, ‘A Cyberwar ofIdeas? Deterrence and Norms in Cyberspace’, Contemporary Security Policy, Vol. 33, No. 1(April 2012), pp. 148–70.

11. John B. Sheldon, ‘Deciphering Cyberpower: Strategic Purpose in Peace and War’, Strategic StudiesQuarterly, Vol. 5, No. 2 (Summer 2011), pp. 95–112; Richard Clarke, ‘War from Cyberspace’, TheNational Interest, Vol. 104 (November/December 2009), pp. 31–6.

12. Stephen Van Evera, Causes of War: Power and the Roots of Conflict (Ithaca, NY: Cornell UniversityPress, 1999), pp. 116–19.

13. See, respectively, Robert Jervis, ‘Cooperation under the Security Dilemma’, World Politics, Vol. 30,No. 2 (January 1978), p. 187; George H. Quester, Offense and Defense in the International System(New York: John Wiley, 1977), p. 7. The theory was elaborated in Van Evera, Causes of War(note 12), ch. 6.

14. See, for example, Yoav Gortzak, Yoram Z. Haftel, and Kevin Sweeney, ‘Offense-DefenseTheory: An Empirical Assessment’, Journal of Conflict Resolution, Vol. 49, No. 1 (February 2005),pp. 67–89; Jack S. Levy, ‘The Offensive/Defensive Balance of Military Technology: ATheoretical and Historical Analysis’, International Studies Quarterly, Vol. 28, No. 2 (June 1984),pp. 219–38; Keir A. Lieber, ‘The New History of World War I and What it Means for InternationalRelations Theory’, International Security , Vol. 32, No. 2 (Fall 2007), pp. 155–91; Jonathan Shim-shoni, ‘Technology, Military Advantage, and World War I: A Case for Military Entrepreneurship’,International Security, Vol. 15, No. 3 (Winter 1990/1991), pp. 187–215.

15. For an excellent attempt, see Sean Lynn-Jones, ‘Offense-Defense Theory and its Critics’, SecurityStudies, Vol. 4, No. 4 (Summer 1995), pp. 660–91. For a more recent effort, see Karen RuthAdams, ‘Attack and Conquer? International Anarchy and the Offense-Defense-DeterrenceBalance’, International Security, Vol. 28, No. 3 (Winter 2003/2004), pp. 45–83.

16. Charles L. Glaser and Chaim Kaufmann, ‘What is the Offense-Defense Balance and Can We Measureit?’, International Security, Vol. 22, No. 4 (Spring 1998), p. 50. See also Lynn-Jones, ‘Offense-Defense Theory and its Critics’ (note 15), p. 665.

17. On the ‘steps-to-war’ model, see for example Paul Senese and John A. Vasquez, Steps to War : AnEmpirical Study (Princeton, NJ: Princeton University Press, 2008).

18. Richard Clarke and Robert K. Knake, Cyber War: The Next Threat to National Security and What toDo About It (New York: Harper Collins, 2010), p. 69.

19. James Adams, ‘Virtual Defense’, Foreign Affairs, Vol. 80, No. 3 (May/June 2001), p. 98. See alsoStephen J. Cimbala, Military Persuasion in War and Policy: The Power of Soft (Westport, CN:Praeger, 2002), p. 203.

20. John Arquilla, ‘The Strategic Implications of Information Dominance’, Strategic Review, Vol. 22,No. 2 (Summer 1994), pp. 25–6.

21. William J. Lynn, ‘Defending a New Domain: The Pentagon’s Cyberstrategy’, Foreign Affairs, Vol.89, No. 5 (September/October 2010), p. 98.

22. Ibid. , p. 99. See also David M. Hollis, ‘CYBERCOM: The Need for a Combatant Command versusSubunified Command’, Joint Forces Quarterly, Vol. 58, No. 3 (July 2010), p. 49.

