International Studies Perspectives (2014), 1–18.

Cyberwar: Taking Stock of Security and

Warfare in the Digital Age1
Y O N G -S O O E U N
Incheon National University
AND

JUDITH SITA ABMANN

Berlin, Germany

This article examines the implications of cyberwar for national security

and traditional warfare. While not making traditional war obsolete, cyber-
weapons can nonetheless be force-amplifiers for kinetic attacks in future
wars. Not only are cyber-weapons easier to deploy, they can also be acti-
vated much more cheaply than conventional weapons. This cost–benefit
ratio levels the playing field, especially to the benefit of Third World coun-
tries which lack considerable leeway in terms of exercising traditional mili-
tary power. By bringing new aspects to the theater of war, cyberwar asks us
to revamp our policy and study of security, war, and power. Although it
does not change the very nature of warfare which remains political, instru-
mental, and violent, cyberwarfare will reshape the ways in which war
begins or is carried out in the near future. Our analytical and theoretical
understanding of the international politics of the digital age can be
enriched by taking what is happening in cyberspace more seriously.

Keywords: cyberwar, security studies, cyber-attacks, cyber-weap-

ons, hacking

The United States’ 2010 National Security Strategy states that cyber-threats are “one
of the most serious national security, public safety, and economic challenges we
face as a nation” (The White House 2010:27). In June 2012, the then US Defense
Secretary Leon Panetta declared: “I’m very concerned that the potential in cyber
to be able to cripple our power grid. . .our government systems. . .our financial sys-
tems, would virtually paralyze this country. . .[T]hat represents the potential for
another Pearl Harbour” (Mora 2012). Panetta’s recognition of cyber-security con-
tinues to have resonance with the American elites’ thinking. In a recent statement
Chuck Hagel, the incumbent US Defense Secretary, commented that “cyber
threats are real, they’re terribly dangerous” (Alexander 2013). America has now
established a US Cyber Command to conduct cyber operations (US Department of
Defense 2011). Likewise in 2010, the United Kingdom’s National Security Strategy
characterized cyber-attacks as one of four “tier one” threats alongside terrorism,
military crises between states, and major accidents (UK Prime Minister 2010:11,
29, 34). Sharing this view, a European Parliament policy paper asserts that

1
We would like to thank anonymous reviewers and the editors for helpful comments and suggestions. Yong-Soo
would particularly like to thank Dae Shik Un for his encouragement and prayers. This work was supported by
Incheon National University Research Grant in 2012.

Eun, Yong-Soo, and Judith Sita Abmann. (2014) Cyberwar: Taking Stock of Security and Warfare in the Digital Age.
International Studies Perspectives, doi: 10.1111/insp.12073
Ó 2014 International Studies Association
2 Cyberwar

cyberwarfare is becoming increasingly important for its member states because

modern interstate conflicts often have a new cyber-conflict dimension, not to be
compared with conventional military domains such as sea or air (European Parlia-
ment 2011:5, 11). In a related vein, NATO’s Co-operative Cyber Defence Centre of
Excellence published “the Tallinn manual,” an advisory manual on cyberwarfare,
which indicates that full-scale wars could be triggered by online attacks on com-
puter systems and that civilian activists who participate in those attacks are consid-
ered “legitimate targets” (Schmitt 2013:97). The Tallinn manual also contains 95
“Rules”; among them “Rule 22,” for example, states: “cyber operations alone might
have the potential to cross the threshold of international armed conflicts” (Schmitt
2013:71–75). On the other hand, incidences of cyber-espionage between Washing-
ton and Beijing are no longer an espionage-like secret activity. In May 2013, the
Obama administration explicitly accused China’s military of mounting attacks on
American government computer systems and defense contractors, saying one
motive could be to map “military capabilities that could be exploited during a cri-
sis” (Marcus 2013:1). In the 2013 annual report to Congress, the Pentagon states as
follows: “In 2012, numerous computer systems around the world, including those
owned by the U.S. government, continued to be targeted for intrusions, some of
which appear to be attributable directly to the Chinese government and military”
(Office of the Secretary of Defense 2013:35–36). Not too surprisingly Beijing
responded by stating: “We are willing to carry out an even-tempered and construc-
tive dialogue with the United States on the issue of Internet security. But we are
firmly opposed to any groundless accusations and speculations. . .” (Sanger 2013).
Consequently, the Washington Post recently reported that US intelligence services
carried out 231 offensive cyber operations in 2011 (Gellman and Nakashima
2013), and that China was among “the top targets of cyber operations carried out
by U.S. intelligence services in 2011” (Wan 2013). The cyber-attacks and threats
from North Korea against the South are also not a new revelation. In March 2013,
for instance, South Korea’s military Internet network was breached for 24 hours by
North Korean hackers, causing around 2,000 national secrets to leak; in the same
month, Pyongyang’s cyber-attacks paralyzed the sites of major South Korean broad-
casters and banks; and on June 25, the hacks happened again and resulted in dam-
age to 69 Web sites and online networks of the South Korean public organizations,
including the presidential office (Kang 2013).2

To Paraphrase Trotsky: “You May Not Be Interested in Cyberwar, but Cyberwar

Is Interested in You”3
Having sketched what has recently unfolded in relation to cyber-security, it
seems appropriate to take cyberspace seriously as a domain affecting national
security and warfare. There are, indeed, convincing reasons for this. The modern
world is closely intertwined through the Internet with rapid inventions bringing
an even closer interconnectedness. Unfortunately, technologies’ many benefits
also come with downsides which are harder to curtail or control than before.
Cyber-weapons have the potential to disrupt, destroy, and paralyze highly vulner-
able communication, finance, or transportation systems. It is easy to be drawn
into doomsday “Pearl Harbour scenarios” since cyberspace generally remains a
“big unknown.” Our daily lives are cyber dependent with online banking, credit
cards, online transactions, or emailing, yet to many it remains mysterious as to
how these technologies work and what potentials they hold (Xu 2011).

2
The hacks lasted until July 1. June 25, when the first wave of cyber-attacks began, is symbolic in that it marked
the 63rd anniversary of the outbreak of the 1950–1953 Korean War.
3
The original statement by Leon Trotsky (1879–1940) who was the founder and first leader of the Red Army is,
“You may not be interested in war, but war is interested in you.”
 Y O NG -S OO E UN AND J UDITH S ITA A BM ANN 3

