Call/text: (617) 682-9697 | e: [email protected]ateus.org | f: 617-391-3067
Resolved: The benefits of the United States federal government’s use of offensive cyber operations outweigh the harms.

Resolved: The benefits of the United States federal government’s use of offensive cyber operations outweigh the harms.

Table of Contents

Middle school reading list

 

UK and Russia are already at war (2019). This describes the current state of global cyber warfare and explains how it is ongoing.

 

White House authorizes offensive cyber operations (2019). This article explains the new Presidential Decision Directive that authorizes the use of offensive cyber operations against enemies. I don’t think it has any evidence in it, but it is useful to read to help understand the topic.

 

An interview with Paul Nakason (2019). When you click on this .pdf, you will find an interview with the head of the US CyberCommand on pages 4-9.  The interview provides important background information and some justification for offensive cyber warfare.

 

A Cyberforce for persistent operations (2019). When you click on this .pdf, you will find an interview with the head of the US CyberCommand on pages 10-14.  The article provides important background information and provides a strong explanation of why the US must engage in offensive cyber warfare.

 

The Myth of Cyber Offense: The Case for Restraint (2019). We demonstrate that, while cyber operations to date have not been escalatory or particularly effective in achieving decisive outcomes, recent policy changes and strategy pronouncements by the Trump administration increase the risk of escalation while doing nothing to make cyber operations more effective. These changes revolve around a dangerous myth: offense is an effective and easy way to stop rival states from hacking America. New policies for authorizing preemptive offensive cyber strategies risk crossing a threshold and changing the rules of the game.

 

Updated Reading List

 

Preparing for the Future: An Assessment of Emerging Cyber Threats (October 22, 2019)

 

Amisha’s reading list/high school reading list/key articles

 

How Cyber Operations are Changing Modern Warfare (2019).  This article is a great general overview about the US shift to offensive cyber operations and why we have shifted to OCOs.

 

Are cyber-operations a U.S. retaliatory option for the Saudi oil field strikes? Would such action deter Iran? (2019). This article reviews all of the pros and cons of OCOs.

 

UK and Russia are already at war (2019). This describes the current state of global cyber warfare and explains how it is ongoing.  There is a response to this argument here.

 

An interview with Paul Nakason (2019). When you click on this .pdf, you will find an interview with the head of the US CyberCommand on pages 4-9.  The interview provides important background information and some justification for offensive cyber warfare.

 

A Cyberforce for persistent operations (2019). When you click on this .pdf, you will find an interview with the head of the US CyberCommand on pages 10-14.  The article provides important background information and provides a strong explanation of why the US must engage in offensive cyber warfare.

 

The Myth of Cyber Offense: The Case for Restraint (2019). We demonstrate that, while cyber operations to date have not been escalatory or particularly effective in achieving decisive outcomes, recent policy changes and strategy pronouncements by the Trump administration increase the risk of escalation while doing nothing to make cyber operations more effective. These changes revolve around a dangerous myth: offense is an effective and easy way to stop rival states from hacking America. New policies for authorizing preemptive offensive cyber strategies risk crossing a threshold and changing the rules of the game.

 

Max Smeets, “The Strategic Promise of Offensive Cyber Operations,” Strategic Studies Quarterly (Fall 2018). Could offensive cyber operations provide strategic value? If so, how and under what conditions? While a growing number of states are said to be interested in developing offensive cyber capabilities, there is a sense that state leaders and policy makers still do not have a strong conception of its strategic advantages and limitations. This article finds that offensive cyber operations could provide significant strategic value to state-actors. The availability of offensive cyber capabilities expands the options available to state leaders across a wide range of situations. Distinguishing between counterforce cyber capabilities and countervalue cyber capabilities, the article shows that offensive cyber capabilities can both be an important force-multiplier for conventional capabilities as well as an independent asset. They can be used effectively with few casualties and achieve a form of psychological ascendancy. Yet, the promise of offensive cyber capabilities’ strategic value comes with a set of conditions. These conditions are by no means always easy to fulfill—and at times lead to difficult strategic trade-offs.

 

The rationale for offensive cyber capabilities (2016). This article contends that defensive cyber capabilities are not enough and that offensive capabilities are needed to prevail in a modern war.

 

America’s Secret Arsenal (2015). This article provides a good overview of US cyber capabilities and the upsides and downsides to using cyber weapons.

