Information Warfare/National Security/Cyber Terrorism/Cyberspace/Cyber Conflict Y Conflict and Cooperation a n L n Facilitated by the exceptional handiwork of the editors, this book significantly advances o a w k the effort to achieve common ground in the debates regarding cyberspace. National o in Cyberspace t g h security and cyber-related professionals will find it equally useful in their work. e eo —Lt. Gen. Bob Elder, USAF (Retired) r rg o s The Challenge to National Security Conflict and Cooperation in Cyberspace: The Challenge to National Security brings together some of the world’s most distinguished military leaders, scholars, C cyber operators, and policymakers in a discussion of current and future challenges that o cyberspace poses to the United States and the world. Maintaining a focus on policy- n relevant solutions, it offers a well-reasoned study of how to prepare for war, while fl attempting to keep the peace in the cyberspace domain. i c The discussion begins with thoughtful contributions concerning the attributes t and importance of cyberspace to the American way of life and global prosperity. a Examining the truths and myths behind recent headline-grabbing malicious cyber activity, the book spells out the challenges involved with establishing a robust system n of monitoring, controls, and sanctions to ensure cooperation amongst all stakeholders. d The desire is to create a domain that functions as a trusted and resilient environment C that fosters cooperation, collaboration, and commerce. Additionally, the book: o • Delves into the intricacies and considerations cyber strategists must o contemplate before engaging in cyber war p • Offers a framework for determining the best ways to engage other nations e in promoting global norms of behavior r • Illustrates technologies that can enable cyber arms control agreements a • Dispels myths surrounding Stuxnet and industrial control systems t i o General Michael V. Hayden, former director of the National Security Agency and the n Central Intelligence Agency, begins by explaining why policymakers, particularly those working on cyber issues, must come to understand the policy implications of i n this dynamic domain. Expert contributors from the Air Force Research Institute, MIT, the Rand Corporation, Naval Postgraduate School, NSA, USAF, USMC, and others C examine the challenges involved with ensuring improved cyber security. y b Outlining the larger ethical, legal, and policy challenges facing government, the e private sector, civil society, and individual users, the book offers plausible solutions on r how to create an environment where there is confidence in the ability to assure national s security, conduct military operations, and ensure a vibrant and stable global economy. p a Edited by K20542 c 6000 Broken Sound Parkway, NW e Panayotis A. Yannakogeorgos and Adam B. Lowther Suite 300, Boca Raton, FL 33487 ISBN: 978-1-4665-9201-8 711 Third Avenue 90000 New York, NY 10017 an informa business 2 Park Square, Milton Park www.taylorandfrancis.com Abingdon, Oxon OX14 4RN, UK 9 781466 592018 www.taylorandfrancis.com K20542 cvr mech.indd 1 6/13/13 9:07 AM Conflict and Cooperation in Cyberspace The Challenge to National Security OTHER INFORMATION SECURITY BOOKS FROM AUERBACH Asset Protection through Security Awareness Guide to the De-Identification of Personal Tyler Justin Speed Health Information ISBN 978-1-4398-0982-2 Khaled El Emam ISBN 978-1-4665-7906-4 Automatic Defense Against Zero-day Polymorphic Worms in Communication Information Security Governance Simplified: Networks From the Boardroom to the Keyboard Mohssen Mohammed and Al-Sakib Khan Pathan Todd Fitzgerald ISBN 978-1-4665-5727-7 ISBN 978-1-4398-1163-4 The Complete Book of Data Anonymization: Information Security Policy Development for From Planning to Implementation Compliance: ISO/IEC 27001, NIST SP 800-53, Balaji Raghunathan HIPAA Standard, PCI DSS V2.0, and AUP V5.0 ISBN 978-1-4398-7730-2 Barry L. Williams ISBN 978-1-4665-8058-9 The Complete Guide to Physical Security Paul R. Baker and Daniel J. Benny Information Technology Control and Audit, ISBN 978-1-4200-9963-8 Fourth Edition Sandra Senft, Frederick Gallegos, and Aleksandra Davis Conflict and Cooperation in Cyberspace: ISBN 978-1-4398-9320-3 The Challenge to National Security Panayotis A Yannakogeorgos and Adam B Lowther Iris Biometric Model for Secured Network Access (Editors) Franjieh El Khoury ISBN 978-1-4665-9201-8 ISBN 978-1-4665-0213-0 Cybersecurity: Public Sector Threats Managing the Insider Threat: No Dark Corners and Responses Nick Catrantzos Kim J. Andreasson ISBN 978-1-4398-7292-5 ISBN 978-1-4398-4663-6 Network Attacks and Defenses: A Hands-on The Definitive Guide to Complying with the Approach HIPAA/HITECH Privacy and Security Rules Zouheir Trabelsi, Kadhim Hayawi, Arwa Al Braiki, John J. Trinckes, Jr. and Sujith Samuel Mathew ISBN 978-1-4665-0767-8 ISBN 978-1-4665-1794-3 