| List of Illustrations |
|
xiii | |
| List of Acronyms and Abbreviations |
|
xv | |
| Introduction |
|
1 | (4) |
| Part I Foundations |
|
|
Chapter 1 Emblematic Attacks |
|
|
5 | (19) |
|
|
|
5 | (3) |
|
Cybercrime And Other System Intrusions |
|
|
8 | (2) |
|
Advanced Persistent Threat |
|
|
10 | (4) |
|
Distributed Denial-Of-Service Attacks |
|
|
14 | (2) |
|
Disruptive And Destructive Attacks |
|
|
16 | (6) |
|
|
|
22 | (1) |
|
|
|
23 | (1) |
|
Chapter 2 Some Basic Principles |
|
|
24 | (17) |
|
|
|
26 | (1) |
|
|
|
27 | (2) |
|
|
|
29 | (5) |
|
|
|
34 | (2) |
|
Most Cyberattacks Have Transitory Effects |
|
|
36 | (5) |
|
Chapter 3 How To Compromise A Computer |
|
|
41 | (10) |
|
Abuses By Random External Users |
|
|
41 | (2) |
|
Abuses By Authorized Internal Users |
|
|
43 | (2) |
|
Altered Instructions Via Supply-Chain Attack |
|
|
45 | (2) |
|
|
|
47 | (3) |
|
|
|
50 | (1) |
|
Chapter 4 Cybersecurity As A Systems Problem |
|
|
51 | (18) |
|
Applications Are Often The Weak Links In The Security Chain |
|
|
51 | (1) |
|
The Role Of Input Filtering |
|
|
52 | (1) |
|
The Role Of Browsers And Operating Systems |
|
|
53 | (1) |
|
|
|
54 | (2) |
|
|
|
56 | (1) |
|
|
|
57 | (3) |
|
|
|
60 | (3) |
|
Relationships Among Machines, Systems, And Engineering |
|
|
63 | (1) |
|
Cybersecurity As A Business Process Problem |
|
|
64 | (2) |
|
Measures And Countermeasures |
|
|
66 | (2) |
|
Lessons From The OPM Hack |
|
|
68 | (1) |
|
Chapter 5 Defending Against Deep And Wide Attacks |
|
|
69 | (13) |
|
|
|
69 | (2) |
|
Identifying Near-Catastrophes To Get Ahead Of Catastrophes |
|
|
71 | (1) |
|
Hedging To Deal With Exceptions To The Power-Law Rule |
|
|
72 | (1) |
|
Attacks Of Broad Consequence |
|
|
73 | (3) |
|
Scalability Influences How Well A Near-Catastrophe Predicts A Catastrophe |
|
|
76 | (2) |
|
Implications For Learning |
|
|
78 | (1) |
|
Is Information Sharing A Panacea? |
|
|
79 | (3) |
|
Chapter 6 Deterrence By Denial |
|
|
82 | (7) |
|
What Is Being Discouraged? |
|
|
82 | (3) |
|
Complicating Psychological Factors |
|
|
85 | (1) |
|
Dissuading Cyberattack By Defeating Its Strategy |
|
|
86 | (1) |
|
Is Deterrence By Denial Transferable? |
|
|
87 | (2) |
| Part II Operations |
|
|
Chapter 7 Tactical Cyberwar |
|
|
89 | (15) |
|
|
|
89 | (3) |
|
|
|
92 | (1) |
|
|
|
93 | (6) |
|
A Tactical Cyberwar Scenario |
|
|
99 | (1) |
|
Would China Use Tactical Cyberwar The Same Way? |
|
|
100 | (1) |
|
Why Supremacy Is Meaningless And Superiority Unnecessary |
|
|
101 | (2) |
|
|
|
103 | (1) |
|
Chapter 8 Organizing A Cyberwar Campaign |
|
|
104 | (9) |
|
|
|
104 | (2) |
|
|
|
106 | (2) |
|
The Challenge Of Skepticism Over The Potential Of Tactical Cyberwar |
|
|
108 | (2) |
|
The Insertion Of Tactical Cyberwar Into Kinetic Operations |
|
|
110 | (1) |
|
Escalation And Tactical Cyberwar |
|
|
111 | (2) |
|
Chapter 9 Professionalizing Cyberwar |
|
|
113 | (8) |
|
|
|
113 | (2) |
|
|
|
115 | (5) |
|
Other Weaponization Parameters |
|
|
120 | (1) |
|
Should Cyberwar Authority Be Predelegated? |
|
|
121 | (1) |
|
|
|
122 | (2) |
|
Programming And Budgeting For Cyberwar |
|
|
124 | |
|
Chapter 10 Is Cyberspace A Warfighting Domain? |
|
|
121 | (10) |
|
Cyberwar Operations Are About Usurping Command And Control |
|
|
128 | (1) |
|
Cyberspace As Multiple Media |
|
|
129 | (1) |
|
Defend The Domain Or Ensure Missions? |
|
|
130 | (1) |
|
|
|
130 | (1) |
|
Cyberspace As A Warfighting Domain And DDOS Attacks |
|
|
131 | (2) |
|
Other Errors From Calling Cyberspace A Warfighting Domain |
|
|
133 | (1) |
|
No Domain, No Cyber Equivalent Of Billy Mitchell |
|
|
134 | (2) |
|
|
|
136 | |
|
Chapter 11 Strategic Implications Of Tactical Cyberwar |
|
|
131 | (17) |
|
Influencing Others Against Digitization |
|
|
137 | (4) |
|
Cyberattacks And The Correlation Of Forces |
|
|
141 | (4) |
|
The Challenge Of Alliance Defense In Cyberspace |
|
|
145 | (3) |
|
Chapter 12 Stability Implications Of Tactical Cyberwar |
|
|
148 | (13) |
|
|
|
148 | (2) |
|
|
|
150 | (2) |
|
The Risks Of Acting Are Reduced |
|
|
152 | (1) |
|
The Risks Of Not Acting Are Increased |
|
|
153 | (2) |
|
A Missing Element Of Caution |
|
|
155 | (1) |
|
A Quick Comparison To Nuclear Weapons |
|
|
155 | (1) |
|
Do Cyberattack Options Reduce Violence? |
|
|
156 | (3) |
|
|
|
159 | (2) |
| Part III Strategies |
|
|
Chapter 13 Strategic Cyberwar |
|
|
161 | |
|
Strategic Cyberwar May Focus On Power Grids And Banks |
|
|
161 | (3) |
|
How Coercive Can A Strategic Cyberwar Campaign Be? |
|
|
164 | (2) |
|
The Conduct Of Strategic Cyberwar |
|
|
166 | (2) |
|
|
|
168 | (1) |
|
|
|
169 | (2) |
|
Keeping Targets In Reserve |
|
|
171 | (1) |
|
|
|
171 | (1) |
|
|
|
172 | |
|
Chapter 14 Cyberwar Threats As Deterrence And Compulsion |
|
|
113 | (68) |
|
|
|
174 | (1) |
|
The Difficulty Of Evaluating A Coercive Campaign |
|
|
175 | (2) |
|
A Stalling Strategy For Compulsion |
|
|
177 | (1) |
|
A Deterrence Response Window |
|
|
178 | (3) |
|
Chapter 15 The Unexpected Asymmetry Of Cyberwar |
|
|
181 | (9) |
|
The Third World Disadvantage |
|
|
181 | (2) |
|
The Particular U.S. Advantage |
|
|
183 | (3) |
|
Was This All An Exercise In Nostalgia? |
|
|
186 | (1) |
|
A Silver Lining Arising From Kerckhoffs's Principle |
|
|
187 | (1) |
|
The Influence Of Third Parties On The Balance Of Power In Cyberspace |
|
|
188 | (2) |
|
Chapter 16 Responding To Cyberattack |
|
|
190 | (19) |
|
First-Strike Cyberattacks May Have A Variety Of Motives |
|
|
190 | (3) |
|
What Looks Like An Unprovoked Cyberattack May Not Be |
|
|
193 | (1) |
|
Should The Target Reveal The Cyberattack-and When? |
|
|
193 | (2) |
|
|
|
195 | (1) |
|
|
|
196 | (2) |
|
|
|
198 | (1) |
|
Sanctions Until The Behavior Ends |
|
|
199 | (1) |
|
The Perils Of An Easy Response |
|
|
200 | (1) |
|
|
|
200 | (4) |
|
A Drawback To Any Response |
|
|
204 | (1) |
|
How Will The Attacker Respond To Retaliation? |
|
|
204 | (3) |
|
|
|
207 | (2) |
|
Chapter 17 Deterrence Fundamentals |
|
|
209 | (9) |
|
Cyberdeterrence Differs From Nuclear And Criminal Deterrence |
|
|
210 | (1) |
|
The Rationale For Deterrence |
|
|
211 | (2) |
|
What Makes Deterrence Work? |
|
|