 

Erik Gartzke and Jon R. Lindsay, “Weaving Tangled Webs: Offense, Defense, and Deception in Cyberspace,”Security Studies 24, no. 2 (2015): 316-48. This article provides a general discussion of offensive and defensive cyber operations as well as how deception could be utilized under each strategy.

 

Definitions

 

Three Types of Cyber Security (2019). There are different methods of protecting data. Therefore, Maryville University has devised three cyber security online degree tracks so that aspiring specialists can gain skills and knowledge applicable to the career they want to pursue. These paths are typically broken up as follows:

Offensive Track: Deploys a proactive approach to security through the use of ethical hacking
Defensive Track: Uses a reactive approach to security that focuses on prevention, detection, and response to attacks
General Track: Utilizes a mix of offensive and defensive tactics to provide cyber security

 

France’s new offensive cyber doctrine (2019). This article doesn’t have any pro or con cards but it does explain what constitutes France’s offensive cyber operations.

 

 

 

General Articles/Books

US increases cyber operations against other countries (2019). This article says the US has started engaging in offensive cyber operations to deter offensive cyber operations from other countries and to prepare to disable networks in the event of a war.

 

An interview with Paul Nakason (2019). When you click on this .pdf, you will find an interview with the head of the US CyberCommand on pages 4-9.  The interview provides important background information and some justification for offensive cyber warfare.

 

Bytes, Bombs, and Spies. The strategic dimensions of US cyber operations (2018). This 2018 book examines US offensive cyber capabilities.

 

 

White House authorizes offensive cyber operations (2019). This article explains the new Presidential Decision Directive that authorizes the use of offensive cyber operations against enemies. I

don’t think it has any evidence in it, but it is useful to read to help understand the topic.

 

Did America really try to override the Russian power grid? (2019). This article explains how the US military undertook offensive cyber operations against Russia’s electricity grid without informing Trump.

 

The Pentagon thinks Cyber ops could be the next WMDs (2018). This article explains the growing offensive cyber threats to the US.

 

Cyberwarfare and nuclear weapons: Game changing (2018). This research paper identifies the general threats to US nuclear security from cyber attacks.

 

Erik Gartzke and Jon R. Lindsay, “Weaving Tangled Webs: Offense, Defense, and Deception in Cyberspace,”Security Studies 24, no. 2 (2015): 316-48. This article provides a general discussion of offensive and defensive cyber operations as well as how deception could be utilized under each strategy.

 

Richard Harknett, “United States Cyber Command’s New Vision: What it Entails and Why It Matters,” Lawfare, March 23, 2018, https://www.lawfareblog.com/united-states-cyber-commands-new-vision-what-it-entails-and-why-it-matters.

 

10. “Gen. Nakasone Lays Out Vision for ‘5th Chapter’ of US Cyber Command,” Meritalk, September 7, 2018, https://www.meritalk.com/articles/nakasone-cyber-command-vision/.

 

Ben Buchanan,The Cybersecurity Dilemma (London: Hurst Publishers, 2017).  This book discussed the general pros and cons

 

Joshua Rovner and Tyler Moore, “Does the Internet Need a Hegemon?”Journal of Global Security Studies 2, no. 3 (July 2017): 184–203.

 

22. Benjamin Jensen, “The Cyber Character of Political Warfare,”Brown Journal of World Affairs 24, no. 1 (Fall/Winter 2017–18): 159–71];

 

Brandon Valeriano, Benjamin Jensen, and Ryan C. Maness,Cyber Strategy: The Evolving Character of Power and Coercion (Oxford: Oxford University Press, 2018).

 

The impact of cyberwarfare on deterrence (2019) Cyber war is a subject that is highly contested among strategists and experts. This brief assesses the impact of cyber operations against strategic targets and demonstrates that while cyber war is a real phenomenon, it is far from producing decisive outcomes. The cyberspace is a medium to conduct military operations and several countries have made investments in capabilities to both attack and defend against cyber-attacks. The brief evaluates the relative strengths of offence and defence and the extent to which it favours the strong against the weak. It considers whether cyber capabilities create asymmetric advantages, thereby undermining nuclear deterrence and strategic stability. The extensive use of cyberspace creates opportunities as well as challenges and vulnerabilities for countries that possess cyber capabilities.

 

General — Cyber Gride

 

A US attack on the electric grid (2017). This report outlines the risks of an attack on the US electric grid and also provides many defensive measures that can be undertaken to protect it.

