• Home
  • About RSIS
    • Introduction
    • Building the Foundations
    • Welcome Message
    • Board of Governors
    • Staff Profiles
      • Executive Deputy Chairman’s Office
      • Dean’s Office
      • Management
      • Distinguished Fellows
      • Faculty and Research
      • Associate Research Fellows, Senior Analysts and Research Analysts
      • Visiting Fellows
      • Adjunct Fellows
      • Administrative Staff
    • Honours and Awards for RSIS Staff and Students
    • RSIS Endowment Fund
    • Endowed Professorships
    • Career Opportunities
    • Getting to RSIS
  • Research
    • Research Centres
      • Centre for Multilateralism Studies (CMS)
      • Centre for Non-Traditional Security Studies (NTS Centre)
      • Centre of Excellence for National Security (CENS)
      • Institute of Defence and Strategic Studies (IDSS)
      • International Centre for Political Violence and Terrorism Research (ICPVTR)
    • Research Programmes
      • National Security Studies Programme (NSSP)
      • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
    • Future Issues and Technology Cluster
    • [email protected] Newsletter
    • Other Research
      • Science and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
    • Graduate Programmes Office
    • Overview
    • MSc (Asian Studies)
    • MSc (International Political Economy)
    • MSc (International Relations)
    • MSc (Strategic Studies)
    • NTU-Warwick Double Masters Programme
    • PhD Programme
    • Exchange Partners and Programmes
    • How to Apply
    • Financial Assistance
    • Meet the Admissions Team: Information Sessions and other events
    • RSIS Alumni
  • Alumni & Networks
    • Alumni
    • Asia-Pacific Programme for Senior Military Officers (APPSMO)
    • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
    • International Strategy Forum-Asia (ISF-Asia)
    • SRP Executive Programme
    • Terrorism Analyst Training Course (TATC)
  • Publications
    • RSIS Publications
      • Annual Reviews
      • Books
      • Bulletins and Newsletters
      • Commentaries
      • Counter Terrorist Trends and Analyses
      • Commemorative / Event Reports
      • IDSS Paper
      • Interreligious Relations
      • Monographs
      • NTS Insight
      • Policy Reports
      • Working Papers
      • RSIS Publications for the Year
    • Glossary of Abbreviations
    • External Publications
      • Authored Books
      • Journal Articles
      • Edited Books
      • Chapters in Edited Books
      • Policy Reports
      • Working Papers
      • Op-Eds
      • External Publications for the Year
    • Policy-relevant Articles Given RSIS Award
  • Media
    • Great Powers
    • Sustainable Security
    • Other Resource Pages
    • Media Highlights
    • News Releases
    • Speeches
    • Vidcast Channel
    • Audio/Video Forums
  • Events
  • Giving
  • Contact Us
Facebook
Twitter
YouTube
RSISVideoCast RSISVideoCast rsis.sg
Linkedin
instagram instagram rsis.sg
RSS
  • Home
  • About RSIS
      • Introduction
      • Building the Foundations
      • Welcome Message
      • Board of Governors
      • Staff Profiles
        • Executive Deputy Chairman’s Office
        • Dean’s Office
        • Management
        • Distinguished Fellows
        • Faculty and Research
        • Associate Research Fellows, Senior Analysts and Research Analysts
        • Visiting Fellows
        • Adjunct Fellows
        • Administrative Staff
      • Honours and Awards for RSIS Staff and Students
      • RSIS Endowment Fund
      • Endowed Professorships
      • Career Opportunities
      • Getting to RSIS
  • Research
      • Research Centres
        • Centre for Multilateralism Studies (CMS)
        • Centre for Non-Traditional Security Studies (NTS Centre)
        • Centre of Excellence for National Security (CENS)
        • Institute of Defence and Strategic Studies (IDSS)
        • International Centre for Political Violence and Terrorism Research (ICPVTR)
      • Research Programmes
        • National Security Studies Programme (NSSP)
        • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
      • Future Issues and Technology Cluster
      • [email protected] Newsletter
      • Other Research
        • Science and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
      • Graduate Programmes Office
      • Overview
      • MSc (Asian Studies)
      • MSc (International Political Economy)
      • MSc (International Relations)
      • MSc (Strategic Studies)
      • NTU-Warwick Double Masters Programme
      • PhD Programme
      • Exchange Partners and Programmes
      • How to Apply
      • Financial Assistance
      • Meet the Admissions Team: Information Sessions and other events
      • RSIS Alumni
  • Alumni & Networks
      • Alumni
      • Asia-Pacific Programme for Senior Military Officers (APPSMO)
      • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
      • International Strategy Forum-Asia (ISF-Asia)
      • SRP Executive Programme
      • Terrorism Analyst Training Course (TATC)
  • Publications
      • RSIS Publications
        • Annual Reviews
        • Books
        • Bulletins and Newsletters
        • Commentaries
        • Counter Terrorist Trends and Analyses
        • Commemorative / Event Reports
        • IDSS Paper
        • Interreligious Relations
        • Monographs
        • NTS Insight
        • Policy Reports
        • Working Papers
        • RSIS Publications for the Year
      • Glossary of Abbreviations
      • External Publications
        • Authored Books
        • Journal Articles
        • Edited Books
        • Chapters in Edited Books
        • Policy Reports
        • Working Papers
        • Op-Eds
        • External Publications for the Year
      • Policy-relevant Articles Given RSIS Award
  • Media
      • Great Powers
      • Sustainable Security
      • Other Resource Pages
      • Media Highlights
      • News Releases
      • Speeches
      • Vidcast Channel
      • Audio/Video Forums
  • Events
  • Giving
  • Contact Us
  • instagram instagram rsis.sg
Connect