Furthermore worldwide, militaries are rapidly jumping on board the moderniza-

tion train. Billions of dollars are pumped into cyber-security; states are coaching
elite hackers to support the traditional military. States are more threatening to
national security than cyber-terrorism as militaries have more know-how and finan-
cial and human resources (Gaycken 2012b). Cyberwarfare offers a low-priced tech-
nique for countries to deal with states which are otherwise untouchable due to
their military might. Future attacks are believed not to be nuclear in nature
because of the likelihood of retaliation, but rather a question of attacking the
enemy through the technology presently running governments, financial systems,
transportation and communication, and through “information operations” (Arqu-
illa and Borer 2009). Our starting position for cyber-security looks rather menac-
ing: Down to the smallest fragment of society, we are increasingly reliant on
technology. Simultaneously, this technology is basically insecure and impossible to
control effectively: a perfect niche for exploitation and misuse. As such, cyber-
space and warfare within it is and should be of great concern to national security
and people’s well-being. To be sure, this does not necessarily mean that we have
to change entirely our thinking and beliefs about warfare. What is more, there
could be some doubt that cyber-threats are real; rather we are just surrounded by
“cyber-hype” blowing cyber-threats out of proportion (Gaycken 2012a:79). How-
ever, even those who argue that cyberwar is not taking place in the present and
will be unlikely to occur in the future—such as analyst Thomas Rid—admit that
“the range of aggressive behavior online is widening. At the same time the sophis-
tication of some attacks has reached new heights” (Rid 2012:15).
In this vein, this article attempts to examine the implications of these new
developments in cyber-security for national security and traditional warfare. It is
argued here that while not making traditional war obsolete, cyber-weapons can
nonetheless be force-amplifiers for kinetic attacks in future wars. Not only are
cyber-weapons easier to deploy, they can also be activated much more cheaply
than conventional weapons. This cost–benefit ratio levels the playing field, espe-
cially to the benefit of Third World countries which lack considerable leeway in
terms of exercising traditional military power. By bringing new aspects to the
theater of war, cyber-attacks ask us to revamp our policy and study of security,
war, and power. Although it does not change the very nature of warfare which
remains political, instrumental, and violent, cyberwarfare will reshape the ways in
which war begins or is carried out in the near future.
What this suggests is that we need to have a better understanding of the
changes that warfare and national security are undergoing faced with the possi-
bilities of cyberspace. To this end, this article, with a focus on the area of inter-
state cyber-attacks or cyberwarfare, first explains some basic terminology with the
objective of finding a distinction between what could constitute cyberwarfare
and what should not. The understanding of cyberwarfare is rooted in case stud-
ies of recent cyber-incidents, including Chinese cyber-espionage, the supporting
use of cyber-weapons during the 2008 Russo-Georgian War, and the infection of
Stuxnet in order to damage Iranian nuclear facilities. It is suggested here that
while Chinese cyber-espionage does not seem to constitute an act of war, the
other two cases (that is, the Russo-Georgian War and Stuxnet) can be taken as
examples of how warfare might look in the future. In the final section, this arti-
cle offers the implications that cyberspace and cyber-weapons have for the study
and practice of security and warfare, which can be a useful and complementary
source for developing better understandings of future warfare.

What Is Cyberwar?
As touched on earlier, states have begun to realize the dangerous potential
embedded in cyberspace and are attempting to find ways to deal with this new
4 Cyberwar

national security threat. Yet a thorny issue that surrounds the state policy and
scholarly work regarding cyberwar is establishing an accurate definition of the
term. What is cyberwar? Of course, prior to that, what is war? This is a question
that can bear many answers; there has been intense controversy over its mean-
ing: from Clausewitz’s famous “war is a mere continuation of policy by other
means. . .an act of violence to compel our opponent to fulfill our will” to Hedley
Bull’s description of war as “organised violence carried on by political units
against each other” or Michael Walzer’s understanding that “war is a social crea-
tion. What is war and what is not-war is. . .something that people decide” to the
Oxford Dictionary’s definition as “a state of armed conflict between different
countries or different groups within a country,” war can have various emphasized
aspects (Bull 1977:184; Clausewitz 1997:22; Walzer 2006:24). Attempting to
define “cyberwar” brings even more confusion: when is a cyber-attack “merely” a
nuisance and when can it be regarded as an act of aggression? Writing in 1995,
Toffler’s observation that “the gabble of terminology—Info-Doctrine, [Info-
Warfare], Cyberwar, C² Warfare, and other terms—reflects the still primitive
stage of discussion” holds true today (Toffler and Toffler 1995:188). Cyberwar is
the dominant term in the related literature though not uncontested; that the
usage of “war” should not be taken lightly is recognized (European Parliament
2011:11). Currently think-tanks and research institutions are engaging with this
new phenomenon of cyber-attacks, trying to arrive at a usable definition of cyber-
war, and provide practical government policies; yet, as the 2012 conference, “IT
Security in the Age of Cyber Warfare” demonstrates, cyber-security experts have
not yet succeeded in terms of offering clarification of the term: There are even
grammatical discrepancies with the use of “cyber war” or the contracted “cyber-
war.”4 According to Sue Poremba, some even raise a question of why we
even need a definition as it does not make cyberwar more or less destructive
(Poremba 2012).

Certain Aspects Distinctive of Cyberwar

Regardless of the vagueness inherent in the subject of cyberwar, and despite the
lack of consensus on criteria for definition, many analysts seem to agree on the
point that there are, indeed, certain aspects distinctive of cyberwarfare; here,
Clarke and Knake’s definition is helpful as a basis. They define cyberwar as
“Actions by a nation-state to penetrate another nation’s computers or networks
for the purposes of causing damage or disruption” (Clarke and Knake 2012:6).
That is to say, cyberwarfare revolves around information and knowledge, impera-
tive for carrying out effective cyber-attacks against another state’s computers and
networks (Arquilla and Ronfeldt 1997:30; Wu 2004:177). Networks, systems, and
Web sites are the main targets of cyberwarfare, attempting to paralyze an oppo-
nent either through disruption or damage. A cyber-attack via the nontraditional
battlefield of the Internet can hit a modern technological society at its core.
Here, to have a shaper understating of cyberwar, we need to distinguish cyber-
espionage from cyber-attack.
Espionage is an old form of state business made easier by cyberspace. The
physical presence of a spy is no longer necessary as hackers operate from across
the world; more information is accessed and transferred through the Internet
than in a suitcase. Cyber-espionage is an increasing economic problem with the
theft of credit card information or reconnaissance of new prototypes. In the mili-
tary, data collection and intelligence transfer hampers troop locations or exposes

4
To prevent any further confusion, this article (following the general usage of terms in the field of cyber-secu-
rity) uses the terms cyberwar and cyberwarfare without a hyphen. The term “cyberwar/cyberwarfare” has established
itself in the field of cyber-security and is used even by experts who disagree with the term.
 Y O NG -S OO E UN AND J UDITH S ITA A BM ANN 5

weaknesses serviceable in conflict situations (Fritz 2008). However, it is arguable

whether cyber-espionage embodies a hostile confrontation calling for retaliation.
On the other hand, a cyber-attack is “the physical destruction of a computer,
deleting/re-writing of files, knocking a network or service offline” (Fritz
2008:48). FBI Director Robert Mueller stated that cyber-attacks today can have
the same effect as a “well-placed bomb” (Evans and Whittell 2010). Attacks aim
to disrupt or completely destroy a network or system. Again, views differ on
when a cyber-attack constitutes an act of aggression or can be categorized as a
nuisance not effectively harming a country. Diagram 1 illustrates various
cyber-attack forms.
Diagram 1

• Appears to perform a desirable function, while

Trojan secretly performing malicious functions (Fritz,
2008:50)

• Self-replicating program
Virus • Deleting files, damaging programs, reformatting
hard drive, disrupting/debilitating the system
completely (ibid:51)

• Self-replicating program
Worm • Attempts to scan a network for vulnerable sytems
and automically exploits those (does not attach
itself to a program like a virus) (ibid)

• Denial of Service Attack/ Distributed Denial of

Service Attack
DoS/ DDos • Attempts to make a computer resource
unavailable to its users (interrupt, suspend) for ex.
by overloading the server through communication
requests (ibid:53)

• Computer programs planted in peacetime that can

Logic Bomb later be triggered remotely to cause damage in
times of conflict (Brito and Watkins 2011:14)

To be sure, the diagram above does not end the terminological controversy;
academic definitions of cyberwar and related terms still may differ across authors
and in temporal and spatial terms. Furthermore, as cyberspace still lacks a legal
framework providing standards and rules, it is often unclear what cyberwar is
against “mere nuisance” from a legal, institutional perspective (Lonsdale 2004;
Carr 2010, 2011).

Reading Public Opinion

Interestingly, despite such confusion and the lack of well-demarcated definitions
in the academic study of cyberwarfare, the general public seems to have a rather
more clear view of cyberwar. Recently the magazine Slate carried out an opinion
poll to discover what the public perceives as cyberwar and what is regarded as
nuisance, but not “war.” The result is presented in Figure 1 below.
Interestingly, as the figure shows, the public mostly has a clear opinion on
what is cyberwar and what is not. A virus released against nuclear reactors is
quite clearly part of cyberwar, as is a blackout resulting from a cyber-attack pre-
ceding a traditional kinetic attack, or the simultaneous combination of both.
Past cyber-incidents prove that these scenarios are not implausible. The famed
Stuxnet damaged the Iranian nuclear program at Natanz. An example of simul-
taneous attacks was demonstrated by the 2007 Israeli attack on a nuclear reactor
6 Cyberwar

2500 What Is Cyberwar?

2000

1500
Votes
1000

500

0
Virus
Stolen Chinese Nonfatal
applied to Blackout, Data for Patriotic
information backdoor Simultan- nuclear
nuclear then attack sale attacks
trap eous attacks hacking
reactors
Yes 1253 486 490 2058 192 297 2049 1009
No 169 744 1490 23 1866 1746 22 1035

FIG. 1. Public Opinion.

Source for Data: Carr (2010, 2011).

in Syria. The Israeli military, shortly before bombing the nuclear site, paralyzed
the Syrian air defense radar system. The sophisticated technology invaded the
Syrian communication network and manipulated it, hindering approaching air-
crafts from being shown on the radar (Fulghum 2007). Not considered as cyber-
war in the opinion poll are Chinese hacking, selling stolen data, or patriotic
attacks. This is particularly remarkable as a slew of journalists and even security
experts termed a US-Chinese hacking “war” and called the cyber-attacks paralyz-
ing Estonia “WWI”—Web War One (see The Economist 2010a). This is a major
hindrance in engaging with the study of cyberwarfare: The term itself is used too
freely; the definitions are unclear; and there is a lack of appreciation of a cyber-
weapon’s abilities. In short, one may have a rather broad definition of cyberwar
combining a consensus found in public opinion, but not without controversy.
To address such an issue and have a more sophisticated understanding of what
cases should and should not be labeled as cyberwarfare, there is a need to con-
sider empirical cases of recent cyber-incidents which are often described as cyber
“war” by commentators or scholars. Here, the traditional understanding of war
proposed by Clausewitz which emphasizes three characteristics that war has to be
political, instrumental, and violent (Clausewitz 1997) can provide us with a use-
ful guideline for defining this new, modern warfare in cyberspace and distin-
guishing between cyber-incidents that are more and less war-prone in nature.
With this basis, in what follows, this article will examine three real-life cases and
dwell on whether and to what extent they bear the hallmarks of aggressive, polit-
ical, and/or institutional aspects of traditional war. In doing so, the following
illustrations will be able to help us better understand the nature of cyber-attacks
and better define what cyberwarfare means (to us) and thus better prepare for
various future eventualities in international security.

Some Illustrations
Chinese Espionage
Most interstate cyber-incidents are cases of espionage (Arquilla and Ronfeldt
1997; Thornburgh 2005; Clarke and Knake 2012). For China, cyberspace and its
 Y O NG -S OO E UN AND J UDITH S ITA A BM ANN 7

possibilities hold a great potential as it is unable to match America in conven-

tional military terms. China became particularly interested in cyber-security as
asymmetric warfare after the 1991 Gulf War, a testament to America’s kinetic
dominance (European Parliament 2011:15). Today it seems to have become the
norm for Western states to regularly accuse China of aggressive hacking into
their networks and systems. America in particular is wary of this growing prob-
lem, with some security experts, politicians, and the media feeding the fear of
the “Chinese dragon” stealing valuable information from the American govern-
ment and its military contractors, as well as the supposed ability of China to par-
alyze US power supply or communication systems. Armageddon scenarios like
Panetta’s “cyber-Pearl Harbor” are frequent.
In contrast to the United States, China’s Internet and its use are state-con-
trolled with the possibility of taking large and critical parts of the system offline
in the event of cyber-attacks. In 2001, China for the first time openly admitted
to having established a Blue Force subunit in its military, an elite troop of com-
puter hackers (Kremp 2001). This unit has the potential to act as an offensive
troop conducting cyber-attacks against other states, as well as a possible deterrent
against other countries considering hacking into or attacking the Chinese state.
Recent assessments estimate that the Blue Force consists of 50,000–100,000 sol-
diers (Gaycken 2012a:64).
America experiences malicious hacking daily where companies, institutions, or
organizations are hacked into and information is stolen, including NASA, Boe-
ing, universities’ technological institutes, the Department of Defence and other
government departments, Amnesty International, or even individual politicians.
The target can be highly sensitive military data as well as reports about human
rights, suggesting that such hacking is not done by criminals who would often
target credit card information and the like, but is in fact state-sponsored espio-
nage. Furthermore, the hackers have to be highly trained and equipped to per-
form these sensitive break-ins (Krekel 2009:52). America was faced with an
especially persistent and coordinated series of hacking called “Titan Rain”
between 2003 and 2006.
Due to the attribution problem existing in cyberspace, it could never be
asserted for certain that the Chinese state was behind Titan Rain. However, after
several weeks of investigation, many claimed that the Chinese were indeed
responsible as the attacks had been conducted from servers on the Chinese
mainland; headlines such as “The Invasion of the Chinese Cyberspies” became
widespread (Graham 2005; Thornburgh 2005). China also succeeded in pene-
trating the Pentagon’s NIPRNet.5 Although unclassified, the network is used by
the military for most of its daily business. Fears remain that China could disable
it in times of conflict, making it near impossible for the Pentagon and the mili-
tary to communicate and cooperate. A Pentagon officer admitted that, “China
has downloaded 10–20 terabytes of data from the NIPRNet already,” posing “a
nation-state threat by the Chinese” (Tkacik 2008:1). During times of crisis, for
example, over Taiwan, the paralyzing of US government and military computers
could give China a decisive head-start.
Currently and more immediately disturbing for America is, however, the level
of data theft. Some see Chinese espionage as “the single greatest threat to US
technology” (Krekel 2009:58). China could be using the stolen information on
military prototypes to enhance its own development of military technology, des-
perately needed in the face of Western-imposed weapon embargoes. Numerous
Western security experts argue that Chinese cyber-espionage is helping China in
leapfrogging military technology and modernizing their conventional weaponry
(see Fritz 2008; Krekel 2009; Clarke and Knake 2012). Cyber-espionage is perfect
5
Unclassified but sensitive Internet Protocol router network.
8 Cyberwar

for this kind of mission because it does not require the “spy” to be physically pres-
ent while a large amount of data can be extracted without a clear attribution.
In 2011 Lockheed Martin was under a “significant and tenacious attack” origi-
nating from servers in China and occurring after China had threatened Lock-
heed Martin over selling its F-16 fighter jets to Taiwan (Charette 2011).
Lockheed Martin experienced major disruptions in its computer networks and
was forced to reset most of its security systems (Rash 2011). Attacks like these
are daily occurrences for defense contractors in America; the fear that China is
stealing confidential data is rising with every new attack.

Estonia and Georgia

Estonia is ranked among the highest networked communities in the world where
the government and administration is almost entirely managed through the In-
ternet and citizens can cast their votes electronically (Spiegel 2007). This high
degree of modernization makes the country especially vulnerable to cyber-
attacks.
In April and May 2007, Estonia was under continued cyber-attack as a result of
the relocation of a Soviet war memorial from Tallinn city-center to a military
cemetery. The relocation provoked negative reactions among the large Russian
minority and Russian nationals in Estonia, on top of an already tense relation-
ship between the two states. The following weeks were described as a “cyberblitz”
with a “gathering of botnets6 like a gathering of armies” (Marquand and Arnoldy
2007; Espiner 2008). The attacks were mostly Distributed Denial of Service
attacks directed not only at government Web sites, but also banks and newspa-
pers. Surprisingly even “unimportant” sites such as school Web sites were over-
loaded (Lischka 2007). The DDoS-attacks ensured that the attacked Web sites
were overburdened and services severely disrupted. Government emails as well as
online banking repeatedly crashed during the weeks of attack.
The servers the attacks originated from were traced back to Russia, thus mak-
ing Estonians certain that Russia was behind the cyber-attacks. But again the
problem of attribution and the possibility of framing servers posed a hindrance
in terms of finding the true source of attacks. NATO understandably refused to
accuse Russia and invoke Article 5 as demanded by Estonia. The director of the
Computer Emergency Response Team (CERT) sent to Estonia stated that it was
impossible to find a single originator for the attacks (ibid). It is believed instead
that so-called patriotic “hacktivists” were responsible. DDoS-attacks can disrupt a
system but in comparison to other cyber-weapons they are relatively easy to coun-
ter. Furthermore, the attacks were uncoordinated and directed at “minor” tar-
gets; no critical infrastructure was hit. A US official remarked that states must
now prepare for a cyber-aftermath wherever political tensions arise (Landler and
Markoff 2007). Yet, Estonia is continuously mentioned when talking about
cyberwarfare. To many it serves as the first example of a “real” cyberwar (Spiegel
2007; Clarke and Knake 2012:31).
Gaycken designates Estonia a “loud but non-hazardous” cyber-attack, a nui-
sance attack exaggerated to a cyberwar by politicians and the media in a general
cyber-hype (Gaycken 2012a:79). No permanent damage was done to government
Web sites or banking systems (despite a wake-up call concerning their security
provisions). Neither were the attacks instrumental, coordinated, or following a
political agenda. They were simply triggered by aggrieved sentiments over the
relocation of a statue.

6
A botnet is “a network of computers that have been compromised without their users’ knowledge, usually
through a computer virus. The attacker remotely controls these computers and commands them to carry out the
attack” (Brito and Watkins 2011:11).
 Y O NG -S OO E UN AND J UDITH S ITA A BM ANN 9

What the Estonian case does show, however, is what we can expect in the
future: interstate crises will be accompanied by patriotic hacktivists. Governments
and their militaries also learned that a single cyber-attacker or group of cyber-
attackers have the ability to cause multiple disruptions to the daily life of a state
and its public authorities (Goetz, Rosenbach, and Szandar 2009). Likewise, as
with China and America, the potential for escalation is there if a state decides to
physically retaliate.
In comparison, the Russo-Georgian War in 2008 witnessed much more sophis-
ticated and coordinated attacks; experts here see a maturation of the cyberwar
process (Fritz 2008:57). Before fighting broke out in the “real” world, cyber-
attacks ensured that the Georgian government’s sites and news agencies were
majorly disrupted, making it difficult for Georgians to obtain information on
what was happening in the crisis with Russia. Again, email and banking systems
were paralyzed, as well as credit card and mobile phone systems; Clarke and
Knake believe that the coordination and the finances necessary to carry out such
major disruptions exceed hacktivists’ abilities, making government involvement
likely (Clarke and Knake 2012:20). This is, as so often, mere guesswork; it does
not mean that Russian cyber-warriors attacked Georgia. Certainly, however, the
Russian state did nothing to stop the cyber-attacks and refused to investigate the
incidents. The attacks also followed a more political-military agenda by accompa-
nying the kinetic attacks. They ensured that the Georgian government and popu-
lation were busy with the disruption of phones, email, and banking systems, as
well as news agencies which furthermore guaranteed a high level of confusion in
the country prior to and particularly during the physical attacks.

Stuxnet
Stuxnet is referred to as the first real cyber missile, setting itself apart from other
cyber-attacks (The Economist 2010b). Discovered in June 2010, the worm pre-
sented a novel cyber-weapon, unlike DDoS-attacks or previous forms of virus.
Usually worms are released and spread indiscriminately. Stuxnet was different; it
had a very specific target making it “by far the most sophisticated cyber-attack on
record” (Rid 2012). The target was the nuclear facility in Natanz, Iran.
After its release, Stuxnet combed its way through numerous networks and
computers, infecting USB-sticks, undetected and harmless until reaching its des-
tination: the uranium enrichment facility network. From the network, the virus
found its way into the secure control systems, which it was able to manipulate
intelligently—the safety system was unable to detect any malicious activity. This
was the first cyber-threat able to manipulate the functions of machinery within
closed systems, damaging the enrichment centrifuges. According to the evidence,
shortly before its discovery, Stuxnet had effectively damaged Iran’s enrichment
program (European Parliament 2011:52). The worm succeeded in what Western
governments had been fruitlessly trying to achieve with embargoes and diplo-
macy. Immediately speculation began about the worm’s origin.
Stuxnet expert Lagner terms the virus a “military-grade cyber missile” instigat-
ing an “all-out cyber-strike against the Iranian nuclear programme” (quoted in
Farwell and Rohozinski 2011:23). Iran’s nuclear facility as a target hardens the
suspicion that Stuxnet was a cyber-weapon released by a Western government no
longer relying on ineffective negotiations with Iran. Moreover, Stuxnet was an
example of highly complex software needing financial and human resources
only a state could afford. There are debates over whether America, Israel, or
both are behind the cyber-attack, since they possess the motivation and both the
technological and financial means to undertake such a sophisticated cyber-attack
(Farwell and Rohozinski 2011; Gross 2011; Gaycken 2012b; Rid 2012; Spiegel
2012). Naturally, an attribution is impossible.
10 Cyberwar

Stuxnet was the first cyber-weapon seeking out a specific target after having
been released, simultaneously covering its tracks and hiding its presence and
activities until after completing its task. For the revolutionary first use of an inde-
pendent and destructive cyber-weapon, investigative journalist Michael Gross
labeled Stuxnet the “Hiroshima of cyberwar” (Gross 2011). This comparison is
misleading to say the least. Stuxnet was not lethal but rather a weapon with the
sole purpose of damaging computers and the connected machinery. Gross, how-
ever, sees in Stuxnet a radical new stage in warfare similar to nuclear bombs,
crossing a threshold (Gross 2011), the first use of a genuine cyber-weapon forc-
ing us to rethink our conceptions of war. This is a thought deserving of atten-
tion and exploration.
There is no framework for how to deal with the uncertainty surrounding
cyberspace. If a state had attacked Nantaz by air bombardment with the same
consequences as Stuxnet, it would have been an act of war, an attack on the sov-
ereignty of Iran. What happens when destruction is inflicted by a cyber-weapon?
Is this an act of war? But even if Iran had decided to retaliate, against whom
would they have retaliated?
The 1974 UN Charter on aggression defines an act of aggression partially as
“the use of any weapons by a State against the territory of another State” (United
Nations 1974). Farewell and Rohozinski comment that it is still unresolved if
industrial facilities, such as Natanz, count as territory (Farwell and Rohozinski
2011:30). Despite this objection, however, after recognizing what cyber-weapons
like Stuxnet are capable of, the case for cyber-attacks being designated as acts of
aggression possibly harming property and humans is strong. In addition, the
danger of escalation with cyber acts of aggression is very high; it depends on
how the attacked country chooses to react: either accept the impossibility of attri-
bution and calculate that the risk of retaliation is too high, or decide to take it
as a possibility or pretense and react in the physical world by military means
against an aggressor they propose as a possible culprit. The traditionally rela-
tively clear lines of interstate conflict will be “grayed-out into a fog of possibilities
and options” (Rieger quoted in Gross 2011). Stuxnet represents modern techno-
logical cyberwarfare: It will take place without deployed soldiers, be anonymous,
covert, with a high potential for escalation, almost impossible to effectively fortify
against, and increasingly destructive.
Already we witness new cyber-weapons test-runs. Duqu and most recently
Flame are two other grand-scale cyber-weapons that have been discovered.
Unlike Stuxnet, however, these are not programmed to physically destruct, but
instead find their way into industrial control systems to gather sensitive informa-
tion that they send back to their creator. Intriguingly, Flame’s code was similar
to Stuxnet and most computers infected were again in the Middle East, mainly
Iran, Palestine, and Syria (Stoecker 2012).
Interestingly, after Flame was discovered earlier in 2012,7 Israel’s vice Prime
Minister declared that:
Whoever sees the Iranian threat as a meaningful threat—it is reasonable he
would take various measures, including this one. . .Israel has been blessed with
being a state rich in top level high-tech. These tools that we take pride in open
up various possibilities for us. (quoted in Macintyre 2012)

Denial looks different, but this is also no clear confession. While Flame is
“merely” an espionage-worm, it is, nonetheless, already more powerful and com-
plex than Stuxnet. It is not only able to copy and send data in vast amounts and
without being detected, it also records video and audio when programs of

7
It is indeed fascinating that, after Flame’s discovery, the worm was sent a suicide code and self-destructed.
 Y ONG -S OO E UN AND J UDITH S ITA A BMANN 11

interest are running, and uses Bluetooth connections to collect relevant informa-
tion from other Bluetooth devices nearby (Securelist 2012). This information
collected during peacetime can become relevant in times of conflict and lay the
groundwork for possible future machine manipulation as in Natanz.

Implications for the Future of Warfare

Different Types and Effects of Cyber-attacks
What does the investigation of the three empirical cases imply and suggest? First of
all, that there exists a large discrepancy between the types and effects of cyber-
attacks has been shown by the case studies. While espionage or nuisance attacks
such as those in Estonia should not be counted as cyberwarfare, the simultaneous
attack in the physical and the cyber-domain, shown in the Russo-Georgian War,
already points toward a necessary rethinking on how future wars will be waged.
A cyber-threat such as Stuxnet that is independently able to destruct definitely
challenges military and security thinking. Predictions are that field-tests for weap-
ons such as Stuxnet will sprout, a “self-discovery phase” of what militaries are capa-
ble of doing (Gaycken 2012a:199). Future cyber-weapons will likely be more covert,
precise in their target, and ultimately more devastating than Stuxnet.
What is more, the case study shows that different cyber-attacks do have differ-
ent meanings and thus different levels of recognition. Cyber-espionage such as
Titan Rain or the irritating cyber-attacks on Estonia can be classed as “Level
One” cyber-attacks, according to the European Union (“Cyber-espionage and
Nuisance Attacks”) since they do not represent warfare understood in the tradi-
tional legal definitions (European Parliament 2011:51). They are not examples
of cyberwar as many politicians and journalists suggest. It is thus important to
guard against seeking a sweeping concision of pinpointing who is responsible for
cyber-attacks or technological disruption. Accusing China of a temporary power
blackout in Florida (Harris 2008), for example, is not only impossible to prove
but also unhelpful for Washington and Beijing to have a sensible dialogue.
On the other hand, Georgia is already a “Level Two” attack (“Equivalent to
Kinetic Attack”) as the attacks were more sophisticated and coordinated, aimed at
paralyzing the country while the physical attack was underway (European Parlia-
ment 2011:53). The aim of the attacks was not only patriotic in nature (hacktivists
were as busy in Georgia as in Estonia), but also followed the political-military strat-
egy of bolstering the Russian kinetic attack, occupying and confusing the Georgian
government and population. “Level Three” (“Malicious Manipulation”) cyber-
attacks are the most serious and can be classified as acts of aggression as they follow
a distinct political agenda and actively target the specific objective of causing last-
ing disruption and damage. These cyber-attacks have been rare, but real. In this
sense, the Stuxnet incident deserves our considerable attention.8
Taking Clausewitz’s definition that war should be political, instrumental, and
violent, can we call the modern cyber-incidents examined above cyberwar? Most
cyber-threats that have been termed “cyberwar” by politicians or journalists
should not be labeled as such. However, from the cases explored, it should be
clear that cyberspace is becoming increasingly real, urgent, and crucial for
national and human security by the day. In particular, the Stuxnet case shows
how cyber-weapons have been evolving and how they can be utilized in future
wars. While Chinese aggressive hacking and the Estonian attacks do not merit
the label of “war,” the Georgian crisis and specifically Stuxnet make us realize

8
In addition, Stuxnet could have been much more potent and lethal if the target were different. It is thus not
only the weapon as such, but how it is used that analysts and policymakers bear in mind. The authors would like to
thank the reviewer for bringing this critical point to our attention.
12 Cyberwar

that there are new ways of waging war where cyber-weapons play a vital role. In
other words, although cyber-espionage can be dangerous if critical intelligence is
obtained, politicians and the media should be slow to term it cyberwar. This
stretches the term—which should be used cautiously—too far. Calling Estonia
“Web War One” is also not advisable not only because the attacks do not contain
the political and violent characterizers of war, but also because calling it “WWI”
may ramp up unnecessary threat perception or lead to misperception. Georgia,
on the other hand, reveals how future war is likely to be conducted: cyber-attacks
would be force-amplifiers for kinetic attacks. That is to say, the cases of Estonia
and Georgia tell us that cyber-attacks (be they patriotic hacktivist-attacks or those
conducted by the state) are likely to complement future traditional wars. If patri-
otic attacks run counter to states’ strategies and objectives, operations could be
undermined through soft power; escalation and retaliation are possible (Fritz
2008:62). States therefore need to be aware of this new situation and prepare
themselves accordingly. They also need to realize that cyber-weapons are attrac-
tive accompanying weapons during a traditional war.
The Stuxnet case demonstrates another branch of cyberwarfare: an indepen-
dent cyber-weapon, able to attack and physically destroy a specific target in a
covert manner, only discovered after having fulfilled its job. These last two cyber-
incidents can be termed as cyberwar in the sense that they have political goals
carried out purposefully and bring violence/destruction to targeted states or
organizations through cyber-weapons; and they have significant implications for
the future of warfare.

Imaging Future Wars: Cyber-Weapons and Cyber-Strength

As demonstrated earlier, in cyberwarfare, we no longer need to deploy soldiers
on foreign soil to carry out physical attacks. A hacker sits in China or the United
States while hacking into the networks of Washington or Teheran. The Internet
provides a global reach. The establishment of overseas platforms or bases from
which soldiers operate missions is no necessity for cyber-attacks. The life of
cyber-soldiers is thus not at risk unlike the life of a conventional soldier. This
may lead states to more willingly engage in cyberwarfare as the risk for their sol-
diers’ lives is basically non-existent. Cyber-weapons can also be deployed faster
than conventional troops as an attack sent through cyberspace spreads more
quickly, reaching its target faster than humans, planes, tanks, or ships. Com-
pared to the steady but slow spread of aerospace or nuclear weapons technology,
the technology for cyber-weapons is relatively easier to obtain and thus likely to
spread more rapidly and comprehensively (Berkowitz, 1997:181; see also Halpin,
Trevorrow, Webb, and Wright 2006).
Not only are cyber-weapons easier to be deployed, they can also be activated
much more cheaply than conventional weapons. The entry costs for obtaining
cyber-weapons are considerably lower compared to fighter jets, tanks, or ships
(Gaycken 2012a:68). Put otherwise, cyberwarfare presents states with a phenome-
nal cost–benefit ratio. The opportunity of acquiring offensive cyber-weapons
enables states that do not have the financial means to afford modern kinetic
weapon technology to participate in future warfare. The implications of this
could be far-reaching. The cost–benefit ratio “levels the playing field,” especially
in favor of Third World countries which lack considerable leeway in terms of
exercising traditional military power; this can consequently make the West lose
its upper hand in the future battlefield (Fritz 2008:70). In this regard, many
cyber-experts believe that the leveling of the playing field through cyber-weapons
will change global military hierarchies (Rustici 2011; Clarke and Knake 2012;
Gaycken 2012a; Securelist 2012). Cyberwar strength is not only calculated by
cyber-offense capabilities where the West is still predominating, but also by a
 Y ONG -S OO E UN AND J UDITH S ITA A BMANN 13

