Workshop Report: The Transatlantic Dialogue on Military Cyber Operations-Amsterdam

In Aug. 2019, Bobby Chesney (from Strauss Center at the University of Texas at Austin) and Max Smeets (from ETH Zurich and also Stanford University’s Center for International Security and Cooperation (CISAC)) convened a workshop in Amsterdam focusing on military operations in the cyber domain, from a transatlantic perspective. The “Transatlantic Dialogue on Military Cyber Operations—Amsterdam” gathered experts from military, civilian, and academic institutions hailing from a range of countries, including the United States, United Kingdom, Germany, the Netherlands, Denmark, Estonia, and France. It was made possible by generous support from the Hewlett Foundation, for which we are most grateful.

Though the event was conducted subject to the Chatham House Rule, we did produce a workshop report capturing the substance of the dialogue. For this we are indebted to the workshop rapporteur, Monica Kaminska (Oxford).

The full report is posted here. It tracks the sequence of panels at the workshop, covering the following subjects:

  • The European Policy Landscape
  • Key U.S. Concepts: Persistent Engagement and Defending Forward
  • Assessing the Risks
  • Procedures and Implications of Out-of-Network Operations in Allied Networks
  • Avenues for Coordination and Cooperation amongst Allied Countries

This article was first published by Lawfare

NATO Engages Talk – overview of sources per topic

Yesterday, I spoke at NATO Engages about how NATO can innovate when it comes to preparing for cyber conflict. The video of the event can be found here

I tried to avoid spreading fake news. Below you can find an overview of sources per discussed topic:


·       Which NATO members have established a military cyber organization

·       Provision ‘sovereign cyber effects’ (CyberScoop)

·       Cyber Defense Pledge (NATO)

·       Intel vs cyber command

·       Recruiting Talent (Lospinso) – also see RAND report

·       Life-span uncertainty tools and exploits – also see Ablon

·       Unanswered strategic Qs (Schulze and Herpig)

·       Counterforce and countervalue 


·       ‘People, people, people’

·       Dangers of out of network ops for allies – also here

·       Sorin Ducaru’s statement

·       Unable to respond to Q from Sven Sakkov about responding to effects. But it’s not that simple  (Kreps and Schneider)

Photo credit to Sarah Hals, the Atlantic Council

NATO’s Cyber Policy 2002-2019: A very, very brief overview

Over the years, NATO members have presented and rolled out several plans for improving cyber-defense governance. Official commitments made at NATO summits on cyber security have become increasingly granular. One topic that government leaders have long avoided talking about, however, is their own willingness and capacity to conduct military cyber operations.

Times are changing. As one senior official put it at a military cyber conference: “Speaking at NATO about offensive cyber was blasphemy a few years ago. We have advanced”. Last year the Alliance reached a landmark that went largely unnoticed: there are now more member states which have publicly declared they are seeking to establish an offensive cyber capability than there are member states which have remained publicly silent on this issue.  In late 2018, it was also announced that at least five countries would contribute national cyber forces to NATO missions and operations.

The coming days senior leaders will meet in London for the NATO Summit. Whilst I do not expect cyber policy to be a leading topic on the agenda (after all, there are bigger issues to worry about and space is now recognized as the newest domain of warfare by NATO), its a good opportunity to take stock of NATO’s cyber efforts over the past two decades. 

Below I have provided an overview of evens between 2002-2019 & list of reading  which I found particularly useful and relevant, preparing for NATO cyber-related events and workshops. 

Period of early awareness 2002-2016

2002 Prague Summit: First time NATO recognize that the Alliance should “Strengthen our capabilities to defend against cyber attacks.

2008 Bucharest Summit: Adoption ‘Policy on Cyber Defense’ 

Aim is to “protect key information systems in accordance with their respective responsibilities; share best practices; and provide a capability to assist Allied nations, upon request, to counter a cyber attack. We look forward to continuing the development of NATO’s cyber defence capabilities and strengthening the linkages between NATO and national authorities.”

2014 Wales Summit: Discussion cyber in relation to Article 5

“Cyber attacks can reach a threshold that threatens national and Euro-Atlantic prosperity, security, and stability. Their impact could be as harmful to modern societies as a conventional attack. We affirm therefore that cyber defence is part of NATO’s core task of collective defence. A decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis.”

Operationalizing cyber as a domain 2016 – 

Warsaw Summit 2016 : cyberspace officially recognized as a domain of operations

Brussels Summit 2018: NATO reiterated its commitment to implement the cyber defense pledge & officially announced establishment Cyber Operations Center

Offering ‘Soveiregn Cyber Effects’

Latest news I found on this comes from Cyberscoop: “Nine NATO members have signed on to offer their capabilities: the U.S., the UK, The Netherlands, Estonia, Norway, Germany, France, Denmark, and Lithuania” 

Laura Brent from NATO has written on this as well (generally great overview)

For a US perspective see Trey Herr and Jackie Schneider CFR piece.

Cyber Defense Pledge

Each member country pledges, among other things, to “develop the fullest range of capabilities to defend [their] national infrastructures and networks,” and reaffirms the alliance’s commitment to international law in cyberspace.

My view on this Pledge is that it still leaves most strategic questions unanswered. Eg. As I asked in a piece with Alex Grisby; “are information operations part of the Cyber Defense Pledge or is it conveniently bracketed off as something different (possibly part of Finland’s Hybrid Warfare Center)?” 

Cyber Operations Center (CYOC)

There is a lot of hype about the CYOC. Retired U.S. Air Force Colonel Rizwan Ali, who helped to establish NATO’s cyber program, makes that case in a recent article in Foreign Policy that NATO has “embraced” a more “aggressive” stance with respect to “the use of cyber weaponry” when it recently established a Cyber Operations Center. Others argue that CYOC is a “big deal

Best description about the goal and workings of CYOC is by Don Lewis in War on the Rocks (also read his discussion on NATO’s ‘Roadmap to Implement Cyberspace as a Domain of Operations’):

“The Cyberspace Operations Centre can leverage the strategic staff capabilities of the existing headquarters without having to provide them for itself, which also serves to hasten its development. The center functions as the theater component for cyberspace, just as the geographic commands do for their respective operational domains. The deputy chief of staff for cyberspace is supreme allied commander Europe’s domain advisor for cyberspace. The director of the Cyberspace Operations Centre reports to deputy chief of staff for cyberspace.”