 

Pro — General

 

A Cyberforce for persistent operations (2019). When you click on this .pdf, you will find an interview with the head of the US CyberCommand on pages 10-14.  The article provides important background information and provides a strong explanation of why the US must engage in offensive cyber warfare.

 

Bolton says the US is expanding offensive cyber operations (2019). This article says the US jams Russian servers to stop election interference and retaliates against those who commit economic espionage.

 

US ramps up offensive cyber operations (2019). The U.S. is beginning use offensive cyber measures in response to commercial espionage, President Trump’s national security adviser, John Bolton, said Tuesday “We’re now looking at — beyond the electoral context — a whole range of other activities to prevent this other kind of cyber interference … in the economic space, as well,” Bolton said while speaking at The Wall Street Journal’s CFO Network annual meeting.

 

The rationale for offensive cyber capabilities (2016). This article contends that defensive cyber capabilities are not enough and that offensive capabilities are needed to prevail in a modern war.

 

Dawn of the Cold War – America’s Battle Against Russia, China, and the Rising Cyber Threat (2019). In this dramatic book, former Assistant Attorney General John P. Carlin takes readers to the front lines of a global but little-understood fight as the Justice Department and the FBI chases down hackers, online terrorist recruiters, and spies. Today, as our entire economy goes digital, from banking to manufacturing to transportation, the potential targets for our enemies multiply. This firsthand account is both a remarkable untold story and a warning of dangers yet to come.

 

United States Cyber Command, Achieve and Maintain Cyberspace Superiority: Command Vision for US Cyber Command, June. This document is not especially useful, but it has some good general evidence about cyber threats.

A cyberforce for persistent operations (2019).  In an article for Joint Force Quarterly (JFQ), NSA Director and Cyber Command head Gen. Paul Nakasone writes: “We must instead maneuver seamlessly across the interconnected battlespace, globally, as close as possible to adversaries and their operations, and continuously shape the battlespace to create operational advantage for us while denying the same to our adversaries.” When Nakasone says the U.S. must get “as close as possible to adversaries and their operations,” he implies that the U.S. seeks to achieve effects that are outside of its own networks and beyond the networks of its adversaries. This vast area is not ungoverned space. It includes, for example, routers in Nairobi, servers in Denmark or operating infrastructure in any other country around the world.

 

Pro — NATO

 

NATO Getting More Aggressive on Offensive Cyber (2019). This article says that NATO members have agreed to develop offensive cyber capabilities. Abandoning such capabilities may obviously hurt the alliance.

 

The role of offensive cyber operations in NATO’s Collective Defense (2015). This article from 2015 explains that NATO needs to adopt offensive cyber capabilities in order to deter Russia. There are also general deterrence links.

 

Pro — Iran

 

US cyber attack hurt Iran’s ability to target oil tankers (2019).This article contends that US cyber attacks have disrupted Iran’s ability to disrupt shipping in the Strait of Hormuz.

 

Pentagon launched secret digital strike on Iranian spy group: report (2019) U.S. Cyber Command launched a retaliatory digital strike Thursday night against an Iranian spy group responsible for last week’s bombings of two oil tankers, Yahoo News reported, citing two former intelligence officials. The group, which is affiliated with the Iranian Revolutionary Guard Corps, has reportedly digitally tracked and targeted military and civilian vessels passing through the Strait of Hormuz over the past several years, enabling it today to launch attacks on ships in the region.

Iranian hackers launch a new US campaign as tensions rise (2019). This article examines increase hacking by Iran post Trump’s withdrawal from the nuclear deal.

 

Pro — China

 

China’s head start in cyberwarfare leaves the US and others playing catch-up (2019).  This title is self-explanatory. It says that China leads in offensive cyber, that there is nothing the US can do to reverse that trend, and that the US needs to increase its offensive cyber capabilities to compete with China.

 

, The US says China is stealing technology to modernize its military, and that could erode American dominance (2019). The title is self-explanatory.

 

Pro — North Korea

 

North Korean cyberwarfare: As big a threat as nuclear warfare (2019).  This article argues that NK’s cyber capabilities are among the strongest in the world and a greater threat than its nuclear weapons, as NK is more likely to use the cyber capabilities.

 

Pro– Elections

 

Russia: Reported US cyberattack on power grid possible (2019).  This article explains that the US has placed viruses on Russia’s electrical grid to deter them from interfering with US elections.

 

Protecting elections from cyber attacks (2019). This article argues that cyber attacks on elections threaten democracy.

 

Senate Report calls for action against foreign election interference (2019).  The title is self-explanatory.