state’s ability to defend itself and its infrastructure where a higher dependence
on cyberspace occurs. Clarke and Knake’s work (2012) displays this vulnerability
as follows (Table 1).
As (Table 1) shows, our conventional thinking as regards military power does
not apply to cyberspace. North Korea, for example, has the highest total number
of cyberwar strength despite its low incidence of cyber offense; that is, because
North Korea is basically independent of cyberspace it is nearly impossible to
effectively attack the country with cyber-weapons. The exact reverse is the case
for America: Although it has strong cyber-offensive capabilities, it is very vulnera-
ble in terms of defense due to its high cyber dependence: America knows it is
particularly vulnerable to cyber-attacks. Most of the country is run by computer
networks relying on outdated Internet security with the greatest part of the infra-
structure being privately owned and thus not as well secured as those govern-
ment owned, America’s “massive electronic Achilles’ heel” (Lewis 2002:1). Also
recall the case study of Estonia and Georgia: It was Estonia that was severely dis-
rupted because it is a highly web-connected country. All of this indicates that
countries that used to be unable to gain an edge in the traditional battlefield
now see the possibility of changing the status-quo to their advantage. In particu-
lar, non-Western countries tend to be less vulnerable than highly networked Wes-
tern states. This aspect of the nature of cyberspace and cyberwar strength opens
up manifold possibilities of a change in global power hierarchy and of waging
incautious war more often.

Covert Nature of Cyber-Weapons

Here, a further complicating and more perilous matter is the fact that although
cyber-weapons become easier and cheaper to use as discussed above, to deter-
mine who is responsible for their use remains difficult to pinpoint. General Lord
from the US Air Force sees cyberwarfare’s main problem as “determining who is
the enemy. . .where are they, and then what can you do about it?” (quoted in
Harris 2008). Cyberspace, indeed, increases the possibility of attack as it is a
space where an attack’s origin is easy to conceal. In this sense, cyberwarfare is
covert; warning and assessment are hard to make. A state may already be under
attack, but may not notice until the attack has been successfully carried out. This
anonymity in cyberspace renders states more reckless when it comes to making
decisions regarding attacks or wars. Of course, to locate the source of attack can
be possible by tracking down the IP address. This, however, does not provide an
answer to who conducted the cyber-attack as it is customary in cyberspace to exe-
cute attacks via multiple servers located in different countries. The IP address
therefore does not present the attacked state with a physical location to blame
or even attack in response. The discovered server could be located in a neutral,
friendly, or even your own country. Determining the real aggressor is impossible
unless the aggressor admits to it. Cyberspace thus “complicates matters and

TABLE 1. Cyberwar Strength

Nation Cyber Offense Cyber Dependence* Cyber Defence Total

United States 8 2 1 11
Russia 7 5 4 16
China 5 4 6 15
Iran 4 5 3 12
North Korea 2 9 7 18

(Notes. Source: Clarke and Knake (2012:148).

*A lower mark in cyber dependence makes a country more dependent.)
14 Cyberwar

challenges traditional notions of neutrality and sovereignty” (Farwell and Roho-

zinski 2011:31). As witnessed in the case of the damage at Natanz, a destructive
attack can be completed without the attacker being discovered and retaliated
against. This implies that states are more likely to conduct cyber-attacks impru-
dently as the risk of severe consequences are considerably lower than with con-
ventional forms of attack—particularly as the event and the aggressor are evident
in physical attacks. In other words, the lack of attribution in cyberspace increases
uncertainty and the risk of misunderstandings.
What is more, in cyberspace, states can more easily conduct “false flag opera-
tions” designed to blame other governments; this makes it even more difficult to
determine who the aggressor is. China, for instance, repeatedly argues that Wes-
tern accusations against it regarding hacking are a false framing of Beijing and
that such framing is a standard practice of the West (Gertz 2009). In much the
same way states may spread Armageddon scenarios about the cyber-weapon’s
abilities of their traditional enemies. This artificial threat inflation is an “attempt
by elites to create concern for a threat that goes beyond the scope and urgency
that a disinterested analysis would justify” (Cramer and Thrall 2009:1).
In short, the anonymous and covert nature of cyber-weapons holds many impli-
cations for warfare, possibly lowering the threshold for states to initiate an attack
against each other and increasing the use of cyber-attacks as weapons in a gray area
between diplomacy and outright military attack. States could also use alleged
cyber-attacks as false flag operations or an excuse for physical retaliation. That is to
say, cyberwarfare has the potential to escalate into a physical war in the “real” world
because of the anonymity and misunderstandings in cyberspace along with the lack
of legal and institutional frameworks (Gorman and Barnes 2011).

Conclusion
Despite the potential crossover of cyberwar and physical war, this is not to say
that the former will make traditional weapons and war obsolete. At this point,
cyber-weapons, even if capable of physical destruction, do not have the conclu-
sive impact that aerial or nuclear bombardment has. As we know, Iran has
repaired the damaged centrifuges and is again enriching uranium. North Korea
has restarted a nuclear reactor which reportedly is capable of producing about
13 pounds of plutonium a year despite the pressure from the international com-
munity. These examples suggest that exhibitions of traditional military power
and weapons still remain the most critical in international politics. In effect,
cyber-weapons do not change the very nature of war itself.
At the same time, however, there is little doubt that cyber-weapons will
reshape the ways in which war begins or is carried out in the near future. The
case studies have revealed cyber-weapons’ lethal potential for violence and
destructiveness. Even cyber-espionage can be aggressive in its nature if it is not
designed purposefully to damage a web system and Internet network. Offensive
cyber-worms such as Stuxnet have demonstrated that modern cyber-weapons are
able to physically disrupt and destroy their targets. Although a radical change in
the global power hierarchy is not happening because conventional military weap-
ons remain principal, cyber-weapons and their nature make us rethink the future
of warfare and the possible change of global hierarchies. Also, just as nuclear
developments did in the past, cyber-weapons will ask us to revamp our policy
and study of security, war, and power.
Nevertheless, as has often been pointed out, there is a lack of sufficient gov-
ernment policies or legal frameworks to deal with cyber-attacks, cyber-weapons,
and cyberwarfare in practice. There is also a clear shortage of scholarly attention
regarding cyber-weapons and cyberwar (Eriksson and Giacomello 2006:221–224);
a cursory survey of the leading academic journals attests to this. Tracking down
 Y ONG -S OO E UN AND J UDITH S ITA A BMANN 15

the abstracts of articles published in International Security, one of the most

renowned academic journals in the field of security studies, for the last 17 years
(from 1996 until September 2013) through the online search systems of the MIT
Press and the JSTOR Arts & Sciences II Archive Collection shows that there are
only three articles addressing cyberwar or cyber-security—Goldstein (2013), Cro-
nin (2006), and Mahnken and FitzSimonds (2003)—published in the journal
during that period.9 In other words, the importance and implications of cyber-
war for security are not adequately addressed by the current security studies. Fur-
thermore, even the relevant studies on cyberwar or cyber-weapons are confined
to either cyber-pessimism which paints doomsday scenarios derived from deep-
seated fears in relation to cyber-weapons or “cyber-skepticism” which downplays
the role cyber-weapons can play in the real world. This is an unhealthy dichot-
omy, a hindrance to much-needed meaningful research into cyberwar.
What is needed, instead, is to acknowledge that cyberwar is an integral part of
warfare and that cyberwarfare and traditional warfare are becoming more inter-
linked as our society is heading deeper and faster toward the digital age. Also it
is important to keep reminding ourselves of the fact that given the nature of
cyberspace, with its ubiquity and uncertainty, governments need to work
together to establish transnational policies, legal frameworks, and guidelines and
that developing a shared understanding of what constitutes war in cyberspace is
critical and should be reached jointly. In this regard, the bilateral strategic
cyber-security dialogue between China and America can be a good first step (Xu
2011:2). In addition, our analytical or theoretical understanding of the interna-
tional politics of the digital age can benefit from taking what is happening in
cyberspace more seriously. Important questions of security such as why war does
or does not occur will soon want to consider an additional level of analysis:
cyberspace. With respect to the major theoretical perspectives—realist studies on
the distribution of power in the anarchic international system, liberalist focus on
interdependence and globalization, and constructivist analysis of image and
identity—can all be complemented and made more sophisticated by factoring in
cyberspace or cyber-weapons, which in turn can contribute to a better under-
standing of the international politics and security in the ongoing digital age.
More specifically, theoretical questions and the vacuum left by the existing
theoretical debates—such as how modern technological advances challenge the
power distribution of the international system; how cyberspace changes our
understandings of sovereignty and the meaning of an enemy; and how the closer
and faster interconnectedness cyberspace brings to us affects incentives of coop-
eration among states—will finally be asked and begin to be addressed by linking
specific knowledge of cyberwarfare to the mainstream theories.
Cyberspace and cyberwar involve messy, perhaps intractable, problems. Per-
haps, for this very reason, they deserve more careful and greater attention from
both academics and policymakers than they have hitherto received. To reiterate,
“you may not be interested in cyberwar, but cyberwar is interested in you.”

References

ALEXANDER, DAVID. (2013) Cyber Threats Pose Stealthy, Insidious Danger. Reuters. Available at http:
//www.reuters.com/article/2013/05/31/us-usa-defense-hagel-cyber-idUSBRE94U05Y20130531/
(Accessed June 15, 2013).
ARQUILLA, JOHN, AND DOUGLAS A. BORER, Eds. (2009) Information Strategy and Warfare: A Guide to Theory
and Practice. New York: Routledge.
ARQUILLA, JOHN, AND DAVID RONFELDT. (1997) In Athena’s Camp: Preparing for Conflict in the Information
Age. Washington DC: RAND.

9
See http://0-www.mitpressjournals.org.pugwash.l. http://about.jstor.org/journals (accessed 29/09/2013).
16 Cyberwar

BERKOWITZ, BRUCE D. (1997) Warfare in the Information Age. In Athena’s Camp: Preparing for Conflict in
the Information Age, edited by John Arquilla and David Ronfeldt. Santa Monica: RAND.
BRITO, JERRY, AND TATE WATKINS. (2011) Loving the Cyberbomb? The Dangers of Threat Inflation in
Cybersecurity Policy. Working Paper, Mercatus Center, George Mason University; 1–39.
BULL, HEDLEY. (1977) The Anarchical Society: A Study of World Order in World Politics. London: Macmillan.
CARR, JEFFREY (2010) Inside Cyber Warfare: Mapping the Cyber Underworld. London: O’Reilly Media.
CARR, JEFFREY. (2011) What Is Cyberwar? Slate. Available at http://www.slate.com/articles/technology/
future_tense/2011/08/what_is_cyberwar.html/ (Accessed May 24, 2013).
CHARETTE, ROBERT. (2011) Lockheed Martin Cyber Attack: Routine, A Warning or a Possible Act of
War? IEEE Inside Technology Spectrum. Available at http://spectrum.ieee.org/riskfactor/telecom/
security/lockheed-martin-cyber-attack-routine-a-warning-or-a-possible-act-of-war/ (Accessed July
28, 2013).
CLARKE, RICHARD, AND ROBERT KNAKE. (2012) Cyber War: The Next Threat to National Security and What to
Do about It. New York: Harper Collins.
CLAUSEWITZ, CARL VON. (1997) On War. Ware, UK: Wordsworth Classics.
CRAMER, JANE, AND TREVOR THRALL. (2009) Introduction: Understanding Threat Inflation. In American
Foreign Policy and the Politics of Fear: Threat Inflation since 9/11, edited by Jane Cramer and Trevor
Thrall. New York: Routledge.
CRONIN, AUDREY KURTH. (2006) How al-Qaida Ends: The Decline and Demise of Terrorist Groups.
International Security 31 (1): 7–48.
ERIKSSON, JOHAN, AND GIAMPIERO GIACOMELLO. (2006) The Information Revolution, Security and
International Relations: (IR)relevant Theory? International Political Science Review 27 (3): 221–
244.
ESPINER, TOM. (2008) Estonia’s Cyber-attacks: Lessons Learned, a Year On. London: ZDNet UK. Available
at http://www.zdnet.com/estonias-cyber-attacks-lessons-learned-a-year-on-3039408158/ (Accessed
August 3, 2013).
EUROPEAN PARLIAMENT. (2011) Cyber Security and Cyberpower: Concepts, Conditions and Capabilities for
Cooperation for Action within the EU. Brussels: Directorate-General for External Policies of the Union.
EVANS, MICHAEL, AND GILES WHITTELL. (2010) Cyberwar Declared as China Hunts for the West’s
Intelligence Secrets. The Times, 8 March.
FARWELL, JAMES, AND RAFAL ROHOZINSKI. (2011) Stuxnet and the Future of Cyber War. Survival 53 (1):
23–40.
FRITZ, JASON. (2008) How China Will Use Cyber Warfare to Leapfrog in Military Competitiveness.
Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies 8 (1): 28–
80.
FULGHUM, DAVID. (2007) Why Syria’s Air Defences Failed to Detect Israelis. New York: Aviation Week.
GAYCKEN, SANDRO. (2012a) Cyberwar: Das Wettrusten € hat l€
a ngst begonnen—Vom digitalen Angriff zum realen
Ausnahmezustand. M€ unchen: Goldmann.
GAYCKEN, SANDRO. (2012b) Unsere verwundbare Gesellschaft. Hamburg: Der Spiegel.
GERTZ, BILL. (2009) China Blocks US from Cyber Warfare. Washington Times, 12 May.
GELLMAN, BARTON, AND ELLEN NAKASHIMA. (2013) U.S. Spy Agencies Mounted 231 Offensive Cyber-
operations in 2011, Documents Show. The Washington Post, August 31.
GOETZ, JOHN, MARCEL ROSENBACH, AND ALEXANDER SZANDAR. (2009) Krieg der Zukunft. Der Spiegel.
Available at http://www.spiegel.de/spiegel/print/d-64082614.html/ (Accessed March 28, 2014).
GOLDSTEIN, AVERY. (2013) First Things First: The Pressing Danger of Crisis Instability in U.S.-China
Relations. International Security 37 (4): 49–89.
GORMAN, SIOBHAN, AND JULIAN BARNES. (2011) Cyber Combat: Act of War. The Wall Street Journal.
Available at http://online.wsj.com/article/SB10001424052702304563104576355623135782718.
html?mod=WSJ_Tech_INTL_LSMODULE/ (Accessed May 29, 2013).
GRAHAM, BRADLEY. (2005) Hackers Attack via Chinese Websites. The Washington Post, August 25.
GROSS, MICHAEL J. (2011) A Declaration of Cyberwar. New York: Vanity Fair. Available at http://www.
vanityfair.com/culture/features/2011/04/stuxnet-201104/ (Accessed March 8, 2013).
HALPIN, EDWARD, PHILIPPA TREVORROW, DAVID WEBB, AND STEVE WRIGHT. (2006) Cyberwar, Netwar and the
Revolution in Military Affairs. New York: Palgrave Macmillan.
HARRIS, SHANE. (2008) China’s Cyber Militia. Washington, DC: National Journal. Available at http://
www.nationaljournal.com/magazine/china-s-cyber-militia-20080531
KANG, JIN-KYU. (2013) Major Computer Network Meltdown. Korea Joongang Daily, March 21.
KREKEL, BRYAN. (2009) US-China Economic and Security Review Commission Report on the Capability of the
People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation. McLean:
Northrop Grumman Corporation.
 Y ONG -S OO E UN AND J UDITH S ITA A BMANN 17

KREMP, MATTHIAS. (2001) Elite-Hacker Fuhren € € China. Der Spiegel. Available at http://
Cyberwar fur
www.spiegel.de/netzwelt/web/blaue-armee-elite-hacker-fuehren-cyberwar-fuer-china-a-765081.html/
(Accessed May 29, 2013).
LANDLER, MARK, AND JOHN MARKOFF. (2007) Digital Fears Emerge after Data Siege in Estonia. The New
York Times, May 29.
LEWIS, JAMES. (2002) Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats. Washington,
DC: Centre for Strategic and International Studies.
LISCHKA, KONRAD. (2007) Estland Schw€acht Vorw€ urfe Gegen Russland ab. Der Spiegel. Available at
http://www.spiegel.de/netzwelt/web/0,1518,483583,00.html/ (Accessed April 12, 2013).
LONSDALE, DAVID. (2004) The Nature of War in the Information Age. London: Frank Cass.
MACINTYRE, DONALD. (2012) Israel Hints It May Be Behind “Flame” Super-Virus Targeting Iran. The
Independent. Available at http://www.independent.co.uk/news/world/middle-east/israel-hints-it-
may-be-behind-flame-supervirus-targeting-iran-7800935.html/ (Accessed April 7, 2013).
MAHNKEN, THOMAS G., AND JAMES R. FITZSIMONDS. (2003) Revolutionary Ambivalence: Understanding
Officer Attitudes toward Transformation. International Security 28 (2): 112–148.
MARCUS, JONATHAN. (2013) US Accuses China Government and Military of Cyber-Spying. BBC News China.
Available at http://www.bbc.co.uk/news/world-asia-china-22430224/ (Accessed June 3, 2013).
MARQUAND, ROBERT, AND BEN ARNOLDY. (2007) China Emerges as Leader in Cyberwarfare. The
Christian Science Monitor. Available at: http://www.csmonitor.com/2007/0914/p01s01-woap.html/
(Accessed September 14, 2013).
MORA, EDWIN. (2012) Panetta Warns of Cyber Peal Harbour. CNS News. Available at http:/
cnsnews.com/news/article/panetta-warns-cyber-pearl-harbor-capability-paralyze-country-there-now/
(Accessed October 15, 2012).
OFFICE OF THE SECRETARY OF DEFENSE. (2013) Military and Security Developments Involving the People’s
Republic of China 2013. Available at http://www.defense.gov/pubs/2013_china_report_final.pdf/
(Accessed March 14, 2014).
POREMBA, SUE. (2012) Definition of Cyber War Remains Elusive, Even for Security Experts. IT Business Edge.
Available at http://www.itbusinessedge.com/cm/blogs/poremba/definition-of-cyber-war-remains-
elusive-even-for-security-experts/?cs=49725/ (Accessed July 27, 2013).
RASH, WAYNE. (2011) Lessons Learned from Lockheed. CTO Edge. Available at http://www.ctoedge.
com/content/lessons-learned-lockheed/ (Accessed June 28, 2012).
RID, THOMAS. (2012) Think Again: Cyberwar. Foreign Policy. Available at http://www.foreignpolicy.
com/articles/2012/02/27/cyberwar?page=full/ (Accessed September 11, 2012).
RUSTICI, ROSS. (2011) Cyberweapons: Levelling the International Playing Field. Available at http://
strategicstudiesinstitute.army.mil/pubs/parameters/Articles/2011autumn/Rustici.pdf/ (Accessed
April 4, 2014).
SANGER, DAVID. (2013) U.S. Blames China’s Military Directly for Cyber-attacks. New York Times.
Available at http://www.nytimes.com/2013/05/07/world/asia/us-accuses-chinas-military-in-cyber-
attacks.html?_r=0/ (Accessed October 17, 2013).
SCHMITT, MICHAEL N, Ed. (2013) Tallinn Manual on the International Law Applicable to Cyber Warfare.
NewYork: Cambridge University Press.
SECURELIST. (2012) The Flame: Questions and Answers. Moscow: Kaspersky. Available at https://www.
securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers/ (Accessed February
19, 2013).
SPIEGEL. (2007) Cyber-Angriffe auf Estland alamieren EU and NATO. Der Spiegel. Available at http://
www.spiegel.de/netzwelt/web/0,1518,483416,00.html/ (Accessed September 29, 2012).
SPIEGEL. (2012) Experten Enttarnen Neue Cyberwaffe. Der Spiegel. Available at http://www.
spiegel.de/netzwelt/web/computerwurm-flame-von-it-experten-entdeckt-a-835604.html/ (Accessed
September 29, 2012).
STOECKER, CHRIS. (2012) Israel Preist Spionage-Virus Flame. Der Spiegel. Available at http://www.
spiegel.de/netzwelt/netzpolitik/israelischer-minister-mosche-jaalon-lobt-flame-virus-a-835727.html/
(Accessed October 3, 2013).
THE ECONOMIST. (2010a) War in the Fifth Dimension. The Economist. Available at http://www.
economist.com/node/16478792/. (Accessed March 28, 2013).
THE ECONOMIST. (2010b) The Stuxnet Worm: A Cyber-missile Aimed at Iran? The Economist. Available
at http://www.economist.com/blogs/babbage/2010/09/stuxnet_worm/ (Accessed June 16,
2013).
THE WHITE HOUSE. (2010) The United States’ 2010 National Security Strategy. Available at http://www.
whitehouse.gov/sites/default/files/rss_viewer/national_security_strategy.pdf/ (Accessed March
13, 2014).
18 Cyberwar

THORNBURGH, NATHAN. (2005) The Invasion of the Chinese Cyberspies. Time Magazine. Available at
http://www.time.com/time/magazine/article/0%2C9171%2C1098961%2C00.html/ (Accessed
September 8, 2013).
TKACIK, JOHN. (2008) Trojan Dragon: China’s Cyber Threat. Washington DC: The Heritage Foundation
Available at http://s3.amazonaws.com/thf_media/2008/pdf/bg2106.pdf/ (Accessed April 3,
2014).
TOFFLER, ALVIN, AND HEIDI TOFFLER. (1995) War and Anti-War: Survival at the Dawn of the 21st Century.
London: Warner Books.
UK PRIME MINISTER. (2010). A Strong Britain in an Age of Uncertainty: The National Security Strategy.
Available at http://www.direct.gov.uk/prod_consum_dg/groups/dg_digitalassets/@dg/@en/
documents/digitalasset/dg_191639.pdf/ (Accessed January 13, 2014).
UNITED NATIONS. (1974) Definition of Aggression Resolution 3314. Available at http://legal.un.org/
avl/ha/da/da.html/ (Accessed April 4, 2014).
US DEPARTMENT OF DEFENSE. (2011) Strategy for Operating in Cyberspace. Available at http://www.defense.
gov/news/d20110714cyber.pdf/ (Accessed June 15, 2013).
WALZER, MICHAEL. (2006) Just and Unjust Wars: A Moral Argument with Historical Illustrations. New York:
Basic Books.
WAN, WILLIAM. (2013) After Snowden Revelations, China Worries about Cyberdefense, Hackers. The
Washington Post, September 04.
WU, CHRIS. (2004) An Overview of the Research and Development of Information Warfare in China.
In Cyberwar, Netwar and the Revolution in Military Affairs, edited by Edward Halpin. New York:
Palgrave Macmillan.
XU, TING. (2011) China and the United States: Hacking Away at Cyber Warfare. Asia Bulletin 135: 1–2.