Together with Daniel Moore, I have been critical about CYOC’s “game changing” role. Discussion can be found here – we certainly don’t believe it makes NATO “more aggressive” – and that’s a good thing.

Other NATO programs/institutions:

  • The NATO School in Oberammergau, Germany
  • The NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia
  • The NATO Computer Incident Response Capability (NCIRC) based in SHAPE, Mons
  • The NATO Defence College in Rome, Italy
  • The Trust Fund on Cyber Defence for Ukraine

Useful source for overview can be found here

Also, if you have a bit more time, read the excellent RAND report on ‘Operationalizing Cyberspace as a Military Domain

*Introduction of this blog is based on my CyCon 2019 piece ‘NATO Members’ Organizational Path Towards Conducting Offensive Cyber Operations: A Framework for Analysis 

NATO Allies Need to Come to Terms With Offensive Cyber Operations

In May 2008, the U.S. Department of Defense and the German Ministry of Defence signed a memorandum of understanding concerning “Cooperation on Information Assurance and Computer Network Defense.” Computer network defense (CND) refers to actions taken on computer networks to monitor and protect those networks. It is not the only memorandum the U.S. Department of Defense has signed with allies on cyber defense.

In late 2016, U.S. Cyber Command operators wiped Islamic State propaganda material off a server located in Germany. The German government was notified in some fashionbut not asked for advance consent, causing much frustration. While U.S. Cyber Command’s reported action may have violated Germany’s sovereignty, it didn’t explicitly violate the memorandum. It wasn’t an act of CND; it was a computer network attack (CNA), seeking to disrupt, deny, degrade or destroy.

This reveals an uneasy situation within cyber cooperation: Allies do not agree on the appropriate procedures and boundaries for offensive cyber operations. More specifically, there is no agreement on when military cyber organizations can gain access to systems and networks in allied territory to disrupt adversarial activity. As I have argued previously, this issue may end up causing significant loss in allies’ trust and confidence. My proposed solution: NATO allies should establish memoranda of understanding on offensive cyber effects operations in systems or networks based in allied territory.

Objectives of Out-of-Network Operations in Allied Networks

Allied states may operate in each other’s systems or networks in at least three ways: as an observer, gathering intelligence on adversarial activity in others’ networks; as a passerby, transiting through allied systems and networks to access a certain adversarial target; or as a disrupter, seeking to cause friction for an adversary’s operation within an ally’s network or system. The German case discussed above is the only publicly known case of a state acting as a disrupter in an allied network. But we can expect that more of these cases will be publicly disclosed in the future.

It has now been widely discussed that the U.S. Cyber Command has undergone a significant shift in strategic thinking away from deterrence toward persistent engagement and defend forward. Following these recent changes in strategic thinking, U.S. Cyber Command seeks to cause friction “wherever the adversary maneuvers,” operating “globally, continuously and seamlessly.” In a similar vein, NSA director and Cyber Command head Gen. Paul Nakasone writes in an article for Joint Force Quarterly: “We must … maneuver seamlessly across the interconnected battlespace, globally, as close as possible to adversaries and their operations, and continuously shape the battlespace to create operational advantage for us while denying the same to our adversaries.”

While one may expect adversaries to maneuver in allied networks, the U.S. is currently the only NATO state that makes causing friction in allied networks a necessary and explicit component of its strategy. Other military cyber organizations could follow in the near future.

And we already see countries moving in this direction. On Aug. 1, the Communications Security Establishment Act (CSE) came into force in Canada. According to the Canadian government, “CSE could be authorized to proactively stop or impede foreign cyber threats before they damage Canadian systems or information holdings, and conduct online operations to advance national objectives.” The Canadian government does not explicitly talk in its latest strategy about the need to operate “globally, continuously and seamlessly” or to cause friction “wherever the adversary maneuvers.” In that regard, it needs to do more strategic thinkingas other countries do—on the exact role of cyber operations on allied networks in the military context.

But the proposed memorandum of understanding on cyber offense addresses exactly this possibility.

The Goal of the Memorandum of Understanding

The goal of the proposed memorandum is to reduce discord among the allies; enhance trust, transparency and confidence between allies; and improve the effectiveness of disrupting and deterring adversaries’ operations in cyberspace.

The scope of the memorandum should include (a) developing a common notification equity framework for out-of-network operations that seek to achieve cyber effects in allied systems or networks; (b) identifying procedures for communicating the consideration and conduct of offensive cyber effects operations between states against systems or networks in allied territory; and (c) identifying technical solutions and administrative documentation required for the continuous exchange of information on offensive cyber operations.

In writing the memorandum, states first and foremost should agree on the equities involved in permitting signatories to conduct cyber effect operations in each other’s networks—and the relative weight of those equities. Equities that should be considered include (a) the ability of an actor to take action to negate known threats on or to the other parties’ networks and systems; (b) the likelihood that an action will negate known threats; (c) the imminence and scale of the threat; (d) the risk of collateral damage; (e) whether the computer system or network is government owned or privately owned; and (f) the certainty that the system or network will be used to achieve strategic effects by the adversary.

There are three open questions about the memorandum of understanding.

I. Should the Proposed Memorandum Be NATO-Wide or Bilateral?

There are benefits of negotiating a NATO-wide agreement, including ensuring it contributes to the defense of all NATO members’ networks and enhances resilience across the alliance. It could also guard against the potential that persistent engagement and defense forward might be exploited by adversaries, as I argued previously:

Adversaries don’t randomly choose which intermediate nodes to direct their operations through. If Russia has the choice to go through a network that would raise some serious diplomatic friction between the U.S. and a U.S. ally, or operate through a network that would cause no diplomatic friction for the U.S., what would it prefer? It would make sense for adversaries to operate through the networks of exactly those countries with which the U.S. has a strong relationship but that do not want the U.S. to operate within their networks causing any effects.

