16 September 2017

***How dangerous is hybrid war? “Netwar”: The unwelcome militarization of the Internet has arrived

Jonathan Zittrain

The architecture and offerings of the Internet developed without much steering by governments, much less operations by militaries. That made talk of “cyberwar” exaggerated, except in very limited instances. Today that is no longer true: States and their militaries see the value not only of controlling networks for surveillance or to deny access to adversaries, but also of subtle propaganda campaigns launched through a small number of wildly popular worldwide platforms such as Facebook and Twitter. This form of hybrid conflict – launched by states without state insignia, on privately built and publicly used services – offers a genuine challenge to those who steward the network and the private companies whose platforms are targeted. While interventions by one state may be tempered by defense by another state, there remain novel problems to solve when what users see and learn online is framed as organic and user-generated but in fact it is not. 

In 1993, before WiFi, indeed before more than a small fraction of people enjoyed broadband Internet, John J. Arquilla and David F. Ronfeldt of the Rand Corporation began to develop a thesis on “Cyberwar and Netwar” (Arquilla and Ronfeldt 1995Arquilla, J. J., and D. F. Ronfeldt. 1995. “Cyberwar and Netwar: New Modes, Old Concepts, of Conflict.” Rand Review, Fall.https://www.rand.org/pubs/periodicals/rand-review/issues/RRR-fall95-cyber/cyberwar.htmlarchived athttps://perma.cc/NNT3-C6U3. (Excerpted from “Cyberwar Is Coming,” by Arquilla and Ronfeldt.” Comparative Strategy 12: 141–165. 1993. doi:10.1080/01495939308402915 archived athttps://perma.cc/8RQY-S3SW.)[Taylor & Francis Online], [Google Scholar]). I found it of little interest at the time. It seemed typical of Rand’s role as a sometime management consultant to the military-industrial complex. For example, Arquilla and Ronfeldt wrote that “[c]yberwar refers to conducting military operations according to information-related principles. It means disrupting or destroying information and communications systems. It means trying to know everything about an adversary while keeping the adversary from knowing much about oneself.” A sort of Sun Tzu for the networked era.

The authors’ coining of the notion of “netwar” as distinct from “cyberwar” was even more explicitly grandiose. They went beyond bromides about inter-military conflict, describing impacts on citizenries at large:


Netwar refers to information-related conflict at a grand level between nations or societies. It means trying to disrupt or damage what a target population knows or thinks it knows about itself and the world around it. A netwar may focus on public or elite opinion, or both. It may involve diplomacy, propaganda and psychological campaigns, political and cultural subversion, deception of or interference with local media, infiltration of computer networks and databases, and efforts to promote dissident or opposition movements across computer networks. (Arquilla and Ronfeldt 1995Arquilla, J. J., and D. F. Ronfeldt. 1995. “Cyberwar and Netwar: New Modes, Old Concepts, of Conflict.” Rand Review, Fall.https://www.rand.org/pubs/periodicals/rand-review/issues/RRR-fall95-cyber/cyberwar.htmlarchived athttps://perma.cc/NNT3-C6U3. (Excerpted from “Cyberwar Is Coming,” by Arquilla and Ronfeldt.” Comparative Strategy 12: 141–165. 1993. doi:10.1080/01495939308402915 archived athttps://perma.cc/8RQY-S3SW.)[Taylor & Francis Online], [Google Scholar])


While “netwar” never caught on as a name, I was, in retrospect, too quick to dismiss it. Today it is hard to look at Arquilla and Ronfeldt’s crisp paragraph of more than 20 years ago without appreciating its deep prescience.

Our digital environment, once marked by the absence of sustained state involvement and exploitation, particularly through militaries, is now suffused with it. We will need new strategies to cope with this kind of intrusion, not only in its most obvious manifestations – such as shutting down connectivity or compromising private email – but also in its more subtle ones, such as subverting social media for propaganda purposes.

Two decades of nonmilitarized conflict online

Many of us thinking about the Internet in the late 1990s concerned ourselves with how the network’s unusually open and generative architecture empowered individuals in ways that caught traditional states – and, to the extent they concerned themselves with it at all, their militaries – flat-footed. As befitted a technology that initially grew through the work and participation of hobbyists, amateurs, and loosely confederated computer science researchers, and later through commercial development, the Internet’s features and limits were defined without much reference to what might advantage or disadvantage the interests of a particular government.

To be sure, conflicts brewed over such things as the unauthorized distribution of copyrighted material, presaging counter-reactions by incumbents. Scholars such as Harvard Law School professor Lawrence Lessig (2006Lessig, L. 2006. Code Version 2.0. New York: Basic Books.http://codev2.cc/archived at https://perma.cc/2NCX-UGBE. [Google Scholar]) mapped out how the code that enabled freedom (to some; anarchy to others) could readily be reworked, under pressure of regulators if necessary, to curtail it. Moreover, the interests of the burgeoning commercial marketplace and the regulators could neatly intersect: The technologies capable of knowing someone well enough to anticipate the desire for a quick dinner, and to find the nearest pizza parlor, could – and have – become the technologies of state surveillance.

That is why divisions among those who study the digital environment – between so-called techno-utopians and cyber-skeptics – are not so vast. The fact was, and is, that our information technologies enable some freedoms and diminish others, and more important, are so protean as to be able to rearrange or even invert those affordances remarkably quickly.

But wholesale reworkings of our information architectures are not the only discontinuity we face. Major governments are not only uniquely positioned, through the power of coercion otherwise known as sovereignty, to insist upon changes to software or even hardware deployed on key private platforms. Some also have the resources and desire to engage in sustained and sophisticated campaigns: taking the technology of, say, social media exactly as they find it, and using it to change the perceptions and views of the citizenry; making some voices become or remain quiet; and amplifying the momentum of pro-regime views, or creating that momentum entirely out of whole cloth. As the Rand authors said: netwar.

That is a phenomenon that I confess I have resisted embracing, as part of a larger diffidence about the militarization of our thinking about cyberspace. By its own account (Pellerin 2010Pellerin, C. 2010. “Lynn: Cyberspace Is New Domain of Warfare.” American Forces PressService, U.S. Central Command, October 19.http://www.centcom.mil/MEDIA/NEWS-ARTICLES/News-Article-View/Article/884164/lynn-cyberspace-is-new-domain-of-warfare/archived at https://perma.cc/5PBK-LJ84. [Google Scholar]), in 2008 the US Defense Department began focusing in earnest on cyberdefense – here the more prosaic defense of military networks against intrusion, rather than the broader concept of netwar. The US military formally recognized “cyber” as a domain of war, alongside air, land, sea, and space. NATO followed up with the same designation last year (Minárik 2016Minárik, T. 2016. “NATO Recognises Cyberspace as a ‘Domain of Operations’ at Warsaw Summit.” Incyder News, July 21. NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE).https://ccdcoe.org/nato-recognises-cyberspace-domain-operations-warsaw-summit.htmlarchived at https://perma.cc/H494-5YKB. [Google Scholar]).

Engaging the network’s natural defenses, post-militarization

While the world’s militaries are free to organize their commands as they choose, the rest of us should remain chary of the characterization of our digital environment as a martial “cyber” domain. Because the Internet is both primarily privately held and far-flung among multiple (if slowly concentrating) actors, a classic military defense of the network in a perimeter-defense way makes far less sense than it does for securing a particular patch of land, sea, air, or space. The knowledge and skill to defend the network has not been something distinct to government soldiers and scientists, even as private network operators might lack the coordination most beneficial to the utmost security. In fact, much of the environment’s resilience can be credited to loose affiliations of unchartered and even unpaid experts working together to forestall attacks or to minimize the potential for damage from them (Zittrain 2009Zittrain, J. 2009. “The Web as Random Acts of Kindness.” Talk filmed at TEDGlobal 

2009.https://www.ted.com/talks/jonathan_zittrain_the_web_is_a_random_act_of_kindnessarchived athttps://perma.cc/Z4UM-ZYQZ. [Google Scholar]). Thinking through ways to reinforce these natural defenses may be better over the long run than attempting to literally send in digital Marines (Zittrain 2010Zittrain, J. L. 2010. “The Fourth Quadrant.” Fordham Law Review 78 (6): 2767–2781.https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1618042archived at https://perma.cc/K5CE-CLRZ.[Web of Science ®], [Google Scholar]).

But while natural defenses served well at first, as the Internet has gone mainstream and we have come to rely upon it more and more, these defenses have not been able to outpace the pressures of exploitation. By 2008, experts were seeing not only the time-honored tradition of network disruption for fun or to make a political statement by, for example, shutting down a citizen-facing government website for a short period of time by staging a virtual sit-in (Wikipedia 2017Wikipedia. 2017. “Electronic Disturbance Theater.” February 23.https://en.wikipedia.org/wiki/Electronic_Disturbance_Theaterarchived at https://perma.cc/7CY7-7C64. [Google Scholar]; Jordan and Taylor 2004Jordan, T., and P. Taylor. 2004. Hacktivisim and Cyberwars: Rebels with a Cause? New York: Routledge.http://www.thing.net/~rdom/ucsd/3somesPlus/hacktivismcyberwars.pdfarchived athttps://perma.cc/T5LT-QKU4. [Google Scholar], ch. 4). They were also encountering complex malware that would infect private computers for the purpose of using them to send money-earning spam. Perhaps it was inevitable that users would ultimately encounter ransomware encrypting personal files and holding them for ransom, driven by software running largely on autopilot as it accepts cryptocurrency for payments. These phenomena pose a genuine dilemma for security that neither handwaving about keeping the Internet free nor upping classic military budgets can solve (Zittrain 2008Zittrain, J. 2008. “Cybersecurity and the Generative Dilemma.” In The Future of the Internet – and How to Stop It. New Haven, CT: Yale University Press.http://yupnet.org/zittrain/2008/03/13/chapter-3-cybersecurity-and-the-generative-dilemma/archived at https://perma.cc/9SUK-CJV7. [Google Scholar]).

Corporate hosts as both havens and new threats to freedom

For all of the ongoing, and increasing, difficulties of security at the operational or network layer of the Internet, and the concomitant security of the personal or corporate devices connected to it, one of the more secure spots appeared to be found amid the major content-aggregating and discourse-managing platforms. Google, Twitter, and Facebook boast security teams with unrivaled expertise and deep resources. Their experiences with government hacking – such as China compromising Google and others’ servers in 2010 (Zetter 2010Zetter, K. 2010. “Google Hack Attack Was Ultra Sophisticated, New Details Show.” Wired, January 14.https://www.wired.com/2010/01/operation-aurora/archived at https://perma.cc/QD82-TGSU. [Google Scholar]), or Edward Snowden’s 2013 leaks concerning US government surveillance techniques (Szoldra 2016Szoldra, P. 2016. “This Is Everything Edward Snowden Revealed in One Year of Unprecedented Top-Secret Leaks.” Business Insider, September16.http://www.businessinsider.com/snowden-leaks-timeline-2016-9 archived athttps://perma.cc/BH5D-45CX. [Google Scholar]) – have caused them to further batten down their hatches.

But this is where Arquilla and Ronfeldt’s distinction between cyberwar and netwar helps. Crucial areas lie on either side of defending networks and servers. To one side is that of individual security, such as that of 2016 Clinton presidential campaign chair John Podesta’s email account (Uchill 2016Uchill, J. 2016. “Typo Led to Podesta Email Hack: Report.” The Hill, December 13.http://thehill.com/policy/cybersecurity/310234-typo-may-have-caused-podesta-email-hackarchived at https://perma.cc/7SPP-49GJ. [Google Scholar]). When a single typo can compromise an entire trove of email (Sciutto 2017Sciutto, J. 2017. “How One Typo Helped Let Russian Hackers In.” CNN, June 27.http://www.cnn.com/2017/06/27/politics/russia-dnc-hacking-csr/index.htmlarchived athttps://perma.cc/MU3U-MU35. [Google Scholar]), it is too easy for anyone – not to mention a determined and well-resourced government actor – to invade someone’s personal files and selectively release them in order to shape the course of political or electoral events, and then to in the public eye conflate such releases with beneficial whistleblowing (Zittrain 2016aZittrain, J. 2016a. “Mass Hacks of Private Email Aren’t Whistleblowing, They are at Odds with It.” Just Security, October 19.https://www.justsecurity.org/33677/mass-hacks-private-email-arent-whistleblowing-odds-it/archived at https://perma.cc/33U5-SPW7. [Google Scholar]). Only when major platforms take enabling their users’ security as seriously as that of their platforms as a whole can that threat be eased. This may require the introduction of entirely new techniques of security, such as a mandatory cooling-off period or the sign-off of close friends or relatives before wholesale collections of documents can be downloaded by their putative owners (Zittrain 2016bZittrain, J. 2016b. “New Strategies for Securing Our Private Lives.” Lawfare, October 24.https://www.lawfareblog.com/new-strategies-securing-our-private-livesarchived at https://perma.cc/S7UP-4L57. [Google Scholar]).

To the other side of individual and platform security lies the integrity of the platform’s activities. It is one thing to try to prevent intrusion into, say, Google or Facebook’s network or system by unauthorized actors. But when the systems are meant to aggregate torrents of information from users – and anyone can sign up to become one – there arises the question of the quality and sourcing of what genuine users are learning through them. State propaganda campaigns might be launched from an information source that is an arm of the state – such as the television network RT, formerly known as Russia Today (Shuster 2015Shuster, S. 2015. “Inside Putin’s On-Air Machine.” Time, March 5.http://time.com/rt-putin/archived at https://perma.cc/Q2X6-KBKF. [Google Scholar]). But they can also be conveyed through the laying of astroturf made out to be grassroots, generated from the atomic units of one fake (rather than compromised) Facebook or Twitter user at a time. This corrupts the promise of “semiotic democracy,” which describes a world “where audiences freely and widely engage in the use of cultural symbols in response to the forces of media” (Katyal 2012Katyal, S. 2012. “Between Semiotic Democracy and Disobedience: Two Views of Branding, Culture and Intellectual Property.” 4 WIPO Journal of Intellectual Property 1: 50–62.http://ir.lawnet.fordham.edu/faculty_scholarship/618/archived athttps://perma.cc/XRG8-5XDR. [Google Scholar], 50), and it forces those of us who favor principally private defenses for our privately held networks to confront whether we feel the same about the flow of discourse on platforms that increasingly channel the dialogues of our polities. It is perhaps too grave, too central, too much to ask of a handful of companies to treat the integrity of the information they aggregate and filter as a simple customer-service issue, especially where competition is, for a number of reasons, including the lock-in of network effects, at an ebb. (It is hard to join a new social network, even a hypothetically better one, when you and all your friends have built photo libraries, relationships, and long-term identities at another.)

Scholars and experts both outside and within these platforms are only at the earliest stages of understanding the impact of platforms carrying billions of updates each day, and the ways those organically driven updates are being reshaped by sophisticated state actors. Facebook’s introduction of complex and adaptive algorithms, which help manage the flow of posts (Dewey 2015Dewey, C. 2015. “If You Use Facebook to Get Your News, Please – for the Love of Democracy – Read This First.” Washington Post, June 3.https://www.washingtonpost.com/news/the-intersect/wp/2015/06/03/if-you-use-facebook-to-get-your-news-please-for-the-love-of-democracy-read-this-first/?utm_term=.20b34ef03244archived at https://perma.cc/3Z7L-SFCV. [Google Scholar]) and augment the activities of about 7000 workers reviewing flagged posts (Zuckerberg 2017Zuckerberg, M. 2017. Facebook Post, May 3.https://www.facebook.com/zuck/posts/10103695315624661?pnref=storyarchived at https://perma.cc/Y947-7JWP. [Google Scholar]), is understandable on a platform comprising 2 billion active users (Facebook 2017Facebook. 2017. “Stats.” Facebook Newsroom, March 31.https://newsroom.fb.com/company-info/ archived athttps://perma.cc/X2ES-J9SZ. [Google Scholar]) posting about 500,000 comments per second (Zephoria Digital Marketing 2017Zephoria Digital Marketing. 2017. “The Top 20 Valuable Facebook Statistics – Updated May 2017.”https://zephoria.com/top-15-valuable-facebook-statistics/archived at https://perma.cc/H8MU-L8NH. [Google Scholar]). But it suggests that there can be no public understanding of the stakes without an unusual degree of disclosure and engagement for any company to attempt.

Facebook’s security team released a white paper in the spring of 2017 outlining a crisp and useful summary of the problem of “information operations” and sketching some approaches to containing it. Facebook’s definition of information operations reprises Rand’s netwar: They are “[a]ctions taken by governments or organized non-state actors to distort domestic or foreign political sentiment, most frequently to achieve a strategic and/or geopolitical outcome. These operations can use a combination of methods, such as false news, disinformation, or networks of fake accounts (false amplifiers) aimed at manipulating public opinion” (Weedon, Nuland, and Stamos 2017Weedon, J., W. Nuland, and A.Stamos. 2017. Information Operations and Facebook, Version 1.0. Facebook, April 27.https://fbnewsroomus.files.wordpress.com/2017/04/facebook-and-information-operations-v1.pdfarchived at https://perma.cc/MYA4-FL4H. [Google Scholar], 5).

The company’s paper mentions largely unspecified technical advances that it uses to try to better discern fake accounts, especially ones that are part of a coordinated campaign of disinformation, drawing from markers such as “repeated posting of the same content, or aberrations in the volume of content creation” rather than analysis of the content itself to keep such content out of genuine users’ news feeds (Weedon, Nuland, and Stamos 2017Weedon, J., W. Nuland, and A.Stamos. 2017. Information Operations and Facebook, Version 1.0. Facebook, April 27.https://fbnewsroomus.files.wordpress.com/2017/04/facebook-and-information-operations-v1.pdfarchived at https://perma.cc/MYA4-FL4H. [Google Scholar], 10). The primary revenue of Facebook, Twitter, Google, and others derives from advertising, and they can disincentivize the production of certain kinds of fake but high-traffic news by controlling the advertising associated with the consumption of such news.

Perhaps, too, on various platforms, there could be ways for users to choose to convincingly validate certain aspects of their identities – the city they are from, or how old they are – without disclosing precisely who they are. In a world of propaganda seeded by fake accounts, knowing whether one is engaging with a robot or a person is a helpful, if distressingly basic, starting point for a dialogue, a prelude to the more fundamental question of whether one’s interactions are truly organic or instead shaped by others – whether bot or not – acting at the behest of an agenda that render them completely disinterested in true dialogue or persuasion.

When should governments offer defense?

If one squints, there may be a bright spot amid these vulnerabilities within individual security, networks, platforms, endpoints, and platform activities. To the extent that disruption or manipulation by state actors represents a particularly dangerous and pernicious form of attack – indeed, I might even reluctantly call it some form of netwar – then a defense by the government of the targeted population is appropriate and called for. I am not invoking the martial perimeter defense model; that remains unhelpful for our digital medium and what is been built upon it. Rather, there are traditional, nondigital actions that one government can take or strategically threaten in the drawing of clear red lines (Nye 2015Nye, J. S. 2015. “Can Cyberwar Be Deterred?” Project Syndicate, December 10.https://www.project-syndicate.org/commentary/cyber-warfare-deterrence-by-joseph-s--nye-2015-12archived at https://perma.cc/3MMT-5XP5. [Google Scholar]) against an adversary.

Outright and full-bore attacks on our information sphere by government actors could be far more destructive than attacks by mere advertisers or one-off activist campaigners, but when it happens, some of the dynamics that have kept nuclear-armed states from all-out war – not without some anxious sweat – then apply. There is a protocol of government-to-government action and counterreaction, whether through the ejection of diplomats, the closing of compounds (Mazzetti and Schmidt 2016Mazzetti, M., and M. S. Schmidt. 2016. “Two Russian Compounds, Caught up in History’s Echoes.” New York Times, December 29.https://www.nytimes.com/2016/12/29/us/politics/russia-spy-compounds-maryland-long-island.html. [Google Scholar]), the repositioning of physical troops, or war itself.

It is hard to imagine a merely private rather than a public – potentially to include a military – response to the determined, coordinated, and provocative actions of another state to engage in some forms of netwar. Surely careful work is required to limn what falls on what side of a line, so as to neither be provoked too readily, raising the specter of mutual or even accidental escalation, nor to allow gross intrusion into the basic pathways of a free citizenry’s understanding of the world around it and the thoughts of its fellows. And, following the rough analogy of nuclear treaties, as American political scientist Joseph Nye explains, it would help each country not only to be in a position to say what it will not tolerate by another, but also what it will reciprocally abjure in its own behaviors (Nye 2017Nye, J. S. 2017. “A Normative Approach to Preventing Cyberwar.” Project Syndicate, March 13.https://www.project-syndicate.org/commentary/global-norms-to-prevent-cyberwarfare-by-joseph-s--nye-2017-03archived at https://perma.cc/Z35A-UMHB. [Google Scholar]).

Yet the bright spot of the prospect of countering one government’s meddling with another government’s power is, with the complexities of the nuclear balance of terror still with us, perhaps only seen with a squint. With fully open eyes, we see yet another vector of force that must be calculated among many others in positioning the minute hand of the Bulletin’s famed Doomsday Clock (Benedict 2017Benedict, K. 2017. “Doomsday Clockwork.” Bulletin of the Atomic Scientists, January 26.http://thebulletin.org/doomsday-clockwork8052 archived athttps://perma.cc/6V6B-MNX3. [Google Scholar]). A digital space that seemed for so long to be one new and different – to be sure, with new problems as well as new possibilities – remains in danger of being warped by the hard power of states that now fully appreciate it for the power it contains.

Disclosure statement

A general personal disclosure can be found at http://hls.harvard.edu/faculty/directory/10992/Zittrain, and institutional funding at https://cyber.harvard.edu/about/support

References

Arquilla, J. J., and D. F. Ronfeldt. 1995. “Cyberwar and Netwar: New Modes, Old Concepts, of Conflict.” Rand Review, Fall. https://www.rand.org/pubs/periodicals/rand-review/issues/RRR-fall95-cyber/cyberwar.html archived at https://perma.cc/NNT3-C6U3. (Excerpted from “Cyberwar Is Coming,” by Arquilla and Ronfeldt.” Comparative Strategy 12: 141–165. 1993. doi:10.1080/01495939308402915 archived at https://perma.cc/8RQY-S3SW.)

Benedict, K. 2017. “Doomsday Clockwork.” Bulletin of the Atomic Scientists, January 26. http://thebulletin.org/doomsday-clockwork8052 archived at https://perma.cc/6V6B-MNX3.

Dewey, C. 2015. “If You Use Facebook to Get Your News, Please – for the Love of Democracy – Read This First.” Washington Post, June 3. https://www.washingtonpost.com/news/the-intersect/wp/2015/06/03/if-you-use-facebook-to-get-your-news-please-for-the-love-of-democracy-read-this-first/?utm_term=.20b34ef03244 archived at https://perma.cc/3Z7L-SFCV.

Facebook. 2017. “Stats.” Facebook Newsroom, March 31. https://newsroom.fb.com/company-info/ archived at https://perma.cc/X2ES-J9SZ.

Jordan, T., and P. Taylor. 2004. Hacktivisim and Cyberwars: Rebels with a Cause? New York: Routledge. http://www.thing.net/~rdom/ucsd/3somesPlus/hacktivismcyberwars.pdfarchived at https://perma.cc/T5LT-QKU4.

Katyal, S. 2012. “Between Semiotic Democracy and Disobedience: Two Views of Branding, Culture and Intellectual Property.” 4 WIPO Journal of Intellectual Property 1: 50–62. http://ir.lawnet.fordham.edu/faculty_scholarship/618/ archived at https://perma.cc/XRG8-5XDR.

Lessig, L. 2006. Code Version 2.0. New York: Basic Books. http://codev2.cc/ archived at https://perma.cc/2NCX-UGBE.

Mazzetti, M., and M. S. Schmidt. 2016. “Two Russian Compounds, Caught up in History’s Echoes.” New York Times, December 29. https://www.nytimes.com/2016/12/29/us/politics/russia-spy-compounds-maryland-long-island.html.

Minárik, T. 2016. “NATO Recognises Cyberspace as a ‘Domain of Operations’ at Warsaw Summit.” Incyder News, July 21. NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). https://ccdcoe.org/nato-recognises-cyberspace-domain-operations-warsaw-summit.html archived at https://perma.cc/H494-5YKB.

Nye, J. S. 2015. “Can Cyberwar Be Deterred?” Project Syndicate, December 10. https://www.project-syndicate.org/commentary/cyber-warfare-deterrence-by-joseph-s--nye-2015-12 archived at https://perma.cc/3MMT-5XP5.

Nye, J. S. 2017. “A Normative Approach to Preventing Cyberwar.” Project Syndicate, March13. https://www.project-syndicate.org/commentary/global-norms-to-prevent-cyberwarfare-by-joseph-s--nye-2017-03 archived at https://perma.cc/Z35A-UMHB.

Pellerin, C. 2010. “Lynn: Cyberspace Is New Domain of Warfare.” American Forces PressService, U.S. Central Command, October 19. http://www.centcom.mil/MEDIA/NEWS-ARTICLES/News-Article-View/Article/884164/lynn-cyberspace-is-new-domain-of-warfare/archived at https://perma.cc/5PBK-LJ84.

Sciutto, J. 2017. “How One Typo Helped Let Russian Hackers In.” CNN, June 27. http://www.cnn.com/2017/06/27/politics/russia-dnc-hacking-csr/index.html archived at https://perma.cc/MU3U-MU35.

Shuster, S. 2015. “Inside Putin’s On-Air Machine.” Time, March 5. http://time.com/rt-putin/archived at https://perma.cc/Q2X6-KBKF.

Szoldra, P. 2016. “This Is Everything Edward Snowden Revealed in One Year of Unprecedented Top-Secret Leaks.” Business Insider, September 16. http://www.businessinsider.com/snowden-leaks-timeline-2016-9 archived at https://perma.cc/BH5D-45CX.

Uchill, J. 2016. “Typo Led to Podesta Email Hack: Report.” The Hill, December 13. http://thehill.com/policy/cybersecurity/310234-typo-may-have-caused-podesta-email-hackarchived at https://perma.cc/7SPP-49GJ.

Weedon, J., W. Nuland, and A. Stamos. 2017. Information Operations and Facebook, Version 1.0. Facebook, April 27. https://fbnewsroomus.files.wordpress.com/2017/04/facebook-and-information-operations-v1.pdf archived at https://perma.cc/MYA4-FL4H.

Wikipedia. 2017. “Electronic Disturbance Theater.” February 23. https://en.wikipedia.org/wiki/Electronic_Disturbance_Theater archived at https://perma.cc/7CY7-7C64.

Zephoria Digital Marketing. 2017. “The Top 20 Valuable Facebook Statistics – Updated May 2017.” https://zephoria.com/top-15-valuable-facebook-statistics/ archived at https://perma.cc/H8MU-L8NH.

Zetter, K. 2010. “Google Hack Attack Was Ultra Sophisticated, New Details Show.” Wired, January 14. https://www.wired.com/2010/01/operation-aurora/ archived at https://perma.cc/QD82-TGSU.

Zittrain, J. 2008. “Cybersecurity and the Generative Dilemma.” In The Future of the Internet – and How to Stop It. New Haven, CT: Yale University Press. http://yupnet.org/zittrain/2008/03/13/chapter-3-cybersecurity-and-the-generative-dilemma/ archived at https://perma.cc/9SUK-CJV7.

Zittrain, J. 2009. “The Web as Random Acts of Kindness.” Talk filmed at TEDGlobal 2009. https://www.ted.com/talks/jonathan_zittrain_the_web_is_a_random_act_of_kindnessarchived at https://perma.cc/Z4UM-ZYQZ.

Zittrain, J. 2016a. “Mass Hacks of Private Email Aren’t Whistleblowing, They are at Odds with It.” Just Security, October 19. https://www.justsecurity.org/33677/mass-hacks-private-email-arent-whistleblowing-odds-it/ archived at https://perma.cc/33U5-SPW7.

Zittrain, J. 2016b. “New Strategies for Securing Our Private Lives.” Lawfare, October 24. https://www.lawfareblog.com/new-strategies-securing-our-private-lives archived at https://perma.cc/S7UP-4L57.

Zittrain, J. L. 2010. “The Fourth Quadrant.” Fordham Law Review 78 (6): 2767–2781. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1618042 archived at https://perma.cc/K5CE-CLRZ.

No comments: