+ All Categories
Home > Documents > OFFENSIVE CYBER WARFARE_roughdraft_3

OFFENSIVE CYBER WARFARE_roughdraft_3

Date post: 07-Apr-2018
Category:
Upload: alyssa-nielsen
View: 222 times
Download: 0 times
Share this document with a friend

of 21

Transcript
  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    1/21

    OFFENSIVE CYBER WARFARE: INVOLVEMENT IN CYBER SECURITY

    Alyssa M. Nielsen

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    2/21

    2

    OFFENSIVE CYBER WARFARE: INVOLVEMENT IN CYBER SECURITY

    Introduction

    In recent years, offensive cyber attacks are increasingly becoming a conventional

    means of warfare. For example, during the recent conflict between Russia and Georgia,

    which broke out over the autonomous demilitarized Georgian region of South Ossetia,

    offensive cyber attacks were launched against a large number of Georgian governmental

    websites. As a result of these cyber attacks, Georgia declared a state of war due to a

    perceived threat to its security (Korns, 2009; Tikk & et. al, 2008).

    Similarly, in December 2008, there were cyber attacks in Mumbai, India. The

    cyber attackers used cable television, BlackBerry phones, Google Earth imagery, and

    global positioning system information to gain access to government intelligence (Korns,

    2009). Also in 2008, the U.S. Department of Defense suffered a compromise of its

    classified military computer networks after an infected flash drive was inserted into a

    U.S. military laptop. The flash drives computer code uploaded itself onto a networkrun

    by the U.S. Central Command. The code spread undetected for a number of days

    allowing both classified and unclassified data to be transferred to servers under foreign

    control (Lynn, 2010). Once again in 2010, a new type of malicious softwarea cyber

    guided missile called Stuxnetmade its way into Irans nuclear-fuel centrifuge facilities

    causing damage (Clayton, 2010). These four examples show how offensive cyber attacks

    are increasingly becoming a new conventional means of warfare. They represent only a

    few of the accumulating examples of current offensive cyber warfare incidences. Amidst

    an information revolution the likelihood of cyber based attacks have increased. It is the

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    3/21

    3

    increased use of the new conventional means of offensive cyber warfare, which leads us

    to questionhow do we explain the likelihood of offensive cyber warfare?

    Offensive cyber warfare will be understood to mean unlawful attacks and threats

    of attack against computers, networks, and the information stored therein to intimidate or

    coerce a government or its people in furtherance of political or social objectives

    (Denning, 2000). I will focus on cyber warfare in the international system over the past

    three years. Ideally, I would like to focus on more than just the past three years, but due

    to a lack of open source data the scope of the research has to be scaled down to only three

    years.

    Cyber warfare has emerged as a new threat with the capability to immobilize

    critical intelligence infrastructure. It has become a topic of interest in many governmental

    organizations, to include CYBERCOM, Department of Defense, National Security

    Agency, National Security Institute, Internet engineering Task Force, International

    Organization for Standardization, Organization for Economic Cooperation and

    Development, Asia-Pacific Economic Cooperation Forum and NATO. These

    organizations seek to learn, inform, and deter cyber warfare. Knowing the causal factors

    of offensive cyber warfare could help to explain why some states are more likely to

    encounter cyber attacks than others. Understanding the likelihood of offensive cyber

    attacks will help these organizations to create policies tailored to the reduction of cyber

    attacks.

    I hypothesize that a state is more likely to be involved in offensive cyber warfare

    as the degree of international cyber security involvement decreases in a state. States that

    do not participate in international cyber security treaties or in international organizations

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    4/21

    4

    in which a cyber security committee has been created have fewer costs imposed on them

    as a consequence of their participating in cyber warfare. A state that is involved in cyber

    security polices and committees has invested time, interest, effort, and money creating

    cyber security based policies. By initiating cyber attacks a state jeopardizes its previous

    invested effort by going against established cyber security policies. If a state is faced with

    fewer costssuch as not feeling obligated to uphold cyber security policies of which it

    had no part in creatingthen it will be less likely to be deterred from initiating cyber

    attacks. Therefore, deterrence created from high international cyber security involvement

    decreases the likelihood of cyber warfare among states (Beeker, 2009; Deibert, 2010;

    Hamilton, 2004; Luman, 2009; National Security Institute, 2009).

