|
|
|
Sort Order |
|
|
|
Items / Page
|
|
|
|
|
|
|
| Srl | Item |
| 1 |
ID:
192658
|
|
|
|
|
| Summary/Abstract |
Whilst NATO speaks increasingly publicly about the military use of cyber operations, adaptation to the cyber domain has reportedly been challenging for most militaries. Little research has sought to understand the nature of these challenges. This study seeks to address this gap through a case study of the Netherlands. By utilizing a range of primary and secondary sources, this article reveals that the Dutch Defense Cyber Command has faced significant constraints in its adaptation to the cyber domain, primarily due to issues related to organizational structure, operational mandate, and the availability of skills and resources. A cyber command that lacks regular opportunities for day-to-day operations and where personnel may not have continuous learning opportunities to acquire and refine their skills will encounter difficulties in recruiting, training, and retaining a proficient workforce. These findings highlight the tendency of observers to mistakenly equate the mere establishment of a cyber command with the existence of a robust military cyber capability – namely, the ability to effectively carry out and sustain a range of cyber operations for tactical or strategic purposes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2 |
ID:
188213
|
|
|
|
|
| Summary/Abstract |
What are the motivations and opportunities for arms transfer in the cyber realm? Although scholarship has failed to systematically address this question, having an accurate answer is crucial for understanding the operationalization of cyber commands and intelligence alliances, the functioning of the North Atlantic Treaty Organization in the twenty-first century, and the viability of cyber arms controls. First, this article introduces a new conceptual framework—the people-exploits-tools-infrastructure-organization (PETIO) framework—to understand the elements of an offensive cyber capability. Second, I explain how the incentives of cyber arms transfer differ across the different elements of the PETIO framework. Though exploits and tools can be effortlessly replicated, their transitory nature and potential for operational tracking means there is little incentive to actually transfer these assets. If any incentives exist for state-to-state transfer, it would be in facilitating other state actors to develop their own offensive capabilities—that is, by providing expertise, infrastructure, and organizational capacity to adapt and innovate—as this does not reduce the effectiveness of one’s own arsenal. Third, I argue that the incentives for transferring cyber effect capabilities are weaker compared to cyber espionage capabilities, and attribution dynamics add an additional layer of complexity to these transfer dynamics.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3 |
ID:
186097
|
|
|
|
|
| Summary/Abstract |
While much focus has remained on the concept of cyberwar, what we have been observing in actual cyber behaviour are campaigns comprised of linked cyber operations, with the specific objective of achieving strategic outcomes without the need of armed attack. These campaigns are not simply transitory clever tactics, but strategic in intent. This article examines strategic cyber competition and reveals how the adoption of a different construct can pivot both explanation and policy prescription. Strategy must be unshackled from the presumption that it deals only with the realm of coercion, militarised crisis, and war in cyberspace.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
ID:
161522
|
|
|
|
|
| Summary/Abstract |
Across the world, states are establishing military cyber commands or similar units to develop offensive cyber capabilities. One of the key dilemmas faced by these states is whether (and how) to integrate their intelligence and military capabilities to develop a meaningful offensive cyber capacity. This topic, however, has received little theoretical treatment. The purpose of this paper is therefore to address the following question: What are the benefits and risks of organizational integration of offensive cyber capabilities (OIOCC)? I argue that organizational integration may lead to three benefits: enhanced interaction efficiency of intelligence and military activities, better(and more diverse) knowledge transfer and reduced mission overlap. Yet, there are also several negative effects attached to OIOCC. It may lead to 'cyber mission creep' and an intensification of the cyber security dilemma. It could also result in arsenal cost ineffectiveness in the long run. Although the benefits of OIOCC are seen to outweighs the risks, failing to grasp the negative effects may lead to unnecessary cycles of provocation, with potentially disastrous consequences.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 5 |
ID:
158002
|
|
|
|
|
| Summary/Abstract |
This article examines the transitory nature of cyberweapons. Shedding light on this highly understudied facet is important both for grasping how cyberspace affects international security and policymakers’ efforts to make accurate decisions regarding the deployment of cyberweapons. First, laying out the life cycle of a cyberweapon, I argue that these offensive capabilities are both different in ‘degree’ and in ‘kind’ compared with other regarding their temporary ability to cause harm or damage. Second, I develop six propositions which indicate that not only technical features, inherent to the different types of cyber capabilities – that is, the type of exploited vulnerability, access and payload – but also offender and defender characteristics explain differences in transitoriness between cyberweapons. Finally, drawing out the implications, I reveal that the transitory nature of cyberweapons benefits great powers, changes the incentive structure for offensive cyber cooperation and induces a different funding structure for (military) cyber programs compared with conventional weapon programs. I also note that the time-dependent dynamic underlying cyberweapons potentially explains the limited deployment of cyberweapons compared to espionage capabilities.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 6 |
ID:
121242
|
|
|
|
|
| Publication |
2013.
|
| Summary/Abstract |
In the late 1990s the Dutch government under Labour minister-president
Wim Kok decided to pursue a replacement for the main strike fighter of the
Royal Netherlands Air Force (RNAF), the F-16. From very early on, there
was a strong preference for the F-35 Joint Strike Fighter (JSF). This position
has held through the subsequent seven governing coalitions, even though
the political balance on the issue has fluctuated over time. Politicians have
presented the decision to participate in the JSF development program as an
entirely separate issue from that of replacing the F-16. Every government
since 1996 has insisted in public that the one issue does not necessarily lead
to the other, even though this has become an increasingly untenable division
to maintain.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 7 |
ID:
190772
|
|
|
|
|
| Summary/Abstract |
When should states publicly attribute cyber intrusions? Whilst this is a question governments increasingly grapple with, academia has hardly helped in providing answers. This article describes the stages of public attribution and provides a Public Attribution Framework designed to explain, guide, and improve decision making of public attribution by states. Our general argument is that public attribution is a highly complex process which requires trade-offs of multiple considerations. Effective public attribution not only necessitates a clear understanding of the attributed cyber operation and the cyber threat actor, but also the broader geopolitical environment, allied positions and activities, and the legal context. This also implies that more public attribution is not always better. Public attribution carries significant risks, which are often badly understood. We propose the decision maker’s attitude towards public attribution should be one of ‘strategic, coordinated pragmatism’. Public attribution – as part of a strategy – can only be successful if there is a consistent goal, whilst the avenues for potential negative counter effects are assessed on a case-by-case basis.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 8 |
ID:
171244
|
|
|
|
|
| Summary/Abstract |
This article evaluates the implications of U.S. cyber strategy of persistent engagement for the alliance and intelligence collection. Whilst the strategy may have benefits for certain alliance relationships, I identify four potential negative consequences; loss of allied trust, disruption allied intelligence operations and capabilities, exploitability of the strategy by adversaries, and the implementation (and justification) of persistent engagement by other countries. This paper concludes suggesting several ways forward, including the creation of a new NATO-memorandum of understanding on cyber operations.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|