23. Kier A. Lieber, ‘Grasping the Technological Peace: The Offense-Defense Balance and InternationalSecurity’, International Security, Vol. 25, No. 1 (Summer 2000), pp. 78–80; Levy, ‘The Offensive/Defensive Balance’ (note 14), p. 225. For a similar but not identical definition, see Adams, ‘Attackand Conquer?’ (note 15), pp. 54–9.

24. For a different yet useful categorization, see Matt Bishop and Emily O. Goldman, ‘TheStrategy and Tactics of Information Warfare’, in Emily O. Goldman (ed.), National Securityin the Information Age (London: Frank Cass, 2004), pp. 101–25; David J. Betz and TimStevens, Cyberspace and the State: Toward a Strategy for Cyber-Power (London: Routledge,2011), ch. 3.

25. Stephen Van Evera, ‘Offense/Defense Dominance’, in Keith Dowding (ed.), Encyclopedia of Power(Thousand Oaks, CA: Sage, 2011), p. 457.

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 59

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 23: Cyber Posturing and the Offense-Defense Balance

26. See, for example, US Marine Corps, Information Operations: MCWP 3-36 (Washington, DC: Depart-ment of the Navy, February 2001).

27. See Ted G. Lewis, Critical Infrastructure Protection in Homeland Security: Defending a NetworkedNation (Hoboken, NJ: John Wiley, 2006).

28. Greg Rattray, Strategic Warfare in Cyberspace (Cambridge, MA: MIT Press, 2001), pp. 101–12.29. On strategic and operational cyberwar, see Martin C. Libicki, Cyberdeterrence and Cyberwar (Santa

Barbara, CA: Rand, 2009), chs. 6, 7.30. See, for example, Office of the Chairman of the Joint Chiefs of Staff, Joint Doctrine for

Information Operations, JP 3-13 (Washington, DC: Office of the Chairman of the Joint Chiefs ofStaff, 1998), p. I-2.

31. Stephen Biddle, ‘Rebuilding the Foundations of Offense-Defense Theory’, The Journal of Politics,Vol. 63, No. 3 (August 2001), p. 745.

32. Glaser and Kaufmann, ‘What is the Offense-Defense Balance’ (note 16), p. 64.33. This is directly related to the problem of attribution. See Susan W. Brenner, Cyberthreats: The Emer-

ging Fault Lines of the Nation State (New York: Oxford University Press, 2009).34. Sheldon, ‘Deciphering Cyberpower’ (note 11), pp. 99–100.35. Lieber, War and the Engineers (note 9), pp. 2–3.36. On NATO’s experience, see David C. Gompert, Richard L. Kugler, and Martin C. Libick, Mind the

Gap: Promoting a Transatlantic Revolution in Military Affairs (Washington, DC: National DefenseUniversity Press, 1999).

37. Dima Adamsky, The Culture of Military Innovation: The Impact of Cultural Factors on the Revolu-tion in Military Affairs in Russia, the US, and Israel (Stanford, CA: Stanford University Press, 2010).

38. Elliot A. Cohen, ‘A Revolution in Warfare’, Foreign Affairs, Vol. 75, No. 2 (March/April 1996),p. 39.

39. See, for example, Alexander Klimburg, ‘Mobilising Cyber Power’, Survival, Vol. 53, No. 1 (Febru-ary/March 2011), pp. 41–60.

40. Paul G. Gillespie, Weapons of Choice: The Development of Precision Guided Munitions (Tuscaloosa:The University of Alabama Press, 2006), ch. 6.

