# Cyberwarfare

Short description: Use of digital attacks against a nation

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems.[1] Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

There is significant debate among experts regarding the definition of cyberwarfare, and even if such a thing exists.[2] One view is that the term is a misnomer, since no cyber attacks to date could be described as war.[3] An alternative view is that it is a suitable label for cyber attacks which cause physical damage to people and objects in the real world.[4]

Many countries including the United States , United Kingdom , Russia , China , Israel, Iran, and North Korea[5][6][7][8] have active cyber capabilities for offensive and defensive operations. As states explore the use of cyber operations and combine capabilities, the likelihood of physical confrontation and violence playing out as a result of, or part of, a cyber operation is increased. However, meeting the scale and protracted nature of war is unlikely, thus ambiguity remains.[9]

The first instance of kinetic military action used in response to a cyber-attack resulting in the loss of human life was observed on 5 May 2019, when the Israel Defense Forces targeted and destroyed a building associated with an ongoing cyber-attack.[10][11]

## Definition

There is ongoing debate over how cyberwarfare should be defined and no absolute definition is widely agreed upon.[9][12] While the majority of scholars, militaries and governments use definitions which refer to state and state-sponsored actors,[9][13][14] other definitions may include non-state actors, such as terrorist groups, companies, political or ideological extremist groups, hacktivists, and transnational criminal organizations depending on the context of the work.[15][16]

Examples of definitions proposed by experts in the field are as follows.

'Cyberwarfare' is used in a broad context to denote interstate use of technological force within computer networks in which information is stored, shared or communicated online.[9]

Parks and Duggan focused on analyzing cyberwarfare in terms of computer networks and pointed out that "Cyberwarfare is a combination of computer network attack and defense and special technical operations."[17] According to this perspective, the notion of cyberwarfare brings a new paradigm into the military doctrine. Paulo Shakarian and colleagues, put forward the following definition in 2013 drawing from various works including Clausewitz's definition of war: "War is the continuation of politics by other means":[13]

Cyberwarfare is an extension of policy by actions taken in cyberspace by state actors (or by non-state actors with significant state direction or support) that constitute a serious threat to another state's security, or an action of the same nature taken in response to a serious threat to a state's security (actual or perceived).

Taddeo offered the following definition in 2012:

The warfare grounded on certain uses of ICTs within an offensive or defensive military strategy endorsed by a state and aiming at the immediate disruption or control of the enemys resources, and which is waged within the informational environment, with agents and targets ranging both on the physical and non-physical domains and whose level of violence may vary upon circumstances.[18]

Robinson et al. proposed in 2015, that the intent of the attacker dictates whether an attack is warfare or not, defining cyber warfare as "the use of cyber attacks with a warfare-like intent."[12]

In 2010, the former US National Coordinator for Security, Infrastructure Protection and Counter-terrorism, Richard A. Clarke, defined cyberwarfare as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption."[14] Own cyber-physical infrastructure may be weaponized and used by the adversary in case of a cyber conflict, thus turning such infrastructure into tactical weapons.[19]

### Controversy of term

There is debate on whether the term "cyberwarfare" is accurate. In 2012, Eugene Kaspersky, founder of Kaspersky Lab, concludes that "cyberterrorism" is a more accurate term than "cyberwar." He states that "with today's attacks, you are clueless about who did it or when they will strike again. It's not cyber-war, but cyberterrorism."[20] Howard Schmidt, former Cyber Security Coordinator of the Obama Administration, said that "there is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment."[21]

Some experts take issue with the possible consequences linked to the warfare analogy. In 2011, Ron Deibert, of Canada's Citizen Lab, has warned of a "militarization of cyberspace", as militaristic responses may not be appropriate.[22] Although, to date, even serious cyber attacks which have disrupted large parts of a nations electrical grids (230,000 customers, Ukraine, 2015) or affected access to medical care, thus endangering life (NHS, WannaCry, 2017) have not led to military action.

In 2017, Oxford academic Lucas Kello proposed a new term – "Unpeace" – to denote highly damaging cyber actions whose non-violent effects do not rise to the level of traditional war. Such actions are neither warlike nor peace like. Although they are non-violent, and thus not acts of war, their damaging effects on the economy and society may be greater than even some armed attacks.[23][24] This term is closely related to the concept of the "grey zone" which has come to prominence in 2017, describing actions which fall below the traditional threshold of war.[25]

### Cyberwarfare vs. cyber war

The term "cyberwarfare" is distinct from the term "cyber war." "Cyberwarfare" does not imply scale, protraction or violence which are typically associated with the term "war".[9] Cyber warfare includes techniques, tactics and procedures which may be involved in a cyber war. The term war inherently refers to a large scale action, typically over a protracted period of time and may include objectives seeking to utilize violence or the aim to kill.[9] A cyber war could accurately describe a protracted period of back-and-forth cyber attacks (including in combination with traditional military action) between warring states. To date, no such action is known to have occurred. Instead, tit-for-tat military-cyber actions are more commonplace. For example, in June 2019, the United States launched a cyber attack against Iranian weapons systems in retaliation to the shooting down of a US drone being in the Strait of Hormuz.[26][27]

### Cyberwarfare and cyber sanctions

The use of digital attacks, as described by the concept of cyberwarfare, in this page can be a retaliatory response to the cyber attacks. In addition, countries can use cyber sanctions as a reaction to being the targets of the cyber attacks. Sometimes, it is not easy to detect the attacker; however, it might be the case that suspicions can focus on a certain country or group of countries. In these cases, unilateral and multilateral economic sanctions can be used instead of cyberwarfare. For example, economic sanctions related to cyber attacks have been frequently used by the United States government. There are two Executive Orders, EO 13694[28] in 2015 and EO 13757[29][30] in 2016, issued during the Obama administration specifically focused on the implementation of the cyber sanctions. Later on, these Executive Orders have been frequently used by the following US presidents. Furthermore, the Congress is an important actor when it comes to the cyber sanctions. For example, Iran Cyber Sanctions Act of 2016 is a bill that imposes sanctions on specific individuals responsible for the cyber attacks.[31]

## Types of threat

Main page: Cyberattack

## Types of warfare

Cyber warfare can present a multitude of threats towards a nation. At the most basic level, cyber attacks can be used to support traditional warfare. For example, tampering with the operation of air defenses via cyber means in order to facilitate an air attack.[32] Aside from these "hard" threats, cyber warfare can also contribute towards "soft" threats such as espionage and propaganda. Eugene Kaspersky, founder of Kaspersky Lab, equates large-scale cyber weapons, such as Flame and NetTraveler which his company discovered, to biological weapons, claiming that in an interconnected world, they have the potential to be equally destructive.[20][33]

### Espionage

PRISM: a clandestine surveillance program under which the NSA collects user data from companies like Facebook and Google.

