Grand Strategy in the Cyberspace Terrain

Grand strategy, as far as I can tell, is the use of various tools (diplomatic, economic, militaristic) to best achieve a state’s national interest and desired role in the word. Conventional interpretations of grand strategy focus on land, sea, and air. Over the last few decades, the internet has formed a web of networks and created a new terrain: cyberspace. This realm is markedly different in that interactions are not purely physical, the terrain is not dominated by states but by individuals, the territory is virtually lawless, and it is often hard to ID the source/attacker.  

How a nation generally interacts with others in this new realm develops its reputation, from which we can attempt to interpret said nation’s grand cyber strategy.

First, it is important to note that there has never been an instance of cyber war, or even an attack that resulted in loss of life or extensive damage to critical infrastructure. Though some alarmists talk of a cyber Pearl Harbor or 9/11, most experts in the field do not view these as realistic. Instead, most interactions are categorized as either espionage, subversion, or sabotage. So grand cyber strategy, while still passive or aggressive, defensive or offensive, etc. is far milder than conventional militaristic grand strategy.

China’s grand cyber strategy is one of espionage. The instances of Chinese theft in American cyberspace are many: Shady Rat, Ghost Net, the Pentagon Raid, the Byzantine Series, and the F-35 jet plans. This is fairly predictable because China is a rising power that will threaten the US’s hegemony (cue Thucidydes). For a country that does not invest in innovation but rather in manufacturing, theft from an existing power makes sense. Additionally, China has something to prove. “Because cyber espionage is less risky and less costly than attempting to match the conventional US military machine, China uses this tactic to show the Americans that it is a force to be reckoned with in cyberspace” (Cyberwar versus Cyber Realities, p133).

Interestingly, we engage positively with China after they have launched a cyber attack against us, usually turning to diplomacy and transparency. Why? – to avoid escalation and to set global cyber norms. After all, it is partially the victim’s fault due to lack of successful defense. China is engaging in cyber espionage because America produces things worth stealing.

Russia’s grand cyber strategy, compared to China’s, is marked by subversion. This is evident in Russia’s relentless DDoS attacks on Georgia, Estonia, and Ukraine (neo-expansionism??), as well as recent disruption in European and American elections (dissemination of disinformation, propaganda).

Israel’s unique grand strategy is one of aggressive containment- particularly in the context of nuclear weapons. Israel has developed a reputation and international expectation that it will respond (using a fusion of intelligence, cyber, and military tools) to regional powers that develop a nuclear program. See Stuxnet, Operation Orchard.

The United States’ grand cyber strategy has been, to this point, largely one of non-engagement and restraint. In most cyber interactions, our tactics have been defensive rather than offensive. We have recently stressed the importance of hardening our security for the intended effect of deterrence through denial. There seems to be an understanding that cyberattacks fall greatly below the range of military operations and are largely inconsequential to relations between states. There is no incentive to escalate the situation, but rather to harden one’s own defensive capabilities.

Rules of thumb (from Cyberwar versus Cyber Realities, Maness):

When cyber tactics are used: (1) they tend to only be used by existing rivals or states involved in territorial disputes, (2) they are used with relative restraint, (3) they tend not to elicit a strong reaction anyways*, (4) it is possibly just a normalized ‘language’ for rival pairs to non-violently express discontent/displeasure, and (5) so far have proved ineffective in stopping the targets from continuing to pursue their goals [If you look at Stuxnet, Bronze Soldier, and Shamood, all three had no effect on targets’ goals : Estonia becomes even closer with Europe, Iran continued to enrich uranium, and Saudi Arabia continued the Iranian oil embargo].

*Attacks that are public and harder to conceal are more likely to provoke a foreign policy response (DDoS).