41. Norman Schwarzkopf, It Doesn’t Take a Hero (New York: Bantam Books, 1992), p. 582.42. White House, A National Security Strategy of Engagement and Enlargement (Washington, DC: The

White House, 1995), p. 7.43. For a relatively less alarming account, see George Smith, ‘An Electronic Pearl Harbor? Not Likely’,

Issues in Science and Technology, Vol. 15, No. 1 (Fall 1998), pp. 72–3.44. John Arquilla and David Ronfeldt, ‘Need for Networked, High-Tech Cyberwar’, Los Angeles Times ,

20 June 1999.45. Anthony H. Cordesman and Justin G. Cordesman, Cyber-Threats, Information Warfare, and Critical

Infrastructure Protection: Defending the U.S. Homeland (Westport, CT: Praeger, 2002), pp. 37–8.46. Cavelty, ‘Cyberwar’ (note 7), pp. 134–5.47. Bradley Graham, ‘Bush Orders Guidelines for Cyber-Warfare’, The Washington Post , 7 February

2003.48. See Brian McWilliams, ‘Iraq’s Crash Course in Cyberwar’, Wired, 22 May 2003; Clarke and

Knake, Cyber War (note 18), pp. 9–10.49. Nathan Thornburgh, ‘The Invasion of the Chinese Cyberspies’, Time , 29 August 2005.50. Harknett, Callaghan, and Kauffman, ‘Leaving Deterrence Behind’ (note 10), p. 4.51. White House, National Strategy to Secure Cyberspace (Washington, DC: The White House, 2003),

p. vii.52. Office of the Chairman of the Joint Chiefs of Staff, The National Military Strategy of the United

States of America (Washington, DC: Office of the Chairman of the Joint Chiefs of Staff, 2004),p. 18.

53. Emphasis added. See Office of the Chairman of the Joint Chiefs of Staff, The National Defense Strat-egy of the United States of America (Washington, DC: Office of the Chairman of the Joint Chiefs ofStaff, 2005), p. 3.

54. Emphasis added. See Department of Defense, National Military Strategy for Cyberspace Operations(Washington, DC: Department of Defense, 2006), pp. 1, 10.

55. Keith B. Alexander, ‘Warfighting in Cyberspace’, Joint Force Quarterly, Vol. 46, No. 3 (July 2007),p. 59.

56. Ellen Nakashima, ‘Bush Order Expands Network Monitoring’, Washington Post, 26 January 2008.57. White House, Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Com-

munications Infrastructure (Washington, DC: White House, 2009).

60 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 24: Cyber Posturing and the Offense-Defense Balance

58. Spencer S. Hsu, ‘A Pentagon Cyber-Command is in the Works’, Washington Post, 22 April 2009.59. Peter Beaumont, ‘U.S. Appoints First Cyber Warfare General’, Guardian, 23 May 2010.60. David E. Sanger and Elisabeth Bumiller, ‘Pentagon to Consider Cyberattacks Acts of War’, New York

Times, 31 May 2011.61. Eric Schmitt and Thom Shanker, ‘U.S. Debated Cyberwarfare in Attack Plan on Libya’, New York

Times, 17 October 2011.62. White House, International Strategy for Cyberspace: Prosperity, Security, and Openness in a Net-

worked World (Washington, DC: White House, 2011), p. 14.63. Thom Shanker, ‘U.S. Weighs Its Strategy on Warfare in Cyberspace’, New York Times, 18 October

2011.64. Ji You, The Armed Forces of China (New York: I.B. Tauris, 1999), p. 2.65. David Shambaugh, Modernizing China’s Military : Progress , Problems, and Prospects (Berkeley,

CA: University of California Press, 2003), ch. 1.66. Timothy Walton, ‘Treble Spyglass, Treble Spear? China’s Three Warfares’, Defense Concepts, Vol.

4, No. 4 (December 2009), p. 50.67. Ming Wan, Human Rights in Chinese Foreign Relations: Defining and Defending National Interests

(Philadelphia, PA: University of Pennsylvania Press, 2001), pp. 42–3.68. Avery Goldstein, Rising to Challenge: China’s Grand Strategy and International Security (Stanford,

CA: Stanford University Press, 2005), p. 2.69. Allen S. Whiting, ‘The PLA and China’s Threat Perceptions’, The China Quarterly , No. 146 (June

1996), pp. 607–8.70. David M. Lampton, Same Bed, Different Dreams: Managing US–China Relations, 1989–2000 (Ber-

keley, CA: University of California Press, 2001), p. 73.71. Ross H. Munro, ‘Eavesdropping on the Chinese Military: Where it Expects War, Where it Doesn’t’,