Traditional espionage is not an act of war, nor is cyber-espionage, and both are generally assumed to be ongoing between major powers.[34] Despite this assumption, some incidents can cause serious tensions between nations, and are often described as "attacks". For example:[35]

• Massive spying by the US on many countries, revealed by Edward Snowden.
• After the NSA's spying on Germany's Chancellor Angela Merkel was revealed, the Chancellor compared the NSA with the Stasi.[36]
• The NSA recording nearly every cell phone conversation in the Bahamas, without the Bahamian government's permission, and similar programs in Kenya, the Philippines , Mexico and Afghanistan.[37][38]
• The "Titan Rain" probes of American defense contractors computer systems since 2003.[39]
• The Office of Personnel Management data breach, in the US, widely attributed to China.[40][41]
• The security firm Area 1 published details of a breach that compromised one of the European Union's diplomatic communication channels for three years.[42]

Out of all cyber attacks, 25% of them are espionage based.

### Sabotage

Computers and satellites that coordinate other activities are vulnerable components of a system and could lead to the disruption of equipment. Compromise of military systems, such as C4ISTAR components that are responsible for orders and communications could lead to their interception or malicious replacement. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption. According to Clarke, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market.[43]

In mid-July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered "the first attack on critical industrial infrastructure that sits at the foundation of modern economies," notes The New York Times.[44]

Stuxnet, while extremely effective in delaying Iran's nuclear program for the development of nuclear weaponry, came at a high cost. For the first time, it became clear that not only could cyber weapons be defensive but they could be offensive. The large decentralization and scale of cyberspace makes it extremely difficult to direct from a policy perspective. Non-state actors can play as large a part in the cyberwar space as state actors, which leads to dangerous, sometimes disastrous, consequences. Small groups of highly skilled malware developers are able to as effectively impact global politics and cyber warfare as large governmental agencies. A major aspect of this ability lies in the willingness of these groups to share their exploits and developments on the web as a form of arms proliferation. This allows lesser hackers to become more proficient in creating the large scale attacks that once only a small handful were skillful enough to manage. In addition, thriving black markets for these kinds of cyber weapons are buying and selling these cyber capabilities to the highest bidder without regard for consequences.[45][46]

#### Denial-of-service attack

Main page: Denial-of-service attack

In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks often leverage internet-connected devices with vulnerable security measures to carry out these large-scale attacks.[47] DoS attacks may not be limited to computer-based methods, as strategic physical attacks against infrastructure can be just as devastating. For example, cutting undersea communication cables may severely cripple some regions and countries with regards to their information warfare ability.

A Grid Transformer Station

#### Electrical power grid

The federal government of the United States admits that the electric power grid is susceptible to cyberwarfare.[48][49] The United States Department of Homeland Security works with industries to identify vulnerabilities and to help industries enhance the security of control system networks. The federal government is also working to ensure that security is built in as the next generation of "smart grid" networks are developed.[50] In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national security officials.[51] The North American Electric Reliability Corporation (NERC) has issued a public notice that warns that the electrical grid is not adequately protected from cyber attack.[52] China denies intruding into the U.S. electrical grid.[53] One countermeasure would be to disconnect the power grid from the Internet and run the net with droop speed control only.[54] Massive power outages caused by a cyber attack could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.

Iranian hackers, possibly Iranian Cyber Army pushed a massive power outage for 12 hours in 44 of 81 provinces of Turkey, impacting 40 million people. Istanbul and Ankara were among the places suffering blackout.[55]

Howard Schmidt, former Cyber-Security Coordinator of the US, commented on those possibilities:[21]

It's possible that hackers have gotten into administrative computer systems of utility companies, but says those aren't linked to the equipment controlling the grid, at least not in developed countries. [Schmidt] has never heard that the grid itself has been hacked.

In June 2019, Russia said that its electrical grid has been under cyber-attack by the United States. The New York Times reported that American hackers from the United States Cyber Command planted malware potentially capable of disrupting the Russian electrical grid.[56]

### Propaganda

Cyber propaganda is an effort to control information in whatever form it takes, and influence public opinion.[57] It is a form of psychological warfare, except it uses social media, fake news websites and other digital means.[58] In 2018, Sir Nicholas Carter, Chief of the General Staff of the British Army stated that this kind of attack from actors such as Russia "is a form of system warfare that seeks to de-legitimize the political and social system on which our military strength is based".[59]

Jowell and O'Donnell (2006) state that "propaganda is the deliberate, systematic attempt to shape perceptions, manipulate cognitions, and direct behavior to achieve a response that furthers the desired intent of the propagandist" (p. 7). The internet is the most important means of communication today. People can convey their messages quickly across to a huge audience, and this can open a window for evil. Terrorist organizations can exploit this and may use this medium to brainwash people. It has been suggested that restricted media coverage of terrorist attacks would in turn decrease the number of terrorist attacks that occur afterwards.[60]

### Economic disruption

In 2017, the WannaCry and Petya (NotPetya) cyber attacks, masquerading as ransomware, caused large-scale disruptions in Ukraine as well as to the U.K.'s National Health Service, pharmaceutical giant Merck, Maersk shipping company and other organizations around the world.[61][62][63] These attacks are also categorized as cybercrimes, specifically financial crime because they negatively affect a company or group.

### Surprise cyber attack

The idea of a "cyber Pearl Harbor" has been debated by scholars, drawing an analogy to the historical act of war.[64][65][66][67][68] Others have used "cyber 9/11" to draw attention to the nontraditional, asymmetric, or irregular aspect of cyber action against a state.[69][70]

## Motivations

There are a number of reasons nations undertake offensive cyber operations. Sandro Gaycken [de], a cyber security expert and adviser to NATO, advocates that states take cyber warfare seriously as they are viewed as an attractive activity by many nations, in times of war and peace. Offensive cyber operations offer a large variety of cheap and risk-free options to weaken other countries and strengthen their own positions. Considered from a long-term, geostrategic perspective, cyber offensive operations can cripple whole economies, change political views, agitate conflicts within or among states, reduce their military efficiency and equalize the capacities of high-tech nations to that of low-tech nations, and use access to their critical infrastructures to blackmail them.[71]

### Military

With the emergence of cyber as a substantial threat to national and global security, cyber war, warfare and/or attacks also became a domain of interest and purpose for the military.

In the U.S., General Keith B. Alexander, first head of USCYBERCOM, told the Senate Armed Services Committee that computer network warfare is evolving so rapidly that there is a "mismatch between our technical capabilities to conduct operations and the governing laws and policies. Cyber Command is the newest global combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space." It will attempt to find and, when necessary, neutralize cyberattacks and to defend military computer networks.[72]

Alexander sketched out the broad battlefield envisioned for the computer warfare command, listing the kind of targets that his new headquarters could be ordered to attack, including "traditional battlefield prizes – command-and-control systems at military headquarters, air defense networks and weapons systems that require computers to operate."[72]

One cyber warfare scenario, Cyber-ShockWave, which was wargamed on the cabinet level by former administration officials, raised issues ranging from the National Guard to the power grid to the limits of statutory authority.[73][74][75][76]

The distributed nature of internet based attacks means that it is difficult to determine motivation and attacking party, meaning that it is unclear when a specific act should be considered an act of war.[77]

Examples of cyberwarfare driven by political motivations can be found worldwide. In 2008, Russia began a cyber attack on the Georgian government website, which was carried out along with Georgian military operations in South Ossetia. In 2008, Chinese "nationalist hackers" attacked CNN as it reported on Chinese repression on Tibet.[78] Hackers from Armenia and Azerbaijan have actively participated in cyberwarfare as part of the Nagorno-Karabakh conflict, with Azerbaijani hackers targeting Armenian websites and posting Ilham Aliyev's statements.[79][80]

Jobs in cyberwarfare have become increasingly popular in the military. All four branches of the United States military actively recruit for cyber warfare positions.[81]

As the military have become more and more entangled into the national and global threat proposed by the utilization of the cyber domain, a new research field within the Military Science field have slowly emerged. In essence, its focus is centered towards describing, understanding and explaining what Military Cyber Operations is, can do and be tackled. In the Handbook of Military Sciences Aaron Brantly and Max Smeets define Military Cyber Operations to be "those cyber operations which a military entity of a nation-state plans and conducts to achieve strategic, operational, or tactical gain."[82] More so, they argue these types of military operations are commonly divided into three types of operations.