But there are constraints on a NATO wide-memorandum, too. To start, not all states are equally willing to share intelligence information. A bilateral agreement would make it easier to tailor the notification equity framework to the specific preferences and capabilities of both governments.

II. Can It Be Used as a Public Signaling Device?

The notification equity framework part of the memorandum of understanding can remain classified. Governments might not get it right the first time. As the framework might need tweaking, immediate public disclosure is risky. But a public version, if crafted carefully, can also help to set the parameters of what Michael Fischerkeller and Richard Harknett call “agreed competition.” That is, it can help clarify where adversaries are allowed and not allowed to go within each other’s networks. If we want stability in cyberspace, this is a mechanism by which to achieve it.

III. Should the Memorandum Also Address Cyber Operations Beyond Allied Networks?

A memorandum of understanding narrow in scope—that is, addressing the allies’ conduct of cyber effect operations taking place only in systems or networks in allied territory—would ignore the negative impact on allied intelligence operations and capabilities beyond these systems and networks.

Military cyber organizations are operating in a global environment historically dominated by intelligence agencies, and the Five Eyes has always been the most dominant actor in cyberspace. But the anglophone intelligence alliance is not the only intelligence actor operating across the world. Recent cases—such as the Dutch ’s General Intelligence and Security Service infiltration into the Russia-based network of the infamous hacking group Cozy Bear—have illustrated the continued global prevalence and value of allies’ intelligence operations beyond the Five Eyes alliance.

If military cyber organizations increasingly take up the role of “disrupter,” it may negatively impact global intelligence collection of allies—particularly those countries that favor long-term access over immediate effect. It will also more likely uncover and burn allied capabilities.

The risks of occurring are higher than one may think as intelligence agencies have a tendency and incentive to target and track the same entities. For example, in late 2014, cybersecurity company Kaspersky Lab reported on the Magnet of Threats. The cybersecurity company discovered a server belonging to a research organization in the Middle East that simultaneously hosted implants for at least five Advanced Persistent Threat (APT) actors: Regin and the Equation Group (English language), Turla and ItaDuke (Russian language), Animal Farm (French language) and Careto (Spanish language). Consider what would have happened if one of those five APT groups had sought to cause a disruptive effect—rather than collect intelligence—against the target in the Middle East. It likely would have resulted in much earlier discovery and analysis by threat intelligence companies (or other actors) exposing the tactics, techniques and procedures (TTPs) of each actor group.

Also, even the anticipation of more cyber effect operations in nonallied networks from one allied state could lead to a change in operations by another state. Indeed, states have shown in the past that the anticipation of early discovery of an operation has led to a change in their TTPs. For example, the National Security Agency (NSA) created an“exploit orchestrator” called FoxAcid, an Internet-enabled system capable of attacking target computers in a variety of different ways, depending on whether it is discovered—or likely to be discovered—in a given network. FoxAcid has a modular design, with flexibility allowing the NSA to swap and replace exploits and run different exploits based on various considerations. Against technically sophisticated targets where the chance of detection is high, FoxAcid would normally choose to run low-value exploits.

Not a Silver Bullet

While I argue that the NATO memorandum of understanding on offensive cyber operations in systems or networks based in allied territory can greatly help in promoting stability and enhancing confidence among allies, it is not a silver bullet. It can only reduce allied concerns rather than mitigate them. Military cyber organizations may still conduct effect-based operations in allied territory without consent, leading allies to assert that their sovereignty has been violated. And there’s another crucial player involved. As Gen. Nakasone noted in the Joint Force Quarterly article, cyberspace is owned largely by the private sector. They deserve a seat at the table as well.

This article was first published by Lawfare

Cyber Conflict and International Relations: Where to get started

Cyber conflict seems to have become necessary and normal. Nearly every day cyber attacks occupy the headlines of mainstream media. A diverse group of governments across the world state that they are exploring options to (further) develop a capacity to conduct offensive cyber operations. Non-state actors also continue to rely on cyber means whilst pursuing a diverse set of motives.  

Yet, the dynamics of cyber conflict are complex, understudied, and constantly changing.  In 2012, when Gen. Keith Alexander was still heading the NSA and US Cyber Command, he stated that there is “much uncharted territory in the world of cyber-policy, law and doctrine”. Gen. Alexander’s statement still holds today. There is still much uncertainty about a broad set of related issues, such as the potential normative restraints on cyber conflict, fourth party intelligence collection, the strategic value of offensive cyber operations, and how state and non-state actors (can) work together in cyberspace – both from offensive and defensive perspective. Researchers have tried to answer these questions whilst the conceptual and empirical underpinnings of the field are fluid. New ‘data points’, like the cyber-enabled information operations during the US Presidential Elections, have (re)shifted the focus of the field and changed our understanding of what cyber conflict entails. New interpretations of old ‘data points’, like the re-study on the 1990s Moonlight Maze campaign, have equally altered our understanding of the field.

So where to get started if you’re a political science student (or diplomat, congressional staffer, etc.) new to the field of cyber conflict? Below you can find a very, very short reading list. It’s based on my teaching at Stanford University for the Master in International Policy (MIP), analysis of 25+ cyber conflict syllabi, and review of cyber conflict articles in top 50 Poli Sci journals. 

  1. Conceptualizing Cyberspace and Cyber Conflict

2. Types of Threat Actors and forms of Activity

3. Policy Dilemmas

(Public) Attribution

  • Rid, Thomas & Ben Buchanan, ‘Attributing Cyber Attacks’, Journal of Strategic Studies, 38:1-2 2015,
  • Florian Egloff, “Public Attribution of Cyber Incidents,” (2019, May),  CSS Analyses in Security Policy,

VEP / Capability Build up

Organizational Integration

  • Michael Hayden, Playing the Edge: American Intelligence in the Age of Terror 
  • Michael Sulmeyer, “Much Ado About Nothing? Cyber Command and the NSA,” WarontheRocks, (2017, July 19) 
  • Smeets, Max, “Organisational Integration of Offensive Cyber Capabilities: A Primer on the Benefits and Risks,” NATO CCD COE Publications, 2017,

Cybersecurity Dilemma

  • Buchanan, Ben, Cybersecurity Dilemma, 2017, Oxford University Press

Collateral Damage

4th Party Collection

  • Juan Andres Guerrero-Saade & Costing Raiu, “Waling in our enemy’s shadow: When Fourth-Party Collection Becomes Attribution Hell”, Virus Bulletin Conference, (2017, October):
  • GReAT, Animals in the APT Farm, Kaspersky Lab (2015, March 6):

Dealing and Responding to Proxy Activity

  • Healey, Jason. “The Spectrum of National Responsibility for Cyberattacks.” Brown Journal of World Affairs 18.1 (2011): 57–69.
  • Maurer, Tim “‘Proxies’ and Cyberspace,” Journal of Conflict and Security Law, (December 17, 2016)
  • Bejtlich, R. ‘What Does “Responsibility” Mean for Attribution?’ (TaoSecurity, 22 December 2014) 2014/12/what-does-responsibility-mean-for.html4

4. History US Cyber Conflict

  • Warner, Michael (2012) Cybersecurity: A Pre-history’, Intelligence and National Security, 27:5, 781-799
  • Healey, Jason, and Karl Grindal. 2013. A Fierce Domain: Conflict in Cyberspace, 1986 to 2012. Cyber Conflict Studies Association.
  • Sanger, David E., 2012. Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power (NY: Crown), pp. 188-209

5. US(CYBERCOM) Cyber Strategy

  • Lynn, William J. III, “Defending a New Domain,” Foreign Affairs 89.5 (2010), 97-108.
  • United States Cyber Command, “Achieve and Maintain Cyberspace Superiority”, (March 23, 2018), retrieved from:
  • Smeets, Max and Herbert S.  Lin, Chapter 4: A Strategic Assessment of the U.S Cyber Command Vision, 2018, Bytes, Bombs & Spies, Brookings Institution Press:

6. The Strategic Value of Cyber – Deterrence, Compellence, Persistence and more

  • Gartzke, Erik. “The Myth of Cyberwar: Bringing War in Cyberspace Back Down to Earth.” International Security 38, no. 2 (October 2013): 41–73. doi:10.1162/ISEC_a_00136.
  • Harknett, Richard J. and Michael P. Fischerkeller, “Deterrence is Not a Credible Strategy for Cyberspace,” (2017), Orbis Summer 2017, Vol. 61, No. 3
  • Gartzke, Erik and Jon R. Lindsay. “Weaving Tangled Webs: Offense, Defense, and Deception in Cyberspace.” Security Studies 24, no. 2 (April 3, 2015): 316–48. doi:10.1080/09636412.2015.1038188.
  • Aaron F. Brantly, Cyber Actions by State Actors: Motivation and Utility, International Journal of Intelligence and CounterIntelligence, 27:3 (2014)465-484

7. Cyber Norms

  • Finnemore, Martha “Cultivating International Cyber Norms.” America’s Cyber Future: Security and Prosperity in the Information Age 2 (2011).
  • Farrell, Henry and Charles L. Glaser, The role of effects, saliencies and norms in US Cyberwar doctrine, Journal of Cybersecurity, 3, 1, 1 March 2017, 7–17,
  • Finnemore, Martha and Duncan B. Hollis, “Constructing Norms for Global Cybersecurity,”  110 American Journal of International Law, Temple University Legal Studies Research Paper No. 2016-52

8. International Law

  • Koh, Harold Hongju. “International Law in Cyberspace.” Harvard International Law Journal Online 54 (2012): 1–12.
  • Schmitt, Michael N. “International Law in Cyberspace: The Koh Speech and the Tallinn Manual Juxtaposed,” Harvard International Law Journal, 54 (2012)
  • Waxman, Matthew C., “Cyber-Attacks and the Use of Force: Back to the Future of Article 2(4),” Yale Journal of International Law, vol. 36, no. 421 (2011): pp. 421-459.


Cyber Command’s Strategy Risks Friction With Allies

Much has been written about the fundamental changes in U.S. cyber strategy. U.S. Cyber Command’s vision of “persistent engagement” and the Department of Defense’s new strategy of “defend forward” have, in particular, led to numerous critical remarks about the risks of escalationbetween the U.S. and its main adversaries in cyberspace.

These debates are worth continuing, including about what the change in strategy means for establishing norms in cyberspace. But commentators have so far ignored a key dimension: The strategy’s main implications may not reside in how it changes the dynamics between the U.S. and its adversaries but, instead, in how it affects broader alliance relationships, especially beyond the Five Eyes (Australia, Canada, the U.K., the U.S. and New Zealand). U.S. Cyber Command’s mission to cause friction in adversaries’ freedom of maneuver in cyberspace may end up causing significant friction in allies’ trust and confidence—and adversaries may be able to exploit that.

Operating “Seamlessly, Globally, and Continuously”

Cyber Command’s new strategy seeks to operate “seamlessly, globally, and continuously.” It states that “[s]uperiority through persistence seizes and maintains the initiative in cyberspace by continuously engaging and contesting adversaries and causing them uncertainty wherever they maneuver.” According to the strategy document, Cyber Command intends to do this “as close as possible to adversaries and their operations,” connecting persistent engagement to the Pentagon’s principle of “defending forward.”

In an article for Joint Force Quarterly (JFQ), NSA Director and Cyber Command head Gen. Paul Nakasone writes: “We must instead maneuver seamlessly across the interconnected battlespace, globally, as close as possible to adversaries and their operations, and continuously shape the battlespace to create operational advantage for us while denying the same to our adversaries.”

