Notes

Introduction

1.The words are those of Nick Harvey, the United Kingdom’s Armed Forces Minister. Nick Hopkins, “UK Developing Cyber-Weapons Programme to Counter Cyber War Threat,” The Guardian, May 30, 2011.

2.Within international security studies, examples of skeptical thinking include the following works: Erik Gartzke, “The Myth of Cyberwar: Bringing War in Cyberspace Back Down to Earth,” International Security, Vol. 38, No. 2 (Fall 2013), pp. 41–73; Jon R. Lindsay, “Stuxnet and the Limits of Cyber Warfare,” Security Studies, Vol. 22, No. 3 (2013), pp. 365–404; and Brandon Valeriano and Ryan C. Maness, Cyber War Versus Cyber Realities: Cyber Conflict in the International System (Oxford: Oxford University Press, 2015).

3.For the sake of simplicity, this work refers to cyberspace as a single technology – much as observers often refer to nuclear enrichment facilities, warheads, delivery vehicles, and so on as nuclear technology. But readers should note that cyberspace is, in fact, a series of technologies – each complex in its own right – that encompasses servers, routers, machine nodes, and various forms and layers of applications and software architecture.

4.See Cliff Stoll, The Cuckoo’s Egg: Tracking a Spy through the Maze of Computer Espionage (New York: Doubleday, 1989), Epilogue.

5.See John Arquilla and David Ronfeldt, Cyber War Is Coming! (Santa Monica, CA: RAND, 1993).

6.See Arnaud de Borchgrave, Frank J. Cilluffo, Sharon L. Cardash, and Michele M. Ledgerwood, Cyber Threats and Information Security Meeting the 21st Century Challenge (Washington, D.C.: U.S. Department of Justice, Office of Justice Programs, 2001).

7.The cyberattacks against Estonian computer systems in the spring of 2007 thrust this question upon national security planners.

8.See Marvin Minsky, The Society of Mind (New York: Simon and Schuster, 1988). The notion of the comparability of the human and machine minds is rooted in the earliest attempts to create artificial intelligence. In the 1960s, for instance, Frank Rosenblatt sought to design a mechanical brain, Perceptron, which he described as “a machine which senses, recognizes, remembers, and responds like the human mind.” Minsky and his colleague Seymour Papert achieved fame by criticizing this design – ambitious for its times – as severely limited because it could not solve even simple logical problems. See Marvin Minsky and Seymour Papert, Perceptrons: An Introduction to Computational Geometry (Cambridge, MA: The MIT Press, 1969); and Gary Marcus, “Is ‘Deep Learning’ a Revolution in Artificial Intelligence?,” The New Yorker (November 25, 2012).

9.On the distinction between direct and indirect cyberattack effects, see Lucas Kello, “The Meaning of the Cyber Revolution,” International Security, Vol. 38, No. 2 (Fall 2013), p. 19.

10.See Lucas Kello, “The Virtual Weapon: Dilemmas and Future Scenarios,” Politique étrangère, Vol. 79, No. 4 (Winter 2014–15), p. 6.

11.See Lawrence Lessig, Code (New York: Basic Books, 1999).

12.See Gregory J. Rattray, Strategic Warfare in Cyberspace (Cambridge, MA: MIT Press, 2001).

13.See Jack Goldsmith and Tim Wu, Who Controls the Internet? Illusions of a Borderless World (New York: Oxford University Press, 2006).

14.See Martin C. Libicki, Conquest in Cyberspace: National Security and Information Warfare (New York: Cambridge University Press, 2007); and Martin C. Libicki, Cyberdeterrence and Cyberwar (Santa Monica, CA: RAND Corporation, 2009).

15.See Jason Healey, A Fierce Domain: Conflict in Cyberspace, 1986 to 2012 (Arlington, VA: Cyber Conflict Studies Association, 2012).

16.See Michael N. Schmitt, ed., Tallinn Manual on the International Law Applicable to Cyber Warfare (Cambridge: Cambridge University Press, 2013).

17.See Adam Segal, The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age (New York: PublicAffairs, 2015). Other important book-length studies of cyber issues include Chris C. Demchak, Wars of Disruption and Resilience: Cybered Conflict, Power, and National Security (Athens, GA: University of Georgia Press, 2011); Derek S. Reveron, ed., Cyberspace and National Security: Threats, Opportunities, and Power in a Virtual World (Washington, D.C.: Georgetown University Press, 2012); and Martin C. Libicki, Crisis and Escalation in Cyberspace (Santa Monica, CA: RAND Corporation, 2012).

18.See Valeriano and Maness, Cyber War Versus Cyber Realities, p. 61.

19.See Joseph S. Nye, The Future of Power (New York: PublicAffairs, 2011), Chapter 5; and Nazli Choucri, Cyber Politics in International Relations (Cambridge, MA: MIT Press, 2012). Other works focus less on developing theoretical frameworks and more on explaining and predicting empirical trends. See, for instance, Valeriano and Maness, Cyber War Versus Cyber Realities.

20.See, for instance, Friedrich Kratochwil, “The Embarrassment of Change: Neo-Realism as the Science of Realpolitik without Politics,” Review of International Studies, Vol. 19, No. 1 (January 1993), pp. 63–80.

21.A notable work in this regard is P. W. Singer and Allan Friedman, Cybersecurity and Cyberwar: What Everyone Needs to Know (Oxford: Oxford University Press, 2014).

22.In this book, the label “international security studies,” or plainly security studies, denotes the subfield of the discipline of international relations. Thus the label automatically captures the theories, concepts, concerns, and aims of international relations. Where the arguments of the book relate more generally to the discipline rather than the subfield, the book uses the label “international relations.”

23.On the value of single case studies, see Alexander L. George and Andrew Bennett, Case Studies and Theory Development in the Social Sciences (Cambridge, MA: MIT Press, 2005), pp. 81–82. See also Chapter 1 of this book.

24.See, for example, Défense et Sécurité nationale: Le Livre blanc (Paris: La Documentation française, June 2008); A Strong Britain in an Age of Uncertainty: The UK National Security Strategy (London: Cabinet Office, 2010); and James R. Clapper to the U.S. Senate Intelligence Committee (Washington, D.C.: U.S. Government Printing Office, March 12, 2013).

25.See Donna Miles, “Stavridis Spotlights Top National Security Issues,” American Force Press Service, U.S. Department of Defense, March 15, 2012. See also comments by Keith B. Alexander to the U.S. Senate Committee on Armed Services (Washington, D.C.: U.S. Government Printing Office, April 15, 2010), p. 219; Joseph S. Nye, Jr., “Nuclear Lessons for Cyber Security?” Strategic Studies Quarterly, Vol. 5, No. 4 (Winter 2011), pp. 18–38; and Kello, “The Meaning of the Cyber Revolution.”

26.See, for instance, Kenneth A. Oye, ed., Cooperation Under Anarchy (Princeton, N.J.: Princeton University Press, 1986).

27.Among American officials, the operation was known by the code name “Olympic Games.”

1  The Quest for Cyber Theory

1.See Matt Bishop, “What is Computer Security?” IEEE Security & Privacy (January/February 2003), p. 67.

2.See below the discussion of the distinction between “cyberspace” and “cyber domain.”

3.See Dawn Youngblood, “Interdisciplinary Studies and the Bridging Disciplines: A Matter of Process,” Journal of Research Practice, Vol. 3, No. 2 (2007), p. 2. On the problems of scientific interdisciplinarity, see David Alvargonzålez, “Multidisciplinarity, Interdisciplinarity, Transdisciplinarity, and the Sciences,” International Studies in the Philosophy of Science, Vol. 25, No. 4 (2011), pp. 387–403.

4.The notion of a “discipline of cybersecurity” has already crept up in some quarters. It appears in the scholarly literature; see, for instance, Dan Shoemaker, Anne Kohnke, and Ken Sigler, A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0) (London: CRC Press, 2016), pp. xvii, 16, 130. Others use the label to denote a comprehensive field of study within only one discipline, such as computer science; see Daniel P. Shoemaker, “The Colloquium for Information Security Education (CISSE) – The Adventure Continues,” ACM Inroads, Vol. 5, No. 2 (June 2014), p. 51. Furthermore, some academic degree programs – for example, the University of Oxford’s doctoral program in Cyber Security – refer to cybersecurity explicitly, but are in fact properly interdisciplinary in the sense described here because they integrate “a range of academic disciplines.” See “CDT Programme,” Centre for Doctoral Training in Cyber Security, University of Oxford, https://www.cybersecurity.ox.ac.uk/education/cdt/cdt-programme.

5.See Lucas Kello, “Correspondence: A Cyber Disagreement,” International Security, Vol. 39, No. 2 (Fall 2014).

6.For a technical definition of information security, see H. S. Vinter and J. H. P. Eloff, “A Taxonomy of Information Security Technologies,” Computers and Security, Vol. 22, No. 4 (May 2003), p. 299. The nontechnical usage prevails among political scientists and in international policy circles. See, for instance, “Agreement between the Governments of the Member States of the Shanghai Cooperation Organization on Cooperation in the Field of International Information Security,” Dushanbe Summit, Dushanbe, Tajikistan, September 11–12, 2014. For a more complete treatment of concepts, see section below, “Conceptual and Technical Rudiments for Cyber Studies.”

7.See Alan M. Turing, “On Computable Numbers, with an Application to the Entscheidungsproblem,” Proceedings of the London Mathematical Society, Vol. 2, No. 42 (1937 [delivered to the Society in 1936]), pp. 230–65.

8.Not all mathematical problems can be solved by Turing machines, however. For example, it is impossible to design an algorithm that will always produce a correct Yes or No answer to the Halting Problem, which asks a computer to execute or cease executing an arbitrary program on the basis of a finite input. I am grateful to Dave Aitel for this insight.

9.Kenneth Thompson, “Reflections on Trusting Trust,” Communication of the ACM, Vol. 27, No. 8 (August 1984), pp. 761–63.

10.See Jack L. Goldsmith, “Against Cyberanarchy,” Chicago Law Review, Vol. 1199 (Fall 1998); and Vivek Mohan and John Villasenor, “Decrypting the Fifth Amendment: The Limits of Self-Incrimination in the Digital Era,” University of Pennsylvania Journal of Constitutional Law Heightened Scrutiny, Vol. 15 (October 2012), pp. 11–28.

11.See David S. Wall, Cybercrime: The Transformation of Crime in the Information Age (Cambridge: Polity Press, 2007).

12.See Tyler Moore, Richard Clayton, and Ross Anderson, “The Economics of Online Crime,” Journal of Economic Perspectives, Vol. 23, No. 3 (Summer 2009), pp. 3–20.

13.See Sharon S. Dawes, “The Continuing Challenges of E-Governance,” Public Administration Review, Vol. 68, No. 1 [Special Issue] (December 2008), pp. 586–602.

14.The number of scholarly publications that focus on international security aspects of the cyber question is small. These works include Ronald J. Deibert, “Black Code: Censorship, Surveillance, and Militarization of Cyberspace,” Millennium, Vol. 32, No. 2 (December 2003), pp. 501–30; Johan Eriksson and Giampiero Giacomello, “The Information Revolution, Security, and International Relations: The (IR)relevant Theory?” International Political Science Review, Vol. 27, No. 3 (July 2006), pp. 221–44; Lene Hansen and Helen Nissenbaum, “Digital Disaster, Cyber Security, and the Copenhagen School,” International Studies Quarterly, Vol. 53, No. 4 (December 2009), pp. 1,155–75; and Mary M. Manjikian, “From Global Village to Virtual Battlespace: The Colonizing of the Internet and the Extension of Realpolitik,” International Studies Quarterly, Vol. 54, No. 2 (June 2010), pp. 381–401; Lucas Kello, “The Meaning of the Cyber Revolution: Perils to Theory and Statecraft,” International Security, Vol. 38, No. 2 (Fall 2013), pp. 7–40; Eric Gartzke, “The Myth of Cyberwar: Bringing War in Cyberspace Back Down to Earth,” International Security, Vol. 38, No. 2 (Fall 2013), pp. 41–73; and Jon R. Lindsay, “The Impact of China on Cybersecurity: Fiction and Friction,” International Security, Vol. 39, No. 3 (Winter 2014/15), pp. 7–47. See Introduction, p. 9.

15.See David E. Sanger, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power (New York: Crown, 2012), p. 291.

16.In the official statement, the last point came first. See Ben Gummer, “Government Departments: Cybercrime: Written question – 55021,” UK Cabinet Office (December 5, 2016), http://www.parliament.uk/business/publications/written-questions-answers-statements/written-question/Commons/2016–11–28/55021/.

17.One poll in Britain found that three-fourths of firms did not report computer breaches to the police, let alone the public. See Kate Palmer, “Businesses Keep Quiet over Cyber Attacks, as EU Cracks Down on Underreporting,” The Telegraph (March 3, 2016), http://www.telegraph.co.uk/business/2016/03/02/businesses-keep-quiet-over-cyber--attacks-as-eu-cracks-down-on-un/.

18.Stephen M. Walt, “Is the Cyber Threat Overblown?” Stephen M. Walt blog, Foreign Policy (March 30, 2010), http://walt.foreignpolicy.com/posts/2010/03/30/is_the_cyber_threat_overblown. Elsewhere, Walt calls for systematic study of the cyber issue by a “panel of experts.” See Stephen M. Walt, “What Does Stuxnet Tell Us about the Future of Cyber-Warfare?” Stephen M. Walt blog, Foreign Policy (October 7, 2010), http://walt.foreignpolicy.com/posts/2010/10/07/what_does_stuxnet_tell_us_about_the_future_of_cyber_warfare.

19.See Thomas G. Mahnken, “Cyber War and Cyber Warfare,” in Kristin M. Lord and Travis Sharp, eds., America’s Cyber Future: Security and Prosperity in the Information Age (Washington, D.C.: Center for a New American Security, 2011); and Thomas Rid, “Cyber War Will Not Take Place,” Journal of Strategic Studies, Vol. 35, No. 1 (February 2012), pp. 5–32.

20.See Thomas Rid, “Think Again: Cyberwar,” Foreign Policy, Vol. 192 (March/April 2012), pp. 80–84.

21.Joseph S. Nye, Jr., “Cyber War and Peace,” Project Syndicate (April 10, 2012).

22.Rid, “Think Again, p. 84. Rid does not explain why sophisticated cyberattack should not therefore concern lesser powers.

23.See Michael Howard, Clausewitz: A Very Short Introduction (Oxford: Oxford University Press, 2002), p. 22.

24.Bruce Schneier, “Threat of ‘Cyberwar’ Has Been Hugely Hyped,” CNN (July 7, 2010). Similarly, Schneier also warned about the dangerous implications of the “militarization” of cyberspace for the civilian control of the Internet and for the protection of user privacy. See Schneier, “Militarizing Cyberspace Will Do More Harm Than Good,” The Irish Times (November 29, 2012).

25.See Barry Buzan and Lene Hansen, The Evolution of International Security Studies (Cambridge: Cambridge University Press, 2009), p. 12.

26.See Stephen M. Walt, “The Enduring Relevance of the Realist Tradition,” in Ira Katznelson and Helen V. Milner, eds., Political Science: State of the Discipline (New York: W. W. Norton, 2002), p. 220.

27.See Stanley Hoffmann, The State of War: Essays on the Theory and Practice of International Politics (New York: Praeger, 1965), pp. 7–8.

28.The quote appears in Niall Ferguson, Kissinger, 1923–1968: The Idealist (London: Penguin, 2015), p. 336 (emphasis mine). It is from a letter by Kissinger to Arthur Schlesinger dated February 16, 1955. Shortly after, Kissinger developed his argument in a book-length study, Nuclear Weapons and Foreign Policy (New York: Council on Foreign Relations, 1957).

29.Holsti wrote: “power may be viewed from several aspects: it is a means, it is based on capabilities, it is a relationship, and a process, and it can also be a quantity.” Kalevi J. Holsti, “The Concept of Power in the Study of International Relations,” Background, Vol. 7, No. 4 (February 1964), p. 182.

30.Nuclear Tipping Point, documentary film (2010).

31.See, for instance, Friedrich Kratochwil, “The Embarrassment of Change: Neo-Realism as the Science of Realpolitik without Politics,” Review of International Studies, Vol. 19, No. 1 (January 1993), pp. 63–80.

32.Stephen M. Walt, “The Relationship between Theory and Policy in International Relations,” Annual Review of Political Science, Vol. 8 (2005), pp. 41–42.

33.For a historical elaboration of the problem of technological revolution and strategic adaptation, see Chapter 3.

34.Joseph S. Nye, Jr., “Nuclear Lessons for Cyber Security?” Strategic Studies Quarterly, Vol. 5, No. 4 (Winter 2011), p. 19.

35.For an excellent account of the Stuxnet deliberations, see Sanger, Confront and Conceal, Chapter 8.

36.This was “a huge amount of code” compared to other known malware. See Sharon Weinberger, “Is this the Start of Cyberwarfare?” Nature, Vol. 474, pp. 142–43.

37.Despite the attack code’s sophistication, analysts have found “basic errors” in its design and in the code itself. For example, Tom Parker observed that “the command-and-control mechanism is poorly done and sends its traffic in the clear and the worm ended up propagating on the Internet, which was likely not the intent.” Dennis Fisher, “Stuxnet Authors Made Several Basic Errors,” Threatpost (January 18, 2011), https://threatpost.com/stuxnet-authors-made-several-basic-errors–011811/74856/. See also Nat Lawson, “Stuxnet is Embarrassing, Not Amazing,” rdist (January 17, 2011), https://rdist.root.org/2011/01/17/stuxnet-is-embarrassing-not-amazing/#comment–6451. Despite these criticisms, computer security specialists broadly regard Stuxnet as a genial weapon.

38.David Newsom, “Foreign Policy and Academia,” Foreign Policy, Vol. 101 (Winter 1995), p. 66.

39.Although Stuxnet’s custodians sought to contain the worm within the Natanz facility, thousands of external machines were infected (more than 40 percent of them outside Iran).

40.An example of such new legislation is the Cyber Security Information Sharing Act (CISA) that was signed into law in December 2015.

41.James Blitz, “UK Becomes First State to Admit to Offensive Cyber Attack Capability,” Financial Times (September 29, 2013).

42.Mark Pomerlau, “Carter Looking to Drop ‘Cyber Bombs’ on ISIS,” Defence Systems (February 29, 2016).

43.See, for instance, Louis Klarevas, “Political Realism: A Culprit for the 9/11 Attacks,” Harvard International Review, Vol. 26, No. 3 (Fall 2004), pp. 18–21.

44.Valeriano and Maness, Cyber War versus Cyber Realities. Similarly, the authors state: “Evidence and facts are needed in order to counter hype and bluster” about the cyber threat (p. 209).

45.Sam Jones, “Ministry of Defence Fends Off ‘Thousands’ of Daily Cyber Attacks,” The Financial Times (June 25, 2015), http://www.ft.com/intl/cms/s/0/2f6de47e–1a9a–11e5–8201-cbdb03d71480.html.

46.Shaun Walker, “Kremlin Pours Cold Water on MI5 Chief’s Claims of Russian Threat,” The Guardian (November 1, 2016).

47.See Michael S. Schmidt, “New Interest in Hacking as Threat to Security,” The New York Times (March 13, 2012).

48.See Jack Kim, “North Korea Mounts Long-Running Hack of South Korea Computers, Says Seoul,” Reuters (June 13, 2016), http://www.reuters.com/article/us-northkorea-southkorea-cyber-idUSKCN0YZ0BE.

49.See “Military Investigators Raid Cyber Command in Hacking Probe,” Yonhap News Agency (December 13, 2016), http://english.yonhapnews.co.kr/northkorea/2016/12/13/0401000000AEN20161213006500315.html.

50.François Clemenceau and Antoine Malo, “Le Drian sur le cyberespionnage: La France n’est pas à l’abri, il ne faut pas être naïf,” Le Journal du Dimanche (January 7, 2017), http://www.lejdd.fr/International/Le-Drian-sur-le-cyberespionnage-La-France-n-est-pas-a-l-abri-il-ne-faut-pas-etre-naif–837985#xtor=CS1–4.

51.See Amy Chozick, “Hillary Clinton Blames F.B.I. Director for Election Losses,” The New York Times (November 12, 2016); and Jason Blakely, “Is Political Science this Year’s Election Casualty?” The Atlantic (November 14, 2016).

52.The journal International Security, published by MIT Press, features primarily works of international relations.

53.The quote is by the journalist Peter Passell. Joseph B. Treaster, “Herman Kahn Dies; Futurist and Thinker on Nuclear Strategy,” The New York Times (July 8, 1983).

