Cyber Warfare

Featured

Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or denial-of-service attacks. RAND research provides recommendations to military and civilian decisionmakers on methods of defending against the damaging effects of cyber warfare on a nation's digital infrastructure.

  • U.S. President Joe Biden speaks about the Colonial Pipeline shutdown at the White House in Washington, D.C., May 13, 2021, photo by Kevin Lamarque/Reuters

    Commentary

    How to Deter Ransomware Attacks

    Aug 9, 2021

    To rein in ransomware attacks, the United States needs to upend the risk-reward ratio for hackers and for the countries that harbor or support them. Such a strategy would make networks harder to breach, hit back harder against hackers, and claw back gains from those who succeed.

  • Capt. Sarah Miller and Tech. Sgt. Carrol Brewster discuss options in response to a staged cyber attack during filming of a scene for an AFRC mission video at Joint Base San Antonio-Lackland, Texas, June 1, 2019, photo by Maj. Christopher Vasquez/U.S. Air Force

    Report

    Combating Foreign Disinformation on Social Media

    Jul 19, 2021

    Disinformation campaigns on social media pose a nuanced threat. But much of the U.S. response remains ad hoc and uncoordinated. It's unclear who has the edge moving forward, because disinformation techniques and countermeasures are evolving simultaneously.

Explore Cyber Warfare

  • Blog

    RAND Commentary Highlights of 2021

    Vaccine rollouts, an attack on the U.S. Capitol, massive ransomware attacks, the withdrawal from Afghanistan, record numbers of job openings and people quitting, and more. RAND researchers weighed in on all these topics and more.

    Dec 21, 2021

  • Tech. Sgt. Rosa Valdes and Staff Sgt. Rebecca Toland, non-destructive inspection technicians from the 140th Maintenance Squadron, perform an inspection of the 446 bulkhead on a block-30 F-16 Fighting Falcon aircraft. The 446 bulkhead is aft fuselage structure of the F-16 aircraft that supports the tail structure and recent tests have indicated an increased amount of stress cracks in this area, photo by Senior Master Sgt. John Rohrer/U.S. Air National Guard

    Report

    Wing-Level Mission Assurance for a Cyber-Contested Environment

    The authors offer ways to help wings assure their missions despite cyber attacks, focusing on how wings can maintain situational awareness, defend their systems, and respond to and recover from attacks to survive and operate when under cyber attack.

    Dec 9, 2021

  • Staff Sgt. Alex Garviria, 721st Communication Squadron senior systems controller, and 2nd Lt. Rachel James, 721st CS crew commander, work in the Global Strategic Warning and Space Surveillance System Center at Cheyenne Mountain Air Force Station, Colo., Sept. 2, 2014, photo by Airman 1st Class Krystal Ardrey/U.S. Air Force

    Report

    Attracting and Retaining Enlisted and Civilian Personnel to Build the Best Cyber Workforce

    In addition to revamping the training of its offensive and defensive cyber operators, the U.S. Air Force has also sought to better understand some of the drivers of attraction to and retention in the cyber field. What could the Air Force do to attract and retain the best personnel?

    Sep 29, 2021

  • U.S. Air Force Senior Airman Rose Li, right, hands a notebook to Airman 1st Class Eric Gardella, both 86th Communications Squadron wing cyber readiness technicians, while monitoring malicious network activity during exercise Tacet Venari at Ramstein Air Base, Germany, July 2, 2020, photo by Staff Sgt. Devin Boyer/U.S. Air Force

    Report

    Improving U.S. Air Force Training and Development in the Cyber Field

    The U.S. Air Force has been looking for ways to revamp the training of its offensive and defensive cyberwarfare workforce to develop the best fighting force possible. Is the training and development process that exists now working well for the cyber workforce? Is there a need for improvement?

    Sep 29, 2021

  • Tool

    Tool

    The Information Warfighter Exercise Wargame: Rulebook

    This document presents the full ruleset for the Information Warfighter Exercise Wargame, which is used by the Marine Corps to provide training for aspects of operations in the information environment.

    Aug 24, 2021

  • Report

    Report

    DoD Cyber Excepted Service Labor Market Analysis and Options for Use of Compensation Flexibilities

    In this report, the authors examine labor demand and supply for seven U.S. Department of Defense cyber work roles to help determine whether pay adjustments are necessary to support the recruitment and retention of critical personnel.