    Approaches to Explaining Offensive Cyber Warfare

    There are two theoretical frameworks in the literature on the likelihood of

    offensive cyber warfare. The first argues that the openness and increased connectivity of

    the Internet has increased the frequency of offensive cyber warfare attacks. The second

    contends that the lack of international agreements on cyber security has increased the

    frequency of offensive cyber warfare attacks.

    The first approach in cyber literature argues that the Internet has created open

    standard procedures for regulating data transmission between computers giving easy

    access to global communities for individuals, groups, and states. This easy access or

    increased connectivity to global communities has created a sense of equality among users

    in the vast network. This sense of equality has in turn created a protective shield for those

    who wish to use cyber warfare as a means of aggression. The protective shield has

    created a low risk of getting caught and a high payoff for those partaking in cyber

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    5/21

    5

    warfare. In essence, the Internet has created an opportunity for asymmetric conflict in

    which both small, poorly funded groups and powerful states can gain the same payoff

    from attacks targeted at organizations and governments. The low risk of getting caught

    and the potential for a high payoff for the adversary has created the likelihood of cyber

    warfare to become more frequent (Alexander, 2007; Anderson, 2008; Blank, 2009;

    Bohannon, 2008; Carr, 2009; Haeni, 1997; Jancczewski & Colarik, 2008; Kramer & et.

    al, 2007; Thomas, 2002).

    Two hypotheses can be derived from this approach. The first hypothesis suggests

    that a high Internet usage in a state increases the states connectivity to the global

    community. The second hypothesis is that as the number of Internet users increases in a

    state, a potential adversary is more likely to resort to cyber warfare. The increase in

    Internet users gives the adversary more confidence that there will be a lower risk of being

    discovered. For example, the recent expansion of broadband and connectivity in South

    Korea has created a noticeable increase in a variety of cyber attacks originating from that

    country (Anderson, 2008).

    The problem with these two hypotheses is that they do not take into account the

    lack of deterrent measures such as international treaties regarding cyber security. While,

    the increased global connectivity has affected cyber warfare; it is the lack of deterrent

    measures and costs imposed on a potential adversary that has had a greater affect on the

    likelihood of cyber warfare.

    The second approach argues that states that do not participate in international

    cyber security treaties or in international organizations in which a cyber security

    committee has been created have fewer costs imposed on them as a result of participating

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    6/21

    6

    in cyber warfare. A state that is involved in cyber security polices and committees has

    invested time, interest, effort, and money creating cyber security based policies. By

    initiating cyber attacks a state would then be jeopardizing its previous invested effort by

    going against established cyber security policies. So, if a state is faced with fewer costs

    such as not feeling obligated to uphold cyber security policies of which it had no part in

    creatingthen it will be less likely to be deterred from initiating cyber attacks.

    Therefore, deterrence created from high international cyber security involvement

    decreases the likelihood of cyber warfare among states (Beeker, 2009; Deibert, 2010;

    Hamilton, 2004; Luman, 2009; National Security Institute, 2009).

    Two hypotheses can be derived from this argument. The first is that if a state has

    signed an international treaty on cyber security then that state is more likely to be

    deterred from initiating a cyber attack. The second hypothesis is that if a state is a

    member of an international organization in which a cyber security committee has been

    created then that state is more likely to be deterred from initiating a cyber attack. For

    example, Russia has declined to sign an international treaty on cyber security with the

    United States and various other countries through the Cooperative Cyber Defense Centre

    of Excellence. It has been confirmed that there have been many cyber attacks based out

    of Russia such as attacks on Georgia, Estonia, and Kyrgyzstan in the past two years

    (Ashmore, 2009; Beeker, 2009; Tikk, 2008; Walker, 2008; Zoller, 2010).

    Russias continued participation in cyber-based incidences suggests that by not

    signing the treaty it has less cost in cyber warfare. It has fewer costs because Russia has

    no allegiance to uphold any cyber security treaties.

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    7/21

    7

    One reason the lack of international treaties on cyber security is important is

    because it leads to a lack of deterrent threats on potential adversaries. Within the

    literature there is a heavy concentration on the creation of deterrence measures against

    potential cyber adversaries. While some of these deterrence measures do focus on

    safeguarding against cyber attacks, much more of the literature focuses on how to prevent

    an adversary from attacking in the first place which is, leading me to believe that the

    likelihood of cyber warfare among states is based upon the lack of deterrent threats,

    which stems from the lack of international treaties on cyber security (Alexander, 2007;

    Beeker, 2009; Biedlman, 2009; Cilluffo, 2006; Cochran, 2008; Department of Defense,

    2006; Gale, 2009; Goodman, 2010; Hildreth, 2001; Knapp, 2004; Libicki, 2009; Meri,

    1999; Presidents Information Technology Advisory Committee, 2005; Quadrennial

    Defense Review Report, 2010; Shimeall & et al, 2001; Simcox, 2009; Thomas, 2002).

    Hypothesis and Theory

    I hypothesize that a state is more likely to be involved in offensive cyber warfare

    as the degree of international cyber security involvement decreases in a state. The number

    of international organizations with cyber security policies and committees of which a

    state is involved measures the degree of international cyber security.

    States that do not participate in international cyber security policies or in

    international committees in which a cyber security committee has been created have

    fewer costs imposed on them as a result of participating in cyber warfare. A state that is

    involved in cyber security polices and committees has invested time, interest, effort, and

    money creating cyber security based policies. By initiating cyber attacks a state would

    then be jeopardizing its previous invested effort by going against established cyber

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    8/21

    8

    security policies. So, if a state is faced with fewer costssuch as not feeling obligated to

    uphold cyber security policies of which it had no part in creatingthen it will be less

    likely to be deterred from initiating cyber attacks. Therefore, deterrence created from

    high international cyber security involvement decreases the likelihood of cyber warfare

    among states (Beeker, 2009; Deibert, 2010; Hamilton, 2004; Luman, 2009; National

    Security Institute, 2009).

    Data and Methods

    I regress the percentage of offensive cyber attack traffic on the degree of cyber

    security involvement. I control for degree of military power, military expenditures (% of

    GDP), Internet users (per 100 people), and information technology (% of GDP).

    The dependent variable is the percentage of offensive cyber attack traffic by

    origin country. The data is from Akamais Internet ofthe State report from 2008-2010.

    The data looks at the percent of cyber attacks, such as viruses, that are detected by

    Akamai software by origin country. In essence, it measures the percent cyber attacks

    originating from each state.

    Table 1 shows all of the detailed statistics for all of the variables. There are 597

    percent attack traffic observations used in the model. The mean, .49, gives the average

    percent of offensive cyber attack traffic for all countries. It tells us that the average

    percent of attack traffic for all countries is .49. The median, 0, indicates the middle value

    of percent attack traffic for all countries. So, half of the observations will be above the

    median and half of the observations will be below the median. The median of 0 indicates

    that more than half of all the countries have not initiated a cyber attack. Finally, the

    range, 21.4 describes the extremes of the percent of attack traffic for all countries. The

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    9/21

    9

    range describes the spread of the data; if the range is a high number it suggests that the

    data is spread out and if the range is a low number it suggests that the data is closer

    together. The range here suggests that the data points should be relatively close together.

    Table 1

    Variable Summary

    Variables Obs. Mean Median Range

    % Attack Traffic 597 .499 0 21.4

    Degree of Cyber 635 1.89 1 5

    Security Involvement

    Degree of Military Power 471 2.72 4 5

    Military Expenditures 378 2.07 1.56 11.2(% of GDP)

    Internet Users 378 27.5 20.71 90.0

    (Per 100 people)

    Information Technology 215 5.79 5.41 13.5

    Expenditure (% of GDP)

    The variable of interest for this study is the degree of cyber security involvement

    by a country. This variable is coded on a scale from one to five, in which five is the most

    involved in cyber security and 1 is the least involved in cyber security. In order to assign

    a ranking to each country, their degree of cyber security involvement is determined. The

    degree of cyber security involvement is based on the number of certain international

    governmental organizations each country is involved. The international governmental

    organizations used in this measure all have cyber security policies and councils. The

    IGOs used are the United Nations, NATO, Cooperative Cyber Defense Centre of

    Excellence, and the ITU Council. In order to rank the countries, each country is given a

    point for each degree of involvement; for example points are given to a country for

    having UN membership, UN Security Council membershippermanent, UN Security

    Council membershipnon-permanent, NATO membership, Cooperative Cyber Defense

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    10/21

    10

    Centre of Excellence membership, and ITU Council membership. Countries with a

    membership in zero to one of the IGOs mentioned previously received a one. Countries

    with memberships in two received a two. Countries with a membership in three received

    a three. Countries with memberships in four to five received a four. Finally, a country

    with memberships in all six of the IGOs received a five. The degree of involvement was

    measured for 2008, 2009, and 2010.

    The number of observations for the degree of cyber security involvement by a

    country is 635. The mean is 1.89, meaning that the average number of IGO memberships

    each country is involved in is about 2 organizations. The median is one and the range is

    six.

    The second variable is the degree of military power. I use military power as a

    proxy for the degree of military power. There are six generations of fighter jets currently

    in use around the world, generations 1 through 5 and generation 4. 5. Countries that use

    no fighter jets receive a zero and for the rest of the countries the military power rank is

    given on the basis of on the highest generation fighter jet that is in current use or

    currently owned. The generation of fighter jets explains military power because newer

    generations are more expensive, have newer technology, and require more expertise in

    operating the equipment. A military using a generation five fighter jet has a stronger

    military based on the fact that they have the resources to fund generation five fighters and

    they have the resources to train military personnel to operate the equipment. This variable

    is coded on a scale from 0 to 5; in which 5 is the highest amount of military power and 0

    is the lowest amount of military power. The degree of military power was measured for

    2007, 2008, and 2010. The variable was created using data from militaryperiscope.com

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    11/21

    11

    that summarized the types of fighter jets being used in every country. The number of

    observations for the degree of military power is 471. The mean is 2.72 meaning that the

    average country uses a generation three fighter jet. The median is four and the range is

    five.

    The control variables are military expenditures (% of GDP)1, Internet users (per

    100 people), and information technology expenditures (% of GDP). The data for all three

    of these variables comes from the World Bank dataset and includes the year 2007 until

    2009. The number of observations for military expenditures and Internet users is 378.

    The mean for military expenditures is 2.07 percent. This means that the average amount

    of money spent on military expenditures is about two percent of a countrys GDP. The

    median is 1.56 and the range is 11.2. The mean for Internet users is 27.5 user per 100

    people. This means the average amount of Internet users a country has is about twenty-

    eight per one hundred people. The median is 20.71 the range is 90.0. The number of

    observations for information technology expenditure is 215. The mean is 5.79 percent.

    This means that the average percent of GDP spent by each country on information

    technology is about six percent. The median is 5.41 and the range is 13.5.

    I test the model using ordinary least squares regression. I expect the model to be

    statistically significant below the .05 level and I expect to have an r-squared above .25,

    indicating that the independent and control variables account for at least twenty-five

    percent of the variance explained in percent attack traffic per country. I also, expect that

    my variables of interest, degree of cyber security involvement and degree of military

    1A test for multi co-linearity was run between military expenditures and the degree ofmilitary power, which suggested that there was no multi co-linearity present.

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    12/21

    12

    power, are statistically significant below the .05 level with a t-score greater than the

    absolute values of 1.96.

    Results

    Table 2 reports the results of the models independent and control variables with

    their coefficients and standard errors, which correspond to the equation below. The

    equation is statistically significant at less than a .01 level.

    The regression equation is

    % Attack traffic = degree of cyber security involvement (.636) + degree of military power

    (.367) + military expenditures (.042) + Internet users (.008) + information technology

    expenditures (.077) + (-2.69).

