Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Start single access now
Request access for companies
EXTENDED SEARCH
Log in
Top

Hint

Swipe to navigate through the chapters of this book

Published in:
Introduction Read chapter Read first chapter

2022 | OriginalPaper | Chapter

Cyber Offence Dominance, Regional Dynamics, and Middle Power–led International Cooperation

Author : Mason Richey

Published in: Cybersecurity Policy in the EU and South Korea from Consultation to Action

Publisher: Springer International Publishing

Log in

Abstract

Despite the maturing of the cyber domain as an important area of contestation and conflict vector, there are no truly multilateral conventions governing cyber operations and cyberconflict in terms of national and military security. This is problematic because a lack of norms both (a) incentivizes predatory behaviour and (b) increases risks of misperception, misunderstanding, cybersecurity dilemmas, and conflict escalation. In this context, this chapter provides a cyber threat landscape and analyses strategic competition and conflict among selected states in East Asia (the US, China, South Korea, North Korea, Japan, Russia) via the cyber domain. Following that, this chapter applies offence-defence theory to the cyber domain in order to predict states’ likely cyberspace behaviour. To this end, the chapter argues that the cyber domain is offence dominant, leading to increased risks of escalatory chainganging. Flowing from this analysis, the chapter seeks to determine what kinds of international cooperation could reduce this escalatory cyber tendency, and how the EU is cooperating with like-minded states such as South Korea to reduce cyber threats.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter EU-South Korea Cooperation on Cybersecurity, Data Protection and Emerging Technologies
next chapter Developing a Collective Retorsion Framework Against Malicious Cyber Operations: Opportunities and Steps for EU-South Korea Cybersecurity Cooperation
Footnotes
1
For example, UN 1st Committee on ITU and 2021 76th session on Agenda item 95 (Developments in the field of information and telecommunications in the context of international security); 2001 Convention on Cybercrime; EU Directive on NIS Security; NATO Tallinn Manuals and others mentioned in this volume.
 
2
Gary Corn (2019). “National Cyber Security: Navigating Gray-Zone Challenges in and through Cyberspace.” In Complex Battlespaces: The Law of Armed Conflict and the Dynamics of Modern Warfare (eds. Winston Williams and Christopher Ford). (Oxford: Oxford University Press); Mark Emem (2019). “North Korea’s $700 million Crypto Theft Chest Could Fund Nukes: Report.” CNN (April 15). (https://​www.​ccn.​com/​north-koreas-700-million-crypto-theft-chest-could-fund-nukes-report/​); Hannah Murphy (2019). “Cyber security companies race to combat ‘deepfake’ technology.” Financial Times (August 16). (https://​www.​ft.​com/​content/​63cd4010-bfce-11e9-b350-db00d509634e).
 
3
Sandra Erwin (2018). “Defense inspector general finds key Air Force space programs vulnerable to cyber attacks, sabotage.” Space News (August 16). (https://​spacenews.​com/​defense-inspector-general-finds-key-air-force-space-programs-vulnerable-to-cyber-attacks-sabotage/​); Patricia Lewis and Beyza Unal (2019). “The Destabilizing Danger of Cyberattacks on Missile Systems.” Chatham House—Expert Comment (April 2). (https://​www.​chathamhouse.​org/​expert/​comment/​destabilizing-danger-cyberattacks-missile-systems); Sue Halpern (2019). “How Cyber Weapons Are Changing the Landscape of Modern Warfare.” The New Yorker (July 18). (https://​www.​newyorker.​com/​tech/​annals-of-technology/​how-cyber-weapons-are-changing-the-landscape-of-modern-warfare); Lora Saalman (ed.) (2019). The Impact of Artificial Intelligence on Strategic Stability and Nuclear Risk (Vol. II—East Asian Perspectives). SIPRI Report (October).
 
4
Nina Kollars and Emma Moore (2019). “Every Marine A Blue-Haired Quasi-Rifleperson?” War on the Rocks (August 21). (https://​warontherocks.​com/​2019/​08/​every-marine-a-blue-haired-quasi-rifleperson/​).
 
5
Kenneth Waltz (1979). Theory of International Politics. (Reading, MA: Addison-Wesley).
 
6
Charles Glaser and Chaim Kaufmann (1998). “What is the Offense-Defense Balance and Can We Measure It?” International Security 22(4): 44–82; Keir Lieber (2011). “Mission Impossible: Measuring the Offense-Defense Balance with Net Military Balance.” Security Studies 20: 451–459; Rebecca Slayton (2017). “What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment.” International Security 41(3): 72–109.
 
