Академический Документы
Профессиональный Документы
Культура Документы
INR 4114
3/31/2019
Cyber Warfare
Cyber Warfare is a threat that has risen to prominence in recently history. Is the US
prepared for Cyber warfare in the future or is not enough being done? As the US has seen, the
Trump administration has acknowledged the importance of the topic. The president has
acknowledged the issue of cyber security by signing into effect a cyber security strategy. This is
the first Cyber security strategy of that has been put in place by the US in the last 15 years.1 The
plan is very encouraging as it acknowledges the importance understanding an being prepared for
cyber-attacks. Countries such as China already have government funded projects that gather
information and even steal information from US business and the government. The stolen
information is used against US business and the government which needs to be prevented or
stopped entirely.2 The president’s plan is put in 4 pieces and although they are very brief it is
important to look at each aspect and to understand if these can have a positive effect on US security
in the future. 3
The plan that president Trump has signed into effect follows four different tenets that will
be put into the National Cyber Strategy. Each of these will represent what the plan wishes to
1
President Trump Unveils America's First Cybersecurity Strategy in 15 Years. (2018, September 28). Retrieved
March 27, 2019, from https://www.whitehouse.gov/articles/president-trump-unveils-americas-first-cybersecurity-
strategy-15-years/
2
Cyber Warfare. (n.d.). Retrieved March 28, 2019, from https://www.rand.org/topics/cyber-warfare.html
3
The UN Secretary-General's Call for Regulating Cyberwar Raises More Questions Than Answers. (n.d.). Retrieved
March 26, 2019, from https://www.cfr.org/blog/un-secretary-generals-call-regulating-cyberwar-raises-more-
questions-answers
1
achieve in the future of Cyber Security. The first step of the plan is to protect American people,
the Homeland and the American way of life. The goal is to manage cybersecurity risks by
increasing security and resilience of the Nation’s information gathering and information systems.
The way that the plan wishes to achieve this goal is to take steps in making the Federal networks
more secure. The is also the goal of improving the security of critical infrastructure, to combat
cybercrime itself and improving how accurate and fast incident reports are made. Protection of the
US public is a very important part of cybersecurity and what it entails.4 An interesting aspect that
can be looked at is the dangerous that can arise involve medical equipment. Currently the very
relaxed ideas on cyber raise a very dangerous problem that can be exploited and may lead to
harming many American lives. Currently there is a vulnerability in medical equipment that can be
exploited if an individual were to gain access to a specific network.5 This brings up two aspects of
cyber that this plan states it can fix. The first would be defining what action will lead to a cyberwar
and the second is to improve the understanding of cyber for everyone including policymakers. A
better understanding would allow laws to be passed the prevented certain medical devices from
being sold or used with out certain protection and security in place to prevent or combat a cyber-
attack on the systems.6 Many people in the US and world rely on these medical devices and
ignoring this aspect can lead to a major loss of life in the country. Medical equipment is not the
only target that can have very negative effects if attacked by a cyber weapon. One interesting topic
is the power grid of the US and all the infrastructure that is involved with the power grid. 7 An
4
President Trump Unveils America's First Cybersecurity Strategy in 15 Years. (2018, September 28). Retrieved
March 27, 2019, from https://www.whitehouse.gov/articles/president-trump-unveils-americas-first-cybersecurity-
strategy-15-years/
5
Williams, P., & Woodward, A. (2015). Cybersecurity vulnerabilities in medical devices: A complex environment
and multifaceted problem. Medical Devices: Evidence and Research, 305. doi:10.2147/mder.s50048
6
Ibid
7
Wang, W., & Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer Networks, 57(5),
1344-1371. doi:10.1016/j.comnet.2012.12.017
2
attack that damages and destroys any component in the power grid would have devastating results
for all peoples and the US and throughout the world. A power grid failure will lead to millions of
lives being lost and will take a large amount of time to repair.8 The US will need to improve its
power grid to ensure that it will be able to withstand attacks in the future. One way to improve the
grind is to upgrade and improve the technology that the power grid runs on. More upgraded
computers would allow for greater security as well as the upgrade would allow for more efficient
energy. Cyber security would also greatly improve on an updated power grid. There will need to
be multiple forms of security that the government will need to assess and work towards. The
government will need to identify and possible vulnerabilities in any and all networks associated
with the power grid. There will also need to be research and preparation for a way to counter any
attack that may be detected in the system. The first step to being successful in creating a power
grid that is ready for cyber attacks is to create an architecture that allows for strict protections but
will also allow for upgrades as well as maintaining strength in the cyber realm.9
The second part of the plan is to promote American prosperity. The goal of this part is to
continue protecting America’s influence in the technology ecosystem. There will also be the
efficiency. The way that the plan wishes to support this claim is to support a vibrant resilient digital
economy, to foster and protect American ingenuity, and develop superior cybersecurity workforce.