• Defensive Cyber Operations: Encompassing "those actions taken through the use of computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within a governments information systems and computer networks".[82]
• Cyber Espionage Operations: Encompassing "those actions taken through the use of computer networks to gather data from target or adversary information systems or network"."[82][83]
• Offensive Cyber Operations: Encompassing "those actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves, or in basic, operations designed to achieve tangible effects"."[82][84][85]

### Civil

Potential targets in internet sabotage include all aspects of the Internet from the backbones of the web, to the internet service providers, to the varying types of data communication mediums and network equipment. This would include: web servers, enterprise information systems, client server systems, communication links, network equipment, and the desktops and laptops in businesses and homes. Electrical grids, financial networks, and telecommunication systems are also deemed vulnerable, especially due to current trends in computerization and automation.[86]

### Hacktivism

Politically motivated hacktivism involves the subversive use of computers and computer networks to promote an agenda, and can potentially extend to attacks, theft and virtual sabotage that could be seen as cyberwarfare – or mistaken for it.[87] Hacktivists use their knowledge and software tools to gain unauthorized access to computer systems they seek to manipulate or damage not for material gain or to cause widespread destruction, but to draw attention to their cause through well-publicized disruptions of select targets. Anonymous and other hacktivist groups are often portrayed in the media as cyber-terrorists, wreaking havoc by hacking websites, posting sensitive information about their victims, and threatening further attacks if their demands are not met. However, hacktivism is more than that. Actors are politically motivated to change the world, through the use of fundamentalism. Groups like Anonymous, however, have divided opinion with their methods.[88]

### North America

#### United States

Cyberwarfare in the United States is a part of the American military strategy of proactive cyber defence and the use of cyberwarfare as a platform for attack.[197] The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war.[198]

U.S. government security expert Richard A. Clarke, in his book Cyber War (May 2010), had defined "cyberwarfare" as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption."[14]:6 The Economist describes cyberspace as "the fifth domain of warfare,"[199] and William J. Lynn, U.S. Deputy Secretary of Defense, states that "as a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain in warfare . . . [which] has become just as critical to military operations as land, sea, air, and space."[200]

In 2009, president Barack Obama declared America's digital infrastructure to be a "strategic national asset," and in May 2010 the Pentagon set up its new U.S. Cyber Command (USCYBERCOM), headed by General Keith B. Alexander, director of the National Security Agency (NSA), to defend American military networks and attack other countries' systems. The EU has set up ENISA (European Union Agency for Network and Information Security) which is headed by Prof. Udo Helmbrecht and there are now further plans to significantly expand ENISA's capabilities. The United Kingdom has also set up a cyber-security and "operations centre" based in Government Communications Headquarters (GCHQ), the British equivalent of the NSA. In the U.S. however, Cyber Command is only set up to protect the military, whereas the government and corporate infrastructures are primarily the responsibility respectively of the Department of Homeland Security and private companies.[199]

In February 2010, top American lawmakers warned that the "threat of a crippling attack on telecommunications and computer networks was sharply on the rise."[201] According to The Lipman Report, numerous key sectors of the U.S. economy along with that of other nations, are currently at risk, including cyber threats to public and private facilities, banking and finance, transportation, manufacturing, medical, education and government, all of which are now dependent on computers for daily operations.[201] In 2009, president Obama stated that "cyber intruders have probed our electrical grids."[202]

On 19 June 2010, United States Senator Joe Lieberman (I-CT) introduced a bill called "Protecting Cyberspace as a National Asset Act of 2010",[203] which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the "Kill switch bill", would grant the president emergency powers over parts of the Internet. However, all three co-authors of the bill issued a statement that instead, the bill "[narrowed] existing broad presidential authority to take over telecommunications networks".[204] In June 2012 the New York Times reported that president Obama had ordered the cyber attack on Iranian nuclear enrichment facilities.[205]

In July 2010, The Economist wrote that China had plans of "winning informationised wars by the mid-21st century", that other countries were likewise organizing for cyberwar, among them Russia, Israel and North Korea, and that Iran boasted of having the world's second-largest cyber-army.[199] James Gosler, a government cybersecurity specialist, worried that the U.S. has a severe shortage of computer security specialists, estimating that there are only about 1,000 qualified people in the country today, but needs a force of 20,000 to 30,000 skilled experts.[206] At the July 2010 Black Hat computer security conference, Michael Hayden, former deputy director of national intelligence, challenged thousands of attendees to help devise ways to "reshape the Internet's security architecture", explaining, "You guys made the cyberworld look like the north German plain."[207]

In August 2010, the U.S. for the first time warned publicly about the Chinese military's use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. The Pentagon also pointed to an alleged China-based computer spying network dubbed GhostNet which was revealed in a 2009 research report.[208] The Pentagon stated:

The People's Liberation Army is using "information warfare units" to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals. Commander Bob Mehal, will monitor the PLA's buildup of its cyberwarfare capabilities and will continue to develop capabilities to counter any potential threat.[209]

United States Department of Defense Seal

The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security. The United States Joint Forces Command describes some of its attributes:

Cyberspace technology is emerging as an "instrument of power" in societies, and is becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. Furthermore, the globe-spanning range of cyberspace and its disregard for national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies.[210]

Seal of Joint Force Headquarters Cyber Air Force

In February 2010, the United States Joint Forces Command released a study which included a summary of the threats posed by the internet:[210]

With very little investment, and cloaked in a veil of anonymity, our adversaries will inevitably attempt to harm our national interests. Cyberspace will become a main front in both irregular and traditional conflicts. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. Through cyberspace, enemies will target industry, academia, government, as well as the military in the air, land, maritime, and space domains. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Indeed, adversaries have already taken advantage of computer networks and the power of information technology not only to plan and execute savage acts of terrorism, but also to influence directly the perceptions and will of the U.S. Government and the American population.

On 6 October 2011, it was announced that Creech AFB's drone and Predator fleet's command and control data stream had been keylogged, resisting all attempts to reverse the exploit, for the past two weeks.[211] The Air Force issued a statement that the virus had "posed no threat to our operational mission".[212]

On 21 November 2011, it was widely reported in the U.S. media that a hacker had destroyed a water pump at the Curran-Gardner Township Public Water District in Illinois.[213] However, it later turned out that this information was not only false, but had been inappropriately leaked from the Illinois Statewide Terrorism and Intelligence Center.[214]

In 2012, the US used cyberattacks for tactical advantage in Afghanistan.[215]

According to a 2013 Foreign Policy magazine article, NSA's Tailored Access Operations (TAO) unit "has successfully penetrated Chinese computer and telecommunications systems for almost 15 years, generating some of the best and most reliable intelligence information about what is going on inside the People's Republic of China."[216][217]

In 2013 cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials.[218] In 2017, Representative Mike Rogers, chairman of the U.S. House Permanent Select Committee on Intelligence, for instance, said that "We are in a cyber war in this country, and most Americans don't know it. And we are not necessarily winning. We have got huge challenges when it comes to cybersecurity."[219]

In 2014, Barack Obama ordered an intensification of cyberwarfare against North Korea's missile program for sabotaging test launches in their opening seconds.[220] On 24 November 2014, Sony Pictures Entertainment hack was a release of confidential data belonging to Sony Pictures Entertainment (SPE).

In June 2015, the United States Office of Personnel Management (OPM) announced that it had been the target of a data breach targeting the records of as many as four million people.[221] Later, FBI Director James Comey put the number at 18 million.[222] The Washington Post has reported that the attack originated in China , citing unnamed government officials.[223]

In October 2016, Jeh Johnson the United States Secretary of Homeland Security and James Clapper the U.S. Director of National Intelligence issued a joint statement accusing Russia of interfering with the 2016 United States presidential election.[224] The New York Times reported the Obama administration formally accused Russia of stealing and disclosing Democratic National Committee emails.[225] Under U.S. law (50 U.S.C.Title 50 – War and National Defense, Chapter 15 – National Security, Subchapter III Accountability for Intelligence Activities[226]) there must be a formal Presidential finding prior to authorizing a covert attack. Then U.S. vice president Joe Biden said on the American news interview program Meet The Press that the United States will respond.[227] The New York Times noted that Biden's comment "seems to suggest that Mr. Obama is prepared to order – or has already ordered – some kind of covert action".[228] In 2016 President Barack Obama authorized the planting of cyber weapons in Russian infrastructure in the final weeks of his presidency in response to Moscow's interference in the 2016 presidential election.[229] On 29 December 2016 United States imposed the most extensive sanctions against Russia since the Cold War,[230] expelling 35 Russian diplomats from the United States.[231][232]

Economic sanctions are the most frequently used the foreign policy instruments by the United States today[233] Thus, it is not surprising to see that economic sanctions are also used as counter policies against cyberattacks. According to Onder (2021), economic sanctions are also information gathering mechanisms for the sanctioning states about the capabilities of the sanctioned states.[234]

In March 2017, WikiLeaks published more than 8,000 documents on the CIA. The confidential documents, codenamed Vault 7 and dated from 2013 to 2016, include details on CIA's software capabilities, such as the ability to compromise cars, smart TVs,[235] web browsers (including Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera Software ASA),[236][237][238] and the operating systems of most smartphones (including Apple's iOS and Google's Android), as well as other operating systems such as Microsoft Windows, macOS, and Linux.[239]

For a global perspective of countries and other actors engaged in cyber warfare, see the George Washington University-based National Security Archive's CyberWar map.[240]

## Cyberpeace

The rise of cyber as a warfighting domain has led to efforts to determine how cyberspace can be used to foster peace. For example, the German civil rights panel FIfF runs a campaign for cyberpeace − for the control of cyberweapons and surveillance technology and against the militarization of cyberspace and the development and stockpiling of offensive exploits and malware.[241][242][243][244] Measures for cyberpeace include policymakers developing new rules and norms for warfare, individuals and organizations building new tools and secure infrastructures, promoting open source, the establishment of cyber security centers, auditing of critical infrastructure cybersecurity, obligations to disclose vulnerabilities, disarmament, defensive security strategies, decentralization, education and widely applying relevant tools and infrastructures, encryption and other cyberdefenses.[241][245][246][247]

The topics of cyber peacekeeping[248][249] and cyber peacemaking[250] have also been studied by researchers, as a way to restore and strengthen peace in the aftermath of both cyber and traditional warfare.

## Cyber counterintelligence

Cyber counter-intelligence are measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions.[251]