7
Thomas Christensen and Jack Snyder (1990). “Chained Gangs and Passed Bucks: Predicting Alliance Patterns in Multipolarity.” International Organization 44(2): 137–168.
 
10
Ibid.
 
12
Ken Dilanian and Kelly O’Donnell (2021). “Russian criminal group suspected in Colonial pipeline ransomware attack.” NBC News (May 10). (https://​www.​nbcnews.​com/​politics/​national-security/​russian-criminal-group-may-be-responsible-colonial-pipeline-ransomware-attack-n1266793).
 
13
For systems relying on software—especially in the security/defence sector, as well as critical systems—one strategy is to target software elements that go into a facility’s operating system, without the software’s users being aware that the software supply chain was compromised.
 
14
Kim Zetter (2015). Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon. (New York: Crown Publishing).
 
15
Ankit Panda (2018). “US ‘Left of Launch’ Cyber Effort Might Increase Korean Peninsula Nuclear Dangers.” The Diplomat (October, 22). (https://​thediplomat.​com/​2018/​10/​us-left-of-launch-cyber-efforts-might-increase-korean-peninsula-nuclear-dangers/​).
 
16
Robert Lipovsky and Anton Cherapanov (2016). “BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry.” WeLiveSecurity (January 4). (https://​www.​welivesecurity.​com/​2016/​01/​04/​blackenergy-trojan-strikes-again-attacks-ukrainian-electric-power-industry/​).
 
17
Tobias Burgers and David Farber (2021). “China’s Dangerous Step Toward Cyber Conflict.” The Diplomat (March 12). (https://​thediplomat.​com/​2021/​03/​chinas-dangerous-step-toward-cyber-war/​).
 
18
Jack Stubbs et al. (2019). “Inside the West’s failed fight against China’s ‘Cloud Hopper’ hackers.” Reuters (June 26). (https://​www.​reuters.​com/​investigates/​special-report/​china-cyber-cloudhopper/​); David Pegg and Sam Cutler (2021). “What is Pegasus spyware and how does it hack phones?” The Guardian (July 18). (https://​www.​theguardian.​com/​news/​2021/​jul/​18/​what-is-pegasus-spyware-and-how-does-it-hack-phones).
 
19
Lily Newman (2020). “No one Knows How Deep Russia’s Hacking Rampage Goes.” Wired (December 14). (https://​www.​wired.​com/​story/​russia-solarwinds-supply-chain-hack-commerce-treasury/​).
 
20
Burgers and Farber (2021).
 
21
Federation of American Scientists. NSPMs—Donald J. Trump Administration. (https://​fas.​org/​irp/​offdocs/​nspm/​index.​html).
 
22
Julia Voo et al. (2020). National Cyber Power Index. Harvard Belfer Center (https://​www.​belfercenter.​org/​sites/​default/​files/​2020-09/​NCPI_​2020.​pdf).
 
23
Hannes Ebert and Laura Groenendaal (2020). “Cyber Resilience and Diplomacy in the Republic of Korea: Prospects for EU Cooperation.” EU Cyberdirect Digital Dialogue. (https://​eucyberdirect.​eu/​wp-content/​uploads/​2020/​08/​digital-dialogue-rok.​pdf).
 
24
Slayton (2017).
 
25
Meir Kalech (2019). “Cyber-attack detection in SCADA systems using temporal pattern recognition techniques.” Computers and Security 84 (July): 225–238.
 
26
Christopher Bartos (2016). “Cyber Weapons Are Not Created Equal.” Proceedings of the US Naval Institute (Vol. 142, June). (https://​www.​usni.​org/​magazines/​proceedings/​2016/​june/​cyber-weapons-are-not-created-equal).
 
27
Ibid. Slayton (2017) argues that cost is not a critical factor in the cyber offence-defence balance, as the relative costs of both aspects of the domain are very low. She also shows that offensive cost itself is not monotonic, but depends on the objective. A standard hacking operation favours offence on cost grounds, but a complex operation (e.g., Stuxnet) is very expensive.
 
28
Slayton (2017); John Davis II et al (2017). Stateless Attribution: Toward International Accountability in Cyberspace. (Santa Monica, CA: RAND Corporation). (https://​www.​rand.​org/​pubs/​research_​reports/​RR2081.​html); Office of the United States Director of National Intelligence (2018). A Guide to Cyber Attribution. (https://​www.​dni.​gov/​files/​CTIIC/​documents/​ODNI_​A_​Guide_​to_​Cyber_​Attribution.​pdf).
 
29
Joshua Rovner (2019). “Cyber War as an Intelligence Contest.” War on the Rocks (September 16). (https://​warontherocks.​com/​2019/​09/​cyber-war-as-an-intelligence-contest/​).
 