This piece is extremely important in the plan because one weakness that the US faces and many
companies face an issue with personnel.10 This piece of the plan carries some very significant
8
Wang, W., & Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer Networks, 57(5),
1344-1371. doi:10.1016/j.comnet.2012.12.017
9
Ibid
10
President Trump Unveils America's First Cybersecurity Strategy in 15 Years. (2018, September 28). Retrieved
March 27, 2019, from https://www.whitehouse.gov/articles/president-trump-unveils-americas-first-cybersecurity-
strategy-15-years/
3
information that needs to be addressed very soon. The value of information and intellectual
property continues to rise which creates an issue. The more the value of intellectual property rises,
the more vulnerable it is to cyber espionage.11 Currently there is a problem that has arrived with
this fact and it is a struggle of understanding who should be responsible for protection. Companies
argue that the government should be more active in deterrence.12 The government should be
working to stop any state actors from directly targeting the private companies. On the other side
the government believes that companies should protect their own property. The government also
expects the companies to share their information with the government on what is being targeted
and what is being used to defend from attacks.13 This issue provides an example of what would
aid in increasing American prosperity and what needs to be focused on in this topic. Cyber
espionage has a very negative impact on the US economy and leads to large amounts of loss every
year. If the government does not react quickly, the number of dollars lost will only continue to
rise.14
The third part of the plan is to preserve peace through strength. The part of the plan states
that there will be improvements to the way that the country identifies, counters, disrupts, degrades
and deters behavior in cyberspace that is damaging and contrary to the national interests of the US.
11
Mayers, & Merton, A. (2018). A Study on How Cyber Economic Espionage Affects U.S. National Security and
Competitiveness. A Study on How Cyber Economic Espionage Affects U.S. National Security and Competitiveness, 1-
14. Retrieved March 29, 2019.
12
Paul, Christopher, & Waltzman. (2018, January 10). How the Pentagon Should Deter Cyber Attacks. Retrieved
March 28, 2019, from https://www.rand.org/blog/2018/01/how-the-pentagon-should-deter-cyber-attacks.html
13
Mayers, & Merton, A. (2018). A Study on How Cyber Economic Espionage Affects U.S. National Security and
Competitiveness. A Study on How Cyber Economic Espionage Affects U.S. National Security and Competitiveness, 1-
14. Retrieved March 29, 2019.
14
Paul, Christopher, & Waltzman. (2018, January 10). How the Pentagon Should Deter Cyber Attacks. Retrieved
March 28, 2019, from https://www.rand.org/blog/2018/01/how-the-pentagon-should-deter-cyber-attacks.html
4
This will also be while preserving the America’s power in and through cyberspace.15 The way that
the plan states that it will achieve this is for the US to enhance cyber stability by creating norms
of a responsible state. The norms include the behavior, attribution of unacceptable behavior in
cyberspace and the imposition of costs on malicious cyber actors. This part of the plan would seem
to be the most important because deterrence may be the best way for the government to combat
the dangers of cybersecurity. One way that the US can improve the deterrence is once again to
determine just what is meant when the word cyber is used. Having a definition will allow for a
much better and more concise approach.16 It is notable to understand that not activity that occurs
in cyberspace is a cyber activity or threat. After the US finally agrees on what is cyber and what
is not, the focus will need to be clearly and concisely defining what an action is. This will allow
for policymakers to understand what a situation is and to have multiple options to approach the
topic at hand.17 The change of mindset will also need to adjust because many individuals approach
using cyber as too high of a risk when reality it is not. Cyber activities will need to be put into
categories that will determine what type of action it is.18 An example of this is the usage of code
that targets another countries infrastructure. These types of activities need to be classified as a
high-level threat and will need special approval for its usage to occur.
An important way to combat the and be prepared for new threats is to work to evolve the
way the US monitors cyber-attacks. An important defense is cyberspace is to be able to detect the
15
President Trump Unveils America's First Cybersecurity Strategy in 15 Years. (2018, September 28). Retrieved
March 27, 2019, from https://www.whitehouse.gov/articles/president-trump-unveils-americas-first-cybersecurity-
strategy-15-years/
16
Kramer, F. D., & Wentz, L. K. (2008). Cyber influence and international security. Washington, D.C.: Center for
Technology and National Security Policy, National Defense University.
