Cyber Warfare

Featured

Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or denial-of-service attacks. RAND research provides recommendations to military and civilian decisionmakers on methods of defending against the damaging effects of cyber warfare on a nation's digital infrastructure.

  • Accountability in Cyberspace: The Problem of Attribution

    Multimedia

    How to Achieve Accountability in Cyberspace

    Jan 14, 2019

    Identifying the responsible party behind malicious cyber incidents is necessary for holding bad actors accountable. But there are many challenges that accompany cyber attribution. Creating an independent, global organization that investigates and publicly assigns blame for major hacks could help.

  • Russian President Vladimir Putin chairs a meeting with members of the Security Council at the Kremlin in Moscow, Russia, April 5, 2019, photo by Sputnik/Kremlin/Alexei Druzhinin via Reuters

    Commentary

    Mueller Report May Result in Russian Sanctions but Not Better Behavior

    Apr 26, 2019

    The Mueller report could help mobilize political pressure in the United States for a stronger posture toward Russian activities that harm American and allied interests. But the Kremlin will likely still see propaganda, disinformation, and subterfuge as useful tools to undermine America's values and cohesion.

Explore Cyber Warfare

  • Admiral Dennis Blair at RAND's Politics Aside event

    Blog

    Admiral Blair: Middle East Most Serious Threat to U.S.

    Admiral Dennis Blair, former National Intelligence director, discusses how the government gathers and uses intelligence on issues including Iran, cyber warfare, and the Arab Spring. Blair spoke with Reuters Editor-at-Large Sir Harold Evans during the RAND's Politics Aside event.

    Nov 21, 2012

  • Multimedia

    Crisis and Escalation in Cyberspace

    In a presentation at the Google LAX Office, Martin Libicki, Adjunct Management Scientist, RAND Corporation, discusses the evolving field of cyberwarfare, and the form of crisis and escalation in the context of cyberspace.

    Nov 15, 2012

  • U.S. Army Computer Crimes Investigative Unit agent

    Journal Article

    An Enemy Without Boundaries

    As Stuxnet and its like have proved, a determined attacker does not require an Internet connection to implant a worm or a virus, and a network's weaknesses can be exposed quite by accident. Cyber defense is difficult, in large part because a cyber attack is not always obvious.

    Oct 1, 2012

  • A hacker at his computer desk

    Commentary

    Setting International Norms on Cyberwar Might Beat a Treaty

    Restricting cyberweapon development could be harmful inasmuch as its core activity is the discovery of vulnerabilities in software—the very activity also required to bulletproof software against attacks from criminal hackers, writes Martin Libicki.

    Jun 11, 2012

  • Congressional Briefing Podcast

    Multimedia

    Information Sharing for Cyber-Security: Evidence from Europe

    In this May 2012 Congressional Briefing, Neil Robinson presented evidence from empirical studies conducted in Europe regarding cyber-security and information exchange, specifically between organizations such as information sharing and analysis centers, computer emergency response teams, and cyber-crime police.

    May 7, 2012

  • computer image with lock

    Project

    Cybersecurity: Examining Challenges for the Future

    Cyberspace is increasingly important for economic growth, openness, and democracy, but poor cybersecurity can make governments, businesses, and individuals open to cyber attack and cyber crime. RAND Europe conducts a range of research on the topic to advise policymakers.

    Feb 29, 2012

  • Journal Article

    Cyber Policy: Institutional Struggle in a Transformed World

    When it comes to cyber security, the world today is not the future that U.S. policy promised when cyber security first appeared on the national agenda well over a decade ago.

    Jan 1, 2012

  • Journal Article

    Cyberspace Is Not a Warfighting Domain

    Cyberspace has become the new high ground of warfare, the one domain to rule them all and in the ether bind them, which, as this essay will argue, is the wrong way to view cyberspace and what militaries can do by operating within it.

    Jan 1, 2012

  • An exercise at the Joint Cyber Control Center

    Journal Article

    Toward a U.S. Army Cyber Security Culture

    This article defines and explores the concept of cyber security culture within the context of the U.S. Army.

    Sep 1, 2011

  • Commentary

    Could Bin Laden's Death Prompt a Cyber Attack?

    A truly monumental attack that could cripple key U.S. computer systems — something akin to the Stuxnet worms attack on Iran's nuclear infrastructure, for example — would take many months of planning, significant expertise, and a great deal of money to pull off, writes Isaac Porche.

    May 6, 2011

  • Testimony

    Chinese Use of Cyberwar as an Anti-Access Strategy: Two Scenarios

    Testimony presented before the U.S. China Economic and Security Review Commission on January 27, 2011.

    Jan 27, 2011

  • Commentary

    Stuxnet Is the World's Problem

    The highly sophisticated Stuxnet computer worm suspected of sending Iran's nuclear centrifuges into self-destruction mode forces a difficult debate on whether longstanding firewalls in our country's democracy should be breached for the sake of national security, writes Isaac Porche.

    Dec 9, 2010

  • Report

    RAND Project AIR FORCE Annual Report 2010

    This annual report describes selected RAND Project AIR FORCE research during 2010 in the areas of strategy and doctrine; force modernization and employment; manpower, personnel, and training; and resource management.

    Nov 5, 2010

  • Report

    Air Force Cyber Command (Provisional) Decision Support

    This monograph addresses objectives, missions, tasks, and capabilities for the Air Force's new organization to address cyberspace issues (currently 24th Air Force), applying ''to fly and fight'' to cyberspace.

    Feb 24, 2010

  • Report

    Human Capital Management for the USAF Cyber Force

    Identifies and analyzes the human capital management issues associated with the creation of a formal organization dedicated to cyberspace capabilities within the U.S. Air Force.

    Feb 22, 2010

  • Journal Article

    Security, at What Cost?

    Much of the current debate concerning civil liberties and security is adversarial, and little robust research data informs these arguments.This paper outlines the results of a study that attempts to objectively understand the real privacy, liberty and security trade-offs made by individuals, so that policymakers can be better informed about the preferences of individuals with regard to these important issues.

    Jan 1, 2010

  • News Release

    U.S. Must Focus on Protecting Critical Computer Networks from Cyber Attack

    Because it will be difficult to prevent cyber attacks on critical civilian and military computer networks by threatening to punish attackers, the United States must focus its efforts on defending these networks from cyber attack.

    Oct 8, 2009

  • computer programming code

    Report

    Cyberdeterrence and Cyberwar

    Because it will be difficult to prevent cyber attacks on critical civilian and military computer networks by threatening to punish attackers, the United States must focus its efforts on defending these networks from cyber attack.

    Sep 10, 2009

  • Computer password screen

    Commentary

    The Cracks in Data Privacy

    In the future, the EU will inevitably have to adjust its system of rules to cope with the evolving uses of personal data, globalization and international data flows, write Neil Robinson and Lorenzo Valeri.

    May 19, 2009

  • News Release

    Computer-Based Crime to Be Focus of Silicon Valley Forum

    Security experts from the technology industry, law enforcement and academia will outline what is needed to better measure and understand the effect of computer-based crime in the United States during a public forum Sept. 25 in Silicon Valley.

    Sep 13, 2007