30
Martin Libicki (2009). Cyberdeterrence and Cyberwar. (Santa Monica, CA: Rand Corporation). (https://​www.​rand.​org/​content/​dam/​rand/​pubs/​monographs/​2009/​RAND_​MG877.​pdf); Timothy McKenzie (2017). “Is Cyber Deterrence Possible?” Air Force Research Institute Papers (January). (https://​media.​defense.​gov/​2017/​Nov/​20/​2001846608/​-1/​-1/​0/​CPP_​0004_​MCKENZIE_​CYBER_​DETERRENCE.​PDF). The 2020 Foreign Affairs article by US NSA/Cyber Command head Paul Nakasone addresses cyberspace competition without even using the word deterrence. He focuses on making cyberattacks harder and more expensive, and limiting success (more like counterespionage). See: Paul Nakasone and Michael Sulmeyer (2020). “How to Compete in Cyberspace: Cyber Command’s New Approach.” Foreign Affairs (August).
 
31
Sandeep Baliga et al. (2019). “Deterrence with Imperfect Attribution.” MIT Economics Department Working Paper (February 12). (http://​home.​uchicago.​edu/​~bdm/​PDF/​deterrence.​pdf); Sandeep Baliga et al. (2019). “The Case for a Cyber Deterrence Plan that Works.” The National Interest (March 5). (https://​nationalinterest​.​org/​feature/​case-cyber-deterrence-plan-works-46207).
 
32
Joseph Nye (2016). “Deterrence and Dissuasion in Cyberspace.” International Security 41(3): 44–71.
 
33
Cyberspace Solarium Commission of the United State of America (2020). Report of the Cyberspace Solarium Commission.
 
34
Rovner (2019).
 
35
Christensen and Snyder (1990).
 
36
Waltz (1979).
 
37
Mason Richey (2019). “US-led Alliances and Contemporary International Security Disorder: Comparative Responses of the Transatlantic and Asia-Pacific Alliance Systems.” Journal of Asian Security and International Affairs 6(3): 275–298.
 
38
Robert Jervis (1978). “Cooperation Under the Security Dilemma.” World Politics 30 (January 1978): 167–214; Christensen and Snyder (1990).
 
39
Ibid.
 
40
Jervis (1978).
 
41
Mason Richey (2020). “Alliance Politics and Policy in the Multipolar Indo-Asia-Pacific: The Hub-and-Spokes System Between Buckpassing and Chainganging.” The International Spectator 55(1): 1–17.
 
42
Mara Hvistendahl (2010). “China’s Hacker Army.” Foreign Policy (March 3). (https://​foreignpolicy.​com/​2010/​03/​03/​chinas-hacker-army/​); David Sanger et al. (2013). “Chinese Army Unit Is Seen as Tied to Hacking Against U.S.” New York Times (February 19).
 
43
United States Department of Defense (DOD) (2018). 2018 Cyber Strategy and Cyber Posture Review; Ellen Nakashima (2018). “White House Authorizes ‘Offensive Cyber Operations’ to Deter Foreign Adversaries.” Washington Post (September 20); Jeff Kosseff (2019). “The Contours of ‘Defend Forward’ Under International Law.” 2019 11th International Conference on Cyber Conflict. (June). (https://​ccdcoe.​org/​uploads/​2019/​06/​Art_​17_​The-Contours-of-Defend-Forward.​pdf).
 
44
Kosseff (2019).
 
45
Robert Chesney (2018). “The 2018 DOD Cyber Strategy: Understanding ‘Defense Forward’ in Light of the NDAA and PPD-20 Changes.” Lawfare (September 25). (https://​www.​lawfareblog.​com/​2018-dod-cyber-strategy-understanding-defense-forward-light-ndaa-and-ppd-20-changes).
 
47
CSIS (2019).
 
48
State Council (People’s Republic of China) (2015). China’s Military Strategy. (http://​english.​www.​gov.​cn/​archive/​white_​paper/​2015/​05/​27/​content_​281475115610833.​htm); Ben Buchanan and Robert Williams (2019). “A Deepening U.S.-China Cybersecurity Dilemma.” Lawfare (October 24); Lyu Jinghua (2019). “What Are China’s Cyber Capabilities and Intentions?” Carnegie Endowment for International Peace—IPI Global Observatory (April 1). (https://​carnegieendowmen​t.​org/​2019/​04/​01/​what-are-china-s-cyber-capabilities-and-intentions-pub-78734). See also the conclusion of Kyu-dok Hong and Seong-jong Song in this volume.
 
