Cyber Warfare

Featured

Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or denial-of-service attacks. RAND research provides recommendations to military and civilian decisionmakers on methods of defending against the damaging effects of cyber warfare on a nation's digital infrastructure.

  • Illustration of a network, security information, and AI technology, image by issaronow/Adobe Stock

    Report

    'Hostile Social Manipulation' Is a Growing Threat to the United States

    Sep 4, 2019

    Hostile social manipulation includes social media campaigns, sophisticated forgeries, and spreading rumors and conspiracy theories. As these techniques are used by Russia and China, Washington should invest more resources to understand and counter them.

  • Accountability in Cyberspace: The Problem of Attribution

    Multimedia

    How to Achieve Accountability in Cyberspace

    Jan 13, 2019

    Identifying the responsible party behind malicious cyber incidents is necessary for holding bad actors accountable. But there are many challenges that accompany cyber attribution. Creating an independent, global organization that investigates and publicly assigns blame for major hacks could help.

Explore Cyber Warfare

  • Eye and technology display

    Report

    Training Cyber Warriors: Lessons from Defense Language Training

    To ensure the U.S. Department of Defense has sufficient numbers of skilled cyber workers, it may need to develop additional training approaches as it plans for broader recruiting and workforce management. Examining how DoD handles foreign language training yields lessons that could be applied to cyber training.

    Mar 16, 2015

  • A man accesses data from a computer

    Testimony

    Sharing Information About Threats Is Not a Cybersecurity Panacea

    Information-sharing—specifically, threat-centric information-sharing—has dominated recent discussions on improving cybersecurity, but it is not a silver bullet. Its usefulness is tied to certain assumptions about attacks, and while it should be encouraged, it addresses only one facet of a very complex space.

    Mar 4, 2015

  • Journal Article

    Journal Article

    Integrating Apples, Oranges, Pianos, Volkswagens, and Skyscrapers: On the Relationships Between Information-Related Capabilities and Other Lines of Operation

    This article describes the various possible relationships between IRCs and the capabilities of other lines of operation.

    Feb 17, 2015

  • Binary code with 'password' in red

    Commentary

    Cyberattacks Are a Nuisance, Not Terrorism

    The United States needs to consider both the risk of further attacks like the Sony breach and also further ill-considered reactions that may arise if the problem of insecurity in cyberspace is shoved into the counterterrorism paradigm.

    Feb 9, 2015

  • People holding mobile phones are silhouetted against a backdrop projected with the Twitter logo

    Commentary

    Decoding the Breach: The Truth About the CENTCOM Hack

    When ISIS hackers hijacked the Twitter account of U.S. Central Command on Jan. 12, they falsely claimed that they had hacked into U.S. military computers. While the incident was embarrassing, it was not concerning in operational military terms. It was, however, damaging to the counterinsurgency against ISIS.

    Feb 3, 2015

  • Service members working in the Global Strategic Warning and Space Surveillance System Center

    Commentary

    Put a Cybercop on the Beat

    What remains vitally needed is legislation that would grant at least one capable government organization the authority to track cyber-intruders and -criminals with the same freedom and speed of maneuver that these adversaries enjoy, while protecting the civil liberties and freedoms that allowed the establishment of the Internet.

    Jan 22, 2015

  • People pose in front of a display showing the word 'cyber' in binary code, Zenica, Bosnia and Herzegovina, December 27, 2014

    Commentary

    After a Year of Major Hacks, 2015 Resolutions to Bolster Cyber Security

    With numerous data breaches and emerging software vulnerabilities, 2014 was the year the hack went viral. But realizing a few New Year's resolutions in 2015 could help defenders make strides in protection, tools, and techniques to gain the edge over cyber attackers in years to come.

    Dec 31, 2014

  • A security guard at the entrance of United Artists Theater during the premiere of the film 'The Interview' in Los Angeles, December 11, 2014

    Commentary

    Is the North Korean Regime Out of Control?

    Evidence points to North Korean involvement in the Sony hack. But it's impossible to know if top regime leaders sanctioned the attack or if it was carried out by another part of the government without their knowledge and consent. An unauthorized hack would only add to Kim Jong-un's worry over his regime's instability.

    Dec 23, 2014

  • Illustrated photo of a person typing on a computer keyboard

    Commentary

    Preventing Cyber Attacks: Sharing Information About Tor

    While Tor has many benefits, it is also used to hide criminal activity online such as the recent cyber attacks against JPMorgan Chase and Sony Pictures. The U.S. government should share the IP addresses of Tor network nodes with U.S. critical infrastructure and financial firms so that future cyber attacks could be prevented.