Orbis, Vol. 38, No. 3 (Summer 1994), p. 360.72. Ding Henggao, ‘Reforming Defense Science, Technology, and Industry’, in Michael Pillsbury (ed.),

Chinese Views of Future Warfare (Washington, DC: National Defense University, 1997), p. 156.73. For a detailed account of the Chinese treatment of ICT and information warfare during the 1990s, see

James C. Mulvenon and Richard H. Yang, The People’s Liberation Army in the Information Age(Santa Barbara, CA: Rand, 1999), ch. 9.

74. Reprinted as Weng Pufang, ‘The Challenge of Information Warfare’, in Michael Pillsbury (ed.),Chinese Views of Future Warfare (Washington, DC: National Defense University, 1997), p. 319.

75. US Congress, Report to Congress of the US–China Economic and Security Review Commission(Washington, DC: Government Printing Office, 2009), p. 172.

76. Clarke and Knake, Cyber War (note 18), p. 58; Hamish McDonald, ‘Beijing Spies a Useful Friend inCastro’, The Age , 27 February 2003.

77. Tai Ming Cheung, ‘Modernizing the People’s Liberation Army: Aims and Implications’, in ShaunBreslin (ed.), Handbook of China’s International Relations (London: Routledge, 2010), p. 125.

78. Shane Harris, ‘China’s Cyber-Militia’, National Journal Magazine , 31 May 2008.79. Jason Fritz, ‘How China Will Use Cyber Warfare to Leapfrog in Military Competitiveness’, Culture

Mandala, Vol. 8, No. 1 (October 2008), p. 33; Ashley J. Tellis, ‘China’s Military Space Strategy’,Survival, Vol. 49, No. 3 (Autumn 2007), pp. 41–72.

80. Magnus Hjortdal, ‘China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence’, Journal ofStrategic Security, Vol. 4, No. 2 (2011), pp. 1–24. On China’s asymmetric strategy in the context ofTaiwan, see Thomas J. Christensen, ‘Posing Problems without Catching Up: China’s Rise and Chal-lenges for US Security Policy’, International Security, Vol. 25, No. 4 (Spring 2001), pp. 5–40.

81. Information Office of the State Council, China’s National Defense in 2000 (Beijing: InformationOffice of the State Council of the People’s Republic of China, 2000).

82. Office of the Secretary of Defense, Annual Report to Congress: Military Power of the People’sRepublic of China 2007 (Washington, DC: Office of the Secretary of Defense, 2007), p. 22. For anexcellent review of the institutional structure of these units, see Deepak Sharma, ‘IntegratedNetwork Electronic Warfare: China’s New Concept of Information Warfare’, Journal of DefenceStudies, Vol. 4, No. 2 (April 2010), pp. 37–40.

83. Information Office of the State Council, China’s National Defense in 2008 (Beijing: InformationOffice of the State Council of the People’s Republic of China, 2009, pp. 60–62).

84. See, for example, Rod Thorntonx, Asymmetric Warfare: Threat and Response in the Twenty-FirstCentury (Cambridge: Polity Press, 2007), pp. 62–3.

85. Andrei Kozyrev, ‘Russia: A Chance for Survival’, Foreign Affairs, Vol. 71, No. 2 (Spring 1992),p. 13.

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 61

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 25: Cyber Posturing and the Offense-Defense Balance

86. Zoltan Barany, Democratic Breakdown and the Decline of the Russian Military (Princeton, NJ: Prin-ceton University Press, 2007), p. 71. For an excellent description of the root causes of the conflict andRussian military failure, see respectively John B. Dunlop, Russia Confronts Chechnya: Roots of aSeparatist Conflict (Cambridge: Cambridge University Press, 1998); Anatol Lieven, Chechnya:Tombstone of Russian Power (New Haven, CT: Yale University Press, 1997).