• On 7 April 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.[252] • On 1 April 2009, U.S. lawmakers pushed for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.[253] • On 9 February 2009, the White House announced that it will conduct a review of the country's cyber security to ensure that the Federal government of the United States cyber security initiatives are appropriately integrated, resourced and coordinated with the United States Congress and the private sector.[254] • In the wake of the 2007 cyberwar waged against Estonia, NATO established the Cooperative Cyber Defence Centre of Excellence (CCD CoE) in Tallinn, Estonia, in order to enhance the organization's cyber defence capability. The center was formally established on 14 May 2008, and it received full accreditation by NATO and attained the status of International Military Organization on 28 October 2008.[255] Since Estonia has led international efforts to fight cybercrime, the United States Federal Bureau of Investigation says it will permanently base a computer crime expert in Estonia in 2009 to help fight international threats against computer systems.[256] • In 2015, the Department of Defense released an updated cyber strategy memorandum detailing the present and future tactics deployed in the service of defense against cyberwarfare. In this memorandum, three cybermissions are laid out. The first cybermission seeks to arm and maintain existing capabilities in the area of cyberspace, the second cybermission focuses on prevention of cyberwarfare, and the third cybermission includes strategies for retaliation and preemption (as distinguished from prevention).[257] One of the hardest issues in cyber counterintelligence is the problem of attribution. Unlike conventional warfare, figuring out who is behind an attack can be very difficult.[258] However Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable".[259] ## Doubts about existence In October 2011 the Journal of Strategic Studies, a leading journal in that field, published an article by Thomas Rid, "Cyber War Will Not Take Place" which argued that all politically motivated cyber attacks are merely sophisticated versions of sabotage, espionage, or subversion – and that it is unlikely that cyber war will occur in the future.[260] ## Legal perspective Various parties have attempted to come up with international legal frameworks to clarify what is and is not acceptable, but none have yet been widely accepted. The Tallinn Manual, published in 2013, is an academic, non-binding study on how international law, in particular the jus ad bellum and international humanitarian law, apply to cyber conflicts and cyber warfare. It was written at the invitation of the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence by an international group of approximately twenty experts between 2009 and 2012. The Shanghai Cooperation Organisation (members of which include China and Russia) defines cyberwar to include dissemination of information "harmful to the spiritual, moral and cultural spheres of other states". In September 2011, these countries proposed to the UN Secretary General a document called "International code of conduct for information security".[261] In contrast, the United approach focuses on physical and economic damage and injury, putting political concerns under freedom of speech. This difference of opinion has led to reluctance in the West to pursue global cyber arms control agreements.[262] However, American General Keith B. Alexander did endorse talks with Russia over a proposal to limit military attacks in cyberspace.[263] In June 2013, Barack Obama and Vladimir Putin agreed to install a secure Cyberwar-Hotline providing "a direct secure voice communications line between the US cybersecurity coordinator and the Russian deputy secretary of the security council, should there be a need to directly manage a crisis situation arising from an ICT security incident" (White House quote).[264] A Ukrainian international law scholar, Alexander Merezhko, has developed a project called the International Convention on Prohibition of Cyberwar in Internet. According to this project, cyberwar is defined as the use of Internet and related technological means by one state against the political, economic, technological and information sovereignty and independence of another state. Professor Merezhko's project suggests that the Internet ought to remain free from warfare tactics and be treated as an international landmark. He states that the Internet (cyberspace) is a "common heritage of mankind".[265] On the February 2017 RSA Conference Microsoft president Brad Smith suggested global rules – a "Digital Geneva Convention" – for cyber attacks that "ban the nation-state hacking of all the civilian aspects of our economic and political infrastructures". He also stated that an independent organization could investigate and publicly disclose evidence that attributes nation-state attacks to specific countries. Furthermore, he said that the technology sector should collectively and neutrally work together to protect Internet users and pledge to remain neutral in conflict and not aid governments in offensive activity and to adopt a coordinated disclosure process for software and hardware vulnerabilities.[266][267] A fact-binding body has also been proposed to regulate cyber operations.[268][269] ## In popular culture ### In films • Independence Day (1996) • Terminator 3: Rise of the Machines (2003) • Live Free or Die Hard (2007) • Terminator Genisys (2015) • Terminator: Dark Fate (2019) Documentaries • Hacking the Infrastructure: Cyber Warfare (2016) by Viceland • Cyber War Threat (2015) • Darknet, Hacker, Cyberwar[270] (2017) • Zero Days (2016) • The Perfect Weapon (2020) ### In television • "Cancelled", an episode of the animated sitcom South Park • Series 2 of COBRA, a British thriller series, revolves around a sustained campaign of cyberwar against the United Kingdom and the British government's response to it. ## See also ## References 1. Singer, P. W.; Friedman, Allan (March 2014). Cybersecurity and cyberwar : what everyone needs to know. Oxford. ISBN 9780199918096. OCLC 802324804. 2. Smith, Troy E. (2013). "Cyber Warfare: A Misrepresentation of the True Cyber Threat". American Intelligence Journal 31 (1): 82–85. ISSN 0883-072X. 3. Lucas, George (2017). Ethics and Cyber Warfare: The Quest for Responsible Security in the Age of Digital Warfare. Oxford. p. 6. ISBN 9780190276522. 4. Cyber warfare : a multidisciplinary analysis. Green, James A., 1981-. London. 7 November 2016. ISBN 9780415787079. OCLC 980939904. 5. Newman, Lily Hay (2019-05-06). "What Israel's Strike on Hamas Hackers Means For Cyberwar". Wired. ISSN 1059-1028. 6. Robinson, Michael; Jones, Kevin; Helge, Janicke (2015). "Cyber Warfare Issues and Challenges". Computers and Security 49: 70–94. doi:10.1016/j.cose.2014.11.007. Retrieved 2020-01-07. 7. Shakarian, Paulo (2013). Introduction to cyber-warfare : a multidisciplinary approach. Shakarian, Jana., Ruef, Andrew.. Amsterdam [Netherlands]: Morgan Kaufmann Publishers, an imprint of Elsevier. ISBN 9780124079267. OCLC 846492852. 