This article was downloaded by: [University of Illinois Chicago]On: 21 October 2014, At: 18:01Publisher: RoutledgeInforma Ltd Registered in England and Wales Registered Number: 1072954Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH,UK
Contemporary Security PolicyPublication details, including instructions for authorsand subscription information:http://www.tandfonline.com/loi/fcsp20
Cyber Posturing and theOffense-Defense BalanceIlai SaltzmanPublished online: 11 Mar 2013.
To cite this article: Ilai Saltzman (2013) Cyber Posturing and the Offense-Defense Balance, Contemporary Security Policy, 34:1, 40-63, DOI:10.1080/13523260.2013.771031
To link to this article: http://dx.doi.org/10.1080/13523260.2013.771031
PLEASE SCROLL DOWN FOR ARTICLE
Taylor & Francis makes every effort to ensure the accuracy of all theinformation (the “Content”) contained in the publications on our platform.However, Taylor & Francis, our agents, and our licensors make norepresentations or warranties whatsoever as to the accuracy, completeness, orsuitability for any purpose of the Content. Any opinions and views expressedin this publication are the opinions and views of the authors, and are not theviews of or endorsed by Taylor & Francis. The accuracy of the Content shouldnot be relied upon and should be independently verified with primary sourcesof information. Taylor and Francis shall not be liable for any losses, actions,claims, proceedings, demands, costs, expenses, damages, and other liabilitieswhatsoever or howsoever caused arising directly or indirectly in connectionwith, in relation to or arising out of the use of the Content.
This article may be used for research, teaching, and private study purposes.Any substantial or systematic reproduction, redistribution, reselling, loan, sub-licensing, systematic supply, or distribution in any form to anyone is expressly
forbidden. Terms & Conditions of access and use can be found at http://www.tandfonline.com/page/terms-and-conditions
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
Cyber Posturing and the Offense-DefenseBalance
ILAI SALTZMAN
For some realists, cyber warfare is ‘old wine in new bottles’, with marginal added value. Thismisses the larger possibilities for political/military chain reactions that cyber warfare mayprompt, possibly leading to armed conflict. This article utilizes Offense-Defense theory toappraise the influence of cyber warfare on international security and the prospects for conflict.Offense-Defense theory, as applied here, better explains the relationship between technologicalinnovation and international politics, and leads to different conclusions from other realistapproaches. Redefining the Offense-Defense balance to accommodate cyberspace leads toan emphasis on the offensive advantages of cyber capabilities. The offensive and defensivecyber postures of China, Russia, the United States, and NATO are examined here to empiricallyassess the role of cyber warfare in security policy. Evidence shows that innovations in Infor-mation and Communication Technology (ICT) allow states to take greater risks and adoptmore vigilant or offensive positions toward adversaries. Cyber capabilities do not causearmed conflict, but make decisions to escalate easier and cheaper. A strategic enabler that pro-vides attackers greater freedom of action, cyber warfare is becoming a necessary condition forthe conduct of war, even if it is not a sufficient one.
Introduction
In September 2007, Israeli military cyber warriors reportedly hacked into the Syrian
monitoring and anti-aircraft missile defences to allow Israeli fighter jets to bomb the
suspected nuclear reactor near Deir el-Zor.1 As described by one account:
[T]he main attack was preceded by an engagement with a single Syrian radar
site at Tall al-Abuad near the Turkish border. It was assaulted with what
appears to be a combination of electronic attack and precision bombs to
enable the Israeli force to enter and exit Syrian airspace. Almost immediately,
the entire Syrian radar system went off the air for a period of time that included
the raid.2
This incident, along with others discussed here, suggests that we are in the course
of a new era, similar to past transformations in international security, such as the air-
plane, the tank, or the nuclear bomb, innovations that culminated in radical departures
in strategic thinking and behaviour. Information and Communication Technology
(ICT) not only drives the internet, the iPhone, or the Global Positioning System
(GPS). Nowadays, ICT has become an integral and possibly an essential military
Contemporary Security Policy, Vol.34, No.1, 2013, pp.40–63http://dx.doi.org/10.1080/13523260.2013.771031 # 2013 Taylor & Francis
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
capability. The cyber sphere of action it created is replacing the conventional
battlefield.3
Some observers argue that for realists cyber warfare is ‘old wine in a new bottle’;
its added value is rather marginal.4 This downplays the broader implications of cyber
warfare, stressing only technical aspects and focusing on information warfare (IW),
one operative manifestation of cyber warfare, rather than the possibilities for politi-
cal/military chain reaction that cyber warfare may prompt, ending in armed conflict.5
Consequently, this article is not concerned with specific cyber tactics like computer-
based commercial espionage or phishing per se. Rather, this analysis stresses the inte-
gration of ICT applications aimed at disrupting, paralysing, and possibly destroying
another state’s assets, with a direct bearing on national security and critical infrastruc-
ture, and especially its capacity to conduct military operations.6
This article has two main objectives. First, despite the large number of studies
dealing with cyber warfare, we are still lacking a realist theoretical conceptualization
of its influence on international security in general and on the pervasiveness of war in
particular.7 This analysis examines the relevance of realism as a technologically,
rather than a territorially, based explanation for international security in the infor-
mation age. Considering the fact that ‘[r]ealist theories . . . still provide a context
and motivation for many of the most important theoretical debates in the field’, as
Jack Donnelly asserts, it is almost inconceivable that realism will not take a shot at
explaining the dramatic technological shift in the security environment caused by
cyber warfare.8 This article employs realist Offense-Defense theory to evaluate the
expected effect of ICT on the prevalence of war, using the most suitable realist frame-
work to explore the nexus between technological innovation and international poli-
tics, and especially questions of war and peace.9 In contrast to other scholars, who
apply Offense-Defense theory to support cyber deterrence, this treatment stresses
the need to dramatically modify Offense-Defense terminology to better address
cyber warfare’s unique and revolutionary features.10
Second, this article tests this Offense-Defense framework, empirically evaluating
the role of cyber warfare in contemporary military strategic thinking and state behav-
iour. The evolving cyber postures of China, Russia, NATO, and the United States
show to what extent cyber warfare concepts have gained traction among leaders, stra-
tegists, and military planners. Since we are dealing with ongoing technological devel-
opments, their policy implications far from determined, this study is more of a probe
into a possible future rather than a final ruling. Nevertheless, from existing evidence it
is possible to infer that ICT allows states to take greater risks and thus adopt more
vigilant or offensive positions vis-a-vis their adversaries. Cyber capabilities do not
cause armed conflict, but their existence makes the decision to escalate armed conflict
easier and considerably cheaper. ICT can be considered a strategic enabler and an
efficient force multiplier that provides the attacker with greater freedom of action.
The article first, briefly, discusses the current status of Offense-Defense theory
and suggests a fundamental conceptual amendment to allow realism to better incor-
porate cyber warfare into accounts of contemporary international security. It then
proceeds to evaluate the cyber Offense-Defense balance to locate its strategic orien-
tation. The cyber posture of four of the prominent actors in contemporary world
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 41
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
affairs – China, Russia, NATO, and the United States – are examined in order to
assess the effect of the cyber Offense-Defense balance on their security policies.
It is the conclusion of this article that for realism to maintain its relevance, it must
transcend traditional territorial and kinetic traits of international security, or at least
give more room for novel technological factors, and consider cyberspace as an
alternative realm that states utilize to attack others. ICT and employment of cyber
warfare is becoming a necessary condition for the conduct of war, even if not a suffi-
cient one, and realism must adjust its theoretical foundations and predictions accord-
ingly. At a minimum, cyber warfare is an influential force multiplier or conflict
enabler. At a maximum, it is a strategic game changer.11 But while the potential of
cyber warfare to revolutionize international security and interstate conflict is dra-
matic, the scale of this transformation will be determined by political rather than tech-
nological considerations.
Cybernating Offense-Defense Theory
Offense-Defense theory has generated heated debates ever since it was introduced by
Robert Jervis and George Quester in the late 1970s.12 Jervis contended that the orien-
tation of different military capabilities and weaponry systems may influence inter-
state security dilemmas and therefore the prevalence of war or peace. ‘When we
say that the offense has the advantage, we simply mean that it is easier to destroy
the other’s army’, he explains. ‘When the defense has the advantage, it is easier to
protect and hold than it is to move forward, destroy and take.’ Quester, applying
the same logic, concluded that ‘likelihoods of war are thus clearly influenced by
how effective the offensive weapon seems to be, as compared with the defensive’.13
Offense-Defense theory was heavily criticized for both its methodological foun-
dation and empirical applicability.14 Thus, various attempts were made to salvage the
theory and present an amended version that would bolster its standing as a leading
realist theory.15 One of the most lethal criticisms had to do with the difficulty of dif-
ferentiating between the offensive or defensive nature of military capabilities or tech-
nologies. In response, Charles Glaser and Chaim Kaufmann, for example, suggested
that the Offense-Defense balance – the driving engine of the theory – should be con-
sidered as the ‘. . . ratio of the cost of the forces the attacker requires to take territory to
the cost of the forces the defender has deployed’.16
Still, the traditional interpretation of Offense-Defense theory, as stipulated by
both advocates and critics, is somewhat anachronistic and to some extent irrelevant
to the information age. It presumes that war is conducted and concluded according
to a kinetic basis and a territorial logic. Furthermore, the determinism of offensive
and defensive capabilities, the security dilemma and armed conflict, is simplistic.
