Skip to section navigation
Skip to page content

RAND > Topics >

Cyber Warfare

Featured

Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or denial-of-service attacks. RAND research provides recommendations to military and civilian decisionmakers on methods of defending against the damaging effects of cyber warfare on a nation's digital infrastructure.

Commentary

Why It's So Hard to Stop a Cyberattack — and Even Harder to Fight Back

Mar 30, 2017

Cyber weapons attack the underlying network or computer systems. The possibility of unexpected effects in the cyber world is therefore greater than in conventional warfare. Not knowing if the effects were intentional complicates the response.
Report

The Life and Times of Zero-Day Software Vulnerabilities

Mar 9, 2017

Zero-day software vulnerabilities—security holes that developers haven't fixed or aren't aware of—can lurk undetected for years. They are useful in cyber operations and in defensive and academic settings. Whether to disclose or stockpile them is an ongoing debate.

Explore Cyber Warfare

Commentary

What Is an Act of Cyberwar? It's a Decision, Not a Conclusion

Perhaps making war can persuade the attacker to stop. Yet, war also risks further disruption, great cost, as well as possible destruction and death—especially if matters escalate beyond cyberspace, writes Martin Libicki.

Mar 4, 2013
Commentary

The European Cyber Security Strategy: Too Big to Fail?

The European Cyber Security Strategy is remarkable because it tries to co-ordinate policy across three areas whose competences and mandates were formerly very separate: law enforcement, the 'Digital Agenda', and defence, security, and foreign policy, writes Neil Robinson.

Feb 8, 2013
Report

Analysis of Cyber Threats Informs Swedish Strategy

How do governments characterize cyber threats and what role does law enforcement play in tackling cyber crime in different countries? These are some of the questions RAND Europe investigated on behalf of the Swedish National Defence College to inform the development of the Swedish Cyber Security Strategy.

Feb 5, 2013
Announcement

Announcement

Two Former Government Officials Join RAND Corporation Staff

Andrew Liepman and David Senty join RAND.

Jan 22, 2013
Blog

A Cybercrisis Is Inevitable — and Manageable

The United States can manage a cybercrisis by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise.

Jan 9, 2013
Commentary

A Matter of Degree: Who Can Authorize a Cyberattack?

Understanding when the United States should engage in cyberwar and who should approve cyberattacks requires understanding that cyberwar has multiple personalities: operational, strategic, and that great gray area in-between, writes Martin Libicki.

Jan 9, 2013
Report

Report

Cybercrises Can Be Managed with Multiple Strategies

The chances are growing that the United States will find itself in a crisis in cyberspace. Such crises can be managed by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise from crises.

Jan 3, 2013
Report

Report

Rapid Acquisition and Fielding for Information Assurance and Cyber Security in the Navy

The U.S. Navy requires an agile, adaptable acquisition process that can field new IT capabilities and services quickly. Successful rapid acquisition programs in the Army, Air Force, and Marine Corps offer lessons for the Navy as it develops its own streamlined processes for computer network defense and similar program areas.

Dec 21, 2012
Commentary

Cyber Operations Can Supplement a War, but They Cannot Be the War

The U.S. military, with its high-tech systems, must protect itself from cyber threats with much the same careful management that protects it against vulnerabilities associated with, say, explosives. But there can be no choice between boots on the ground and fingers on a keyboard, writes Martin Libicki.

Dec 19, 2012
Multimedia

Threats: Cyber Warfare

In this conference call, RAND senior management scientist Martin Libicki discusses cyber threats—including the declaration of cyber war by "hacktivist" group Anonymous against Israel—with RAND media relations director Jeffrey Hiday.

Dec 6, 2012
Blog

Admiral Blair: Middle East Most Serious Threat to U.S.

Admiral Dennis Blair, former National Intelligence director, discusses how the government gathers and uses intelligence on issues including Iran, cyber warfare, and the Arab Spring. Blair spoke with Reuters Editor-at-Large Sir Harold Evans during the RAND's Politics Aside event.

Nov 21, 2012
Multimedia

Crisis and Escalation in Cyberspace

In a presentation at the Google LAX Office, Martin Libicki, Adjunct Management Scientist, RAND Corporation, discusses the evolving field of cyberwarfare, and the form of crisis and escalation in the context of cyberspace.

Nov 15, 2012
Journal Article

An Enemy Without Boundaries

As Stuxnet and its like have proved, a determined attacker does not require an Internet connection to implant a worm or a virus, and a network's weaknesses can be exposed quite by accident. Cyber defense is difficult, in large part because a cyber attack is not always obvious.

Oct 1, 2012
Commentary

Commentary

Setting International Norms on Cyberwar Might Beat a Treaty

Restricting cyberweapon development could be harmful inasmuch as its core activity is the discovery of vulnerabilities in software—the very activity also required to bulletproof software against attacks from criminal hackers, writes Martin Libicki.

Jun 11, 2012
Multimedia

Information Sharing for Cyber-Security: Evidence from Europe

In this May 2012 Congressional Briefing, Neil Robinson presented evidence from empirical studies conducted in Europe regarding cyber-security and information exchange, specifically between organizations such as information sharing and analysis centers, computer emergency response teams, and cyber-crime police.

May 7, 2012
Project

Cybersecurity: Examining Challenges for the Future

Cyberspace is increasingly important for economic growth, openness, and democracy, but poor cybersecurity can make governments, businesses, and individuals open to cyber attack and cyber crime. RAND Europe conducts a range of research on the topic to advise policymakers.

Feb 29, 2012
Journal Article

Journal Article

Cyberspace Is Not a Warfighting Domain

Cyberspace has become the new high ground of warfare, the one domain to rule them all and in the ether bind them, which, as this essay will argue, is the wrong way to view cyberspace and what militaries can do by operating within it.

Jan 1, 2012
Journal Article

Journal Article

Cyber Policy: Institutional Struggle in a Transformed World

When it comes to cyber security, the world today is not the future that U.S. policy promised when cyber security first appeared on the national agenda well over a decade ago.

Jan 1, 2012
Journal Article

Toward a U.S. Army Cyber Security Culture

This article defines and explores the concept of cyber security culture within the context of the U.S. Army.

Sep 1, 2011
Commentary

Commentary

Could Bin Laden's Death Prompt a Cyber Attack?

A truly monumental attack that could cripple key U.S. computer systems — something akin to the Stuxnet worms attack on Iran's nuclear infrastructure, for example — would take many months of planning, significant expertise, and a great deal of money to pull off, writes Isaac Porche.

May 6, 2011

Previous
1
2
3
4
5
6
7
8
9
Next

RAND Topic:
Cyber Warfare

Topic Synonyms:
Computer Warfare;
Cyberwar

Research conducted by