8. Clarke, Richard A. Cyber War, HarperCollins (2010) ISBN:9780061962233 9. Arquilla, John (1999). "Can information warfare ever be just?". Ethics and Information Technology 1 (3): 203–212. doi:10.1023/A:1010066528521. 10. Parks, Raymond C.; Duggan, David P. (September 2011). "Principles of Cyberwarfare". IEEE Security Privacy 9 (5): 30–35. doi:10.1109/MSP.2011.138. ISSN 1558-4046. 11. Taddeo, Mariarosaria (2012-07-19). "An analysis for a just cyber warfare". Cyber Conflict (ICCC), International Conference on. Estonia: IEEE. 12. "Latest viruses could mean 'end of world as we know it,' says man who discovered Flame", The Times of Israel, 6 June 2012 13. "White House Cyber Czar: 'There Is No Cyberwar'". Wired, 4 March 2010 14. Deibert, Ron (2011). "Tracking the emerging arms race in cyberspace". Bulletin of the Atomic Scientists 67 (1): 1–8. doi:10.1177/0096340210393703. 15. Kello, Lucas (2017). The Virtual Weapon and International Order. New Haven, Conn.: Yale University Press. pp. 77–79. ISBN 9780300220230. 16. 17. Barnes, Julian E.; Gibbons-Neff, Thomas (2019-06-22). "U.S. Carried Out Cyberattacks on Iran" (in en-US). The New York Times. ISSN 0362-4331. 18. 19. Weinberger, Sharon (4 October 2007). "How Israel Spoofed Syria's Air Defense System". Wired. 20. "Cyber espionage bug attacking Middle East, but Israel untouched — so far", The Times of Israel, 4 June 2013 21. "A Note on the Laws of War in Cyberspace", James A. Lewis, April 2010 22. "Cyberwarfare" (in en-US). The New York Times. ISSN 0362-4331. 23. Rayman, Noah (18 December 2013). "Merkel Compared NSA To Stasi in Complaint To Obama". Time (magazine). 24. Devereaux, Ryan; Greenwald, Glenn; Poitras, Laura (19 May 2014). "Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas". The Intercept. First Look Media. 25. Bodmer, Kilger, Carpenter, & Jones (2012). Reverse Deception: Organized Cyber Threat Counter-Exploitation. New York: McGraw-Hill Osborne Media. ISBN:0071772499, ISBN:978-0071772495 26. Liptak, Kevin (4 June 2015). "U.S. government hacked; feds think China is the culprit". CNN. 27. Liptak, Kevin (20 June 2015). "Hacking Diplomatic Cables Is Expected. Exposing Them Is Not". Wired. Retrieved 22 June 2019. 28. "Clarke: More defense needed in cyberspace" HometownAnnapolis.com, 24 September 2010 29. "Malware Hits Computerized Industrial Equipment". The New York Times, 24 September 2010 30. Singer, P.W.; Friedman, Allan (2014). Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford: Oxford University Press. p. 156. ISBN 978-0-19-991809-6. 31. Gross, Michael L.; Canetti, Daphna; Vashdi, Dana R. (2016). "The psychological effects of cyber terrorism". The Bulletin of the Atomic Scientists 72 (5): 284–291. doi:10.1080/00963402.2016.1216502. ISSN 0096-3402. PMID 28366962. Bibcode2016BuAtS..72e.284G. 32. Shiels, Maggie. (9 April 2009) BBC: Spies 'infiltrate US power grid'. BBC News. Retrieved 8 November 2011. 33. Meserve, Jeanne (8 April 2009). "Hackers reportedly have embedded code in power grid". CNN. Retrieved 8 November 2011. 34. "US concerned power grid vulnerable to cyber-attack". In.reuters.com (9 April 2009). Retrieved 8 November 2011. 35. Gorman, Siobhan. (8 April 2009) Electricity Grid in U.S. Penetrated By Spies. The Wall Street Journal. Retrieved 8 November 2011. 36. NERC Public Notice. (PDF). Retrieved 8 November 2011. 37. ABC News: Video. ABC News. (20 April 2009). Retrieved 8 November 2011. 38. Micah Halpern (22 April 2015). "Iran Flexes Its Power by Transporting Turkey to the Stone Age". Observer. 39. "Russian military admits significant cyber-war effort". bbc.com. 21 February 2017. 40. Ajir, Media; Vailliant, Bethany (2018). "Russian Information Warfare: Implications for Deterrence Theory". Strategic Studies Quarterly 12 (3): 70–89. ISSN 1936-1815. 41. Carter, Nicholas (22 January 2018). "Dynamic Security Threats and the British Army". RUSI. 42. Cowen, Tyler (2006). "Terrorism as Theater: Analysis and Policy Implications". Public Choice 128 (1/2): 233–244. doi:10.1007/s11127-006-9051-y. ISSN 0048-5829. 43. Palmer, Robert Kenneth. "Critical Infrastructure: Legislative Factors for Preventing a Cyber-Pearl Harbor." Va. JL & Tech. 18 (2013): 289. 44. Molfino, Emily (2012). "Viewpoint: Cyberterrorism: Cyber "Pearl Harbor" is Imminent". in Sean S. Costigan. Cyberspaces and Global Affairs. Routledge. p. 75. ISBN 978-1-4094-2754-4. 45. Smith, Sean W., and John S. Erickson. "Never Mind Pearl Harbor--What about a Cyber Love Canal?." IEEE Security & Privacy 13.2 (2015): 94-98. 46. Loui, Ronald P., and Terrence D. Loui. "How to Survive a Cyber Pearl Harbor." Computer 49.6 (2016): 31-37. 47. Wirtz, James J. "The Cyber Pearl Harbor." Intelligence and National Security (2017): 1-10. 48. Arquilla, John (27 July 2009). "Click, click... counting down to cyber 9/11". SFGate. (Link at SFGate) 49. Magee, Clifford S. (Marine Corps Command and Staff College. Quantico VA) (Third Quarter 2013). "Awaiting the Cyber 9/11". Joint Force Quarterly (NDU Press) (70): 76–82. 50. "Cyber-War Nominee Sees Gaps in Law", The New York Times, 14 April 2010 51. Cyber ShockWave Shows U.S. Unprepared For Cyber Threats . Bipartisanpolicy.org. Retrieved 8 November 2011. 52. Drogin, Bob (17 February 2010). "In a doomsday cyber attack scenario, answers are unsettling". Los Angeles Times. 53. Ali, Sarmad (16 February 2010). "Washington Group Tests Security in 'Cyber ShockWave'". The Wall Street Journal. 54. Cyber ShockWave CNN/BPC wargame: was it a failure? . Computerworld (17 February 2010). Retrieved 8 November 2011. 55. Steve Ragan Report: The Cyber ShockWave event and its aftermath . The Tech Herald. 16 February 2010 56. Lee, Andy (1 May 2012). "International Cyber Warfare: Limitations and Possibilities". Jeju Peace Institute. 57. Giles, Christopher (October 26, 2020). "Nagorno-Karabakh: The Armenian-Azeri 'information wars'". BBC. 58. Brantly A. & Smeets M. (2020) Military Operations in Cyberspace. In: Sookermany A. (ed.) Handbook of Military Sciences. p. 1-16. Springer, Cham doi:10.1007/978-3-030-02866-4_19-1 59. Hayden, M. (2016). Playing to the edge: American intelligence in the age of terror (p. 137). New York: Penguin Random House. 60. Borghard, E. D., & Lonergan, S. W. (2017). The logic of coercion in cyberspace. Security Studies, 26(3), 452–481. 61. Denning, D. E. (2015). Rethinking the cyber domain and deterrence. Joint Forces Quarterly, 77, 15. Retrieved from http://ndupress.ndu.edu/Portals/68/Documents/jfq/jfq77/jfq-77_8-15_Denning.pdf 62. Lin, Tom C. W. (14 April 2016). "Financial Weapons of War". Minnesota Law Review 100: 1377–1440. 63. Denning, D. E. (2008). The ethics of cyber conflict. The Handbook of Information and Computer Ethics. 407–429. 64. Kenney, Michael (2015). "Cyber-Terrorism in a Post-Stuxnet World". Orbis 59 (1): 111–128. doi:10.1016/j.orbis.2014.11.009. 65. "North Korea 'stole$2bn via cyber-attacks'" (in en-GB). 2019-08-07.
66. "Google Attack Is Tip Of Iceberg", McAfee Security Insights, 13 January 2010
67. Allison, George (2019-04-11). "NATO takes part in international cyber security exercise" (in en-GB).
68. Boffey, Daniel (2019-06-27). "EU to run war games to prepare for Russian and Chinese cyber-attacks" (in en-GB). The Guardian. ISSN 0261-3077.
69. Wheeler, Caroline; Shipman, Tim; Hookham, Mark (2018-10-07). "UK war-games cyber attack on Moscow" (in en). The Sunday Times. ISSN 0956-1382.
70. Government-sponsored cyberattacks on the rise, McAfee says . Network World (29 November 2007). Retrieved 8 November 2011.
71. "China's Hacker Army". Foreign Policy. 3 March 2010.
72. Sanger, David E.; Perlroth, Nicole; Thrush, Glenn; Rappeport, Alan (2018-12-11). "Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing" (in en-US). The New York Times. ISSN 0362-4331.
73. "How China will use cyber warfare to leapfrog in military competitiveness". Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies 8 (1 October 2008): p. 37.
74. "How China will use cyber warfare to leapfrog in military competitiveness". Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies 8 (1 October 2008): p. 42.
75. "How China will use cyber warfare to leapfrog in military competitiveness". Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies 8 (1 October 2008): p. 43.
76.
77. Jim Finkle (3 August 2011). "State actor seen in "enormous" range of cyber attacks". Reuters.
78. Hurst, Daniel; Kuo, Lily; Graham-McLay, Charlotte (2020-09-14). "Zhenhua Data leak: personal details of millions around world gathered by China tech company" (in en).
79. Graham, Ben (13 September 2020). "Zhenhua Data: 35,000 Aussies being spied on by China as part of 'psychological war'". News.com.au — Australia's Leading News Site.
80. "5 lakh cyber warriors to bolster India's e-defence". The Times of India (India). 16 October 2012.
81. "36 government sites hacked by 'Indian Cyber Army'". The Express Tribune. Retrieved 8 November 2011.
82. "Hacked by 'Pakistan cyber army', CBI website still not restored". Ndtv.com (4 December 2010). Retrieved 8 November 2011.
83. Sudworth, John. (9 July 2009) "New cyberattacks hit South Korea". BBC News. Retrieved 8 November 2011.
84. Williams, Martin. UK, Not North Korea, Source of DDOS Attacks, Researcher Says. PC World.
85. "SK Hack by an Advanced Persistent Threat". Command Five Pty Ltd.
86. "The Ethiopian-Egyptian Water War Has Begun". Foreign Policy. 22 September 2020.
87. David E Sanger Hacked European Cables Reveal a World of Anxiety About Trump, Russia and Iran, New York Times (2018).
88. Lily Hay Newman, Hacking Diplomatic Cables Is Expected. Exposing Them Is Not, Wired (2018).
89. Michalis Michael, Major and successful hackers’ attack in Cyprus, BalkanEU (2019).
90. "War in the fifth domain. Are the mouse and keyboard the new weapons of conflict?". The Economist. 1 July 2010. "Important thinking about the tactical and legal concepts of cyber-warfare is taking place in a former Soviet barracks in Estonia, now home to NATO's "centre of excellence" for cyber-defence. It was established in response to what has become known as "Web War 1", a concerted denial-of-service attack on Estonian government, media and bank web servers that was precipitated by the decision to move a Soviet-era war memorial in central Tallinn in 2007."
91. Estonia accuses Russia of 'cyber attack'. The Christian Science Monitor. (17 May 2007). Retrieved 8 November 2011.
92. Ian Traynor, "Russia accused of unleashing cyberwar to disable Estonia", The Guardian , 17 May 2007
93. Boyd, Clark. (17 June 2010) "Cyber-war a growing threat warn experts". BBC News. Retrieved 8 November 2011.
94. Scott J. Shackelford, From Nuclear War to Net War: Analogizing Cyber Attacks in International Law, 27 Berkeley J. Int'l Law. 192 (2009).
95. Nouvelle, L'Usine (13 December 2016). "Pourquoi la France se dote d'une cyber-armée - Défense". Usinenouvelle.com/.
96. "Hackers wanted to man front line in cyber war" , The Local, 24 March 2013
97. "Germany to invest 100 million euros on internet surveillance: report", Kazinform, 18 June 2013
98. "National Cyber Security Centrum – NCSC". 2013-05-14.
99. Danchev, Dancho (11 August 2008). "Coordinated Russia vs Georgia cyberattack". ZDNet.
100. Markoff, John (2009-10-26). "Old Trick Threatens the Newest Weapons (Published 2009)" (in en-US). The New York Times. ISSN 0362-4331.
101. Mazanec, Brain M. (2015). The Evolution of Cyber War. USA: University of Nebraska Press. pp. 235–236. ISBN 9781612347639.
102. Cyberspace and the changing nature of warfare . Strategists must be aware that part of every political and military conflict will take place on the internet, says Kenneth Geers.
103. Andrew Meier, Black Earth. W. W. Norton & Company, 2003, ISBN:0-393-05178-1, pages 15–16.
104. Ringstrom, Anna (25 January 2017). "Swedish forces exposed to extensive cyber attack: Dagens Nyheter". Reuters. "Sweden's armed forces were recently exposed to an extensive cyber attack that prompted them to shut down an IT system used in military exercises, daily newspaper Dagens Nyheter reported on Wednesday. The attack that affected the Caxcis IT system was confirmed to the Swedish newspaper by armed forces spokesman Philip Simon."
105. Ukraine's military denies Russian hack attack , Yahoo! News (6 January 2017)
106. Defense ministry denies reports of alleged artillery losses because of Russian hackers' break into software, Interfax-Ukraine (6 January 2017)
107. Mazanec, Brain M. (2015). The Evolution of Cyber War. USA: University of Nebraska Press. pp. 221–222. ISBN 9781612347639.
108. "Ukraine crisis: 'Wiper' discovered in latest cyber-attacks" (in en-GB). BBC News. 2022-02-24.
109. "Al Qaeda rocked by apparent cyberattack. But who did it?". The Chris Science Monitor. 2012-04-04.
110. Britain faces serious cyber threat, spy agency head warns. The Globe and Mail (13 October 2010). Retrieved 8 November 2011.
111. "Iran's military is preparing for cyber warfare". Flash//CRITIC Cyber Threat News. 2013-09-16.
112. Denning, Dorothy E. (2012-07-16). "Stuxnet: What Has Changed?" (in en). Future Internet 4 (3): 672–687. doi:10.3390/fi4030672.
113. AFP (1 October 2010). Stuxnet worm brings cyber warfare out of virtual world. Google. Retrieved 8 November 2011.
114. Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon | Video on. Ted.com. Retrieved 8 November 2011.
115. "Israel Adds Cyber-Attack to IDF", Military.com, 10 February 2010
116. "IAEA: Syria tried to build nuclear reactor" (in en). Ynetnews. Associated Press. 2011-04-28.
117. Fulghum, David A. "Why Syria's Air Defenses Failed to Detect Israelis", Aviation Week & Space Technology, 3 October 2007. Retrieved 3 October 2007.
118. Fulghum, David A. "Israel used electronic attack in air strike against Syrian mystery target", Aviation Week & Space Technology, 8 October 2007. Retrieved 8 October 2007.
119. "Pastie: 'Untitled'". 15 August 2012.
120. "Exhibitionist Shamoon virus blows PCs' minds". The Register. 17 August 2012.
121. "The Shamoon Attacks". Symantec. 16 August 2012.
122. Michael Harper (31 August 2012). "RedOrbit: Energy Company RasGas Is Infected with Shamoon Virus".
123. "Shamoon virus attacks Saudi oil company". Digital Journal. 18 August 2012.
124. "Shamoon virus targets energy sector infrastructure". BBC News. 17 August 2012.
125. "Saudi Aramco hug, another one". 29 August 2012.
126. "GOP Fundraiser Sues Qatar Over Stolen Emails". The Wall Street Journal. 26 March 2018.
127. "Hackers Went After a Now-Disgraced G.O.P. Fund-Raiser. Now He Is After Them". The New York Times. 20 September 2018.
