Tag Archives: cyber

Beijing’s Views on Norms in Cyberspace and Cyber Warfare Strategy Pt. 1

By LCDR Jake Bebber USN

The following is a two-part series looking at PRC use of cyberspace operations in pursuit of its national strategies and the establishment of the Strategic Support Force. Part 1 considers the centrality of information operations and information war to the PRC’s approach toward its current struggle against the U.S. Part 2 looks at the PRC’s use of international norms and institutions in cyberspace, and possible U.S. responses.

Introduction

A recent article noted a marked shift in Chinese strategy a few short years ago which is only now being noticed. Newsweek author Jeff Stein wrote a passing reference to a CCP Politburo debate under the presidency of Hu Jintao in 2012 in which “Beijing’s leading economics and financial officials argued that China should avoid further antagonizing the United States, its top trading partner. But Beijing’s intelligence and military officials won the debate with arguments that China had arrived as a superpower and should pursue a more muscular campaign against the U.S.”1

The nature of this competition is slowly taking shape, and it is a much different struggle than the Cold War against the Soviet Union – however, with stakes no less important. This is a geoeconomic and geoinformational struggle. Both U.S. and PRC views on cyber warfare strategy, military cyber doctrine, and relevant norms and capabilities remain in the formative, conceptual, and empirical stages of understanding. There is an ongoing formulation of attempting to understand what cyberspace operations really are. While using similar language, each has different orientations and perspectives on cyberspace and information warfare, including limiting structures, which has led to different behaviors. However, the nature of cyberspace, from technological advancement and change, market shifts, evolving consumer preferences to inevitable compromises, means that while windows of opportunity will emerge, no one side should expect to enjoy permanent advantage. Thus, the term ‘struggle’ to capture the evolving U.S.-PRC competition.

The PRC recognized in the 1990s the centrality of information warfare and network operations to modern conflict. However, it has always understood the information space as blended and interrelated. Information is a strategic resource to be harvested and accumulated, while denied to the adversary. Information warfare supports all elements of comprehensive national power to include political warfare, legal warfare, diplomatic warfare, media warfare, economic warfare, and military warfare. It is critical to recognize that the PRC leverages the American system and its values legally (probably more so than illegally), to constrain the U.S. response, cloud American understanding, and co-opt key American institutions, allies, and assets. In many ways, the PRC approach being waged today is being hidden by their ability to work within and through our open liberal economic and political system, while supplemented with cyber-enabled covert action (such as the OPM hack).

To support their comprehensive campaign, the PRC is reforming and reorganizing the military wing of the Communist Party, the People’s Liberation Army (PLA), posturing it to fight and win in the information space. Most notably, it recently established the Strategic Support Force (SSF) as an umbrella entity for electronic, information, and cyber warfare. Critical for U.S. policymakers to understand is how the SSF will be integrated into the larger PLA force, how it will be employed in support of national and military objectives, and how it will be commanded and controlled. While much of this remains unanswered, some general observations can be made.

This reform postures the PLA to conduct “local wars under informationized conditions” in support of its historic mission to “secure dominance” in outer space and the electromagnetic domain. Network (or cyberspace) forces are now alongside electromagnetic, space, and psychological operations forces and better organized to conduct integrated operations jointly with air, land, and sea forces.2

This change presents an enormous challenge to the PLA. The establishment of the SSF disrupts traditional roles, relationships, and processes. It also disrupts power relationships within the PLA and between the PLA and the CCP. It challenges long-held organizational concepts, and is occurring in the midst of other landmark reforms, to include the establishment of new joint theater commands.3 However, if successful, it would improve information flows in support of joint operations and create a command and control organization that can develop standard operating procedures, tactics, techniques, procedures, advanced doctrine, associated training, along with driving research and development toward advanced capabilities.

While questions remain as to the exact composition of the Strategic Support Force, there seems to be some consensus that space, cyber, electronic warfare, and perhaps psychological operations forces will be centralized into a single “information warfare service.” Recent PLA writings indicate that network warfare forces will be charged with network attack and defense, space forces will focus on ISR and navigation, and electronic warfare forces will engage in jamming and disruption of adversary C4ISR. It seems likely that the PRC’s strategic information and intelligence support forces may fall under the new SSF. The PLA’s information warfare strategy calls for its information warfare forces to form into ad hoc “information operations groups” at the strategic, operational, and tactical levels, and the establishment of the SSF will save time and enable better coordination and integration into joint forces. The SSF will be better postured to conduct intelligence preparation of the battlespace, war readiness and comprehensive planning for “information dominance.”4

The establishment of the SSF creates a form of information “defense in depth,” both for the PLA and Chinese society as a whole. The SSF enables the PLA to provide the CCP with “overlapping measures of electronic, psychological, and political deterrents.” It is reasonable to expect that there will be extensive coordination and cooperation among the PRC’s military, internal security, network security, “commercial” enterprises such as Huawei and ZTE, political party organizations, state controlled media both inside and outside China, and perhaps even mobilization of Chinese populations.

Chinese Information Warfare Concepts and Applications

Recent Chinese military writings have stressed the centrality of information to modern war and modern military operations. Paying close attention to the way the West – principally the U.S. – conducted the First Gulf War and operations in Kosovo and the Balkans in the 1990s, the PRC has been aggressively pursuing a modernization and reform program that has culminated in where they are today. Indeed, there is close resemblance to PLA and PRC aspirational writing from the 1990s to today’s force structure.

In many ways, the PLA understanding of modern war reflects the American understanding in so much as both refer to the centrality of information and the need to control the “network domain.” “Informatized War” and “Informatized Operations” occur within a multi-dimensional space – land, sea, air, space and the “network electromagnetic” or what Americans generally understand as “cyberspace.” The U.S. has long held that the control of the network domain provides a significant “first mover advantage,” and the PRC is well on the way toward building the capability for contesting control of the network domain. Its writings consistently hold that the PLA must degrade and destroy the adversary’s information support infrastructure to lessen its ability to respond or retaliate. This is especially necessary for “the weak to defeat the strong,” because most current writing still suggests that the PLA believes itself still inferior to American forces, though this perception is rapidly changing. Regardless, the PRC understanding of modern war supposes a strong incentive for aggressive action in the network domain immediately prior to the onset of hostilities.6 These operations are not restricted geographically, and we should expect to see full-scope network operations worldwide in pursuit of their interests, including in the American homeland.7