87. Alessandra Stanley, ‘Russia’s New Foreign Minister Sets a More Assertive Tone’, New York Times ,13 January 1996.

88. See, for example, Mary C. Fitzgerald, ‘The Russian Image of Future War’, Comparative Strategy,Vol. 13, No. 2 (Spring 1994), pp. 167–80; Lester W. Grau and Timothy L. Thomas, ‘A RussianView of Future War: Theory and Direction’, Journal of Slavic Military Studies, Vol. 9, No. 3 (Sep-tember 1996), pp. 508–11.

89. Graeme P. Herd, ‘The “Counter-Terrorist Operation” in Chechnya: “Information Warfare” Aspects’,Journal of Slavic Military Studies, Vol. 13, No. 4 (December 2000), pp. 57–83.

90. Stephen Blank, ‘Web War I: Is Europe’s First Information War a New Kind of War?’, ComparativeStrategy, Vol. 27, No. 3 (May 2008), pp. 227–47. On the attribution problem during the Estonianepisode, see Gadi Evron, ‘Battling Botnets and Online Mobs: Estonia’s Defense Efforts during the Inter-net War’, Georgetown Journal of International Affairs, Vol. 9, No. 1 (Winter/Spring 2008), p. 123.

91. Duncan B. Hollis, ‘Rules of Cyberwar?’, Los Angeles Times , 8 October 2007.92. Mark Landler and John Markoff, ‘Digital Fears Emerge After Data Siege in Estonia’, New York Times ,

29 May 2007; Peter Finn, ‘Cyber Assaults on Estonia Typify a New Battle Tactic’, Washington Post , 19May 2007.

93. For a comprehensive review of the conflict, see Svante Cornell and Frederick Starr (eds), The Guns ofAugust: Russia’s War in Georgia (Armonk, NY: M.E. Sharp, 2009).

94. For the official Georgian version of this aspect of the war, see Government of Georgia, Russian Inva-sion of Georgia: Russian Cyberwar on Georgia (November 2008).

95. Stephen W. Korns and Joshua E. Kastenberg, ‘Georgia’s Cyber Left Hook’, Parameters, Vol. 38, No.4 (Winter 2008/2009), p. 60. See also John Markoff, ‘Before the Gunfire, Cyberattacks’, New YorkTimes, 12 August 2008.

96. Kim Hart, ‘Longtime Battle Lines Are Recast in Russia and Georgia’s Cyber War’, Washington Post ,14 August 2008.

97. Siobhan Gorman, ‘Georgia States Computers Hit by Cyberattack’, Wall Street Journal , 12 August2008.

98. For the full version of the doctrine, see http://news.kremlin.ru/ref_notes/461 (accessed 5 December2011). For an excellent analysis of the doctrine, see Stephen J. Blank (ed.), Russian Military Politicsand Russia’s 2010 Defense Doctrine (Carlisle, PA: Strategic Studies Institute, 2011).

99. The full document is available online at http://www.ens.mil.ru/science/publications/more.htm?id=10845074@cmsArticle#3.2.

100. Myriam Dunn Cavelty, ‘Cyber-Allies: Strengths and Weaknesses of NATO’s Cyberdefense Posture’,IP Global Edition, Vol. 12, No. 3 (April 2011), p. 13.

101. Quoted in Rajan Menon, ‘The End of Alliances’, World Policy Journal, Vol. 20, No. 2 (Summer2003), p. 2.

102. Celeste A. Wallander, ‘Institutional Assets and Adaptability: NATO after the Cold War’, Inter-national Organization, Vol. 54, No. 4 (Autumn 2000), pp. 705–35.