128. Mazzetti, Mark; Goldman, Adam (14 September 2021). "Ex-U.S. Intelligence Officers Admit to Hacking Crimes in Work for Emiratis". Retrieved 14 September 2021.
129. American Forces Press Service: Lynn Explains U.S. Cybersecurity Strategy. Defense.gov. Retrieved 8 November 2011.
130. "Pentagon to Consider Cyberattacks Acts of War". The New York Times. 31 May 2011
131. "Cyberwar: War in the Fifth Domain" Economist, 1 July 2010
132. Lynn, William J. III. "Defending a New Domain: The Pentagon's Cyberstrategy", Foreign Affairs, Sept/Oct. 2010, pp. 97–108
133. The Lipman Report, 15 October 2010
134. Clarke, Richard. "China's Cyberassault on America", The Wall Street Journal, 15 June 2011
135. Senators Say Cybersecurity Bill Has No 'Kill Switch', Information Week, 24 June 2010. Retrieved 25 June 2010.
136. Sanger, David E. "Obama Order Sped Up Wave of Cyberattacks Against Iran." The New York Times, 1 June 2012.
137. "Cyberwarrior Shortage Threatens U.S. Security". NPR, 19 July 2010
138. "U.S. military cyberwar: What's off-limits?" CNET, 29 July 2010
139. ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People's Republic of China 2010. US Defense Department (PDF). Retrieved 8 November 2011.
140. "The Joint Operating Environment" , Joint Forces Command, 18 February 2010, pp. 34–36
141. U.S. drone and predator fleet is being keylogged. Wired, October 2011. Retrieved 6 October 2011
142. Hennigan, W.J. "Air Force says drone computer virus poses 'no threat'". Los Angeles Times, 13 October 2011.
143. Mathew J. Schwartz (21 November 2011). "Hacker Apparently Triggers Illinois Water Pump Burnout". InformationWeek.
144. Kim Zetter (30 November 2011). "Exclusive: Comedy of Errors Led to False 'Water-Pump Hack' Report". Wired.
145. Satter, Raphael. "US general: We hacked the enemy in Afghanistan.". Associated Press, 24 August 2012.
146. "U.S. NSA Unit 'TAO' Hacking China For Years". Business Insider. 11 June 2013
147. "Secret NSA hackers from TAO Office have been pwning China for nearly 15 years". Computerworld. 11 June 2013.
148. Dilanian, Ken. "Cyber-attacks a bigger threat than Al Qaeda, officials say", Los Angeles Times, 12 March 2013
149. Nikita Vladimirov, Ex-House intel chairman: US 'not necessarily winning' the cyber war, The Hill (19 February 2017).
150. Sanger, David E.; Broad, William J. (4 March 2017). "Trump Inherits a Secret Cyberwar Against North Korean Missiles". The New York Times.
151. Barrett, Devlin (5 June 2015). "U.S. Suspects Hackers in China Breached About four (4) Million People's Records, Officials Say". The Wall Street Journal.
152. "Joint Statement from the Department of Homeland Security and Office of the Director of National Intelligence on Election Security". Department of Homeland Security and Office of the Director of National Intelligence on Election Security. 7 October 2016.
153. "VP Biden Promises Response to Russian Hacking". NBC News Meet the Press. 14 October 2016.
154. Greg Miller, Ellen Nakashima, Adam Entous: Obama's secret struggle to retaliate against Putin's election interference, Washington Post, 23. June 2017
155. Lee, Carol E.; Sonne, Paul (30 December 2016). "U.S. Sanctions Russia Over Election Hacking; Moscow Threatens to Retaliate". The Wall Street Journal.
156. Onder, Mehmet (2020). "Regime Type, Issue Type and Economic Sanctions: The Role of Domestic Players". Economies 8 (1): 2. doi:10.3390/economies8010002.
157. Onder, Mehmet (2021). "Economic sanctions outcomes: An information-driven explanation". Journal of International Studies 14 (2): 38–57. doi:10.14254/2071-8330.2021/14-2/3.
158. Shane, Scott; Mazzetti, Mark; Rosenberg, Matthew (7 March 2017). "WikiLeaks Releases Trove of Alleged C.I.A. Hacking Documents". The New York Times.
159. Greenberg, Andy (2017-03-07). "How the CIA Can Hack Your Phone, PC, and TV (Says WikiLeaks)" (in en-US). WIRED.
160. Murdock, Jason (2017-03-07). "Vault 7: CIA hacking tools were used to spy on iOS, Android and Samsung smart TVs". International Business Times UK.
161. Michael Martelle, ed (6 June 2018). "CyberWar Map". National Security Archive.
162. Hofkirchner, Wolfgang; Burgin, Mark (2017-01-24) (in en). The Future Information Society: Social and Technological Problems. World Scientific. ISBN 9789813108981. Retrieved 22 May 2017.
163. "WannaCry ist ein Kollateralschaden des Cyberwar – Pressenza" (in de-DE). Pressenza. 18 May 2017.
164. Friesinger, Günther; Herwig, Jana (2014-06-30) (in en). The Art of Reverse Engineering: Open – Dissect – Rebuild. transcript Verlag. ISBN 9783839425039. Retrieved 22 May 2017.
165. Grady, Mark F.; Parisi, Francesco (2005-11-28) (in en). The Law and Economics of Cybersecurity. Cambridge University Press. ISBN 9781139446969. Retrieved 22 May 2017.
166. Robinson, Michael; Janicke, Helge; Jones, Kevin (2017). "An Introduction to Cyber Peacekeeping". arXiv:1710.09616 [cs.CY].
167. Akatyev, Nikolay; James, Joshua (2015). "Cyber Peacekeeping". Digital Forensics and Cyber Crime. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. 157. pp. 126–139. doi:10.1007/978-3-319-25512-5_10. ISBN 978-3-319-25511-8.
168. Ramsbotham, Oliver; Miall, Hugh; Woodhouse, Tom (2011-04-11) (in en). Contemporary Conflict Resolution. Polity. ISBN 9780745649740. Retrieved 22 May 2017.
169. DOD – Cyber Counterintelligence. Dtic.mil. Retrieved 8 November 2011.
170. Pentagon Bill To Fix Cyber Attacks: ,0M. CBS News. Retrieved 8 November 2011.
171. "Senate Legislation Would Federalize Cybersecurity". The Washington Post. Retrieved 8 November 2011.
172. "White House Eyes Cyber Security Plan". CBS News (10 February 2009). Retrieved 8 November 2011.
173. CCD COE – Cyber Defence . Ccdcoe.org. Retrieved 8 November 2011.
174. Associated Press (11 May 2009) FBI to station cybercrime expert in Estonia. Boston Herald. Retrieved 8 November 2011.
175. Lisa Lucile Owens, Justice and Warfare in Cyberspace, The Boston Review (2015), available at [1]
176. Reed, John. "Is the 'holy grail' of cyber security within reach?". Foreign Policy Magazine, 6 September 2012.
177. Carroll, Chris. "US can trace cyberattacks, mount pre-emptive strikes, Panetta says". Stars and Stripes, 11 October 2012.
178. Rid, Thomas (2012). "Cyber War Will Not Take Place". Journal of Strategic Studies 35: 5–32. doi:10.1080/01402390.2011.608939.
179. Russian Embassy to the UK [2]. Retrieved 25 May 2012.
180. Tom Gjelten (23 September 2010). "Seeing The Internet As An 'Information Weapon'". NPR.
181. Gorman, Siobhan. (4 June 2010) WSJ: U.S. Backs Talks on Cyber Warfare. The Wall Street Journal. Retrieved 8 November 2011.
182. Sean Gallagher, US, Russia to install "cyber-hotline" to prevent accidental cyberwar, Arstechnica, 18 June 2013
183. Український центр політичного менеджменту – Зміст публікації – Конвенция о запрещении использования кибервойны . Politik.org.ua. Retrieved 8 November 2011.
184. "Regulating the Use and Conduct of Cyber Operations: Challenges and a Fact-Finding Body Proposal", https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3540615 (2019/2020)
185. "An International Attribution Mechanism for Hostile Cyber Operations", https://digital-commons.usnwc.edu/cgi/viewcontent.cgi?article=2922&context=ils