When Nakasone says the U.S. must get “as close as possible to adversaries and their operations,” he implies that the U.S. seeks to achieve effects that are outside of its own networks and beyond the networks of its adversaries. This vast area is not ungoverned space. It includes, for example, routers in Nairobi, servers in Denmark or operating infrastructure in any other country around the world.

Blue Space, Gray Space and Red Space

In the JFQ article, Nakasone also states that “if we are only defending in ‘blue space’ we have failed.” This use of terminology as well as talk about “operating close to the adversary” evades one issue: It is unclear whether Cyber Command only seeks to cause friction in “red space” or if it seeks to compete in “gray space” as well. These terms are often confused and not well-understood. (The terms “gray zone”—areas where it’s unclear whether the government has legal authority to act—and “gray space” are also frequently confused.) In fact, the issue was raised for “further exploration” at Cyber Command’s 2018 symposium, specificallyunderstanding the “relevance of concepts like area of responsibility and red-blue-gray space to the cyberspace domain.”

Joint Publication 3-12 (JP 3-12) on cyberspace operations, prepared under the direction of the chairman of the Joint Chiefs of Staff, explains the terminology:

The term “blue cyberspace” denotes areas in cyberspace protected by the US, its mission partners, and other areas DOD may be ordered to protect. Although DOD has standing orders to protect only the Department of Defense information network (DODIN), cyberspace forces prepare on order, and when requested by other authorities, to defend or secure other United States Government (USG) or other cyberspace, as well as cyberspace related to critical infrastructure and key resources (CI/KR) of the US and PNs [partner nations]. The term “red cyberspace” refers to those portions of cyberspace owned or controlled by an adversary or enemy. In this case, “controlled” means more than simply “having a presence on,” since threats may have clandestine access to elements of global cyberspace where their presence is undetected and without apparent impact to the operation of the system. Here, controlled means the ability to direct the operations of a link or node of cyberspace, to the exclusion of others. All cyberspace that does not meet the description of either “blue” or “red” is referred to as “gray” cyberspace.

Gray space is defined based on the nodes adversaries control. This means the vast area between U.S. government-owned networks and adversaries is not considered to be gray space. Instead, if for instance the GRU (Russia’s military intelligence agency) controls a node in the Netherlands, it is considered to be red space based on JP 3-12. And it’s worth mentioning that the notion of control is open to interpretation by states.

This means that if Cyber Command seeks to operate only in “red space,” its activities will still have global reach (globally). It also suggests that red space grows as adversaries expand their operational activity. Most importantly, this implies that if Cyber Command seeks to achieve “effects” in gray space, this will involve operating infrastructure that adversaries do not control—which is to say those systems or networks on which adversaries merely have a presence or are not active at all.

What’s New Under the Sun?

What’s really new here? The United States has long operated in networks “close to the adversary.” As Ben Buchanan’s book, “The Cybersecurity Dilemma,” demonstrates, the U.S. has long acted as an “observer” in gray space, gathering intelligence of adversarial activity in those others’ networks. In fact, information has become public concerning a case in which the Five Eyes collected intelligence about an espionage platform (dubbed “Snowglobe” by the Canadian Intelligence Agency CSEC and “Animal Farm” by Kaspersky Lab) of an allied country, France, likely operating in adversarial networks in the Middle East. In other words, the practice of fourth-party collection is nothing new. And the U.S. has also long acted in foreign nonadversarial networks as a “passerby,” transiting through gray space networks to access an adversarial network.

But the new Cyber Command and Defense Department strategy changes the nature of the U.S. military’s behavior within those systems and networks. Under the new strategy, Cyber Command wants to be an active disrupter on those networks. It wants to achieve effects.

The only known precedent is Cyber Command operators wiping Islamic State propaganda material off a server located in Germany. The German government was notified in some fashion but not asked for advance consent, causing much frustration.

This will likely lead to a systematic scaling up: Cyber Command now also seeks to be an active disrupter on those networks “globally, continuously and seamlessly”—not regionally and sporadically.

The Danger of Operating Seamlessly in Allied Networks

Operating instantly makes sense considering the potential operational tempo of adversaries: You can’t have protracted diplomatic discussions for two months with an ally about whether or not to take down some command and control infrastructure of an adversary hosted in the allied country. You don’t have days, let alone months. As a participant mentioned at the recent Chatham House Rule 2019 Cyber Command Symposium on strategy: “Opportunities within this domain are fleeting.”

Operating seamlessly could also make sense if an ally does not mind the U.S. coming into its networks to address the malicious activity. In this vein, the U.S. can continue to build partnerships with countries that do not have the capacity to defend against cyber attacks on their own.

But, what if an allied country is not keen on having the U.S. military in its networks, actively, seamlessly, and continuously disrupting an adversary’s cyber operations? As the German case shows, this scenario will likely come up a lot more in the near future.

In other words, in seeking to successfully create friction in cyberspace for adversaries, Cyber Command may also seek to act within allied networks, even if the ally does not approve. It might even be successful in its mission, causing friction in adversaries’ operations before they cause serious harm to the U.S. But this strategy runs a real risk of undermining allies’ trust and confidence in ways that are subtle and not easily observable. This ought not to be overlooked, especially since this element may itself be exploited by adversaries.

Adversaries don’t randomly choose which intermediate nodes to direct their operations through. If Russia has the choice to go through a network that would raise some serious diplomatic friction between the U.S. and a U.S. ally, or operate through a network that would cause no diplomatic friction for the U.S., what would it prefer?It would make sense for adversaries to operate through the networks of exactly those countries with which the U.S. has a strong relationship but that do not want the U.S. to operate within their networks causing any effects.

Russia is already good at exploiting divisions between the U.S. and its allies. Cyber Command’s new strategy might give it another avenue to do so.