There are three components to a strategic first strike in the cyber domain. The first component is network reconnaissance to gain an understanding of critical adversary networks, identifying vulnerabilities, and manipulating adversary perception to obtain strategic advantage. Network forces are then postured to be able to conduct “system sabotage” at a time and place of the PRC’s choosing. When the time is right, such as a prelude to a Taiwan invasion or perhaps the establishment of an air defense identification zone over the South China Sea, the PRC will use system sabotage to render adversary information systems impotent, or to illuminate the adversary’s “strategic cyber geography” in order to establish a form of “offensive cyber deterrence.” The PRC could take action to expose its presence in critical government, military, or civilian networks and perhaps conduct some forms of attack in order to send a “warning shot across the bow” and give national decision-makers reason to pause and incentive to not intervene.8

Indeed, unlike the American perspective, which seeks to use cyberspace operations as a non-kinetic means to dissuade or deter potential adversaries in what Americans like to think of as “Phase 0,” the PLA has increasingly moved toward an operational construct that blends cyberspace operations with kinetic operations, creating a form of “cyber-kinetic strategic interaction.” The goal would be to blind, disrupt, or deceive adversary command and control and intelligence, surveillance, and reconnaissance (C4ISR) systems while almost simultaneously deploying its formidable conventional strike, ballistic missile, and maritime power projection forces. The PLA envisions this operational concept as “integrated network electronic warfare,” described by Michael Raska as the “coordinated use of cyber operations, electronic warfare, space control, and kinetic strikes designed to create ‘blind spots’ in an adversary’s C4ISR systems.”9 

The PLA has recently described this as a form of “network swarming attacks” and “multi-directional maneuvering attacks” conducted in all domains – space, cyberspace, ground, air, and sea. The Strategic Support Force has been designed to provide these integrated operations, employing electronic warfare, cyberspace operations, space and counter-space operations, military deception and psychological operations working jointly with long-range precision strike, ballistic missile forces and traditional conventional forces.

Essential to these concepts are China’s ability to achieve dominance over space-based information assets. PRC authors acknowledge this as critical to conducting joint operations and sustaining battlefield initiative. This includes not only the orbiting systems, but ground stations, tracking and telemetry control, and associated data systems. We can expect full-scope operations targeting all elements of America’s space-based information system enterprise.

Important to all of this is the necessity of preparatory operations that take place during “peacetime.” China understands that many of its cyberspace, network, electronic and space warfare capabilities will not be available unless it has gained access to and conducted extensive reconnaissance of key systems and pre-placed capabilities to achieve desired effects. We should expect that the PRC is actively attempting to penetrate and exploit key systems now in order to be able to deliver effects at a later date.

Chinese Understandings of Deterrence and International Law in Cyber Warfare

China recently released the “International Strategy of Cooperation on Cyberspace.”10 Graham Webster at the Yale Law School made some recent observations. First, it emphasizes “internet sovereignty,” which is unsurprising, since the CCP has a vested interest in strictly controlling the information space within China, and between China and the rest of the world.  This concept of “internet sovereignty” should best be understood as the primacy of Chinese interests. China would consider threatening information sources outside of the political borders of China as legitimate targets for cyber exploitation and attack. In the minds of the CCP, the governance of cyberspace should recognize the sovereignty of states, so long as the Chinese state’s sovereignty is paramount over the rest of the world’s.

Second, the strategy suggests that “[t]he tendency of militarization and deterrence buildup in cyberspace is not conducive to international security and strategic mutual trust.” This appears to be aimed squarely at the U.S., most likely the result of Edward Snowden’s actions. The U.S. seems to also be the target when the strategy refers to “interference in other countries’ internal affairs by abusing ICT and massive cyber surveillance activities,” and that “no country should pursue cyber hegemony.” Of course, the PRC has been shown to be one of the biggest sources of cyber-enabled intellectual property theft and exploitation, and China’s cyber surveillance and control regimes are legendary in scope. Immediately after decrying the “militarization” of cyberspace, the strategy calls for China to “expedite the development of a cyber force and enhance capabilities … to prevent major crisis, safeguard cyberspace security, and maintain national security and social stability.” These broad, sweeping terms would permit China to later claim that much of its activities that appear to violate its own stated principles in the strategy are indeed legitimate.

The strategy seeks to encourage a move away from multi-stakeholder governance of the Internet to multilateral decision-making among governments, preferably under the United Nations. This would certainly be in China’s interests, as China continues to hold great sway in the U.N., especially among the developing world. After all, China is rapidly expanding its geoeconomic and geoinformational programs, leveraging its state-owned enterprises to provide funding, resources, and informational infrastructure throughout Africa, Asia, Europe, and the Americas. As more countries become dependent on Chinese financing, development, and infrastructure, they will find it harder to oppose or object to governance regimes that favor Chinese interests.

Naturally, the strategy emphasizes domestic initiatives and a commitment to a strong, domestic high-tech industry. This would include the “Made in China 2025” plan, which has received a great deal of attention. The plan seeks to comprehensively upgrade and reform Chinese industry, with an emphasis on information technology.11

When considering deterrence in the Chinese understanding, it is important to remember that China approaches it from a different context than the United States. Jacqueline Deal noted that China’s basic outlook proceeds from the premise that the “natural state of world is one of conflict and competition, and the goal of strategy is to impose order through hierarchy.”12 While Americans understand deterrence as a rational calculation, the Chinese approach emphasizes the conscious manipulation of perceptions.

Indeed, the Chinese term weishe, which translates as “deterrence,” also embodies the idea of “coercion.” We might see examples of this understanding by China’s historic use of “teaching a lesson” to lesser powers. In the 20th Century, Chinese offensives against India and Vietnam – thought by many in the West to be an example of tragic misunderstanding and failed signaling of core interests – might be better thought of as attempts by China to secure its “rightful” place atop the regional hierarchy. It is a form of “lesson teaching” that has long-term deterrent effects down the road.

We can expect therefore that cyberspace would become one means among many that China will use in support of its “Three Warfares” (public opinion, media, legal) concept in support of its larger deterrent or compellence strategies. It will likely be much broader than the use of PLA SSF forces, and could include cyber-enabled economic strategies, financial leverage, and resource withholding.

LCDR Jake Bebber is a cryptologic warfare officer assigned to the staff of Carrier Strike Group 12. He previously served on the staff of U.S. Cyber Command from 2013 – 2017. LCDR Bebber holds a Ph.D. in public policy. He welcomes your comments at: jbebber@gmail.com. These views are his alone and do not necessarily represent any U.S. government department or agency.

1. Available at: http://www.newsweek.com/cia-chinese-moles-beijing-spies-577442

2. Dean Cheng (2017). Cyber Dragon: Inside China’s Information Warfare and Cyber Operations. Praeger Security International.

3. Cheng 2017.

4. John Costello and Peter Mattis (2016). “Electronic Warfare and the Renaissance of Chinese Information Operations.” in China’s Evolving Military Strategy (Joe McReynolds, editor). The Jamestown Foundation.

6. Joe McReynolds, et. Al. (2015) “TERMINE ELECTRON: Chinese Military Computer Network Warfare Theory and Practice.” Center for Intelligence Research and Analysis

7.  Barry D. Watts (2014) “Countering Enemy Informationized Operations in Peace and War.” Center for Strategic and Budgetary Assessments

8. Timothy L. Thomas (2013) “China’s Cyber Incursions.” Foreign Military Studies Office

9. See: http://www.atimes.com/article/chinas-evolving-cyber-warfare-strategies/

10. See: http://news.xinhuanet.com/english/china/2017-03/01/c_136094371.htm

11. See: https://www.csis.org/analysis/made-china-2025

12. Jacqueline N. Deal (2014). “Chinese Concepts of Deterrence and their Practical Implications for the United States.” Long Term Strategy Group.

Featured Image: The Center for Nanoscale Materials at the Advanced Photon Source. (Photo: Argonne National Laboratory)

Standing Up the NIWDC with CAPT John Watkins

By Sally Deboer

CIMSEC was recently joined by Captain John Watkins, the first commanding officer of  the Naval Information Warfighting Development Center (NIWDC). Read on to learn about this new command’s role in shaping the U.S. Navy’s information warfighting skills and capabilities.

SD: We are joined by CAPT John Watkins, the first commanding officer of the newly opened Naval Information Warfighting Development Center. It is truly an honor to have you here. Before we begin, can you share a bit about yourself and your background?

JW: Thanks first and foremost for having me, it’s an honor for me as well. I came into the Navy in 1992 as a Surface Warfare Officer and completed various tours in engineering. I did that for roughly five years and really enjoyed it, but subsequent to those tours I attended the Naval Postgraduate School in Monterey, California where I achieved a Master’s degree in IT Management during which time I laterally transferred into the space and electronic warfare community. A few years transpired and that community was subsumed into the information professional community that we know of today, which comes with the 1820 designator.

Since being an IP, I’ve had multiple operational and staff tours, to include XO of USS Coronado, serving as N6 and Information Warfare Command on Expeditionary and Carrier Strike Group Staffs, and as the N6 on a Numbered Fleet staff. Staff tours have included time on the OPNAV and SURFACE FORCES staffs. I’ve been very fortunate and blessed to have had multiple command tours including NAVCOMTELSTA San Diego, Navy Information Operations Command Texas, and now just recently, my assignment here at the Naval Information Warfighting Development Center.  

SD: Let’s kick off by introducing our readers to your new command. Initial operating capability for the NIWDC was declared on 27 March 2017. Could you please explain the role of this warfighting development center, and specifically the mission of the NIWDC within the information domain?

JW: Like the other warfighting development centers (WDC), we are all focused on four primary lines of operation. First, we’re concerned with enhancing advanced level training. As you can imagine, in terms of NIWDC, that entails all of our information-related capabilities. The advanced level training for our units and forces in the fleet occurs at the latter stages of the optimized fleet response plan (OFRP). We’re heavily invested in that along with our fellow WDCs.

The second line of operation is the development of doctrine that allows us to achieve that advanced level of proficiency – doctrine including tactics, techniques, and procedures (TTPs), standard operating procedures (SOPs), higher level Concepts of Operation (CONOPS), or as necessary, revisions to Naval Warfare publications.

The third line of operation is to cultivate and develop a subject matter expertise known throughout all the WDCs as a ‘warfare tactics instructor’ or WTIs. Other WDCs have WTIs in place today, for example, the model that has been around longest is the Naval Aviation WDC, “Top Gun,” associated with advanced tactics for jet fighting, air-to-air combat, etc. What we want to do here at NIWDC is to build out our own WTI pipeline, which I think of as the “Information Warfare Jedi Knights” of the future; we’ll have quite a few WTI pipelines, as we have a broad spectrum of capabilities.

Last but not least, we’ll have an organic assessments capability built into the command which allows us to, in an OODA loop fashion, assess our advanced level training capabilities, our TTPs and SSPs, and our doctrine as we bake it into our training pipeline and processes, ensuring it is delivering optimal IW warfighting effects. Those are the four lines of operation that were promulgated to the WDCs, directed by the Chief of Naval Operations, in 2014.

SD: The traditional warfare Type Commanders (Air, Surface, Undersea) have established their own warfare development centers, as you mentioned. Given that IW is a critical enabler of other warfare areas, how do you envision the NIWDC interacting with the other warfare development centers? What key IW concepts and understandings should be incorporated by other communities?

JW: That’s a fantastic question. NIWDC just achieved IOC designation in late March, and the good news is that while we are the last WDC to be stood up, we already have IW community professionals, both enlisted and officer, arrayed across the other WDCs today, totaling about 150 people, who are working Information Warfare expertise into Naval warfighting. Even as we’re building up to this capability, our folks that have been embedded throughout the other WDCs have done a remarkable job laying the groundwork and foundation for us to come to fruition as the NIWDC. This is significant because the information-related capabilities that we bring to bear are so ingrained in all the other mission warfare areas of the Navy that we have to be interlinked with the other WDCs and visa-versa.

As we build up our capabilities here, we’d like to see the reciprocal detailing back and forth – where ideally we’ll have Surface Warfare Officers, Submariners, Aviators, etc., embedded and billeted to the NIWDC. That’s the future, and it’s absolutely imperative that we get to that point – to have that common back and forth day in and day out as we’re contemplating modern day warfare – it’s essential for us to understand the other warfare areas, their requirements, how our systems are interdependent, and how we have to operate in real time to optimize our overarching warfare capabilities.

SD: You recently stated, “a key objective of the NIWDC is to provide hard-hitting, fleet-relevant information warfighting effects…” Can you outline what some of those effects might be and what specific mission areas within Information Warfare (IW) they support? 

JW: I think the best way I can answer that question is to describe how we’re building out the command here today. We’ve established a headquarters staff that will manage seven core Mission Area Directorates, or what we refer to as “MADs.”

Those Mission Area Directorates include an Assured command-and-control and CyberSpace Operations MAD, a Space Operations MAD, a Meteorology MAD, an Intelligence MAD, a Cryptology MAD, an Electronic Warfare MAD, and an Information Operations MAD. Laying that all out, we can generate information warfare effects from any of those Mission Areas—but when combined, it becomes extremely optimal. It’s the traditional ‘sum of the parts’ principle.

As we develop our organization here, another big effort we’re putting into play in the larger Navy is the Information Warfare Commander construct, which is an organization led by a fully board-screened senior Information Warfare Community Captain (O-6). I’ll describe the construct at the tactical level for now because I think it will be the best way to articulate where we’re headed in employing our model. On a Carrier Strike Group (CSG) staff, for example, we have the Information Warfare Commander (IWC)—again, that board-screened IW Community Captain, who is providing leadership and oversight on core IW mission areas run by the N2 Intelligence Officer, the N39 Cryptologic Officer, the N6 Communications officer, and to the extent where we can get it into play, the Meteorological officer, who at the end of the day, all work for this O-6 IWC. The entire IWC organization works for the Carrier Strike Commander similar to a Destroyer Squadron or Carrier Air Group Commander.  

Where the synergistic effect really comes in is in information operations planning. If you think across typical phased wartime planning scenarios, the folks that are sitting down at the table in the IWC organization bringing their skills and attributes to the team while enabling holistic planning across all phases of warfare, achieve tremendous synergy and total awareness of the  interdependencies and linkages across their mission areas. This powerful effect cannot be overemphasized. Planning in individual stovepipes, i.e. within traditional N Head silos like the N2, the N39, N6 or Meteorology, is counterproductive in today’s modern warfare continuum. It’s essential that planning along these lines factors in and accounts for the coordination and integration of needs and requirements of our fellow Composite Warfare Commanders. When done correctly, we give our collective Navy team every advantage possible to win when we need to. Suffice it to say, I’m very excited about where we’re headed and how we’re going to make our phenomenal Naval warfighting prowess even better!

SD: There seems to be growing agreement that in future conflict, naval forces will not enjoy undisputed access to the electromagnetic spectrum. How will naval information warfare capabilities enable distributed operations when the spectrum required for C4ISR is being, denied, degraded, disrupted and subject to deception operations?

JW: That’s another great question that we are constantly focused on. We all acknowledge the fact that in modern warfare scenarios, the likelihood that we will have denied or degraded communications is a given. Frankly, it’s almost no longer an assumption—it’s reality. Simply put, we need to be able to retain organic capabilities as much as possible wherever we are, so that if we lose the link back to the beach, we can still function and fight.

To that end, we’ve got to be able to train, operate, and be proficient in fighting in those types of scenarios. We’re all about getting at that advanced level of necessary training here at the NIWDC.

SD: How do you propose addressing the acquisition and fielding of new information technology (cyber/EW/IW) and developing TTPs under the current DOD acquisition system?

JW: Acquisition is an evolving process, and I think acquisition reform surfaces quite frequently anytime we talk about the dynamics of advancing IT. The rate of advancement in technology is astounding, and the acquisition process needs to be agile enough to keep pace. To that end, we’ve looked for creative and innovative ways within our acquisition process to accelerate and expedite systems that facilitate IW warfighting effects and we need to continue doing so. NIWDC participates in many experimentation and innovation venues that help facilitate that speed-to-fleet dynamic and we’re excited to be a partner in those efforts.    

To your question about the TTPs and SOPs – when we introduce new tech to the fleet, it is important that we have TTPs and SOPs built into them from day one. We’ve got to be able to deliver a product that comes with robust training behind it so that when it’s delivered to the fleet, our sailors can put it into immediate effect. The TTPs and SOPs that accompany that capability need to be solid enough out of the gate so that we achieve immediate success from day one of fielding.  

On top of that, what I want to achieve at the NIWDC is the ability to refine and tweak TTPs and SOPs at a high rate – what I call the “wash, rinse, repeat” approach. There’s no reason we can’t take those TTPs and SOPs, have sailors put them into effect, provide their feedback to us if they’re not quite right and suggest course corrections, then update those on a continuous, OODA-loop basis until we have delivered optimal doctrine.

SD: Our adversaries approach the information space (IW/EW/cyber) holistically, blending electronic and information warfare with cyberspace operations, psychological operations, deception – and conduct these operations across all elements of national power (diplomatic, economic, legal, military, information). What steps are you taking to ensure the Navy is developing information warfare strategies, operational concepts, and TTPs that cut across all elements of national power?

JW: I’ll give you an example – that’s the best way I can answer this question – it’s a great question, but one you could spend an hour answering. Earlier in our discussion, we talked about the IWC construct. I’m a firm believer that if we get that instituted correctly and make it a robust organization with the goal of delivering those optimal IW effects that it will serve as the bedrock going forward across the Navy enterprise. We’ll look to institute that construct, as applicable, by using that optimized model at the tactical level and building out from there to implement at the operational and strategic levels.

Back to the point about our adversaries – when they’re exploiting all this goodness and delivering their effects, they are planning across the DOTMPLF (doctrine, organization, training, materiel, leadership and education, personnel and facilities) spectrum. We must do the same thing with our IWC Construct. At the NIWDC, in partnership with IFOR, this is one of our tasks – to perform this DOTMPLF analysis that will codify the IWC construct. We’ve been tasked by Fleet Forces Command and PACFLT to do just that – this will be one of our top objectives in the first years here at the NIWDC – to ensure we’re setting ourselves up for success for decades to come.

SD: Last but not least – if our listeners are new to information warfare, can you suggest any resources or reading materials that could help the less tech-inclined among us become more familiar with the domain and more ready to address its unique challenges?

JW: There are so many great reference materials, but perhaps the quickest way to answer that is to recommend your readers and listeners go to our command website and InfoDOMAIN, or our Navy News Web page or Facebook page. We have a lot of good products posted there – that would be a great start. We have some items posted there that are specific to the NIWDC, so if your readers want more information or a summary, they can find it there as well.

SD: Thank you so much for your time today, CAPT Watkins. It’s truly been an honor speaking with you, and we thank you for taking time out of your busy schedule to help educate us on your new command and the role of IW in the Navy and DoD going forward. We hope you’ll join us again sometime. 

Captain John Watkins is a native of California, where he went on to graduate from the NROTC program at the University of San Diego obtaining his commission in 1991. He joined the Naval Information Warfighting Development Center as the commanding officer in March of 2017.

Sally DeBoer is an Associate Editor with CIMSEC, and previously served as CIMSEC’s president from 2016-2017. 

Featured Image: Chief Fire Controlman Daniel Glatz, from Green Bay, Wisconsin, stands watch in the combat information center aboard the Arleigh Burke-class guided-missile destroyer USS John S. McCain (DDG 56). (Alonzo M. Archer/U.S. Navy)

Sea Control 133 – Hacking for Defense with Chris Taylor

By Matthew Merighi

Join the latest episode of Sea Control for a conversation with Professor Chris Taylor of Georgetown University to talk about the Hacking for Defense (H4D) movement. Pioneered by Stanford Professor Steve Blank, H4D is bringing Silicon Valley’s innovation ethos to combat national security challenges. Chris takes us through the defense innovation ecosystem, the partnerships which support it, and how H4D is becoming a fixture in university classrooms.

For those interested in learning more about H4D and the Silicon Valley principles which guide it, Chris recommended the following resources:

Download Sea Control 133 – Hacking for Defense with Chris Taylor

The transcript of the conversation between Chris Taylor (CT) and Matthew Merighi (MM) begins below. Special thanks to Associate Producers Roman Madaus and Ryan Uljua for helping produce this episode.

MM: As I mentioned at the top I’m here with Professor Chris Taylor of Georgetown University and a member Hacking for Defense. Professor Taylor, thank you very much for being with us on Sea Control today. Now as is Sea Control tradition, Professor Taylor, please introduce yourself tell us a little bit about your background and how you got to be where you are right now.

CT: I spent 14 years in the Marine Corps as an enlisted infantryman and force recon. I finished undergrad at night. I went to night school my last three years. I left the Marine Corps and went to business school at the College of William and Mary where I earned an MBA and worked for five years after that. I went back to school at the Harvard Kennedy School where I earned an MPA in political economy and international security. I’m a two-time defense industry CEO and as you mentioned I’m an adjunct professor of national security studies at Georgetown University.

MM: You obviously have a very broad array of different experiences both in the military, outside of it, leading businesses, but also a very diverse educational background. What were the key decision points in your life as you were building your career and your educational background that guided you on the path which you eventually went down?

CT: I spent 14 years in the Marine Corps. I wanted my bosses’ job at the time I was a staff sergeant. My boss was a Major. When I did the reverse math, I would have had to have spent 10 more years to get promoted to Major just to have that job. As I evaluated all of the fantastic experiences that I had in the Marine Corps and what it had done to develop me as a leader, I thought maybe there was a different way and I wanted a way to push my Marine Corps experience through some sort of framework. I chose business school. I don’t regret that at all, it was fantastic. I loved every minute of my 14 years in the Marine Corps but I loved business school. I had a fairly easy transition to school, I got out, worked for five years in the private sector and then decided with the same formula; I had five years of experience and I didn’t know what framework to push it through to get the most of out it or contribute the most with it. So I went back to grad school at the Kennedy School. I was very fortunate. I had fantastic classmates, fantastic professors. Secretary Ash Carter was actually my adviser. So I had access to brilliant national security minds helping me think through how my experience would allow me to contribute further. That led me to leading some businesses that were successful and now I’ve dipped my toe into the teaching part of life to see how my experiences could help push forward the next few generations of national security leaders. That’s how we got to be on the phone today.

MM: Let’s talk a bit about the educational piece. I have here on the hacking4defensegu.com general info page a class titled “SEST-701 Hacking for Defense: Solving National Security Issues with the Lean Launchpad,” which I kind of understand as a man with a security and startup background. Walk us through this title. What exactly is Hacking for Defense and why is the Lean Launchpad a part of solving national security issues?

CT: Hacking for defense was a name that came along with the package when I was first asked to participate. Most people when they hear it only think it’s about cyber; that’s not true. Think about it in the way you’d think of life hacks: easy and quick ways to get things done which result in great benefit. The Lean Launchpad is a class that legendary Silicon Valley entrepreneur Steve Blank has been teaching which is basically about how to create and run a startup. It came through a series of conversations that happened out at Stanford where Steve was teaching this with Pete Newell who is a retired Army Colonel and Joe Felter, also a retired Army Colonel. The thought was “how do we apply the Lean Startup methodology to national security challenges?” MD5, which is the national security technology accelerator at National Defense University run by [Adam] Jay Harrison, is the U.S. government proponent for the entire education program. I’ve known Pete and Joe for a number years and when they decided they were going to syndicate the class to universities across the country I raised my hand and said I wanted to bring it to Georgetown. We’re about to close out our first Hacking for Defense class on May 1.

MM: So this is just the first iteration of it?

CT: It’s the first iteration at Georgetown. Stanford begun their second iteration. There are others at U.C. San Diego, Boise State, University of Pittsburgh, and James Madison University.

MM: So the model is proliferating across different universities but it is still very new. Now that you are finishing your first session, from the feedback you’ve gotten from Professor Blank and the other institutions, how has the course been going so far? What have been the things that you expected and what has surprised you?

CT: First and foremost, the most exciting thing is that I have nothing but complete confidence in our graduate students across the country to solve national security problems going forward. Our class has been nothing less than stellar. They are smart, they are committed, they work well in teams, they’ve been doing lots of discovery. And they’ve been doing a lot to solve problems. It’s fantastic. The second thing is that what we’ve learned is that when you allow students to self-organize into diverse teams around a problem, you get exponentially better results than if you assigned them to a team and then assigned them a problem. We’re very clear that self-organization leads to the best outcomes. One of the amazing things about the Hacking for Defense class is that it’s actually a team of teams. The center is the student. Surrounding them are the teaching team: myself and Army Lieutenant Colonel Matt Zais, who is the Deputy Director of the Strategic Initiatives Group at U.S. Army Cyber Command, and my teaching partner.

Then we have a series of corporate partners. Companies like SAIS, Amazon Web Services, SAP National Security Solutions, and many others come every class to support the student teams if they get to a point where their problem-solving requires a specific resource, an engineering resource for instance, an instance in a cloud environment, or mentoring for how to think about a problem. We also have mentors who bring experience in the national security ecosystem and in business that they contact to discuss their problems and think differently. And then we have military and intelligence community liaisons. These are active duty military and people currently serving in the intelligence community who can ensure that these teams can reach out to people within the organizations they are working with, which we call their problem sponsors, to elicit as much information as they can to help solve the problem they have.

This semester, we are working on four problems. One is from Special Operations Command: it’s a cross-domain solution. The next is how to use augmented reality to help military and intelligence personnel see bad guys in unstructured crowds. The next one is a social media problem: how do we use social media from an information warfare perspective to better understand what our adversaries might be doing with social media against us. We also have a counter-drone problem. It’s all the rage; everyone is writing about counter-drone. We have a team that’s working on how to use low-cost solutions to counter drones, particularly drones you might see ISIS flying.

