Franklin Kramer (editor) - Cyberpower and National Security

Cyberpower and National Security

RELATED TITLES FROM POTOMAC BOOKS

Asymmetrical Warfare: Todays Challenge to U.S. Military Power
by Roger W. Barnett

The Future of War: Organizations as Weapons
by Mark D. Mandeles

Information Operations: Warfare and the Hard Reality of Soft Power
edited by E. Leigh Armistead

Information Warfare: Separating Hype from Reality
edited by E. Leigh Armistead

Leading at the Speed of Light: New Strategies for
U.S. Security in the Information Age
by Daniel M. Gerstein

Nontraditional Warfare: Twenty-first Century Threats and Responses
by William R. Schilling

Terror on the Internet: The New Arena, the New Challenges
by Gabriel Weimann

Edited by Franklin D. Kramer,
Stuart H. Starr, and Larry K. Wentz

Copublished in the United States by National Defense University Press and Potomac Books, Inc. The opinions, conclusions, and recommendations expressed or implied within are those of the authors and do not necessarily reflect the views of the Department of Defense or any other agency of the Federal Government. This publication is cleared for public release; distribution unlimited. Portions of this book may be quoted or reprinted without further permission, with credit to both National Defense University Press and Potomac Books, Inc.

Library of Congress Cataloging-in-Publication Data

Cyberpower and national security / edited by Franklin D. Kramer, Stuart H. Starr, and Larry K. Wentz. 1st ed.

p. cm.

Includes bibliographical references and index.

ISBN 978-1-59797-423-3 (pbk. : alk. paper)

1. National securityUnited States. 2. Information technologyGovernment policyUnited States. 3. CyberspaceGovernment policyUnited States. 4. CyberterrorismUnited StatesPrevention. I. Kramer, Franklin D., 1945- II. Starr, Stuart H. III. Wentz, Larry K.

UA23.C929 2009

355.343dc22

2009003301

Printed in the United States of America on acid-free paper that meets the American National Standards Institute Z39-48 Standard.

Potomac Books, Inc.
22841 Quicksilver Drive
Dulles, Virginia 20166

First Edition

10 9 8 7 6 5 4 3 2 1

Franklin D. Kramer

Daniel T. Kuehl

Stuart H. Starr

Elihu Zimet and Edward Skoudis

William D. ONeil

Edward Skoudis

Edward Skoudis

Marjory S. Blumenthal and David D. Clark

Edward Skoudis

Gregory J. Rattray

Martin C. Libicki

Elihu Zimet and Charles L. Barry

Richard L. Kugler

Franklin D. Kramer and Larry K. Wentz

Stuart H. Starr

Franklin D. Kramer, Larry K. Wentz, and Stuart H. Starr

Gerard J. Christman

Clay Wilson

Irving Lachow

Timothy L. Thomas

Harold Kwalwasser

Thomas C. Wingfield

John A. McCarthy with Chris Burrow, Maeve Dion,

and Olivia Pacheco

Leon Fuerth

Figures

Tables

THE cyber domain is undergoing extraordinary changes, many of which present exceptional opportunities to the users of cyberspace. This evolution is apparent in the increasing numbers of participants in cyberspace and the quality of their participation, both technically and socially. As an example, it is projected that by the year 2010, approximately 2 billion people will be connected to the Internet. In addition, if the participants in the MySpace Web site were to comprise a nation, it would be the 11th largest country in the world. However, trends in cyberspace also raise major challenges. These arise from the use of cyberspace by malevolent actors (such as terrorists and criminals) and the many security vulnerabilities that plague cyberspace (for example, challenges in attribution, denial of service attacks, and exfiltration or corruption of sensitive data).

In order to exploit these opportunities and to overcome these challenges, we must begin to assemble a balanced body of knowledge on the cyber domain. This book by the Center for Technology and National Security Policy at the National Defense University provides the foundation for that body of knowledge. It is unique in that it has assembled an extraordinary set of world-class experts to provide a holistic view of the complex issues that characterize the cyber domain.

One of the major contributions of this book is that it frames key cyber issues in the appropriate context and formulates sound recommendations for policymakers to pursue. Of equal importance, it identifies key cyber questions that senior decisionmakers will have to address in the near future. These include building the human capacity to address cyber issues, balancing civil liberties with national security considerations, and developing the international partnerships needed to address cyber challenges.

We heartily recommend this book to those of you who will be fortunate enough to realize the opportunities of the cyber domain and overcome its challenges.

THIS book is intended to help create a coherent framework for understanding and utilizing cyberpower in support of national security. Cyberspace and cyber-power are now critical elements of international security. Yet, as was noted during the course of the Department of Defenses (DODs) 2006 Quadrennial Defense Review (QDR), DOD lacks a coherent framework to assess cyber-power policy issues. To redress that shortfall, the Under Secretary of Defense for Policy directed the Center for Technology and National Security Policy (CTNSP) at the National Defense University to undertake a study of the subject area. As the studys terms of reference stated, There is a compelling need for a comprehensive, robust, and articulate cyber power theory that describes, explains, and predicts how our nation should best use cyber power in support of United States (U.S.) national and security interests.

The book is a result of that study. It is divided into six broad areas. The first part provides a foundation and overview of the subject by identifying key policy issues, establishing a common vocabulary, and proposing an initial version of a theory of cyberpower. The second part identifies and explores possible changes in cyberspace over the next 15 years by assessing cyber infrastructure and security challenges. The third part examines the potential impact of changes in cyberspace on military use and deterrence. The fourth part analyzes informational levers of power. The fifth part addresses the extent to which changes in cyberspace serve to empower key entities such as transnational criminals, terrorists, and nation-states. The final part looks at key institutional factors, which include issues concerning governance, legal dimensions, critical infrastructure protection, and organization.

The chapters for this book were the product of several workshops at which experts from government, think tanks, industry, and academia presented their views on the major subject areas. Based on the feedback from those discussions, each presenter developed a chapter for this book. This introduction provides a bottom-up perspective of these chapters, summarizes the major themes of each, and identifies potential next steps.