It fosters a flawed ‘major war pathology’ that does not necessarily exist today. One
can plausibly imagine an armed conflict that is not necessarily aimed at unconditional
surrender or territorial occupation, but tends to be much more limited, although it can
turn into an all-out war of course, a kind of slippery slope interstate militarized
dynamics.17 Second, and more importantly, since the conduct of contemporary
warfare is dependent on ICT infrastructure, cyberspace becomes a contested
42 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
domain in which cyberwar, or major technological conflicts, may take place or even
be determined.18 As James Adams notes, ‘[a]round the world, information technol-
ogy increasingly pervades weapons systems, defense infrastructures and national
economies. As a result, cyberspace has become a new international battlefield’.19
Cyberwar may not solely determine the outcomes of future armed conflicts and
interstate rivalries, but it can influence leaders’ determination to prefer military
options over political solutions. Since the early 1990s, policymakers have become
deeply aware of ICT-based systems’ vulnerability, their influence on states’ national
security posture, and the ability to conduct military operations.20 Former American
Deputy Secretary of Defense William Lynn recently acknowledged that ICT
enables almost everything the US military does: logistical support and global
command and control of forces, real-time provision of intelligence, and
remote operations . . . The US government’s digital infrastructure now gives
the United States critical advantages over any adversary, but its reliance on
computer networks also potentially enables adversaries to gain valuable intelli-
gence about US capabilities and operations, to impede the United States’ con-
ventional military forces, and to disrupt the US economy.21
But is cyberspace defence or offence oriented? According to Lynn, the answer is
straightforward: ‘In cyberspace, the offense has the upper hand’.22 This may be intui-
tively correct, and surely this position is shared by the vast majority of scholars and
practitioners, but how can Offense-Defense theory provide a more founded answer to
this question? This article suggests that Offense-Defense theory can effectively
perform this task after updating its conceptual basis. Essentially, the balance
between offence and defence is determined, in the traditional fashion, according to
two key factors: mobility enhancement and firepower’s degree of destructiveness.23
However, these determinants are not necessarily relevant to cyber warfare and thus
must be redefined in order to address the technologically different security environ-
ment we are dealing with in the information age and the various expressions of cyber
warfare.24
From Mobility to ‘Versatility’
Unlike the customary kinetic and territorially based interpretation of the term mobi-
lity in Offense-Defense theory literature that relates to the possibility of relocating
combatants at the strategic, operational, and tactical levels,25 in cyberspace mobility
actually relates to the capacity to technologically attack different types of ICT-based
targets at the strategic, operational, and tactical levels. Rather than thinking in terms
of the physical allocation of armed forces across or between combat zones, in cyber-
war we should talk of cyber versatility that corresponds to levels of war hierarchy.26
Strategic targets or critical infrastructures consist of vital or centre-of-gravity
assets whose destruction may have a colossal effect on a state’s national security
and its capacity to operate normally.27 Such elements include a state’s military
constellations, defence industrial base, satellite communication, electrical power
grid, internet connectivity, central banking system, stock market, ministries, and
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 43
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
governmental agencies.28 On the operational level, where the focus is on related ICT-
based systems, cyber warfare may foil the use of military and warning systems such
as anti-aircraft missile systems, reconnaissance capabilities, or the hacking into an
enemy’s technological capabilities such as drones and other unmanned aerial
vehicles (UAVs).29 On the tactical level, when the focus is on a particular and
segmented ICT-based system, cyber warfare may interrupt battlefield communication
and coordination, disrupt electronic signals such as radio and GPS signals, or elimin-
ate them completely.30
From Firepower to ‘Byte Power’
Unlike the customary territorially based interpretation of this feature in the Offense-
Defense theory literature that primarily revolves around accuracy and destructiveness
of certain weapons, in cyberspace firepower actually relates to the degree of techno-
logical damage that can be inflicted on the enemy’s ICT-based infrastructure at the
strategic, operational, and tactical levels. Rather than talk of kinetic firepower, in
cyber warfare the idea is to examine how much byte power a state can extract and
direct towards an adversary’s ICT-based targets.
While the Offense-Defense theory literature typically maintains that the greater a
weapon’s firepower the greater its contribution to the defence,31 this assertion is chal-
lenged by prominent Offense-Defense theorists and it seems largely misguided in
cyberspace. Glaser and Kaufman argue, for example, that ‘. . . there can be exceptions
when specific firepower innovations are differentially useful against defender’.32 It
seems that moving from the territorial and/or the kinetic to cyberspace allows
such an exception, especially if we are dealing with highly accurate and low-signature
cyber capabilities that allow the attacking and possible neutralization of an enemy’s
defence systems with virtual anonymity.33 Furthermore, and primarily as a comp-
lementary mechanism, selective or surgical cyberattacks may greatly improve the
effectiveness of offensive conventional weapons by creating a cyber window of
opportunity for conventional activities through which both combatants and equip-
ment can penetrate more easily an otherwise unassailable target.34
To sum up this section, ICT-induced cyber capabilities tilt the Offense-Defense
balance in favour of the offence, not in the prospects of gaining and maintaining
control over territory and material resources as a manifestation of victory, but
rather in the actual possibility to paralyse the enemy’s military deployment and civi-
lian preparedness and drastically limit its retaliatory potential. Since the use of cyber
capabilities according to both indicators suggests that offence has the advantage, let
us turn to evaluate the relevance of cyber warfare to the process of policymaking. For
offence-dominant cyber capabilities to actually influence calculations and decisions
in matters of war and peace, leaders and policymakers must be aware of these tech-
nologically advanced capabilities and acknowledge their strategic advantages. In the
words of Keir Lieber, the influence of technological innovation ‘. . . is always filtered
through the strategies that state decision makers employ in pursuit of their political
goals. In simplest terms, politics – more than technology – is the master’.35
The aim is not, however, to meticulously describe the evolution of American,
Chinese, NATO, and Russian cyber postures, i.e. the overall strategy designed to
44 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
address different ICT-based challenges and threats by applying a multitude of proac-
tive and passive measures. Rather, I present a succinct account to highlight key fea-
tures and contemporary ramifications for war and peace. Given their offensive nature,
the following section will try to assess whether the use of cyber capabilities actually
prompted armed conflict, and under what conditions.
The Politics of Cyberwar and Peace
Generally speaking, America, China, and Russia have long histories of attempting to
combine political aims with advanced technology, while NATO primarily benefited
from the American efforts.36 The Revolution in Military Affairs (RMA), warmly
adopted by the Americans in the late 1980s and successfully implemented during
the Gulf War, was in fact an adaptation of the 1970s Soviet Military-Technical Revo-
lution (MTR).37 As Elliot Cohen observes, the idea was to promote ‘. . . an imminent
technical revolution that would give conventional weapons a level of effectiveness in
the field comparable to that of small tactical nuclear weapons’.38
The following accounts describe the evolution of American, Chinese, NATO, and
Russian cyber postures to assess the influence of ICT-based capabilities on strategic
thinking and behaviour. There is an important caveat to this analysis; cyber warfare
suffers from a major problem of attributing attacks to specific state actors. Some of
the cases discussed below include acts by non-state actors such as individuals, hack-
tivists, netizens, or more organized cyber militias and cyber gangs. Nevertheless,
there is a growing consensus in the literature that these non-state actors mostly
operate in tandem with national governments and follow their lead as proxies and
their contribution should be considered an integral part of a state’s overall cyber
policy.39
American Cyber Posture
It seems that the most robust, sophisticated, and technically and institutionally up-to-
date cyber posture is the American one, despite its paradoxical defensive nature.
While the United States is the primary target for different forms of cyber warfare,
especially cyber spying and phishing, it also possesses the highest potential to
become a cyber superpower with the most vigorous state-run ICT-based posture.