54.The comment is by political scientist Roman Kolkowicz. Michael Intriligator, Roman Kolkowicz, and Andrzej Korbonski, “Bernard Brodie, Political Science: Los Angeles,” Calisphere, University of California (September 1979).

55.PhD in International Relations, University of Chicago.

56.Masters in Mathematical Logic, Columbia University. Some observers regard mathematics as a natural science; indeed, many university departments group it with physics, chemistry, biology, etc. But the “Queen of the Sciences,” as German thinker Carl Friedrich Gauss called mathematics, is also the basis for much non-scientific inquiry – ranging from logic to aesthetics. At any rate, it is certainly not an engineering or technical science.

57.AB and PhD in Government, Harvard University.

58.AB and PhD in Government, Harvard University.

59.BA in Economics, University of California, Berkeley; PhD in Economics, Harvard University.

60.This trend is reflected in the overtly technical tone of important works of military tactics, such as Martin C. Libicki, Conquest in Cyberspace: National Security and Information Warfare (New York: Cambridge University Press, 2007).

61.The proposed framework draws from, but also adapts, concepts introduced in William A. Owens, Kenneth W. Dam, and Herbert S. Lin, eds., Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities (Washington, D.C.: National Academies Press, 2009).

62.See Richard A. Clarke and Robert K. Knake, Cyber War: The Next Threat to National Security and What to Do About It (New York: HarperCollins, 2010), p. 69. For an instructive, more technical review of some of these concepts, see Matthew Monte, Network Attacks and Exploitation: A Framework (Indianapolis, IN: John Wiley and Sons, 2015).

63.See German Federal Ministry of the Interior, Cyber Security Strategy for Germany (Berlin: German Federal Ministry of the Interior, February 2011), p. 14.

64.See Andrew Greenberg, “Hacker Lexicon: What is the Dark Web?,” Wired (November 19, 2014). The Dark Web is also not to be confused with the Deep Web, of which it is a small part and which denotes the vast swathes of the Internet that search engines such as Google do not index. See “Going Dark: The Internet Behind the Internet,” NPR (May 25, 2014).

65.See, for instance, Jon R. Lindsay and Lucas Kello, “Correspondence: A Cyber Disagreement,” International Security, Vol. 39, No. 2 (Fall 2014), p. 187.

66.Some working concepts omit social agents. See, for example, Nazli Choucri and David Clark, “Cyberspace and International Relations: Towards an Integrated System,” paper presented at the Massachusetts Institute of Technology, Cambridge, Massachusetts, August 2011, p. 8.

67.See Lindsay and Kello, “Correspondence: A Cyber Disagreement,” pp. 188–92.

68.The logical layer comprises the service platforms on which computer systems and networks function (e.g. software applications). The information layer includes the data that flow between interconnected nodes. The physical layer comprises physical machines. On the “layers” model, see Choucri and Clark, “Cyberspace and International Relations.”

69.An information security operation of this kind occurred in November 2015 in the aftermath of the Paris massacre perpetrated by Islamic State operatives. See Paul Mozur, “China Cuts Mobile Service of Xinjiang Residents Evading Internet Filters,” The New York Times (November 23, 2015).

70.Gary King, Jennifer Pan, and Margaret E. Roberts, “How Censorship in China Allows Government Criticism but Silences Collective Expression,” American Political Science Review, Vol. 2 (May 2013), pp. 1–18.

71.For a gripping account of Russian Internet censorship generally and of this case particularly, see Andrei Soldatov and Irina Borogan, The Red Web: The Struggle between Russia’s Digital Dictators and the New Online Revolutionaries (New York: PublicAffairs, 2015). See also Hal Roberts and Bruce Etling, “Coordinated DDoS Attack during Russian Duma Elections,” Internet and Democracy Blog, Berkman Center for Internet and Society, Harvard University (December 8, 2011).

72.For an excellent discussion of freedom of speech over the Internet, see Timothy Garton Ash, Free Speech: Ten Principles for a Connected World (New Haven, CT: Yale University Press, 2016).

73.See Steven M. Bellovin, Susan Landau, and Herbert S. Lin, “Limiting the Undesired Impact of Cyber Weapons: Technical Requirements and Policy Implications,” unpublished paper, p. 3.

74.See Luke Harding, “Top Democrat’s Emails Hacked by Russia after Aide Made Typo, Investigation Finds,” The Guardian (December 14, 2016).

75.See Mohammad Tehranipoor and Farinaz Koushanfar, “A Survey of Hardware Trojan Taxonomy and Detection,” IEEE Design and Test of Computers, Vol. 27, No. 1 (2010), pp. 10–25; and Masoud Roustami, Farinaz Koushanfar, Jeyavijayan Rajendran, and Ramesh Karri, “Hardware Security: Threat Models and Metrics,” ICCAD ‘13 Proceedings of the International Conference on Computer-Aided Design, IEEE (November 18–21, 2013), pp. 819–23.

76.Therefore, in instances where the sole medium of entry to a target is the Internet or some physical device, the weapon lacks a penetration element all its own.

77.See Cecilia Kang, “A Tweet to Kurt Eichenwald, a Strobe and a Seizure. Now, an Arrest,” The New York Times (March 17, 2017).

78.On problems of global governance in the cyber domain, see, for example, Laura DeNardis, Protocol Politics: The Globalization of Internet Governance (Cambridge, MA: MIT Press, 2009); Joseph S. Nye, Jr., “The Regime Complex for Managing Global Cyber Activities,” Global Commission on Internet Governance, Issue Paper Series, No. 1 (May 2014); and Lucas Kello, “Cyber Security: Gridlock and Innovation,” Beyond Gridlock (Cambridge: Polity, 2017). Cyber governance, which deals with the management of cybersecurity issues, especially cyberattacks and cyber espionage, should not be confused with Internet governance, an older field that involves the management of the globe’s computer network infrastructure.

79.See Thomas C. Reed, At the Abyss: An Insider’s History of the Cold War (New York: Random House, 2005), Chapter 17.

80.The term “industrial controller” signifies computer systems that govern processes of industrial production. It includes supervisory control and data acquisition (SCADA) systems and programmable logic controllers (PLCs).

81.See Owens, Dam, and Lin, Technology, Policy, Law, and Ethics, pp. 1–2.

82.For technical details on Stuxnet’s destructive procedure, see Nicholas Falliere, Liam O. Murchu, and Eric Chien, “W32.Stuxnet Dossier,” ver. 1.4 (Cupertino, CA: Symantec, February 2011).

83.The standard usage can be relabeled as follows: “first-order” direct effects exerted on an industrial controller; and “second-order” direct effects influencing machine parts governed by it.

84.For a similar definition, see Nye, “Nuclear Lessons for Cyber Security?” p. 21.

85.On hacktivism as a modern form of political activism, see François Paget, Cybercrime and Hacktivism (Santa Clara, CA: McAfee, 2010), pp. 10–12.

86.Bellovin, Landau, and Lin, “Limiting the Undesired Impact of Cyber Weapons,” pp. 4–5.

87.See David D. Clark and Susan Landau, “Untangling Attribution,” in Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy (Washington, D.C.: National Academies Press, 2010), pp. 25–40.

88.See, for example, Alexander Klimburg and Heli Tirmaa-Klaar, Cybersecurity and Cyberpower: Concepts, Conditions, and Capabilities for Cooperation for Action within the EU (Brussels: European Parliament Directorate General for External Policies of the Union, Policy Department, April 2011), p. 5.

89.Bruce Schneier, “When Does Cyber Spying Become a Cyber Attack,” Defense One (March 10, 2014), http://www.defenseone.com/technology/2014/03/when-does-cyber-spying-become-cyber-attack/80206/.

90.The common term is “advanced persistent threat,” or APT, which refers to an actor (such as a large state) able to penetrate an adversary’s computer systems persistently and successfully. I prefer the term advanced persistent adversary because the meaning of APT focuses on the threat posed by the agent, rather than the more important agent posing the threat.

91.Stephen M. Walt, “The Renaissance of Security Studies,” International Studies Quarterly, Vol. 35, No. 2 (1991), p. 212.

92.See Adam P. Liff, “Cyberwar: A New ‘Absolute Weapon’? The Proliferation of Cyberwarfare Capabilities and Interstate War,” Journal of Strategic Studies, Vol. 35, No. 3 (June 2012), pp. 401–28; Thomas Rid, Cyber War Will Not Take Place (London: Hurst, 2013); and Erik Gartzke, “The Myth of Cyberwar: Bringing War in Cyberspace Back Down to Earth,” International Security, Vol. 38, No. 2 (Fall 2013), pp. 41–73.

93.For a discussion of the shape of the cyber danger, see Chapter 2.

94.Brandon Valeriano and Ryan C. Maness, “The Dynamics of Cyber Conflict between Rival Antagonists, 2001–11,” Journal of Peace Research, Vol. 51, No. 3 (2014), p. 355. This analysis ignores nonstate actors unless “they are considered part of a state’s national security apparatus, or if the initiators are clearly acting on behalf of their home government” (p. 355). Thus it excludes a vast number of unaffiliated or subversive players. The authors’ book-length study repeats this omission. See Valeriano and Maness, Cyber War Versus Cyber Realities.

2  The Cyber Curse: Complications of Defense

1.As one academic study concluded, “[C]yber disputes are rare. When they do happen, the impact tends to be minimal.” Brandon Valeriano and Ryan C. Maness, “The Dynamics of Cyber Conflict between Rival Antagonists, 2001–11,” Journal of Peace Research, Vol. 51, No. 3 (2014), p. 359. See also the comments by Bruce Schneier in “Threat of ‘Cyberwar’ Has Been Hugely Hyped,” CNN (July 7, 2010).

2.Barack H. Obama, “Remarks by the President on Securing Our Nation’s Cyber Infrastructure,” White House Press Office (May 29, 2009).

3.“War in the Fifth Domain,” The Economist (July 1, 2010).

4.See “James R. Clapper to the U.S. Senate Intelligence Committee” (Washington, D.C.: U.S. Government Printing Office, March 12, 2013). This was only the second time after the September 11, 2001 terrorist attacks in New York and Washington, D.C., that terrorism does not top the list of U.S. security concerns. See also Aaron Boyd, “DNI Clapper: Cyber Bigger than Terrorism,” Federal Times (February 4, 2016). By contrast, in 2007, when the DNI published the first threat ranking, the cyber threat did not even figure among the top ten.

5.See Le Livre blanc: Défense et sécurité nationale (Paris: La Documentation française, June 2013).

6.See Public Uncertain, Divided over America’s Place in the World (Washington, D.C.: Pew Research Center, April, 2016), p. 23.

7.Government officials and media representatives have varyingly used these terms. See, for example, Republican National Committee, Republican Platform 2016 (July 2016), p. 53; and Joseph Marks, “Officials Worry about ‘cyber Fort Hood’,” Politico (September 9, 2014). “Fort Hood” refers to the shooting, in 2009, by U.S. Army Major Nidal Hassan, a radicalized Muslim who killed thirteen people and injured another thirty. Not all media outlets, of course, exhibit this inflammatory rhetorical tendency; some in fact resist it. See, for example, Henry Farrell, “Cyber-Pearl Harbor Is a Myth,” The Monkey Cage (blog), Washington Post (November 11, 2011).

8.See A Strong Britain in an Age of Uncertainty: The UK National Security Strategy (London: Cabinet Office, 2010).

9.See William J. Lynn, III, “Defending a New Domain,” Foreign Affairs, Vol. 89, No. 5 (September/October 2009), pp. 97–108.

10.This view sometimes leads to cynical interpretations of threat inflation: for example, the view that governments hype the threat in order to raise public awareness about the reality of the danger; or that they exaggerate the threat scale to seize institutional advantages in a “power struggle” among the public and private sectors about the legitimacy of the government’s control of private networks – and by sounding the alarm of war, the government wins the power struggle. (Schneier, “Threat of ‘Cyberwar’ Has Been Hugely Hyped.”)

11.Innumerable because the victims of attack often withhold knowledge of it to avoid reputational and other harm and because even within the observable universe, the number of incidents and the diversity of targets are enormous. Possibly, a fatal cyberattack has occurred that officials have been able to conceal from the public. But the number of such incidents is likely to be low – low enough, at least, that they meet under the criterion of homicide, not acts of war.

12.Perhaps no other hypothesis – indeed prediction – in the study of international relations has proven so resistant to empirical falsification as this one. See, for example, Bruce Russett, Grasping the Democratic Peace: Principles for a Post-Cold War World (Princeton, N.J.: Princeton University Press, 1993); and Michael E. Brown, Sean M. Lynn-Jones, and Steven E. Miller, Debating the Democratic Peace (Cambridge, MA: MIT Press, 1996).

13.For instance, some thinkers set the minimum number of deaths at 200, others at 1,000. See Spencer R. Weart, Never at War: Why Democracies Will Not Fight Each Other (New Haven, CT: Yale University Press, 1998); and the Correlates of War Project, “Data Sets,” http://www.correlatesofwar.org/data-sets/COW-war.

14.TCP/IP signifies the suite of communications protocols that governs data transmission via the Internet.

15.“Has the Cyberwar Threat Been Exaggerated?,” Intelligence Squared U.S., Washington, D.C. (June 16, 2010), http://intelligencesquaredus.org/debates/past-debates/item/576-the-cyberwar-threat-has-been-grossly-exaggerated.

16.Letter from General Martin E. Dempsey to John D. Rockefeller IV, chairman, U.S. Senate Committee on Commerce, Science, and Transportation (August 1, 2012) (Washington, D.C.: U.S. Government Printing Office).

17.Donna Miles, “U.S. European Command, NATO Boost Cyber Defenses,” American Force Press Service, U.S. Department of Defense (May 18, 2012), http://www.defense.gov/news/newsarticle.aspx?id_116394.

18.See President of Estonia Toomas H. Ilves, address given at the European Union Ministerial Conference on Critical Infrastructure Protection, Tallinn, Estonia (April 27, 2009).

19.Thomas Rid, “Cyber War Will Not Take Place,” Journal of Strategic Studies, Vol. 35, No. 1 (February 2012), p. 12.

20.See U.S. Cyber Consequences Unit (US-CCU), Overview by the US-CCU of the Cyber Campaign against Georgia in August 2008, Special Report, US-CCU (August 2009), http://www.registan.net/wp-content/uploads/2009/08/US-CCU-Georgia-Cyber-Campaign-Overview.pdf.

21.See “The Shamoon Attacks,” Symantic Official Blog (August 16, 2012); and Christopher Bronk and Eneken Tikk-Ringas, “The Cyber Attack on Saudi Aramco,” Survival: Global Politics and Strategy, Vol. 55, No. 2 (2013), pp. 81–96.

22.See David E. Sanger, “Obama Order Sped Up Wave of Cyberattacks against Iran,” The New York Times (June 1, 2012).

23.See Gabi Siboni and Zvi Magen, “The Cyber Attack on the Ukrainian Electrical Infrastructure: Another Warning,” INSS Insights, No. 798 (February 17, 2016).

24.See Eneken Tikk-Ringas quoted in “Could Cyber Skirmish Lead to War?,” NBC News (June 11, 2010), http://www.nbcnews.com/technology/could-cyber-skirmish-lead-u-s-war–6C10406234.

25.Kim Chipman, “Cruz Says Russia, China Have Committed Acts of ‘Cyber War,’” Bloomberg (August 7, 2015).

26.Oliver Laughland and Dominic Rushe, “Sony Pulling the Interview Was ‘a Mistake’ Says Obama,” The Guardian (December 20, 2014).

27.Richard Waters, “US Struggles to Find Response to Hack Attack on Sony,” The Financial Times (December 21, 2014).

28.See Rid, “Cyber War Will Not Take Place.”

29.On calculated ambiguity in other domains of conflict, see Scott D. Sagan, “The Commitment Trap: Why the United States Should Not Use Nuclear Weapons to Deter Biological and Chemical Weapons Attacks,” International Security, Vol. 24, No. 4 (Spring 2000), pp. 85–115.

30.Siobhan Gorman and Julian E. Barnes, “Cyber Combat: Act of War,” Wall Street Journal (May 30, 2011).

31.See Chapter 7.

32.See Congressional Record, U.S. Senate, Proceedings and Debates of the 114th Congress, First Session, Vol. 161, No. 126 (August 5, 2015), p. S6338.

33.Aaron Boyd, “SecDef Nominee: Cyber Threats Require Holistic Defense Strategy,” Federal Times (February 4, 2015).

34.National Research Council of the National Academies, Terrorism and the Electric Power Delivery System (Washington, D.C.: National Academies Press, 2012), p. 16.

35.See Barack H. Obama, “Taking the Cyberattack Threat Seriously,” op-ed, Wall Street Journal (July 19, 2012).

36.Some officials speculate that Iran retaliated for Stuxnet with DDoS attacks against U.S. financial institutions. See Senator Joseph Lieberman, interview on Newsmakers, C-SPAN (September 23, 2012).

37.See Adam P. Liff, “Cyberwar: A New ‘Absolute Weapon?’ The Proliferation of Cyberwarfare Capabilities and Interstate War,” Journal of Strategic Studies, Vol. 35, No. 3 (June 2012), p. 401.

38.See William J. Lynn III, “Defending a New Domain,” Foreign Affairs, Vol. 89, No. 5 (September 2010), pp. 97–108.

39.The term “PLC environment” denotes the PLC computers and the engineering stations used to program them.

40.For a discussion of potential reproduction, in whole or in part, of the Stuxnet worm, see Chapter 6.

41.See Thomas Rid, “Think Again: Cyberwar,” Foreign Policy, Vol. 192 (March/April 2012). A more nuanced argument about offense superiority in limited scenarios involving specific organizational abilities and technologies appears in Rebecca Slayton, “What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment,” International Security, Vol. 41, No. 3 (Winter 2016–17), pp. 72–109.

42.On the difficulties of cyber defense, see Stewart Baker, Natalia Filipiak, and Katrina Timlin, In the Dark: Crucial Industries Confront Cyberattacks (Santa Clara, CA: Center for International and Strategic Studies and McAfee, 2011); and John Arquilla, “Cyberwar Is Already Upon Us,” Foreign Policy (February 27, 2012), www.foreignpolicy.com/articles/2012/02/27/cyberwar_is_already_upon_us.

43.Paul Roberts, “Update – Stuxnet Expert: Analysis Shows Design Flaw, Not Vulnerability Sunk Siemens,” Threatpost (January 19, 2012).

44.According to one report, the average detection time of zero-day attacks is approximately ten months. The median is eight months. See Leyla Bilge and Tudor Dumitras, “Before We Knew It: An Empirical Study of Zero-Day Attacks in the Real World,” Proceedings of the 2012 ACM Conference on Computer and Communications Security, October 16–18, 2012, p. 834.

45.The problem of undetectable malware is reflected in the technical community’s common fixation with the search for viable means of identifying APTs.

46.This figure is a simplification. The lag time between compromise and detection depends on the class and effects of the hostile action. A higher figure applies to cyber exploitation rather than cyberattacks. Indeed, some attacks – such as ransomware, which incapacitates the target machine – may be discovered immediately. See 2016 Data Breach Investigations Report, Verizon (April 24, 2016), pp. 10–11. The policy process from the time that investigators identified North Korea as the culprit to publicly outing it took longer than the time between when investigators first learned of the breach and when they identified North Korea.

47.Edward W. Krippendorf vs. United States of America, Office of Personnel Management; and Keypoint Government Solutions, Case 1:15 cv 01321 (August 14, 2015), p. 25.

48.See Jessica Silver-Greenberg, Matthew Goldstein, and Nicole Perlroth, “Hackers’ Attack on JPMorgan Chase Affects Millions,” The New York Times (October 2, 2014).

49.See Danny Yardon, “Three Months Later, State Department Hasn’t Rooted Out Hackers,” Wall Street Journal (February 19, 2015).

50.Andrea Shalal, “Nearly Every U.S. Arms Program Found Vulnerable to Cyber Attacks,” Reuters (January 21, 2015).

51.Lorenzo Franceschi-Bicchierai, “FBI Says a Mysterious Hacking Group Has Had Access to US Government Files for Years,” Motherboard (April 4, 2016).

52.In one case, the detection lag may have been about one year. See Kim Zetter, “Kaspersky Finds New Nation-State Attack – In its Own Network,” Wired (October 6, 2015).

53.Franceschi-Bicchierai, “FBI Says a Mysterious Hacking Group Has Had Access to US Government Files for Years.”

54.See Luke Harding, “Top Democrat’s Emails Hacked by Russia after Aide Made Typo, Investigation Finds,” The Guardian (December 14, 2016).

55.See Sam Thielman, “Yahoo Hack: 1bn Accounts Compromised by Biggest Data Breach in History,” The Guardian (December 15, 2016).

