Cyber Warfare

Featured

Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or denial-of-service attacks. RAND research provides recommendations to military and civilian decisionmakers on methods of defending against the damaging effects of cyber warfare on a nation's digital infrastructure.

  • Accountability in Cyberspace: The Problem of Attribution

    Multimedia

    How to Achieve Accountability in Cyberspace

    Jan 13, 2019

    Identifying the responsible party behind malicious cyber incidents is necessary for holding bad actors accountable. But there are many challenges that accompany cyber attribution. Creating an independent, global organization that investigates and publicly assigns blame for major hacks could help.

  • Russian President Vladimir Putin chairs a meeting with members of the Security Council at the Kremlin in Moscow, Russia, April 5, 2019, photo by Sputnik/Kremlin/Alexei Druzhinin via Reuters

    Commentary

    Mueller Report May Result in Russian Sanctions but Not Better Behavior

    Apr 26, 2019

    The Mueller report could help mobilize political pressure in the United States for a stronger posture toward Russian activities that harm American and allied interests. But the Kremlin will likely still see propaganda, disinformation, and subterfuge as useful tools to undermine America's values and cohesion.

Explore Cyber Warfare

  • An exercise at the Joint Cyber Control Center

    Report

    The Other Quiet Professionals: Lessons for Future Cyber Forces from the Evolution of Special Forces

    Both special operations forces and cyber forces are small teams of highly skilled specialists, and both communities value skilled personnel above all else. What lessons can be drawn from a review of the commonalities, similarities, and differences between U.S. cyber forces and early U.S. special forces?

    Oct 3, 2014

  • Testimony

    Testimony

    Building on the Quadrennial Homeland Security Review to Improve the Effectiveness and Efficiency of the Department of Homeland Security: Addendum

    Document submitted on July 18, 2014 as an addendum to testimony presented before the House Homeland Security Committee, Subcommittee on Oversight and Management Efficiency on June 20, 2014.

    Jul 18, 2014

  • U.S. Representative John Carter (R-TX) and U.S. Homeland Security Secretary Jeh Johnson on Capitol Hill

    Testimony

    Improving the Effectiveness and Efficiency of the DHS

    If the Department of Homeland Security is to overcome the challenges of uncertain threats and budget constraints, it will need strategic focus to direct resources where they are most needed, strong oversight to assure that resources are used effectively, and cooperation across government to improve efficiency.

    Jun 20, 2014

  • DPU Soldiers conduct cyber defense exercise

    Commentary

    Russia Hacks a U.S. Drone in Crimea as Cyberwarfare Has Gone Wireless

    For American audiences and policymakers alike, cyber activities in Crimea provide a chilling reminder that cyberspace is emerging as a 21st-century global battlefield.

    Apr 7, 2014

  • Network defender working at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs

    Commentary

    Don't Buy the Cyberhype

    Although the risk of a debilitating cyberattack is real, the perception of that risk is far greater than it actually is, writes Martin Libicki. In fact, a major cyberattack of the kind intelligence officials fear has not taken place in the 21 years since the Internet became accessible to the public.

    Aug 16, 2013

  • Periodical

    Periodical

    RAND Review: Vol. 37, No. 1, Summer 2013

    Stories discuss the harms caused by sexual assault in the military; the prospects for minimalist international interventions; cyber threats and nations' responses to them; and the rising costs of dementia in the United States.

    Jul 15, 2013

  • server, datacenter, computer, network, room, interior, data, center, networking, rack, hosting, internet, web, framework, farm, workstation, render, pc, tower, cluster, database, business, security, technology, mainframe, equipment, white, processor, ethernet, storage, servers, industry, connection, row, firewall, hardware, service, infrastructure, system, information, domain, host, object, terminal, telecommunication, communication, black, net, connectivity, 3d

    Report

    Stocktaking Military Cyber Defense Capabilities in the European Union

    As the stakes of cyber threats rise, the EU needs to be able to provide a consistent level of cyber defense capability across member states. This stocktaking exercise aimed to inform further action at the EU and national level.