 

How Democracies Lose in Cyberwar (2019). This article explains Russia’s threat to US democratic systems.

 

Pro — Counter Espionage

 

U.S. ramping up offensive cyber measures to stop economic attacks, Bolton says (2019).   This article says the US uses cyber weapons to deter China’s espionage.

 

General Con

 

How America’s cyber strategy could create an international crisis (2019).

The rise of the global cyberwar threat (2019)

 

The Myth of Cyber Offense: The Case for Restraint (2019). We demonstrate that, while cyber operations to date have not been escalatory or particularly effective in achieving decisive outcomes, recent policy changes and strategy pronouncements by the Trump administration increase the risk of escalation while doing nothing to make cyber operations more effective. These changes revolve around a dangerous myth: offense is an effective and easy way to stop rival states from hacking America. New policies for authorizing preemptive offensive cyber strategies risk crossing a threshold and changing the rules of the game.

 

Why cyber operations did not always favor the offense (2017). Creating unnecessary vulnerabilities. Making offensive cyber operations a national priority can increase instabilities in international relations and worsen national vulnerabilities to attack. But because the skills needed for offense and defense are similar, military offensive readiness can be maintained by focusing on defensive operations that make the world safer, rather than on offensive operations….Prioritizing offensive operations can increase adversaries’ fears, suspicions, and readiness to take offensive action. Cyber offenses include cyber exploitation (intelligence gathering) and cyberattack (disrupting, destroying, or subverting an adversary’s computer systems). An adversary can easily mistake defensive cyber exploitation for offensive operations because the distinction is a matter of intent, not technical operation. The difficulty of distinguishing between offensive and defensive tactics makes mistrustful adversaries more reactive, and repeatedly conducting offensive cyber operations only increases distrust. A focus on offensive operations can also increase vulnerabilities; for example, secretly stockpiling information about vulnerabilities in computers for later exploitation, rather than publicizing and helping civil society to mitigate those

 

Nuclear deterrence in a Cyberar-ia (2016). This article argues that offensive cyber operations increase the risk of nuclear war because countries have incentives to use nuclear weapons before their ability to launch them is disrupted by cyber warfare.

 

Cyber command risks friction with allies (2019). This article explains that when the US operates in the gray zone of cyberwarfare that such activities may end up occuring on allies’ networks and undermining relations with our allies

 

Herb Lin and Max Smeets, “What Is Absent From the U.S. Cyber Command ‘Vision’,” Lawfare, May 3, 2018, https://www.lawfareblog.com/what-absent-us-cyber-command-vision.

 

Department of Defense Science Board,Task Force on Cyber as a Strategic Capability Executive Summary, (Washington: Department of Defense, 2018)

 

Cross Domain Deterrence (2019). This book explains the difficulties in using cyber weapons to deter.

 

The future of war will be digital (2019).  THis article identifies some general dangers of cyberwarfare

 

Con — Russia

 

How not to prevent a cyber war with Russia (2019). This article argues that offensive cyber operations risk an escalating conflict with Russia, that there are better approaches to deterrence with Russia, that threat against civilian infrastructure are immoral, and that it risks accidental and miscalculated warfare.

 

We’ve entered a new age of cyberwar (2019). This article argues offensive cyber operations can easily trigger “hair trigger” escalation and conflict.  The article argues they are especially dangerous against Russia.

 

Con — Iran

 

The search for a cyber silver bullet against Iran (2019). This article argues that a offensive cyber use against Iran will not deter Iranian aggression and only risk escalatin.

 

Con — Election Interference.

 

Election Hacking, As We Understand It Today, Is Not A Cybersecurity Issue (2018). 

 

Election hacking: Why cybersecurity experts think we should trust midterm election results (2018).

 

Con — Cyber Attacks Bad

 

Offensive cyber operations and nuclear weapons (2019). The potential use of offensive cyber operations against nuclear systems will increase the possibility of war in the future and pose an urgent risk due to the vulnerabilities that exist in nuclear infrastructure. From network attacks, man-in-the- middle attacks, packet sniffing, denial of service attacks (DDOS), Wi-Fi attacks, cyber-spoofing, supply chain attacks, radio attacks, crypto attacks, rubber ducky attacks, air-gapped network attacks, spyware attacks and more, malicious actors have a range of tools that can jeopardize the integrity of nuclear command, control, and communication (C3) systems. This study will explore the offensive cyber threats that threaten nuclear command and control systems.