56.Robert S. Mueller, III, “Remarks at RSA Cyber Security Conference, San Francisco, CA” (March 21, 2012), https://archives.fbi.gov/archives/news/speeches/combating-threats-in-the-cyber-world-outsmarting-terrorists-hackers-and-spies.

57.Baldwin’s original dictum was: “The bomber will always get through.” Yet the inventive acuity of British scientists proved his dire prediction wrong, as the Royal Air Force’s victory against the Luftwaffe during the Battle of Britain in 1940 showed. See Chapter 3 in this volume.

58.See Matthew Monte, Network Attacks and Exploitation (Indianapolis, IN: Wiley, 2015), p. 150.

59.See Thomas C. Schelling, Arms and Influence (New Haven, CT: Yale University Press, 1966).

60.According to sources, the data breach, which involved the exfiltration of several terabytes of information, occurred in 2007 and 2008. See Daniel Nasaw, “Hackers Breach Defences of Joint Strike Fighter Jet Programme,” The Guardian, April 21, 2009.

61.The diplomatic dispute over the control of the Spratly and Paracel Islands and other island archipelagos in the South China Sea has a long and complex history. The islands underwent military occupations by various powers, the most recent of which was China’s stationing of an advanced surface-to-air missile system (HQ–9) on Woody Island in February 2016 – a move that the United States and regional countries have denounced. The Philippines government has taken its dispute with China over the Spratlys to the Permanent Court of Arbitration in The Hague, which in July 2016 ruled against China’s historic claims to the islands’ resources.

62.John J. Mearsheimer, Conventional Deterrence (Ithaca, N.Y.: Cornell University Press, 1983), p. 26.

63.See Amir Efrati and Steve Nellis, “Inside Apple’s Cloud Infrastructure Troubles,” Business Insider (March 23, 2016).

64.See “Chinese Government Bans Windows 8 from its Computers,” The Guardian (May 20, 2014).

65.An example of this effort is the proposal for a new legislative bill (H.R.5793 – Cyber Supply Chain Management and Transparency Act of 2014 113th Congress, 2013–14) requiring all private contractors that supply software or hardware to the U.S. government to provide “a bill of materials of all third party and open source components used,” demonstrate that those component do not have known vulnerabilities, provide “secure update mechanisms” when a new vulnerability is detected, and supply remediation “within a reasonable specified time.”

66.In 2010, Google announced that sophisticated Chinese agents had breached its systems, and in 2011, unknown parties compromised RSA’s authentication products. This was followed by attempts to penetrate computers at Lockheed Martin, an RSA client.

67.See Sean M. Lynn-Jones, “Offense-Defense Theory and its Critics,” Security Studies, Vol. 4, No. 4 (Summer 1995), p. 665.

68.Brian Groom, “Ministers Warn on Threat from Cyber Attacks,” The Financial Times (September 4, 2012).

69.Robert O’Harrow, Jr., “Understanding Cyberspace Is Key to Defending against Digital Attacks,” Washington Post (June 2, 2012).

70.See Lucas Kello, “The Meaning of the Cyber Revolution: Perils to Theory and Statecraft,” International Security, Vol. 38, No. 2 (Fall 2013), p. 22.

71.Brandon Valeriano and Ryan C. Maness, “The Coming Cyberpeace: The Normative Argument against Cyberwarfare,” Foreign Affairs (May 13, 2015).

72.See Michael Riley, “How Russian Hackers Stole the Nasdaq,” Bloomberg (July 17, 2014).

73.See Dave Majumdar, “America’s F–35 Stealth Fighter vs. China’s New J–31: Who Wins?” National Interest (September 25, 2015).

74.Josh Rogin, “NSA Chief: Cybercrime Constitutes the ‘Greatest Transfer of Wealth in History’,” Foreign Policy (July 9, 2012).

75.James Lewis, “Significant Cyber Incidents Since 2006,” Center for Strategic and International Studies (August 2016), file:///C:/Users/LK/Downloads/160824_Significant_Cyber_Events_List.pdf.

76.John Barrasso (chairman), Mary Fallin, and Virginia Foxx, Republican Platform 2016 (Cleveland, OH: Consolidated Solutions, 2016), p. 53.

77.James R. Van de Velde, “War in Peace,” American Interest (September 6, 2016).

78.Fergus Hanson, “Waging War in Peacetime: Cyber Attacks and International Norms,” The Interpreter (October 20, 2015).

3  Technological Revolution and International Order

1.Exceptions to this trend include William Ogburn, ed., Technology and International Relations (Chicago, IL: Chicago University Press, 1949); Eugene B. Skolnikoff, The Elusive Transformation: Science, Technology, and the Evolution of Technological Politics (Princeton, N.J.: Princeton University Press, 1993); Geoffrey L. Herrera, Technology and International Transformation: The Railroad, the Atom Bomb, and the Politics of International Change (New York: State University of New York Press, 2006); Stefan Fritsch, “Technology and Global Affairs,” International Studies Perspectives, Vol. 12, No. 1 (2011), pp. 27–45; and Fritsch, “Conceptualizing the Ambivalent Role of Technology in International Relations: Between Systemic Change and Continuity,” in Maximilian Mayer, Mariana Carpes, and Ruth Knoblich, eds., The Global Politics of Science and Technology. Vol. 1: Concepts from International Relations and Other Disciplines (Berlin, Heidelberg: Springer, 2014).

2.Two classic studies are John H. Herz, International Politics in the Atomic Age (New York: Columbia University Press, 1959); and Robert Jervis, The Meaning of the Nuclear Revolution: Statecraft and the Prospect of Armageddon (Ithaca, N.Y.: Cornell University Press, 1989).

3.See Francis Hoeber, Slow to Take Offense: Bombers, Cruise Missiles and Prudent Deterrence (Washington, D.C.: Georgetown University Center for Strategic and International Studies, 1977); and Elmo R. Zumwalt, “Correspondence: An Assessment of the Bomber-Cruise Missile Controversy,” International Security, Vol. 2, No. 1 (Summer 1977), pp. 47–58.

4.See, for example, Peter W. Singer, Wired for War: The Robotics Revolution and Conflict in the 21st Century (New York: Penguin, 2009).

5.By “modern” history I mean international relations since the consecration of the nation state as the dominant political unit in the system beginning in the mid-seventeenth century.

6.See, for example, Robert Gilpin, War and Change in World Politics (Cambridge: Cambridge University Press, 1989).

7.Rational-choice theorists hold that the evolution of international affairs occurs only at the level of material facts. A state that pursues alternate ends, such as moral purposes not linked to the achievement of objective ends, does so at peril of its own survival. See Kenneth N. Waltz, Theory of International Politics (New York: McGraw-Hill, 1979). On the problem of change in international relations, see for instance Friedrich Kratochwil, “The Embarrassment of Change: Neo-Realism as the Science of Realpolitik without Politics,” Review of International Studies, Vol. 19, No. 1 (January 1993), pp. 63–80.

8.See Waltz, Theory of International Politics. For Waltz, the ordering principle of international politics is anarchy, or the absence of centralized government, which denotes the same condition suggested here: i.e. sovereign states are the supreme units.

9.See Hedley Bull, The Anarchical Society: A Study of Order in World Politics, second edition (London: Macmillan, 1995), pp. 67–68.

10.For a discussion of non-traditional international systems, see ibid., Chapter 10.

11.Structure is not, however, the mere agglomeration of unit-level attributes. The features of structure are also attributes of units: navies, capital reserves, commercial goods, norms, and political purposes are all commanded, owned, manufactured, or held by states. But it is the essence of systemic theory that unit-specific factors are relational: they matter most in terms of whether and how other units possess them. It is this quality that provides for the notion of structure.

12.Mill expounds his image of “economic man” in the treatise “On the Definition of Political Economy; and on the Method of Investigation Proper to It,” Essays on Some Unsettled Questions of Political Economy (London: Longmans, Green, Reader, and Dyer, 1874).

13.Edward H. Carr, The Twenty Years’ Crisis, 1919–1939: An Introduction to the Study of International Relations (New York: Harper and Row, 1964), p. 41. On the affinity of Carr’s work and English School thinking, see Timothy Dunne, “The Social Construction of International Society,” European Journal of International Relations, Vol. 1, No. 3 (September 1995), pp. 367–89.

14.In the context of debates about European integration, for instance, the school of “geopolitical intergovernmentalism” represents the former view, “liberal intergovernmentalism” the latter. See Inis L. Claude, Jr., Swords into Ploughshares: The Problems and Progress of International Organization, fourth edition (London: Random House, 1988); and Andrew Moravcsik, The Choice for Europe: Social Purpose and State Power from Messina to Maastricht (Ithaca, NY: Cornell University Press, 1998).

15.For a discussion of the self-reliant pursuit of autonomy in international relations, see Richard J. Harknett and Hasan B. Yalcin, “The Struggle for Autonomy: A Realist Structural Theory of International Relations,” International Studies Review, Vol. 14 (2012), pp. 499–521.

16.This treatment of power transition as a revolution is consistent with Stanley Hoffmann’s discussion of “revolutionary systems.” See Stanley Hoffmann, Gulliver’s Travels, Or the Setting of American Foreign Policy (New York: McGraw-Hill, 1968), p. 14.

17.See Moravcsik, The Choice for Europe.

18.Stephen Krasner, “Globalization and Sovereignty,” in David A. Smith, Dorothy J. Solinger, and Steven C. Topik, eds., States and Sovereignty in the Global Economy (London: Routledge, 1999).

19.Gilpin, War and Change in World Politics, p. 50.

20.Ibid., p. 52.

21.Ibid., p. 52.

22.Ibid., p. 9.

23.For John Ruggie the sources of ontological objectivism lie in methodology – i.e. in what this book calls scientism, or the fixation in some quarters of political science with explanatory and especially quantitative analysis. See John G. Ruggie, “Continuity and Transformation in the World Polity: Toward a Neorealist Synthesis,” World Politics, Vol. 35, No. 2 (January 1983), p. 285; and Chapter 1 of this work.

24.This is not to mean, however, that state preferences are symmetrical – only that underlying conceptions of interests (such as territorial security or welfare gains), which underpin specific preferences, are uniform. Indeed, rationalist theories of preference formation abound.

25.Arnold Wolfers, Discord and Collaboration (Baltimore, MD: Johns Hopkins Press, 1962).

26.Mainstream constructivist theorists do not challenge the assumption of actor rationality; rather, they claim that self-interested behavior is influenced by identities and normative understandings – thus some thinkers refer to the complementarity of rationalist and constructivist scholarship. On constructivism, see for instance Alexander Wendt, Social Theory of International Politics (Cambridge: Cambridge University Press, 1999); and Audie Klotz and Cecelia M. Lynch, Strategies for Research in Constructivist International Relations (London: M. E. Sharpe, 2007). On the complementarity between rationalism and constructivism, see for example Joseph Jupille, James A. Caporaso, and Jeffrey T. Checkel, “Integrating Institutions: Rationalism, Constructivism, and the Study of the European Union,” Comparative Political Studies, Vol. 36, No. 7 (February–March 2003), pp. 7–40; and James Fearon and Alexander Wendt, “Rationalism versus Constructivism: A Skeptical View,” in Walter Carlsnaes, Thomas Risse, and Beth A. Simmons, Handbook of International Relations (London: Sage, 2002). Some liberal thinkers, such as Democratic Peace theorists, also ascribe an important role to ideas. See Ido Oren, “The Subjectivity of the ‘Democratic’ Peace: Changing U.S. Perceptions of Imperial Germany,” in Michael E. Brown, Sean M. Lynn-Jones, and Steven E. Miller, Debating the Democratic Peace: An International Security Reader (Cambridge, MA: The MIT Press, 1996), pp. 263–300.

27.On the limits of humanitarian intervention, a classical account is Stanley Hoffmann, Duties Beyond Borders: On the Limits and Possibilities of Ethical International Politics (Syracuse, N.Y.: Syracuse University Press, 1981).

28.On the development of the responsibility to protect, see Jennifer M. Welsh, “Implementing the ‘Responsibility to Protect’: Where Expectations Meet Reality,” Ethics and International Affairs, Vol. 24, No. 4 (Winter 2010), pp. 415–30; and Alex J. Bellamy, Global Politics and the Responsibility to Protect: From Words to Deeds (London: Routledge, 2011).

29.See Thomas Berger, “Changing Norms of Defense and Security in Japan and Germany,” in Peter J. Katzenstein, ed., The Culture of National Security: Norms and Identity in World Politics (New York: Columbia University Press, 1996), pp. 317–56.

30.See Stephen M. Walt, Revolution and War (Ithaca, N.Y.: Cornell University Press, 1996). Nevertheless, advances in communications technology – not least the Internet and social media – may create conditions in which political winds of domestic revolution blow rapidly and unexpectedly across national borders. For a discussion of this phenomenon in the context of the Arab Spring, see Philip N. Howard, Aiden Duffy, Deen Freelon, Muzammil M. Hussain, Will Mari, and Marwa Maziad. “Opening Closed Regimes: What Was the Role of Social Media during the Arab Spring?” (2011), available at SSRN: https://ssrn.com/abstract=2595096 or http://dx.doi.org/10.2139/ssrn.2595096.

31.See Walt, Revolution and War.

32.Bull, The Anarchical Society, p. 25.

33.For an elaboration of this point, see John Vincent, Human Rights and International Relations: Issues and Reponses (Cambridge: Cambridge University Press, 1996).

34.Bull, The Anarchical Society, p. 22. See also Hedley Bull, Justice in International Relations: Hagey Lectures (Waterloo: University of Waterloo, 1983), p. 13. This understanding of the connection between world and international society is similar to Locke’s social-contract theory, in which the legitimacy of sovereignty is thought to derive from the ability of the state to protect its citizens’ natural rights. Other thinkers, such as Martin Wight and Andrew Linklater, view the relationship between state sovereignty and individual moral claims as oppositional. See Martin Wight, International Theory: The Three Traditions (London: Leicester University Press, 1991); and Andrew Linklater, “Citizenship and Sovereignty in the Post-Westphalian State,” European Journal of International Relations, Vol. 2, No. 1 (March 1996), pp. 77–103.

35.Gilpin, War and Change in World Politics, p. 211. Thucydides himself claimed to have written for posterity. See also Barry Buzan and Richard Little, International Systems in World History: Remaking the Study of International Relations (Oxford: Oxford University Press, 2000), p. 2. For other theories of international change that conform to rational-choice assumptions, see Paul Kennedy, The Rise and Fall of the Great Powers: Economic Change and Military Conflict from 1500 to 2000 (New York: Vintage Books, 1987); and Charles Kindleberger, The World in Depression, 1929–1939 (Berkeley, CA: University of California Press, 1996).

36.The analysis of this section combined procedural reforms, or what Gilpin termed “interaction changes,” with larger changes in the international system’s material structure. Together, these two elements, which Gilpin treats separately, are the main features of systemic disruption.

37.Bull, Anarchical Society, p. 311.

38.Marx’s theory of the state is rooted in his understanding of the state as a guarantor of private property and, therefore, his expectation that a classless society would also be stateless. In pursuing this vision, Lenin in fact violated it: he emphasized the necessity of an intermediary stage, “the dictatorship of the proletariat,” in which the state’s influence on economic and personal life was supreme. See Friedrich Engels and Karl Marx, The German Ideology, second edition (London: Laurence and Wishart, 1974); and Vladimir Lenin, The State and Revolution: The Marxist Theory of the State and the Tasks of the Proletariat in the Revolution (London: Union Books, 2013).

39.See Chapter 5.

40.See Andrew Hurrell, On Global Order: Power, Values and the Constitution of International Society (Oxford: Oxford University Press, 2007), p. 69. For an intellectual history of war and peace in European thought, see Michael Howard, War in Modern History (Oxford: Oxford University Press, 1976); and Justine Lacroix and Kalypso A. Nicolaidïs, eds., European Stories: Intellectual Debates on Europe in National Contexts (Oxford: Oxford University Press, 2011). On modern peace theories and proposals, see F. H. Hinsley, Power and the Pursuit of Peace: Theory and Practice in the History of Relations between States (Cambridge: Cambridge University Press, 1967).

41.See Immanuel Kant, Perpetual Peace and Other Essays on Politics, History and Morals, trans. T. Humphrey (Indianapolis, IN: Hackett, 1983).

42.See Hurrell, On Global Order, p. 69.

43.This form of moderate federalism differed from the vision of radical federalists such as Altiero Spinelli, Carlo Sforza, and Helmuth von Moltke, whose central concern was the wholesale eradication of the nation state within a single European entity. See Walter Lipgens, A History of European Integration (Oxford: Oxford University Press, 1982); and Walter Lipgens and Wilfried Loth, eds., Documents on the History of European Integration: The Struggle for European Union by Political Parties and Pressure Groups in Western European Countries, 1945–1950 (New York: De Gruyter, 1988).

44.The evaluation of systemic revision confronts an analytical challenge: analysts must determine whether observed changes in states’ shared goals and principles signal the emergence of new political ideals or represent, instead, a mere adaptation of previously existing values. Or more succinctly: At what point does normative change become systemic revision? See Barry Buzan, From International to World Society? English School Theory and the Social Structure of Globalisation (Cambridge: Cambridge University Press, 2004), p. 182.

45.This concept is different from Geoffrey Herrera’s “system change,” a label he employs interchangeably with the more common “systemic change.” See Herrera, Technology and International Transformation.

46.See Richard Rosecrance, The Resurgence of the West: How a Transatlantic Union Can Prevent War and Restore the United States and Europe (New Haven, CT: Yale University Press, 2013).

47.See Margaret E. Keck and Kathryn Sikkink, Activists Beyond Borders: Advocacy Networks in International Politics (Ithaca, N.Y.: Cornell University Press, 1998).

48.See Herrera, Technology and International Transformation, p. 22.

49.Bull’s original term was “world political system.”

50.Bull, Anarchical Society, p. 266.

51.Ibid., p. 268. Critical theories of international relations also supply a range of concepts with which to build a model of the system that does not privilege the state. This perspective emphasizes the importance not only of structures of power but also the very nature of power, especially shifting hierarchical relationships among state and nonstate players; it focuses not just on the actions of observers and practitioners but also their minds, especially normative choices in favor of or against a particular social conception of hierarchical agents; in brief, it draws attention to the question of how a new system comes about rather than how established systems adapt and endure. The critical approach, however, has its limits. Not least of these is the essential duality in which deep change occurs. Forces of change in the contemporary world exist within, and are thus shaped and constrained by, the very social arrangement that they strive to supplant. This limits, as Robert Cox acknowledged, “the range of choice to alternative orders which are feasible transformations of the existing world.” (Robert W. Cox, “Social Forces, States, and World Orders,” Millennium: Journal of International Studies, Vol. 10, No. 2 [1981], p. 130.) The basic theoretical challenge, then, is to provide conceptual benchmarks of revolutionary change that separate changes within the international system and more exceptional changes of the system itself – the central aim of this chapter.

52.David Armstrong, Revolution and World Order: The Revolutionary State in International Society (Oxford: Clarendon Press, 1993), p. 33. There were, in fact, two treaties – of Osnabrück and Münster.

53.See Robert Jackson, Sovereignty: The Evolution of an Idea (Cambridge: Polity, 2007), p. 38. Andrew Hurrell disputes the Westphalia-based story of the states system’s genesis, noting that the legal and moral practices of modern international society developed between 1750 and 1914. See Hurrell, On Global Order, p. 54; and Andreas Osiander, “Sovereignty, International Relations and the Westphalian Myth,” International Organization, Vol. 55, No. 2 (April 2001), pp. 251–87.

54.Wight, International Theory, p. 41. Wight cites Christian Wolff as a principal exponent of this dogma.

55.See J. D. Cockcroft and E. T. S. Walton, “Experiments with High Velocity Positive Ions. II. The Disintegration of Elements by High Velocity Protons,” Proceedings of the Royal Society of London (July 1932).

56.In 1934, American physicist Leo Szilard observed that neutrons could sustain a nuclear chain reaction that could generate an enormous amount of energy. See Leo Szilard and T. H. Chalmers, “Detection of Neutrons Liberated from Beryllium by Gamma Rays: A New Technique for Inducing Radioactivity,” Nature, Vol. 134 (September 1934), pp. 494–95.

57.Oak Ridge housed one of the first centers of nuclear medicine in the United States. Doctors used cesium–137 to kill cancerous tissue. See Alan Taylor, “The Secret City,” The Atlantic (June 25, 2012).

58.On technological determinism, see John G. Ruggie, “International Responses to Technology: Concepts and Trends”, International Organization (Summer 1975), pp. 558–83; Merritt R. Smith and Leo Marx, eds., Does Technology Drive History? The Dilemma of Technological Determinism (Cambridge, MA: MIT Press, 1994); and Herrera, Technology and International Transformation, pp. 29–39.