103. Ivan Dinev Ivanov, Transforming NATO: New Allies, Missions, and Capabilities (Lanham, MD: Lex-ington Books, 2011).

104. NATO, The Alliance’s Strategic Concept (Brussels: North Atlantic Treaty Organization, 24 April1999).

105. NATO, Prague Summit Declaration (Brussels: North Atlantic Treaty Organization, 21 November2002).

106. Jim Michaels, ‘NATO Mulling Safety against Cyberattacks’, USA Today , 15 June 2007.107. Bobbie Johnson, ‘NATO Says Cyber Warfare Poses as Great a Threat as a Missile Attack’, Guardian ,

6 March 2008.108. Mission and Vision , available online at http://www.ccdcoe.org/.109. NATO, Bucharest Summit Declaration (Brussels: North Atlantic Treaty Organization, 3 April 2008).110. NATO, Declaration on Alliance Security (Brussels: North Atlantic Treaty Organization, 4 April

2009).111. NATO, NATO 2020: Assured Security; Dynamic Engagement: Analysis and Recommendations of the

Group of Experts on a New Strategic Concept for NATO (Brussels: NATO Public Diplomacy Div-ision, 2010), p. 45.

62 CONTEMPORARY SECURITY POLICY

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4

Page 26: Cyber Posturing and the Offense-Defense Balance

112. Ibid ., p. 20.113. NATO, Active Engagement, Modern Defence: Strategic Concept for the Defence and Security of the

Members of the North Atlantic Treaty Organization (Brussels: NATO Public Diplomacy Division,2010), pp. 16–17.

114. Eneken Tikk, ‘Global Cybersecurity – Thinking about the Niche for NATO’, SAIS Review, Vol. 30,No. 2 (Summer/Fall 2010), p. 113.

115. Stephane Abrial, ‘NATO Builds its Cyberdefenses’, New York Times , 27 February 2011.116. NATO, The Secretary General’s Annual Report 2011 (Brussels: NATO Public Diplomacy Division,

2012), p. 10.117. Kenneth Geers, Strategic Cyber Security (Tallinn, Estonia: CCDCOE Publication, 2011), p. 31.118. David Betz ‘“Cyberwar is Not Coming”’, Infinity Journal, Vol. 3 (Summer 2011), p. 21.119. Lynn, ‘Defending a New Domain’ (note 21), p. 108.120. The exception is the report on American cyberattacks against Iran using a computer program called

Flame. See David E. Sanger, ‘Obama Order Sped Up Wave of Cyberattacks against Iran’, New YorkTimes, 1 June 2012.

121. Franklin D. Kramer, ‘Cyberpower and National Security: Policy Recommendations for a StrategicFramework’, in Franklin D. Kramer, Stuart H. Starr, and Larry K. Wentz (eds), Cyberpower andNational Security (Washington, DC: National Defense University, 2009), pp. 3–23. Former directorof the National Security Agency (NSA) Mike McConnell also noted that ‘[t]he problem is not one ofresources . . . The problem is that we lack a cohesive strategy to meet this challenge’. See MikeMcConnell, ‘How to Win the Cyber-War We’re Losing’, Washington Post , 28 February 2010.

122. Office of the Secretary of Defense, Military and Security Developments Involving the People’sRepublic of China 2011 (Washington, DC: Office of the Secretary of Defense, 2011).

123. James Fallows, ‘Cyber Warriors’, The Atlantic, Vol. 305, No. 2 (March 2010), pp. 58–63.124. Bryan Krekel, Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer

Network Exploitation (McLean, VA: Northrop Grumman Corporation, 2009), p. 23.125. Charles Clover, ‘Kremlin-Backed Group behind Estonia Cyber Blitz’, Financial Times , 11 March

2009.126. Siobhan Gorman and Julian E. Barnes, ‘Cyber Combat: Act of War’, Wall Street Journal, 31 May

2011.127. Libicki, Cyberdeterrence and Cyberwar (note 29), pp. 69–70.128. Carl Von Clausewitz, On War, Michael E. Howard and Peter Paret, ed. and trans. (Princeton, NJ:

Princeton University Press, 1976), p. 134.

CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 63

Dow

nloa

ded

by [

Uni

vers

ity o

f Il

linoi

s C

hica

go]

at 1

8:01

21

Oct

ober

201

4