A Final Word

Bobby Chesney recently offered a brief overview of what is known about the out-of-network operations Cyber Command has conducted, based on reporting from Mark Pomerleau at Fifth Domain. Chesney notes that there is still a lot of uncertainty about what did and did not change in terms of the interagency process and how often Cyber Command seeks to operate outside the Department of Defense Information Network.

I would add that there is also much uncertainty about where Cyber Command currently operates. This dimension, however, is crucially important for understanding the true implications of the United States’s change in cyber strategy. By operating in allied networks, Cyber Command is running the risk of causing the wrong type of friction.

This article was first published by Lawfare

There Are Too Many Red Lines in Cyberspace

U.S. officials increasingly express old frustrations about the lack of standards for appropriate state behavior in cyberspace. As U.S.-China trade tensions soar, cybersecurity firms have reported that China is renewing its cyber-enabled economic espionage efforts against U.S. companies—if they ever ceased. Russia does not seem to be scaling down its cyber-enabled disinformation operations, threatening democracies worldwide. The Trump administration’s withdrawal from the Iran nuclear deal is also reported to have inspired Iranian actors to conduct a new wave of disruptive attacks. Concerns over North Korean hostile cyber activity have not gone away either.

Commentators and lawmakers have described the problem as twofold. First, U.S. government officials fail to set red lines, fearing that doing so would cede freedom to maneuver when responding to cyber operations. But second, whenever red lines are established, the U.S. fails to enforce them.

I believe these are problems of the past. Following the shift in strategic thinkingdocumented in the 2018 Department of Defense Cyber Strategy, the U.S. now increasingly faces a new challenge: There are too many red lines. If there is anywhere in cyberspace that state-actors are allowed to compete, it is a very, very small subset of competitive environments. The new challenge is to figure out what adversaries are allowed to do in cyberspace, not what they’re not allowed to do.

The Old View

U.S. government officials have repeatedly warned that a “cyber Pearl Harbor”—an incident that would rise to the level of an armed attack under international law—would not be tolerated. The U.S. also has repeatedly reiterated to the Chinese government that the U.S. views cyber operations to benefit commercial entities as a violation of international norms—resulting in the Obama-Xi cyber agreement in 2015. The Obama administration also marked tampering with polling or registration systems during U.S. elections as a red line, communicated to Russia in the lead-up to the 2016 presidential elections through the hotline connecting the Nuclear Risk Reduction Centers of both countries.

Over the years, U.S. policymakers have been less vocal in condemning other cyber activity, such as probing critical infrastructure. And in some cases they even paid tribute to adversarial cyber activity.

Following the disclosure of the Office of Personnel Management (OPM) breach, which involved the theft of almost 22 million records of government employees, former CIA and NSA Director Michael Hayden said that, even though “this is a tremendously big deal … don’t blame the Chinese for the OPM hack.” Hayden “would not have thought twice” about seizing similar information from the Chinese government if he had the opportunity. In a similar vein, James Clapper, then the director of national intelligence, told a group in Washington after the disclosure, “[Y]ou have to salute the Chinese for what they did. If we had the the opportunity to do that, I don’t think we would hesitate for a minute.” No retaliation followed the attack.

The New Approach

When then-Lt. Gen. Paul Nakasone appeared before the Senate Committee on Armed Services to review his nomination to become the director of the NSA and the third commander of U.S. Cyber Command, he spoke out against previous U.S. lack of response against cyberattacks, noting that “the longer that we have inactivity, the longer our adversaries are able to establish their own norms.”

In an article published in Joint Force Quarterly, Nakasone writes about how Cyber Command needs to become what he calls a “persistence force” that “will contest our adversaries’ efforts in cyberspace to harm Americans and American interests. … Over time, a persistence force, operating at scale with U.S. and foreign partners, should raise the costs that our adversaries incur from hacking the United States.”

His article closely follows-on from discussion found in the summary of the 2018 Department of Defense Cyber Strategy and the 2018 Command Vision for U.S. Cyber Command. These documents, as I have previously noted with Herb Lin, embody a fundamental reorientation in strategic thinking.

Cyber Command’s shift toward persistent engagement is based on a different understanding of the threat landscape. The U.S. no longer views many of the cyber operations below the threshold of armed attack as just tactical forms of espionage or subversion or as episodic forms of theft or crime. Instead, these operations are seen as important levers in a new domain of great power competition. Campaigns comprised of linked cyber operations below the threshold of armed attack are still able to achieve strategic outcomes.

Cyber Command seeks to achieve two goals through persistent engagement: 1) achieving “superiority” and improving the balance of power in their favor, and 2) creating a more stable and secure cyberspace. I previously noted with Herb Lin that “a United States that is powerful in cyberspace does not necessarily mean one that is more stable or secure.”

Tacit Agreed Competition 

But according to Michael Fischerkeller and Richard Harknett, one way the U.S. can achieve both objectives is through “tacit bargaining” leading to “agreed competition,” as spelled out in two recently published Lawfare articles. They write:

In efforts to arrive at tacit understandings of acceptable and unacceptable behavior in the cyber strategic competitive space, the tasks states face will be a function of the alignment of their national interests with mutual or common interests as manifested in cyberspace. Where those interests converge, we should anticipate states will engage in cyber operations around focal points that communicate shared interests and a willingness to collaborate on ranges of acceptable/unacceptable behavior about those interests. But where those interests are in conflict, states will communicate as much through cyber behaviors seeking to outmaneuver each other to achieve an advantage or at least avoid a disadvantage.

Persistent engagement should ultimately lead to “agreed competition” in cyberspace, they argue. It is a form of norms setting through practice (that is, showing what is appropriate behavior through constant action). The idea is that it leads to “a comprehensive strategic great power competitive space with its own distinct structural features.”

An attack like the one on the OPM would be at the top of the list of operations that Cyber Command deems unacceptable and would not tolerate as a part of this competitive space. It is a prime example of an operation that takes place below the threshold of armed attack but has great strategic impact—especially if it is linked to other operations.