59.According to one interesting study, globalization can reduce states’ reliance on the use of military force to pursue national interests. That is, integration provides “an additional mechanism for competition beyond cheap talk, but short of military violence.” Erik Gartzke and Quan Li, “War, Peace, and the Invisible Hand: Positive Political Externalities of Economic Globalization,” International Studies Quarterly, Vol. 47 (November 2003), pp. 561–86.

60.Skolnikoff, The Elusive Transformation, p. 11.

61.For an example of such a view, see Keir A. Lieber, War and the Engineers: The Primacy of Politics over Technology (Ithaca, N.Y.: Cornell University Press, 2005).

62.See William Potter, ed., International Nuclear Trade and Nonproliferation: The Challenge of Emerging Suppliers (Lexington, MA: Lexington Books, 1990); Chaim Braun and Christopher F. Chyba, “Proliferation Rings: New Challenges to the Nuclear Nonproliferation Regime,” International Security, Vol. 29, No. 2 (Fall 2004), pp. 5–49; Olav Njølstad, Nuclear Proliferation and International Order: Challenges to the Non-Proliferation Regime (New York, NY: Routledge, 2011).

63.See Vinton G. Cerf and Robert E. Kahn, “A Protocol for Packet Network Interconnection,” IEEE Transactions on Communications, COM–22, Vol. 5 (1974); and John Naughton, A Brief History of the Future: Origins of the Internet (London: Weidenfeld and Nicolson, 1999).

64.David D. Clark, “The Design Philosophy of the DARPA Internet Protocols,” Proceedings of the SIGCOMM ’88, Computer Communication Review, Vol. 18, No. 4 (1988), pp. 106–14. See also Clark, “Designs for an Internet,” Draft version 2.0 ed. s.l., unpublished manuscript (2016), p. 22.

65.Clark, “Designs for an Internet,” p. 22.

66.On the history of ARPANET, see Clark, “The Design Philosophy of the DARPA Internet Protocols”; Barry M. Leiner, “Brief History of the Internet” (The Internet Society, http://www.internetsociety.org/internet/internet–51/history-internet/brief-history-internet); Janet Abbate, Inventing the Internet (Cambridge, MA: MIT Press, 1999), Chapters 14; and Naughton, A Brief History of the Future.

67.This trend may reverse if countries such as Russia and China succeed in efforts to impose sovereign control over the Internet. See Chapter 1 of this book.

68.See Ruggie, “International Responses to Technology,” p. 558.

69.The notion of “sociotechnical” systems captures the interaction of technology and politics. See Herrera, Technology and International Transformation.

70.In fact, this is the essence of Gilpin’s definition of systemic change. See Gilpin, War and Change in World Politics, p. 9.

71.Thucydides, History of the Peloponnesian War, trans. Steven Lattimore (Indianapolis, IN: Hackett, 1998).

72.The disturbance of the balance resulted largely from the growth of Athens’ navy and from its construction of a defensive wall around the port of Piraeus, the completion of which would have complicated Sparta’s ability to check Athenian expansion in the Aegean region. See Thucydides, History of the Peloponnesian War, pp. 33 and 67–70.

73.See Paul M. Kennedy, The Rise and Fall of the Great Powers: Economic Change and Military Conflict from 1500 to 2000 (New York: Random House, 1987), pp. 148–52; and Paul Bairoch, “International Industrialization Levels from 1750 to 1980,” Journal of European Economic History, Vol. 11 (1982). Notably, Kennedy’s work contains only passing references to the important role of technological innovation in the historical rise and fall of great powers. He notes, for example, that “The advanced technology of steam engines and machine-made tools gave Europe decisive economic and military advantages [over non-European societies during the eighteenth and nineteenth centuries]. The improvements in the muzzle-loading gun (percussion caps, rifling, etc.) were ominous enough; the coming of the breechloader, vastly increasing the rate of fire, was an even greater advance; and the Gatling guns, Maxims and light field artillery put the final touches to a new ‘firepower revolution’ which quite eradicated the chances of a successful resistance by indigenous peoples reliant upon older weaponry” (p. 150). Yet this work does not develop a theory of technological revolution and great power transition.

74.For the purposes of illustrating the effects of nuclear arms on the international balance of power, this discussion does not consider the revolutionary nature of Soviet foreign policy (for a discussion, see Chapter 5). Insofar as these aims were revolutionary, the nuclear revolution in this instance produced second-order, not third-order effects.

75.See William Easterly and Stanley Fischer, “The Soviet Economic Decline: Historical and Republican Data,” NBER Working Paper No. 4735 (May 1994), p. 1.

76.See William H. Cooper, Russia’s Economic Performance and Policies and Their Implications for the United States (Washington, D.C.: Congressional Research Service, June 29, 2009), p. 5.

77.Ukraine’s fate after 1991 demonstrates the expansionist dangers that non-nuclear states face against nuclear powers. Although some Ukrainian leaders have strived to steer their country towards NATO and the European Union, a Russian military incursion that began in 2014 has stalled both accessions. Had Ukraine retained the nuclear deterrent that it inherited from the Soviet Union, its Western-oriented leaders’ may have realized their political ambitions. See John J. Mearsheimer, “The Case for a Ukrainian Nuclear Deterrent,” Foreign Affairs (Summer 1993).

78.The words are from Admiral Sir Arthur Wilson. Quoted in Stephen W. Roskill, Naval Policy between the Wars (London: Walker, 1968), p. 231.

79.The Royal Navy Submarine Service was founded in 1901. By August 1914, it numbered 71 vessels, many of which, however, were training vessels. This number is larger than the number of vessels (61) that the Germany Navy fielded at any one time during the war. The largest fleet belonged to the French, who possessed 123 vessels, of which few were fit for battle.

80.The most reliable form of submarine detection – the sighting of a periscope – almost always came too late to deflect a fatal blow. Defensive measures – such as minefields, net barrages, and depth charges – were only partly effective; the first sinking of a German submarine (U–68) by depth charges did not occur until March 1916. See Richard Compton-Hall, Submarines and the War at Sea (London: Macmillan, 1991); and Robert K. Massie, Castles of Steel: Britain, Germany and the Winning of the Great War at Sea (New York: Random House, 2003).

81.As developments in antisubmarine warfare (e.g. sonar) later showed, there was nothing about the nature of the new technology that intrinsically favored the offense over the defense.

82.Henry A. Kissinger, Nuclear Weapons and Foreign Policy (New York: Council on Foreign Relations, 1957), p. 73.

83.Some observers question whether the “Joe 4” test was a true thermonuclear detonation, because its yield (400 kilotons of TNT) was less than what was normal for a hydrogen bomb (in comparison, the American test, “Ivy Mike,” yielded 10.4 megatons). See Michael Kort, The Columbia Guide to the Cold War (New York: Columbia University Press, 1998), p. 187.

84.See “Statement by Lewis L. Strauss, Chairman, United States Atomic Energy Commission,” USAEC Release (March 31, 1954); A. H. Sturtevant, “Social Implications of the Genetics of Man,” Science, Vol. 120 (September 10, 1954), pp. 405–07; Ralph E. Lapp, “Radioactive Fall-out,” Bulletin of the Atomic Scientists, Vol. 11 (February 1955), pp. 206–09; and Carolyn Kopp, “The Origins of the American Scientific Debate over Fallout Hazards,” Social Studies of Science, Vol. 9 (1979), pp. 404–6.

85.See U.S. Senate, Study of Airpower: Hearings before the Subcommittee on the Air Force of the Committee on Armed Services (Washington, D.C.: Government Publication Office, 1956), p. 165.

86.See National Intelligence Estimate: Soviet Capabilities for Clandestine Attack against the U.S. with Weapons of Mass Destruction and the Vulnerability of the U.S. (Langley, VA: Central Intelligence Agency, 1951).

87.See Donald P. Steury, Intentions and Capabilities: Estimates on Soviet Strategic Forces, 1950–1983 (Langley, VA: Center for the Study of Intelligence, Central Intelligence Agency, 1996), p. 18; and Report of the Defense Science Board Task Force on Preventing and Defending Against Clandestine Nuclear Attack (Washington, D.C.: Office of the Under Secretary of Defense For Acquisition, Technology, and Logistics, June 2004). For a discussion of this problem in the context of nuclear terrorism, see Benjamin E. Schwartz, Right of Boom: What Follows an Untraceable Nuclear Attack? (New York: Overlook Press, 2015).

88.Charles L. Glaser and Chaim Kauffman, “What is the Offense-Defense Balance and Can We Measure It?” International Security, Vol. 22, No. 4 (Spring 1998), pp. 44–82.

89.See Stephen Van Evera, “The Cult of the Offensive and the Origins of the First World War,” International Security, Vol. 9, No. 1 (Summer 1984), p. 59.

90.See Marshall Joffre, Mémoires du Maréchal Joffre (Paris: Librarie Plon, 1932), p. 33; and Van Evera, “The Cult of the Offensive and the Origins of the First World War,” p. 61.

91.The German plan for a Swiss invasion, “Operation Tannenbaum,” envisaged a concentrated thrust from Lake Geneva to Lake Constance. Its bold authors warned about the perilous Jura Mountains and the steep banks of the Aare River. On Germany’s war plans in Switzerland, see Werner Roesch, Bedrohte Schweiz: Die Deutsche Operationsplanungen gegen die Schweiz im Sommer/Herbst 1940 und die Abwehr-Bereitschaft der Armee in Oktober 1940 (Frauenfeld: Huber, 1986).

92.See Lieber, War and the Engineers, p. 115.

93.Lindemann himself sought to prioritize other inventions, such as aerial mines, over the radar’s development. The Germans had not invested in the development of radar technology because Hitler did not regard it as necessary for the attainment of crushing offensive victories. See William Manchester and Paul Reid, The Last Lion: Winston Spencer Churchill, Defender of the Realm, 1940–1965 (New York: Little, Brown, and Company, 2012), Chapter 1.

94.See Lucas Kello, “Security,” in Joel Krieger, ed., The Oxford Companion to International Relations, third edition (Oxford: Oxford University Press, 2014).

95.Thucydides’ tragic tale of Athens and Sparta was later translated and elaborated on by the seventeenth-century English philosopher Thomas Hobbes. See Thomas Hobbes, Leviathan, edited with an introduction by C. B. Macpherson (New York: Penguin, 1968). In modern times, the logic of the security dilemma has induced nations to adopt strategic postures that also resulted in war: Germany’s bellicose reaction in 1914 to perceived encirclement by France and Russia; Japan’s attack on the United States in 1941 in anticipation of a military contest in the Pacific; or the U.S.-led invasion of Iraq in 2003 to dismantle suspected weapons-of-mass-destruction sites. In all of these cases, the despotic and militaristic regimes of Germany, Japan, and Iraq aggravated the security dilemma, showing that domestic-level factors can combine with systemic factors to increase the chances of conflict.

96.Robert O. Keohane and Joseph S. Nye, Jr., Power and Interdependence (New York: Longman, 1979), p. 40.

97.Or in the academic language of international relations, the former occurs at the second “level of analysis,” the latter at the third. On the levels of analysis in international relations – or “images,” as Waltz called them – see Kenneth N. Waltz, Man, the State, and War: A Theoretical Analysis (New York: Columbia University Press, 1959).

98.On Napoleon’s mastery of the weapons of war, see Martin Van Creveld, Technology and War: From 2000 B.C. to the Present (New York: Macmillan, 1989), Chapter 3.

99.This rearming process began in earnest following the Nazi seizure of power in 1933. Often, the process advanced by subterfuge because of the Versailles Treaty’s restrictions on German military capacity – for example, the use of the German Air Transport School (Deutsche Verkehrsfliegerschule), an outwardly civilian organization, to train Luftwaffe pilots. The key development was Hitler’s remilitarization of the Rhineland in 1936, which made the security relationship with France dangerous. See P. Laurent, “The Reversal of Belgian Foreign Policy, 1936–37,” Review of Politics, Vol. 31, No. 3 (July 1969), p. 372.

100.One man who correctly divined the shifting tides of strategy during the interwar period was Colonel Charles de Gaulle, who urged the creation of a French armée de métier comprising shock mechanized units. Believing that war had not changed in its essence since 1918, his superiors quashed the proposal. See Charles de Gaulle, Vers l’armée de métier (Paris: Plon, 1981).

101.Quoted in Steven Waugh, Essential Modern World History (Cheltenham: Thomas Nelson, 2001), p. 52.

102.See A. G. Armstrong, “The Army Today,” RUSI Journal, Vol. 81, No. 523 (1936); “The Army’s New Weapons and Equipment,” RUSI Journal, Vol. 84, No. 534 (1939); and Damian P. O’Connor, Between Peace and War: British Defence and the Royal United Services Institute, 1931–2010 (London: Royal United Services Institute, 2011), pp. 176–77.

103.In 1940, France had about 2,900 deployable tanks in the country’s northeast. This number was higher than Germany’s, even if one counts the tanks that Germany seized from Czechoslovakia. French tanks, moreover, were qualitatively superior; they included the SOMUA S35, which packed more firepower than its German equivalent, the Panzer III. See Julian Jackson, The Fall of France: The Nazi Invasion of 1940 (Oxford: Oxford University Press, 2003), pp. 12–13.

104.Interaction capacity signifies “the level of transportation, communication, and organization capability in the unit/system that determines what types and levels of interaction are possible.” Buzan and Little, International Systems in World History, p. 441.

105.See Benedict Anderson, Under Three Flags: Anarchism and the Anti-Colonial Imagination (London: Verso, 2005).

106.See William M. Ramsay, The Imperial Peace: An Ideal in European History (Oxford: The Clarendon Press, 1913).

107.On Roman military technology, see Simon James, Rome and the Sword: How Warriors and Weapons Shaped Roman History (London: Thames and Hudson, 2011).

108.See Thomas Powers, Heisenberg’s War: The Secret History of the German Bomb (New York: De Capo Press, 2000).

109.See Robert Farley, “What if Hitler Developed Nuclear Weapons during World War II?” The National Interest (October 8, 2016).

110.A German atomic victory, which likely would have involved the incineration of at least London and Moscow, would have looked very different from a conventional German victory, in which big Allied population centres may have survived the war largely intact, much as Paris did following France’s defeat in the spring of 1940. In either scenario, it is probable that the post-war order would have resembled a combination of World Leviathan within the European pan-Germanic Empire, or Großgermanisches Reich, colonial dominion in parts of Africa, and hegemony elsewhere, possibly in conjunction with the Japanese Empire. As Geoffrey Stoakes has argued, Hitler sought to assert direct control only over certain parts of the globe while exercising leadership elsewhere. See Geoffrey Stoakes, Hitler and the Quest for World Dominion (Leamington Spa: Berg, 1986), p. 235.

111.A world system is in Bull’s terms different from a world society, which as we saw conveys a concern for the interests of actors other than states even as it retains the assumption that states are the supreme agents of international life. See Hedley Bull, The Anarchical Society: A Study of Order in World Politics, second edition (London: Macmillan, 1995).

112.See Graham Allison, Nuclear Terrorism: The Greatest Preventable Catastrophe (New York: Henry Holt, 2005), Chapter 1.

113.This would equate to approximately one or two deployed warheads. By “deployed” I mean devices that are usable because they are mounted on missiles or other delivery systems. If one includes total nuclear warheads, the figure rises to seven. See Shannon N. Kile and Hans M. Kristensen, Trends in Nuclear Forces, 2016: SIPRI FACT Sheet (Solna, Sweden: Stockholm International Peace Research Institute, June 2016), p. 2. The nuclear devices such as “dirty bombs” that terrorists could plausibly deploy may differ significantly both in the manner of deployment and explosive yield. Even allowing for a greatly reduced range of delivery and power, the effect on international security of a dirty nuclear attack by terrorists could be profound. On nuclear terrorism, see Allison, Nuclear Terrorism.

114.Allison, Nuclear Terrorism, p. 227.

115.Michael J. Mills, Owen B. Toon, Julia Lee-Taylor, and Alan Robock, “Multidecadal Global Cooling and Unprecedented Ozone Loss Following a Regional Nuclear Conflict,” Earth’s Future, Vol. 2, No. 4 (April 2014), pp. 161–76.

116.See Ryan Rasteger, “How Many Nukes Would It Take to Render Earth Uninhabitable,” Global Zero: A World Without Nuclear Weapons (July 9, 2015), http://www.globalzero.org/blog/how-many-nukes-would-it-take-render-earth-uninhabitable.

117.Thomas S. Kuhn, The Structure of Scientific Revolutions, third edition (Chicago, IL: University of Chicago Press, 1996), p. 151. Kuhn observed that intellectual resistance to paradigmatic adjustment can last a lifetime, particularly in the case of individuals “whose careers have committed them to an older tradition of normal science” (p. 151).

4  Third-Order Cyber Revolution: Problems of Inadvertent Conflict

1.Nazi Germany’s mastery of tank warfare was one among several important factors in the country’s rise to the top of the European hierarchy of power. The acquisition of nuclear weapons, by contrast, was singularly important in the emergence of the United States and the Soviet Union as superpowers. But as we saw, the disruption of the balance of power was in the case of Nazi Germany and the Soviet Union an instance of systemic revision rather than systemic disruption owing to the revolutionary character of the two countries’ political leadership.

2.For a contrasting, if simplistic but interesting account, see Christopher Whyte, “Power and Predation in Cyberspace,” Strategic Studies Quarterly (Spring 2015), pp. 100–18.

3.Some analysts disagree with this assessment. Ivanka Barzashka argued that the operation’s effect on Iranian enrichment activity “in the medium-to-long term was limited at best” and that the ensuing “misrepresentation of Stuxnet’s effects may have hindered diplomatic solutions at a time when they could have had real threat-reduction and confidence-building benefits.” Ivanka Barzashka, “Are Cyber-Weapons Effective?” RUSI Journal, Vol. 158, No. 2 (2013), pp. 48–49. What is certain is that the U.S. government, one of Stuxnet’s reported authors, devised a plan (“Nitro Zeus”) for further cyberattacks if the diplomatic effort failed and war erupted. See David E. Sanger and Mark Mazzetti, “U.S. Had Cyberattack Plan if Iran Nuclear Dispute Led to Conflict,” The New York Times (February 16, 2016).

4.Sony Pictures’ initial reaction was to suspend the film’s theatrical release – thus setting the stage for the first successful coercive cyber action across international lines. But following intense public criticism, the company distributed the film freely (for a limited time) over the Internet. See Peter Bradshaw, “The Interview: Sony’s Retreat Signals an Unprecedented Defeat on American Turf,” The Guardian (December 18, 2014); and Chapter 5.

5.B. Valeriano and C. Maness, Cyber War Versus Cyber Realities: Cyber Conflict in the International System (Oxford: Oxford University Press, 2015), p. 6 (emphasis mine).

6.Ibid., p. 21 (emphasis mine).

7.See Lucas Kello, “The Meaning of the Cyber Revolution: Perils to Theory and Statecraft,” International Security, Vol. 38, No. 2 (Fall 2013), pp. 7–40.

8.See Austin Wright, “Cybersecurity Tests Delayed over Vulnerability Concerns,” Politico, (November 2015), https://www.politicopro.com/defense/story/2015/11/cybersecurity-tests-delayed-over-vulnerability-concerns–0752266.

9.See Nicholas Watt, “Trident Could Be Vulnerable to Cyber-Attack, Says Former Defence Secretary,” The Guardian (November 23, 2015). The quoted words belong to Franklin Miller, a former White House defense policy official under President George W. Bush. As the Stuxnet operation showed, air gaps are not impervious to malware. All computer systems, including those residing within the cyber archipelago, are susceptible to cyber intrusion. Thus Miller’s statement would be correct only in the impossible case that nuclear command and control functions, and the weapons themselves, were entirely manually operated.

10.For a fine elaboration of this line of argumentation, see Erik Gartzke, “The Myth of Cyberwar: Bringing War in Cyberspace Back Down to Earth,” International Security, Vol. 38, No. 2 (Fall 2013), pp. 41–73.

11.This core feature of the Conventional Model of the international system is reflected in the common tendency of some theorists to integrate into the study of international politics assumptions from microeconomic theory. As Kenneth Waltz put it: “Just as economists define markets in terms of firms, so I define international political structures in terms of states.” Kenneth N. Waltz, Theory of International Politics (New York: McGraw-Hill, 1979), p. 94.

12.Donna Miles, “Stavridis Spotlights Top National Security Issues,” American Force Press Service, U.S. Department of Defense (March 15, 2012).

13.On the notion of “bounded rationality” in human decision-making, see Herbert A. Simon, Administrative Behavior: A Study of Human Decision-Making Processes in Administrative Organization (New York: Macmillan, 1947); and Daniel Kahneman, “A Perspective on Judgment and Choice: Mapping Bounded Rationality,” American Psychologist, Vol. 58, No. 9 (September 2003), pp. 697–720.

14.For a discussion of systemic disruption in the nuclear context, see Graham T. Allison, Albert Carnesale, and Joseph S. Nye, eds., Hawks, Doves, and Owls: An Agenda for Avoiding Nuclear War (New York: W. W. Norton, 1985), Chapter 1.

15.See Ralph Lander, To Kill a Centrifuge: A Technical Analysis of What Stuxnet’s Creators Tried to Achieve (Arlington, VT: The Langner Group, November 2013), p. 34.

16.See Vivian Yeo, “Stuxnet Infections Spread to 115 Countries,” ZDNet Asia (August 9, 2010).

17.This is because the worm exploited a shortcut facility in Windows software. See Sharon Weinberger, “Computer Security: Is This the Start of Cyberwarfare?” Nature, Vol. 474 (2011), pp. 142–45.

18.The algorithm failed to specify either a price or a time for the execution of the order, producing an enormous sell pressure. See Findings Regarding the Market Events of May 6, 2010: Report of the Staffs of the CFTC and SEC to the Joint Advisory Committee on Emerging Regulatory Issues (Washington, D.C.: U.S. Commodity Futures Trading Commission and U.S. Securities & Exchange Commission, September 30, 2010).

19.See Nathaniel Popper, “The Stock Market Bell Rings, Computers Fail, Wall Street Cringes,” The New York Times (July 8, 2015).

20.See Bradley Hope and Saumya Vaishampayan, “Glitch Freezes NYSE Trading for Hours,” Wall Street Journal (July 8, 2015).

21.See William A. Owens, Kenneth W. Dam, and Herbert S. Lin, eds., Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities (Washington, D.C.: National Academies Press, 2009), pp. 2–32.

22.See “Cyberwar Against Iraq,” News Max (March 12, 2003). A further problem arose when U.S. tacticians explored options to insert code into Iraq’s military command networks. The country’s military and civilian telecommunications networks were closely linked, thus raising risks of collateral damage if the former was attacked.

23.“Cyberwar Against Iraq,” News Max.

24.On the problem of adaptive malware and responses to it, see Sean Price, “Adaptive Threats and Defenses,” in Harold F. Tipton and Micki Krause, eds., Information Security Management Handbook, sixth edition, Vol. 4 (New York: Auerbach Publications, 2010).

25.See McAfee Labs Threats Report (Santa Clara, CA: McAfee Labs, June 2016).

26.See Peter W. Singer and Allan Friedman, Cybersecurity and Cyberwar: What Everyone Needs to Know (Oxford: Oxford University Press, 2014), p. 31.

27.For example, Russia. See Jonathan Medalia, Comprehensive Nuclear Test-Ban Treaty: Updated Safeguards and Net Assessments (Washington, D.C.: Congressional Research Service, June 3, 2009).

28.Other treaties that ensued in the first ten years after the PTBT include the Outer Space Treaty and Treaty of Tlatelolco (1967), the Seabed Arms Control Treaty (1972), and the Anti-Ballistic Missile Treaty (1972). A Comprehensive Test-Ban Treaty was signed in 1996 but still awaits ratification.

29.Matthew Evangelista, Unarmed Forces: The Transnational Movement to End the Cold War (Ithaca, N.Y.: Cornell University Press, 1999).

30.See Impact of a Threshold Test Ban Treaty on Soviet Military Programs: National Intelligence Estimate Number 11–11–66, United States Intelligence Board (May 25, 1966).

31.See Nuclear Weapons Life Cycle (Washington, D.C.: National Nuclear Security Administration), https://nnsa.energy.gov/ourmission/managingthestockpile/nwlifecycle.

32.See William J. Broad and David E. Sanger, “As U.S. Modernizes Nuclear Weapons, ‘Smaller’ Leaves Some Uneasy,” The New York Times (January 11, 2016).

33.See “Treaty Banning Nuclear Weapon Tests in the Atmosphere, in Outer Space and Under Water,” U.S. Department of State, http://www.state.gov/t/isn/4797.htm.

34.On the backdrop of the recent controversy over Hillary Clinton’s use of private email servers in official State Department communications, Graham gleefully stated: “I haven’t worried about an email being hacked, since I’ve never sent one. I’m, like, ahead of my time.” Yet pictures exist of the senator using a mobile phone – hence, some of his communications are susceptible to hacking. See “Quotation of the Day,” The New York Times (September 15, 2016).

35.On the attribution problem, see for instance, Clark and Landau, “Untangling Attribution”; and Thomas Rid and Ben Buchanan, “Attributing Cyber Attacks,” Journal of Strategic Studies, Vol. 38, No. 1 (2014), pp. 4–37.

36.Herbert S. Lin, “Some Interesting Aspects of Cyberconflict for Discussion,” presentation at the Harvard Kennedy School, Cambridge, Massachusetts (February 8, 2012).

37.Dmitri Galushkevich, an ethnic Russian from Tallinn, was convicted of disrupting the website of the Reform Party of Estonian Prime Minister Andrus Ansip. He was fined 17,500 Estonian kroons (about $1,600). For more on the Estonian attacks, see Chapter 6.

38.On cyber deterrence, see Patrick M. Morgan, “Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm,” in Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy (Washington, D.C.: National Academies Press, 2010), pp. 55–76.

39.See Jordan Carney, “Wasserman Schultz Called Top Sanders Aide a ‘Damn Liar’ in Leaked Email,” The Hill (July 22, 2016).

40.As Chapter 8 discusses, a declassified U.S. intelligence report stated: “Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian government developed a clear preference for President-elect Trump. We have high confidence in these judgments.” Background to “Assessing Russian Activities and Intentions in Recent US Elections”: The Analytic Process and Cyber Incident Attribution (Washington, D.C.: Office of the Director of National Intelligence, January 6, 2017) (emphasis mine). In October, the Obama administration officially accused Russia of hacking DNC email accounts. Overall, the available evidence is not entirely conclusive; it does not prove beyond doubt Russia’s involvement and motives in the political hacking operation. Some of the forensic indicators in the U.S. government’s public report are crude. They merit skeptical treatment. Yet the burden of skeptics to disprove Russian involvement is greater than that of the believers. Certainly, it is a fact that the DNC’s email servers were compromised by a highly capable player using sophisticated intrusion techniques. Disbelievers must present a more convincing alternative account of the hacking: If not Russia, then who?

41.See “Trump Questions Claims of Russian Hacking: ‘I Know Things Others Don’t’,” The Guardian (January 1, 2017).

42.See Elizabeth Weise, “Tech Crowd Goes Wild for Trump’s ‘400-Pound Hacker’,” USA Today (September 27, 2016). Some security analysts and journalists also questioned Russia’s authorship of the DNC hack. See, for example, Matt Taibbi, “Something About This Russia Story Stinks,” Rolling Stone (December 30, 2016).

43.Confronted by the allegation that the Kremlin sought to help him win the elections, the president-elect replied: “I think it’s [the allegation] ridiculous . . . No, I don’t believe it at all.” Elise Viebeck, “Trump Denies CIA Report that Russia Intervened to Help Him Win Election,” Washington Post (December 11, 2016).

44.Axelrod is especially concerned with the resolution of problems of collective action, in which individually rational behavior produces collectively irrational outcomes. See Robert Axelrod, The Evolution of Cooperation (New York: Basic Books, 1984).

45.Ibid., p. 174.

46.See Thomas C. Schelling and Morton H. Halperin, Strategy and Arms Control (Washington, D.C.: Twentieth Century Fund, 1961).

47.See Romney B. Duffey and John Saull, Managing Risk: The Human Element (Chichester: Wiley, 2008), p. 124, fn. 3. Against some Iraqi missiles, such as the Tactical Ballistic Missile (TBM), the advantage was 100 percent – i.e. a clear position of dominance – although the sample size of interceptions (nine) is small. See “Operation Iraqi Freedom – Patriot,” GlobalSecurity.Org (July 21, 2011), http://www.globalsecurity.org/space/ops/oif-patriot.htm.

48.The difference between superiority and dominance in offensive weapons is reflected in official doctrine – for instance, in NATO’s distinction between “air supremacy” and “air superiority.” See AAP–06 Edition 2013: NATO Glossary of Terms and Definitions (Brussels: NATO, 2013).

49.See Gregory H. Canavan, Missile Defense for the 21st Century (Washington, D.C.: The Heritage Foundation, 2003), p. 3.

50.By definition, strategic advantages also entail tactical advantages. The reverse is not necessarily true.

51.See Daniel Ford, “B-36 Bomber at the Crossroads,” Air and Space Magazine (April 1996).

52.Comptroller and Auditor General, The UK Cyber Security Strategy: Landscape Report (London: National Audit Office, February 12, 2013), p. 4. The report notes that the three most popular account passwords in 2012 were “password,” “123456,” and “12345678.” Even a simple brute force attack could crack such phrases. See also Leyla Bilge and Tudor Dumitras, “Before We Knew It: An Empirical Study of Zero-Day Attacks in the Real World,” Proceedings of the 2012 ACM Conference on Computer and Communications Security, October 16–18, 2012, pp. 833–44.

53.See David E. Sanger, “Obama Order Sped Up Wave of Cyberattacks against Iran,” The New York Times (June 1, 2012).

54.See Jon R. Lindsay, “Stuxnet and the Limits of Cyber Warfare,” Security Studies, Vol. 22, No. 3 (2013), pp. 365–404.

55.See Martin C. Libicki, Conquest in Cyberspace (Cambridge: Cambridge University Press, 2007), p. 87; and Max Smeets, “A Matter of Time: On the Transitory Nature of Cyberweapons,” Journal of Strategic Studies (February 2017), pp. 1–28. For a game-theoretic analysis of this problem, see Robert Axelrod and Rumen Iliev, “Timing of Cyber Conflict,” Proceedings of the National Academy of Sciences of the United States of America, Vol. 11, No. 4 (October 2013), pp. 1,298–1,303.

56.A classic analysis of the problem is Robert Jervis, “Cooperation under the Security Dilemma,” World Politics, Vol. 30, No. 2 (January 1978), pp. 167–214. For a discussion of the problem in the cyber context, see Ben Buchanan, The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations (Oxford: Oxford University Press, 2017).

57.See Editorial Board, “A New Kind of Warfare,” The New York Times (September 9, 2012).

58.At the time of writing, the U.S. government denies its widely suspected involvement (along with Israel) in the Stuxnet operation.

59.See Senator Joseph Lieberman, interview on Newsmakers, C-SPAN (September 23, 2012).

60.On active defense, see U.S. Department of Defense, Department of Defense Strategy for Operating in Cyberspace (Washington, D.C.: U.S. Department of Defense, July 2011), p. 7.

61.Fergus Hanson, “Waging War in Peacetime: Cyber Attacks and International Norms,” The Interpreter (October 20, 2015).

62.David E. Sanger, “U.S. Tries Candor to Assure China on Cyberattacks,” The New York Times (April 6, 2014).

63.David E. Sanger, “N.S.A. Leaks Make Plan for Cyberdefense Unlikely,” The New York Times (August 12, 2013).

64.Tami Abdollaha, “Sony Pictures Had to Draft New Playbook on the Fly,” The Japan Times (January 11, 2015).

65.See Anjana Ahuja, “Cyber Security Will Soon Be the Work of Machines,” The Financial Times (July 10, 2016).

66.See Aliya Sternstein, “The Pentagon Wants to Wage War on Denial-of-Service Cyber Attacks,” Defense One (August 18, 2015).

67.See Kim Zetter, “Meet MonsterMind, the NSA Bot that Could Wage Cyberwar Autonomously,” Wired (August 13, 2014). As this article notes, it is not clear that MonsterMind exists. Knowledge of its existence rests on the authority of Edward Snowden. See James Bamford, “The Most Wanted Man in the World,” Wired (August 2014).

5  Second-Order Cyber Revolution: The Problem of the Revolutionary State

1.On the repudiation by the Soviets of “Hitler-style military aggression,” see John Mueller, “Think Again: Nuclear Weapons,” Foreign Policy (December 18, 2009).

2.A classic account of Soviet Russia’s partial normalization within international society is Edward H. Carr, The Bolshevik Revolution, 1917–23, Vol. 3 (New York: Penguin, 1977).

3.Adam B. Ulam, Stalin: The Man and His Era (London: Tauris, 1989), p. 182.

4.See Leon Trostsky, “Publication of the Secret Treaties,” Izvestiia, No. 221 (November 22, 1917).

5.For a discussion of Soviet Russia as a revolutionary state, see David Armstrong, Revolution and World Order: The Revolutionary State in International Society (Oxford: Oxford University Press, 1993), Chapter 4.

6.For a discussion of the Soviet Union as a rational actor in the context of the Cuban Missile Crisis, see Graham Allison and Philip D. Zelikow, The Essence of Decision: Explaining the Cuban Missile Crisis, second edition. (New York, NY: Longman, 1999).

7.Armstrong, Revolution and World Order, p. 147.

8.The Soviet-like experience of shopping in North Korea has gradually begun to change following the recent introduction of experimental Western-style supermarkets. Only the rich can buy there, though. Your ordinary comrade will have to brave the whims of the shopkeeper who retrieves the desired merchandise from a shelf behind the counter. See “North Koreans Experience the Marvels of a Supermarket Firsthand,” Business Insider (February 25, 2012).

9.Han S. Park, North Korea: The Politics of Unconventional Wisdom (Boulder, CO: Lynne Rienner, 2002).

10.A leading position in the Non-Aligned Movement distinguished North Korea from the Soviet Union and China. See Bernd Schaefer, “North Korean ‘Adventurism’ and China’s Long Shadow, 1966–1972,” Cold War International History Project Working Paper, Woodrow Wilson International Center for Scholars (2004).

11.See “North Korea Defence Chief Yong-Chol ‘Executed’,” BBC (May 13, 2015).

12.See Clyde Haberman, “Bomb Kills 19, Including 6 Key Koreans,” The New York Times (October 10, 1983).

13.Rupert Wingfield-Hayes, “The North Korean Spy Who Blew Up a Plane,” BBC News (April 22, 2013).

14.See Anna Fifield, “Malaysian Airport Assassination Focuses New Attention on North Korean Leader,” Washington Post (February 15, 2017).

15.North Korea performed a similar act of defiance by firing a medium-range rocket into the Sea of Japan in February 2017. See Bryan Harris and Kana Inagaki, “North Korea Tests Trump with Missile Launch,” The Financial Times (February 12, 2017).

16.North Korea received uranium-enrichment technology and equipment from Pakistan in exchange for its ballistic-missile technology. In the mid-2000s, North Korea began building a nuclear reactor in Syria, which the Israelis destroyed in September 2007 with a surgical air strike. See Sharon A. Squassoni, Weapons of Mass Destruction: Trade between North Korea and Pakistan (Washington, D.C.: Congressional Research Service, 2006); and Scott Snyder, “North Korea’s Illicit Arms Trade Unmasked,” Forbes (March 19, 2014).

17.See The Military Balance, Vol. 117, No. 1 (2017), International Institute for Strategic Studies, p. 304.

18.To reach Alaska, North Korea requires missiles with a minimum range of 7,000 km. The Taepodong–2, a variant of which is a full-range ICBM, has a theoretical reach of up to 12,000 km. See “Missles,” WMD Around the World, Federation of American Scientists, https://fas.org/nuke/guide/dprk/missile/ (last updated on October 21, 2016).

19.See NTI Nuclear Materials Index Security Index: Building a Framework for Assurance, Accountability, and Action, second edition (Washington, D.C.: Nuclear Threat Initiative, January 2014), p. 19.

20.See Park Young Ho, “South and North Korea’s Views on the Unification of the Korean Peninsula and Inter-Korean Relations,” paper presented at the Second KRIS-Brookings Joint Conference on Security and Diplomatic Cooperation between ROK and US for the Unification of the Korean Peninsula (January 21, 2014), p. 5.

21.Ibid., p. 7.

22.See the record of the discussions between the North Korean defector Hwang Jang-Yop and Selig Harrison in Don Oberdorfer, The Two Koreas (New York: Addison-Wesley, 1998), p. 401; and Hwang’s remarks in Robert Myers, Korea in the Cross Currents (New York: M. E. Sharpe, 2000). For a general analysis of North Korea’s nuclear strategy, see Victor D. Cha, “North Korea’s Weapons of Mass Destruction: Badges, Shields, or Swords?” Political Science Quarterly, Vol. 117, No. 2 (2002), pp. 209–30.

23.See, for instance, John S. Park and Dong Sun Lee, “North Korea: Existential Deterrence and Diplomatic Leverage,” in Muthiah Alagappa, ed., The Long Shadow: Nuclear Weapons and Security in 21st Century Asia (Stanford, CA: Stanford University Press, 2008).

24.For an exposition of this argument, see Samuel S. Kim, “North Korea’s Nuclear Strategy and the Interface between International and Domestic Politics,” Asian Perspectives, Vol. 34, No. 1 (2010), pp. 49–85.

25.See Richard Lloyd Parry, “North Korea ‘Succeeds in Miniaturising Nuclear Warhead’,” The Times (April 7, 2016).

26.The failed launch of an Earth observation satellite in February 2016 betrays the obstacles to Pyongyang’s missile ambition.

27.See Scott D. Sagan, “Why Do States Build Nuclear Weapons? Three Models in Search of a Bomb,” International Security, Vol. 21, No. 3 (Winter 1996–97).

28.Ibid., p. 55.

29.Cha, “North Korea’s Weapons of Mass Destruction,” p. 227.

30.As Daniel Byman explained, the regime has used economic and other inducements (conveyed in the “military-first” or songun principle) to co-opt the country’s military elites. See Daniel Byman, “Pyongyang’s Survival Strategy: Tools of Authoritarian Control in North Korea,” International Security, Vol. 35, No. 1 (Summer 2010), pp. 44–74.

31.As John Park has shown, the Kim house sustains the loyalty of elites by operating a web of state-trading companies that generate income for special interest budgets. See John S. Park, “North Korea, Inc.: Gaining Insights into North Korean Regime Stability from Recent Commercial Activities,” United States Institute of Peace Working Paper, Washington, D.C. (May 2009).

32.For a discussion of the limited effects of economic sanctions on North Korea’s nuclear ambitions, see Stephen Haggard and Marcus Noland, “Engaging North Korea: The Efficacy of Sanctions and Inducements,” in Etel Solingen, ed., Sanctions, Statecraft, and Nuclear Proliferation (Cambridge: Cambridge University Press, 2012).

33.“Hearings to Examine the Nomination of General Vincent K. Brooks, USA, for Reappointment to the Grade of General and to be Commander, United Nations Command/Combined Forces Command/United States Forces Korea,” U.S. Congressional Committee Hearing, C-SPAN (April 19, 2016), https://www.c-span.org/video/?408108–1/nomination-brooks/.

34.The closeness between the two domains is reflected in their operational integration within the U.S. Marine Corps: for example, the creation of a Cyber Electronic Warfare Coordination Center. See Matthew E. Poole and Jason C. Schuette, “Cyber Electronic Warfare. Closing the Operational Seams,” Marine Corps Gazette, Vol. 99, No. 8 (August 2015), pp. 60–62.

35.Some analysts regard Desert Storm as the first “information war.” See Edward Mann, “Desert Storm: The First Information War?” Airpower Journal (Winter 2014).

36.See “Chapter Six: Asia,” The Military Balance, Vol. 117, No. 1 (2017), p. 306.

37.See “Seoul Ranked World’s Top Digital City,” Chosun Ilbo (June 20, 2007). The city has gained plaudits for its integration of information technologies into urban planning and services. See Anthony M. Townsend, “Seoul: Birth of a Broadband Metropolis,” Environment and Planning B: Urban Analytics and City Science, Vol. 34, No. 3 (2007), pp. 396–413.

38.The North Korean government severely restricts the public’s access to Internet services. Jean H. Lee, the Associated Press bureau chief in the country, explained that ordinary citizens have “access to the state media, information sources that are vetted by the government, and picked and pulled from the Internet and posted to their intranet site.” Clyde Stanhope, “How Bad Is the North Korean Cyber Threat?” HackRead (July 2016).

39.See Andrei Lankov, “Changing North Korea: An Information Campaign Can Beat the Regime,” Foreign Affairs, Vol. 88, No. 6 (November/December 2009), p. 95.

40.See Ju-min Park and James Pearson, “In North Korea, Hackers Are a Handpicked, Pampered Elite,” Reuters (December 5, 2014).

41.See “North Korea Boosted ‘Cyber Forces’ to 6,000 Troops, South Says,” Reuters (January 6, 2015).