213 | (2) |
|
The Core Message Of Deterrence |
|
|
215 | (2) |
|
|
|
217 | (1) |
|
The Problematic Nature Of Cyberdeterrence |
|
|
217 | (1) |
|
Chapter 18 The Will To Retaliate |
|
|
218 | (12) |
|
|
|
218 | (1) |
|
|
|
219 | (1) |
|
Retaliation May Be Stymied By Bigger Issues On The Table |
|
|
219 | (2) |
|
Credibility May Not Be Easy To Establish |
|
|
221 | (1) |
|
The Signals Associated With Carrying Out Reprisals May Get Lost In The Noise |
|
|
222 | (1) |
|
The Impact Of Good Defenses On Credibility Is Mixed |
|
|
222 | (2) |
|
Can Extended Deterrence Work In Cyberspace? |
|
|
224 | (1) |
|
A Baltic Cyberspace Alliance? |
|
|
225 | (3) |
|
|
|
228 | (2) |
|
|
|
230 | (17) |
|
What Will Convince Others Of Your Attribution? |
|
|
230 | (3) |
|
How Good Would Attribution Be? |
|
|
233 | (1) |
|
What Could Make Attribution So Hard? |
|
|
234 | (1) |
|
When Attribution Seems To Work |
|
|
235 | (2) |
|
When Can Countries Be Blamed For What Starts Within Their Borders? |
|
|
237 | (3) |
|
Why Credibility Makes Attribution An Issue |
|
|
240 | (1) |
|
Will The Attacker Always Avoid Attribution? |
|
|
241 | (2) |
|
Why An Attacker May Favor Ambiguous Attribution Over None At All |
|
|
243 | (1) |
|
What Should Be Revealed About Attribution? |
|
|
244 | (2) |
|
Attribution In A Post-Truth World |
|
|
246 | (1) |
|
|
|
246 | (1) |
|
Chapter 20 What Threshold For Response? |
|
|
247 | (8) |
|
|
|
247 | (2) |
|
|
|
249 | (2) |
|
Did Not Petya Cross What Would Be A Reasonable Threshold? |
|
|
251 | (1) |
|
Should Pulled Or Failed Punches Merit Retaliation? |
|
|
252 | (1) |
|
Compulsion Versus Deterrence |
|
|
253 | (1) |
|
Threshold Issues Complicate Retaliating Against Cyberespionage |
|
|
254 | (1) |
|
Chapter 21 A Deterministic Posture |
|
|
255 | (6) |
|
Advantages Of Determinism |
|
|
255 | (2) |
|
Advantages Of A Probabilistic Deterrence Posture |
|
|
257 | (2) |
|
The Choice To Retaliate Under Uncertainty |
|
|
259 | (2) |
|
Chapter 22 Punishment And Holding Targets At Risk |
|
|
261 | |
|
The Lack Of Good Targets For Intradomain Deterrence |
|
|
261 | (2) |
|
The Temptations Of Cross-Domain Deterrence |
|
|
263 | (1) |
|
Will Targets Actually Hit Back At All? |
|
|
264 | (1) |
|
Can Secondary Deterrence Address The Problems Of Primary Deterrence? |
|
|
265 | (2) |
|
Persistent Engagement Qua Deterrence |
|
|
267 | (1) |
|
Summary Observations On Cyberdeterrence |
|
|
268 | |
|
Chapter 23 Cyberwar Escalation |
|
|
211 | (73) |
|
The Purpose And Risks Of Escalation |
|
|
271 | (1) |
|
Escalation In Strategic Cyberwar |
|
|
272 | (1) |
|
The Difficulties Of Tit-For-Tat Management |
|
|
273 | (5) |
|
Escalation Into Kinetic Warfare |
|
|
278 | (1) |
|
Escalation Risks From Proxy Cyberwar |
|
|
279 | (3) |
|
|
|
282 | (1) |
|
|
|
283 | (1) |
|
Chapter 24 Brandishing Cyberattack Capabilities |
|
|
284 | (10) |
|
|
|
284 | (1) |
|
Your Power Or Their Powerlessness? |
|
|
285 | (1) |
|
How To Brandish Cyberattack Capabilities |
|
|
285 | (2) |
|
|
|
287 | (2) |
|
Escalation Dominance And Brandishing |
|
|
289 | (1) |
|
|
|
290 | (2) |
|
|
|
292 | (2) |
|
Chapter 25 Narratives And Signals |
|
|
294 | (11) |
|
Narratives To Facilitate Crisis Control |
|
|
294 | (1) |
|
A Narrative Framework For Cyberspace |
|
|
295 | (1) |
|
Narratives As Morality Plays |
|
|
296 | (1) |
|
Narratives To Walk Back A Crisis |
|
|
297 | (1) |
|
Narrative, Attribution, And Response |
|
|
298 | (1) |
|
|
|
299 | (1) |
|
What Can We Say With Signals That Would Come As News To Others? |
|
|
300 | (2) |
|
|
|
302 | (1) |
|
Why Narratives Matter To Signals |
|
|
303 | (2) |
|
Chapter 26 Cyberattack Inferences From Cyberespionage |
|
|
305 | (7) |
|
Inferring Cyberattacks From Cyberespionage |
|
|
305 | (2) |
|
Inferences From The Fact Of Cyberespionage Alone |
|
|
307 | (1) |
|
How To Continue With Cyberespionage With Less Risk |
|
|
308 | (1) |
|
Stick With Attacks On Offensive Systems? |
|
|
308 | (1) |
|
|
|
309 | (1) |
|
Deliberate Signaling, Both Friendly And Hostile |
|
|
310 | (1) |
|
|
|
311 | (1) |
|
Chapter 27 Strategic Stability |
|
|
312 | (7) |
|
Would Nuclear Dilemmas Echo In Cyberspace? |
|
|
312 | (3) |
|
Misperception As A Source Of Crisis |
|
|
315 | (1) |
|
Excessive Confidence In Attribution Or Preemption |
|
|
316 | (1) |
|
Can There Be A Cuban Missile Crisis In Cyberspace? |
|
|
317 | (1) |
|
|
|
318 | (1) |
| Part IV Norms |
|
|
Chapter 28 Norms For Cyberspace |
|
|
319 | (21) |
|
Unilateral Red Lines And Multilateral Norms |
|
|
320 | (1) |
|
|
|
320 | (3) |
|
The Criminalization Of Hacking |
|
|
323 | (1) |
|
|
|
324 | (1) |
|
|
|
325 | (1) |
|
|
|
326 | (3) |
|
Law Of Armed Conflict: Jus In Bello |
|
|
329 | (2) |
|
Law Of Armed Conflict: Jus Ad Bellum |
|
|
331 | (2) |
|
From The Tallinn Manual To Las Vegas Rules |
|
|
333 | (1) |
|
What The Tallinn Manual Says |
|
|
333 | (2) |
|
|
|
335 | (2) |
|
|
|
337 | (1) |
|
Why Not Las Vegas Rules For Outer Space As Well? |
|
|
338 | (1) |
|
|
|
339 | (1) |
|
Chapter 29 The Rocky Road To Cyberespionage Norms |
|
|
340 | (7) |
|
Norms Against Economically Motivated Cyberespionage |
|
|
340 | (1) |
|
The Cybercrime Markets Norm |
|
|
341 | (1) |
|
The No-Political-Doxing Norm |
|
|
342 | (2) |
|
Prohibiting Certain Targets To Prohibit Unwelcome Uses Of Purloined Information |
|
|
344 | (1) |
|
Cyberespionage Against Critical Infrastructure |
|
|
344 | (2) |
|
|
|
346 | (1) |
|
Chapter 30 Sino-American Relations And Norms In Cyberspace |
|
|
347 | (7) |
|
The United States Advocates Its Norms |
|
|
347 | (2) |
|
|
|
349 | (2) |
|
|
|
351 | (3) |
|
Chapter 31 The Enigma Of Russian Behavior In Cyberspace |
|
|
354 | (5) |
|
|
|
354 | (1) |
|
|
|
354 | (1) |
|
What Happened To Cyberwar In The Russo-Ukraine Conflict? |
|
|
355 | (2) |
|
Cyberattacks To Support Narratives |
|
|
357 | (1) |
|
|
|
357 | (2) |
|
Chapter 32 Cybersecurity Futures |
|
|
359 | (11) |
|
|
|
359 | (1) |
|
|
|
360 | (3) |
|
|
|
363 | (2) |
|
|
|
365 | (1) |
|
A Three Mile Island In Cyberspace |
|
|
366 | (4) |
|
Chapter 33 Cyberwar: What Is It Good For? |
|
|
370 | (3) |
| Notes |
|
373 | (52) |
| Bibliography |
|
425 | (56) |
| Index |
|
481 | |
