But because the skills needed for offense and defense are similar, military offensive readiness can be maintained by focusing on defensive operations that make the world safer, rather than on. The workshop brought together distinguished researchers from academia and think tanks as well as current and former policymakers in the department of defense dod and the u. Offensive cyber operations and nuclear weapons aws. Nov 19, 2020 the inaugural scoping workshop of the offensive cyber working group brought together senior and early career academics in conversation with those in government and industry to discuss offensive cyber. The need for balancing offensive and defensive cyber operations. In this article, cyber attack refers to the use of.
While the objective of the former is to degrade a network, affecting the. The nature of offensive cyber operations offensive cyber operations in this article refer to computer activities to disrupt, deny, degrade, andor destroy. Toward an ambidextrous framework for offensive cyberspace. Pdf cyber operations denote the response of governments and organisations to cyber crime, terrorism, and warfare. Pentagon goes on the offensive against cyberattacks. Examining each variable in depth shows how this classification system would affect broader changes to u. The strategic promise of offensive cyber operations jstor. For more than a decade, there was no public recognition of this capability. Council of cyberspace, this body coordinates cyberspace policy for the iranian government and coordinates between offensive and defensive cyber operations.
The harvard national security journal is outstanding, and this symposium is an. Offensive cyber operations are increasingly an important part of our na tional defense. This is especially so in comparison to traditional weapon systems. Introduction intellectual property ip and sensitive data theft in the cyber domain poses a threat to the global economy and national security. Making offensive cyber operations a national priority can increase instabilities in international relations and worsen national vulnerabilities to attack. May 08, 2019 nspm, is essentially the process by which the government makes decisions to gain approval for offensive and defensive cyber effects operations, the official said. Nov 04, 2019 offensive cyber operations sit low on the escalation ladderthe figurative scale ranging from diplomatic engagement to allout nuclear warand provide states with means of signaling. Ips and domains attributed to state operations by threat intelligence reports.
Defining offensive cyber operations and escalation escalation, broadly defined, involves some. The past, present, and future of russias cyber strategy. The disparity in cyber capabilities across the alliance, as well as. The rationale for offensive cyber capabilities center for. Naval postgraduate school thesis homeland security. For purposes of this article, the term offensive cyber operations will include military operations and activities in cyberspace for cyber attack against and or cyberexploitation of adversary information systems and networks. Dco are co intended to defend dod or other friendly cyberspace. When greater specificity is needed, the terms cyber attack and cyberexploitation will be used. We commonly distinguish between reconnaissance, intrusion, privilege escalation, and payload.
Finally, we evaluate the implications for us policy making. Public the elements of offensive cyber warfare operations an excerpt mikko jakonen 19th of september 20 2. More radical measures may require a change in the law or parliamentary procedure. All plans will contain sufficient information for the milestone decision authority mda to determine readiness to enter into the. Researchers have been calling for a more transparent discussion on offensive. In march 2016 we held a twoday research workshop on the strategic use of offensive cyber operations. Although the russian military has been slow to embrace cyber for both structural and doctrinal reasons, the kremlin has. Opens new era of warfare, 60 minutes, cbs news 4 march 2012, transcript, s.
The strategic promise of offensive cyber operations. While some states, possessing offensive cyber capabilities, have. The formal document describing the process is classified. To be sure, cyber operations can cause tangible effects, as when the information in question is integral to the operation of devices or equipment that affect the physical world. Offensive cyber working group scoping working report. Defining offensive cyber operations and escalation escalation, broadly defined, involves some meaningful increase in the nature or intensity of a conflict. The harvard national security journal is outstanding, and this symposium is an excellent forum for exploring issues critical to our security. A primer on the proliferation of offensive cyber capabilities. Defensive cyber operations dco and has not yet embraced offensive cyber operations oco 3. Russias cyber posture, nested in russias concept of information warfare, is reflected in the offensive cyber operations launched by russian government departments, whose institutional culture, expertise, and modus operandi have affected and will continue to affect russias cyber signature.
It provides additional information on the basic concepts and control measures associated with the art and science of tactics. It defines offensive cyber operations as activities in cyberspace that manipulate, deny, disrupt, degrade or destroy targeted computers, information systems, or networks. Attacks, for example, could be in support of existing kinetic operations and used in conjunction with other capabilities. Dec 06, 2017 and conducting offensive operations that are also referred to as computer network attack.
The number of adversary groups capable of attacking us networks is large, and our ability to deter each group will vary based on its motives and levels of risk tolerance. She is currently pursuing her phd in the harvard department of government, where her research interests include military innovation and comparative cyberspace doctrine. Lin i ntroduction hostile actions against a computer system or network can take two forms. As noted in the main text of this chapter, ppd20 has also been the subject of news. Introduction thank you for the introduction and for inviting me to the law school to speak at your symposium. For the purposes of this paper, offensive operations are those analogous to computer network attacks cna, as defined by the department of defense,1 and do not include acts of cyber espionage, or computer network exploitation. Nov 20, 2017 cyber weapons and offensive cyber techniques are relatively inexpensive and easily obtained or developed. Cheryl pellerin, new threat center to integrate cyber. We also consider potential alternative or critical responses to each of these logics. On the increasing prominence of offensive cyber operations for the united. On offensive operations in the dod cyber strategy ocos will be conducted in accordance with the laws of war targets of ocos include adversary command and control networks, militaryrelated critical infrastructure, and weapons capabilities. Offensive cyber capabilities at the operational level. Article 100 already provides a waiver for special operations, and this may apply to many offensive cyber operations. Jun 08, 2016 the us first used offensive cyber operations albeit primitive in the second half of the 1990s.
Offensive cyber operations and network exploitation are often conflated in the press, but the two are quite distinct. This article focuses instead on offensive cyber capability, which is the newest segment of. Operations and related programs or activities other than network defense, cyber collection, or dceo conducted by or on behalf of the united states government, in or through cyberspace, that are intended to enable or produce cyber effects outside. The white house authorized the use of offensive cyber weapons to deter foreign adversaries in september with the publication of the department of defenses 2018 cyber strategy. Categorizing and understanding offensive cyber capabilities. Critical infrastructure and offensive cyber operations a call.
From network attacks, maninthe middle attacks, packet sniffing, denial of service attacks ddos, wifi attacks, cyber spoofing. Offensive cyberspace operations opponent could use the data to design and build a cyber weapon to attack u. The offensive cyber operations signal battalion ocosb the current nonattributable network, is provided by 3x national guard cyber protection teams reducing cyber combat power. The need for balancing offensive and defensive cyber. Singer and allan friedman, cyber security and cyber war. Proceedings of a workshop on deterring cyberattacks. Dec 18, 2018 offensive countermeasures presents a unique duality in which such defenses may pres ent a viable cyber deterrent for the united states but may also spark our next conflict. Mar 01, 2010 offense, the paper outlines several key ways to categorize offensive operations. Frank hoffman, hybrid warfare and challenges, joint force quarterly. The process can be associated with any department or agency, although it mostly revolves around dod operations. Legal issues are not discussed further in this paper. Commanders conduct enabling operations as shaping or supporting efforts during decisive action, but they are not primarily offensive, defensive, and stability operations, or defense support of civil authorities tasks. Why cyber operations do not always favor the offense.
Jun 30, 2014 offensive cyberspace operations opponent could use the data to design and build a cyber weapon to attack u. This paper advocates using a three variable approach to classify cyber operations based on the actor, the target, and the effect. The rationale for offensive cyber capabilities center. Mar 01, 2021 technologies aimed at supporting offensive cyber operations, e. Offensive cyber in support of military operations is a civilmilitary partnership. Bertoli has extensive government experience in cyber, electronic warfare, and military tactics. The current state of research in offensive cyberspace operations. In addition to the challenges of secrecy, the technical aspects of cyberspace operations are difficult to grasp for those without technical training. The workshop brought together distinguished researchers from academia and think tanks as well as current and former policymakers in the department of defense dod and. The potential use of offensive cyber operations against nuclear systems will increase the possibility of war in the future and pose an urgent risk due to the vulnerabilities that exist in nuclear infrastructure. Offensive cyber operations and the use of force journal of. Nato member states are starting to talk more openly about the incentives and opportunities to conduct offensive cyber operations for military purposes. Offensive cyber operations use offensive cyber capabilities to achieve objectives in or through cyberspace.
An entity of the supreme council of cyberspace, the ncc is largely concerned with information content and development of internal internet security controls. If preemptive and retaliatory cyber activities become the new norm, 3 achieve and maintain cyberspace superiority. Apr 26, 2019 cyber offense for a number of years, even the idea that the united states government might be interested in offensive operations against other nations in cyberspace was classified. Nation states are developing capabilities to conduct offensive cyber operations. Oco are co intended to project power by the application of force in and through cyberspace.
The disparity in cyber capabilities across the alliance, as well as the highly classified nature of some. Offensive cyber operations may seem promising in deterring adversaries in the short term, but in the longer term they could cause a serious escalation of cyber conflict. Keynote address the developing legal framework for defensive. However, a credible case can be made that they, by contrast to economic cyber intrusions, are more likely to breach sovereignty. Offensive cyber is playing a greater role in conventional russian military operations and may potentially play a role in the future in russias strategic deterrence framework. This report does not provide a definition of offensive cyber or its operations as this was not agreed upon by participants. Abstract this document defines a concept of operations for cyber warfare in targeting, accessing and running operations within allocated information space. She has served in the 82nd airborne division and the 780th military intelligence brigade cyber. An effective cyber deterrence strategy must be multilayered. Lin introduction hostile actions against a computer system or network can take two forms. Fundamentals of cyber conflict stanford university. We have analyzed specific key types of offensive cyber operations in order to provide critical policy recommendations, and to demonstrate the application of our cyber policy methodology. Mar 01, 2017 offensive cyber operations act most directly on intangiblesinformation, knowledge, and confidence.
The tallinn manual on the international law applicable to cyber. Bertolis research areas include the development of advanced electronic warfare ew, computer network operations cno, cyber, and quick reaction capability qrc technologies. The areas of provide and protect are the most mature because our daytoday information technology operations require a secure and functioning cyber domain. Department of defense law of war manual for more information on the law of war. Cyber operations are one element of these debates, although much of the discussion has centered around how best to defend against a growing cyber threat, the. Second, we discuss current efforts by nato to consider and adapt its structure, forces, systems, and processes to prepare itself for integrating cyberspace as an operational domain. This solution uses signal to install, operate, and conduct routine maintenance to this. An example of such a hostile action is erasure by a computer virus resident on the hard disk of any infected computer.
Co missions are categorized as offensive cyberspace operations oco, defensive cyberspace operations dco, and dodin based on their intent. Critical infrastructure and offensive cyber operations a. Sep 16, 20 at present, the defense policy landscape is replete with arguments, many of which are ultimately based in the lack of a common vision among both elites and within the broader population about the role of the u. Forum o c offensive cyber for the joint force commander. Discussion is still limited, but in the last year or two the us has decided to be more open about offensive cyber capabilities. New authorities mean lots of new missions at cyber command. Conceptually, offensive cyber operations offer a source of fires whose. Cyberspace operations collateral damage reality or. Sally white is a cyberspace operations officer in the us army. The potential use of offensive cyber operations against nuclear systems will. The workshop brought together distinguished researchers from academia and think tanks as well as current and former policymakers in the department of defense dod.
In the lexicon of cybersecurity, using or taking advantage of a vulnerability is. Introduction to the special issue on strategic dimensions of. The enormous complexity of modern information technology means that there are multiple places where an adversary can intervene, and often only one intervention is necessary. The successful execution of co requires integration and synchronization of. The australian governments offensive cyber capability sits within asd and works closely with each of the three services, which embed staff assigned to asd from the adfs joint cyber unit. These three mission types comprehensively cover the activities of the cyberspace forces. Offensive cyber capabilities at the operational level center for. For example, speaking at a cyber security event at georgetown law school, former deputy director of the u. Nato members organizational path towards conducting.
481 516 1068 578 728 1418 405 993 1131 783 1445 767 216 757 1123 242 1490 173 203 50 50 377 1229 1132 894 1064 748 4 1392 460 181