US military steps up cyberwarfare effort

The U.S. military has the capability, the willingness and, perhaps for the first time, the official permission to preemptively engage in active cyberwarfare against foreign targets. The first known action happened as the 2018 midterm elections approached: U.S. Cyber Command, the part of the military that oversees cyber operations, waged a covert campaign to deter Russian interference in the democratic process.

It started with texts in October 2018. Russian hackers operating in the Internet Research Agency – the infamous “troll factory” linked to Russian intelligence, Russian private military contractors and Putin-friendly oligarchs – received warnings via pop-ups, texts and emails not to interfere with U.S. interests. Then, during the day of the election, the servers that connected the troll factory to the outside world went down.

As scholars who study technology and international relations, we see that this incident reflects the new strategy for U.S. Cyber Command, called “persistent engagement.” It shifts Cyber Command’s priority from reacting to electronic intrusions into military networks to engaging in active operations that are less intense than armed conflict but still seek to stop enemies from achieving their objectives. In late 2018, the U.S. goal was to take away Russia’s ability to manipulate the midterm election, even if just briefly.

Coercion is difficult

Cyber Command’s operation against the troll factory was part of a sophisticated campaign that targeted individuals – Internet Research Agency workers – and systems – the organization’s internet connection.

In military terms, that effort generated “friction,” or difficulty for opposing forces to perform even mundane tasks. Russian hackers and trolls may wonder how a foreign government got their information, or was able to take their workplace offline. They might be worried about personal vulnerabilities, weaknesses in their own systems or even what else Cyber Command might do if they don’t stop trolling.

Our research has found that covert activities that are not as clear as armed conflict don’t always change a target’s behavior. Successful coercion efforts tend to require clear signals of both capability and resolve – assurance that the defender both can respond effectively and will do so, in order to prevent the attacker from taking a desired action.

Digital operations are often the opposite – concealing that anything has happened, as well as who might have done it.