42.See Youkyung Lee, “A Look at North Korea’s Cyberwar Capabilities,” Washington Times (December 18, 2004).

43.For technical details about the Lazarus Group’s malicious activities, see Costin Raiu, Global Research and Analysis Team, Juan Andrés Guerrero-Saade, “Operation Blockbuster Revealed,” Securelist (February 24, 2016), https://securelist.com/blog/incidents/73914/operation-blockbuster-revealed/.

44.Unconfirmed sources, however, suggest that a Sony Pictures employee or Russian nationalists abroad may have assisted the attackers. See Bruce Schneier, “We Still Don’t Know Who Hacked Sony,” Schneier on Security (January 5, 2015).

45.But see, for instance, Christopher Whyte, “Ending Cyber Coercion: Computer Network Attack, Exploitation and the Case of North Korea,” Comparative Strategy, Vol. 35, No. 2 (July 2016), pp. 93–102.

46.See Symantec Security Response, “SWIFT Attackers’ Malware Linked to More Financial Attacks,” Symantec Official Blog (May 26, 2016).

47.See Nicole Perlroth and Michael Corkery, “North Korea Linked to Digital Attacks on Global Banks,” The New York Times (May 26, 2016).

48.See Kim Zetter, “That Insane, $81m Bangladesh Bank Heist? Here’s What We Know,” Wired (May 17, 2016).

49.See Chico Harlan and Ellen Nakashima, “Suspected North Korean Cyberattack on a Bank Raises Fears for S. Korea, Allies,” Washington Post (August 29, 2011).

50.See “Cyber-Attacks on South Korean Nuclear Power Operator Continue,” The Guardian (December 28, 2014).

51.See “N. K. Hacked Government Bigwigs,” Korea Herald (March 7, 2016).

52.See Ju-min Park, “South Korea Group Launches Anti-North Leaflets amid Threats from Pyongyang,” Reuters (October 25, 2014).

53.See Lankov, “Changing North Korea”; and Jieun Baek, North Korea’s Hidden Revolution: How the Information Underground Is Transforming a Closed Society (New Haven, CT: Yale University Press, 2015).

54.Following the cyberattacks, suspected North Korean agents also delivered emails which vaguely threatened physical attacks against theaters that screened the film. See Tatiana Siegel, “Sony Hack: New Leaked Docs Reveal Michael Lynton’s Email Inbox,” Hollywood Reporter (December 16, 2016).

55.Chang Jae-soon, “Obama Vows to ‘Respond Proportionally’ to Sony Hack Blamed on N. Korea,” Yonhap News Agency (December 20, 2014).

56.The newspaper had published satirical images of the prophet Muhammad that offended some religious sensibilities.

57.Brent Lang and Ted Johnson, “Fear and Censorship: Paris, Sony Attacks Put Creative Freedoms under Fire,” Variety (January 7, 2015).

58.Barack Obama, “Executive Order 13687 – Imposing Additional Sanctions With Respect to North Korea” (January 2, 2015), published online by Gerhard Peters and John T. Woolley, The American Presidency Project, http://www.presidency.ucsb.edu/ws/?pid=108103.

59.See Michael Daniel, “Our Latest Tool to Combat Cyber Attacks: What You Need to Know,” The White House (April 1, 2015), https://obamawhitehouse.archives.gov/blog/2015/04/01/our-latest-tool-combat-cyber-attacks-what-you-need-know.

60.Some American officials denied that their country caused the interruption of North Korea’s Internet. Others, however, affirmed this. See Chris Strohm, “North Korea Web Outage Response to Sony Hack, Lawmaker Says,” Bloomberg (March 17, 2015).

61.See Roger Hurwitz, “Keeping Cool: Steps for Avoiding Conflict and Escalation in Cyberspace,” Georgetown Journal of International Affairs (July 2015), pp. 17–23.

62.Quoted in Stanhope, “How Bad is the North Korean Cyber Threat?” The original source language is available here: http://nk.joins.com/news/view.asp?aid=12640100.

63.See David E. Sanger and William J. Broad, “Trump Inherits a Secret Cyberwar Against North Korean Missiles,” The New York Times (March 4, 2017). On active defense, see Chapter 9.

6  First-Order Cyber Revolution: Pressures from Outside the States System

1.On the costs of mounting the Stuxnet operation, see Rebecca Slayton, “What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment,” International Security, Vol. 41, No. 3 (Winter 2016/2017), pp. 72–109.

2.Benjamin Fox, “Who Governs the Online World?” EU Observer (December 26, 2014).

3.See Jack Goldsmith and Tim Wu, Who Controls the Internet? Illusions of a Borderless World (New York: Oxford University Press, 2006).

4.Lawrence Lessig, Code (New York: Basic Books, 1999), p. 298.

5.See for instance Ronald Deibert, John Palfrey, Rafal Rohozinski, and Jonathan Zittrain, Contested: Security, Identity, and Resistance in Asian Cyberspace (Cambridge, MA: MIT Press, 2011).

6.Kenneth N. Waltz, Theory of International Politics (New York: McGraw-Hill, 1979), pp. 93–94.

7.See Robert O. Keohane, After Hegemony: Cooperation and Discord in the World Political Economy (Princeton, N.J.: Princeton University Press, 1984); and Lisa L. Martin, “Neoliberalism,” in Tim Dunne, Milya Kurki, and Steve Smith, eds., International Relations Theories: Discipline and Diversity (Oxford: Oxford University Press, 2007).

8.See Hedley Bull, The Anarchical Society: A Study of Order in World Politics, second edition (London: Macmillan, 1995).

9.See Alexander Wendt, Social Theory of International Politics (Cambridge: Cambridge University Press, 1999); and Christian Reus-Smit, The Moral Purpose of the State: Culture, Social Identity, and Institutional Rationality in International Relations (Princeton, N.J.: Princeton University Press, 1999).

10.David A. Lake, “The State and International Relations,” in Christian Reus-Smit and Duncan Snidal, eds., The Oxford Handbook of International Relations (Oxford: Oxford University Press, 2015), p. 2.

11.Ronald Rogowski, “Institutions as Constraints on Strategic Choice,” in David A. Lake and Richard Powell, eds., Strategic Choice and International Relations (Princeton, N.J.: Princeton University Press, 1999).

12.See Arnold Wolfers, “‘National Security’ as an Ambiguous Symbol,” Political Science Quarterly, Vol. 67 (December 1952), pp. 481–502. A countervailing view is found in Steven D. Krasner, Defending the National Interest: Raw Materials Investments and US Foreign Policy (Princeton, N.J.: Princeton University Press, 1978).

13.Mill himself never used this term, although it appeared in reaction to his writings. See John Stuart Mill, Essays on Some Unsettled Questions of Political Economy, second edition (London: Longmans, 1874), Essay 5; and Joseph Persky, “The Ethology of Homo Economicus,” Journal of Economic Perspectives, Vol. 9, No. 2 (Spring 1995), p. 222.

14.Khan has claimed in his defense that Pakistan’s Prime Minister, Benazir Bhutto, instructed him to exchange technological secrets with North Korea. See Mark Fitzpatrick, “Dr. A. Q. Khan and the Rise and Fall of Proliferation Networks,” Nuclear Black Markets (London: International Institute for Strategic Studies, 2007).

15.John Mueller, “Simplicity and the Spook: Terrorism and the Dynamics of Threat Exaggeration,” International Studies Perspectives (2005), p. 220.

16.Even some prominent social theorists are content with keeping the lid closed. Alexander Wendt, for instance, regards “the constitution of states as ‘unitary actors,’ which is the starting point for theorizing about the international system.” Alexander Wendt, Social Theory of International Politics (Cambridge: Cambridge University Press, 1999), p. 195.

17.Christopher Rhoads and Farnaz Fassihi, “Iran Vows to Unplug the Internet,” Wall Street Journal (May 28, 2011).

18.See Saeed Kamali Dehghan, “Iran Clamps Down on Internet Use,” The Guardian (January 5, 2012).

19.On the high costs of mounting a sophisticated cyberattack such as the Stuxnet operation, see for example Jon Lindsay, “Stuxnet and the Limits of Cyber Warfare,” Security Studies, Vol. 22, No. 3 (2013), pp. 365–404.

20.For a discussion of this topic, see Joseph S. Nye, Jr., The Future of Power (New York: PublicAffairs, 2011), Chapter 5.

21.Ash Carter, “Drell Lecture: ‘Rewiring the Pentagon: Charting a New Path on Innovation and Cybersecurity,’” Stanford University (April 23, 2015), http://archive.defense.gov/speeches/speech.aspx?SpeechID=1935.

22.Alexander Fitzpatrick, “Cybersecurity Experts Needed to Meet Growing Demand,” Washington Post (May 29, 2012).

23.For a discussion of nuclear weapons’ programs and the possession of nuclear weapons, see Dong-Joon Jo and Erik Gartzke, “Determinants of Nuclear Weapons Proliferation,” Journal of Conflict Resolution, Vol. 51, No. 1 (February 2007), pp. 167–94.

24.See Matthew Kroenig, “Importing the Bomb: Sensitive Nuclear Assistance and Nuclear Proliferation,” Journal of Conflict Resolution, Vol. 53, No. 2 (April 2009), p. 164; and Donald MacKenzie and Graham Spinardi, “Tacit Knowledge, Weapons Design, and the Uninvention of Nuclear Weapons,” American Journal of Sociology, Vol. 100 (1995), pp. 44–99.

25.David E. Sanger, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power (New York: Crown, 2012), p. 235.

26.“Stuxnet Clone ‘Duqu’: The Hydrogen Bomb of Cyberwarfare?” Fox News (October 19, 2011), http://www.foxnews.com/tech/2011/10/19/stuxnet-clone-duqu-hydrogen-bomb-cyberwarfare.

27.Melissa E. Hathaway, “Leadership and Responsibility for Cybersecurity,” Georgetown Journal of International Affairs (2012), p. 77. Similarly, a recent NATO report expressed alarm at the extent of proliferation of destructive cyber artifacts such as Stuxnet. See Melissa E Hathaway and Alexander Klimburg, “Preliminary Considerations: On National Cyber Security,” in Alexander Klimburg, ed., National Cyber Security Framework Manual (Tallinn: NATO CCD-COE, 2012), p. 7.

28.Author interview with a senior computer security expert (anonymous).

29.The use of compromised digital certificates is a prized technique of malicious actors because some antivirus programs automatically consider files signed by the certificates to be secure. See Andrey Ladikov, “Why You Shouldn’t Completely Trust Files Signed with Digital Certificates,” Securelist (January 29, 2015), https://securelist.com/blog/security-policies/68593/why-you-shouldnt-completely-trust-files-signed-with-digital-certificates/.

30.Author interview with Ralph Langner (March 20, 2013).

31.See Nicholas Falliere, Liam O. Murchu, and Eric Chien, “W32.Stuxnet Dossier,” ver. 1.4 (Cupertino, CA: Symantec, February 2011).

32.This discussion refers to the second variant of Stuxnet; that is, not the variant that appeared in 2007, but the more sophisticated one that struck the Natanz plant in 2009. See Ralph Langner, “Stuxnet’s Secret Twin,” Foreign Policy (November 19, 2013).

33.Ralph Langner, Stuxnet Logbook (September 17, 2010), http://www.langner.com/en/2010/09/16/stuxnet-logbook-sep–16–2010–1200-hours-mesz/.

34.See Ralph Langner, “Stuxnet and the Hacker Nonsense,” Langner.com (blog) (February 14, 2011), http://www.langner.com/en/2011/02/14/stuxnet-and-the-hacker-nonsense.

35.On the life cycle of customized code, see Max Smeets, “A Matter of Time: On the Transitory Nature of Cyberweapons,” Journal of Strategic Studies (February 2017), pp. 1–28.

36.Quoted in Tom Simonite, “Stuxnet Tricks Copied by Computer Criminals,” Technology Review (September 19, 2012).

37.The ensuing discussion of cyber incidents is not definitive – nor could it be, because much of the empirical record about the cases remains inaccessible to researchers. Rather, the purpose of the analysis is to illustrate conceptual distinctions and broad trends.

38.Symantec, W32.Duqu: The Precursor to the Next Stuxnet, ver. 1.4 (November 23, 2011), p. 1. See also Kim Zetter, “Son of Stuxnet Found in the Wild on Systems in Europe,” Wired (October 18, 2011).

39.An updated and more advanced version, dubbed “Duqu 2.0,” appeared in 2015. See Kaspersky Lab’s Global Research and Analysis Team, “The Mystery of Duqu 2.0: A Sophisticated Cyberespionage Actor Returns,” Securelist (June 10, 2015), https://securelist.com/blog/research/70504/the-mystery-of-duqu–2–0-a-sophisticated-cyberespionage-actorreturns/.

40.Laboratory of Cryptography and Systems Security, Duqu: A Stuxnet-Like Malware Found in the Wild (Budapest: Budapest University of Technology and Economics, October 14, 2011), p. 2.

41.Lee Ferran, “Son of Stuxnet? Researchers Warn of Coming Cyber Attack,” ABC News (October 18, 2011), http://abcnews.go.com/Blotter/stuxnet-returns-duqu-researchers-warn-similar-cyber-attack/story?id=14763854.

42.See “Stuxnet Clone ‘Duqu’,” Fox News.

43.Guillherme Venere and Peter Szor, “The Day of the Golden Jackal – The Next Tale in the Stuxnet Files: Duqu Updated” (McAfee Labs, October 18, 2011), http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files.

44.See Darren Pauli, “Iran CERT Fingers Flame for Oil Refinery Attacks,” SC Magazine (May 30, 2012), http://www.scmagazine.com.au/Tools/Print.aspx?CIID=302718.

45.“Identification of a New Targeted Cyber-Attack,” MAHER (May 28, 2012), http://www.webcitation.org/682bfkhaU.

46.Dan Goodin, “Discovery of New ‘Zero-Day’ Exploit Links Developers of Stuxnet, Flame,” Ars Technica (June 11, 2012).

47.See Hathaway, “Leadership and Responsibility for Cybersecurity,” p. 77.

48.According to some analysts, Flame’s code was twenty times more complicated than Stuxnet’s. See Kim Zetter, “Meet ‘Flame,’ The Massive Spy Malware Infiltrating Iranian Computers,” Wired (May 28, 2012), http://www.wired.com/threatlevel/2012/05/flame/.

49.For a comparison of Flame with Stuxnet and Duqu, see sKyWIper (a.k.a. Flame a.k.a. Flamer: A Complex Malware for Targeted Attacks (Budapest: Laboratory of Cryptography and System Security, Budapest University of Technology and Economics, May 2012), http://www.crysys.hu/skywiper/skywiper.pdf.

50.Ibid., p. 7.

51.Ibid.

52.Ibid. Some Kaspersky researchers have even described Flame as a predecessor of Stuxnet. See Dan Goodin, “Discovery of New ‘Zero-Day’ Exploit Links Developers of Stuxnet, Flame.” Some analysts suspect that three other operations feature the same command-and-control functionality as Flame. Little is known about these separate programs. The full scope of Flame’s proliferation is therefore unclear. The research community has only scratched the surface of this case.

53.Nicole Perlroth, “In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back,” The New York Times (October 23, 2012).

54.“Aramco Says Cyberattack Was Aimed at Production,” The New York Times (December 9, 2012). Computer operations at the Qatari oil firm RasGas were also infected.

55.For technical details on Shamoon, see “The Shamoon Attacks,” Symantec Official Blog (August 16, 2012), http://www.symantec.com/connect/blogs/shamoon-attacks.

56.See Charlie Osborne, “Kasperksy: Shamoon Malware Nothing More than ‘Quick and Dirty’,” ZDNet (September 14, 2012); see Dmitry Tarakanov, “Shamoon the Wiper: Further Details (Part II),” Securelist (September 11, 2012), https://securelist.com/blog/incidents/57784/shamoon-the-wiper-further-details-part-ii/.

57.Kaspersky Lab’s Global Research and Analysis Team, “Shamoon the Wiper – Copycats at Work,” Securelist (August 16, 2012), http://www.securelist.com/en/blog/208193786/Shamoon_the_Wiper_Copycats_at_Work. Wiper strains were also discovered in two other malware agents: “Disstrack” and “Narilam.”

58.See Tarakanov, “Shamoon the Wiper.”

59.See ibid.

60.See Christopher Bronk and Eneken Tikk-Ringas, “The Cyber Attack on Saudi Aramco,” Survival, Vol. 33 (2013), pp. 81–96.

61.In the technical community, “script kiddies” is a colloquial, sometimes derogatory term for unsophisticated coders.

62.It is also possible that the Stuxnet worm itself was based on earlier code, the USB worm “Fanny,” which security researchers have also tied to Duqu and Flame. See Boldizsár Bencsáth, “Duqu, Flame, Gauss: Followers of Stuxnet,” RSA Conference Europe 2012, http://www.rsaconference.com/writable/presentations/file_upload/br–208_bencsath.pdf. In this scenario, Stuxnet, Duqu, and Flame may have been “stepbrothers.”

63.See Jamie Dettmer, “Digital Jihad: ISIS, Al Qaeda Seek a Cyber Caliphate to Launch Attacks on US,” Fox News (September 14, 2014).

64.See Daniel Byman and Jeremy Shapiro, “Be Afraid. Be a Little Afraid: The Threat of Terrorism from Western Fighters in Syria and Iraq,” Foreign Policy and Brookings, Policy Paper No. 34 (Washington, D.C.: Brookings, November 2014).

65.See Giles Hogben, ed., Botnets: Detection, Measurement, Disinfection, and Defence (Heraklion: European Network and Information Security Agency, 2011), p. 13.

66.Brian Proffitt, “How to Build a Botnet in 15 Minutes,” Readwrite (July 31, 2013).

67.See Brian Krebs, “Stress-Testing the Booter Services, Financially,” KrebsonSecurity.com (August 15, 2016).

68.Some botnets, however, have been used to conduct governmental espionage – for example, GOZ, a botnet that issued detailed queries to computers in Georgia and Turkey in search of classified documents. See Michael Sandee, GameOver Zeus: Background on the Badguys and the Backends (Delft: Fox-IT, July 2015), p. 9.

69.Some forms of sophisticated espionage code, though, began their life as botnet components – for instance, BlackEnergy, a malware package that targeted Ukrainian government institutions in 2014. See BlackEnergy and Quedagh: The Convergence of Crimeware and APT Attacks, White Paper (Helsinki: F-Secure, 2014).

70.“US Warns Cyber-Attacks Will Increase,” Financial Times (May 18, 2007).

71.See Noah Shachtman, “Kremlin Kids: We Launched the Estonian Cyber War,” Wired (March 11, 2009).

72.U.S. Cyber Consequences Unit (US-CCU), Overview by the US-CCU of the Cyber Campaign against Georgia in August 2008, Special Report, US-CCU (August 2009), www.registan.net/wp-content/uploads/2009/08/US-CCU-Georgia-Cyber-Campaign-Overview.pdf, p. 3.

73.Ibid.

74.According to the U.S. Cyber Consequences Unit, the criminal groups participating in the DDoS attacks “wanted to claim credit” for them. See ibid.

75.James R. Clapper and Charlie Rose, “A Conversation with James Clapper,” Council on Foreign Relations (October 25, 2016), http://www.cfr.org/intelligence/conversation-james-clapper/p38426.

76.Flashpoint investigators dismissed with moderate confidence the claims of authorship by self-styled Russian state actor “Jester” and by supporters of Wikileaks. See Allison Nixon, John Costello, and Zach Wikholm, “An After-Action Analysis of the Mirai Botnet Attacks on Dyn,” Flashpoint (October 25, 2016), https://www.flashpoint-intel.com/action-analysis-mirai-botnet-attacks-dyn/.

77.Clapper and Rose, “A Conversation with James Clapper.”

78.The meaning of the notion is, in fact, ambiguous and contested. For a more detailed discussion, see Chapter 9.

79.The fifth largest market, the Shanghai Stock Exchange, is a non-profit organization under the direct supervision of the China Securities Regulatory Commission, which is an institution of the State Council – hence it is not privately operated.

80.The two exceptions are Paraguana Refining Centre, which belongs to the Venezuelan state oil firm PDVSA; and the Ras Tanura Refinery, which is the property of the publicly owned firm Saudi Aramco. See “Top 10 Large Oil Refineries,” HydrocarbonsTechnology.com (September 30, 2013).

81.The Pentagon’s Defense Advanced Research Projects Agency (DARPA) supported but did not drive the protocol transition. See John Naughton, A Brief History of the Future: The Origins of the Internet (London: Weidenfeld and Nicolson, 1999), pp. 166–67; and Vint Cerf, “How the Internet Came to Be,” in Bernard Adoba, ed., The Online User’s Encyclopedia (Boston, MA: Addison-Wesley, 1993).