The data stolen by Chinese hackers during the OPM hack included names, dates, places of birth, security background checks, data on intelligence and military personnel, and the fingerprint data of 5.6 million employees. Hackers even accessed the SF-86 security clearance application form, which includes information such as records of drug use, alcohol addiction and financial problems. While the OPM itself contains a great deal of data “perfect for blackmail,” if it is linked with data from other breaches, such as those of Anthem, American Airlines and Marriott, it has even more impact. Together, data from these breaches offer the Chinese government the opportunity to create a comprehensive database of current and former U.S. (intelligence) officials, who they meet, what they earn, where they go and so on.

The Problem

This shift in strategic thinking leads to new challenges for cyber norm setting.

On one hand, the strategy’s central point is that adversaries should not conduct offensive cyber operations against the U.S. that (independently or cumulatively) weaken the United States’s position in the international system. On the other hand, if we assume these adversaries are rational, they seek to conduct only those operations that are strategically advantageous to them (and not merely to cause a nuisance or for fun), including by weakening the United States.
Therefore, the space for agreed competition is very small: Only those operations against the U.S. that do not weaken the United States’s position in the international system but are strategically meaningful to the adversary form part of what Fischerkeller and Harknett call the “competitive space.” In fact, those operations that are potentially strategically consequential—operations for which the current strategic purpose is uncertain but that could be linked to other operations in the future to achieve meaningful effects—are also problematic but are excluded from the space.

The only case that comes to my mind that would meet both criteria is the Chinese government’s attack on GitHub in March 2018. The attack against GitHub was the biggest distributed denial-of-service attack recorded to date. (Hence, some might say it should not be allowed.) But it didn’t have any negative strategic consequences (not in the short nor long term) for the U.S., and it did strategically benefit China’s regime. The hackers attacked a web hosting service based in the United States, but the motivation of this attack was domestic censorship in China. The attack specifically targeted pages for two GitHub users that circumvent China’s firewall: and the Chinese mirror site of the New York Times.

In my view, GitHub is the exception that proves the rule. But beyond that case, following the shift in U.S. strategic thinking, it is hard to see what exactly would be deemed as acceptable behavior.

This article was first published by Lawfare

An Outcome-Based Analysis of U.S. Cyber Strategy of Persistence & Defend Forward

By Max Smeets and Herb Lin

The new U.S. Cyber Command (USCYBERCOM) vision and the Department of Defense Cyber Strategy embody a fundamental reorientation in strategic thinking.

With the publication of these documents, as well as 2017 National Security Strategy and the 2018 National Defense Strategy, there is a general conception among expertsthat the U.S. has, for the first time, articulated a strategy that truly appreciates the unique “symptoms” of cyberspace. The documents recognize that there is a new structural set of dynamics associated with the new domain of cyberspace that has incentivized a new approach to power competition—in particular, that hostile or adversarial behavior below the threshold of armed attack could nevertheless be strategically meaningful (that is, change the balance of power).

Yet most cyber experts have also argued that the ‘medicine’ prescribed by the Defense Department  and USCYBERCOM should be further scrutinized. Indeed, the side effects of the strategy of “persistent engagement” and “defense forward” are still ill-understood. As we have argued elsewhere, a United States that is more powerful in cyberspace does not necessarily mean one that is more stable or secure. More research is required to better understand adversarial adaptive capacity and escalation dynamics.

We should note that the Department of Defense lexicon has not yet provided a formal definition of “defending forward.” We suspect the formal definition that is ultimately adopted will be similar to the earlier concept of “counter cyber,” though with an emphasis on adversarial cyber campaigns (instead of ‘activities’): “A mission that integrates offensive and defensive operations to attain and maintain a desired degree of cyberspace superiority. Counter-cyber missions are designed to disrupt, negate, and/or destroy adversarial cyberspace activities and capabilities, both before and after their employment.”

Scholarship to date has mainly pointed out that this new U.S. strategic thinking could be escalatory, but it has not sought to spell out the specific causal mechanisms and scenarios as to how the consequences of the strategic shift may unfold.

In a forthcoming article, part of an edited volume on offensive cyber operations published by the Brookings Institution (entitled “Bytes, Bombs, and Spies: Strategic Dimensions of Offensive Cyber Operations”), we systematically address some of these conflict outcomes. Specifically, we consider the four general outcomes possible over time with two outcome variables: a more (or less) powerful U.S. and a more (or less) stable cyberspace.

 U.S. power relative to adversaries





More powerful & More stability

Less Powerful & More stability


More powerful & less stability

Less powerful & less stability


The Optimal Outcome

From the U.S. standpoint, the optimal outcome is a United States that is more powerful in cyberspace along with a more stable cyberspace. Indeed, from the U.S. standpoint, the former will lead to the latter. A more stable cyberspace will involve norms of acceptable behavior, less conflict and so on.

One path towards this rosy outcome is that the strategy does what it is said to do: Creates significant friction and makes it hard for adversaries to operate effectively. Adversaries realize that the U.S. strategy of persistent engagement makes it more difficult to conduct various offensive cyber operations, and they have no strong incentives to escalate as it may trigger a U.S. response in the conventional domain. USCYBERCOM has the advantage from the beginning.

Some argued at the first USCYBERCOM symposium that persistent engagement may first lead to a worsening situation before it gets better. This outcome is possible under one of two conditions. First, USCYBERCOM could initially be unable to seize the initiative from a capacity perspective, but become increasingly better at it in the future. This may well be true: USCYBERCOM is still continuing to develop its cyber capacity. Even though the Cyber Mission Force (CMF) has achieved full operational capability, it will take time for the new workforce to operate capably and ensure the effective coordination of all units.

The second condition is that other actors could increase their hostile cyber activity in the short term, but become less hostile in the long run. This condition is much less likely to be true: Other actors are likely to adapt to U.S. activities over time rather than to reduce their own activities, and the expected number of actors with hostile intent in this space is likely to increase over time.  For example, FireEye recently reported on the “rise of the rest,” arguing that the world has seen a growing number of advanced persistent threat (APT) groups attributed to countries other than Russia or China.

