Search results

In 2014, Russia launched a "Hybrid War" against Ukraine that, according to some, ushered in a revolution in conflict. The term is notoriously vague, referring to all measures short of war states use to attain strategic aims. States, of course, have long used measures in the "gray zone" between war and peace. Yet they did not always have the Internet."--

The Russian-sponsored influence campaign targeting the 2016 US Presidential Elections surprised policy-makers and scholars, highlighting a gap in theories of (cyber) power. Russia had used information technologies to project power, yet more subtly than prevailing militarized conceptions of cyber power predicted. Rather than causing damage and disruption, it turned sources of American power into vulnerabilities. Recent scholarship emphasizes this mechanism's technological novelty. Instead, I argue this campaign demonstrated the importance of an undertheorized instrument of power: subversion. Integrating Intelligence scholarship and International Relations theory, this article develops an innovative theory of subversion as reverse structural power. Structural power shapes structures of interaction and the capacities of structural positions to the benefit of the holder of such power. Subversion reverses these benefits into harms. It exploits vulnerabilities in structures to secretly manipulate them, leveraging the capacities of structural positions to produce outcomes neither expected nor intended by the holders of structural power. Traditional subversion targets social structures, while cyber operations target sociotechnical structures: namely, Information Communications Technologies (ICTs) embedded in modern societies. The targeted structures differ, yet both rely on subversive techniques of exploitation that reverse structural power. Cyber operations are means of subversion. This theory helps explain two unresolved issues in cybersecurity: the capability–vulnerability paradox and the outsize role of non-state actors. Finally, I demonstrate the theory's utility in a plausibility probe, examining the 2016 Election Interference Campaign. It shows this campaign did not use new "weapons," but rather integrated traditional and sociotechnical means of subversion.

The Russian-sponsored influence campaign targeting the 2016 US Presidential Elections surprised policy-makers and scholars, highlighting a gap in theories of (cyber) power. Russia had used information technologies to project power, yet more subtly than prevailing militarized conceptions of cyber power predicted. Rather than causing damage and disruption, it turned sources of American power into vulnerabilities. Recent scholarship emphasizes this mechanism's technological novelty. Instead, I argue this campaign demonstrated the importance of an undertheorized instrument of power: subversion. Integrating Intelligence scholarship and International Relations theory, this article develops an innovative theory of subversion as reverse structural power. Structural power shapes structures of interaction and the capacities of structural positions to the benefit of the holder of such power. Subversion reverses these benefits into harms. It exploits vulnerabilities in structures to secretly manipulate them, leveraging the capacities of structural positions to produce outcomes neither expected nor intended by the holders of structural power. Traditional subversion targets social structures, while cyber operations target sociotechnical structures: namely, Information Communications Technologies (ICTs) embedded in modern societies. The targeted structures differ, yet both rely on subversive techniques of exploitation that reverse structural power. Cyber operations are means of subversion. This theory helps explain two unresolved issues in cybersecurity: the capability–vulnerability paradox and the outsize role of non-state actors. Finally, I demonstrate the theory's utility in a plausibility probe, examining the 2016 Election Interference Campaign. It shows this campaign did not use new "weapons," but rather integrated traditional and sociotechnical means of subversion.

Abstract
Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear. Many expect cyber operations to provide independent utility in both warfare and low-intensity competition. Underlying these expectations are broadly shared assumptions that information technology increases operational effectiveness. But a growing body of research shows how cyber operations tend to fall short of their promise. The reason for this shortfall is their subversive mechanism of action. In theory, subversion provides a way to exert influence at lower risks than force because it is secret and indirect, exploiting systems to use them against adversaries. The mismatch between promise and practice is the consequence of the subversive trilemma of cyber operations, whereby speed, intensity, and control are negatively correlated. These constraints pose a trilemma for actors because a gain in one variable tends to produce losses across the other two variables. A case study of the Russo-Ukrainian conflict provides empirical support for the argument. Qualitative analysis leverages original data from field interviews, leaked documents, forensic evidence, and local media. Findings show that the subversive trilemma limited the strategic utility of all five major disruptive cyber operations in this conflict.

What determines media coverage on cyber conflict (CC)? Media bias fostering misperception is a well-established problem in conflict reporting. Because of the secrecy and complexity surrounding cyber operations (COs), where most data moreover come from marketing publications by private sector firms, this problem is likely to be especially pronounced in reporting on cyber threats. Because media reporting shapes public perception, such bias can shape conflict dynamics and outcomes with potentially destabilizing consequences. Yet little research has examined media bias systematically. This study connects existing literature on media reporting bias with the CC literature to formulate four theoretical explanations for variation in reporting on COs based on four corresponding characteristics of a CO. We introduce a new dataset of COs reporting by the private sector, which we call the Cyber Conflict Media Coverage Dataset, and media reporting on each of these operations. Consequently, we conduct a statistical analysis to identify which of these characteristics correlate with reporting quantity. This analysis shows that the use of novel techniques, specifically zero-day exploits, is a highly significant predictor of coverage quantity. Operations targeting the military or financial sector generate less coverage. We also find that cyber effect operations tend to receive more coverage compared to espionage, but this result is not statistically significant. Nonetheless, the predictive models explain limited variation in news coverage. These findings indicate that COs are treated differently in the media than other forms of conflict, and help explain persistent threat perception among the public despite the absence of catastrophic cyberattacks.

Public and academic knowledge of cyber conflict relies heavily on data from commercial threat reporting. According to Lennart Maschmeyer, there are reasons to be concerned that these data provide a distorted view of cyber threat activity. This article analyzes an original dataset of available public reporting by the private sector together with independent research centers. It also presents three case studies tracing reporting patterns on a cyber operation targeting civil society. The findings confirm the neglect of civil society threats, supporting the hypothesis that commercial interests of firms will produce a systematic bias in reporting, which functions as much as advertising as intelligence. The result is a truncated sample of cyber conflict that underrepresents civil society targeting and distorts academic debate as well as public policy. ; Das öffentliche und akademische Wissen über Cyber-Konflikte stützt sich in hohem Masse auf Daten aus der kommerziellen Berichterstattung über Bedrohungen. Laut Lennart Maschmeyer gibt es Grund zur Sorge, dass diese Daten ein verzerrtes Bild der Cyber-Bedrohung vermitteln. In diesem Artikel wird ein Originaldatensatz der verfügbaren öffentlichen Berichterstattung des privaten Sektors zusammen mit der Berichterstattung unabhängiger Forschungszentren analysiert. Darüber hinaus werden drei Fallstudien vorgestellt, die die Berichterstattung über eine auf die Zivilgesellschaft gerichtete Cyber-Operation nachzeichnen. Die Ergebnisse bestätigen die Vernachlässigung zivilgesellschaftlicher Bedrohungen und stützen die Hypothese, dass kommerzielle Interessen von Firmen zu einer systematischen Verzerrung der Berichterstattung führen, was wiederum einen ähnlichen Effekt wie Werbung hat. Das Ergebnis ist eine unvollständige Stichprobe des Cyber-Konflikts, die das gezielte Anvisieren der Zivilgesellschaft herunterspielt und sowohl die akademische Debatte als auch die öffentliche Politik verzerrt. ; ISSN:1933-169X ; ISSN:1933-1681