Fluent Essays

Cyber warfare and its implications for the United States Your research paper should be minimally 10 pages (double spaced, Font - Georgia with font size 12). The research paper needs to refer to the following source ❑ Kostyuk, N., and Zhukov., M., Y. (2019). Invisible Digital Front: Can Cyber Attacks Shape Battlefield Events? Journal of Conflict Resolution, 63(2)., 317-347. (pfd version of paper is uploaded to module 4 in d2l). ❑ In addition you need to have at least 5 peer reviewed journal/book references The research needs to minimally discuss the following ❑ The relevance of cyber warfare for the United States ❑ What are some examples of possible cyber warfare scenarios where critical infrastructure could be affected ❑ Emerging technologies that can be used for cyber warfare ❑ What does Kostyuk and Zhukov (2019) address mainly in their paper? Do you agree with Kostyuk and Zhukov (2019) that cyber-attacks are ineffective as a tool of coercion in war? Ensure to explain why or why not. ❑ Future implications of cyber warfare for the United States The bibliography should be included as a separate page and is not part of the 10 page requirement. Student assignments will be run through Safe Assignment. Please ensure to check the safe assignment result prior to submitting.The research paper should include the following components. ● Title Page (Not part of the minimum 10 page requirement) ● Abstract (quick overview in your own words of the entire content of your paper, limited to 200-350 words) ● Introduction (1-2 pages, relevance of cyber warfare for the U.S, example, possible scenarios_ ● Literature Review (2-4 pages, describes the research papers that you find in reference to the topic of cyber warfare, emerging technologies that can be used, the impact of cyber warfare) ● Discussion (2-3 pages) – (Your perspective on the topic of cyber warfare, implications for the U.S, critical perspectives and/or recommendations) ● Conclusion (1-2 paragraphs, This provides a final summary of your research paper) ● Bibliography in APA format kostyuk_cyberwarfare.pdf Unformatted Attachment Preview Article Invisible Digital Front: Can Cyber Attacks Shape Battlefield Events? Journal of Conflict Resolution 2019, Vol. 63(2) 317-347 ª The Author(s) 2017 Article reuse guidelines: sagepub.com/journals-permissions DOI: 10.1177/0022002717737138 journals.sagepub.com/home/jcr Nadiya Kostyuk1, and Yuri M. Zhukov1 Abstract Recent years have seen growing concern over the use of cyber attacks in wartime, but little evidence that these new tools of coercion can change battlefield events. We present the first quantitative analysis of the relationship between cyber activities and physical violence during war. Using new event data from the armed conflict in Ukraine—and additional data from Syria’s civil war—we analyze the dynamics of cyber attacks and find that such activities have had little or no impact on fighting. In Ukraine—one of the first armed conflicts where both sides deployed such tools extensively—cyber activities failed to compel discernible changes in battlefield behavior. Indeed, hackers on both sides have had difficulty responding to battlefield events, much less shaping them. An analysis of conflict dynamics in Syria produces similar results: the timing of cyber actions is independent of fighting on the ground. Our finding—that cyber attacks are not (yet) effective as tools of coercion in war— has potentially significant implications for other armed conflicts with a digital front. Keywords compellence, coercion, physical violence, conflict, cyber attacks On December 23, 2015, hackers attacked Ukraine’s power grid, disabling control systems used to coordinate remote electrical substations, and leaving people in the capital and western part of the country without power for several hours. The Security 1 Department of Political Science, University of Michigan, Ann Arbor, MI, USA Corresponding Author: Nadiya Kostyuk, Department of Political Science, University of Michigan, 505 S State Street, Ann Arbor, MI 48109, USA. Email: nadiya@umich.edu 318 Journal of Conflict Resolution 63(2) Service of Ukraine (SBU) blamed the Russian government for the cyber attack, an accusation that later found support in malware analysis by a private computer security firm. The Ukrainian hack was the first publicly acknowledged case of a cyber attack successfully causing a power outage. It is also just one of thousands of cyber activities, mostly diffuse and low level, that have occurred alongside physical fighting in Ukraine. Attacks launched through the digital realm are playing an increasingly visible role in civil and interstate conflict—in Ukraine, Syria, Israel, Estonia, Georgia, and beyond. Yet it remains unknown whether such activities have a real coercive impact on the battlefield.1 Recent years have seen growing concern over the coercive potential of cyber capabilities in war, but little evidence that these new tools are yet making a difference. Theoretically, most research has focused on the consequences of cyber attacks for peacetime deterrence rather than wartime compellence (Libicki 2009; Sharma 2010; Andres 2012).2 Yet the logic of coercion entails distinct challenges in peace and war, with potentially different implications for the cyber domain. Empirically, the literature has relied more on qualitative case studies than quantitative data. The few data sets that do exist (Valeriano and Maness 2014) privilege massive cyber catastrophes over less sophisticated low-intensity attacks, like distributed denial of service (DDoS). The latter category, however, is far more common. This article asks whether cyber attacks can compel short-term changes in battlefield behavior, using new event data on cyber and kinetic operations from armed conflicts in Ukraine and Syria. We use the Ukrainian conflict as our primary test case due to the extensive and sophisticated use of cyber attacks by both sides (Geers 2015), and—uniquely—overt claims of responsibility, public damage assessments, and other releases of information that reduce uncertainty over timing and attribution. Since 2014, Ukraine has turned into “a training playground for research and development of novel attack techniques” (Zetter 2017). If cyber attacks can yet make a difference on the battlefield, Ukraine is one a few cases where we are most likely to observe such an effect. Our data include 1,841 unique cyber attacks and 26,289 kinetic operations by government and prorebel forces between 2014 and 2016. We supplement this quantitative analysis with fourteen primary source interviews with participants in the cyber campaign as well as Ukrainian, Russian, and Western cyber security experts with direct knowledge of these operations. To evaluate the generalizability of the Ukrainian experience to other conflicts, we replicate our results with data from Syria’s civil war. Like Ukraine, Syria has seen the extensive use of low-level cyber attacks by factions fighting for and against the incumbent regime. Because this war has gone on significantly longer than the conflict in Ukraine—giving hackers more time to organize and develop their capabilities—Syria offers a glimpse at cyber activities in a more protracted, higher intensity context. If we uncover similar patterns in two conflicts of such different scale and complexity, we can have greater confidence that our results are not artifacts of a single idiosyncratic case. Our data include 682 cyber attacks and 9,282 acts of violence by pro- and anti-Assad forces between 2011 and 2016. Kostyuk and Zhukov 319 Evidence from both conflicts suggests that cyber attacks have not created forms of harm and coercion that visibly affect their targets’ actions. Short of mounting synchronized, coordinated cyber campaigns, each group of hackers has seemed to operate in its own “bubble,” disengaged from unfolding events in both cyberspace and the physical world. The lack of discernible reciprocity between cyber and kinetic operations—and between the cyber actors themselves—questions whether cyber attacks can (yet) be successfully deployed in support of military operations. This disconnect may be temporary, as joint planning and execution concepts continue to evolve. Many countries, for instance, still struggle in coordinating airpower for ground combat support, a century after World War I. Our study highlights some of the difficulties that countries will need to overcome in integrating and synchronizing these new capabilities. Our contribution is fourfold. We offer the first disaggregated analysis of cyber activities in war and take stock of the empirical relationship between the cyber and kinetic dimensions of modern battle. To do so, we collect the first microlevel data on wartime cyber attacks, using both open media sources and anonymous attack traffic data. Theoretically, our analysis addresses an important question on the coercive impact of low-level cyber attacks, advancing a literature that has been heavy on deductive argumentation, but light on evidence. Finally, from a policy standpoint, our findings should temper the popular tendency to overhype the transformative potential of cyber attacks. At present, interaction between cyber and kinetic operations is similar to that between airpower and ground operations in World War I— when armies began to use aircraft for reconnaissance but had not realized their full potential to shape battlefield outcomes. Varieties of Cyber Activity The term “cyber activities” captures a diverse assortment of tactics and procedures, directed against different types of targets, in pursuit of disparate objectives. Not all of these activities seek to achieve battlefield effects in the same way. Before proceeding further, we differentiate between two broad goals these actions tend to pursue: propaganda and disruption.3 Cyber activities in the propaganda category seek to influence public opinion and indirectly undermine an opponent’s financing or recruitment. Operations in this group include leaks of compromising private information, online publication of partisan content (e.g., “trolling” on comments pages), and the establishment of dedicated websites and forums to promote an armed group’s message. Unless it openly incites or discourages violence, propaganda affects kinetic operations only indirectly by undermining an opponent’s support base or obfuscating perceptions of events. In the Ukrainian conflict, the importance of both groups attach to online propaganda is evident from the time and resources pro-Kyiv fighters spend updating Wikipedia, and pro-Russia groups devote to creating and running dedicated 320 Journal of Conflict Resolution 63(2) YouTube channels and social media accounts. Russian military doctrine places a heavy emphasis on the strategic use of information in warfare, as does US cyberspace joint planning doctrine. The second category of cyber attacks—disruption—seeks to directly sabotage opponents’ ability to operate in the physical or electronic realm. These mostly lowintensity activities include denial of service attacks, which make targeted resources unavailable through a flood of requests from a single source, and DDoS attacks, where requests originate from multiple compromised systems. Related efforts include inundating communications systems with floods of text messages or phone calls and using fire walls and proxies to block access to websites. At the extreme end of the scale is the use of malicious code to inflict physical damage or otherwise compromise infrastructure and military objects. Examples include interception of drones, communications and surveillance systems, control of Wi-Fi access points, and collection of protected information via phishing. The most sophisticated known attack of this type is the Stuxnet worm, which—before its discovery in 2010—targeted industrial control systems critical to uranium enrichment in Iran. In Ukraine, notable disruptive activities have included attacks on the Central Election Committee’s website during the 2014 presidential elections and attacks on the country’s power grid in 2015 and 2016. Other examples include the use of malware to collect operational intelligence, like X-Agent, which retrieved locational data from mobile devices used by Ukrainian artillery troops, and the hacking of closed-circuit television (CCTV) cameras behind enemy lines. Propaganda and disruption are not mutually exclusive, and many cyber activities serve both purposes—shaping public opinion through disruption or disrupting an opponent’s operations by shaping public opinion. For example, altering the visual appearance of websites can have the dual effect of embarrassing the target and limiting its ability to communicate. Leaks of private information also have dual implications for targets’ public image and physical security. Recent examples of hybrid activities include the defacement of US Central Command’s Twitter and Facebook pages by the Islamic State’s (IS) Cyber Caliphate and operations by US Cyber Command against IS beginning in April 2016. In Ukraine, the pro-rebel group CyberBerkut (CB) has leaked private communications from senior United States, European Union, and Ukrainian officials and disclosed identities of pro-Kyiv field commanders—simultaneously creating a media scandal and forcing targets to commit more resources to personal security. Similarly, the pro-Kyiv website Myrotvorets’ published names and addresses of suspected “rebel sympathizers”—information that allegedly facilitated several assassinations (Il’chenko 2016). In the following, we limit the scope of our inquiry to cyber actions that are either purely disruptive (e.g., DDoS-style attacks) or are hybrids of the two approaches (e.g., web defacements). We do so for two reasons. First, most purely propagandistic operations, like comment-board trolling, do not aspire to influence the course of Kostyuk and Zhukov 321 military operations in the short term. Second, it is hard to separate the disruptive and propaganda effects of hybrid cyber activities because they depend on each other. Cyber Coercion in Wartime Over the last two decades, cyber attacks have become an increasingly common tool of coercion, used by state and nonstate actors, independently and jointly with physical, kinetic operations. Like other instruments of coercion, cyber actions inflict costs on a target to compel a change in its behavior—either by punishing past misdeeds or by putting pressure on decision makers in real time. The role of cyber compellence in wartime is not unlike that of airpower or terrorism (Pape 2003, 2014). Cyber attacks cannot take or hold territory on their own, but they can support operations on the ground by disrupting opponents’ command and control, collecting operational intelligence, and creating opportunities for conventional forces to exploit. If combatants use the Internet for coordination, recruitment, or training, low-level cyber disruption may prevent them from running these vital functions smoothly.4 Alternatively, cyber attacks can indirectly pressure an opponent by targeting civilian economy and infrastructure, similarly to strategic bombing. Yet unlike airpower, an operational cyber capability is relatively inexpensive to develop. It does not require new massive infrastructure, and many activities can be delegated to third parties (Ottis 2010). Unlike terrorism, the individual attacker is rarely at risk of direct physical harm. Despite the apparent promise of these “weapons of the future” (Schmitt 1999; Rios 2009; Clarke and Knake 2010; McGraw 2013; Eun and Aßmann 2014), some scholars are skeptical that low-level cyber attacks can be an effective tool of coercion (Liff 2012; Rid 2012; Gartzke 2013; Junio 2013). There is little doubt that large numbers of low-level attacks can cumulatively produce large-scale damage, bringing “death by a thousand cuts” (Lemay, Fernandeza, and Knight 2010). Yet successful coercion also requires punishment to be both anticipated and avoidable (Schelling 1966), and these criteria can be difficult to meet in cyberspace. Cyber attacks can be challenging for targets to anticipate because attackers face strong incentives to mount surprise “zero-day” exploits, before targets recognize and patch their vulnerabilities (Axelrod and Iliev 2014).5 Since the destructiveness of malicious code depreciates quickly after first use, cyber attacks are often most damaging