    Jul 19, 2021

  • Marines with Marine Corps Forces Cyberspace Command pose for photos in the cyber operations center at Lasswell Hall

    Report

    Chinese Disinformation Efforts on Social Media

    The authors identify key Chinese practices and the supporting infrastructure and conditions that successful social media disinformation campaigns require, concluding that China is using Taiwan as a test bed for developing attack vectors.

    Jul 19, 2021

  • Journal Article

    Journal Article

    COVID-19, Disinformation and Hateful Extremism: Literature Review Report

    This report presents the findings of a literature review that explored the links between hateful extremism and false information, and identifies associated online interventions and policy responses.

    Jul 14, 2021

  • Journal Article

    Journal Article

    Understanding and Pursuing Information Advantage

    This article tries to unpack the concept of "information advantage" and explore what it might mean and how it should be thought about by the U.S. Army and the joint force more broadly.

    Jul 6, 2021

  • A Russian Mi-8 military helicopter is seen through a window while flying during a rehearsal for the Navy Day parade in Saint Petersburg, Russia, July 21, 2019, photo by Anton Vaganov/Reuters

    Report

    How Would NATO Compete with Russia?

    Western threat perceptions of Russia have risen sharply in recent years, bolstered by its acts of military aggression, political interference, and efforts to expand its global influence. What would be the strengths, weaknesses, and risks for the United States, NATO, and Russia in a large-scale war?

    Jun 22, 2021

  • Report

    Report

    Managing for Mission Assurance in the Face of Advanced Cyber Threats

    This report offers a foundation for better managing, at the enterprise level in the Air Force, efforts to ensure resiliency of missions to adversarial cyber operations, including suggestions for the allocation of roles and responsibilities of tasks.

    May 24, 2021

  • A driver walks to his car near an empty gas pump in Falls Church, Virginia, May 12, 2021, photo by Kevin Lamarque/Reuters

    Commentary

    Is DarkSide Really Sorry? Is It Even DarkSide?

    The U.S. military relies heavily on commercial energy assets, making the implications of events like the Colonial Pipeline outage more serious than just higher prices at the gas pump. The origins and severity of an attack dictate what the United States might do in response.

    May 19, 2021

  • Blog

    Pandemic Education, Working Mothers, Predicting Cyber Threats: RAND Weekly Recap

    This weekly recap focuses on the urban-rural divide in pandemic education, supporting working moms, what makes a good COVID-19 reopening plan, and more.

    May 14, 2021

  • Connected dotted lines representing a network, image by liuzishan/Getty Images

    Report

    New Model Helps Predict Cyber Threats and Improve Resilience

    Today's evolving cyber threats require a tailored and targeted approach to cybersecurity. Current defenses focus on managing threats after a network has been breached. RAND's Scalable Warning and Resilience Model (SWARM) can help defenders proactively protect their systems through early warning of cyber incidents before they occur.

    May 11, 2021

  • The Sodium Guidestar at the Air Force Research Laboratory's Starfire Optical Range resides on a 6,240 foot hilltop at Kirtland Air Force Base, New Mexico, photo by U.S. Air Force

    Report

    Third Offset Fostered Real Intellectual Change Within DoD

    In 2014, U.S. defense leaders began promoting the Third Offset, a strategy centered on the potential of technology to offset Chinese and Russian advances. Its core principles were adopted by the 2018 National Defense Strategy. DoD started to look at security problems in a new light and develop closer ties with Silicon Valley.

    Mar 31, 2021

  • Journal Article

    Journal Article

    Systemic Cyber Risk and Aggregate Impacts

    High-profile attacks illustrate the potential for systemic cyber risk. We estimate the aggregate economic impact of firm-specific attacks finding potential large losses from downstream propagations.

    Feb 18, 2021

  • Journal Article

    Journal Article

    Deceive the Enemy with Emerging Technologies

    By using technology to deceive and confuse adversaries, the U.S. Navy can gain a competitive edge.

    Feb 4, 2021

  • Journal Article

    Journal Article

    Russia's Cyber Limitations in Personnel Recruitment and Innovation, Their Potential Impact on Future Operations and How NATO and Its Members Can Respond

    This chapter addresses questions arising from the gap that separates Russian cyber personnel and capabilities from its ambitions and what effect this disparity has on future state-backed cyber campaigns.

    Dec 23, 2020