    For every unit increase in the percent of attack traffic the degree of cyber security

    involvement increases by .637 if other variables are held constant. For every unit increase

    in the percent of attack traffic the degree of military power increase by .367 if other

    variables are constant. For every unit increase in the percent of attack traffic military

    expenditures increase by .042 percent if other variables are constant. For every unit

    increase in the percent of attack traffic Internet users increase by .008 if other variables

    are constant. For every unit increase in the percent of attack traffic information

    technology expenditure increases by .077 percent if other variables are constant.

    The r2= .1185 means that 11.85% of the variance on the degree of cyber security

    involvement is explained by the independent and control variables. Also as reported in

    Table 2, the degree of cyber security involvement is statistically significant at less than

    the .01 level and the constant is statistically significant at the .01 level. Degree of military

    power, military expenditure, Internet users, and information technology expenditures are

    not statistically significant.

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    13/21

    13

    Table 2Offensive Cyber Warfare Likelihood Indicators

    Variable Model 1

    Degree of Cyber .637**Security Involvement (.244)

    Degree of Military Power .367(.226)

    Military Expenditures .042(% of GDP) (.186)

    Internet Users .008

    (Per 100 people) (.011)

    Information Technology .077

    Expenditure (% of GDP) (.146)

    Constant -2.69**

    (1.22)

    N= 140p= 3.60r2= .1185

    * Statistically significant at less than a .05 level** Statistically significant at less than a .001 level

    Implications and Conclusions

    The results of the model are surprising. While the main variable of interestthe

    degree of cyber security involvementis statistically significant; it is affected in the

    opposite of that hypothesized. The model explains that as the percent of attack traffic

    increases by one unit then the degree of cyber security involvement increases by .637. So

    this is saying that if a country is more involved in cyber security policies and committees

    then that country has a higher percent of cyber attack traffic originating within it.

    The problem could be both related to the data problem and the theory. The

    percent offensive cyber attack traffic data only accounts for data from Akamais Internet

    of the State report from 2008-2010. So, it only accounts for some offensive cyber attacks

    and not all. The problem could also be that those states that are participating in cyber

    security policies and committees are doing so because they are a prominent military actor

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    14/21

    14

    in the international system. Being a prominent military actor sets a state up as a cyber

    attack target, but it also gives them the resources to implement offensive cyber attacks. I

    tried to control for this with the degree of military power per country variable. But it did

    not yield the expected results.

    The reason for the unexpected results could be due to the way I coded the degree

    of military power variable. I looked at which generation fighter jet each country currently

    has to explain military technology, military expenditure, and military expertise resources.

    Coding fighter jet generations could be the wrong method of measurement for the degree

    of military power variable. The reason for this could be because this variable does not

    truly measure technology, expertise, and military spending for each country. This is

    because some countries fly generation four jets when theoretically they should not be

    able to afford generation four jets. After further research it turns out that the only reason

    some countries are able to have higher generations is because they get them from their

    allies. So they do not necessarily have the funds to own higher generation fighters, the

    expertise to create the technology to use in the jets.

    Perhaps I should have coded degree of military power by the type of radio system

    a military uses. I think that radio systems would be a better measurement of military

    power because in general militaries do not trade radio system technology. Since militaries

    do not get radio systems from allies it would better represent funding, technology, and

    expertise available to a military.

    Another interesting result is that none of the other variables are statistically

    significant. The only explanation I have for this is that the data used looks at cyber

    warfare at the state level. This could be excluding many more cyber attacks that are being

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    15/21

    15

    implemented by non-state actors. Other variables that could be looked at to possibly

    include the non-state actor cyber warfare could be factors such as level of terrorism in a

    country or whether or not a state is currently involved in conflictinterstate or intrastate.

    The topic of offensive cyber attacks as the new conventional warfare is an

    interesting topic and the study should not stop at answering the question of how do we

    explain the likelihood of offensive cyber warfare? Other possible future research ideas

    could beUnder what conditions is cyber warfare deterred? Or Under what conditions is

    a country more likely to be a target of cyber warfare? Because cyber warfare is such a

    new concept in terms of warfare there are many unanswered questions leaving the door

    open for extensive future study.

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    16/21

    16

    References

    Alexander, K. B. (2007). Warfighting in cyberspace.Joint Force Quarterly, 46(3),

    58-61.