In the early 1990s, the Gulf War exhibited American technological superiority in
terms of both hardware and software as countless stealth fighters bombarded Iraq
without being detected by Iraqi anti-aircraft missile systems using state of the art pre-
cision-guided munitions (PGMs).40 American technological superiority was a deci-
sive factor in defeating Iraq. As commander of US Central Command during the
Gulf War, Norman Schwarzkopf argued that technological innovation worked
‘beyond our wildest expectations’.41
Given America’s growing reliance on ICT in the battlefield and in the supportive
and logistical military formations, and repeated reports concerning a breach of com-
puter networks such as in the case of the air force’s Rome Air Development Center in
March 1994, it became clear that this virtual Achilles heel must be protected. In 1995,
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 45
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
the Clinton administration’s national security strategy proclaimed that ‘the threat of
intrusions to our military and commercial information systems poses a significant risk
to national security and must be addressed’.42 In June 1997 the US government con-
ducted Eligible Receiver, the very first information warfare (IW) exercise that
exposed the vulnerability of American military and civilian critical infrastructures
in case of a coordinated cyberattack.43
But as American policymakers and strategists feared their vital technological
structures, they also become increasingly interested in exploiting this new strategic
domain in their favour. Indeed, while the Kosovo war was overwhelmingly won by
conducting conventional massive air bombing against Serb targets, some observers
asserted that the accuracy and efficiency of these aerial campaigns were the
outcome of cyber warfare-like operations, especially in directing the bombers to
their targets from the ground.44 Furthermore, while it is not exactly clear what
additional cyber measures were used against Serb targets, it was reported that the
United States and NATO conducted various sophisticated cyberattacks that included
penetrations of Serbian ICT systems and overloading them with data or manipulating
their databases. Hence the use of cyber capabilities at the operational level was not
only disruptive in nature but also proactive and offensive in its attempt to frustrate
Serbian defensive formation and retaliatory military options.45
During the War on Terror campaigns in Afghanistan and Iraq, following the ter-
rorist attacks of September 11, cyber warfare did not play a significant role. In both
cases, the United States had virtually no critical ICT assets to attack or disrupt and the
focus was on traditional, if irregular, combat operations.46 Nevertheless, it was
reported that a month before the Iraq War began, President Bush signed a secret direc-
tive ordering the development of an American strategy for large-scale pre-emptive
cyberattacks against adversaries of the United States.47
It was then reported that the United States was pre-emptively cutting off the Iraqi
computer network and internet grid that connected civilian and government agencies
before war began in March 2003. According to Richard Clarke, the Iraqi Defense
Ministry’s email system was hacked by the Americans in order to warn high-
ranking officers about opposing the future invasion and to assure them that the objec-
tive was to overthrow Saddam Hussein and not to destroy Iraq’s political, military,
and socioeconomic structures. Another path that was explored but not pursued was
hacking into the regime’s financial institutions and foreign bank accounts in order
to locate Saddam Hussein’s hidden assets.48
At about the same time, Chinese hackers apparently orchestrated a major cyber-
attack on American computer systems at NASA and Sandia National Laboratories.49
It was made clearer following these incidents and others that the United States must
re-evaluate its cyber policy and possibly change its approach. Yet the discourse
remained rather defensive, primarily focused on protecting American critical infra-
structure and confidential databases.50 When George W. Bush published his admin-
istration’s National Strategy to Secure Cyberspace in 2003, its objective was ‘. . . to
secure the portions of cyberspace that they own, operate, control, or with which they
interact’.51 The military establishment, on the other hand, was much more assertive in
its approach to cyber warfare, as the 2004 Military Strategy asserted:
46 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
The Armed Forces must have the ability to operate across the air, land, sea,
space and cyberspace domains of the battlespace . . . The non-linear nature of
the current security environment requires multi-layered active and passive
measures to counter numerous diverse conventional and asymmetric threats
. . . They also include threats in cyberspace aimed at networks and data critical
to US information-enabled systems. Such threats require a comprehensive
concept of deterrence encompassing traditional adversaries, terrorist networks
and rogue states able to employ any range of capabilities.52
The 2005 National Defense Strategy further proclaimed that alongside traditional
and irregular security challenges the United States confronts, cyberwarfare may con-
stitute a threat that under certain conditions “. . . can fundamentally alter long-estab-
lished concepts of warfare. Some potential adversaries are seeking disruptive
capabilities to exploit US vulnerabilities and offset the current advantages of the
United States and its partners’.53 Consequently, the stated military applications of
cyber capabilities were made more offensive than ever a year later when the 2006
National Military Strategy for Cyberspace Operations noted:
[T]he United States must have cyberspace superiority to ensure our freedom of
action and deny the same to our adversaries through the integration of network
defense, exploitation, and attack . . . Offensive capabilities in cyberspace offer
the United States and our adversaries an opportunity to gain and maintain the
initiative. DOD cyberspace operations are strongest when offensive and defen-
sive capabilities are mutually supporting. This requires a long-range focus and
dedicated resources to achieve this goal.54
The director of the National Security Agency (NSA), Keith Alexander, argued in
2007 that the United States should reformulate the operational and institutional foun-
dations of its cyber posture in order to address the technologically induced security
environment, since
while we have ample national level strategies, we have yet to translate these
strategies into operational art through development of joint doctrine for cyber-
space. Through the doctrine vetting process, we can develop a common under-
standing of what it means to conduct warfare within and through cyberspace.55
Indeed, in early 2008 President Bush issued a directive that allows American intel-
ligence agencies, especially the NSA, to monitor all internet traffic of the federal gov-
ernment in order to protect vital assets from cyberattacks. What makes this directive a
major turning point in American cyber warfare evolution is that under Bush’s initiative,
the NSA with the Federal Bureau of Investigations (FBI) and the Central Intelligence
Agency (CIA) could provide the Pentagon with evidence that a pre-emptive cyberattack
is crucial in order to protect American critical infrastructure.56
In early 2009, soon after taking office, President Barack Obama announced his
administration’s cyber policy, which remained rather committed to the defensive
notion of protecting and securing critical infrastructure in what was often referred
to as cyber security.57 Yet in April it was reported that the White House was, in
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 47
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
fact, in the final stages of establishing a new cyber agency under the Pentagon’s auth-
ority which could develop offensive cyber weapons alongside defending American
ICT critical infrastructure.58 Former director of the NSA, Keith Alexander, was
appointed as director of the Cyber Command (USCYBERCOM) and while he was
rather cautious in attributing any offensive aspects to the new command, the Pentagon
declared that the mission of this new agency was to:
[d]irect the operations and defence of specified Department of Defense infor-
mation networks [involving some 90,000 military personnel] and prepare to,
when directed, conduct full-spectrum military cyberspace operations in order
to enable actions in all domains, [to] ensure US allied freedom of action in
cyberspace and deny the same to our adversaries.59
More recently, it was reported that the Pentagon is formulating a particular strat-
egy that will engage the threats emanating from cyber warfare under the premise that
any such attack on behalf of a foreign country constitutes a declaration of war that
may result in armed conflict.60 In effect, however, President Obama did not
approve a pre-emptive cyber offensive against Libya before the United States led
the military campaign against Muammar Qaddafi in March 2011. The idea was to
use cyber warfare in order to hinder Libya’s air defence systems, but the option
was abandoned, according to some government officials, because the Obama admin-
istration feared it would act as a precedent for Russian or Chinese future offensive
attacks. One Defense Department official said the cyber options ‘. . . were seriously
considered because they could cripple Libya’s air defense and lower the risk to
pilots, but it just didn’t pan out’. Another White House official argued that ‘[t]hese
cybercapabilities are still like the Ferrari that you keep in the garage and only take
out for the big race and not just for a run around town, unless nothing else can get
you there’.61
In the aftermath of the war in Libya, the White House attempted to provide the
most comprehensive and inclusive cyber strategy to date. But despite the clear defen-
sive tone of the document, especially when considering the ambiguity of the parts
relating to cyber deterrence mechanisms, there was more than a hint of offensive
reasoning:
When warranted, the United States will respond to hostile acts in cyberspace as
we would to any other threat to our country. All states possess an inherent right
to self-defense, and we recognize that certain hostile acts conducted through
cyberspace could compel actions under the commitments we have with our
military treaty partners. We reserve the right to use all necessary means – dip-
lomatic, informational, military, and economic – as appropriate and consistent
with applicable international law, in order to defend our Nation, our allies, our
partners, and our interests.62
The debate concerning the defensive or offensive posture of American cyber
strategy or its passive or proactive nature is still ongoing. Recently, General
Robert Kehler, Commander of US Strategic Command that oversees CYBERCOM,
commented that the optimal solution would involve both: ‘I think we are looking at
48 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
what an offensive component would be: what does that look like? What kind of
options would we want to be able to offer? I think that we have always said that
there needs to be an offense and defense mix’.63 These questions remain unanswered.
Chinese Cyber Posture
It is extremely difficult to fully account for the cyber posture of China and its devel-
opment over the years. In China, defence-related transparency is a rare commodity.
Yet it is widely known and established that the Chinese pursued a robust moderniz-
ation in military technology and tactics from the late 1970s. Maoist ideology not only
determined the political and societal structure of the People’s Republic of China
(PRC) from its inception in 1949, it also served as China’s military national
defence strategy in that it revolved around the concept of ‘People’s War’ and the
mobilization of the masses for a protracted armed conflict.64 After the death of
Mao in 1976, and under Deng Xiaoping’s leadership, a new conceptualization of
Chinese warfare emerged that gradually became highly receptive to technological,
industrial, and economic developments, making the entire defence apparatus much
more open to engage the challenge of future armed conflict in the information
age.65 From an operative vantage point, China gradually abandoned Mao’s con-
ception of active defence in favour of a pre-emptive military orientation that advo-
cates a first strike mentality.66
The 1989 Tiananmen Square incident, which strained Sino-American relations,
highlighted historical anti-Western sentiments and created a shaky setting for the
post-Cold War era.67 Consequently, by the mid 1990s China was caught paradoxi-
cally in an international constellation that was just as challenging as the Cold War
international system.68 American intentions to redraw the global and regional land-
scape, and especially Washington’s reactions to the Tiananmen Square demon-
strations, were badly received in Beijing. Consequently, the United States was
increasingly considered to be a major source of danger to China’s national interests
and political order.69
American military performance during the Gulf War highlighted the technologi-