Getting to RSIS

Map

Address

Nanyang Technological University
Block S4, Level B3,
50 Nanyang Avenue,
Singapore 639798

View location on Google maps Click here for directions to RSIS

Get in Touch

    Connect with Us

      rsis.ntu
      rsis_ntu
      rsisntu
    RSISVideoCast RSISVideoCast rsisvideocast
      school/rsis-ntu
    instagram instagram rsis.sg
      RSS
    Subscribe to RSIS Publications
    Subscribe to RSIS Events

    RSIS Intranet

    S. Rajaratnam School of International Studies Think Tank and Graduate School Ponder The Improbable Since 1966
    Nanyang Technological University Nanyang Technological University

    Skip to content

     
    • RSIS
    • Publication
    • RSIS Publications
    • CO14060 | Cybered Conflict, Not Cyber War
    • Annual Reviews
    • Books
    • Bulletins and Newsletters
    • Commentaries
    • Counter Terrorist Trends and Analyses
    • Commemorative / Event Reports
    • IDSS Paper
    • Interreligious Relations
    • Monographs
    • NTS Insight
    • Policy Reports
    • Working Papers
    • RSIS Publications for the Year

    CO14060 | Cybered Conflict, Not Cyber War
    Peter Dombrowski

    01 April 2014

    download pdf
    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    Synopsis

    We have entered a period of cybered conflict. For militaries, governments and private firms mastering the demands of cybered conflict, it will be a long and painful process requiring strong cyber defences and organisational resilience.

    Commentary

    CYBER WAR is not coming, but cybered conflict is. For decades we have been warned of the possibility of digital Pearl Harbours where network attacks lead to cascading failures of critical military, public and private systems. Recently, there has been a backlash; contrarians now argue that cyber war not only hasn’t occurred but is highly unlikely. They point to the absence of cyber “battle deaths” to date and the immense difficulty of using cyber weapons for political and military purposes.

    Botnets and malware can disrupt service and lead to lost data, but these are expensive nuisances rather than acts of war. Truly dangerous attacks, targeting, for example, the supervisory control and data acquisition (SCADA) systems of military facilities or public utilities, while potentially destructive, require exquisite intelligence and dedicated teams of hackers. These are capacities beyond the means of most nation-states, much less terrorists or common criminals.

    What’s going on?

    Yet worrying about cyber war and arguing about whether it can occur or not misses something important about the contemporary security environment much less the future. Communications and computer networks remain vulnerable. If we are not at war, therefore, what is going on?

    We have entered a period of cybered conflict. Cybered conflict means simply that all adversarial and competitive relationships will have a cyberised dimension. Insofar as all modern systems from finance to transport require telecommunications and computers connected to the Internet or proprietary networks, adversaries of all sorts will seek to influence outcomes by accessing and altering both the systems themselves and the data that resides within.

    For militaries, boots on the ground and ordinance on targets may be the ultimate determinants of victory but to deploying soldiers in the field or launching missiles on now requires the secure, accurate, and timely flow of information.

    For most institutions, including nation-states, developing cyber defences and resiliency are key. With all the attention paid to high profile attacks like Stuxnet, it is sometimes difficult to remember that the most effort – in terms of time, manpower, technology and money – is put into developing defensive systems. Firewalls, anti-virus programs, cryptographic techniques and the like play important roles in maintaining functionality. Even more important, governments and firms are developing the training, tactics, and procedures necessary to protect data, software, and hardware. More needs to done and investments to date are inadequate, but progress is being made.

    Defences of course are not enough. Given the stakes involved and motivations of hackers, it is inevitable that new malware will be developed, and internal threats from formerly trusted agents will emerge. But when telecommunications and computing systems are inevitably damaged they must be able to recover quickly; this might mean building in redundancy and avoiding single points of failure, but it also means having talented, well-trained personnel capable of responding quickly to repair, restore and rebuild.

    The big picture

    Beyond the importance of cyber defence and resilience, two big trends are emerging from this era of cybered conflict. Firstly, we are experiencing what Chris Demchak and I call the “Cyber Westphalia,” that is, the reassertion of the nation-state into the ungoverned domain of cyberspace. States are slowly but surely dividing up cyberspace into national jurisdictions while establishing enforcement capabilities, such as the emergence of cyber commands, national and subnational computer emergency response teams (CERTS), domestic legislation codifying organisational responsibilities, and interstate bargaining over the future of global cyber governance.

    Secondly, there are signs that the aerospace and defence sector is evolving into what might be called a cyber-military complex. When we think about war and preparations for war, we often think about the industrial giants that have traditionally supplied everything from tanks to ships to fighter aircraft: Lockheed Martin, Boeing, BAE Systems, and Airbus Group. Increasingly, these firms are tailoring themselves to meet the demands of defensive – and in some cases, offensive – cyber operations.

    Yet, preparing for cybered conflicts demands a different set of industrial capabilities than preparing for traditional warfare. Of course, the old giants will play a role. Too much money is at stake and the old ways of doing business are too hard to break. Indeed, many companies in the aerospace and defence sector have created cyber divisions, advertise specialised cyber services, and have added the prefix “cyber” to many existing programs and products. But other, more non-traditional suppliers will also provide many of the technologies for militaries, government agencies, and private firms to cope with cybered conflicts.

    In particular, firms in the information technology and communications sector are paying attention to government customers in ways not seen since the beginning of the information age. While at one time, many Silicon Valley firms were loathe to work closely with the government, more recently this is not the case. Of course, this attention is not an unalloyed good. Abuses have and will occur and the long-term implications for international competitiveness of firms closely associated with governments are uncertain.

    But again Google, Huawei, and other telecommunications and computing conglomerates are working with government to provide the hardware, software, and services necessary to assert greater control over cyberspace. Further, highly specialised cyber security firms have become critical – not just for protecting home computers but also for providing network intelligence, digital forensics, and many other professional services.

    Turbulent future

    While in most countries defence and intelligence budgets are declining or stabilising, spending on cyber security remains a growth area. In the United States, for example, President Obama’s 2015 budget includes roughly US$13 billion to improve cyber security and to mitigate network threats. Defence spending on cyber operations is projected to increase 21 percent over 2013 to $4.7 billion.

    Even in a period of global austerity, other governments are increasing spending on cyber capabilities as well. If we add in spending on cyber security by private firms from banks to airlines and public utilities, investment analysts are positively bullish on any firms connected with the sector.

    Mastering cybered conflict will be a long and likely painful process. Technologies evolve rapidly; developing defensive and resilient institutions remains a game of catch up. States will try to regulate and govern but will often fail or get things wrong. Gains to be made from cyber exploits – whether stealing intellectual property or disabling military equipment used for in a shooting war or deceiving publics with misinformation transmitted over social media – are simply too great for ambitious generals, corporate buccaneers, and criminals to resist.

    About the Author

    Peter Dombrowski, a professor in Strategic Research at the US Naval War College, was until recently a Visiting Research Fellow with the Military Transformations Programme, S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University. This commentary draws from an earlier article he co-authored with Chris Demchak in the Naval War College Review.

    Categories: Commentaries /

    Last updated on 08/09/2014

    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    Synopsis

    We have entered a period of cybered conflict. For militaries, governments and private firms mastering the demands of cybered conflict, it will be a long and painful process requiring strong cyber defences and organisational resilience.

    Commentary

    CYBER WAR is not coming, but cybered conflict is. For decades we have been warned of the possibility of digital Pearl Harbours where network attacks lead to cascading failures of critical military, public and private systems. Recently, there has been a backlash; contrarians now argue that cyber war not only hasn’t occurred but is highly unlikely. They point to the absence of cyber “battle deaths” to date and the immense difficulty of using cyber weapons for political and military purposes.

    Botnets and malware can disrupt service and lead to lost data, but these are expensive nuisances rather than acts of war. Truly dangerous attacks, targeting, for example, the supervisory control and data acquisition (SCADA) systems of military facilities or public utilities, while potentially destructive, require exquisite intelligence and dedicated teams of hackers. These are capacities beyond the means of most nation-states, much less terrorists or common criminals.

    What’s going on?

    Yet worrying about cyber war and arguing about whether it can occur or not misses something important about the contemporary security environment much less the future. Communications and computer networks remain vulnerable. If we are not at war, therefore, what is going on?

    We have entered a period of cybered conflict. Cybered conflict means simply that all adversarial and competitive relationships will have a cyberised dimension. Insofar as all modern systems from finance to transport require telecommunications and computers connected to the Internet or proprietary networks, adversaries of all sorts will seek to influence outcomes by accessing and altering both the systems themselves and the data that resides within.

    For militaries, boots on the ground and ordinance on targets may be the ultimate determinants of victory but to deploying soldiers in the field or launching missiles on now requires the secure, accurate, and timely flow of information.

    For most institutions, including nation-states, developing cyber defences and resiliency are key. With all the attention paid to high profile attacks like Stuxnet, it is sometimes difficult to remember that the most effort – in terms of time, manpower, technology and money – is put into developing defensive systems. Firewalls, anti-virus programs, cryptographic techniques and the like play important roles in maintaining functionality. Even more important, governments and firms are developing the training, tactics, and procedures necessary to protect data, software, and hardware. More needs to done and investments to date are inadequate, but progress is being made.

    Defences of course are not enough. Given the stakes involved and motivations of hackers, it is inevitable that new malware will be developed, and internal threats from formerly trusted agents will emerge. But when telecommunications and computing systems are inevitably damaged they must be able to recover quickly; this might mean building in redundancy and avoiding single points of failure, but it also means having talented, well-trained personnel capable of responding quickly to repair, restore and rebuild.

    The big picture

    Beyond the importance of cyber defence and resilience, two big trends are emerging from this era of cybered conflict. Firstly, we are experiencing what Chris Demchak and I call the “Cyber Westphalia,” that is, the reassertion of the nation-state into the ungoverned domain of cyberspace. States are slowly but surely dividing up cyberspace into national jurisdictions while establishing enforcement capabilities, such as the emergence of cyber commands, national and subnational computer emergency response teams (CERTS), domestic legislation codifying organisational responsibilities, and interstate bargaining over the future of global cyber governance.

    Secondly, there are signs that the aerospace and defence sector is evolving into what might be called a cyber-military complex. When we think about war and preparations for war, we often think about the industrial giants that have traditionally supplied everything from tanks to ships to fighter aircraft: Lockheed Martin, Boeing, BAE Systems, and Airbus Group. Increasingly, these firms are tailoring themselves to meet the demands of defensive – and in some cases, offensive – cyber operations.

    Yet, preparing for cybered conflicts demands a different set of industrial capabilities than preparing for traditional warfare. Of course, the old giants will play a role. Too much money is at stake and the old ways of doing business are too hard to break. Indeed, many companies in the aerospace and defence sector have created cyber divisions, advertise specialised cyber services, and have added the prefix “cyber” to many existing programs and products. But other, more non-traditional suppliers will also provide many of the technologies for militaries, government agencies, and private firms to cope with cybered conflicts.

    In particular, firms in the information technology and communications sector are paying attention to government customers in ways not seen since the beginning of the information age. While at one time, many Silicon Valley firms were loathe to work closely with the government, more recently this is not the case. Of course, this attention is not an unalloyed good. Abuses have and will occur and the long-term implications for international competitiveness of firms closely associated with governments are uncertain.

    But again Google, Huawei, and other telecommunications and computing conglomerates are working with government to provide the hardware, software, and services necessary to assert greater control over cyberspace. Further, highly specialised cyber security firms have become critical – not just for protecting home computers but also for providing network intelligence, digital forensics, and many other professional services.

    Turbulent future

    While in most countries defence and intelligence budgets are declining or stabilising, spending on cyber security remains a growth area. In the United States, for example, President Obama’s 2015 budget includes roughly US$13 billion to improve cyber security and to mitigate network threats. Defence spending on cyber operations is projected to increase 21 percent over 2013 to $4.7 billion.

    Even in a period of global austerity, other governments are increasing spending on cyber capabilities as well. If we add in spending on cyber security by private firms from banks to airlines and public utilities, investment analysts are positively bullish on any firms connected with the sector.

    Mastering cybered conflict will be a long and likely painful process. Technologies evolve rapidly; developing defensive and resilient institutions remains a game of catch up. States will try to regulate and govern but will often fail or get things wrong. Gains to be made from cyber exploits – whether stealing intellectual property or disabling military equipment used for in a shooting war or deceiving publics with misinformation transmitted over social media – are simply too great for ambitious generals, corporate buccaneers, and criminals to resist.

    About the Author

    Peter Dombrowski, a professor in Strategic Research at the US Naval War College, was until recently a Visiting Research Fellow with the Military Transformations Programme, S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University. This commentary draws from an earlier article he co-authored with Chris Demchak in the Naval War College Review.

    Categories: Commentaries

    Last updated on 08/09/2014

    Back to top

    Terms of Use | Privacy Statement
    Copyright © S. Rajaratnam School of International Studies. All rights reserved.
    This site uses cookies to offer you a better browsing experience. By continuing, you are agreeing to the use of cookies on your device as described in our privacy policy. Learn more
    OK
    Latest Book
    CO14060 | Cybered Conflict, Not Cyber War

    Synopsis

    We have entered a period of cybered conflict. For militaries, governments and private firms mastering the dema ...
    more info