49
Kathleen Hicks et al. (2019). “China in the grey zone.” European Center of Excellence Strategic Analysis 4/2019. (https://​www.​hybridcoe.​fi/​wp-content/​uploads/​2019/​09/​Strategic-Analysis-4_​2019_​rgb.​pdf).
 
50
Robert Work and Greg Grant (2019). “Beating the Americans at their Own Game: An Offset Strategy with Chinese Characteristics.” CNAS Report (June 6). (https://​www.​cnas.​org/​publications/​reports/​beating-the-americans-at-their-own-game).
 
51
Ibid.
 
52
Fiona Cunningham (2018). Maximizing leverage: explaining China’s strategic force postures in limited wars. PhD dissertation (Massachusetts Institute of Technology). (https://​dspace.​mit.​edu/​handle/​1721.​1/​121602).
 
53
Karsten Friis and Jens Ringsmose (2016). Conflict in Cyberspace: Theoretical, strategic, and legal perspectives. (Abingdon, UK: Routledge); Buchanan and Williams (2018); Jinghua (2019); CSIS (2019).
 
54
CSIS (2019).
 
55
Kim Chong Woo (2019). “The Evolution of North Korean Cyber Threats.” Asan Forum (February 20). (http://​en.​asaninst.​org/​contents/​the-evolution-of-north-korean-cyber-threats/​); Ed Cesar (2021). “The Incredible Rise of North Korea’s Hacking Army.” The New Yorker (April 26). (https://​www.​newyorker.​com/​magazine/​2021/​04/​26/​the-incredible-rise-of-north-koreas-hacking-army).
 
56
Ibid.; CSIS (2019); Quentin Hodgson et al. (2019). Fighting Shadows in the Dark: Understanding and Countering Coercion in Cyberspace. (Santa Monica, CA: RAND Corporation). (https://​www.​rand.​org/​pubs/​research_​reports/​RR2961.​html?​utm_​campaign=​&​utm_​content=​1568663851&​utm_​medium=​rand_​social&​utm_​source=​twitter).
 
57
CSIS (2019).
 
58
Franz-Stefan Gady (2017). “Japan’s Defense Ministry Plans to Boost Number of Cyber Warriors.” The Diplomat (July 17). (https://​thediplomat.​com/​2017/​07/​japans-defense-ministry-plans-to-boost-number-of-cyber-warriors/​).
 
59
Gady (2017).
 
60
Friis and Ringmose (2016); CSIS (2019); Export.​gov (2019). Japan—Cyber Security. Export.​gov (September 6). (https://​www.​export.​gov/​article?​id=​Japan-Cyber-Security).
 
61
Gady (2017).
 
63
David Gompert and Martin Libicki (2014). “Cyber Warfare and Sino-American Crisis Instability.” Survival 56(4): 7–22.
 
64
Eric Gartzke and Jon Lindsay (2017). “Thermonuclear Cyberwar.” Journal of Cybersecurity 3(1): 37–48.
 
65
Work and Grant (2019).
 
66
Gartzke and Lindsay (2017).
 
67
Robert Farley (2018). “Did the Obama-Xi Cyber Agreement Work?” The Diplomat (August 11). (https://​thediplomat.​com/​2018/​08/​did-the-obama-xi-cyber-agreement-work/​).
 
68
Geneva Internet Platform (2020). France and partners propose a programme of action for advancing responsible state behavior in cyberspace. (https://​dig.​watch/​updates/​france-and-partners-propose-programme-action-advancing-responsible-state-behaviour).
 
69
United Nations Group of Government Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (GGE), and Open Ended Working Group (OEWG). Its final output is a 2021 report on cyber norms, notably for hacking of critical infrastructure: United Nations (2021). Report of the Group of Governmental Experts on Advancing responsible State behavior in cyberspace in the context of international security (https://​front.​un-arm.​org/​wp-content/​uploads/​2021/​06/​final-report-2019-2021-gge-1-advance-copy.​pdf).
 
70
United Nations (CCDCOE). 2015 UN GGE Report: Major Players Recommending Norms of Behaviour, Highlighting Aspects of International Law. (https://​ccdcoe.​org/​incyder-articles/​2015-un-gge-report-major-players-recommending-norms-of-behaviour-highlighting-aspects-of-international-law/​); Geneva Internet Platform (2019). UN GGE and OEWG. (https://​dig.​watch/​processes/​un-gge).
 
71
Center for Cyber and Homeland Security (2016). Into the Gray Zone: The Private Sector and Active Defense Against Cyber Threats. GWU CCHS Project Report (October). (https://​cynergia.​mx/​wp-content/​uploads/​2016/​12/​CCHS-ActiveDefenseRep​ortFINAL.​pdf).
 
72
Ibid.
 
73
EU Cyber Direct (2020). EU-ROK Cyber Consultations: Resilience and Trust in Cyberspace (December). (https://​www.​gmfus.​org/​publications/​eu-rok-consultations-resilience-and-trust-cyberspace).
 
74
European Commission (2020). Proposal for a Regulation of the European Parliament and of the Council on Digital Operational Resilience for the Financial Sector. (https://​eur-lex.​europa.​eu/​legal-content/​EN/​TXT/​?​uri=​CELEX%3A52020PC0595).
 
Literature
Sandeep Baliga et al (2019). “The Case for a Cyber Deterrence Plan that Works.” The National Interest (March 5).
Ben Buchanan and Robert Williams (2019). “A Deepening U.S.-China Cybersecurity Dilemma.” Lawfare (October 24).
Thomas Christensen and Jack Snyder (1990). “Chained Gangs and Passed Bucks: Predicting Alliance Patterns in Multipolarity.” International Organization 44(2): 137–168.
Gary Corn (2019). “National Cyber Security: Navigating Gray-Zone Challenges in and through Cyberspace.” In Complex Battlespaces: The Law of Armed Conflict and the Dynamics of Modern Warfare (eds. Winston Williams and Christopher Ford). (Oxford: Oxford University Press).
Cyberspace Solarium Commission of the United State of America (2020). Report of the Cyberspace Solarium Commission.
Karsten Friis and Jens Ringsmose (2016). Conflict in Cyberspace: Theoretical, strategic, and legal perspectives. (Abingdon, UK: Routledge).
Eric Gartzke and Jon Lindsay (2017). “Thermonuclear Cyberwar.” Journal of Cybersecurity 3(1): 37–48.
Charles Glaser and Chaim Kaufmann (1998). “What is the Offense-Defense Balance and Can We Measure It?” International Security 22(4): 44–82.
David Gompert and Martin Libicki (2014). “Cyber Warfare and Sino-American Crisis Instability.” Survival 56(4): 7–22.
Robert Jervis (1978). “Cooperation Under the Security Dilemma.” World Politics 30 (January 1978): 167–214.
Meir Kalech (2019). “Cyber-attack detection in SCADA systems using temporal pattern recognition techniques.” Computers and Security 84 (July): 225–238.
Keir Lieber (2011). “Mission Impossible: Measuring the Offense-Defense Balance with Net Military Balance.” Security Studies 20: 451–459.
Ellen Nakashima (2018). “White House Authorizes ‘Offensive Cyber Operations’ to Deter Foreign Adversaries.” Washington Post (September 20).
Paul Nakasone and Michael Sulmeyer (2020). “How to Compete in Cyberspace: Cyber Command’s New Approach.” Foreign Affairs (August).
Joseph Nye (2016). “Deterrence and Dissuasion in Cyberspace.” International Security 41(3): 44–71.
Mason Richey (2019). “US-led Alliances and Contemporary International Security Disorder: Comparative Responses of the Transatlantic and Asia-Pacific Alliance Systems.” Journal of Asian Security and International Affairs 6(3): 275–298.
Mason Richey (2020). “Alliance Politics and Policy in the Multipolar Indo-Asia-Pacific: The Hub-and-Spokes System Between Buckpassing and Chainganging.” The International Spectator 55(1): 1–17.
Lora Saalman (ed.) (2019). The Impact of Artificial Intelligence on Strategic Stability and Nuclear Risk (Vol. II—East Asian Perspectives). SIPRI Report (October).
David Sanger et al. (2013). “Chinese Army Unit Is Seen as Tied to Hacking Against U.S.” New York Times (February 19).
Rebecca Slayton (2017). “What Is the Cyber Offense-Defense Balance? Conceptions, Causes, and Assessment.” International Security 41(3): 72–109.
United States Department of Defense (DOD) (2018). 2018 Cyber Strategy and Cyber Posture Review.
Kenneth Waltz (1979). Theory of International Politics. (Reading, MA: Addison-Wesley).
Kim Zetter (2015). Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon. (New York: Crown Publishing).
Metadata
Title
Cyber Offence Dominance, Regional Dynamics, and Middle Power–led International Cooperation
Author
Mason Richey
Copyright Year
2022
Book
Cybersecurity Policy in the EU and South Korea from Consultation to Action

Print ISBN: 978-3-031-08383-9

Electronic ISBN: 978-3-031-08384-6

Copyright Year: 2022

DOI
https://doi.org/10.1007/978-3-031-08384-6_4

Premium Partner