    Jun 3, 2013

  • 24th MEU,Realistic Urban Training,RUT,Sgt. Richard Blumenstein

    Report

    Brandishing Cyberattack Capabilities

    No one knows quite what would happen if a country suffered a full-fledged cyberattack, despite the plethora of skirmishes. But while cyberattack capabilities cannot easily be used to shape the behavior of others, this does not mean they cannot be used at all.

    May 13, 2013

  • Testimony

    Managing September 12th in Cyberspace

    "The U.S., while worried about a '9/11 in cyberspace,' also ought to worry about what a '9/12 in cyberspace' would look like," warns Martin C. Libicki in testimony presented before the House Foreign Affairs Committee, Subcommittee on Europe, Eurasia, and Emerging Threats on March 21, 2013. The consequences of the reaction to a cyberattack could be more serious than the consequences of the original action itself.

    Mar 21, 2013

  • Red network cables

    Testimony

    Managing September 12th in Cyberspace

    The U.S., while worried about a "9/11 in cyberspace," also ought to worry about what a "9/12 in cyberspace" would look like. The consequences of the reaction to a cyberattack could be more serious than the consequences of the original action itself.

    Mar 20, 2013

  • Globe and computer keyboard

    Commentary

    What Is an Act of Cyberwar? It's a Decision, Not a Conclusion

    Perhaps making war can persuade the attacker to stop. Yet, war also risks further disruption, great cost, as well as possible destruction and death—especially if matters escalate beyond cyberspace, writes Martin Libicki.

    Mar 4, 2013

  • digital globe with data orbits

    Commentary

    The European Cyber Security Strategy: Too Big to Fail?

    The European Cyber Security Strategy is remarkable because it tries to co-ordinate policy across three areas whose competences and mandates were formerly very separate: law enforcement, the 'Digital Agenda', and defence, security, and foreign policy, writes Neil Robinson.

    Feb 8, 2013

  • digital globe

    Report

    Analysis of Cyber Threats Informs Swedish Strategy

    How do governments characterize cyber threats and what role does law enforcement play in tackling cyber crime in different countries? These are some of the questions RAND Europe investigated on behalf of the Swedish National Defence College to inform the development of the Swedish Cyber Security Strategy.

    Feb 5, 2013

  • Announcement

    Announcement

    Two Former Government Officials Join RAND Corporation Staff

    Andrew Liepman and David Senty join RAND.

    Jan 22, 2013

  • Running a test in a U.S. Air Force cyber lab

    Blog

    A Cybercrisis Is Inevitable — and Manageable

    The United States can manage a cybercrisis by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise.

    Jan 9, 2013

  • Binary code and laptops

    Commentary

    A Matter of Degree: Who Can Authorize a Cyberattack?

    Understanding when the United States should engage in cyberwar and who should approve cyberattacks requires understanding that cyberwar has multiple personalities: operational, strategic, and that great gray area in-between, writes Martin Libicki.

    Jan 8, 2013

  • Report

    Report

    Cybercrises Can Be Managed with Multiple Strategies

    The chances are growing that the United States will find itself in a crisis in cyberspace. Such crises can be managed by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise from crises.

    Jan 3, 2013

  • Report

    Report

    Rapid Acquisition and Fielding for Information Assurance and Cyber Security in the Navy

    The U.S. Navy requires an agile, adaptable acquisition process that can field new IT capabilities and services quickly. Successful rapid acquisition programs in the Army, Air Force, and Marine Corps offer lessons for the Navy as it develops its own streamlined processes for computer network defense and similar program areas.

    Dec 21, 2012

  • digital globe

    Commentary

    Cyber Operations Can Supplement a War, but They Cannot Be the War

    The U.S. military, with its high-tech systems, must protect itself from cyber threats with much the same careful management that protects it against vulnerabilities associated with, say, explosives. But there can be no choice between boots on the ground and fingers on a keyboard, writes Martin Libicki.

    Dec 19, 2012

  • Multimedia

    Threats: Cyber Warfare

    In this conference call, RAND senior management scientist Martin Libicki discusses cyber threats—including the declaration of cyber war by "hacktivist" group Anonymous against Israel—with RAND media relations director Jeffrey Hiday.

    Dec 6, 2012

Research conducted by