Paper Author Link Grade DA Comments Review Links ADD YOURSELF HERE
Current International Law Is Not an Adequate Regime for Cyberspace Michael P. Fischerkeller Michael P. Fischerkeller A Needs diagrams, otherwise great.
Pathologies of obfuscation: Nobody understands cyber operations or wargaming Nina Kollars and Benjamin Schechter https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/pathologies-of-obfuscation-nobody-understands-cyber-operations-or-wargaming/ A
The Cyber Paradigm Shift Emily Goldman https://digital-commons.usnwc.edu/cgi/viewcontent.cgi?article=1044&context=usnwc-newport-papers. A Essentially a prequel to the Fischerkeller paper
Rapid capabilities generation and prompt effects in offensive cyber operations JD Work Technology and The Cyber Domain: Implications for Intelligence. International Studies Association Annual Conference. Las Vegas. April 2021. A Explains the ops against bot networks from USCC
Successful counter-cyber operations secure US election JD Work Janes Intelligence Review | March 2021 A Points out a subtle area of PE in terms of judging success and failure...
Early intelligence assessments of COMBLOC computing JD Work JD Work (2021) Early intelligence assessments of COMBLOC computing, Journal of Intelligence History, DOI: 10.1080/16161262.2021.1884791 A Very much worth a read. Not just about the past.
From cold to cyber warriors: the origins and expansion of NSA’s Tailored Access Operations (TAO) to Shadow Brokers Steven Loleski https://www.tandfonline.com/doi/abs/10.1080/02684527.2018.1532627?journalCode=fint20 A
DECONSTRUCTING THE U.S. POLICY OF INDICTING MALICIOUS STATE CYBER ACTORS PETER G. MACHTIGER https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3799284 A
Opportunity Seldom Knocks Twice: Influencing China’s Trajectory via Influencing China’s Trajectory via Defend Forward and Persistent Engagement Defend Forward and Persistent Engagement in Cyberspace Michael P. Fischerkeller asia policy, volume 15, number 4 (october 2020), 65–89 A https://cybersecpolitics.blogspot.com/2020/11/a-second-byte-at-china-apple.html
Cyber Competition to Cybered Conflict Chris Demchak https://digital-commons.usnwc.edu/cgi/viewcontent.cgi?article=1044&context=usnwc-newport-papers A https://twitter.com/daveaitel/status/1347612121677377538?s=20
China's Counter-Strategy to American Export Controls in Integrated Circuits Douglas B. Fuller https://www.prcleader.org/fuller A
Troubled vision: Understanding recent Israeli–Iranian offensive cyber exchanges JD Work, Richard Harknett https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/troubled-vision-understanding-israeli-iranian-offensive-cyber-exchanges/ A Best starter paper on PE
Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits Lillian Ablon, Andy Bogart https://www.rand.org/pubs/research_reports/RR1751.html A Only paper with any data on this subject
Public attribution of cyber intrusions Florian J Egloff doi: 10.1093/cybsec/tyaa012 A
Secrecy's End Oona A. Hathaway https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3852303 A Great paper on an important topic - I have some minor quibbles about the final section of suggestions, but the history section and legal analysis is a must read. https://www.youtube.com/watch?v=cP-RSBAI_wc&ab_channel=DaveAitelDaveAitel
Who Hath Measured the (Proving) Ground: Variation in Offensive Capabilities Test and Evaluation JD Work https://osf.io/preprints/socarxiv/p92tn/ A There was some stuff in here I didn't know about how history played out (i.e. this is a paper where public facts get reinterpreted in a way that surprises you).
Achieving Systemic Resilience in a Great Systems Conflict Era Chris Demchak https://cyberdefensereview.army.mil/Portals/6/Documents/2021_spring_cdr/COVID_CDR_V6N2_Spring_2021_r4.pdf B It has some good stuff in it, and an important recalibration, but I don't feel like it actually adapted its own recalibration or properly absorbed what the implications were. https://twitter.com/daveaitel/status/1395136883668180992 , https://www.youtube.com/watch?v=ODwuB9Zu2KI&t=1s&ab_channel=DaveAitel
Offensive Cyber Operations and Future Littoral Operating Concepts JD Work https://digitalcommons.usf.edu/mca/vol5/iss1/3/ A I need to do a second big readthrough but the argument is this: Lots of 0day exists in the systems people rely on for military operations. Finding and using this 0day is possible over long time periods. This can produce important military effects on the battlefield. When you don't see effects happening , it can be mean several things - one of which is that you didn't prepare properly and one is that you didn't see it. (Came out the day that USUKEU announced the russian attack on VIASAT)
Cyber Threats and Vulnerabilities to Conventional and Strategic Deterrence Mark Montgomery and Erica Borghard https://ndupress.ndu.edu/Portals/68/Documents/jfq/jfq-102/JFQ_102.pdf B What would the US do, to help lower this risk? (https://carnegieendowment.org/2021/04/08/china-u.s.-cyber-nuclear-c3-stability-pub-84182) . Missing from this paper is NEGOTIATING WITH OUR ADVERSARIES. Other than that, it's a good TODO sheet of stuff we ought to do, but without the costs, or even a rough order of magnitude of the costs?
The Escalation Inversion and Other Oddities of Situational Cyber Stability Jason Healey, Robert Jervis https://tnsr.org/2020/09/the-escalation-inversion-and-other-oddities-of-situational-cyber-stability/ C Also at: http://dx.doi.org/10.26153/tsw/10962. This paper has SO MANY ISSUES. I could go on and on, and I did, in a twitter thread, which I should make a video out of. It feels like a huge attempt to justify a push-back on the concept of persistent engagement in favor of some sort of vague theory of defensive alignment and restraint that is never going to gain any ground. Two major arguments against this paper: 1. Geopolitical differences between countries make it impossible to have a generic understanding of escalation in the way this model requires. 2. Nations use hybrid approachs to conflict (i.e. cyber+mil+econ) that make this model impossible to detangle.
Countering cyber proliferation: Zeroing in on Access-as-a-Service Winnona DeSombre, James Shires, JD Work, Robert Morgus, Patrick Howell O’Neill, Luca Allodi, and Trey Herr https://www.atlanticcouncil.org/in-depth-research-reports/report/countering-cyber-proliferation-zeroing-in-on-access-as-a-service/ C Recommendations very bad, but ENFER bit and framing are great. https://youtu.be/Qr-4_fWFpqA
Persistent Engagement Neglects Secrecy at Its Peril Lennart Maschmeyer https://www.lawfareblog.com/persistent-engagement-neglects-secrecy-its-peril D Got docked points for " Cyber persistence posits that actors have the capacity to manage the degree of covertness of an operation. Yet a successful compromise always requires a clandestine approach. Covert operations obscure the origins of an operation but not the activity itself, while clandestine operations strive to obscure both the origins and the activity." https://twitter.com/daveaitel/status/1311474050582163457
Virtual Territorial Integrity: The Next International Norm Michael J. Mazarr https://www.tandfonline.com/doi/abs/10.1080/00396338.2020.1792100?journalCode=tsur20#:~:text=The%20rising%20potential%20for%20dangerous,traditional%20aggression%20toward%20other%20societies. D It's hard to see how this concept goes forward, to be honest.
Restraint under conditions of uncertainty: Why the United States tolerates cyberattacks Monica Kaminska https://academic.oup.com/cybersecurity/article/7/1/tyab008/6162971?searchresult=1 F Extremely frustrating. https://www.youtube.com/watch?v=wNzgrzL9J6c&t=11s&ab_channel=DaveAitel
Taking Stock: Estimating Vulnerability Rediscovery Trey Herr, Bruce Schneier https://privpapers.ssrn.com/sol3/papers.cfm?abstract_id=2928758 F Misunderstood data. Do not cite.
PrEP: A Framework for Malware & Cyber Weapons Trey Herr https://privpapers.ssrn.com/sol3/papers.cfm?abstract_id=2343798 F Oversimplified model
Deterrence in the Cyber Realm: Public versus Private Cyber Capacity NADIYA KOSTYUK https://academic.oup.com/isq/advance-article-abstract/doi/10.1093/isq/sqab039/6287900?redirectedFrom=PDF F It's good to point out from this paper an example of overbroad abstractions (nearly everything is a "PCI") here. Also, I find it funny she used the acronym PCI. But regardless, when trying to work on the model of deterrence in cyber this is the kind of horrible knots you will tie yourself into. Nearly everything in this paper is wrong but that itself is interesting, in a way. What would have improved this paper is a massive change of scope and focus. It needed to drill down into the weeds on some things. In particular, a rewrite of this paper JUST LOOKING AT TIANFU CUP/PWNTOOWN would potentially be useful.
Initiative Persistence as the Central Approach for U.S. Cyber Strategy Michael P. Fischerkeller, Richard J. Harknett https://docs.google.com/document/d/1SC_e3RnN8AIHNgzJFfCEXdb_44rmL9dgI7G8dB_gjNk/edit?usp=sharing B Makes a very good case that people should really stop attempting "Strategic Ambiguity". To be honest, does a GREAT job of hitting OTHER perspectives, but gets docked a point for not having enough time on its own initiative persistence work itself. https://www.youtube.com/watch?v=q-XoRdsfjBc&t=101s&ab_channel=DaveAitel
Deterrence by Denial in cyberspace Erica D. Borghard & Shawn W. Lonergan https://www.tandfonline.com/doi/abs/10.1080/01402390.2021.1944856?src=&journalCode=fjss20 C A counterpoint to the Fischerkeller paper above. https://www.youtube.com/watch?v=q-XoRdsfjBc&t=101s&ab_channel=DaveAitel
Keep your problems at home: the Brexit incidence on E.U. cybercommand against U.S. Grégoire De La Salle, Jan Kunen, Coralie Patton https://docs.google.com/document/d/3MC_d3AnD6AIUwuJFfCBXdb_4rcL9dgI7G8dB_gjNk/ D
Esc