1.1 Introduction
Cyber warfare started as a low intensity activity among nations and was initially used for nuisance attacks such as website defacement and denial of service attacks but it has developed into a fierce cyber arms race among countries. Cyber warfare now figures prominently in doctrines of major military superpowers and terrorist organizations. There have been cyber warfare incidents in the past where attacks were launched on Estonia and Georgia in context of political conflicts with Russia. There have also been attacks on South Korea and Japan related to regional political conflicts involving similar modes of attacks. Aside from these overt attacks, there have been several covert attacks involving espionage across different countries where both the military and civilian infrastructure is targeted. There are suspicions that countries are attempting to intrude into the critical infrastructure of other countries to gain a strategic lever during conflict. There is also an apprehension that the Internet could be used to change national ideological and cultural values; along these same lines, a strong concern is that social media could be used to cause upheaval and overthrow governments. Countries are blaming each other for attacks and espionage while at the same time planning their own cyber warfare strategy. Mutual distrust among nations is driving them to invest in cyber warfare capabilities in order to gain strategic leverage over other countries while at the same time lobbying for slowing down the other countries. A big fear is cyber attack launched from a country by groups outside of government control could trigger a kinetic response.
There have been attempts at creating international treaties and laws related to cyber crime and cyber warfare but these are moving at a very slow pace while traditional military rivals jockey with each other to gain their own strategic advantage. A key impediment to building consensus on cyber warfare treaties is the inherent anonymity of the Internet that can camouflage the identity of the perpetrators and make it attribution of attacks to any specific individual, group, or nation uncertain. Attacks launched by actors who are not in direct control of the state can trigger a misdirected counter attack at a nation state. There is an additional problem of misdirection where attackers can deliberately leave a trail to implicate other parties for their activities. Countries are thus reluctant to sign any legal document that will hold them responsible for activities that can get misattributed to them through subterfuge and deceit of other countries.
Realizing the futility of attempting to forge a broad consensus on enforceable international treaties on cyber warfare and the urgency to cool down the torrid cyber arms race. There have been attempts at confidence building measures as a prelude to eventual signing of treaties. Efforts to create confidence-building measures to reduce the threat of cyber warfare are active in several international bodies including the United Nations (UN) and the Organization for Security and Cooperation in Europe (OSCE). States are attempting (or pretending) to cooperate with each other while at the same time competing with one another in the cyber arms race.
Game theory is well suited for analyzing relationships among multiple actors, who in this case include, nation states, non-state actors (terrorists, hacktivists, etc.), and supranational organizations (e.g., UN, OSCE, etc.). Since the seminal work of Von Neumann and Morgenstern () The Theory of Games and Economic Behavior, game theory has been used extensively for studying international relations. There are several areas where game theoretic models are suitable including security, economics, education, environment, human rights, and international law. In this chapter we focus on the security issues related to cyber warfare and formulate problems in the cyber warfare domain using game theoretical models. The chapter does not contain a deep mathematical development in this field but rather focuses on demonstrating the modeling of game theoretic concepts for cyber warfare.
The rest of the chapter is organized as follows: Sect. discusses the models in details followed by a succinct conclusion.
1.2 Cyber Warfare
Definition of cyber attacks is contextual: depending on the actors, motivation, targets, and actions, they can be called cyber terrorism, cyber crime, cyber activism, etc. There are several distinct modes of conflicts related to cyber warfare. Understanding the relationships between actors, their behavior, and their motivations is essential in order to understand cyber warfare better and to reduce chances of a serious cyber conflict. We use game theoretic models to look at positions of the key players on each of these conflicts to understand the dynamics among the players in these conflicts. We select four modes of cyber conflict that are dominating international cyber politics for further analysis including: (1) social media wars that influences a countrys internal politics often with a goal of fomenting social uprisings that can result in political change; (2) strategic war aimed at causing damage for the adversary as well as pillaging resources (e.g., industrial espionage); for this, countries are acquiring resources to conduct both espionage and develop tools that can be used to disable the adversarial activities occurring in critical infrastructure including power, communication, media, Internet, etc.; (3) ideological battle where fundamentalist organizations use the Internet to spew their ideology and to recruit members in other countries for their cause; (4) citizen-initiated war where a countrys civilians directly attack another countrys citizens and institutions as a part of larger conflict (ideological or kinetic).
Foreign intervention through social media has become a significant fear for countries leading to aggressive monitoring if not outright controlling of social media content. Some countries have already invested in censorship and control of the Internet mainly driven by intention to decrease political unrest or ideological and religion polluting. Social media-facilitated revolutions have driven some countries to the point of paranoia regarding control of online activity. If this type of distrust keeps growing, there is only one logical conclusion: separation of the Internet across country borders. A separated Internet could have severe consequences with negative impacts from the individual to national level from social relationships, educational pursuits, commerce, and tourism. In a lot of the authoritarian and corrupt regimes the conditions on the ground are ripe for popular revolutions. In the past, they have been kept in check through censorship and coercion. Social media has provided a forum for organizing large scale protestswhich countries are prone to such attacks and which countries have incentives to sponsor such attacks.