Latest in cyberwar
Cyberwarfare during the Russian invasion of Ukraine has not played out as some expected—but it has an impact with some important long-term implications.
Activity in the digital domain may affect the war in Eastern Europe at the margins, but it will not decide it. That should tell us something about the West’s cyber posture.
I’d like to draw attention to Mark Pomerleau’s interesting piece at Fifth Domain examining the operational impact at Cyber Command (CYBERCOM) of several recent developments, including National Security Presidential Memorandum 13 (NSPM 13), doctrinal/policy innovations under the headings of “persistent engagement” and “defending forward,” and new/clarified authorities associated with the most recent National Defense Authorization Act (NDAA).
This past June, after U.N.-sponsored negotiations on the application of international law to cyber warfare collapsed, lead U.S. negotiator Michele Markoff released a blistering statement criticizing those that “believe their states are free to act in or through cyberspace to achieve their political ends with no limits or constraints on their actions. That is a dangerous and unsupportable view.”
Recent news reports regarding Russian hacks affecting the November election suggest that the United States is preparing on possible U.S. cyber actions in response, such as revealing information to the Russian public about Putin’s financial holdings that would be embarrassing for him. Without comment on whether this would be a wise policy move, it’s necessary to point out that such an action would not be a “cyber response” in any meaningful sense of the term.
Was Iran’s cyberattack that bricked vast numbers of Saudi Aramco computers justified by a similar attack on the National Iranian Oil Company a few months’ earlier? Does NSA have the ability to “replay” and attribute North Korean attacks on companies like Sony? And how do the last six NSA directors stack up against each other?
NATO recently announced that it will regard cyber as a domain of conflict, joining land, sea, and air as other domains in which conflict may occur. At a press conference on June 14, 2016, NATO Secretary General Jens Stoltenberg said that NATO “will recognize cyberspace as an operational domain, just like air, sea and land. Cyber defence is part of collective defence.
This week, Adam Segal of the Council on Foreign Relations joins Jack Goldsmith at a Hoover Book Soiree for a discussion of his new book, The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age.
PDF version
A Review of Michael V. Hayden, Playing to the Edge: American Intelligence in the Age of Terror (Penguin 2016).
David Sanger has a new story (U.S. Had Cyberattack Plan if Iran Nuclear Dispute Led to Conflict) that leaves a very important question unanswered.
Here’s the key paragraph: