![Sample our Politics & International Relations journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5947/TOC-Subject-Sample-2021-Politics-International-Relations.jpg"})
ABSTRACT
This article evaluates the implications of U.S. cyber strategy of persistent engagement for the alliance and intelligence collection. Whilst the strategy may have benefits for certain alliance relationships, I identify four potential negative consequences; loss of allied trust, disruption allied intelligence operations and capabilities, exploitability of the strategy by adversaries, and the implementation (and justification) of persistent engagement by other countries. This paper concludes suggesting several ways forward, including the creation of a new NATO-memorandum of understanding on cyber operations.
Acknowledgements
For written comments on early drafts, I am indebted to Jamie Collier, Florian Egloff, Richard Harknett, Jason Healey, Herbert Lin, James N. Miller, James Shires, and Diana van der Watt. I also thank the participants of the workshop ‘The Transatlantic Dialogue on Military Cyber Operations’, held in Amsterdam in August 2019.
Disclosure statement
No potential conflict of interest was reported by the author.
Notes
1. US Cyber Command, “Achieve and Maintain Cyberspace Superiority”; and Department of Defense, “Cyber Strategy 2019.”
2. Ibid.
3. Note, however, that the strategy itself is silent on this issue as Smeets and Lin note. Also, as Jacquelyn Schneider notes, “It is almost impossible to prove assumptions about escalation. So much of escalation is based on perceptions [.] that it is both impossible to say that an action will never lead to escalation or that it will always lead to escalation.” Smeets and Lin, “4 A Strategic Assessment of the U.S. Cyber Command Vision”; and Schneider, “Persistent Engagement.”
4. Healey, “Triggering the New Forever War, in Cyberspace”; and Healey, “The Implications of persistent (and permanent) engagement in cyberspace.”
5. The paper also provides an excellent historical analysis of the intellectual and policy origins of the new strategy. Healey, “The implications of persistent (and permanent) engagement in cyberspace.”
6. Buchanan and Williams, “A Deepening U.S.-China Cybersecurity Dilemma”; Chesney, “An American Perspective on a Chinese Perspective on the Defense Department’s Cyber Strategy and ‘Defending Forward’”; Jinghua, “A Chinese Perspective on the Pentagon’s Cyber Strategy”; and Jinghua, “What Really Matters in ‘Defending Forward’?”
7. Fischerkeller and Harknett, “A Response on Persistent Engagement and Agreed Competition”; and Fischerkeller and Harknett, “Persistent Engagement and Tacit Bargaining.”
8. Miller and Pollard, “Persistent Engagement, Agreed Competition and Deterrence in Cyberspace”; and Smeets, “There Are Too Many Red Lines in Cyberspace.”
9. For early reporting on this see: Pomerleau, “New Authorities Mean Lots of New Missions at Cyber Command”; and Borghard and Lonergan, “What Do the Trump Administration’s Changes to PPD-20 Mean for U.S. Offensive Cyber Operations?”
10. Kaminska, Chesney, and Smeets, “A Transatlantic Dialogue on Military Cyber Operations,” For an excellent, more in-depth overview see: Chesney, “CYBERCOM’s Out-of-Network Operations”; and Chesney, “The 2018 DOD Cyber Strategy.”
11. On how interagency processes impacted the effectiveness and efficacy of cyber operations in the past see: McGhee, “Liberating Cyber Offense.”
12. This means that this paper does not seek to provide a general review of persistent engagement and its connected institutional development. For works attempting to conduct this type of exercise see: Smeets and Lin, “Chapter 4: A Strategic Assessment of the U.S. Cyber Command Vision”; and Healey, “The implications of persistent (and permanent) engagement in cyberspace.”
13. The meaning of cyber ‘capability’ or ‘power’ remains contested. For a discussion see: Betz and Stevens, “Cyberspace and the State: Towards a Strategy for Cyber-Power”; and Hathaway, “Cyber Readiness Index 1.0.”
14. US Cyber Command, “Achieve and Maintain Cyberspace Superiority.”
15. Ibid.
16. Nakasone, “A Cyber Force for Persistent Operations.”
17. Goodman, Kirk, and Kirk, “Cyberspace as a medium for terrorists.”
18. USCYBERCOM, “2018 Cyberspace Strategy Symposium Proceedings.”
19. Joint Publication 3–12, “Cyberspace Operations.”
20. Ibid.
21. Buchanan, “The Cybersecurity Dilemma.”
22. GReAT, “Animals in the APT Farm.”
23. Guerrero-Saade and Raiu, “Walking in your Enemy’s Shadow.”
24. Nakashima, “U.S. military cyber operation to attack ISIS last year sparked heated debate over alerting allies”; and Bing, “Command and control.”
25. Chesney, “Title 10 and Title 50 Issues When Computer Network Operations Impact Third Countries.”
26. See note 14 above.
27. Bing, “Command and control: A fight for the future of government hacking.”
28. Chesney, “Title 10 and Title 50 Issues When Computer Network Operations Impact Third Countries.”
29. See note 14 above.
30. Department of Defense, “Cyber Strategy 2019: Summary.”
31. Ibid.
32. Whilst the U.S. Cyber Command’s reported action may have violated Germany’s sovereignty, it didn’t explicitly violate the MoU. But it wasn’t an act of CND; it was, but an act of a computer network attack (CNA), seeking to disrupt, deny, degrade or destroy.; Unknown, “Memorandum of Understanding Between the Department of Defense of the United States of America and The Federal Ministry of Defense of the Federal Republic of Germany concerning cooperation on Information Assurance (IA) and Computer Network Defense (CND).”
33. “Memorandum of Understanding Between the Department of Defense of the United States of America and The Ministry of National Defense of the Republic of Korea concerning cooperation on Information Assurance (IA) and Computer Network Defense (CND),” (2 June 2009) https://assets.documentcloud.org/documents/2997984/Document-04.pdf.
34. DoD News, “U.S., Montenegro Conduct Groundbreaking Cyber Defense Cooperation.”
35. Nakashima, “At nations’ request, U.S. Cyber Command probes foreign networks to hunt election security threats”; and Barnes, “U.S. Cyber Command Bolsters Allied Defenses to Impose Cost on Moscow.”
36. U.S. Cyber Command, “The 2019 Cyberspace Strategy Symposium.”
37. Cimpanu, “US Cyber Command starts uploading foreign APT malware to VirusTotal.”
38. See note 36 above.
39. Smeets, “NATO Members’ Organizational Path Towards Conducting Offensive Cyber Operations.”
40. Modderkolk, “Dutch agencies provide crucial intel about Russia’s interference in US-elections.”
41. Kaspersky, “Spy Wars: How nation-state backed threat actors steal from and copy each other”; and Guerrero-Saade and Costin Raiu, “Walking in your enemy’s shadow: when fourth-party collection becomes attribution hell.”
42. See the detailed discussion on exploit orchestrator FoxAcid: Schneier, “How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID”; and Smeets, “A matter of time.”
43. That is, mirroring the case of the U.S. hacking into the German server.
44. See note 19 above.
45. Furthermore, as Schneider notes, the resources to operate seamlessly and continuously are extensive. See: Schneider, “Persistent Engagement.”
46. Delerue, Desforges, and Gery, “A Close Look at France’s New Military Cyber Strategy”; and Goetz, Rosenbach, and Szandar, “National Defense in Cyberspace.”
47. As listed above, already memoranda of understanding exist on CND. These MoUs would focus on CNA.
48. A pre-operation identification of relevant equities and procedures can also promote operational and tactical effectiveness of cyber command as less decisions have to be made on an ad hoc basis.
49. Nakasone, “A Cyber Force for Persistent Operations.”
Additional information
Notes on contributors
Max Smeets
Max Smeets is a senior researcher at the Center for Security Studies (CSS). He is also an Affiliate at Stanford University Center for International Security and Cooperation and Research Associate at the Centre for Technology and Global Affairs, University of Oxford.