when they are least anticipated. Targets also have many reasons to doubt that cyber attacks are avoidable by accommodation. For the attacker, cyber actions present a trade-off between plausible deniability—which helps prevent retaliation—and the credibility of coercive promises and threats.6 Any uncertainty over the source of an attack will also create uncertainty over the nature of compliance—what sort of actions will prevent future attacks and by whom. Beyond attribution uncertainty, cyber attacks may not generate sufficient costs to elicit compliance from. Because administrators can quickly fix or contain many 322 Journal of Conflict Resolution 63(2) exploited vulnerabilities, even successful attacks cause only temporary disruption (Axelrod and Iliev 2014). Unless the attacker continues to develop new methods and identify new vulnerabilities, a protracted campaign may quickly lose its coercive impact. As a result, targets may see compliance as insufficient and unnecessary to stop the damage (Hare 2012; Lynn 2010; Nye 2010). Force synchronization challenges may also render the timing of cyber attacks suboptimal for compellence. Hackers—especially those not integrated with military forces—may not observe battlefield events on a tactically relevant time line. Even if they did, the lead time required to plan and implement a successful attack—studying the target system, collecting intelligence on its vulnerabilities, and writing code that exploits them—can make these efforts difficult to synchronize with conventional operations. These challenges are not insurmountable. Lead time is a greater barrier for highlevel attacks (e.g., targeting major infrastructure) than for more routine, DDoS-style attacks. Force synchronization difficulties are also not unique to the cyber domain and are well established in research on terrorism and airpower (Atran 2003; Pape 2003, 2014). The ability of contemporary hackers to overcome these difficulties, however, remains unknown. Previous Research The question of whether low-level cyber attacks compel has deep implications for the theory and practice of national security. Yet the public and academic debate on this topic has unfolded largely in the absence of rigorous empirical evidence in either direction. Existing political science and policy literature on cybersecurity could be grouped into three broad areas: the “big picture” of cyber warfare (Cha 2000; Griniaiev 2004; Libicki 2007, 2011; Czosseck and Geers 2009; Clarke and Knake 2010; Axelrod and Iliev 2014), the overlap between cyber and kinetic capabilities (Healey 2013; Kello 2013; Libicki 2015; Andress and Winterfeld 2013; Axelrod 2014), and the effect of information and communication technology on conflict (Martin-Shields 2013; Pierskalla and Hollenbach 2013; Crabtree, Darmofal, and Kern 2014; Gohdes 2014; Bailard 2015). Most research in the first category has focused on the implications of cyber activities for peacetime deterrence or the offense–defense balance rather than wartime compellence. While the second group focuses more directly on cyber attacks during conflict, its empirical approach has been mostly qualitative, relying on evidence from descriptive case studies, macrohistorical surveys, and stylized facts. Some large-n analyses do exist (Valeriano and Maness 2014), but their scope has remained on large-scale cyber attacks rather than the far more numerous lowintensity operations we consider here. While the third group does employ the statistical analysis of disaggregated data, its theoretical scope is distinct from mainstream literature on cyber attacks—evaluating, for instance, how technology affects collective action (Weidmann 2015) rather than military compellence. Kostyuk and Zhukov 323 Our study bridges the gap between these areas of inquiry. Our goal is to assess the coercive potential of low-level cyber actions during an armed conflict. We pursue this goal by studying the magnitude and direction of the relationship between cyber attacks and physical violence, using microlevel data from ongoing conflicts in Ukraine and Syria. Empirical Expectations Cyber attacks by actor A can affect physical violence by B in one of the three ways: negatively, positively, or not at all. If cyber compellence is successful, we should expect a short-term decrease in violence after a spike in cyber attacks. A positive response would suggest failure, where cyber attacks actually escalate violence by the opponent. If no relationship exists, cyber actions are either ineffective or irrelevant to fighting in the physical world. In addition to compellence across domains, cyber attacks by actor A may impact cyber attacks by actor B. As before, only a negative relationship would imply coercive success, while a null or positive response would suggest that these actions are either ineffective or counterproductive. Data Analysis To evaluate whether and how cyber actions affect physical violence in war, we analyze new micro-level data from Ukraine and Syria. We begin with an in-depth study of the Ukrainian case, as one of few conflicts where both sides have used cyber attacks as a means of coercion. Due to the sophistication of hackers on both sides, the public nature of many attacks, and an abundance of data, the Ukrainian conflict allows us to observe the short-term coercive impact of cyber attacks.7 We then use analogous event data on Syria to evaluate the generalizability of our ... Purchase answer to see full attachment