Cyber Warfare

Featured

Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or denial-of-service attacks. RAND research provides recommendations to military and civilian decisionmakers on methods of defending against the damaging effects of cyber warfare on a nation's digital infrastructure.

  • World map, photo by nadla/Getty Images

    Commentary

    Why It's So Hard to Stop a Cyberattack — and Even Harder to Fight Back

    Mar 30, 2017

    Cyber weapons attack the underlying network or computer systems. The possibility of unexpected effects in the cyber world is therefore greater than in conventional warfare. Not knowing if the effects were intentional complicates the response.

  • Composite image of binary code on a sunset over water by Eileen Delson La Russo/RAND, adapted from images by Agil_Leonardo, Matejmo, and Byakkaya/Getty Images

    Report

    The Life and Times of Zero-Day Software Vulnerabilities

    Mar 9, 2017

    Zero-day software vulnerabilities—security holes that developers haven't fixed or aren't aware of—can lurk undetected for years. They are useful in cyber operations and in defensive and academic settings. Whether to disclose or stockpile them is an ongoing debate.

Explore Cyber Warfare

  • Cyber grenade

    Commentary

    Getting Ready to Fight the Next (Cyber) War

    Nation-states and their proxies are regularly spying and attacking in cyberspace across national borders. Western societies that are being targeted should do three things: Be less vulnerable, be able to recognize and mitigate the impact of attacks faster, and be prepared to respond in kind to all levels of offense.

    Mar 3, 2018

  • Report

    Estimating the Global Cost of Cyber Risk: Methodology and Examples

    This report shares a transparent and adaptable methodology for estimating present and future global costs of cyber risk. The report has a companion Excel-based modeling and simulation platform that allows users to alter assumptions.

    Jan 15, 2018

  • A composite image with hands on a keyboard and a padlock surrounded by a visualisation of a computer network

    Tool

    Estimating the Global Cost of Cyber Risk Calculator

    This Excel-based modeling and simulation tool estimates present and future global costs of cyber attacks and incidents. Users can also alter assumptions to investigate a wide variety of research questions.

    Jan 15, 2018

  • Government agents tracking cybercrime

    Commentary

    How the Pentagon Should Deter Cyber Attacks

    Foreign hackers are not afraid to launch attacks on the United States in cyberspace that they would not dare risk in a real theater of war. As cyber aggression gets worse and more brazen, the U.S. must figure out how to deter foreign actors in cyberspace as effectively as it does in nuclear and conventional warfare.

    Jan 10, 2018

  • Report

    Gaming Space: A Game-Theoretic Methodology for Assessing the Deterrent Value of Space Control Options

    This report introduces and explains a game-theoretic methodology to help decisionmakers assess the potential effects of alternative approaches to space control.

    Jan 5, 2018

  • Tool

    Defensive Space Analysis Tool (DSPAT): Version 2.0

    This manual explains how to use the Defensive Space Analysis Tool (DSPAT), which was developed to compare alternative approaches to space control in terms of their mission effectiveness, feasibility, escalation risk, and political cost.

    Jan 5, 2018

  • Computer hacker with magnifying glass

    Commentary

    It's Time for the International Community to Get Serious About Vulnerability Equities

    Multiple countries around the world are likely discovering, retaining and exploiting zero-day vulnerabilities without a process to properly consider the trade-offs. This needs to change. It’s time for the international community to get serious about vulnerability equities.

    Nov 15, 2017

  • Report

    The Creation of the PLA Strategic Support Force and Its Implications for Chinese Military Space Operations

    This report explores the missions and organization of China's Strategic Support Force, created in 2015 to develop and employ space capabilities, in particular launch and operation of satellites to provide C4ISR capabilities for joint operations.

    Nov 10, 2017

  • Soldiers with U.S. Army Cyber Command take part in network defense training

    Report

    How the Army Can Retain Its Cyber Expertise

    Projected earnings for information security analysts with characteristics similar to those of enlisted soldiers are comparable with military pay. But retention efforts may be hampered by soldiers' perceptions of civilian opportunities.

    Sep 18, 2017

  • Russian President Vladimir Putin speaks during a news conference after the G20 summit in Hamburg, Germany, July 8, 2017

    Commentary

    Russian Information Warfare: A Reality That Needs a Response

    For the last three decades, Russia has exploited its growing capabilities in cyberspace to spy on, influence, and punish others. The West will continue to struggle to hold Moscow accountable, in part because international law falls far short of fully defining the rules or resolving conflicts.

    Jul 21, 2017

  • Report

    Cyber Power Potential of the Army's Reserve Component

    Describes the availability of personnel with cyber skills in the private sector and the number of Army reserve component soldiers available to support the Army's cyber mission needs.

    Jun 15, 2017

  • A man holds a laptop computer as cyber code is projected on him

    Report

    Could Stateless Attribution Promote International Cyber Accountability?

    The public may respond to government claims about who is behind a cyberattack with suspicion and confusion. Could an independent, global organization for cyber attribution help?

    Jun 2, 2017

  • A soldier sets up voice intercept equipment during a cyber integration exercise on Joint Base Lewis-McChord, Washington, October 21, 2015

    Commentary

    What Happens After ISIS Goes Underground

    As the Islamic State in Iraq and Syria suffers defeats on the battlefield, it is expanding its cyber presence to continue to encourage attacks abroad. The more the group relies on cyberspace, the more likely it will expose important segments of its organization to detection and disruption.

    May 30, 2017

  • The Indiana National Guard Computer Network Defense Team readies their workstations for the Cyber Shield 2016 exercise at Camp Atterbury, Indiana, April 20, 2016

    Commentary

    Reservists and the National Guard Offer Untapped Resources for Cybersecurity

    More than 100,000 personnel in the Army National Guard and the U.S. Army Reserve have some degree of cyber competence, including thousands with deep or mid-level expertise. They could help defend the cyber terrain on which America's national security, prosperity, and democracy depend.

    Apr 18, 2017

  • Report

    Tactical Cyber: Building a Strategy for Cyber Support to Corps and Below

    This report proposes a strategy for tactical Army cyber operations, enumerating overarching goals, objectives, and associated activities. Instructive case studies are provided that support implementation of the strategy.

    Mar 28, 2017

  • A coder types on laptop keyboard

    Commentary

    Reining in Internet Abuse

    The internet is being used for harmful, unethical, and illegal purposes. Examples include incitement and recruitment by terrorists, cyber bullying, and malicious fake news. Americans say they are unhappy with the tone of the online discourse, but are reluctant to consider potential remedies.

    Mar 23, 2017

  • News Release

    RAND Study Examines 200 Real-World 'Zero-Day' Software Vulnerabilities

    Zero-day software vulnerabilities—security holes that developers haven't fixed or aren't aware of—can lurk undetected for years. They are useful in cyber operations and in defensive and academic settings. Whether to disclose or stockpile them is an ongoing debate.

    Mar 9, 2017

  • U.S. Army soldiers take part in a multi-service exercise on cyber capabilities at Ford Gordon in Augusta, Georgia, June 10, 2014

    Testimony

    Effective Cyberdeterrence Takes More Than Offensive Capability

    A successful cyberdeterrence posture has many prerequisites. These include attributing attacks to the correct party, thresholds for what merits retaliation, credibility, and offensive capability. For the United States, capability is the least in doubt.

    Mar 1, 2017