82.Jack Goldsmith, “WCIT–12: An Opinionated Primer and Hysteria-Debunker,” Lawfare (blog) (November 30, 2012).

83.Jack Goldsmith and Tim Wu, Who Controls the Internet? Illusions of a Borderless World (Oxford: Oxford University Press, 2006).

84.An early example of this trend is the establishment, in 1935, of the U.S. Social Security Administration under President Franklin D. Roosevelt’s “New Deal.” The SSA collected large volumes of citizen data to support innovative social programs. See Martha Derthick, Agency under Duress: The Social Security Administration in American Government (Washington, D.C.: The Brookings Institution, 1990).

85.See Tim Cook, “A Message to Our Customers,” Apple.com (February 16, 2016).

86.Some reports stated that the Israeli company Cellebrite provided this service. See Ellen Nakashima, “FBI Paid Professional Hackers One-Time Fee to Crack San Bernardino iPhone,” Washington Post (April 12, 2016).

87.See Iain Thomson, “Russia ‘Hired Botnets’ for Estonia Cyber-War,” IT News (June 1, 2007).

88.Author interview with Jaak Aaviksoo (February 17, 2017). Or as the editor of the nation’s largest daily newspaper put it at the time, “The cyber-attacks are from Russia. There is no question. It’s political.” Ian Traynor, “Russia Accused of Unleashing Cyberwar to Disable Estonia,” The Guardian (May 17, 2007). The head of Estonia’s CERT unit, however, publicly questioned claims that the Russian government launched the attacks. See Bill Brenner, “Experts Doubt Russian Government Launched DDoS Attacks,” Tech Target (May 2007).

89.See “Estonia’s Cyber Attacks: World’s First Virtual Attack Against Nation State,” Wikileaks Cable No. 07TALLINN366_a. This view was corroborated by Aaviksoo in an author interview (February 17, 2017).

90.A classified report by the U.S. National Security Agency concluded that Nashi activists participated in the attacks. See Nicole Perlroth, “Online Security Experts Link More Breaches to Russian Government,” The New York Times (October 28, 2014).

91.“Estonia Has Evidence of Kremlin Involvement in Cyber Attacks,” RIA Novosti (June 9, 2007).

92.Author interview with Marina Kaljurand (January 19, 2017).

93.Kaljurand also raised the possibility of direct or indirect support by Moscow. “We think that there were hacktivists involved in the attacks who wanted to express discontent” with the removal of the “Bronze soldier.” “But they were not the only ones. Russia is not a country where people feel free to massively protest or express their views. So this was not a people’s movement. It was an organized movement. The attacks had to be financed and orchestrated by the Kremlin.”

94.Russian computer security expert Eugene Kaspersky faulted “angry Russian spammers” for the attacks. See “Kasperski: Spammers, not the Kremlin behind Anti-Estonian Cyber-Attacks,” BBN (June 28, 2011). See also Noah Shachtman, “Kremlin Kids: We Launched the Estonian Cyber War,” Wired (March 11, 2009).

95.Author interview with Christian-Marc Lifländer (August 28, 2016).

96.Author interview with Kaljurand.

97.See Cyrus Farivar, “A Brief Examination of Media Coverage of Cyberattacks (2007–Present),” in Christian Czosseck and Kenneth Geers, The Virtual Battlefield: Perspectives on Cyber Warfare (Amsterdam: IOS Press, 2009), p. 189.

98.UK House of Commons Parliament Defence Committee, Third Report Towards the next Defence and Security Review: Part Two-NATO, 4, The UK and NATO’s Capacity to Respond (July 22, 2014).

99.Author interview with Lifländer. The absence of clear attribution of the attacks was another reason not to invoke the clauses: there was no one to invoke the clauses against. See the discussion of deterrence in Chapter 7.

100.Author interview with Harri Tiido (February 21, 2017).

101.Author interview with Sorin Ducaru (January 20, 2017).

102.According to Tiido, the 2007 crisis prompted the production of the so-called Tallinn Manual, an extensive study of the applicability of international law in the cyber domain. See Michael N. Schmitt, ed., Tallinn Manual on the International Law Applicable to Cyber Warfare (Cambridge: Cambridge University Press, 2013).

103.Author interview with Lifländer.

104.See Kevin Poulsen, “‘Cyberwar’ and Estonia’s Panic Attack,” Wired (August 22, 2007).

105.Author interview with Lifländer.

106.Ibid.

107.Ibid.

108.Ibid.

109.Cory Bennett, “Kremlin’s Ties to Russian Cyber Gangs Sow US Concerns,” The Hill (October 11, 2015). On Russia’s use of proxies, see Chapter 8.

110.Eric Holder, “Attorney General Eric Holder Speaks at the Press Conference Announcing U.S. Charges Against Five Chinese Military Hackers for Cyber Espionage,” Washington, D.C. (May 19, 2014).

111.“Papers Link Top China University to Army ‘Hacking’ Unit,” Phys.org (March 24, 2013). See also Melanie Lee, “Top China College in Focus with Ties to Army’s Cyber-Spying Unit,” Reuters (March 24, 2013). On China’s use of private agents in cyber exploitation operations, see Robert Sheldon and Joe McReynolds, “Civil-Military Integration and Cybersecurity: A Study of Chinese Information Warfare Militias,” in Jon R. Lindsay, Tai Ming Cheung, and Derek S. Reveron, eds., China and Cybersecurity: Espionage, Strategy, and Politics in the Digital Domain (New York: Oxford University Press, 2015).

112.See Richard B. Andres, “Cyber-Gang Warfare: State-Sponsored Militias Are Coming to a Server Near You,” Foreign Policy (February 11, 2013).

113.One recent simulation of this kind, “Cyber Guard,” gathered about 1,000 military and civilian representatives. See Andrew Tilghman, Military Times (June 21, 2016).

114.See Bruce Schneier, “Someone Is Learning How to Take Down the Internet,” Lawfare (September 13, 2016).

115.See “Wimbledon Case,” Permanent Court of International Justice, A1 (1923).

116.Author interview with a senior official in the British Cabinet Office (February 17, 2017).

7  The Deterrence Puzzle: Doctrinal Problems and Remedies

1.A preeminent case in support of the notion of limited nuclear war – a bold idea for its times – appeared in Henry A. Kissinger, Nuclear Weapons and Foreign Policy (New York: Council on Foreign Relations, 1957). Apart from the unknown and possibly uncontrollable risks of escalation from limited to general nuclear war, critics of limited war have also pointed out that even a small number of nuclear explosions could devastate the Earth’s climate, producing as many fatalities as the Second World War. The focus of the study was on smoke emissions of incinerated buildings. See Rutgers, the State University of New Jersey, “Regional Nuclear War Could Devastate Global Climate,” Science Daily (December 11, 2016), www.sciencedaily.com/releases/2006/12/061211090729.htm. The concept of limited nuclear war never disappeared entirely from military planning, however. It featured, for example, in the 1983 war game titled “Proud Prophet,” which enacted a scenario of “limited de-escalatory” nuclear strikes. See Geoff Wilson and Will Saetren, “Quite Possibly the Dumbest Military Concept Ever: A ‘Limited’ Nuclear War,” The National Interest (May 27, 2016), http://nationalinterest.org/blog/the-buzz/quite-possibly-the-dumbest-military-concept-ever-limited–16394?page=show.

2.Author interview with a senior official in the British Cabinet Office (February 17, 2017).

3.Ibid.

4.George Osborne, “Chancellor’s Speech to GCHQ on Cyber Security,” HM Treasury (November 17, 2015), https://www.gov.uk/government/speeches/chancellors-speech-to-gchq-on-cyber-security.

5.An alternative explanation for the absence of cyberwar is the belief that it will not advance the attacker’s interests even in the absence of retaliation.

6.Raymond Aron, Penser la guerre, Clausewitz, Vol. 2, L’àge planétaire (Paris: Gallimard, 1976), pp. 162–63, translated in Stanley Hoffmann, Janus and Minerva: Essays in the Theory and Practice of International Politics (London: Westview Press, 1987), p. 60.

7.See, for instance, Joseph S. Nye, Jr., “Nuclear Lessons for Cyber Security?” Strategic Studies Quarterly (Winter 2011), pp. 18–38.

8.See Bernard Brodie, “The Anatomy of Deterrence,” in Bernard Brodie, ed., Strategy in the Missile Age (Princeton, N.J.: Princeton University Press, 1958); Bruce M. Russett, “The Calculus of Deterrence,” Journal of Conflict Resolution, Vol. 7, No. 2 (June 1963), pp. 97–109; Albert Wohlstetter, “The Delicate Balance of Terror,” in Henry A. Kissinger, ed., Problems of National Strategy: A Book of Readings (New York: Praeger, 1965); and Patrick M. Morgan, Deterrence (Beverly Hills, CA: Sage, 1977).

9.For a discussion of these techniques, see Glenn H. Snyder, Deterrence and Defense (Princeton, N.J.: Princeton University Press, 1961); Robert Jervis, The Meaning of the Nuclear Revolution: Statecraft and the Prospect of Armageddon (Ithaca, N.Y.: Cornell University Press, 1989), p. 10; and Richard J. Harknett, “The Logic of Conventional Deterrence and the End of the Cold War,” Security Studies, Vol. 4, No. 1 (1994), pp. 86–114.

10.For a discussion of some of these problems, see, for example, Kenneth Geers, “The Challenge of Cyber Attack Deterrence,” Computer Law and Security Review, Vol. 26, No. 3 (May 2010), pp. 298–303; Lucas Kello, “The Virtual Weapon: Dilemmas and Future Scenarios,” Politique étrangere, Vol. 79, No. 4 (Winter 2014/2015), pp, 139–150; and Joseph S. Nye, Jr., “Deterrence and Dissuasion in Cyberspace,” International Security, Vol. 41, No. 3 (Winter 2016/2017), pp. 44–71.

11.Some new forms of malware emit acoustic signals that can manipulate data in air-gapped devices. So far, however, the practical applications of this intrusion method are limited by the requirement that the targeted system be previously infected by malware. See Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici, “DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise,” arXiv.org (August 11, 2016).

12.See David E. Sanger, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power (New York: Crown, 2012), Chapter 8.

13.The early nuclear era witnessed a similar tendency in strategic thinking toward punishment. See Bernard Brodie, The Absolute Weapon (New York: Harcourt, 1946); and Robert Powell, Nuclear Deterrence Theory: The Search for Credibility (Cambridge: Cambridge University Press, 1990).

14.See Chapter 4 in this volume; and the Defense Science Board of the Department of Defense, Resilient Military Systems and the Advanced Cyber Threat (Washington, D.C., January 2013).

15.See Madeleine Albright (chairwoman), NATO 2020: Assured Security; Dynamic Engagement (Brussels: NATO Public Diplomacy Division, May 17, 2010). NATO’s formal designation of cyberspace as an “operational domain” of the alliance in 2016 gives credence to this interpretation.

16.Author interview with Sorin Ducaru (January 20, 2017).

17.See Patrick M. Morgan, “Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm,” in Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy (Washington, D.C.: National Academies Press, 2010), p. 56.

18.Nick Harvey (MP), “Meeting the Cyber Challenge,” speech delivered at Chatham House (November 9, 2010).

19.On the problem of attribution, see David D. Clark and Susan Landau, “Untangling Attribution,” in Proceedings of a Workshop on Deterring Cyberattacks, pp. 25–40.

20.Author interview with Harri Tiido (February 17, 2017).

21.Nye labels this logic deterrence by entanglement. See Nye, “Deterrence and Dissuasion in Cyberspace,” p. 59.

22.See Charles Smith, “Cyber War against Iraq,” Newsmax (March 12, 2003).

23.See James A. Lewis, A Note on the Laws of War in Cyberspace (Washington, D.C.: Center for Strategic and International Studies, April 2010).

24.On problems of escalatory ambiguity, see Martin C. Libicki, Crisis and Escalation in Cyberspace (Santa Monica, CA: RAND, 2012), Chapter 4.

25.See Herman Kahn, On Escalation: Metaphors and Scenarios (London: Pall Mall Press, 1965).

26.David E. Sanger, David Barboza, and Nicole Perlroth, “Chinese Army Unit Is Seen as Tied to Hacking Against U.S.,” The New York Times (February 18, 2013).

27.See Thomas C. Schelling, The Strategy of Conflict (Cambridge, MA: Harvard University Press, 1960).

28.See François Lenoir, “Massive Cyber Attack Could Trigger NATO Response: Stoltenberg,” Reuters (June 16, 2016).

29.Unofficial reports have specified Article 5 scenarios, but these are not official policy statements.

30.See Task Force Report: Resilient Military Systems and the Advanced Cyber Threat (Washington, D.C.: Department of Defense Science Board, January 2013).

31.Some former officials have called for such a limit. See comments by Richard A. Clarke and Steven Andreasen, “Cyberwar’s Threat Does Not Justify a New Policy of Nuclear Deterrence,” Washington Post (June 14, 2013).

32.Author interview with Ducaru.

33.See Lucas Kello, “The Virtual Weapon: Dilemmas and Future Scenarios,” Politique étrangere, Vol. 79, No. 4 (Winter 2014/2015), p. 146; and Jon R. Lindsay, “Tipping the Scales: The Attribution Problem and the Feasibility of Deterrence against Cyberattack,” Journal of Cybersecurity, Vol. 1, No. 1 (2015), p. 59.

34.See Michael S. Schmidt, “New Interest in Hacking as Threat to Security,” The New York Times (March 13, 2012).

35.Ken Dilanian, “Intelligence Chief Sees ‘Permissive Environment’ for Cyberattacks against US Interests,” US News (September 10, 2015).

36.Jack Goldsmith, “Disconcerting U.S. Cyber Deterrence Troubles Continue,” Lawfare (September 15, 2015).

37.Jim Michaels, “Pentagon Seeking ‘Rules of Engagement’ for Cyber-War,” USA Today (April 4, 2013).

38.Josh Rogin, “NSA Chief: Cybercrime Constitutes the ‘Greatest Transfer of Wealth in History’,” Foreign Policy (July 9, 2012).

39.See “Intelligence Chief: Little Penalty for Cyberattacks,” Associated Press (September 10, 2015).

40.Another approach to resolving deterrence failures at the middle of the spectrum is by neutralizing threats before the opponent realizes them – that is, active defense. For a discussion of the meaning of active defense, see Chapter 9.

41.Specifically, Obama was weighing in on Chinese espionage. See Natash Bertrand, “China Caught the US ‘With Our Pants Down’ – and the Obama Administration is Struggling to Respond,” Business Insider (August 4, 2015).

42.Interview with Ducaru.

43.Uri Tor, “‘Cumulative Deterrence’ as a New Paradigm for Cyber Deterrence,” Journal of Strategic Studies, Vol. 40, No. 1 (2017), pp. 92–117.

44.Richard Harknett, for instance, has claimed that “deterrence is the wrong framework for explaining cyber aggression and for formulating policy.” Instead, he advocates a logic of “offense persistence” that comprises better defense – both passive and active – in an environment of constant contact among adversaries. See Richard J. Harknett, “Toward a Logic of Offensive Persistence,” International Security (2017).

8  Russia and Cyberspace: Manifestations of the Revolution

1.The thesis of the “end of history” stipulated the lasting and universal triumph of liberal democratic ideals following the collapse of Communism in 1989. See Francis Fukuyama, The End of History and the Last Man (New York: The Free Press, 1992).

2.See Benjamin Elgin, “Network Security Breaches Plague NASA,” Bloomberg (November 20, 2008).

3.Western academic institutions are a common target of Chinese state hackers searching for intellectual and commercial prizes. According to former NSA security contractor Edward Snowden, the NSA hacks Chinese universities for unspecified purposes. See Adam Segal, “The Code Not Taken: China, the United States, and the Future of Cyber Espionage,” Bulletin of the Atomic Scientists, Vol. 69, No. 5 (2013), pp. 38–45; and Jon R. Lindsay, “The Impact of China on Cybersecurity: Fiction and Friction,” International Security, Vol. 39, No. 3 (Winter 2014–15), pp. 7–47.

4.John Arquilla and David Ronfeldt, Cyberwar is Coming! (Santa Monica, CA: RAND, 1993). Others, too, saw the signs. A critique praising another book by the same authors remarked: “Arquilla and Ronfeldt are a rare breed: strategic thinkers of the information age. In Networks and Netwars they grasp an emerging reality still lost on those preoccupied with the geostrategic balance of power: War in the future will be waged by leaderless networks that can come together quickly out of cyberspace to ‘swarm’ an opponent. Like few others, they recognize that the flipside of the celebrated global civil society born of the Internet is the ‘uncivil society’ of terrorists and criminals who will use the same means to spread havoc and instability.” Comments by Nathan Gardels in John Arquilla and David Ronfeldt, Networks and Netwars: The Future of Terror, Crime, and Militancy (Santa Monica, CA: RAND, 2001).

5.This comparison, it is important to note, implies no equivalence in destructive power between cyber and nuclear weapons; it merely suggests that the two episodes had a similarly profound effect in their respective eras in launching searching discussions about the implications of a new technology for conflict prevention, crisis stability, and the defense against offensively superior arms.

6.Adam Segal identifies the period from June 2012 to June 2013 as “Year Zero” in the “battle over cyberspace.” He referred to the reassertion of state control over Internet data flows (i.e. information security) in various nations. The year 2007 is a more relevant starting point for a book about the analysis of international cyber issues because it marked the beginning of the era of conflict through cyberspace and its associated strategy and policy debates. See Adam Segal, The Hacked World Order: How Nations Fight, Trade, and Manipulate in the Digital Age (New York: Council on Foreign Relations, 2016), p. 1.

7.Although this work generally eschews the use of the words “war” and “warfare” in labeling offensive activity that falls short of their traditional criteria (e.g. significant physical violence and loss of life), the label “information warfare” is appropriate because it has a long history in discussions about Russian security doctrine.

8.See Adam B. Ulam, Bolsheviks: The Intellectual, Personal and Political History of the Triumph of Communism in Russia (New York: Macmillan, 1968), p. 392.

9.See Adam B. Ulam, Stalin: The Man and His Era (Boston, MA: Beacon, 1989), p. 234.

10.See ibid., pp. 414–15; and Aleksandr Orlov, The Secret History of Stalin’s Crimes (New York: Jarrolds, 1953), p. 35.

11.See Ulam, Stalin, pp. 417–18, fn. 70. Among the other members of the first Politburo established in 1917 were Lenin, Stalin, Trotsky, Sokolnikov, and Bubnov. The latter three also succumbed to Stalin’s Great Purge.

12.A more accurate and less offensive translation of this popular term is “useful fool.” Often attributed to Lenin after his time, the term may in fact not be his. See William Safire, “On Language,” The New York Times (April 12, 1987).

13.Black propaganda was overseen by the KGB’s Service A; white and grey propaganda by the Ideology Department of the Soviet Communist Party. See Fletcher Schoen and Christopher J. Lamb, Deception, Disinformation, and Strategic Communications: How One Interagency Group Made a Major Difference (Washington, D.C.: National Defense University Press, June 2012); and Steve Abrams, “Beyond Propaganda: Soviet Active Measures in Putin’s Russia,” Connections: The Quarterly Journal, Vol. 15, No. 1 (2016), p. 12.

14.KGB agents at Soviet embassies around the globe disseminated the U.S. National Security Council document, titled “Carter’s Secret Plan to Keep Black Africans and Black Americans at Odds.” See Schoen and Lamb, Deception, Disinformation, and Strategic Communications, p. 24; and J. Michael Waller, Strategic Influence: Public Diplomacy, Counterpropaganda, and Political Warfare (Washington, D.C.: Institute of World Politics Press, 2009), pp. 159–61.

15.See Tony Barber, “Russia’s Dark Art of Disinformation,” The Financial Times (September 16, 2016); and Thomas Boghardt, “Soviet Bloc Intelligence and Its AIDS Disinformation Campaign,” Studies in Intelligence, Vol. 53, No. 4 (December 2009), pp. 1–24. On KGB disinformation campaigns generally, see Ladislav Bittman, The KGB and Soviet Disinformation: An Insider’s View (Oxford: Pergamon, 1985); and Ion Mihai Pacepa and Ronald Rychlak, Disinformation: Former Spy Chief Reveals Secret Strategies for Undermining Freedom, Attacking Religion, and Promoting Terrorism (Washington, D.C.: WND Books, 2013).