17
Ibid
18
Fazzini, K. (2018, September 21). Trump's new strategy means the U.S. could get more aggressive with Russia
and China over hacking. Retrieved March 25, 2019, from https://www.cnbc.com/2018/09/21/trump-cybersecurity-
policy-offensive-hacking-nsa-russia-china.html
5
attacks before they even begin.19 Many different types of attacks are started from code that is
already in the system is activated when the attack is ready. An important way to be ready is to have
vast networks of people who are working together to improve the response time of the US and its
allies. Having a collaboration system in place allows for far greater amounts of information to be
discovered while also allowing for all involved to have less work and issues to deal with.20
Continuing the idea of improving strength and peace, the US will need to work on
improving the way the US interacts with other nations. It will be very important for the US to
integrate with other countries to have multiple groups interacting.21 With all countries being
integrated it will allow for much faster reaction and much greater influence in the world. One very
important aspect that has been very significant has been the integration of cyber intelligence
between other countries and the US. Being able to have access to multiple groups of cyber
information will allow for better reaction and being able to out think other groups.22
The US should also use Cyber to influence what happens in the physical world. Using
cyber to affect the physical world could be extremely influential and can lead to more efficient
activities. Using both can be seen as combined arms and will open up many opportunities with
other countries as well. Cyber can be used in this manner for a stronger form of deterrence as well
as used for military information gathering to have more concise and accurate information that can
be beneficial and more effective. After determining how cyber can be used it is important to
understand how it can be used for deterrence. Deterrence can be seen as influence and in order for
19
Narayanan, S. N., Ganesan, A., Joshi, K., Oates, T., Joshi, A., & Finin, T. (2018). Early Detection of Cybersecurity
Threats Using Collaborative Cognition. 2018 IEEE 4th International Conference on Collaboration and Internet
Computing (CIC). doi:10.1109/cic.2018.00054
20
Ibid
21
Mattis, J., & D. (n.d.). Summary of the 2018 National Defense Strategy of the United States of America.
22
Ibid
6
the proper deterrence to work the US will need to have a complete understanding of its cyber
capabilities. If policymakers understand cyber through the definitions that were created the US can
have better deterrence through cyber.23 The US must adjust its cyber actions when working to deter
a state to show that its actions also support what the goal of the deterrence is. Effective deterrence
takes in all aspects of another and in todays world, cyber is as important as understand a countries
culture and history. Another way that the US can improve its resolve is to be open and transparent
on what is expected and prohibited by all those involved. The US should also work on staying
within the lines that it would also like see and finally should punish those who chose to not follow
what has been put in place. Showing resolve is very important and the strong showings will allow
for better forms of deterrence as other countries understand what is being said. Effective deterrence
will be extremely important in the realm of cyberspace and will play a major role in the near
future.24
The fourth piece of the plan is to advance American influence in cyberspace. The plan is
to preserve long-term openness, interoperability, security, and the reliability of the internet which
is supporting America’s interests. The plan will take specific global efforts to promote these
objectives, while supporting market growth for infrastructure. There will also be interest taken to
support new emerging technologies and building cyber capacity internationally. 25 One way the Us
can work to achieve this is through treaties that involve cyber.26 A stated earlier, there needs to be
23
Luiijf, H. A., Besseling, K., Spoelstra, M., & Graaf, P. D. (2013). Ten National Cyber Security Strategies: A
Comparison. Lecture Notes in Computer Science Critical Information Infrastructure Security,1-17. doi:10.1007/978-
3-642-41476-3_1
24
Ibid
25
President Trump Unveils America's First Cybersecurity Strategy in 15 Years. (2018, September 28). Retrieved
March 27, 2019, from https://www.whitehouse.gov/articles/president-trump-unveils-americas-first-cybersecurity-
strategy-15-years/
26
Rosenzweig, P., Bucci, S. P., PhD, & Inserra, D. (n.d.). Next Steps for U.S. Cybersecurity in the Trump
Administration: Active Cyber Defense. Retrieved March 28, 2019.
7
definitions for cyber actions. Currently international law does not discuss private offensive and
defensive cyber activity. The lack of laws for this can be influenced with different treaties could
be very important. This can be a good idea but in their current manner do not directly affect private
cybersecurity either and this will need to be approached in the state versus from a holistic view.