MM: That’s a really broad array of different topics. You mentioned at the top that this isn’t just about cyber but a very broad set of challenges. I’m curious about the people who are self-organizing in these teams, since I imagine this is offered through the Security Studies Program, correct?

CT: That is correct. The Security Studies Program (SSP) is where I teach. Bruce Hoffman and Dave Maxwell have given us exceptional support to continue doing this.

MM: In terms of the students who are in these teams, do they have technological backgrounds? Are they primarily ex-military or current intelligence officers? What are the demographics of the people participating in this?

CT: All of the above. We have tech folks. We have former and current military folks. We have data analytics folks. We have linguistics folks. We have policy folks. And then of course we have the SSP folks. The course is open to all schools and all programs across Georgetown University and next year we’re going to open up Hacking for Defense to all graduate schools and graduate programs in the National Capital Region. So instead of solving four problems next year we’re going to solve 40 problems. A bit ambitious and it keeps us moving but if we want to start to develop the capability to solve problems quickly, effectively, and cost-effectively, then there is no better group of talent than America’s graduate students to be able to help us do that. That’s why we are trying to expand it the way that we are.

MM: So this course will be open to everyone in the National Capital Region starting next year which, as a person who currently works in academia, I know that getting even simple things like cross-registration agreements handled can be a challenge, so best of luck to you as you navigate those minefields on the bureaucracy side; but it’s really exciting that so many people are getting engaged. The other method of engagement that I’ve noticed is that you livestream all of the lectures for this course, correct?

CT: Every class session is livestreamed on Twitter @h4dgussp and also on our Facebook Hacking4DefenseGeorgetown. Every week we put it out there. It’s kind of like our own national security reality TV show. We put it out there because we want people to see the quality of students that we’re attracting to this class and the difficulty of some of the problems that they’re working on because, quite frankly, for many of these students this is a 13-week job interview. Many of our corporate partners have reached out to our students and said “look, when this is done I’d really like to speak to you about this” and that’s because they’re doing it well. They’re digging in, they’re becoming better problem solvers, they’re becoming better team members, and they’re leveraging everything that they’ve learned in graduate school and everything they haven’t learned yet. They are learning on the fly to solving the particular problem they are working on.

MM: So you’ve seen firsthand the positive feedback loop of the organizations supporting the course wanting to continue getting access to the students and looping them into their own work.

CT: I just spent last Friday with one of our sponsors, OGSystems in Chantilly, Virginia where the CEO and two other executives sat us down and said “we want to be part of this forever.” And the reason is because we get to see some of the problems plaguing national security but the most interesting thing is that the talent sitting in that classroom is unbelievable. We have not seen that in any other classroom environment and so they, admittedly selfishly, want to find out how to hire the very best students out of Georgetown to become part of their companies. We’re ecstatic about that.

MM: Definitely. That’s always the concern, as a recent grad school graduate; the top of mind concern for those going through their final exams right about now. I’m curious that you have OGSystems and all of these other corporate partners and the military and intelligence liaisons. How did you go about building this diverse, multi-stakeholder team? It couldn’t have been easy to sell organizations, especially ones that aren’t as used to working with the military or with Georgetown in getting involved with this very ambitious, very unique program.

CT: It was a little bit of everything. A lot of it came from my own personal network from being involved in the business of national security for so long. Certainly the folks at Stanford at Hacking for Defense Incorporated (H4DI) were very helpful in introducing us to different folks who wanted to be involved. I’ve gotta be honest with you: it’s not a difficult sell. This is the coolest class being taught. If you’re any type of international relations, national security, diplomacy, government, or business geek at all this is the coolest class being taught anywhere. So it’s not a hard sell. But we want to get the right people involved because there are investors in the classroom as well. At the end of the day, if there’s a “there” for the solution that the student teams have come up with, either the government will give them some money to continue their work or they’re going to start a company and they’re going to get venture money to get it going. There’s nothing else like this happening around the country right now.

MM: What is the next step for Hacking for Defense, the course you in particular are teaching, besides expanding it to the other schools in the National Capital Region? What do you see as the vision for where you want this very unique and clearly very successful business model to go?

CT: I’m involved on the education side, so I want to continue working with the Hacking for Defense and H4DI folks out in Palo Alto and also with MD5 to make sure we can leverage all of the talent in the National Capital Region. There’s 16 different universities in the National Capital Region consortium and we want to take advantage of all of that graduate school talent across all of the schools and programs against the hard problems our problem sponsors are giving us. What we’re coming to find is that now there’s international interest. Oxford University has interest in forming a partnership at Georgetown. I know that the NATO representative at the Pentagon for Strategic Transformation, General Imre Porkoláb, is all over trying to bring this to NATO. From an education perspective, Georgetown will play a role in the National Capital Region. From an enterprise-wide perspective, a company out in Palo Alto called BMNT has the lead on bringing the Hacking for Defense methodology into government offices, corporations, and friendly and allied militaries. So there’s a corporate and commercial side to this with BMNT and there’s an education side and that’s H4D.

MM: And for the people who are out there, whether they are currently in the Fleet or listening to our partners at the University of Kiel in Germany or down in Australia, what would you recommend for ways for those people to get involved or to learn about your organization?

CT: First, I’m glad you mentioned Australia. One of our mentors for Hacking for Defense at Georgetown is a gentleman by the name of Jamie Watson and he is an Australian military liaison for innovation and technology. He’s actually helped bring Hacking for Defense to the Australian military already. So if you’re out in Australia, we’re coming to a base near you. BMNT is bringing it out there. If you are a member of the military or intelligence community and you have a particularly difficult problem and you don’t have the capacity to solve it yourself, they should go to H4DI.org and register as a problem sponsor. Darren Halford who runs H4DI.org will help them curate the problems and then get it in to the hands of the right university who can help them solve the problem. We want as many problems as the national security ecosystem can give us and we want to put as many talented graduate students against them as we can. But it has to start with a problem. So for anyone who has a challenge they want looked at, they should go to H4DI.org and start the process.

MM: Obviously the program sponsors and liaisons are very helpful for building this Hacking for Defense system but there are other innovation initiatives happening within the defense community or outside of it. What other organizations have you been working with and what sort of support, whether it’s financial or advocacy or guidance, have you been getting from outside the Hacking for Defense Initiative?

CT: Everyone has been supportive. [Defense Innovation Unit: Experimental] DIUx has been fantastic to us. The Defense Innovation Board has been very involved; Josh Marcuse and Aaron Schumacher from the Defense Innovation Board have been exceptionally supportive of us. The Defense Entrepreneur’s Forum (DEFx), run by Jim Perkins and Ben Taylor, have been all over us. They serve as mentors for us, they get the word out to the innovation community. They very much welcome this new thing into their innovation meadow and we all try to help each other make progress together. I can’t say enough about the Defense Innovation Board, DIUx, the Defense Entrepreneurs Forum, and the Vice Chairman of the Joint Chiefs of Staff General Selva’s office has been exceptionally supportive. And of course our friends at MD5: Jay Harrison, Joe Schuman, and Libbie Prescott have been fantastic to us, as has everyone out at Stanford. It’s a rockstar crew and we couldn’t be happier to be working with all of them.

MM: As you approached these organizations for the first time, were they receptive right off the bat and wanting to work on partnerships and provide support or was it something that you need to sell?

CT: It was not a difficult sell but I’ll tell you what sold everybody is inviting everybody to our opening class at Georgetown. We had 20 students but 113 people in the classroom. And they were all curious about how this Hacking for Defense program was going to work. At the end of the class, everyone was on board. We have routinely 80 people in the classroom every week for 13 weeks working on helping us get better. The corporate partners are fantastic, too. They step up every time. Once the different islands of innovation, like DIUx and Defense Innovation Board, saw it? Sold. It was kind of like finding a kindred spirit in the national security innovation wilderness.

MM: It’s very interesting what you’re working on but we’ve started to reach the end of our interview. As is Sea Control tradition, from time to time, I want to know more about what you’re reading. What things have you been reading recently that will either help the audience learn the ideas behind Hacking for Defense or even unrelated topics?

CT: Since we’re still in the semester, I am focusing on the books that we are using for Hacking for Defense. One of them is called Value Proposition Design by Alex Osterwalder. Steve Blank’s book The Startup Owner’s Manual is one of our texts and it is fantastic. His other book, Four Steps to the Epiphany, is also great. As I mentioned before, it’s important for students to understand how to better have conversations and elicit information so Talking to Humans is a great book. Personally, I just finished Ed Catmell’s book Creativity, Inc which was just amazing to me. I thought it was one of the best books on not only business management but also on how to think through problems. For national security stuff, I’ve become addicted to the Cypher Brief. They do really smart stuff by really smart people. It’s different from what everyone else is doing. I read it every morning.

MM: Everything you’re working on is wonderful. It’s exciting to me personally. I may go down the hall tomorrow when everyone is back to work after Patriot’s Day and talk to the people at the Security Studies Program at Fletcher about maybe trying to start a course like this. Thank you very much for the work you’re doing on behalf of the nation and world security. Thanks for being on Sea Control today.

CT: It’s absolutely my pleasure. Thank you.

Chris Taylor, a global business leader and entrepreneur, is a two-time national security industry CEO. A veteran of 14 years in the Marine Corps, he has an MBA from the College of William & Mary and an MPA from the Harvard Kennedy School of Government. Chris serves as an adjunct associate professor of national security studies at Georgetown University’s School of Foreign Service Security Studies Program where he teaches “The Business of National Security” and “Hacking for Defense.”

Matthew Merighi is the Senior Producer for Sea Control. He is also Assistant Director of Maritime Studies at the Fletcher School at Tufts University and CEO of Blue Water Metrics.

The Threat, Defense, and Control of Cyber Warfare

NAFAC Week

By Lin Yang Kang

The Internet has grown phenomenally since the 1990s and currently has about 3.5 billion users who make up 47 percent of the world population.1 Out of the 201 countries surveyed, 38 percent have a penetration rate of at least 80 percent of its population.2 The ubiquity and reliance on cyberspace to improve the efficiency and capability of government, military, and civilian sectors lead to the Internet of Things (IOT) for day-to-day operations and in this pervasiveness of the use of Internet lies the potential for devastating cyber-attacks.

This paper seeks to discuss the crippling effects and dangers of cyber-attacks and outline the defensive responses against and control of cyber warfare.

The lethality, and hence appeal of cyber warfare, lies in its asymmetric3 and stealthy nature. Little resource, such as teams of experienced hackers, is required to render a disproportional amount of devastating damage to the core and day-to-day operations of both the government as well as the military. Unlike conventional warfare where a military build-up and transportation of resources are tell-tale signs of preparation, cyber-attacks can be conducted without warning. In this regard, it is akin to covert operations, such as the use of Special Forces or submarines, with added advantage of not exposing soldiers to the risk of harm. Coupled with the inherent difficulty in pinpointing attribution,4 subjects of a cyber-attack are left with the choice of either doing nothing except to try to recover or to retaliate against the suspected attacker without concrete proof and lose moral high ground, neither of which is optimal.

An example of a well-coordinated attack demonstrating the covert nature of cyber warfare occurred in 2007 when the Estonian government and government-related web-services were disabled.5 Though no physical damage was inflicted, it created widespread disruption for Estonian citizens. While Russia was the suspected perpetrator, it was never proven or acknowledged. In 2010, it was discovered that Iranian nuclear centrifuges that are responsible for enriching uranium gas had been infected and crippled by a malware, codenamed “Stuxnet.”This successful insertion of this malware effectively set the Iranian nuclear program back for a few years and demonstrated an effective and non-attributable way7 to pressurize if not exert will without the use of military might as it achieved what the United Nations Security Council (UNSC) had hitherto failed to do, i.e., curtail the development of nuclear weapons by Iran.

The above examples illustrate the potential damage of small-scale and limited cyber-attacks. Extrapolating from these examples, it is conceivable that the damage from a successful large-scale cyber-attack on a well-connected country that relies heavily on IOT can range from disruption of essential services, crippling confusion and even operational paralysis of both government and the military. For the government, a cyber-attack across every essential means and aspects of daily living including but not limited to destruction of financial data, records and transactions, forms of travel, communication means, and national power grid create chaos and confusion resulting in psychological shock that will in turn sap the will and resilience of the citizens. For the military, the irony is that the more modern and advanced a military is with its concomitant reliance on technology and network centric warfare, the more vulnerable it is to a potential cyber Pearl Harbor attack that will render its technological superiority over its adversary impotent. Given the symbiotic relation between the government and the military, a successful simultaneous cyber-attack on both government and the military can achieve Sun Tze’s axiom that the supreme art of war is to subdue the enemy without fighting.

Given its unique nature and unmatched demonstrated potential for lethality, it is understandable the attractiveness of cyber warfare as an instrument of choice for all players, both state and non-state actors and even individuals. As with all other forms of warfare, the need for defense against should be proportional to the threat. It is a game of cat and mouse,8 where hackers seek to find security vulnerabilities while defenders attempt to patch them up as soon as they are exploited and redirect the attackers to digital traps, preventing them from obtaining crucial information or cause damages. Specialized cyber warfare military branches have been formed in many countries, and extensive cyber defensive measures and contingency plans are being developed by government, military, and civil sectors of states. Through inter-cooperation, potential attacks could be resolved in the shortest time possible and minimize disruption, while preventing future attacks. As the world begins to witness the increasing use of cyber warfare as a weapon, cyber-attacks may not be as easy to conduct as before as states that understand the lethality of such attacks seek to safeguard their nation.9

Beyond defense at the national level, there is a lack of well-defined norms on the rules of cyber warfare as the international law community is still interpreting how current law of war can apply to cyber warfare. Recently, Tallinn Manual 2.0 was published by NATO’s Cooperative Cyber Defence Centre of Excellence (CCDOE) and is to date the most detailed study of how existing international laws can govern cyber operations.10 However, it currently serves as a reference and is non-binding. It is crucial for nations to iron out the rules for cyber warfare together and abide by it, ensuring that it will not affect the lives of civilians and minimize potential damages to non-military installations by cyber-attacks and cyber warfare.

Cyber warfare is a real and growing threat which has the potential to create disruption that the world has yet to witness. As nations become even more reliant on cyberspace as it ventures into automation and smart cities, they need to invest adequately in cyber defense and ensure that this new frontier is well-guarded. Apart from dealing with it domestically, on an international level, rules of cyber warfare need to be clarified and be abided by the international community to safeguard civilians. Cyber warfare may be threatening, but if the international community abides by clarified rules of cyber warfare and has sufficient cyber defensive measures established, the potential devastation caused by cyber-attacks could be minimized.

Yang Kang is a naval officer from the Republic of Singapore and a freshman at the Nanyang Technological University (NTU) in Singapore currently studying Electrical and Electronics Engineering. Before attending NTU, Yang Kang underwent midshipman training in Midshipman Wing, Officer Cadet School of the Singapore Armed Forces and was appointed Midshipman Engineering Commanding Officer during the Advanced Naval Term, his final phase of training.

Bibliography

Barker, Colin. “Hackers and defenders continue cybersecurity game of cat and mouse.” ZDNet. February 04, 2016. Accessed March 28, 2017. http://www.zdnet.com/article/hackers-and-defenders-continue-cyber-security-game-of-cat-and-mouse/.

Davis, Joshua. “Hackers Take Down the Most Wired Country in Europe.” Wired. August 21, 2007. Accessed March 21, 2017. https://www.wired.com/2007/08/ff-estonia/.

Geers, Kenneth. Strategic cyber security. Tallinn: NATO Cooperative Cyber Defence Centre of Excellence, 2011.

Zetter, Kim. “An Unprecedented Look at Stuxnet, the World’s First Digital Weapon.” Wired. November 03, 2014. Accessed March 21, 2017. https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/.

“Cyber Warfare Integral Part of Modern Politics, New Analysis Reaffirms.” NATO Cooperative Cyber Defence Centre of Excellence. December 01, 2015. Accessed March 15, 2017. https://ccdcoe.org/cyber-warfare-integral-part-modern-politics-new-analysis-reaffirms.html.

“Global Cybersecurity Index & Cyberwellness Profiles Report.” April 2015. Accessed March 23, 2017. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-SECU-2015-PDF-E.pdf.

“NATO presents the Tallinn Manual 2.0 on International Law Applicable to cyberspace.” Security Affairs. February 05, 2017. Accessed March 25, 2017. http://securityaffairs.co/wordpress/56004/cyber-warfare-2/nato-tallinn-manual-2-0.html.

“Internet Users by Country (2016).” Internet Users by Country (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users-by-country/.

“Internet Users.” Number of Internet Users (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users/.

“The Asymmetric Nature of Cyber Warfare.” USNI News. February 05, 2013. Accessed March 20, 2017. https://news.usni.org/2012/10/14/asymmetric-nature-cyber-warfare.

“The Attribution Problem in Cyber Attacks.” InfoSec Resources. July 19, 2013. Accessed March 25, 2017. http://resources.infosecinstitute.com/attribution-problem-in-cyber-attacks/#gref.

1. “Internet Users.” Number of Internet Users (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users/.

2. “Internet Users by Country (2016).” Internet Users by Country (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users-by-country/.

3. “The Asymmetric Nature of Cyber Warfare.” USNI News. February 05, 2013. Accessed March 20, 2017. https://news.usni.org/2012/10/14/asymmetric-nature-cyber-warfare.

4. “The Attribution Problem in Cyber Attacks.” InfoSec Resources. July 19, 2013. Accessed March 25, 2017. http://resources.infosecinstitute.com/attribution-problem-in-cyber-attacks/#gref.

5. Davis, Joshua. “Hackers Take Down the Most Wired Country in Europe.” Wired. August 21, 2007. Accessed March 21, 2017. https://www.wired.com/2007/08/ff-estonia/.

6. Zetter, Kim. “An Unprecedented Look at Stuxnet, the World’s First Digital Weapon.” Wired. November 03, 2014. Accessed March 21, 2017. https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/.

7. The United States and Israel were allegedly responsible for this cyber attacked but as with the Estonian example, it was never proven or acknowledged.

8. Barker, Colin. “Hackers and defenders continue cybersecurity game of cat and mouse.” ZDNet. February 04, 2016. Accessed March 28, 2017. http://www.zdnet.com/article/hackers-and-defenders-continue-cyber-security-game-of-cat-and-mouse/.

9. “Global Cybersecurity Index & Cyberwellness Profiles Report.” April 2015. Accessed March 23, 2017. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-SECU-2015-PDF-E.pdf.

10. “NATO presents the Tallinn Manual 2.0 on International Law Applicable to cyberspace.” Security Affairs. February 05, 2017. Accessed March 25, 2017. http://securityaffairs.co/wordpress/56004/cyber-warfare-2/nato-tallinn-manual-2-0.html.

Featured Image: U.S. sailors assigned to Navy Cyber Defense Operations Command man their stations at Joint Expeditionary Base Little Creek-Fort Story, Va., Aug. 4, 2010. NCDOC sailors monitor, analyze, detect and respond to unauthorized activity within U.S. Navy information systems and computer networks. (U.S. Navy photo by Petty Officer 2nd Class Joshua J. Wahl)