HSEP 314 Survey of Cyber Security Spring 2020 M 4 00 6 40pm L Douglas Wilder School of Government Public Affairs Virginia Commonwealth University Study Questions Interstate Cyber Conflict 1 Explain the phrase the fifth domain Fifth Domain is the newest theater of warfare cyberspace joining land sea air and space But unlike the other domains the conflicts in cyberwar are rarely military on military Instead nation states criminal organizations and terrorist groups are going after civilian populations and infrastructure We have seen this with Russia s influence in the 2016 U S elections China s hack of the Office of Personnel Management the seven Iranian nationals indicted for breaching a New York dam and North Korea s devastating attack on Sony 2 How is cyberwar different from cyber conflict Cyber Conflict Cyberwar General shape of conflictual actions in international affairs Discrete conflict episodes between two or more recognizable political entities engaged primarily via cyberspace 3 What are the three different cyberwar scenarios 3 Cyberwar Scenarios Cyber Blockades Bronze Soldier 2007 Sophisticated Hack of Military Systems Stuxnet 2010 2011 Debilitating Attack on Critical Infrastructure BlackEnergy 2014 2015 4 What is an APT A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time The intention of an APT attack is usually to monitor network activity and steal data rather than to cause damage to the network or organization Why according to Gartzke is 5 Why according to Gartzke is cyberwar extremely unlikely Cyberattacks are unlikely to prove particularly potent in grand strategic terms unless they can impose substantial durable harm on an adversary In many perhaps most circumstances this will occur only if cyberwar is accompanied by terrestrial military force or other actions designed to capitalize on any temporary incapacity achieved via the internet Those initiating cyberattacks must therefore decide whether they are prepared to exploit the windows of opportunity generated by internet attacks through other modes of combat If they are not willing and able to do so then in grand strategic terms there are few compelling reasons to initiate cyberwar If one cannot foresee circumstances where the terrestrial use of force is plausible independent of cyberwar then cyberwar is also unlikely to constitute a fundamental threat This is not to say that cyberattacks will not have an effect only that they are extremely unlikely to be strategically decisive A capability to address cyber threats is useful but planning for cyberwarfare must occur within the larger framework of recognition that this new domain is evolutionary rather than revolutionary There will not be a cyber Pearl Harbor except possibly when and if a foreign power has decided it can stand toe to toe with conventional U S military power 6 Be able to name and describe in 1 2 sentences five major cyber incidents affecting or perpetrated by the United States January 2019 The U S Democratic National Committee revealed that it had been targeted by Russian hackers in the weeks after the 2018 midterm elections October 2018 The U S Justice Department announces criminal charges against seven GRU officers for multiple instances of hacking against organizations including FIFA Westinghouse Electric Company the Organization for the Prohibition of Chemical Weapons and the U S and World Anti Doping Agencies September 2018 The U S Department of Justice announces the indictment and extradition of a Russian hacker accused of participating in the hack of JP Morgan Chase in 2014 leading to the theft of data from over 80 million customers July 2018 The U S Department of Justice announced the indictments of 12 Russian intelligence officers for carrying out large scale cyber operations against the Democratic Party in advance of the 2016 Presidential election The officers alleged crimes included the theft and subsequent leakage of emails from the Democratic National Committee and Hillary Clinton campaign and the targeting of election infrastructure and local election officials in an attempt to interfere with the election February 2016 Hackers breached the U S Department of Justice s database stealing and releasing the names phone numbers and email addresses or 30 000 DHS and FBI employees 7 When it comes to crisis instability Gompert Libicki argue that cyber weapons make a potential standoff between states even more unstable Why What is it that cyberspace does Give me two of the arguments they use Cyber weapons create problems underlying crisis instability because 1 Effects of cyber attacks are usually short lived Cyber attacks are difficult to remake after used once The discovery of the attack informs the victim of their weakness The unncertanity of an attack makes it difficult for both the attacker and defender to assess Cyber attacks are easier than conventional attacks to conduct without the knowledge and direction of a state s top political authorities 8 What are the three kinds of attribution 1 Evidence to convince oneself 2 Evidence to convince the attacker 3 Evidence to convince the public international community 9 What is the security dilemma and what two factors determine how it manifests describes a situation in which efforts to enhance the ability of one state lead one or more foreign states to attempt to mobilize their own security forces in response This balancing effort mirrored in turn by the first mover leads to a spiral of hostilities in which rising tensions emerge from no original intention for conflict 1 The offense defense balance between states wherein the nature of contemporary military technologies award advantage to either the attacker or defender 2 The perception of the offense defense balance held by strategic planners and decision makers 10 Are cyber weapons offense dominant or not Take a side Erik Gartzke and Jon Lindsay s claim that cyberspace is not offense dominant but deception dominant 51 Rather than persistent action and preemptive strikes on adversary networks the United States needs persistent deception and defensive counterstrikes optimized to undermine adversary planning and capabilities 11 What conditions need to be met for coercion to succeed Given this how possible is coercion using only cyber means Your informed opinion Coercion Bullying Making someone do what you want through threats or force Only if the credibility for the