Digital Forensics Explained Noiseless Steganography: The Key to Covert Greg Gogolin Communications ISBN 978-1-4398-7495-0 Abdelrahman Desoky ISBN 978-1-4398-4621-6 Digital Forensics for Handheld Devices Eamon P. Doherty PRAGMATIC Security Metrics: Applying ISBN 978-1-4398-9877-2 Metametrics to Information Security W. Krag Brotby and Gary Hinson Effective Surveillance for Homeland Security: ISBN 978-1-4398-8152-1 Balancing Technology and Social Issues Francesco Flammini, Roberto Setola, and Giorgio Securing Cloud and Mobility: A Practitioner’s Guide Franceschetti (Editors) Ian Lim, E. Coleen Coolidge, and Paul Hourani ISBN 978-1-4398-8324-2 ISBN 978-1-4398-5055-8 Electronically Stored Information: Security and Privacy in Smart Grids The Complete Guide to Management, Yang Xiao (Editor) Understanding, Acquisition, Storage, ISBN 978-1-4398-7783-8 Search, and Retrieval Security for Wireless Sensor Networks using David R. Matthews Identity-Based Cryptography ISBN 978-1-4398-7726-5 Harsh Kupwade Patil and Stephen A. Szygenda Enterprise Architecture and Information ISBN 978-1-4398-6901-7 Assurance: Developing a Secure Foundation The 7 Qualities of Highly Secure Software James A. Scholz Mano Paul ISBN 978-1-4398-4159-4 ISBN 978-1-4398-1446-8 AUERBACH PUBLICATIONS www.auerbach-publications.com • To Order Call: 1-800-272-7737 • E-mail: [email protected] Conflict and Cooperation in Cyberspace The Challenge to National Security Edited by Panayotis A. Yannakogeorgos Adam B. Lowther Boca Raton London New York Per Contract: The Publisher and the Editor acknowledge that the Work has been authored by an employee or con- tractor of the United States Government. As such, any work resulting from the Editor’s duties as an employee of the United States Government is not subject to copyright, nor may any copyright be assigned to any other party for such work, nor may copyright be established for any derivative work or any future work based on the original work which, as described, has been created under the authority of the United States Government. Furthermore, it is understood by the Publisher that the United States Government retains a non-exclusive, royalty-free license to publish or repro- duce the published form of the Work as described herein, or to allow third parties to do so. Taylor & Francis Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2014 by Taylor & Francis Group, LLC Taylor & Francis is an Informa business No claim to original U.S. Government works Version Date: 20130620 International Standard Book Number-13: 978-1-4665-9202-5 (eBook - PDF) This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, includ- ing photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, please access www.copyright.com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged. Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Visit the Taylor & Francis Web site at http://www.taylorandfrancis.com and the CRC Press Web site at http://www.crcpress.com Contents Foreword ix Acknowledgments xiii IntroductIon xv edItors xxv contrIbutors xxvii PArt I key consIderAtIons chAPter 1 the Future oF thIngs cyber 3 MICHAEL V. HAYDEN chAPter 2 tAmIng the “21st century’s wIld west” oF cybersPAce? 9 LYNN MATTICE chAPter 3 cybersPAce suPerIorIty consIderAtIons 13 FRED TAYLOR, JR. AND JERRY CARTER chAPter 4 two, mAybe three cheers For AmbIguIty 27 MARTIN C. LIBICKI chAPter 5 the essentIAl FeAtures oF An ontology For cyberwArFAre 35 RANDALL R. DIPERT © 2010 Taylor & Francis Group, LLC v vi Contents chAPter 6 the ProsPects For cyber deterrence: AmerIcAn sPonsorshIP oF globAl norms 49 PANAYOTIS A. YANNAKOGEORGOS AND ADAM B. LOWTHER PArt II technology chAPter 7 chAllenges In monItorIng cyberArms comPlIAnce 81 NEIL C. ROWE, SIMSON L. GARFINKEL, ROBERT BEVERLY, AND PANAYOTIS A. YANNAKOGEORGOS chAPter 8 dIgItAl PolIcy mAnAgement: A FoundAtIon For tomorrow 101 NATIONAL SECURITY AGENCY (NSA), ENTERPRISE SERVICES DIVISION, IDENTITY AND ACCESS MANAGEMENT BRANCH chAPter 9 on mIssIon AssurAnce 107 KAMAL JABBOUR AND SARAH MUCCIO chAPter 10 stuxnet: A cAse study In cyber wArFAre 127 ERIC P. OLIVER chAPter 11 the Internet And dIssent In AuthorItArIAn stAtes 161 JAMES D. FIELDER PArt III ethIcs, lAw, And PolIcy chAPter 12 cAn there be An ethIcAl cyber wAr? 195 GEORGE R. LUCAS, JR. chAPter 13 PersPectIves For cyberstrAtegIsts on cyberlAw For cyberwAr 211 CHARLES J. DUNLAP, JR. chAPter 14 A new normAl? the cultIvAtIon oF globAl norms As PArt oF A cybersecurIty strAtegy 233 ROGER HURWITZ © 2010 Taylor & Francis Group, LLC Contents vii chAPter 15 cyberdeFense As envIronmentAl ProtectIon—the broAder PotentIAl ImPAct oF FAIled deFensIve counter cyber oPerAtIons 265 JAN KALLBERG AND ROSEMARY A. BURK chAPter 16 cyber sovereIgnty 277 STEPHEN K. GOURLEY chAPter 17 AmerIcAn cybersecurIty trIAd: governmentwIde IntegrAtIon, technologIcAl counterIntellIgence, And educAtIonAl mobIlIzAtIon 291 SUNGHYUN KIM © 2010 Taylor & Francis Group, LLC