Download eBook for Free

Full Document

FormatFile SizeNotes
PDF file 0.3 MB Best for desktop computers.

Use Adobe Acrobat Reader version 10 or higher for the best experience.

ePub file 1.7 MB Best for mobile devices.

On desktop computers and some mobile devices, you may need to download an eBook reader to view ePub files. Calibre is an example of a free and open source e-book library management application.

mobi file 0.3 MB Best for Kindle 1-3.

On desktop computers and some mobile devices, you may need to download an eBook reader to view mobi files. Amazon Kindle is the most popular reader for mobi files.

Summary Only

FormatFile SizeNotes
PDF file 0.2 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

Research Questions

  1. Can demonstrations ("brandishing") of cyberwar capabilities serve as effective deterrents, both broadly and in the nuclear realm?
  2. If so, under what circumstances?
  3. What are the limitations of such an approach to deterrence?

Deterrence is possible only when others know or at least have good indications of what the U.S. military can do, something that underlies U.S. nuclear deterrence strategy. Cyberattack capabilities resist such demonstration. No one knows quite what would happen if a country suffered a full-fledged cyberattack, despite the plethora of skirmishes. While cyberattack capabilities cannot easily be used to shape the behavior of others, this does not mean they cannot be used at all. This report explores ways that cyberattack capabilities can be brandished and under what circumstances, both in general terms and in the nuclear context. It then goes on to examine the obstacles and sketches out some realistic limits on the expectations. There is both promise and risk in cyber brandishing, but it would not hurt to give serious thought to ways to enhance the U.S. ability to leverage what others believe about its capabilities. Recent events have certainly convinced many others that the United States can do many sophisticated things in cyberspace (regardless of what, if anything, it has actually done). Applying brandishing as a strategy would take considerable analysis and imagination, inasmuch as none of the various options presented here are obvious winners. But brandishing is no panacea and also may not work; it could even backfire if misinterpreted as, say, a bluff. It is unlikely to make a deterrence posture succeed if the other elements of deterrence are weak.

Key Findings

Brandishing a Cyberattack Capability Would Declare Its Possession and Suggest Consequences

  • Possession of nuclear weapons is generally obvious, and the consequences are well understood. The same does not hold true for cyberweapons. Possession is likely not obvious, and the ability to inflict serious harm is debatable. Even if demonstrated, what worked yesterday may not work today. But difficult does not mean impossible.

Advertising Cyberwar Capabilities May Be Helpful

  • Successful brandishing might back up a deterrence strategy; dissuade another state from conventional mischief or even from investing in the ability to do so; and might reduce the state's confidence in the reliability of its information, command and control, or weapon systems.
  • In a nuclear confrontation, brandishing might help persuade another state that the brandisher will stay the course, thereby persuading the other state to yield.

There Is Both Promise and Risk in Cyber Brandishing

  • Brandishing may not work and may even backfire. For example, it may suggest the tendency to shy away from violence or may even be read as bluffing.
  • Since cyberattacks are essentially single-use weapons, they are diminished in the showing.
  • Penetrating a system is not the same as getting it to fail in useful ways.
  • Brandishing is an option that may also not work. It is no panacea, and it is unlikely to make a deterrence posture succeed if the other elements of deterrence (e.g., the will to wage war or, for red lines drawn in cyberspace, the ability to attribute) are weak.

Table of Contents

  • Chapter One

    No May Day Parades

  • Chapter Two

    The Broad Effects of Brandishing Cyberattack Capabilities

  • Chapter Three

    Brandishing Cyberattack in a Nuclear Confrontation

  • Chapter Four


The research described in this report was prepared for the Office of the Secretary of Defense (OSD). The research was conducted within the RAND National Defense Research Institute, a federally funded research and development center sponsored by OSD, the Joint Staff, the Unified Combatant Commands, the Navy, the Marine Corps, the defense agencies, and the defense Intelligence Community.

This report is part of the RAND Corporation Research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.

This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.