    Air Force Command (2009). Cyberspace. High Frontier: The Journal for Space and

    Missile Professionals, 5(3), 1-52.

    Air Force Cyber Command (2008). Air Force Cyber Command Strategic Vision.Air

    Force, 1-25.

    Anderson, K.E. (2008),"Hacktivism & Politically Motivated Computer Crime",

    Encurve, LLC.

    Ashmore, W.C. (2009). Impact of alleged russian cyber attacks.Baltic Security and

    Defence Review,11, 4-40.

    Beeker, K.R. (2009). Strategic deterrence in cyberspace: practical application.Air

    Force Institute of Technology, Graduate Research Project, 1-109.

    Biedleman, S.W. Lt. Col. (2009). Defining and deterring cyber war. U.S. Army War

    College, Strategy Research Project, 1-40.

    Blank, S. (2009). Web war I: is europes first information war a new kind of war?

    Comparative Strategy, 27, 227-247.

    http://www.aracnet.com/~kea/Papers/Politically%20Motivated%20Computer%20Crime.pdfhttp://www.aracnet.com/~kea/Papers/Politically%20Motivated%20Computer%20Crime.pdfhttp://www.aracnet.com/~kea/Papers/Politically%20Motivated%20Computer%20Crime.pdfhttp://www.aracnet.com/~kea/Papers/Politically%20Motivated%20Computer%20Crime.pdf
  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    17/21

    17

    Bohannon, L. Maj. (2008). Cyberspace and the new age of influence. School of

    Advanced Air and Space Studies, 1-95.

    Carr, J. (2009). Inside Cyber Warfare. OReilly: Sebastopol, CA, 1-234.

    Chaisson, K. (2007). China report looks at informationization.Journal of Electronic

    Defense, 30(7), 20.

    Cilluffo, F.J. & Nicholas, J.P. (2006). Cyberstrategy 2.0. The Journal of International

    Security Affairs, Spring (10), 23-31.

    Clayton, M. (2010). Stuxnet: ahmadinejad admits cyberweapon hit iran nuclear

    Program. Christian Science Monitor, Nov. 30.

    Cochran, J.T. Maj. (2008). Ten propositions regarding cyberpower. School of

    Advanced Air and Space Studies, 1-66.

    Deibert, R.J. (2010). Risking security: policies and paradoxes of cyberspace security.

    International Political Sociology, 4, 15-52.

    Denning, D. (2000). Cyberterrorism. Testimony before the special over sight panel on

    Terrorism committee on armed services u.s. house of representatives.

    Department of Defense (2006). National military strategy for cyberspace operations.

    1-54.

    Farmer, D.B. (2010). Do the principles of war apply to cyber war? School of Advanced

    Military Studies, 1-66.

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    18/21

    18

    Gale, D.A. Maj. (2009). Cybermad: should the united states adopt a mutually assured

    Destruction policy for cyberspace?Air Command and Staff College, Research

    Report, 1-33.

    Goodman, W. (2010). Cyber deterrence: tougher in theory than in practice. Strategic

    Studies Quarterly, 102-135.

    Grant, R. (2008). Rise of cyber war.A Mitchell Institute Special Report, 1-36.

    Hamilton, B.P. Lt. Col. (2004). Our national information infrastructure: an immediate

    Concern in national security policy. U.S. Army War College, 1-25.

    Haeni, R.E. (1997). Information warfare: an introduction. The George Washington

    University, Cyberspace Policy Institute, 1-16.

    Hildreth, S.A. (2001). Cyberwarfare. CRS Report for Congress, 1-20.

    Janczewski, L.J. & Colarik, A.M. (2008). Cyber Warfare and Cyber Terrorism.

    Information Science Reference, Hershey, NY, 1-565.

    Knapp, K.J. (2004). Cyber warfare: raising information security to a top priority.

    Auburn University: The Department of the Air Force. 1-34.

    Knapp, L.L. (2008). Interpreting chinese cyber attacks of 2007: indications of chinas

    cyber warfare strategy.Air Command and Staff College, Research Report, 1-67.

    Korns, S.W. (2009). Cyber operations: the new balance.Joint Force Quarterly, 54(3),

    97-101.

    Kramer, F., Starr, S., Wentz, L., Zimet, E. (2007). Framworks and insights

    characterizing trends in cyberspace and cyberpower. Information Resources

    Management College, 1-35.

    Krekel, B. (2009). Capability of the peoples republic of china to conduct cyber

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    19/21

    19

    warfare and computer network exploitation. The US-China Economic and

    Security Review Coimmission, 1-89.

    Lamb, M. W. (2002). Bytes: weapons of mass disruption.Air War College.

    Libicki, M.C. (2009). Cyberdeterrence and cyberwar. Rand cooperation, 1-241.

    Luman, R.R. (2009). Proceedings on compating the unrestricted warfare threat:

    terrorism, resources, economics, and cyberspace. Unrestricted Warfare

    Symposium 2009, 1-498.

    Lynn III, W.J. (2010). Defending a new domain: the pentagons cyberstrategy.

    Foreign Affairs.

    Meri, H.E.L. (1999). Baltic Defence Review. Baltic Defence Review, 1(99).

    Muniz, J. (2009). Declawing the dragon: why the u.s. must counter chinese cyber-

    warriors. U.S. Army Command and General Staff College, Research Report,

    1-85.

    National defense strategy of the united states of America (2008)., 1-29.

    National Security Institute (2009). Cyber security: keeping up with the threat.An

    NSI Special Report, 1-10.

    National Security Strategy (2010). 1-60.

    Ortiz, O. Maj. (2009). Cyber: empowering the combatant commanders against the

    no-borders threat.Joint Military Operations Department, 1-28.

    Owens, W.A., Dam, K.W., & Lin, H.S. (2009). Technology, policy, law, ethics,

    regarding u.s. acquisition and use of cyberattack capabilities. The National

    Academies Press: Washington, D.C., 1-390.

    Presidents Information Technology Advisory Committee. (2005). Report to the

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    20/21

    20

    president.Cyber security: a crisis of prioritization. 1-73.

    Quadrennial Defense Review Report (2010).

    Rawnsley, G.D. (2005). Old wine in new bottles: china-taiwan computer-based

    information warfare. International Affairs, 81(5), 1061-1078.

    Shimeall, T., Williams, P., Dunlevy, C. (2001). Countering cyber war. NATO Review,

    49(4), 16-18.

    Simcox, F.W. Lt Col. (2009). Flexible options for cyber deterrence.Air War College,

    Research Report, 1-47.

    Strategic Deterrence Joint Operating Concept, Version 2.0 (Offut Air Force Base,

    Nebraska: US Strategic Command, February 2006).

    Thomas, T. L. (2002). Information-age de-terror-ence.Military Review. 32-37.

    Tikk, E., Kaska, K., Ruennimeri, K., Kert, M., Talihaerm, A., & Vihul, L. (2008).

    Cyber attacks against georgia: legal lessons identified. NATO Unclassified,

    Nov (1), 1-45.

    Upton, O.K. (2003). Asserting national sovereignty in cyberspace: the case for

    Internet border inspection. Naval Postgraduate School, Masters Thesis, 1-95.

    Walker, A.D. Maj. (2008). Applying international law to the cyber attacks in estonia.

    Air Command and Staff College, Research Report, 1-41.

    Waters, G., Ball, D., Dudgeon, I. (2008). Australia and cyber-warfare.ANU E Press, 1-

  • 8/3/2019 OFFENSIVE CYBER WARFARE_roughdraft_3

    21/21

    194.

    Wentz, L.K., Barry, C.L., Starr, S.H. (2009). Military perspectives on cyberpower.

    Center for Technology and National Security Policy, 1-129.

    Wilson, C. (2007). Botnets, cybercrime, and cyberterrorism: vulnerabilities and

    policy issues for congress. CRS Report for Congress, 1-44.

    Wilson, C. (2005). Computer attack and cyberterrorism: vulnerabilities and policy

    issues for congress. CRS Report for Congress, 1-46.

    Zoller, R.G. Lt. Col. (2010). Russian cyberspace strategy and a proposed united states

    response. U.S. Army War College, 1-32.


Recommended