    Dec 17, 2014

  • An exercise at the Joint Cyber Control Center

    Report

    The Other Quiet Professionals: Lessons for Future Cyber Forces from the Evolution of Special Forces

    Both special operations forces and cyber forces are small teams of highly skilled specialists, and both communities value skilled personnel above all else. What lessons can be drawn from a review of the commonalities, similarities, and differences between U.S. cyber forces and early U.S. special forces?

    Oct 3, 2014

  • Testimony

    Testimony

    Building on the Quadrennial Homeland Security Review to Improve the Effectiveness and Efficiency of the Department of Homeland Security: Addendum

    Document submitted on July 18, 2014 as an addendum to testimony presented before the House Homeland Security Committee, Subcommittee on Oversight and Management Efficiency on June 20, 2014.

    Jul 18, 2014

  • U.S. Representative John Carter (R-TX) and U.S. Homeland Security Secretary Jeh Johnson on Capitol Hill

    Testimony

    Improving the Effectiveness and Efficiency of the DHS

    If the Department of Homeland Security is to overcome the challenges of uncertain threats and budget constraints, it will need strategic focus to direct resources where they are most needed, strong oversight to assure that resources are used effectively, and cooperation across government to improve efficiency.

    Jun 20, 2014

  • DPU Soldiers conduct cyber defense exercise

    Commentary

    Russia Hacks a U.S. Drone in Crimea as Cyberwarfare Has Gone Wireless

    For American audiences and policymakers alike, cyber activities in Crimea provide a chilling reminder that cyberspace is emerging as a 21st-century global battlefield.

    Apr 7, 2014

  • Network defender working at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs

    Commentary

    Don't Buy the Cyberhype

    Although the risk of a debilitating cyberattack is real, the perception of that risk is far greater than it actually is, writes Martin Libicki. In fact, a major cyberattack of the kind intelligence officials fear has not taken place in the 21 years since the Internet became accessible to the public.

    Aug 16, 2013

  • Periodical

    Periodical

    RAND Review: Vol. 37, No. 1, Summer 2013

    Stories discuss the harms caused by sexual assault in the military; the prospects for minimalist international interventions; cyber threats and nations' responses to them; and the rising costs of dementia in the United States.

    Jul 15, 2013

  • server, datacenter, computer, network, room, interior, data, center, networking, rack, hosting, internet, web, framework, farm, workstation, render, pc, tower, cluster, database, business, security, technology, mainframe, equipment, white, processor, ethernet, storage, servers, industry, connection, row, firewall, hardware, service, infrastructure, system, information, domain, host, object, terminal, telecommunication, communication, black, net, connectivity, 3d

    Report

    Stocktaking Military Cyber Defense Capabilities in the European Union

    As the stakes of cyber threats rise, the EU needs to be able to provide a consistent level of cyber defense capability across member states. This stocktaking exercise aimed to inform further action at the EU and national level.

    Jun 3, 2013

  • 24th MEU,Realistic Urban Training,RUT,Sgt. Richard Blumenstein

    Report

    Brandishing Cyberattack Capabilities

    No one knows quite what would happen if a country suffered a full-fledged cyberattack, despite the plethora of skirmishes. But while cyberattack capabilities cannot easily be used to shape the behavior of others, this does not mean they cannot be used at all.

    May 13, 2013

  • Testimony

    Managing September 12th in Cyberspace

    "The U.S., while worried about a '9/11 in cyberspace,' also ought to worry about what a '9/12 in cyberspace' would look like," warns Martin C. Libicki in testimony presented before the House Foreign Affairs Committee, Subcommittee on Europe, Eurasia, and Emerging Threats on March 21, 2013. The consequences of the reaction to a cyberattack could be more serious than the consequences of the original action itself.

    Mar 21, 2013

  • Red network cables

    Testimony

    Managing September 12th in Cyberspace

    The U.S., while worried about a "9/11 in cyberspace," also ought to worry about what a "9/12 in cyberspace" would look like. The consequences of the reaction to a cyberattack could be more serious than the consequences of the original action itself.

    Mar 20, 2013

  • Globe and computer keyboard

    Commentary

    What Is an Act of Cyberwar? It's a Decision, Not a Conclusion

    Perhaps making war can persuade the attacker to stop. Yet, war also risks further disruption, great cost, as well as possible destruction and death—especially if matters escalate beyond cyberspace, writes Martin Libicki.

    Mar 4, 2013

Research conducted by