Fighting Shadows in the Dark

Understanding and Countering Coercion in Cyberspace

by Quentin E. Hodgson, Logan Ma, Krystyna Marcinek, Karen Schwindt

Download

Download eBook for Free

FormatFile SizeNotes
PDF file 1 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

Purchase

Purchase Print Copy

 FormatList Price Price
Add to Cart Paperback56 pages $19.00 $15.20 20% Web Discount

Research Questions

  1. What role do cyber operations play in interstate and international relations?
  2. Are states using cyber operations to coerce others?
  3. Have cyber operations sponsored by Russia, China, Iran, and North Korea met the definition of cyber coercion? If so, how?

What is cyber coercion, and how have states used cyber operations to coerce others? Based on unclassified, open-source material, the authors of this report explore how four states — Russia, China, Iran, and North Korea — have used cyber operations, and whether that use constitutes cyber coercion.

States like Russia and North Korea appear to be more likely to have used cyber operations as a coercive tool than China and Iran. The authors also find that, contrary to what coercion theory would predict, states often do not make distinct threats with unambiguous demands for changes in behavior. Rather, states use cyber operations to try to coerce their neighbors while denying responsibility, often hiding behind proxies and without issuing clear demands. Despite the low probability of success, the authors anticipate states will continue to use and may, in fact, come to employ cyber operations more often in the future to coerce. To prepare for this outcome, the United States and its allies need to work now to develop methods to discern cyber coercion as it emerges and strategies to counter it in the future.

Key Findings

Cyber operations intended to coerce are a small subset of overall cyber operations globally

  • Espionage remains the predominant purpose of states' cyber operations.
  • Russian cyber operations appear to have had some coercive intent in Ukraine and Montenegro.
  • Chinese cyber operations show a continued focus on espionage, but potentially with some coercive intent as a secondary objective.
  • Iranian cyber operations appear more focused on retaliating against regional neighbors and the West, rather than serving a direct coercive purpose.
  • North Korea has routinely engaged in coercive acts in the physical world and sees cyber operations as another means to coerce others.
  • The assessment of these cases indicates how the threat, threat actor, and the desired change in behavior is often unclear or ambiguous, though this ambiguity does not appear to prevent countries from pursuing these coercive campaigns.

Recommendation

  • The United States and its partners need to develop a richer understanding of how cyber coercion might emerge, build systems to provide warning of impending operations, and craft strategies to deter and respond to cyber coercion.

Table of Contents

  • Chapter One

    Introduction

  • Chapter Two

    Defining Coercion

  • Chapter Three

    Russia

  • Chapter Four

    China

  • Chapter Five

    North Korea

  • Chapter Six

    Conclusion and Next Steps

This research was sponsored by the Office of the Secretary of Defense and conducted within the Cyber and Intelligence Policy Center of the RAND National Defense Research Institute, a federally funded research and development center (FFRDC) sponsored by the Office of the Secretary of Defense, the Joint Staff, the Unified Combatant Commands, the Navy, the Marine Corps, the defense agencies, and the defense Intelligence Community.

This report is part of the RAND Corporation research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.

Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.