In 2018, U.S. cyber strategy shifted from a reactive, deterrence-based approach to the forward-postured, proactive policy of persistent engagement. Persistent engagement broadly entails more active defense against cyberattacks and a more constant pace of operations. The strategy rests on theoretical conceptions of the cyber domain recently advanced by scholars, but also on the argument that America’s competitors have long been practicing the same. For example, U.S.
Latest in Cybersecurity and Deterrence
Recent years have seen sustained calls to “unleash” the private sector to more assertively combat cyber threats. The argument has gained some sympathy in Congress, where Rep. Tom Graves (R-Ga.) recently reintroduced the Active Cyber Defense Certainty Act (ACDCA).
It turns out that U.S. Cyber Command’s June 2019 Iran operation may have been narrower—and more effective—than previously understood.
Gen. Mark Milley, recently confirmed by the Senate as the next chairman of the Joint Chiefs of Staff, will soon ascend to that position after the current chairman, Gen. Joseph Dunford, retires this fall. In testimony during his confirmation hearing, Milley argued that in cyberspace, peace can be achieved through strength: “We have to have those offensive capabilities ...
In a recent Lawfare essay, Jim Miller and Neal Pollard offer an important and positive assessment of the strategy of persistent engagement, a strategic approach designed to thwart adversary cyberspace campaigns by continuously anticipating and exploiting vulner
The New York Times reported on June 15 that “the United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin.” In particular, the Times reported that the United States has deployed code “inside Russia’s grid and other targets”—that is, “potentially crippling malware inside the Russian system, ...
U.S. Cyber Command and the Russian Grid: Proportional Countermeasures, Statutory Authorities and Presidential Notification
A blockbuster article by David Sanger and Nicole Perlroth in the New York Times reports U.S. Cyber Command operations to hold at-risk at least some aspects of the electric power grid in Russia. The story raises a host of legal and policy questions.
Over the course of just a few decades, the world has entered into a digital age in which powerful evolving cyber capabilities provide access to everyone connected online from any place on the planet. Those capabilities could be harnessed for the benefit of humanity; they might also be abused, leading to enormous harms and posing serious risks to the safety and stability of the entire world.
Much has been written about the fundamental changes in U.S. cyber strategy. U.S.
The May 7 indictment of a Chinese national and unnamed conspirator for hacking and stealing data from nearly 80 million customers of the health care company Anthem in 2015, which researchers previously linked to Chinese state-sponsored actors, is the latest iteration of a four-year U.S.