cal inferiority of the PLA and encouraged the Chinese leadership to accelerate and
broaden existing plans to modernize and improve the army’s capabilities for the
purpose of potentially waging a limited or local war.70 Indeed, newly elected
General Secretary of the Chinese Communist Party (CCP) Jiang Zemin was confident
that a comprehensive modernization of the Chinese armed forces amid what he con-
sidered American military superiority and interference in China’s internal affairs was
of great importance. Thus, he encouraged technological modernization according to
American standards when he told members of the Central Military Commission
(CMC) in early 1993 that ‘[w]e must win high-tech, small-scale wars under
modern conditions’.71 Similarly, the Chairman of the Commission on Science, Tech-
nology and National Defense Industry (COSTIND) General Ding Henggao warned
that ‘[t]he one who possesses high-tech superiority will have the upper hand on the
battlefield’.72
Modernizing and increasing the professionalism of the People’s Liberation Army
(PLA) was also matched with vigorous ICT-based innovation.73 As Major General
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 49
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
Weng Pufang, former director of the Strategy Department of the Chinese Academy of
Military Science, argued in a 1995 article he published in a Chinese military journal:
The thrust of China’s military construction and development of weapons and
equipment will no longer be toward strengthening the ‘firepower antipersonnel
system’ of the industrial age, but toward the strengthening of information tech-
nology, information weapons and information networking. Our sights must not
be fixed on the firepower warfare of the industrial age, rather they must be
trained on the information warfare of the information age.74
The PLA became highly interested in exploiting these technological innovations
and restructured its ICT-based military units to comprise the Third Department of
the PLA General Staff Department (GSD), currently entrusted with exploitation of
foreign computer networks, whereas the Fourth Department of the GSD is responsible
for attacking foreign computer networks.75 Indeed, after an agreement with Cuba was
signed in February 1998, China built two cyber warfare stations, one eavesdropping tel-
ephone and internet communications in the United States and the other more concerned
with monitoring American military satellite systems.76 But in addition to these military
units, the Chinese government has reportedly outsourced some of its cyber warfare
tasks to civilian groups that are systematically activated and thus enable greater inter-
national flexibility due to cyber warfare’s attribution problem.77
In the early 2000s, Beijing was ostensibly involved in numerous successful
attempts to hack into American databases and critical infrastructure such as
nuclear and electric power plants, satellite systems, and a number of Department
of Defense contractors that store confidential information and blueprints of future
weapon systems.78 China also launched an ambitious anti-satellite weapons
program aimed at levelling the odds against American espionage and to attack satel-
lite systems that are perceived by Beijing as utterly anti-Chinese in nature.79 Hence,
China’s cyber posture is primarily a deterrent against American military superiority
but it has deep and conscious long-term advantages that Beijing may cash in on in
time of need. In fact, China’s cyber posture will only benefit an offensive orientation
compared with the current defensive traits of the American cyber posture if Beijing
needs to prevent Washington from interfering in matters related to Taiwan, for
example.80 China’s 2000 Defense White Paper explicitly adhered to this transforma-
tive phase of the PLA’s posture into an ICT-based modernized army:
Faced with the world’s military developments and the characteristics of modern
warfare, the Chinese armed forces will, in the course of modernizing
their weaponry, devote themselves to transforming semi-mechanized and
mechanized weapon systems to automatized and informationized systems as
soon as possible, so that they can possess weapons as advanced as possible
and assure the accomplishment of the sacred missions assigned to them by
the nation.81
A report submitted to the American Congress in 2007 argued that China not only
possesses the cyber capabilities required to conduct comprehensive offensive cyber-
attacks against the United States: ‘In 2005, the PLA began to incorporate offensive
50 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
Computer Network Operations (CNOs) into its exercises, primarily in first strikes
against enemy networks’.82 Indeed, China’s 2008 Defense White Paper proclaimed
in the sections dealing with the technological dimensions of modern warfare that
China is accelerating reform and innovation in its defense-related science, tech-
nology and industry . . . Defense-related science, technology and industry are
striving to enhance the informationization of weaponry and equipment
design and development, and to render product design more digitalized, mod-
ularized, standardized and reliable.83
In sum, the Chinese consider cyber warfare and its auxiliary elements as a power
multiplier, integral to their national security strategy. Thus far, China has refrained
from presenting a comprehensive cyber strategy but in practice it has primarily
involved strategic and tactical hacking into American and other Western countries’
databases and internet systems for reasons of technological and operative military
espionage. While there were numerous indications of China’s involvement in pene-
trating critical ICT-based infrastructure in the United States, Beijing has not used its
existing cyber assets thus far to directly attack American strategic military assets in
order to neutralize them but instead has focused on cyber spying. This pattern may
change under certain conditions, especially if Beijing wishes to diversify its policy
alternatives in case of a Sino-American confrontation.84
Russian Cyber Posture
Whereas in the two previous cases the strategizing of ICT as military capabilities was
ambiguous at best, and there was certainly no actual use of cyber warfare as part of
armed conflict, the case of Russia in the first decade of the 21st century can be easily
dubbed as an exemplary case for the opposite. To begin with, during most of the
1990s Russia was grappling with the devastating economic, social, and political
effects of the collapse of the Soviet Union. According to Foreign Minister Andrei
Kozyrev, Russian foreign and defence policy was primarily focused on ‘. . . disarma-
ment and limitation of the arms race – in terms of releasing as many resources as
possible and creating the most favorable conditions for the implementation of our
socioeconomic reforms’.85
In December 1994, Russian president Boris Yeltsin signalled his intention to alter
Russia’s foreign and defence orientation when he decided to invade Chechnya, a
conflict that ‘. . . demonstrated the full extent of the armed forces’ decline. In vir-
tually every respect, the Russian military failed the challenge it was supposed to
easily master’.86 By 1996, in face of failure in Chechnya and growing domestic
opposition, Yeltsin moved to replace the moderate and pro-Western Kozyrev with
Yevgeny Primakov who also served as Prime Minister between September 1998
and May 1999. Indicatively, in his first press conference Primakov asserted that
‘Russia was and remains a great power. Her foreign policy should correspond to
that status’.87
The weaknesses of Russia’s conventional and non-conventional military postures
led many Russian military thinkers and officials to regard ICT-based capabilities as a
way to compensate for strategic inferiority. During the mid 1990s, the Russian Army
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 51
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
and Defense Ministry began seriously examining the nexus between technology and
the regular military structure.88 Russia was openly using IW during the second
Chechen war.89 The first major indication of coordinated Russian cyber warfare (in
addition to IW) took place in Estonia in 2007, after a monument commemorating
the Red Army’s re-conquest of Estonia during the Second World War was moved
despite the Kremlin’s explicit warning.90
Rather than exclusively resorting to military force in order to resolve what
Moscow considered explicit anti-Russian reactionary sentiments and policies, as
they did during the Chechen military campaigns in 1994 and 1999 for example,
this time Moscow pursued a much more sophisticated approach that included indu-
cing political riots in Estonia and targeting Estonia’s ICT infrastructure such as the
banking sector, parliament’s website and email system, emergency phone lines, hos-
pitals, and universities.91 During a period of several weeks in May 2007, after the
statue was relocated, official Estonian governmental websites and vital telecommuni-
cations infrastructure were attacked and rendered inactive, according to most
accounts, by Russian perpetrators.92
Russian policymakers began to appreciate the role of ICT and cyber warfare as an
auxiliary instrument of coercion and statecraft against what they considered unco-
operative regimes in the post-Soviet rim. And the lessons learned during the Estonian
affair were apparently applied as part of Russia’s involvement in the Georgian war in
August 2008.93 Essentially, in response to Georgia’s attack against South Ossetia,
Russian forces invaded Georgia and practically subdued it within a matter of days.
Yet even before the first bullet was fired, the Kremlin decided to employ a pre-
emptive strategic disruptive cyber attack.94
In mid July, several cyberattacks were waged against Georgian websites and two
weeks later a second wave of cyberattacks on Georgian targets was detected. A few
days into the war, the vast majority of Georgian government websites were not func-
tioning; in effect, the Georgian government was, as one study asserted, ‘cyber-
locked’, without viable access to the internet and to its state-run agencies including
the National Bank of Georgia.95 No less important, the Georgian government was
unable to communicate with the citizens or conduct its own retaliatory IW against
Russia.96 Fortunately for Georgia, and unlike in the Estonian case, critical infrastruc-
ture such as the electrical power grid is far less modernized and consequently more
difficult to damage by using ICT-based capabilities.97
In February 2010, Russian president Dmitry Medvedev approved the new Mili-
tary Doctrine of the Russian Federation where some key references to the use of
cyber warfare as an instrumental offensive military capability can be clearly
observed. For example, when dealing with the features of modern military conflicts,
the document states that such one trait, from Russia’s perspective, is the ‘. . . early
conduct [of] information warfare activities to achieve political objectives without
the use of military force, and subsequently – in the interest of creating a favorable
reaction of the international community – to use military force’. And when referring
to Russian future acquisition plans for the armed forces, the doctrine highlights that a
key task involves the ‘. . . development of the forces and means of information
warfare’.98
52 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
In early 2012 the Russian Ministry of Defense revealed the Kremlin’s cyber strat-
egy under the title Conceptual Views Regarding the Activity of the Armed Forces of
the Russian Federation in the Information Space. It refrains from referring to offen-
sive cyber warfare, but it does address issues pertaining to control, prevention, and
solution of cyber conflicts. The document acknowledges the right of Russia to
employ counteroffensive cyber warfare: ‘The escalation of a conflict in the cyber-
space and its turn into a crisis gives the right to an individual or collective self-
defense and the use of any means necessary that do not contradict the universally
accepted norms and the principles of international law’.99 Based on Russia’s past be-
haviour and the recent proclamation of its cyber strategy, it appears that Moscow may
be more than willing to use different forms of cyber warfare should political needs
emerge.
NATO Cyber Posture
Thus far, our empirical description has exclusively focused on state actors, but since
NATO plays such a major role in the contemporary security environment it seems
that examining the way it relates to cyber warfare will present a more accurate
account for our purposes. Interestingly enough, despite NATO’s transparency on
the whole, there is very little access to the more operational and sometimes technical
aspects of the Alliance’s cyber strategy. Nevertheless, from the available materials
we can identify NATO’s defensive approach to cyber warfare and cyber security.100
Originally, NATO was not only established to address the Soviet threat in Europe.
Lord Ismay, NATO’s first Secretary General, contended that its objectives were to
keep ‘the Russians out, the Germans down, and the Americans in’.101 After the
Cold War had ended and the Soviet Union collapsed, NATO had to reinvent itself
and identify new objectives in order to preserve its relevance and mere existence.
The multiplicity of political and military goals combined with the willingness of
its member states enabled NATO to successfully overcome this transitional period
and undergo a process of remarkable institutional change that resulted in a
renewed transatlantic mandate to develop new mechanisms and strategies in order
to cope with the changing security environment.102
The treatment of cyber warfare as part of NATO’s evolving security concerns
became decidedly evident in the early 2000s. Unlike the United States, China, or
Russia, who were individually concerned with cyber warfare of various kinds and
for different reasons as described earlier, throughout the 1990s NATO was primarily
focused on its internal restructuring, the expansion eastwards to include Poland,
Hungary, and the Czech Republic, and, of course, militarily operating in the
Balkans following the disintegration of Yugoslavia.103
The 1999 Strategic Concept declared that ‘[s]tate and non-state adversaries may
try to exploit the Alliance’s growing reliance on information systems through infor-
mation operations designed to disrupt such systems. They may attempt to use strat-
egies of this kind to counter NATO’s superiority in traditional weaponry’.104 Yet
the first explicit reference to cyber warfare was actually made in November 2002
during NATO’s Prague summit, when it was declared that the member countries
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 53
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
decided to ‘. . . strengthen our capabilities to defend against cyber attacks’.105 One
operative outcome was the establishment of NATO’s Computer Incident
Response Capability (NCIRC), which was charged with the task of protecting
ICT infrastructure and networks from unauthorized intrusion for espionage purposes
or attempts to infect them with viruses. But this was a rather technical organ lacking
any long-term military planning capacity, a feature that did not change significantly
even following NATO’s summit in Riga in November 2006 which further called
for developing cyber-deterrence capabilities and doctrines. Russian cyberattacks
against Estonia in 2007 explicated NATO’s military, infrastructural, and political
weaknesses in the face of this new form of security threat, but the response as articu-
lated by NATO’s defence ministers was remarkably protective, arguing that ‘[u]rgent
work is needed to enhance the ability to protect information systems of critical
importance’.106
In early 2008 it was reported that NATO officials further debated the need to
protect the Alliance’s assets against future cyberattacks, claiming that ‘[c]yber
defence is now mentioned at the highest level along with missile defence and
energy security’.107 While the attacks against Estonia did not result in the application
of the collective security clause of the treaty, it did trigger a prompt institutional
response. In January the Policy on Cyber Defence was presented and approved.
During the Bucharest summit in April, the Cyber Defense Management Authority
(CDMA) and the Cooperative Cyber Defense Center of Excellence (CCDCOE)
were established. Whereas the CDMA was entrusted with overseeing NATO’s
cyber defence efforts and providing guidance and assistance to the member countries
in case of cyber-related crises, the CCDCOE, located in Estonia, was designed ‘. . . to
enhance the capability, cooperation and information sharing among NATO, NATO
nations and partners in cyber defence by virtue of education, research and develop-
ment, lessons learned and consultation’.108
Both agencies represent a highly defensive reaction to NATO’s security chal-
lenges involving cyber warfare. As the Bucharest summit declaration proclaimed,
the official cyber policy ‘. . . emphasizes the need for NATO and nations to protect
key information systems in accordance with their respective responsibilities; share
best practices; and provide a capability to assist Allied nations, upon request, to
counter a cyber attack’.109 Yet Russia’s continued use of cyber warfare during the
war in Georgia highlighted its escalatory nature and the possible negative impli-
cations on conventional military conflicts. In April 2009, as part of the Declaration
on Alliance Security, NATO moved further to identify cyberattacks alongside terror-
ism and the proliferation of weapons of mass destruction (WMD) as the key global
threats to member states and the international community.110
But the major breakthrough in NATO strategic thinking regarding cyber warfare,
which went beyond the strictly technical aspect of network protection, occurred
during mid 2010. A team of leading experts in matters of security, headed by
former American Secretary of State Madeleine Albright, was asked to prepare a pre-
liminary report to be used as a basis for NATO’s new Strategic Concept. According to
this report, entitled NATO 2020: Assured Security; Dynamic Engagement and sub-
mitted in May:
54 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
The next significant attack on the Alliance may well come down a fibre [sic]
optic cable. Already, cyber attacks against NATO systems occur frequently,
but most often below the threshold of political concern. However, the risk of
a large-scale attack on NATO’s command and control systems or energy
grids could readily warrant consultations under Article 4 and could possibly
lead to collective defence measures under Article 5. Effective cyber defence
requires the means to prevent, detect, respond to, and recover from attacks.111
Still, the recommendations reflected the defensive posture that was already advo-
cated and implemented thus far by NATO. Furthermore, and extremely relevant to
the Alliance’s strategic planners, the Albright Commission was reluctant to engage
the question of whether cyberattacks against NATO member states would constitute
a direct act of aggression that would trigger the collective security clause. Instead, it
defined a rather ambiguous principle according to which such a decision must be
made considering ‘. . . the nature, source, scope, and other aspects of the particular
security challenge’.112 The same defensive reasoning can be observed in the
ensuing final version of the Strategic Concept adopted at the Lisbon summit six
months later. In the words of the document, NATO will:
develop further our ability to prevent, detect, defend against and recover from
cyberattacks, including by using the NATO planning process to enhance and
coordinate national cyber-defence capabilities, bringing all NATO bodies
under centralized cyber protection, and better integrating NATO cyber aware-
ness, warning and response with member nations.113
Yet again, the numerous references to cyber warfare as a security threat were
extremely narrow to include at best espionage, hacking, or disruption and there
was no discussion about the possibility to conduct pre-emptive or retaliatory cyber
warfare.114 In fact, Stephane Abrial, commander of Allied Command Transformation
(ACT) responsible for leading the Alliance’s transformation of capabilities and
forces, was against defining the Strategic Concept’s notion of ‘in-depth cyberdefense’
as a ‘military-only, or even a military-centric, strategy’. Instead, Abrial focuses on
NATO’s ‘permanent mission [which] involves countering the daily attempts made
by hackers to break into our systems, which are by necessity interconnected,
making a weakness in one country’s systems a weakness in all’.115 Other key
NATO officials, including General Secretary Anders Fogh Rasmussen, continued
to conceptualize cyber warfare in defensive terms, arguing that recent cyberattacks
‘. . . increased the urgency to strengthen cyber defences not only at NATO, but
across the Alliance as a whole’. There is no public discourse involving NATO offi-
cials that suggests treating cyber capabilities as an offensive feature of the Alliance’s
cyber strategy. The most proactive proposal to date was the option to dispatch
NATO’s cyber Rapid Reaction Teams in order to assist member countries suffering
from cyberattacks, or ‘incidents’ as Rasmussen calls them, should they ask for such
assistance.116
It appears that NATO is focused on prevention of attacks on its institutional assets
and member countries rather than initiating cyberattacks against others. As the
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 55
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
American representative to the CCDCOE concluded, when it comes to NATO, its
major contribution to cyber defence will probably involve eroding the ‘. . . hacker’s
greatest advantages – anonymity’.117 NATO’s strategic thinking will continue to
utilize its pooled capabilities in order to promote defensive solutions to cyber
warfare of various kinds and it will continue to treat it as a threat rather than as an
offensive feature to be proactively utilized.
Conclusions
Cyber warfare has become the latest buzzword in security studies, but some analysts
downplay its importance for both policymakers and military strategists, calling it a
‘distracting and nonsensical’ term.118 Yet while other observers also treat it as a com-
plimentary aspect of modern warfare, they nonetheless underline its unique features,
as Lynn publicly did:
The cyberthreat does not involve the existential implications ushered in by the
nuclear age, but there are important similarities. Cyberattacks offer a means for
potential adversaries to overcome overwhelming US advantages in convention-
al military power and to do so in ways that are instantaneous and exceedingly
hard to trace.119
The article initially identified the conceptual factors that determine the offensive
or defensive nature of certain military technologies. Then it adjusted these elements
in order to fit the information age and its a-territorial nature. Instead of evaluating
strategic orientation by traditional Offense-Defensive characteristics like mobility
and firepower, the cyber Offense-Defense balance is better assessed for its techno-
logical versatility and byte power; the capacity to attack an enemy’s assets on differ-
ent levels (strategic, operative, and tactical), and the degree of destruction that can be
inflicted on enemy assets at each of these levels.
The article then turned to evaluate the practical influence of cyber warfare on
policy and behaviour. The American case, while perhaps being the less confronta-
tional since there was no report of meaningful offensive American use of cyber capa-
bilities against a foreign country or since the United States is able to avoid any direct
attribution,120 was the most documented and comprehensive from an institutional/organizational perspective. The intellectual evolutionary process pursued by officials
in the military and civil branches of government is still ongoing, and the United States
is far from having a comprehensive cyber strategy. The creation of USCYBERCOM
is a significant step, but it is certainly not enough since apparently there is still no
highly structured and comprehensive ideational, institutional, and operational
outline for American cyber warfare and cyber defence.121
The case of China is similar in its ambiguity, but for different reasons. Unlike the
United States, Beijing is rather secretive in treating its cyber posture just as it is gen-
erally reluctant to fully expose its military apparatus, causing American policy-
makers, military officials, and legislators to repeatedly criticize China’s lack of
transparency in matters related to its defence budget and the People’s Liberation
Army (PLA)’s modernization.122 Nevertheless, the evidence suggests that China
56 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
not only has a very clear vision for its cyber posture as part of the country’s wider
military and technological modernization process, but it is also willing to use these
capabilities in order to erode American military advantage. While Beijing is allegedly
more interested in cyber espionage in order to obtain secret and up-to-date infor-
mation about American capabilities and critical infrastructure, it will probably not
shy away from using the same technology in order to curtail certain American
assets, primarily non-combative ones (electric power plants etc.) and this may indi-
cate that future Sino-American armed conflict will be augmented with vigorous
cyber warfare.123 As a recent report submitted to Congress asserted, China’s
history of cyber warfare and its growing integration into the country’s military strat-
egy ‘suggests that the PLA may strike with Computer Network Operations (CNOs)
and Electronic Warfare (EW) weapons in the opening phases of a conflict to
degrade enemy information systems rather than attempt a traditional force-on-force
attack directly where the PLA is at a disadvantage against more technologically
advanced countries like the US’.124
The Russian case seemingly presents a better opportunity to observe the influence
of cyber warfare on decisions of war and peace. From the empirical record it is
evident that Russia explicitly used its cyber capabilities in both the Estonian and
Georgian incidents, even if Moscow also used by-proxy entities for that
purpose.125 The first incident was, of course, more of a diplomatic manoeuvre in
order to curb Estonia’s anti-Russian attitudes as the Kremlin perceived the matter.
There was classical Soviet-era use of Russian ‘political activists’ in order to encou-
rage street unrest and orchestrated anti-government protests, but there was also the
use of cyber warfare in order to paralyse then Estonian banking system and other
key government agencies. Thus, one should treat this episode as an experiment in uti-
lizing cyber capabilities in order to obtain certain political means. As the case of the
Georgian war illustrated, this time cyber warfare was an integral, if not a decisive,
part of the policymaking process and the military activities aimed at subduing the
‘defiant’ Saakashvili administration. Clearly, the conventional dimension of the con-
flict was predominant, mainly due to the technological profile of Georgia’s critical
infrastructure, but the Russian use of cyberattacks hampered Georgian domestic
vital communications between different branches of the government and completely
prevented any Georgian IW counterattack.126
NATO’s cyber posture reflects the Alliance’s historical defensive raison d’etre
that was articulated during the Cold War and reaffirmed following its end. For
NATO officials, cyber warfare relates primarily to attempts by foreign actors to pene-
trate the organization’s computer and information networks in order to retrieve con-
fidential data. They are deeply reluctant to widen their approach to define such attacks
as a cause for triggering the collective security clause of the treaty. Hence when
Estonia was under Russian cyberattack, the most that NATO was able to offer
Tallinn was technical assistance in reactivating and protecting its ICT networks
from future attacks. Furthermore, even amid the Albright Commission’s call to
devise and implement a comprehensive cyber strategy, the institutional response
was minor and essentially focused on network protection rather than explicit cyber
deterrence, let alone an offensive reorientation.
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 57
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
The use of cyber capabilities makes a difference for policymakers since it allows
them to minimize the risks of taking certain offensive actions and it is a relatively
effective low-cost alternative, as the Israeli attack on Syria suggests, and it will
become more common in the future. Cyber warfare, like all other forms of combat,
is a political expression nonetheless in that there is a need for a conscious decision
to apply it in order to achieve certain objectives. In the cases reviewed in this
article, cyber capabilities were used selectively and in different intensities, as illus-
trated by the American reluctance to use pre-emptive cyber warfare against Libya.
Hence future research should look at the way cyber warfare is prioritized over con-
ventional/kinetic options in order to elucidate the conditions under which policy-
makers will prefer the former over the latter and vice versa. Furthermore, such
studies should empirically appraise how integral cyber warfare has become at the
strategic, operative, and tactical levels.
Overall, cyber warfare is becoming an accepted military expedient since it allows
leaders to achieve their political objectives with much less risk in the short term, even
if in the long term it may actually lead to ‘non-cyber’ escalation.127 Prussian strategist
and military thinker Carl von Clausewitz wrote long ago that ‘. . . a prince or a general
can best demonstrate his genius by managing a campaign exactly to suit his objectives
and his resources, doing neither too much nor too little’.128 Cyber warfare allows pol-
icymakers and the military to do exactly that, and with additional adjustments realism
can help to better explain the process even if there is more work to be done in pursuit
of this goal.
A C K N O W L E D G E M E N T S
An earlier version of this article was presented at the annual meeting of the Israeli Association for Inter-national Studies (IAIS), Herzliya, 25 December 2011. The author would like to thank Chaka Ferguson,Keir Lieber, the anonymous reviewers for CSP, and Aaron Karp for their invaluable comments andsuggestions.
N O T E S
1. See, for example, David E. Sanger and Mark Mazzetti, ‘Israel Struck Syrian Nuclear Project, AnalystsSay’, New York Times, 14 October 2007. Former American president George Bush testified in hismemoirs that it was Israel that attacked the suspected Syrian nuclear facility. See GeorgeW. Bush, Decision Points (New York: Crown Publishers, 2010), pp. 421–2.
2. David A. Fulghum, Robert Wall, and Amy Butler, ‘Cyber-Combat’s First Shot’, Aviation Week &Space Technology, Vol. 167, No. 21 (November 2007), p. 28.
3. Athina Karatzogiann, The Politics of Cyberconflict (London: Routledge, 2006), p. 94.4. Johan Eriksson and Giampiero Giacomello, ‘The Information Revolution, Security, and International
Relations: (IR)relevant Theory?’, International Political Science Review, Vol. 27, No. 3 (July 2006),p. 229.
5. E. Anders Eriksson, ‘Information Warfare: Hype or Reality?’, The Nonproliferation Review, Vol. 6,No. 3 (Spring–Summer 1999), pp. 57–64.
6. For a similar definition, see Charles Billo and Welton Chang, Cyber Warfare: An Analysis of theMeans and Motivations of Selected Nation States (Hanover, NH: Institute for Security TechnologyStudies, 2004), p. 140.
7. Myriam Dunn Cavelty, ‘Cyberwar’, in George Kassimeris and John D. Buckle (eds), The AshgateResearch Companion to Modern Warfare (Farnham, UK: Ashgate, 2010), p. 125. For a broad
58 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
theoretical treatment of cyber warfare, see Johan Eriksson and Giampiero Giacomello (eds), Inter-national Relations and Security in the Digital Age (London: Routledge, 2007).
8. Jack Donnelly, Realism and International Relations (Cambridge: Cambridge University Press, 2000),p. 1.
9. Keir A. Lieber, War and the Engineers: The Primacy of Politics over Technology (Ithaca, NY:Cornell University Press, 2005), p. 1.
10. Richard J. Harknett, John P. Callaghan, and Rudi Kauffman, ‘Leaving Deterrence Behind: War-Fighting and National Cybersecurity’, Journal of Homeland Security & Emergency Management,Vol. 7, No. 1 (2010), pp. 1–24. On American cyber deterrence, see Tim Stevens, ‘A Cyberwar ofIdeas? Deterrence and Norms in Cyberspace’, Contemporary Security Policy, Vol. 33, No. 1(April 2012), pp. 148–70.
11. John B. Sheldon, ‘Deciphering Cyberpower: Strategic Purpose in Peace and War’, Strategic StudiesQuarterly, Vol. 5, No. 2 (Summer 2011), pp. 95–112; Richard Clarke, ‘War from Cyberspace’, TheNational Interest, Vol. 104 (November/December 2009), pp. 31–6.
12. Stephen Van Evera, Causes of War: Power and the Roots of Conflict (Ithaca, NY: Cornell UniversityPress, 1999), pp. 116–19.
13. See, respectively, Robert Jervis, ‘Cooperation under the Security Dilemma’, World Politics, Vol. 30,No. 2 (January 1978), p. 187; George H. Quester, Offense and Defense in the International System(New York: John Wiley, 1977), p. 7. The theory was elaborated in Van Evera, Causes of War(note 12), ch. 6.
14. See, for example, Yoav Gortzak, Yoram Z. Haftel, and Kevin Sweeney, ‘Offense-DefenseTheory: An Empirical Assessment’, Journal of Conflict Resolution, Vol. 49, No. 1 (February 2005),pp. 67–89; Jack S. Levy, ‘The Offensive/Defensive Balance of Military Technology: ATheoretical and Historical Analysis’, International Studies Quarterly, Vol. 28, No. 2 (June 1984),pp. 219–38; Keir A. Lieber, ‘The New History of World War I and What it Means for InternationalRelations Theory’, International Security , Vol. 32, No. 2 (Fall 2007), pp. 155–91; Jonathan Shim-shoni, ‘Technology, Military Advantage, and World War I: A Case for Military Entrepreneurship’,International Security, Vol. 15, No. 3 (Winter 1990/1991), pp. 187–215.
15. For an excellent attempt, see Sean Lynn-Jones, ‘Offense-Defense Theory and its Critics’, SecurityStudies, Vol. 4, No. 4 (Summer 1995), pp. 660–91. For a more recent effort, see Karen RuthAdams, ‘Attack and Conquer? International Anarchy and the Offense-Defense-DeterrenceBalance’, International Security, Vol. 28, No. 3 (Winter 2003/2004), pp. 45–83.
16. Charles L. Glaser and Chaim Kaufmann, ‘What is the Offense-Defense Balance and Can We Measureit?’, International Security, Vol. 22, No. 4 (Spring 1998), p. 50. See also Lynn-Jones, ‘Offense-Defense Theory and its Critics’ (note 15), p. 665.
17. On the ‘steps-to-war’ model, see for example Paul Senese and John A. Vasquez, Steps to War : AnEmpirical Study (Princeton, NJ: Princeton University Press, 2008).
18. Richard Clarke and Robert K. Knake, Cyber War: The Next Threat to National Security and What toDo About It (New York: Harper Collins, 2010), p. 69.
19. James Adams, ‘Virtual Defense’, Foreign Affairs, Vol. 80, No. 3 (May/June 2001), p. 98. See alsoStephen J. Cimbala, Military Persuasion in War and Policy: The Power of Soft (Westport, CN:Praeger, 2002), p. 203.
20. John Arquilla, ‘The Strategic Implications of Information Dominance’, Strategic Review, Vol. 22,No. 2 (Summer 1994), pp. 25–6.
21. William J. Lynn, ‘Defending a New Domain: The Pentagon’s Cyberstrategy’, Foreign Affairs, Vol.89, No. 5 (September/October 2010), p. 98.
22. Ibid. , p. 99. See also David M. Hollis, ‘CYBERCOM: The Need for a Combatant Command versusSubunified Command’, Joint Forces Quarterly, Vol. 58, No. 3 (July 2010), p. 49.
23. Kier A. Lieber, ‘Grasping the Technological Peace: The Offense-Defense Balance and InternationalSecurity’, International Security, Vol. 25, No. 1 (Summer 2000), pp. 78–80; Levy, ‘The Offensive/Defensive Balance’ (note 14), p. 225. For a similar but not identical definition, see Adams, ‘Attackand Conquer?’ (note 15), pp. 54–9.
24. For a different yet useful categorization, see Matt Bishop and Emily O. Goldman, ‘TheStrategy and Tactics of Information Warfare’, in Emily O. Goldman (ed.), National Securityin the Information Age (London: Frank Cass, 2004), pp. 101–25; David J. Betz and TimStevens, Cyberspace and the State: Toward a Strategy for Cyber-Power (London: Routledge,2011), ch. 3.
25. Stephen Van Evera, ‘Offense/Defense Dominance’, in Keith Dowding (ed.), Encyclopedia of Power(Thousand Oaks, CA: Sage, 2011), p. 457.
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 59
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
26. See, for example, US Marine Corps, Information Operations: MCWP 3-36 (Washington, DC: Depart-ment of the Navy, February 2001).
27. See Ted G. Lewis, Critical Infrastructure Protection in Homeland Security: Defending a NetworkedNation (Hoboken, NJ: John Wiley, 2006).
28. Greg Rattray, Strategic Warfare in Cyberspace (Cambridge, MA: MIT Press, 2001), pp. 101–12.29. On strategic and operational cyberwar, see Martin C. Libicki, Cyberdeterrence and Cyberwar (Santa
Barbara, CA: Rand, 2009), chs. 6, 7.30. See, for example, Office of the Chairman of the Joint Chiefs of Staff, Joint Doctrine for
Information Operations, JP 3-13 (Washington, DC: Office of the Chairman of the Joint Chiefs ofStaff, 1998), p. I-2.
31. Stephen Biddle, ‘Rebuilding the Foundations of Offense-Defense Theory’, The Journal of Politics,Vol. 63, No. 3 (August 2001), p. 745.
32. Glaser and Kaufmann, ‘What is the Offense-Defense Balance’ (note 16), p. 64.33. This is directly related to the problem of attribution. See Susan W. Brenner, Cyberthreats: The Emer-
ging Fault Lines of the Nation State (New York: Oxford University Press, 2009).34. Sheldon, ‘Deciphering Cyberpower’ (note 11), pp. 99–100.35. Lieber, War and the Engineers (note 9), pp. 2–3.36. On NATO’s experience, see David C. Gompert, Richard L. Kugler, and Martin C. Libick, Mind the
Gap: Promoting a Transatlantic Revolution in Military Affairs (Washington, DC: National DefenseUniversity Press, 1999).
37. Dima Adamsky, The Culture of Military Innovation: The Impact of Cultural Factors on the Revolu-tion in Military Affairs in Russia, the US, and Israel (Stanford, CA: Stanford University Press, 2010).
38. Elliot A. Cohen, ‘A Revolution in Warfare’, Foreign Affairs, Vol. 75, No. 2 (March/April 1996),p. 39.
39. See, for example, Alexander Klimburg, ‘Mobilising Cyber Power’, Survival, Vol. 53, No. 1 (Febru-ary/March 2011), pp. 41–60.
40. Paul G. Gillespie, Weapons of Choice: The Development of Precision Guided Munitions (Tuscaloosa:The University of Alabama Press, 2006), ch. 6.
41. Norman Schwarzkopf, It Doesn’t Take a Hero (New York: Bantam Books, 1992), p. 582.42. White House, A National Security Strategy of Engagement and Enlargement (Washington, DC: The
White House, 1995), p. 7.43. For a relatively less alarming account, see George Smith, ‘An Electronic Pearl Harbor? Not Likely’,
Issues in Science and Technology, Vol. 15, No. 1 (Fall 1998), pp. 72–3.44. John Arquilla and David Ronfeldt, ‘Need for Networked, High-Tech Cyberwar’, Los Angeles Times ,
20 June 1999.45. Anthony H. Cordesman and Justin G. Cordesman, Cyber-Threats, Information Warfare, and Critical
Infrastructure Protection: Defending the U.S. Homeland (Westport, CT: Praeger, 2002), pp. 37–8.46. Cavelty, ‘Cyberwar’ (note 7), pp. 134–5.47. Bradley Graham, ‘Bush Orders Guidelines for Cyber-Warfare’, The Washington Post , 7 February
2003.48. See Brian McWilliams, ‘Iraq’s Crash Course in Cyberwar’, Wired, 22 May 2003; Clarke and
Knake, Cyber War (note 18), pp. 9–10.49. Nathan Thornburgh, ‘The Invasion of the Chinese Cyberspies’, Time , 29 August 2005.50. Harknett, Callaghan, and Kauffman, ‘Leaving Deterrence Behind’ (note 10), p. 4.51. White House, National Strategy to Secure Cyberspace (Washington, DC: The White House, 2003),
p. vii.52. Office of the Chairman of the Joint Chiefs of Staff, The National Military Strategy of the United
States of America (Washington, DC: Office of the Chairman of the Joint Chiefs of Staff, 2004),p. 18.
53. Emphasis added. See Office of the Chairman of the Joint Chiefs of Staff, The National Defense Strat-egy of the United States of America (Washington, DC: Office of the Chairman of the Joint Chiefs ofStaff, 2005), p. 3.
54. Emphasis added. See Department of Defense, National Military Strategy for Cyberspace Operations(Washington, DC: Department of Defense, 2006), pp. 1, 10.
55. Keith B. Alexander, ‘Warfighting in Cyberspace’, Joint Force Quarterly, Vol. 46, No. 3 (July 2007),p. 59.
56. Ellen Nakashima, ‘Bush Order Expands Network Monitoring’, Washington Post, 26 January 2008.57. White House, Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Com-
munications Infrastructure (Washington, DC: White House, 2009).
60 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
58. Spencer S. Hsu, ‘A Pentagon Cyber-Command is in the Works’, Washington Post, 22 April 2009.59. Peter Beaumont, ‘U.S. Appoints First Cyber Warfare General’, Guardian, 23 May 2010.60. David E. Sanger and Elisabeth Bumiller, ‘Pentagon to Consider Cyberattacks Acts of War’, New York
Times, 31 May 2011.61. Eric Schmitt and Thom Shanker, ‘U.S. Debated Cyberwarfare in Attack Plan on Libya’, New York
Times, 17 October 2011.62. White House, International Strategy for Cyberspace: Prosperity, Security, and Openness in a Net-
worked World (Washington, DC: White House, 2011), p. 14.63. Thom Shanker, ‘U.S. Weighs Its Strategy on Warfare in Cyberspace’, New York Times, 18 October
2011.64. Ji You, The Armed Forces of China (New York: I.B. Tauris, 1999), p. 2.65. David Shambaugh, Modernizing China’s Military : Progress , Problems, and Prospects (Berkeley,
CA: University of California Press, 2003), ch. 1.66. Timothy Walton, ‘Treble Spyglass, Treble Spear? China’s Three Warfares’, Defense Concepts, Vol.
4, No. 4 (December 2009), p. 50.67. Ming Wan, Human Rights in Chinese Foreign Relations: Defining and Defending National Interests
(Philadelphia, PA: University of Pennsylvania Press, 2001), pp. 42–3.68. Avery Goldstein, Rising to Challenge: China’s Grand Strategy and International Security (Stanford,
CA: Stanford University Press, 2005), p. 2.69. Allen S. Whiting, ‘The PLA and China’s Threat Perceptions’, The China Quarterly , No. 146 (June
1996), pp. 607–8.70. David M. Lampton, Same Bed, Different Dreams: Managing US–China Relations, 1989–2000 (Ber-
keley, CA: University of California Press, 2001), p. 73.71. Ross H. Munro, ‘Eavesdropping on the Chinese Military: Where it Expects War, Where it Doesn’t’,
Orbis, Vol. 38, No. 3 (Summer 1994), p. 360.72. Ding Henggao, ‘Reforming Defense Science, Technology, and Industry’, in Michael Pillsbury (ed.),
Chinese Views of Future Warfare (Washington, DC: National Defense University, 1997), p. 156.73. For a detailed account of the Chinese treatment of ICT and information warfare during the 1990s, see
James C. Mulvenon and Richard H. Yang, The People’s Liberation Army in the Information Age(Santa Barbara, CA: Rand, 1999), ch. 9.
74. Reprinted as Weng Pufang, ‘The Challenge of Information Warfare’, in Michael Pillsbury (ed.),Chinese Views of Future Warfare (Washington, DC: National Defense University, 1997), p. 319.
75. US Congress, Report to Congress of the US–China Economic and Security Review Commission(Washington, DC: Government Printing Office, 2009), p. 172.
76. Clarke and Knake, Cyber War (note 18), p. 58; Hamish McDonald, ‘Beijing Spies a Useful Friend inCastro’, The Age , 27 February 2003.
77. Tai Ming Cheung, ‘Modernizing the People’s Liberation Army: Aims and Implications’, in ShaunBreslin (ed.), Handbook of China’s International Relations (London: Routledge, 2010), p. 125.
78. Shane Harris, ‘China’s Cyber-Militia’, National Journal Magazine , 31 May 2008.79. Jason Fritz, ‘How China Will Use Cyber Warfare to Leapfrog in Military Competitiveness’, Culture
Mandala, Vol. 8, No. 1 (October 2008), p. 33; Ashley J. Tellis, ‘China’s Military Space Strategy’,Survival, Vol. 49, No. 3 (Autumn 2007), pp. 41–72.
80. Magnus Hjortdal, ‘China’s Use of Cyber Warfare: Espionage Meets Strategic Deterrence’, Journal ofStrategic Security, Vol. 4, No. 2 (2011), pp. 1–24. On China’s asymmetric strategy in the context ofTaiwan, see Thomas J. Christensen, ‘Posing Problems without Catching Up: China’s Rise and Chal-lenges for US Security Policy’, International Security, Vol. 25, No. 4 (Spring 2001), pp. 5–40.
81. Information Office of the State Council, China’s National Defense in 2000 (Beijing: InformationOffice of the State Council of the People’s Republic of China, 2000).
82. Office of the Secretary of Defense, Annual Report to Congress: Military Power of the People’sRepublic of China 2007 (Washington, DC: Office of the Secretary of Defense, 2007), p. 22. For anexcellent review of the institutional structure of these units, see Deepak Sharma, ‘IntegratedNetwork Electronic Warfare: China’s New Concept of Information Warfare’, Journal of DefenceStudies, Vol. 4, No. 2 (April 2010), pp. 37–40.
83. Information Office of the State Council, China’s National Defense in 2008 (Beijing: InformationOffice of the State Council of the People’s Republic of China, 2009, pp. 60–62).
84. See, for example, Rod Thorntonx, Asymmetric Warfare: Threat and Response in the Twenty-FirstCentury (Cambridge: Polity Press, 2007), pp. 62–3.
85. Andrei Kozyrev, ‘Russia: A Chance for Survival’, Foreign Affairs, Vol. 71, No. 2 (Spring 1992),p. 13.
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 61
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
86. Zoltan Barany, Democratic Breakdown and the Decline of the Russian Military (Princeton, NJ: Prin-ceton University Press, 2007), p. 71. For an excellent description of the root causes of the conflict andRussian military failure, see respectively John B. Dunlop, Russia Confronts Chechnya: Roots of aSeparatist Conflict (Cambridge: Cambridge University Press, 1998); Anatol Lieven, Chechnya:Tombstone of Russian Power (New Haven, CT: Yale University Press, 1997).
87. Alessandra Stanley, ‘Russia’s New Foreign Minister Sets a More Assertive Tone’, New York Times ,13 January 1996.
88. See, for example, Mary C. Fitzgerald, ‘The Russian Image of Future War’, Comparative Strategy,Vol. 13, No. 2 (Spring 1994), pp. 167–80; Lester W. Grau and Timothy L. Thomas, ‘A RussianView of Future War: Theory and Direction’, Journal of Slavic Military Studies, Vol. 9, No. 3 (Sep-tember 1996), pp. 508–11.
89. Graeme P. Herd, ‘The “Counter-Terrorist Operation” in Chechnya: “Information Warfare” Aspects’,Journal of Slavic Military Studies, Vol. 13, No. 4 (December 2000), pp. 57–83.
90. Stephen Blank, ‘Web War I: Is Europe’s First Information War a New Kind of War?’, ComparativeStrategy, Vol. 27, No. 3 (May 2008), pp. 227–47. On the attribution problem during the Estonianepisode, see Gadi Evron, ‘Battling Botnets and Online Mobs: Estonia’s Defense Efforts during the Inter-net War’, Georgetown Journal of International Affairs, Vol. 9, No. 1 (Winter/Spring 2008), p. 123.
91. Duncan B. Hollis, ‘Rules of Cyberwar?’, Los Angeles Times , 8 October 2007.92. Mark Landler and John Markoff, ‘Digital Fears Emerge After Data Siege in Estonia’, New York Times ,
29 May 2007; Peter Finn, ‘Cyber Assaults on Estonia Typify a New Battle Tactic’, Washington Post , 19May 2007.
93. For a comprehensive review of the conflict, see Svante Cornell and Frederick Starr (eds), The Guns ofAugust: Russia’s War in Georgia (Armonk, NY: M.E. Sharp, 2009).
94. For the official Georgian version of this aspect of the war, see Government of Georgia, Russian Inva-sion of Georgia: Russian Cyberwar on Georgia (November 2008).
95. Stephen W. Korns and Joshua E. Kastenberg, ‘Georgia’s Cyber Left Hook’, Parameters, Vol. 38, No.4 (Winter 2008/2009), p. 60. See also John Markoff, ‘Before the Gunfire, Cyberattacks’, New YorkTimes, 12 August 2008.
96. Kim Hart, ‘Longtime Battle Lines Are Recast in Russia and Georgia’s Cyber War’, Washington Post ,14 August 2008.
97. Siobhan Gorman, ‘Georgia States Computers Hit by Cyberattack’, Wall Street Journal , 12 August2008.
98. For the full version of the doctrine, see http://news.kremlin.ru/ref_notes/461 (accessed 5 December2011). For an excellent analysis of the doctrine, see Stephen J. Blank (ed.), Russian Military Politicsand Russia’s 2010 Defense Doctrine (Carlisle, PA: Strategic Studies Institute, 2011).
99. The full document is available online at http://www.ens.mil.ru/science/publications/more.htm?id=10845074@cmsArticle#3.2.
100. Myriam Dunn Cavelty, ‘Cyber-Allies: Strengths and Weaknesses of NATO’s Cyberdefense Posture’,IP Global Edition, Vol. 12, No. 3 (April 2011), p. 13.
101. Quoted in Rajan Menon, ‘The End of Alliances’, World Policy Journal, Vol. 20, No. 2 (Summer2003), p. 2.
102. Celeste A. Wallander, ‘Institutional Assets and Adaptability: NATO after the Cold War’, Inter-national Organization, Vol. 54, No. 4 (Autumn 2000), pp. 705–35.
103. Ivan Dinev Ivanov, Transforming NATO: New Allies, Missions, and Capabilities (Lanham, MD: Lex-ington Books, 2011).
104. NATO, The Alliance’s Strategic Concept (Brussels: North Atlantic Treaty Organization, 24 April1999).
105. NATO, Prague Summit Declaration (Brussels: North Atlantic Treaty Organization, 21 November2002).
106. Jim Michaels, ‘NATO Mulling Safety against Cyberattacks’, USA Today , 15 June 2007.107. Bobbie Johnson, ‘NATO Says Cyber Warfare Poses as Great a Threat as a Missile Attack’, Guardian ,
6 March 2008.108. Mission and Vision , available online at http://www.ccdcoe.org/.109. NATO, Bucharest Summit Declaration (Brussels: North Atlantic Treaty Organization, 3 April 2008).110. NATO, Declaration on Alliance Security (Brussels: North Atlantic Treaty Organization, 4 April
2009).111. NATO, NATO 2020: Assured Security; Dynamic Engagement: Analysis and Recommendations of the
Group of Experts on a New Strategic Concept for NATO (Brussels: NATO Public Diplomacy Div-ision, 2010), p. 45.
62 CONTEMPORARY SECURITY POLICY
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4
112. Ibid ., p. 20.113. NATO, Active Engagement, Modern Defence: Strategic Concept for the Defence and Security of the
Members of the North Atlantic Treaty Organization (Brussels: NATO Public Diplomacy Division,2010), pp. 16–17.
114. Eneken Tikk, ‘Global Cybersecurity – Thinking about the Niche for NATO’, SAIS Review, Vol. 30,No. 2 (Summer/Fall 2010), p. 113.
115. Stephane Abrial, ‘NATO Builds its Cyberdefenses’, New York Times , 27 February 2011.116. NATO, The Secretary General’s Annual Report 2011 (Brussels: NATO Public Diplomacy Division,
2012), p. 10.117. Kenneth Geers, Strategic Cyber Security (Tallinn, Estonia: CCDCOE Publication, 2011), p. 31.118. David Betz ‘“Cyberwar is Not Coming”’, Infinity Journal, Vol. 3 (Summer 2011), p. 21.119. Lynn, ‘Defending a New Domain’ (note 21), p. 108.120. The exception is the report on American cyberattacks against Iran using a computer program called
Flame. See David E. Sanger, ‘Obama Order Sped Up Wave of Cyberattacks against Iran’, New YorkTimes, 1 June 2012.
121. Franklin D. Kramer, ‘Cyberpower and National Security: Policy Recommendations for a StrategicFramework’, in Franklin D. Kramer, Stuart H. Starr, and Larry K. Wentz (eds), Cyberpower andNational Security (Washington, DC: National Defense University, 2009), pp. 3–23. Former directorof the National Security Agency (NSA) Mike McConnell also noted that ‘[t]he problem is not one ofresources . . . The problem is that we lack a cohesive strategy to meet this challenge’. See MikeMcConnell, ‘How to Win the Cyber-War We’re Losing’, Washington Post , 28 February 2010.
122. Office of the Secretary of Defense, Military and Security Developments Involving the People’sRepublic of China 2011 (Washington, DC: Office of the Secretary of Defense, 2011).
123. James Fallows, ‘Cyber Warriors’, The Atlantic, Vol. 305, No. 2 (March 2010), pp. 58–63.124. Bryan Krekel, Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer
Network Exploitation (McLean, VA: Northrop Grumman Corporation, 2009), p. 23.125. Charles Clover, ‘Kremlin-Backed Group behind Estonia Cyber Blitz’, Financial Times , 11 March
2009.126. Siobhan Gorman and Julian E. Barnes, ‘Cyber Combat: Act of War’, Wall Street Journal, 31 May
2011.127. Libicki, Cyberdeterrence and Cyberwar (note 29), pp. 69–70.128. Carl Von Clausewitz, On War, Michael E. Howard and Peter Paret, ed. and trans. (Princeton, NJ:
Princeton University Press, 1976), p. 134.
CYBER POSTURING AND THE OFFENSE-DEFENSE BALANCE 63
Dow
nloa
ded
by [
Uni
vers
ity o
f Il
linoi
s C
hica
go]
at 1
8:01
21
Oct
ober
201
4