On Lawfare Lennart Maschmeyer notes how American military cyberwarfare is transitioning its operational theories:
The United States Cyber Command is fundamentally changing its cyber strategy, moving from restraint and deterrence toward a posture of persistent engagement. This new strategy is better aligned with the practice of cyber conflict, and its innovativeness is reflected in the lively debate it has generated among scholars and practitioners. Much of this debate has focused on the lack of clarity concerning the strategy’s implementation and the resulting risks of unintended consequences. Some analysts have argued that persistent engagement could provoke escalation due to misperception. Others claim it may cause friction with allies and signal normative acceptance of adversaries’ disruptive operations. The underlying theory has received less attention, however, despite its importance.
The theory of “cyber persistence” that informs the strategy of persistent engagement is a key contribution by Michael Fischerkeller and Richard Harknett. This theory rests on a crucial assumption: that the interconnectedness of modern information communications technology is the fundamental organizing principle of cyber conflict, because it places actors in a condition of constant contact. According to the theory’s proponents, this condition of constant contact is what renders the adoption of a strategy of persistent engagement imperative.
I argue this logic is flawed.
This is more involved than I have time to explore in detail, but I found this bit particularly interesting:
Neglecting this role of secrecy leads to two pitfalls. First, the strategy of persistent engagement may inadvertently upend the existing dynamic of competition under secrecy, as perceived by adversaries, leading to unintended consequences and instability. As scholars have noted, past forms of competition under secrecy followed a clear set of tacitly agreed rules—one key rule being the avoidance of reprisals against operational centers. As Stephen Grey underlines, in the Cold War intelligence contest, “by tacit agreement, the superpowers never tried to assassinate each other or take reprisals.” Rather than perpetuating stability under these tacitly agreed rules, persistent engagement may upend it by maneuvering “as close as possible” to adversary operational centers, as Gen. Paul Nakasone has suggested. Persistent engagement thus risks disrupting this strategic space, causing instability by signaling to adversaries that reprisals for intelligence coups affecting operational centers are now fair game. Unless the United States Cyber Command enjoys unrivaled dominance in this competition—which is far from clear based on past cyber conflicts—this change is likely to tie down significant resources in fending off adversary operations aiming to create the same “organizational friction” within Cyber Command that Fischerkeller and Harknett propose to impose on adversary operational centers.
Willing to take some losses – typically of intellectual resources, I would expect, rather than actual deaths and damage – in order to keep a fragile peace when the alternative is all-out war is a sensible approach to international low-level conflict. But it’s not hard to see inexperienced amateurs getting all bulgy eyed over it, is it?
We’ve seen a number of incidents of ransomware over the last few years, but I am unaware as to whether the identity of the malefactors has been positively ascertained and tabulated. If we see an escalation, it’ll be interesting to hear if it’s blamed on this change operational theories – and if we decide to go back to accepting small losses in return for accomplishments of our own – think Stuxnet – and no stunning disasters.