16.Valeriy Gerasimov, “Ценность науки в предвидении” [“The Value of Science is in Foresight”], Военно-промышленный курьер (February 27, 2013), http://vpk-news.ru/sites/default/files/pdf/VPK_08_476.pdf. For an English translation and commentary, see “The ‘Gerasimov Doctrine’ and Russian Non-Linear Warpage,” in https://inmoscowsshadows.wordpress.com/2014/07/06/the-gerasimov-doctrine-and-russian-non-linear-war/. See also Sergey Chekinov and Sergey A. Bogdanov, “The Nature and Content of a New-Generation War,” Military Thought, No. 4 (2013).

17.See Jolanta Darczewska, The Anatomy of Russian Information Warfare. The Crimean Operation: A Case Study (Warsaw: Centre for Eastern Studies, May 2014).

18.Keir Giles, “Russia’s ‘New’ Tools for Confronting the West: Continuity and Innovation in Moscow’s Exercise of Power,” Research Paper, Russia and Eurasia Programme, Chatham House (March 2016), p. 10. Gerasimov himself has pointed as evidence of this reality to the popular uprisings in the Arab world in 2011 and in Ukraine in 2014. See A Primer on Modern Russian Unconventional Warfare, Ukraine 2013–14 (Unclassified version) (Fort Bragg, N.C.: The United States Army Special Operations Command, 2015), p. 16.

19.See James Risen, “The C.I.A. in Iran – A Special Report; How a Plot Convulsed Iran in ’53 (and in ’79),” The New York Times (April 16, 2000).

20.See Adam Taylor, “Before ‘Fake News’ There Was Soviet ‘Disinformation’,” Washington Post (November 26, 2016).

21.See Andrei Soldatov and Irina Borogan, The Red Web: The Struggle between Russia’s Digital Dictators and the New Online Revolutionaries (New York: PublicAffairs, 2015), p. 25.

22.One notable incident was the DDoS attack against liberal and independent websites during the 2011 Duma elections. See Hal Roberts and Bruce Etling, “Coordinated DDoS Attack During Russian Duma Elections,” Internet and Democracy Blog (December 8, 2011), http://blogs.harvard.edu/idblog/2011/12/08/coordinated-ddos-attack-during-russian-duma-elections/.

23.See Samuel P. Huntington, The Clash of Civilizations and the Remaking of World Order (New York: Simon and Schuster, 1996).

24.Indeed, Huntington’s conception of a thin basis of universal values among countries in different civilizations has affinities with Bull’s “pluralist” notion of international society. See ibid., p. 54.

25.See Dina Newman, “Russian Nationalist Thinker Dugin Sees War with Ukraine,” BBC News (July 10, 2014), http://www.bbc.co.uk/news/world-europe–28229785.

26.“Putin Deplores Collapse of USSR,” BBC (April 25, 2005).

27.“The ‘Gerasimov Doctrine’ and Russian Non-Linear Warpage.”

28.See James Sherr, “Ukraine and the Black Sea Region: The Russian Military Perspective,” in Stephen Blank, ed., The Russian Military in Contemporary Perspective (Carlisle, PA: Strategic Studies Institute, U.S. Army War College, forthcoming).

29.Timothy L. Thomas, “Russia’s Reflexive Control Theory and the Military,” Journal of Slavic Military Studies, Vol. 17, No. 2 (2004), p. 237. See also Maria Snegovaya, “Executive Summary: Putin’s Information Warfare in Ukraine: Soviet Origins of Russia’s Hybrid Warfare,” Institute for the Study of War (September 2015).

30.Sherr, “Ukraine and the Black Sea Region.”

31.See Daisy Sindelar, “Inside Russia’s Disinformation Campaign,” Defense One (August 12, 2014); and Patrick Michael Duggan, “Strategic Development of Special Warfare in Cyberspace,” Joint Force Quarterly, Vol. 79, No. 4 (October 2015).

32.Shaun Walker, “Salutin’ Putin: Inside a Russian Troll House,” The Guardian (April 2, 2015).

33.Sindelar, “Inside Russia’s Disinformation Campaign.”

34.For a review of Dugin’s school of thought on information warfare, see Little Green Men, p. 16.

35.Officially, Clinton did not win the party’s nomination until the Democratic National Convention selected her four days later, but by the time of the email leaks it was clear that Sanders would likely lose. Trump had obtained the Republican Party’s nomination on July 19, 2016.

36.See “Background to ‘Assessing Russian Activities and Intentions in Recent US Elections’.” See also Adam Meyers, “Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units,” Crowdstrike Blog (December 22, 2016), https://www.crowdstrike.com/blog/danger-close-fancy-bear-tracking-ukrainian-field-artillery-units/; and Matt Flegenheimer, “Countering Trump, Bipartisan Voices Strongly Affirm Findings on Russian Hacking,” The New York Times (January 5, 2017).

37.See Krishnadev Calamur, “NATO Shmato?,” The Atlantic (July 21, 2016).

38.The deep cleavage within the Democratic Party pre-dated the hacking event. According to an Economist/YouGov poll conducted four months earlier, 55 percent of Sanders supporters would feel “dissatisfied” or “upset” if Clinton won the Democratic Party’s nomination. The party nomination boosted Clinton’s support within her party, but the cleavage persisted. In a survey the month after the Convention, about one-third of Sanders sympathizers still rejected her. See “The Economist/YouGov Poll,” YouGov UK (March 10–12, 2016), https://d25d2506sfb94s.cloudfront.net/cumulus_uploads/document/055qdf83nv/econTabReport.pdf; and David Weigel, “Sanders Absolves Clinton on Hacked Emails, but Other Voices on the Left Are Angry,” Washington Post (October 12, 2016); and Harry Enten, “About a Third of Bernie Sanders’ Supporters Still Aren’t Backing Hillary Clinton,” FiveThirtyEight (August 8, 2016), http://fivethirtyeight.com/features/about-a-third-of-bernie-sanders-supporters-still-arent-backing-hillary-clinton/?ex_cid=538twitter.

39.See Sari Horwitz, “FBI Director James B. Comey Under Fire for His Controversial Decision on the Clinton Email Inquiry,” Washington Post (October 29, 2016).

40.For his part, Trump dismissed this assessment as sore-losing bluster. See Harry Enten, “How Much Did Wikileaks Hurt Hillary Clinton?,” FiveThirtyEight (December 23, 2016), https://fivethirtyeight.com/features/wikileaks-hillary-clinton/.

41.Sabrina Siddiqui, “Priebus and Manafort Seize on Wasserman Schultz DNC Resignation,” The Guardian (July 25, 2017).

42.“Background to ‘Assessing Russian Activities and Intentions in Recent US Elections’: The Analytic Process and Cyber Incident Attribution,” Report of the Director of National Intelligence (January 6, 2017).

43.See Lorenzo Franceschi-Bicchierai, “How Hackers Broke Into John Podesta and Colin Powell’s Gmail Accounts,” Motherboard (October 20, 2016), https://motherboard.vicecom/en_us/article/how-hackers-broke-into-john-podesta-and-colin-powells-gmail-accounts.

44.See Jeffrey Carr, “FBI/DHS Joint Analysis Report: A Fatally Flawed Effort,” Medium (December 30, 2016), https://medium.com/@jeffreycarr/fbi-dhs-joint-analysis-report-a-fatally-flawed-effort-b6a98fafe2fa.

45.The origin of the Vermont power grid story was an anonymous source who spoke to the Washington Post. The incident was not an attack, because it did not involve a disruption of computer functions – merely the discovery of malware in a single computer. Nor was it an action directed against the national power grid, because the infected machine was not connected to the grid system of the affected Vermont company, Burlington Electrical Department. See Richard Chirgwin, “Russian ‘Grid Attack’ Turns Out to Be a Damp Squib,” The Register (January 3, 2017).

46.Melissa Chan, “Julian Assange Says a ‘14-Year-Old Kid Could Have Hacked Podesta’ Emails,” Time (January 4, 2017).

47.Guccifer divulged some material on outlets such as Wordpress blog, Gaker, and DCLeaks. The DCLeaks website was established in June 2016 with the purpose of publishing leaks of emails belonging to prominent government and military figures in the United States. See ‘Threat Connect Identifies DC Leaks as Another Russian-backed Influence Outlet,’ ThreatConnect (August 12, 2016).

48.See Thomas Rid, “All Signs Point to Russia Being Behind the DNC Hack,” Motherboard (July 25, 2017).

49.“Opening Statement by SASC Chairman John McCain at Hearing on Foreign Cyber Threats to the United States,” Floor Statements, official webpage of U.S. Senator John McCain (January 5, 2017), https://www.mccain.senate.gov/public/index.cfm/floor-statements?ID=810C2B63–6714–4DF0-A337–5B46D9C6BBD9.

50.“Trump Questions Claims of Russian Hacking: ‘I Know Things Others Don’t’,” The Guardian (January 1, 2017).

51.Elizabet Weise, “Tech Crowd Goes Wild for Trump’s ‘400-Pound Hacker’,” USA Today (September 27, 2016). Some security analysts and journalists also questioned Russia’s authorship of the DNC hack. See, for example, Matt Taibbi, “Something About This Russia Story Stinks,” Rolling Stone (December 30, 2016).

52.Confronted by the allegation that the Kremlin sought to help him win the election, the president-elect replied: “I think it’s [the allegation] ridiculous . . . No, I don’t believe it at all.” Elise Viebeck, “Trump Denies CIA Report that Russia Intervened to Help Him Win Election,” Washington Post (December 11, 2016).

53.Ibid.

54.Polling data pointed to Clinton victory throughout much of the post-convention stage. See Vann R. Newkirk II, “What Went Wrong With the 2016 Polls?” The Atlantic (November 9, 2012).

55.The title of the Clinton video was “How 100% of the Clintons’ ‘Charity’ Went to . . . Themselves.” The title of the Trump video was “Trump Will Not Be Permitted To Win” (that is, by the U.S. political establishment). For details on Russian disinformation activities during the campaign, see “Background to ‘Assessing Russian Activities and Intentions in Recent US Elections’,” pp. 3–4.

56.See “Background to ‘Assessing Russian Activities and Intentions in Recent US Elections’.”

57.Ibid.

58.See Evan Osnos, David Remnick, and Joshua Yaffa, “Trump, Putin, and the New Cold War,” The New Yorker (March 6, 2017).

59.“Background to ‘Assessing Russian Activities and Intentions in Recent US Elections’.”

60.Lauren Gambino, “Obama Orders Sanctions against Russia in Response to US Election Interference,” The Guardian (December 29, 2016).

61.Ibid.

9  Private Sector Active Defense: An Adequate Response to the Sovereignty Gap?

1.This is often the case: for example, the handlers of the Stuxnet worm that hit the Natanz nuclear facility in Iran in 2009 may have compromised the industrial controller several years earlier. See David E. Sanger, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power (New York: Crown, 2012), Chapter 8.

2.Author interview with a senior official in the British Cabinet Office (February 17, 2017).

3.“Chairman of the U.S. House Intelligence Committee Mike Rogers in Washington Post Live: Cybersecurity 2014,” Washington Post (October 2, 2014).

4.See Riley C. Matlack, M. Riley, and J. Robertson, “The Company Securing Your Internet Has Close Ties to Russian Spies,” Bloomberg (March 15, 2015).

5.Huawei describes itself as an employee-owned “collective,” but some commentators have questioned its freedom from Chinese state control. See Richard McGregor, The Party: The Secret World of China’s Communist Rulers (New York: HarperCollins, 2010); and M. Rogers and C. A. D. Ruppersberger, Investigative Report on the U.S. National Security Issues Posed by Chinese Telecommunications Companies Huawei and ZTE, U.S. House of Representatives 112th Congress, Permanent Select Committee on Intelligence (October 8, 2012).

6.See Department of Defense Strategy for Operating in Cyberspace (Washington, D.C.: U.S. Department of Defense, July 2011), p. 7.

7.See Cyber Security Strategy, 2014–2017 (Tallinn: Ministry of Economic Affairs and Communications, 2014).

8.C. Green, “UK Becomes First Country to Disclose Plans for Cyber Attack Capability,” Information Age (September 30, 2013).

9.Robert M. Lee, The Sliding Scale of Cyber Security – A SANS Analyst Whitepaper (Boston, MA: SANS Institute, 2015), pp. 9–11.

10.Honeypots consist of decoy data that the defender uses to lure an attacker to study and disrupt his methods. See Loras R. Even, Honey Pot Systems Explained (Boston, MA: SANS Institute, July 12, 2000). Sinkholes refer to a DNS computer server that produces false data to prevent the attacker from using the true domain name. See Guy Bruneau, DNS Sinkhole (Boston, MA: SANS Institute, August 7, 2010).

11.See David D. Clark and Susan Landau, “Untangling Attribution,” Harvard National Security Journal (March 2011).

12.See, for instance, Alexander Klimburg and Jason Healey, “Strategic Goals and Stakeholders,” in Alexander Klimburg, ed., National Cyber Security Framework and Manual (Tallinn: NATO Cooperative Cyber Defence Centre of Excellence, 2012), pp. 74–5 and 80; Tim Maurer and Robert Morgus, Compilation of Existing Cybersecurity and Information Security Related Definitions (New America, October 2012), p. 71; and Jay P. Kesan and Carol M. Hayes, “Mitigative Counterstriking: Self-Defense and Deterrence in Cyberspace,” Harvard Journal of Law and Technology, Vol. 25, No. 2 (Spring 2012), p. 460.

13.There are debates about the requirements of “authorization.” See Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations, third edition (Washington, D.C.: Department of Justice Office of Legal Council, 2009).

14.It is unclear, however, whether intentional damage resulting from actions taken entirely within one’s networks is lawful. See “Cyber-Surveillance Bill to Move Forward, Secretly” (Washington, D.C.: Center for Democracy and Technology, March 4, 2015).

15.One notable case is Susan Clements Jeffrey vs. Absolute Software involving a company that used beacon technology to capture explicit data from a computer the operator did not know was stolen. The court ruled against the company. See “Absolute Software Settles Lawsuit Over Nude Photos,” Forbes (September 6, 2011).

16.See remarks by the Homeland Security Secretary, Janet Napolitano, in Joseph Menn, “Hacked Companies Fight Back with Controversial Steps,” Reuters (June 18, 2012); and remarks by Chairman of the U.S. House Intelligence Committee Mike Rogers in “Washington Post Live: Cybersecurity 2014,” Washington Post (October 2, 2014).

17.Best Practices for Victim Response and Reporting of Cyber Incidents (Washington, D.C.: Department of Justice, April 2015).

18.Michael S. Rogers, “Cyber Threats and Next-Generation Cyber Operations,” Keynote Speech at the Annual Cybersecurity Technology Summit, AFCEA, Washington, D.C. (April 2, 2015).

19.Interview with John Lynch, Steptoe Cyberlaw Podcast (January 21, 2016).

20.Hannah Kuchler, “Cyber Insecurity: Hacking Back,” The Financial Times (July 27, 2015).

21.See Tom Spring, “Spam Slayer: Bringing Spammers to Their Knees,” PCWorld (July 18, 2008).

22.See Kim Zetter, “FBI vs. Coreflood Botnet: Round 1 Goes to the Feds,” Wired (April 11, 2011).

23.See Brian Krebs, “‘Operation Tovar’ Targets ‘Gameover’ ZeuS Botnet, CryptoLocker Scourge,” KrebsonSecurity (June 2, 2014).

24.Kuchler, “Cyber Insecurity.”

25.These consequences are positive from the perspective of private defenders and their parent governments; other players may not share this view.

26.The attackers activated the “Wiper” malware on 24 November; the FBI publicly attributed the attack to North Korea on 19 December. See “Update on Sony Investigation,” Federal Bureau of Investigation (December 19, 2014), https://www.fbi.gov/news/pressrel/press-releases/update-on-sony-investigation.

27.See Peter W. Singer and Allan Friedman, Cybersecurity and Cyberwar (Oxford: Oxford University Press, 2014).

28.To share information derived from classified sources the U.S. government resorts to four selective commercial service providers: AT&T, CenturyLink, Lockheed Martin, and Verizon. See Andy Ozment, DHS’s Enhanced Cybersecurity Services Program Unveils New “Netflow” Service Offering (Washington, S.C.: U.S. Department of Homeland Security, January 26, 2016), https://www.dhs.gov/blog/2016/01/26/dhs%E2%80%99s-enhanced-cybersecurity-services-program-unveils-new-%E2%80%9Cnetflow%E2%80%9D-service-offering.

29.Ron Nixon, “Homeland Security Dept. Struggles to Hire Staff to Combat Cyberattacks,” International New York Times (April 6, 2016).

30.See Oliver Wright, “GCHQ’s ‘Spook First’ Programme to Train Britain’s Most Talented Tech Entrepreneurs,” The Independent (January 1, 2015); and Jamie Collier, “Proxy Actors in the Cyber Domain” (unpublished paper).

31.See Christian Czosseck, Rain Ottis, and Anna-Maria Talihärm, “Estonia After the 2007 Cyber Attacks: Legal, Strategic and Organisational Changes in Cyber Security,” in M. Warren, ed., Case Studies in Information Warfare and Security (Reading: Academic Conferences and Publishing International Limited, 2013).

32.See Lior Tabansky and Itzhak Ben Israel, Striking with Bits? The IDF and Cyber-Warfare (Cham: Springer, 2015).

33.See “National Guard to Stand Up 13 New Cyber Units in 23 States,” Army Times (December 15, 2015).

34.See James Pattison, The Morality of Private War: The Challenge of Private Military Companies and Security Companies (Oxford: Oxford University Press, 2014); and A. Alexandra, D.-P. Baker, and M. Caparini, eds., Private Military Companies: Ethics, Policies and Civil-Military Relations (London: Routledge, 2008).

35.See Sari Horwitz, Shyamantha Asokan, and Julie Tate, “Trade in Surveillance Technology Raises Worries,” Washington Post (December 1, 2011).

36.See Lillian Ablon, Martin C. Libicki, and Andrea A. Golay, Markets for Cybercrime Tools and Stolen Data (Santa Monica, CA: RAND, March 14, 2014).

37.See James Vincent, “Edward Snowden Claims Microsoft Collaborated with NSA and FBI to Allow Access to User Data,” The Independent (July 12, 2013).

38.See Gabrielle Coppola, “Israeli Entrepreneurs Play Both Sides of the Cyber Wars,” Bloomberg (September 29, 2014).

39.See Stephen Krasner, “State Power and the Structure of International Trade,” World Politics, Vol. 28, No. 3 (April 1976), pp. 317–47; and Richard N. Rosecrance, The Resurgence of the West: How a Transatlantic Union Can Prevent War and Restore the United States and Europe (New Haven, CT: Yale University Press, 2013).

40.See Florian Egloff, “Cybersecurity and the Age of Privateering: A Historical Analogy,” Cyber Studies Working Paper No. 1, University of Oxford (March 2015).

41.See Fernand Braudel, The Mediterranean and the Mediterranean World in the Age of Philip II (Berkeley, CA: University of California Press, 1995).

42.Some thinkers question whether attribution is as hard as many observers believe it to be. See Jon R. Lindsay, “Tipping the Scales: The Attribution Problem and the Feasibility of Deterrence against Cyberattack,” Journal of Cybersecurity, Vol. 1, No. 1 (2015), pp. 53–67; and Thomas Rid, “Attributing Cyber Attacks,” Journal of Strategic Studies (2015), p. 38.

43.See Brandon Valeriano and Ryan C. Maness, Cyber War Versus Cyber Realities: Cyber Conflict in the International System (Oxford: Oxford University Press, 2015).

44.Legal scholars who support the “natural law” tradition developed by Aquinas, Locke, and Vattel have challenged the positivist doctrine’s position as the legitimate source of international law. See James L. Brierly, The Basis of Obligations in International Law (Oxford: Clarendon Press, 1958); and Hersch Lauterpacht, International Law and Human Rights (London: Stevens and Sons, 1950).

10  Cyber Futures

1.See “The Path of Cyberlaw,” Yale Law Journal, Vol. 104, No. 7 (May 1995), pp. 1,743–55; and “The Zones of Cyberspace Symposium: Surveying Law and Borders,” Stanford Law Review, Vol. 48 (1995–96), pp. 1,403–11.

2.See, for example, Rein Turn, “Privacy Protection and Security in Transnational Data Processing Systems,” Stanford Journal of International Law, Vol. 16 (Summer 1980), pp. 67–86.

3.See Elaine McArdle, “The New Age of Surveillance,” Harvard Law Bulletin (Spring 2016).

4.Parallel developments in the area of quantum cryptography will not neutralize this threat. Computer specialists expect that the technique will reinforce only “symmetric cryptography,” a more cumbersome encryption method than asymmetric encryption that is used to secure Top Secret government documents and other highly sensitive data. Workshop on European Cybersecurity: Future Trends and Policy Challenges, January 27–28, 2017, Cyber Studies Programme, University of Oxford.