HSEP 314: Survey of Cyber SecuritySpring 2020, M 4:00-6:40pmL. Douglas Wilder School of Government & Public AffairsVirginia Commonwealth University***Study Questions***Interstate Cyber Conflict:1. Explain the phrase “the fifth domain.”Fifth Domain is the newest theater of warfare – cyberspace – joining land, sea, air and space.But unlike the other domains, the conflicts in cyberwar are rarely military-on-military. Instead, nation-states, criminal organizations and terrorist groups are going after civilian populations and infrastructure. We have seen this with Russia’s influence in the 2016 U.S. elections; China’s hack of the Office of Personnel Management; the seven Iranian nationals indicted for breaching aNew York dam; and North Korea’s devastating attack on Sony.2. How is “cyberwar” different from cyber conflict?Cyber ConflictGeneral shape of conflictual actions in international affairsCyberwarDiscrete conflict episodes between two (or more) recognizable political entities engaged primarily via cyberspace3. What are the three different “cyberwar” scenarios?3 Cyberwar Scenarios- Cyber Blockades (Bronze Soldier, 2007)- Sophisticated Hack of Military Systems (Stuxnet, 2010-2011)- Debilitating Attack onCritical Infrastructure(BlackEnergy, 2014-2015)4. What is an APT?A prolonged and targeted cyberattack in which an intruder gains access to a network and remainsundetected for an extended period of time. The intention of an APT attack is usually to monitor network activity and steal data rather than to cause damage to the network or organizationWhy, according to Gartzke, is5. Why, according to Gartzke, is cyberwar extremely unlikely?Cyberattacks are unlikely to prove particularly potent in grand strategic terms unless they can impose substantial, durable harm on an adversary. In many, perhaps most, circumstances, this will occur only if cyberwar is accompanied by terrestrial military force or other actions designed to capitalize on any temporary incapacity achieved via the internet. Those initiating cyberattacks must therefore decide whether they are prepared to exploit the windows of opportunity generatedby internet attacks through other modes of combat. If they are not willing and able to do so, then in grand strategic terms, there are few compelling reasons to initiate cyberwar. If one cannot foresee circumstances where the terrestrial use of force is plausible independent of cyberwar, then cyberwar is also unlikely to constitute a fundamental threat. This is not to say that cyberattacks will not have an effect, only that they are extremely unlikely to be strategically decisive. A capability to address cyber threats is useful, but planning for cyberwarfare must occur within the larger framework of recognition that this new domain is evolutionary rather thanrevolutionary.There will not be a cyber Pearl Harbor, except possibly when and if a foreign power has decided it can stand toe-to-toe with conventional U.S. military power6. Be able to name and describe (in 1-2 sentences) five major cyber incidents affecting orperpetrated by the United States.January 2019. The U.S. Democratic National Committee revealed that it had been targeted by Russian hackers in the weeks after the 2018 midterm elections.October 2018. The U.S. Justice Department announces criminal charges against seven GRU officers for multiple instances of hacking against organizations including FIFA, Westinghouse Electric Company, the Organization for the Prohibition of Chemical Weapons, and the U.S. and World Anti-Doping Agencies.September 2018. The U.S. Department of Justice announces the indictment and extradition of a Russian hacker accused of participating in the hack of JP Morgan Chase in 2014, leading to the theft of data from over 80 million customers.July 2018. The U.S. Department of Justice announced the indictments of 12 Russian intelligence officers for carrying out large-scale cyber operations against the Democratic Party in advance of the 2016 Presidential election. The officers' alleged crimes included the theft and subsequent leakage of emails from the Democratic National Committee and Hillary Clinton campaign, andthe targeting of election infrastructure and local election officials in an attempt to interfere with the election.February 2016. Hackers breached the U.S. Department of Justice's database, stealing and releasing the names, phone numbers, and email addresses or 30,000 DHS and FBI employees.7. When it comes to crisis instability, Gompert & Libicki argue that cyber weapons make apotential standoff between states even more unstable. Why? What is it that cyberspace does?Give me two of the arguments they use.Cyber weapons create problems underlying crisis instability because:1. Effects of cyber-attacks are usually short livedCyber-attacks are difficult to remake after used onceThe discovery of the attack informs the victim of their weakness.The unncertanity of an attack makes it difficult for both the attacker and defender to assessCyber attacks are easier than conventional attacks to conduct without the knowledge and direction of a state's top political authorities8. What are the three kinds of attribution?1. Evidence to convince oneself2. Evidence to convince the attacker3. Evidence to convince the public/international community9. What is the security dilemma and what two factors determine how it manifests?describes a situation in which efforts to enhance the ability of one state lead one or more foreign states to attempt to mobilize their own security forces in response. This balancing effort, mirrored in turn by the first-mover, leads to a spiral of hostilities in which rising tensions emergefrom no original intention for conflict.1. The "offense-defense balance" between states, wherein the nature of contemporary military technologies award advantage to either the attacker or defender.2. The perception of the offense-defense balance held by strategic planners and decision-makers10. Are cyber weapons offense dominant or not? Take a side.Erik Gartzke and Jon Lindsay’s claim that cyberspace is not offense dominant, but deception dominant.51ORather than persistent action and preemptive strikes on adversary networks, the United States needs persistent deception and defensive counterstrikes optimized to undermine adversary planning and capabilities.11. What conditions need to be met for coercion to succeed? Given this, how possible iscoercion using only cyber means? (Your