Early International Relations scholarship on cybersecurity has been characterized by arguments about the forms, uses and effects of cyber warfare. Human history has seen the boundaries of the battlefield expand through technological transformations that continually redefine what it means to go to war, from land to sea, from air to outer space, and now to cyberspace. Since the early 1990s, security experts and media pundits have prophesied the dangers of cyber war, yet in the last decade a growing number of researchers have expressed skepticism. While the academic debate between the prophets and skeptics has remained contentious, militaries around the world have expanded their operations in and through cyberspace. People may not be directly killed by bits and bytes, but they can be harmed by those instruments of modern society that rely on cyberspace and its associated technologies. Understanding how states might leverage potential effects in and through cyberspace in times of war and conflict, and how cyber operations change the character of war, is important to policy-makers, military planners and students of cybersecurity.
The long history of war and its near-continuous impact on human lives across the millennia have characterized the history of international relations, as scholars attempt to address ever-important questions on the causes of war and peace. From this perspective, it seems logical that, when confronted with a “new” domain, researchers should attempt to understand the occurrence of a new form of conflict and the conditions for peace. But what is cyber war? How different is it from war in other domains? Defining cyber war is crucial if we are to understand it, not least because of the economic, political and societal implications of waging war.
The spectrum of conflict in cyberspace encompasses everything from bullying and criminal activity to espionage and sabotage. At the violent end of the scale, cyberattacks can threaten critical infrastructure, economies, property and the well-being of citizens. There is no question that significant cyberattacks and incidents threaten national security, but this does not necessarily mean that they qualify as an act of war. Law scholar Michael Schmitt has argued that, thus far, cyberattacks have not been sufficiently organized, intense or destructive to constitute acts of war.1 The US government holds that a cyberattack would have to “proximately result in death, injury or significant destruction” to qualify as an act of war.2 However, the (proximate) effects of cyberattacks are not always clear. In practice, the current threshold set by international law is open to interpretation and is likely to evolve.
Since the beginning of the twenty-first century, thousands of NATO soldiers have fought in Afghanistan, Iraq and Syria without their countries being in a formal state of war. Many countries use force through military means without formally declaring war. Cyber war is no different.3 A number of government officials and pundits have claimed that the United States is fighting a cyber war. However, legally speaking, this is not the case. Researchers have criticized the hysteria that surrounds the discourse on cyber war, with some even suggesting it to be impossible in practice.4
War is a political process through which groups of individuals threaten harm to influence an adversary. War – and, by extension, cyber war – will always be an instrument of politics. Although the political nature of war is constant, the conduct of war or warfare – typically through military operations – has evolved over time.5 In the traditional understanding, two or more countries would go to war and their soldiers would confront each other on a battlefield using swords, bows, guns, gas, bombs, etc. With the advent of cyberspace, the belligerents and the type of engagements characterizing war have expanded across the three layers of cyberspace. Cyberspace has expanded the character and characteristics of war without affecting its inherently political and physical nature.
Most of the debate on cyber war is about its characteristics, and the extent to which cyberspace is transforming the conduct of war – or, more specifically, whether cyberspace is prompting fundamental changes in warfare. The notions of violence and force, which are often used to define war and warfare, are less apparent in cyberspace than in the physical world.6 Thus, scholars have debated the form and effects of cyber war.
In the early 1990s, security researchers started considering the implications of the information technology revolution on the conduct of war. Experts debated the occurrence of a revolution in military affairs that would radically change the character of war.7 In this context, two RAND Corporation scientists, John Arquilla and David Ronfeldt, published a scholarly article entitled “Cyberwar is Coming!” in 1993. In their article, Arquilla and Ronfeldt argued that the information revolution was altering not just the character of conflict – that is to say, the specific ways in which a conflict is waged (e.g. parties involved, terrain, technologies, etc.) – but also the nature of conflict, spurring a need for new military structures, doctrines and strategies. They introduced two original concepts to think about these new conditions: netwar and cyber war. The concept of netwar emphasized “societal-level ideational conflicts waged in part through internetted modes of communication.”8 They defined cyber war as military operations seeking to disrupt or destroy information and communication systems. Cyber war, the researchers noted, “is about organizations as much as technology. It implies new man–machine interfaces that amplify man’s capabilities.”9 Reflecting on the implications of cyber war, Arquilla and Ronfeldt identified a number of puzzles that would capture the attention of researchers two decades later. What would cyber war look like? What would be the roles of and the relationship between offense and defense in cyber war? Could cyber victory be attained without destruction?
Increasingly complex communications and information infrastructures captivated the attention of American strategists and policy-makers for the next decade and beyond. But the key concept that drove the debate on the evolving character(istics) of war continued to be that of a revolution in military affairs, and not cyber war. For the proponents of the revolution in military affairs, new technology was enabling information to flow more freely from the battlefield to the headquarters and vice versa, leading to more network-centric forms of warfare.10 While the advent of cyberspace certainly led to new efficiencies at the organizational level and evolving military structures and practices, few authors today would make the case that these changes qualify as a revolution in military affairs.11
In the mid-2000s, a number of cyberattacks drew extensive media coverage and prompted some experts to ask whether cyber war was (finally) emerging as a threat. In April 2007, a series of cyberattacks targeted Estonia following growing tension with Russia over the relocation of a World War II statue of a Soviet soldier to the outskirts of Tallinn. Waves of spam and automated online requests swamped Estonian servers, taking down dozens of websites and online services. The denial of service attack affected government services, newspapers and broadcasters, as well as banking services, causing millions of dollars of losses.12 Though Estonia could not technically prove beyond a doubt who was behind the attacks, the government, leveraging substantial circumstantial data, pointed to its neighbor, Russia, and called on NATO for support. In an ensuing debate, international experts agreed that Russia was the most likely culprit, though direct responsibility could not be formally established. Were the attacks on Estonia an act of cyber war? For John Arquilla, these attacks qualify as a kind of “low-intensity war,” in which the use of military force was applied selectively and with restraint to influence an enemy.13 Yet, most experts find it difficult to conceive of a war in the absence of casualties and physical damage to property. In another notable case that took place a few months later, Israeli forces are suspected of using a cyberattack (Operation Orchard) to temporarily deactivate the Syrian air defense network. This attack allowed the Israeli air force to conduct a successful airstrike on a suspected nuclear reactor in Northern Syria.14 For cybersecurity expert Gary McGraw, this attack is a case of cyber war “because the link to a kinetic effect is clear – a completely destroyed Syrian facility.”15 However, it could be argued that the Israeli airstrike caused this kinetic effect, and not the cyberattack.
The growing number of cyberattacks and intrusions worldwide, including against the United States, fueled the imagination of some American experts, keen to warn about the dangers of cyber war. In their book entitled Cyber War, Richard Clarke, a former special advisor on cybersecurity to the president, and Robert Knake, a former National Security Council staffer, imagined a scenario in which devastating cyberattacks would induce power blackouts, collapse air traffic control systems, and cause train and subway derailments and refinery and gas explosions causing several thousand deaths.16 This vastly exaggerated scenario was reminiscent of the “electronic Pearl Harbor,” which experts had warned against as early as 1991.17 This expression was then popularized by Secretary of Defense Leon Panetta in a 2012 speech:
The most destructive scenarios involve cyber actors launching several attacks on our critical infrastructure at one time, in combination with a physical attack on our country. Attackers could also seek to disable or degrade critical military systems and communication networks. The collective result of these kinds of attacks could be a cyber Pearl Harbor; an attack that would cause physical destruction and the loss of life. In fact, it would paralyze and shock the nation and create a new, profound sense of vulnerability.18
Media and CEOs of cybersecurity companies also used the expression “cyber Pearl Harbor” – and others like “cybergeddon” – to attract readers and clients.19 Skeptical observers have repeatedly pointed out that these scenarios have not materialized. But the hysteria around cyber war remained, and shaped the early scholarly debate on the topic.
In a widely read article, political scientist Thomas Rid argues that “Cyber War Will Not Take Place.”20 Rid examines examples of cyberattacks to raise a number of definitional questions, which framed the early debate on cyberspace and international security. He argues that all politically motivated cyberattacks are not war but sophisticated versions of sabotage, espionage and subversion. To support his argument, Rid carefully (some might say narrowly) defines cyber war. According to him, “any act of war has to have the potential to be lethal; it has to be instrumental; and it has to be political.”21 Following this definition, not a single cyber offense identified in the debate on cyber war would constitute an act of war on its own.
First, the lethality of cyberattacks is never direct; neither is it essential to the success of cyberattacks. It is conceivable that a cyberattack could cause a train to crash, or an electricity grid to stop working. Following these events, people could be killed or military units could be rendered defenseless. However, in practice, “no cyber offense has ever injured a person” and cyberattacks “need not be violent to be effective.”22 Second, Rid finds that most uses of cyber power are minimally – if at all – instrumental. The cyberspace component of an attack is rarely sufficient or central in forcing adversaries to change their behavior. Distributed Denial of Service (DDoS) attacks, for example, can limit a government’s ability to communicate but won’t force it to sue for peace. Third, Rid points out that political attribution of cyberattacks is rare. Though a cyberattack might be political, in the absence of attribution, the attack is depoliticized. Rid concludes that cyber war will not take place as long as cyberattacks continue to be characterized by the absence of violence, unclear goals and no political attribution.
Other types of activities seem to dominate the spectrum of conflict in cyberspace: crime, espionage, subversion and sabotage. None of these activities fulfills the three criteria Rid identifies. Cybercrime is apolitical, and criminals conceal their identity to protect themselves. Cyber espionage seeks to penetrate an adversary’s system to extract sensitive information. Its purpose is not directly political – rather, it seeks to gather information to inform policies. Cyber subversion is political because it seeks to erode social bonds and trust in collective entities. However, cyberspace is a platform to reach out to an audience, but not the target of subversion. Finally, cyber sabotage – the deliberate attempt to weaken or destroy an economic or military system – is instrumental. However, its nature is predominantly technical and its targets are material things, not humans. Saboteurs can also avoid attribution and open violence.23 Storybox 6.1 tells the story of the Stuxnet worm, a famous case of cyber sabotage – or cybotage – that dominated the early discussions on cyber war.
In June 2010, computer security analysts working for Belarus company VirusBlokAda discovered a worm that intentionally targeted industrial equipment and software in a number of countries.24 The malware used a previously unknown, or zero day, vulnerability to spread on computers via USB sticks. The malware, dubbed Stuxnet (a combination of the file names .stub and .MrxNext.sys) was designed to target a specific type of program used in industrial control systems that drive motors and switches. Further analysis revealed that the malicious code was highly sophisticated, using not one but four zero-day exploits as well as fraudulent certificates, and that Iran was the center of the infection. The malware had been specifically designed to covertly inject commands and sabotage industrial controllers used in the Natanz nuclear facility in Iran.25
Starting in 2008, Stuxnet generated small adjustments, manipulating the speed at which nuclear centrifuges in Natanz were spinning, to break them down. The attack reportedly took out nearly 1,000 of the 5,000 or so centrifuges Iran was using at the time to purify uranium. All the while, the computers controlling the centrifuges showed no sign of these physical changes and Iranian scientists thought they were confronting random breakdowns. Since the Iranian control system was air-gapped, nobody suspected a cyberattack. But the worm was transported via a thumb drive onto the air-gapped network and eventually spread beyond after an Iranian engineer connected his computer to the centrifuges and back to the Internet. Stuxnet was eventually discovered after infecting thousands of machines throughout the world.
Reporters subsequently revealed that the attack was a joint operation between the US and Israeli intelligence services, codenamed “Olympic Games.”26 The two countries developed a new type of sabotage – some would even say a military-grade cyber weapon. Stuxnet was a tipping point in the debate on cyber war. This worm demonstrated that an offensive cyber capability could target and compromise a remote system to cause physical damage across international boundaries. Despite the damage Stuxnet inflicted on Iranian centrifuges, the Iranian nuclear program only experienced a temporary setback as a result of the covert operation.
While there is a broad consensus on the need to distinguish between war, crime, sabotage, espionage and subversion, Rid’s claim that cyber war will not take place, and his focus on lethality as a criterion for war, have been more controversial.27 In a response to Rid, John Stone argues that cyberattacks can be understood as acts of war. He reminds us that Clausewitz defined war as “an act of physical force” and argues that Rid conflates force, violence and lethality. Force is the capacity to cause physical damage to humans but also to objects. Force should not be conflated with lethality, or the ability to kill somebody. For Stone, “all wars involve force, but force does not necessarily imply violence – particularly if violence implies lethality”. 28 From this perspective, acts of war do not need to kill humans – they can generate a large amount of violence by targeting the manufacturing capabilities of an enemy, for instance. Stone concludes that cyberattacks, particularly cyber sabotage, could constitute an act of war. However, the debate on cyber war remains unsettled. If Rid set the threshold for cyber war too high, Stone might have set it too low. Brandon Valeriano and Ryan Maness have criticized Stone’s position, pointing out that “without violence, injury, and death, the term [war] loses much of its meaning and implication.”29
When considering what exactly cyber war is, researchers have provided a significant contribution to the broader debate on the evolving character and nature of war. Overall, the debate on cyber war demonstrates how fuzzy and subjective a concept war can be. The use of the prefix “cyber” – denoting the use of computer network attacks to wage war – also has its limits. In the most extreme scenarios, where a cyberattack would end several thousand lives and disrupt the lives of millions of others, “cyber” becomes superfluous. A cyberattack of such a scale would lead to war, not cyber war.30
Most International Relations scholars have moved beyond the hype. Myriam Dunn Cavelty was one of the first scholars to systematically criticize the hyperbole around cyber war. In her 2008 book on cybersecurity, she uses securitization theory to reveal the socially constructed nature of cyber threats in the US discourse.31 Other approaches now appear to be more fruitful. John Sheldon, for example, focuses on cyber power, which he defines as “a form of influence in and from cyberspace.”32 Brandon Valeriano and Ryan Maness have emphasized the needs for systematic and theoretically informed empirical research to counter the cyber hype. They have used available data on cyber incidents and disputes to explore the significance of cyber conflict, which they define as “the use of computational technologies in cyberspace for malevolent and destructive purposes in order to impact, change, or modify diplomatic and military interactions among entities.”33 From this perspective, cyber war is only one possibility in the broader spectrum of cyber conflict. Their study of state rivalry in cyberspace, based on a database of incidents running from 2001 to 2011, shows that “the actual magnitude and pace of attacks do not match the popular perception.”34 So far, the fear of cyberattacks is greater than the damage they have caused. Their research supports the more moderate view that states have demonstrated restraint in their use of cyberattacks, mostly because of the potential for blowback, replication and collateral damage.35 Yet new cases of cyberattacks challenge the moderate view. Storybox 6.2 examines attacks on the Ukrainian energy grid, in 2015 and 2016, which suggest that some of the cyber doom scenarios might not be as far-fetched as the most skeptic voices in the debate initially thought.
Since the Ukrainian revolution of 2014, which overthrew Kremlin-backed President Viktor Yanukovych, Russia has become increasingly aggressive toward its neighbor to the west. Following the revolution, Russia annexed the Crimean Peninsula, and launched a series of skirmishes in the eastern region of Donbas. Russian operations in Ukraine have also taken place in cyberspace, targeting multiple sectors of Ukrainian society – banking and finance, health, media, military, politics, transportation, etc. These attacks have allowed Russia to perfect its approach to cyber warfare and test Western resolve.36
In December 2015, some 225,000 Ukrainians were left without electricity when hackers disabled 15 electricity substations and back-up power supplies. The attackers first conducted a phishing attack to lodge an all-purpose trojan known as BlackEnergy in the computer systems of specific Ukrainian power companies. They eventually gained access to industrial control software used to operate key equipment, and unloaded another code, named KillDisk, for destruction. The 2015 Ukrainian blackout lasted a few hours, until engineers manually switched the power on again. A year later, another attack took down a larger transmission station in Kiev for an hour. This second attack demonstrated more sophistication, using a piece of malware, “CrashOverride,” that had been tailored specifically to sabotage the energy grid.
Cybersecurity analysts believe that the same group of hackers – Sandworm – conducted the 2015 and 2016 attacks, and have expressed concern over this group’s ability to refine its attacks and attempt to infiltrate US systems.37 Most of the clues they have found, as well as the possible motives, for these attacks clearly point toward Russia.
Moderate voices recognize that the Internet will be a theatre of future conflict and that new cases may challenge their position. Yet they doubt that cyberattacks could decide the outcome of a conflict. First, cyberattacks remain limited because cyberspace is inherently linked to the physical world. Stuxnet, the most dramatic example of cyber sabotage that is publicly known, probably required a human using a flash drive to bypass the air gap protecting Iranian nuclear centrifuge systems. Second, cyberattacks are often limited in duration and have more readily reversible effects than conventional kinetic attacks. Stuxnet delayed but did not destroy capabilities, and the Ukrainian blackouts only lasted a few hours. Finally, cyberattacks do not destabilize international relations, because states exercise restraint in their use of cyber power. The risk, for Valeriano and Maness, is that governments’ excessive concern with cyber war will limit freedoms and innovation on and through the Internet.38
Another strand of research explores the potential motives behind cyber war to question its existence. For Erik Gartzke, the debate on cyber war has focused too much on means of cyberattacks (capabilities) and their outcomes (destruction and lethality), and not enough on the motives of those who are able to act.39 Why would a state use cyberattacks to target an adversary? Force is traditionally used to punish, to conquer and to compel enemies to do things. Gartzke finds that most of the actors who are capable of harming their adversaries – online or elsewhere – do not do so, because they have insufficient reason to do so. Like Valeriano and Maness, he finds that cyberattacks on their own do not pose a threat that is significant enough to affect the political decisions of a sovereign nation. While cyberattacks might inflict costs on an adversary – for example by shutting down the electricity grid of a country – this damage can be fixed and there would be no long-lasting harm that could cause a shift in the balance of power.40
While researchers have pointed out that the anonymous nature of cyberattacks is a problem for defenders who might not be able to directly attribute them,41 Gartzke adds that the absence of attribution is problematic for attackers. Why would an adversary attack and remain anonymous? Anonymity might protect an attacker from retribution but would also prevent him from getting credit for the attack. From the point of view of the victim, there can be no surrender if there is no attribution.42 The attacker must then necessarily conclude that cyberattacks cannot achieve much without being associated with more conventional kinetic forms of military violence, where attribution is less problematic. In this context, cyberattacks are likely to remain a secondary tool, behind the use of conventional kinetic forces able to inflict unacceptable harm on an adversary.43
At a conceptual level, Gartzke’s argument reinforces the point that what is distinctive about cyberspace, as a domain of operation, is that it is connected to all the other domains of military operation. This finding suggests that cyber power will most benefit well-established or strong military powers such as China, Russia and the United States, which can most effectively rely on their superior military power.44 Indeed, most of the case studies of effective cyber operations discussed in the literature – including in this book – tend to focus on these countries. Cyber power should not be considered as an isolated instrument but in conjunction with other forms of warfare. Storybox 6.3 shows how Russia embraced a holistic use of cyberattacks during its 2008 conflict with neighboring Georgia.
In August 2008, Russia launched a series of large-scale overt cyberattacks to augment its on-the-ground military operation in Georgia. A number of patriotic citizen hackers launched DDoS attacks and defaced select websites belonging to dozens of government, news and financial institutions. As much as 35 percent of Georgia’s Internet networks were affected. The networks used to launch the DDoS attacks, and the Georgian efforts to defend itself in cyberspace, spread far beyond the Russo-Georgian border, involving cyber infrastructure in over 60 countries.45
The cyber campaign against Georgia was carefully planned and closely coordinated with Russian military progress on the ground. The attacks diminished the Georgian government’s ability to respond and communicate while Russian tanks were moving into South Ossetia in the early days of the campaign. This denial opened space for Russia to make gains at the strategic level and disseminate propaganda that pinned responsibility for the conflict on Georgia. These cyberattacks were not essential to the Russian intervention but they provided “marginal improvements to military effectiveness.”46
The Russo-Georgian war was the first time in history that a cyberattack was so closely synchronized with a conventional military campaign.47 Reflecting on how Russia leveraged cyberattacks to augment on-the-ground operations, John Arquilla concluded, in a nod to his 1993 article with David Ronfeldt, “Cyberwar Is Already Upon Us.”48 More measured voices have used this case to discuss the use of cyber power in war, rather than cyber war. Russia effectively mobilized the cyber power provided by patriotic citizens and hacker communities, limiting the ability of Georgia and the international community to attribute the cyberattacks to Russia, and to respond to them.49 Though these attacks succeeded in limiting Georgia’s ability to communicate, at the strategic level, Russian propaganda eventually failed to generate international consensus on their version of the events.
In the last decades, advanced militaries across the world have developed institutions and doctrines to better integrate cyber power into military operations. The US government established a Cyber Command in 2009, and the United Kingdom a Joint Forces Cyber Group in 2013 to plan and coordinate cyber warfare operations. Since 2017, the “Commandement de cyberdéfense” leads French military operations in cyberspace. The Chinese People’s Liberation Army’s (PLA’s) equivalent is the “Strategic Support Force.”
Military operations in cyberspace can occur in various contexts, ranging from peacetime to high-intensity warfare. Peter Dombrowsky and Chris Demchak point out that cyberspace has “added layers of complexity to existing tactics and operations, and become increasingly influential in the strategic calculus of several major powers in the international system.”50 Cyber operations employ cyberspace capabilities to achieve objectives in and through cyberspace. Cyberspace is both a means and a target for militaries to exert power. Actions “in” cyberspace seek to deny or even manipulate an adversary’s use of information systems and networks. The military also operates “through” cyberspace on a routine basis, using computers to support commanders’ decisions. Core military functions such as Command and Control (C2) and logistical support rely on cyberspace to integrate, synchronize and direct operations at digital speeds. The network-centric character of modern militaries creates vulnerabilities that need to be defended.51
The US military distinguishes between offensive and defensive cyberspace operations. Offensive operations seek to disrupt the adversary’s operations to deny them access to information systems, to deceive or manipulate adversaries, to degrade their capacity, or to destroy their computers or computer networks and applications. Defensive operations seek to detect, analyze and mitigate threats to computer networks, to preserve the ability to utilize cyberspace capabilities and to protect data, networks and systems.52 Defensive operations can actively seek to jam or disrupt enemy offensive capabilities, or be more passive and block attacks. The distinction between offensive and defensive operations is useful, and provides a fruitful way to link military operations to strategic debates about the relationship and balance between offensive and defensive capabilities. However, this dichotomy has also been criticized for being too US-centric and overlooking alternative conceptions of cyberspace operations based on resilience, for instance.53
The use of the term “operations” should not obscure the fact that cyberspace capabilities affect all the levels of war, from tactics to operations and strategy. At the tactical level, cyberattacks are planned and code manipulations achieve specific military objectives. At the operational level, personnel are trained, resources are acquired and allocated to facilitate the implementation of the strategy at the tactical level. The strategic level establishes ideas and coordinates the elements of power – diplomacy, information, military, economy, etc. – to achieve national, and sometimes multinational, objectives.54
At all these levels, cyberspace capabilities are increasingly integrated with other domains. Since cyberspace underpins all other warfighting domains, it is best approached in a combined or integrated way. The American military talks about joint operations and multi-domain battle. Militaries across the world are learning to combine cyberspace capabilities with land, sea, air and space capabilities, and maneuver across all domains to maximize battlefield opportunities.55 The Russo-Georgian war of 2008 is an example of cross-domain military operation, in which Russia leveraged cyberspace for a specific informational purpose along with more traditional maneuvers on land.
The debate on cyber war has been essential to helping establish cybersecurity in the field of IR. Early scholarship on the subject has sought to define the key terms that follow the prefix “cyber”: war, warfare and operations, among others. The doomsday scenarios imagined by the first prophets of cyber war have not come to fruition, but they did have real-life consequences, triggering concern and responses from policy-makers. For the more moderate or skeptical voices in the debate, cyber hype has led to poor investments. The US government, particularly, has devoted vast resources to develop military cyber capabilities. Yet critics note that cybercrime, not cyber war, is the most prominent threat facing Western societies.
There is now a broad scholarly consensus that cyberspace has not revolutionized military affairs, but the debate on how cyberspace capabilities are transforming militaries remains open. There is no question that military institutions and doctrines have had to be adapted – if not created – to better take into account the emergence of a fifth domain of war. This domain presents some unique characteristics – for example, its man-made character – but has not fundamentally altered the nature of war. Cyberspace operations remain inherently linked and limited by humans, politics, culture and the fog of war. They should not be approached on a stand-alone basis, but in combination with other domains of warfare and human activity. The next chapter will explore how pre-existing concepts of deterrence, bargaining, the arms race and escalation, to name but a few, can help us understand national cybersecurity.
1. What is the difference between cyber war and cyber warfare?
2. Do you agree with Rid’s statement that “cyber war will not take place?”
3. To what extent is cyberspace transforming military affairs?
Thomas Rid, Cyber War Will Not Take Place (London: Hurst, 2013).
Brandon Valeriano and Ryan C. Maness, Cyber War versus Cyber Realities: Cyber Conflict in the International System (New York: Oxford University Press, 2015), ch. 2.
Video: Ralph Langner, “Cracking Stuxnet, a 21st-century Cyber Weapon,” TED Talk, March 2011, www.ted.com/talks/ralph_langner_cracking_stuxnet_a_21st_century_cyberweapon.