Aggressive Cyber Offense Questioned

RAND: Lessons of Traditional Warfare Don't Apply Online
Aggressive Cyber Offense Questioned
A military expert from a leading think tank advises the Air Force that the United States should not make strategic cyberwarfare a priority because cyber attacks are more useful in bothering, not disarming, an adversary.

"The lessons from traditional warfare cannot be adapted to apply to attacks on computer networks," writes Martin Libicki, senior management scientist at the think tank RAND Corp. and lead author of its study, Cyberdeterrence and Cyberwar, which was released Thursday. "Cyberspace must be addressed in its own terms."

Libicki says the United States should strengthen its cyber defenses and pursue diplomatic, economic and prosecutorial efforts against cyber attackers.

Cyberdeterrence and Cyberwar says most nations rely on externally accessible IT systems as a foundation of their military and economic power that are subject to cyber attacks. "Adversaries in future wars are likely to go after each other's information systems using computer hacking," Libicki says.

The study suggests that cyber warfare is ambiguous, and it's seldom evident what attacks can damage, or determine afterward what damage occurred. Plus, the report says, the identity of the enemy may be little more than conjecture, which makes it hard to know when someone has stopped attacking. The cyber attacker's motivation, especially outside physical combat, may be equally unclear, the report says.

Libicki characterizes cyber warfare's arsenal as amorphous, which eliminates using traditional approaches to arms control. Military networks have the same vulnerabilities as civilian systems because they employ the same technologies. "This is not an enterprise where means and ends can be calibrated to one another," Libicki says. "As a result, it is ill-suited for strategic warfare."

The study was prepared by RAND Project Air Force, a federally funded research and development center for studies and analysis aimed at providing independent policy alternatives for the U.S. Air Force.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.