Treaties in cyberspace can be an important step forward, however, and they can be very efficient
if carried out well. The use of treaties can bridge the gap between what international law covers
Having a plan is important because cyber attacks are very real, and they can happen at any
moment this quite evident by looking at recent attacks that have occurred. In January of 2019 there
have been multiple occurrences such as the US Department of Justice announcing that it will work
to disrupt North Korean botnets that were being used to attack companies involved with the media,
aerospace, financial and important infrastructure. In February of 2019 the Airbus company
announced that it was targeted by the Chinese that stole information of European employees. These
actions show the importance of having a plan in place to actively understand what is and is not be
allowed.28
Another important aspect to understand is the want of other countries to work on improving
cyber security throughout the world. Recently the UN has discussed the lack of rules that pertain
to cyber-warfare and that this presents a threat to everyone that must be investigated. It was noted
that everyday countries are involved in cyberwars and it is not clear if the Geneva convention
applies to cyberwarfare of if the international humanitarian laws apply to cyber. One aspect of this
27
Ibid
28
Significant Cyber Incidents. (n.d.). Retrieved March 25, 2019, from
https://www.csis.org/programs/cybersecurity-and-governance/technology-policy-program/other-projects-
cybersecurity
8
is that cyberwar is not defined or has one meaning. The Secretary general of the UN uses the word
cybersecurity multiple times but then states that cybersecurity is more than just a cyber war. It is
important for the UN to determine the difference because the difference between a war and peace
is very important to understand for the UN to enforce this.29 War can be detrimental to the UN and
all involved and saying cyberwar needs to have a clear and concise definition with evidence of the
cyberwars. Another concerning aspect of the UN is that secretary-general states that it will be
difficult to speak of the topic and it cannot be discussed. It has been noted and heavily discussed
between many different countries and it is concerning for the UN to not actively acknowledge
problems that may be faced. The UN does have a charter that does prohibit use of force and does
apply to cyber. The UN group of governmental Experts has discussed what laws should apply but
again here too there is no set rules for cyberwarfare.30 This problem is one that the US will need
to pay attention to as this could have a direct impact on US cyber power. The US will need to push
for the UN to make a decisive definition of cyberwar as the more it is left alone, the more problems
The Plan that President Trump has presented sets a very promising starting point for the
government to begin ensuring safety in cyberspace. This plan alone will not be enough and will
need to be expanded upon. As seen each point speaks about pieces of cyberspace but that need to
be addressed but there will be a lot more that needs to be covered and the goal of the Trump
Administration should be to begin work on these topics as soon as possible. Early work will expose
more areas that need to be focused on and may not have been spoken of in the plan itself. Overall
29
The UN Secretary-General's Call for Regulating Cyberwar Raises More Questions Than Answers. (n.d.). Retrieved
March 26, 2019, from https://www.cfr.org/blog/un-secretary-generals-call-regulating-cyberwar-raises-more-
questions-answers
30
Ibid
31
Ibid
9
the plan can be effective and is a great step forward for the interests of the US. The plan will also
benefit allies of the US as it would involve collaborating with other allies to increase safety.
10
Works Cited
warfare.html
Fazzini, K. (2018, September 21). Trump's new strategy means the U.S. could get more aggressive
with Russia and China over hacking. Retrieved March 25, 2019, from
https://www.cnbc.com/2018/09/21/trump-cybersecurity-policy-offensive-hacking-nsa-russia-
china.html
Hawkins, D. (2018, September 21). The Cybersecurity 202: Trump administration seeks to project
tougher stance in cyberspace with new strategy. Retrieved March 24, 2019, from
https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-
202/2018/09/21/the-cybersecurity-202-trump-administration-seeks-to-project-tougher-stance-in-
cyberspace-with-new-
strategy/5ba3e85d1b326b7c8a8d158a/?noredirect=on&utm_term=.2cee08a89ef7
Kramer, F. D., & Wentz, L. K. (2008). Cyber influence and international security. Washington,
D.C.: Center for Technology and National Security Policy, National Defense University.
Luiijf, H. A., Besseling, K., Spoelstra, M., & Graaf, P. D. (2013). Ten National Cyber Security
Mattis, J., & D. (n.d.). Summary of the 2018 National Defense Strategy of the United States of
America.
11
Mayers, & Merton, A. (2018). A Study on How Cyber Economic Espionage Affects U.S. National
Security and Competitiveness. A Study on How Cyber Economic Espionage Affects U.S.
Narayanan, S. N., Ganesan, A., Joshi, K., Oates, T., Joshi, A., & Finin, T. (2018). Early Detection of
Cybersecurity Threats Using Collaborative Cognition. 2018 IEEE 4th International Conference
Paul, Christopher, & Waltzman. (2018, January 10). How the Pentagon Should Deter Cyber Attacks.
deter-cyber-attacks.html
President Trump Unveils America's First Cybersecurity Strategy in 15 Years. (2018, September 28).
americas-first-cybersecurity-strategy-15-years/
Rosenzweig, P., Bucci, S. P., PhD, & Inserra, D. (n.d.). Next Steps for U.S. Cybersecurity in the
https://www.csis.org/programs/cybersecurity-and-governance/technology-policy-program/other-
projects-cybersecurity
The UN Secretary-General's Call for Regulating Cyberwar Raises More Questions Than Answers.
regulating-cyberwar-raises-more-questions-answers
12
Wang, W., & Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer
Williams, P., & Woodward, A. (2015). Cybersecurity vulnerabilities in medical devices: A complex
doi:10.2147/mder.s50048
13