Another more powerful and more stable situation analyzed in the paper could—perhaps paradoxically—be described as “deterrence through a strategy of persistence.”  In this particular outcome, the main threat actors are initially cautious to act, following the release of U.S. new strategy. However,  this is unlikely: Other actors will probably not exhibit caution to see which way the wind blows before acting. An excerpt from Lt. Gen. Nakasone’s nomination hearing to serve as director of the NSA is telling:

            Sen. Sullivan: They [our adversaries] don’t fear us.

Gen.Nakasone: They don’t fear us.

Sen. Sullivan: So, is that good?

Gen. Nakasone: It is not good, Senator.

As a follow-up to Sen. Dan Sullivan’s question, Sen. Ben Sasse asked: “Is there any response from the United States Government that’s sufficient to change the Chinese behavior?… Do you think there’s any reason the Chinese should be worried about U.S. response at the present?” Lt. Gen. Nakasone responded: “Again, I think that our adversaries have not seen our response in sufficient detail to change their behavior.” In line with this notion, it is unlikely that the publication of the strategies alone will be sufficiently threatening to lead to this optimal outcome.

Less Optimal Outcomes

One path towards escalation involves adversaries becoming more aggressive and conducting attacks that are highly disruptive to society—in other words, adversary activity leads to a less stable cyberspace. This could be the result of either an adversary’s increased willingness to conduct attacks using existing capacities or increased capacities of the adversary. Indeed, with respect to the latter, the U.S. vision—and associated changed course of action—may encourage other actors to grow their budgets to conduct offensive cyber operations. The proliferation literature on weapons of mass destruction has extensively covered the role of special interests in stimulating demand for weapon development. This makes it a strong possibility that the new U.S. vision can be used by those groups within a given country favoring a growing cyber command to justify and lobby for increased military spending.

A second possibility is that increased U.S. offensive cyber activity that operates below the threshold of armed attack activity reduces the value of cyber norms of behavior that support a more stable cyberspace.  Even today, some observers believe that the high level of offensive activity in cyberspace today demonstrates quite forcefully that nations find value in conducting such activity, and that such activity points to the difficulty of establishing a more peaceful cyber norms regime. These observers argue that there is no reason to expect that increasing the U.S. contribution to such activity worldwide will make it easier to establish such a regime. Finally, a third possibility is that increased U.S. offensive cyber activity will complicate diplomatic relations with allies and other nations whose cyber infrastructures are used in support of such activity.

Increased aggressiveness by adversaries could also result from growing incentives to conduct offensive cyber operations of a highly disruptive nature. In this case, heightened aggressiveness might be a symptom of the U.S. strategy actually being effective in making the U.S. more powerful. Consider, for example, the current war against the  Islamic State: losing territory and grip in the Middle East, the terrorist organization is said to be keen to recruit followers in Europe and other places in the world to conduct attacks outside of Iraq and Syria. These attempted mass killings are a way  to show that the group still needs to be feared and potentially to help recruiting—but they do not change the balance of power in the region. Actors in cyberspace might become more noisy and aggressive purely to increase friction, gain attention and so on —and perhaps also to influence international public opinion in ways that drive the United States toward changing its strategy.

Finally, worst-case outcomes—that is, a United States that is less powerful in cyberspace along with a less stable cyberspace—could stem from a multitude of sources. One possibility is that the United States could overplay its hand in terms of cyber capabilities. The USCYBERCOM is operating in a space in which it has to seize the initiative against a large and ever-growing number of actors. The dangers of fighting on multiple fronts—even for the most capable actors—are well known from conventional warfare. As the number of potential cyber “fronts” is much higher compared to conventional warfare, the risks of overextension have become much higher as well. The Defense Department vision’s explicit focus on Russia and China, following the USCYBERCOM vision’s silence on the issue of priorities, makes us less concerned about this scenario —though it is still a possibility.

Final Word

After initial, prompt analysis from the scholarly community of the strategies, the country now needs systematic research on how persistent engagement and defense forward may play out. We believe that outcome-based analysis is one desired form of research which could be expanded. (One important limitation of our analysis is that we do not pay sufficient detail to risks of the U.S. not changing its course of action.)

Other research in this field is would be helpful as well—consider case study analyses. Russia conducts very different cyber campaigns to affect U.S. sources of power than does China, and defense forward will thus look very different in both cases. But how the U.S. should defend forward  for each specific case, in order to optimize power gains and reduce escalation, has not yet been addressed. This work is needed.

Also, the question is not just how adversaries will respond to the change in U.S. strategy. It is equally important to analyze the behavior of allies. With the implementation of this strategy, will allies follow? Or will they stick to the general deterrence-type strategies?

The bottom line?  More research is needed—let’s get to it.

This article was first published by Lawfare

  • Corrected Defense forward –> Defend forward

Offensive Cyber Capabilities: To What Ends?

Here’s the abstract of the paper I wrote with Herb Lin for Cycon X:

There is a growing interest in the use of offensive cyber capabilities (OCC) among states. Despite the growing interest in these capabilities, little is still known about the nature of OCC as a tool of the state. This research therefore aims to understand if (and how) offensive cyber capabilities have the potential to change the role of military power. Drawing on a wide range of cases, we argue that these capabilities can alter the manner in which states use their military power strategically in at least four ways. OCC are not particularly effective in deterring adversary military action, except when threatened to be used by states with a credible reputation. However, they do have value in compellence. Unlike conventional capabilities, the effects of offensive cyber operations do not necessarily have to be exposed publicly, which means the compelled party can back down post-action without losing face thus deescalating conflict. The potential to control the reversibility of effect of an OCC by the attacker may also encourage compliance. OCC also contribute to the use of force for defensivepurposes, as it could provide both a preemptive as well as preventive strike option. Finally, its symbolic value as a ‘prestige weapon’ to enhance ‘swaggering’ remains unclear, due to its largely non-material ontology and transitory nature.

Read the full paper here: