Introduction

All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law.

A Permanent Revolution
Every historical era begins with a revolution: it comes of age when
revolution becomes the new normal. The Reformation began when a
disaffected Augustinian friar asked, What authority has the Pope? It
achieved its peak when the schism in Christianity became a source not
of religious war but of stable social structures. The Romantic period
started with the philosophical challenge, What is a state if not also an
integral nation? It matured when nationalism in Europe became less a
cause of violence than of political cohesion. The present era, too, can be
defined by a revolutionary question, one rooted in technology: what
limits has space? For cyberspace, a defining motif of our era, smashes
the constraints of geography on the speed and range of human action.
Never before has technology permeated society so completely or influ-
enced the dealings of states and peoples so intricately as in the present.
Yet despite significant experience with the related technology, the cyber
age remains in a revolutionary condition. We have yet to master the
forces of change that define our times.
The distinguishing feature of revolution is that it challenges not just
the rational but also the moral order. Contemporary observers struggle
Copyright 2017. Yale University Press.

to make sense of both sets of problems as they relate to the virtual

weapon of cyberspace – malicious computer code designed to manipu-
late the functions of machines or else seize, corrupt, or disclose their
sensitive data. This lag in understanding is especially acute in the study
1
EBSCO Publishing : eBook Collection (EBSCOhost) - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD
AN: 1584660 ; Kello, Lucas.; The Virtual Weapon and International Order
Account: [Link]
 2 INTRODUCTION

of international relations, a realm of inquiry whose intellectual fashion

is to reject deep change in the states system as an outcome before it is
even conceived as a theoretical premise.
Consider, first, the shock to the rational order of interstate relations.
The virtual weapon is a recent addition to the arsenal of states, although
some nations already regard it as “an integral part” of their armory.1 Its
meaning for interstate strategic dealings is difficult to decipher. Only a
limited record of events exists to orient this laborious learning process.
The new capability, moreover, is scientifically complex and highly vola-
tile. Even computer specialists do not fully grasp its behavioral properties
or the consequences of its use, which may devastate modern society even
if they fall below the traditional criterion of interstate violence on which
the conventions of international law and diplomacy rest. There is also the
problem of the technology’s sheer speed of action. Released from
the restrictions of the physical laws of motion, security crises transpire at
a pace (often measurable in milliseconds) that even seasoned statesmen
find difficult to manage.
Second, and more fundamental, is the disturbance of the moral order.
Cyberspace empowers states whose basic goals – sometimes grounded
in a revolutionary domestic ideology, other times in the perverse visions
of despots – are incompatible with the fundamental purpose of interna-
tional society: the preservation of a minimum measure of order and
peace. More elementally, the technology also empowers nontraditional
players – proxy militias, political hacktivists, private corporations,
extremist militant groups, and even lone agents – who may seek to
undermine the political order, who may reject or fail to understand the
complex conditions of peace and stability among states co-existing in
the international jungle, and whom the traditional apparatus of
diplomacy struggles to absorb because such players are not recognized
state entities. New entrants onto the international scene who were
traditionally barred from geopolitics are now able to disrupt it, at times
decisively, via cyber politics.
Tendencies of chaos among the new players compound familiar
problems of anarchy among the old: how to stem the development and
proliferation of arms, how to tame their use by an arsenal of rules and
norms, how to develop stable expectations of behavior out of uncer-
tainty – in short, how to impose order upon turmoil. The sum result of
these shocks to the international order is that a cyber conflict may be

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 3

difficult to model, regulate, and terminate even among rational state

contenders bent on avoiding it.
Despite the peculiar features of security in our times, the tendency of
international relations specialists has been to bring the virtual weapon
to the rule of conventional statecraft – to deny the existence of the cyber
revolution. Skeptics invoke that unfailing servant of intellectual
reactionism in the field of international security studies: Carl von
Clausewitz.2 The school of skepticism takes various forms. It elaborates
a paradigm of security and conflict that continues to prioritize the phys-
ical over the virtual world, interstate violence over sub-threshold conflict,
the interests and capabilities of states over unconventional actors. The
temptation of political thinkers has been to integrate the new
technology into familiar doctrines – the laws of armed conflict,
the principles and methods of interstate coercion and conquest, the
machinery and logic of military warfighting. The academic enterprise
of security studies is far behind the times.
The resulting lag in understanding is not for lack of experience with
the related technology. Cyberspace is not a recent invention.3 It emerged
and grew in a series of uneven and partly coinciding stages beginning in
the first half of the twentieth century. More than seventy years have
passed since the advent of computers (one possible starting point of the
cyber age); fifty since the invention of the Internet (a truer point of
origin); twenty since the explosive global growth of this information
skin, which now envelops almost all aspects of society: governmental,
financial, social, even military. Two decades have also elapsed since the
first significant malware incident – the Morris worm, which in 1988
impaired thousands of computers and led network operators to partition
the Internet4 – awoke computer specialists to the technology’s harmful
potential (international relations theorists remain in a deep slumber).
Whatever point of origin one selects – and the point is debatable – the
current cyber age is well past its first generation of contemporaries.
Possibly we are its fourth.
Gaps in security doctrine nevertheless persist at the most elemental
level. Is cyberwar possible (a question first posed in 1993)?5 How can
nations deter each other from carrying it out (2001)?6 What measures
can mitigate the intensity of a cyber conflict if private citizens attack
foreign government targets (2007)?7 For future generations of practi-
tioners, the persistence of old policy puzzles is prophetic of still vaster

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 4 INTRODUCTION

difficulties, for cyberspace only grows in complexity and reach. Will

the so-called Internet of Things compound existing defensive vulnera-
bilities? How will religious extremist groups employ the Internet to
radicalize, recruit, and direct agents in distant lands that are unreachable
physically but are easily penetrable virtually? What meaning has secu-
rity if unknown adversaries, domestic and foreign, permanently reside
within society’s most prized computer infrastructures, such as financial
exchange systems, nuclear facilities, and military weapons systems? The
cyber age has given rise to an expanding field of technical specialists
(who today has not heard of the “cybersecurity expert”?) but no true
sages, students but few qualified theoreticians, policymakers yet scarcely
any accomplished statesmen – it has, in brief, produced no masters. In
this basic sense, then, the technology remains “new.”
What accounts for the endurance – so far – of this masterless era?
Three sources of difficulty are notable. One involves the sheer scale of
change. Some observers regard the advent of cyberspace as the greatest
transformation in security affairs since the invention of nuclear arms. For
all the symbolic enormity of the explosions over Japan in 1945, this
comparison is wrong: it inflates the relative significance of the atom bomb.
The comparison of these two strategic revolutions is in a sense
correct: both were driven by new technology and both were consequen-
tial in their own times. But the transforming potential of the cyber
revolution is on a scale much deeper and broader than that of its older
technological cousin. The nuclear era marked a revolution in the horrors
of war and, thus, attempts to prevent it. The cyber age has subtler yet
more disruptive features – the expansion of nonphysical threats to
national security, the growing ability of nonstate actors to instigate
diplomatic and military crises, the deep penetration of critical computer
systems by undetected agents. The nuclear and cyber revolutions are
similar in source: both sprang from advances in technology. But the
moving force of the cyber revolution – the disruptive power of informa-
tion – is closer to the drivers of the Reformation or the Romantic period.
Subversive ideas were the means by which individuals and groups in
those eras strived to subvert political and social orders. The virtual
weapon works in much the same way, for malware is at bottom perni-
cious information stored as electrons. But rather than influence the
ideas of humans, it manipulates the “minds” of machines. Indeed, Alan
Turing, the inventor of modern computers, wrote about machines as if

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 5

they were animate perceiving objects. Marvin Minsky, the conceiver of

artificial intelligence, went further, arguing that humans are machines.8
This, then, is the chief transforming feature of security in our times:
information has become a weapon in the purest sense. Information to
be sure has always been a source of power in history. Knowledge about
the intentions and capabilities of adversaries conferred tactical and
strategic advantages. Misinformation could affect behavior with similar
results. Yet information never exerted more than an indirect influence
on human affairs, because harnessing its power required some inter-
vening human action: for example, stealing an adversary’s military
secrets to achieve vital tactical surprise on the battlefield. Before the era
of Turing’s machines, it would have been futile to measure the destruc-
tive capacity of information because there was no means to bring its
power to bear directly upon the physical world. Or as a maxim of von
Clausewitz conveys, to achieve important affects, “information must
become capability.”
Cyberspace has dramatically altered this situation. Information is no
longer just a source of power; it has become force itself. The virtual
weapon’s payload, which, like all computer code, consists of just 0’s and
1’s in the form of electrons can travel through cyberspace to destroy
nuclear enrichment turbines, paralyze the operations of large firms,
incapacitate tens of thousands of workstations at large multinational
firms, or disrupt stock-trading platforms. Crucially, the weapon can
achieve these effects without ever exiting the minds of machines;
machine functions have replaced human intermediation. The new capa-
bility, therefore, is “virtual” in two common meanings of this adjective:
most obviously, because it entails the use of data stored in machines or
traveling the Internet; less obviously, but no less distinctively, because it
is close to being materially real without actually being so – that is,
essentially massless particles of data can direct machines to inflict harm
in the physical world.
Machines are both the necessary vehicles and, in many instances, the
final object of cyberattack. The virtual weapon works by manipulating
their functions (Minsky would say thoughts). Without an intermediary
object that is manipulable by computer code, there can be no such thing
as a cyberattack. The critical intermediary object – cyberspace – is
simultaneously the delivery vehicle and the target of attack. And because
machines and networks of them pervade modern society, security

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 6 INTRODUCTION

threats permanently reside at its core. States and other actors use cyber-
space to penetrate each other’s most basic infrastructures. Often,
breaches are unknown to the defender even after an attack has begun.
Here, then, is another splendid reversal of the established security para-
digm: in the past, the enemy’s presence in essential domestic terrains
signaled the failure of security policy; today it is a starting axiom.
A second difficulty that sustains the cyber revolution concerns the
technology’s scientific complexity. The correct interpretation of cyber
phenomena by strategists presupposes a strong technical understanding
of a capability that is highly esoteric, more so than the nuclear revolution
– the twentieth-century’s great technological current in security affairs.
When in the 1940s nuclear physicists conceived of the fission bomb,
even the most eminent among them could not foresee its manifold
effects on human biology, social structures, or the environment. Ingenious
speculators even believed that a nuclear explosion risked igniting the
Earth’s atmosphere. Within a decade, however, the nuclear attacks on
Hiroshima and Nagasaki, as well as successive atmospheric tests, revealed
to a high degree of certainty the broad range of effects associated with
fission (and later fusion) explosions. By contrast, the virtual weapon’s
behavioral properties are far more elusive to scientists who wish to model
them with certainty – for two reasons. First, it is difficult to ascertain the
weapon’s direct effects, in other words those that unfold within the
logical environment of the target machine complex, because of the intri-
cacy of modern hardware and software. Second, the weapon’s indirect
effects, namely, those that hinder activity beyond the logical perimeter of
the compromised computer host,9 are even more difficult to ascertain,
because modern society’s reliance on complex computer systems for core
functions of government and the economy, and the interconnectedness
between both these systems and the functions they support, mean that a
cyberattack can produce cascading effects that affect essential activities
across a range of sectors and jurisdictions. These indirect effects are
largely unknowable before attack – and possibly afterward as well.10 The
vast range of unknown and inadvertent effects impedes the interpreta-
tion of probable consequences of cyberattack. Three decades after the
virtual weapon’s birth, scientific knowledge of its behavioral properties
and effects remains rudimentary.
A third complication concerns the volatility of change: the problem
of how to dominate a technology whose technical features change far

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 7

more quickly than strategists’ ability to identify, much less comprehend

them. The growth of technological ability is rapidly outpacing the
design of concepts to interpret it. Threats in cyberspace are widely
discussed yet rarely foreseen; opportunities to enhance national welfare
and power are recognized yet often unrealized. The life cycle of some
advanced malware strains can be measured in minutes. Many can update
themselves instantly upon activation. Contrast this situation with the
relative technological stability of nuclear arms. Major alterations in the
design features of nuclear weapons often occurred in periods of several
years or decades, whether because the weapons’ capital-resource inten-
sity imposed extremely high costs on developers, or because test-ban
treaties set an artificial freeze on redevelopment. The cyber arms race
suffers no such hindrances. What a few years ago was considered a
sophisticated capability, such as a distributed denial-of-service attack,
may today be obsolescent. Regimes of cyber arms control have been
proposed; none has gone far. Further, there is enormous volatility in the
proliferation of arms, including among nontraditional players, many of
whom do not obey, or exist beyond, the influence of diplomatic instru-
ments. Consequently, even if international law could arrest the develop-
ment of states’ offensive tools, the speed with which other actors can
acquire them compounds the analyst’s difficulty of formulating stable
conflict models. Volatility exists not only within cyberspace itself – the
technical plane of action – but also, more fundamentally, outside it: in
the purposes that inspire the weapons’ use.
Every historical epoch in international affairs begins with the
appearance of a new genus of political action and security competition.
The resulting challenge of strategic adaptation is great even when rele-
vant state contenders share an identity of purpose. It is greater when
divergence of values among them is high. It is greatest when new
entrants into the international system dilute the main units’ traditional
supremacy. For the theorist, revolution in international affairs presents
an intellectual challenge: how to adapt existing concepts to new dangers.
The decision-maker’s difficulty is the reverse and graver: how to apply
potentially outmoded axioms to reduce the measure of peril.
The problems of strategic interpretation of new threats are not
unique to the cyber age. Previous generations of thinkers and practi-
tioners grappled with similar challenges. But today the problems
of interpretation are amplified by the scale, scientific complexity, and

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 8 INTRODUCTION

volatility of modern technology – so much so that categories of thinking

may permanently, though to varying degrees, lag behind the pace of
change.

Aims and Argument

This book seeks to provide the basic elements of a conception of the
cyber revolution in the international system. Its purpose is to ask a
series of questions: what have we learned, or rather what should we
have learned, from previous experiences adapting to technological
revolution? How can concepts of international relations, and in partic-
ular the international security studies field, neither of which has been
especially adept at merging technology into theory, clarify or confuse
understanding of contemporary phenomena? How can
theoretical and empirical analysis yield strategic insight? What policy
courses can help reduce or mitigate new threats?
It is important to realize that this book is a work of political science
and not computer science. It paints a broad picture of the virtual weapon’s
consequences for stability and order in the international system, while
largely eschewing technical arcana, except where necessary to
contextualize specific points. The book covers the cyber question in its
various cross-cutting dimensions: (1) technological – the origins, prolif-
eration, and behavioral properties of cyberweapons, a topic that is rightly
the preserve of technical specialists but on which the professional student
of international affairs will have a particular view; (2) doctrinal –
problems of strategic adaptation to rapid technological change, such as
the challenges of deterrence and risks of crisis escalation following a
failure to deter, which will be a special concern to makers of policy; (3)
regulative – difficulties of achieving international consensus on rules,
laws, and institutions to govern cyber conduct, a dimension that may
appeal to both theorists and practitioners; (4) agent-level – the empower-
ment of nontraditional and dissatisfied actors who can disrupt interstate
dealings, a subject that many theorists omit from their security frame-
works; and (5) conceptual – how these disruptive forces affect prevailing
models of conflict and cooperation in global politics. In addressing these
dimensions, this study draws from and adapts concepts in the discipline
of international relations, identifying the strengths and weaknesses of
contending theoretical approaches.

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 9

Few studies of this sort exist. One of the central premises of this
book is that cyberspace has a growing – indeed decisive – importance
for world affairs and not just, as many people already know, personal
and commercial life. Yet there is only a modest commitment within the
international relations community to explore the subject. True, a growing
number of works – some masterful – address the strategic, tactical, legal,
ethical, and economic aspects of the cyber question. There is, for
example, Lawrence Lessig’s foundational (and superbly written) book
on the interrelation of cyberspace, law, and social norms;11 Gregory
Rattray’s analysis of “strategic information warfare,” one of the earliest
attempts to conceptualize the effects of information systems on
strategic affairs (as distinct from issues of crime and espionage);12 Jack
Goldsmith and Tim Wu’s deflation of high aspirations of a borderless
Internet beyond the state system’s clutches;13 Martin Libicki’s sober
study of the limits and possibilities of hostile conquest or his examina-
tion of the challenges of deterrence in the new domain;14 Jason Healey’s
comprehensive historical account of cyber conflict;15 Michael Schmitt’s
volume on the legal and ethical travails of international cyber conduct;16
or Adam Segal’s review of how nations, small and large, use the Internet
to achieve strategic and tactical ends outside cyberspace.17
On this basis, some scholars claim, rather cavalierly and compla-
cently, that in international relations the field of cyber studies is
flourishing.18 It is not. For the existing literature betrays an important
gap: it barely, and sometimes not at all, integrates the virtual weapon
into the theoretical matter of international relations. Notable exceptions
to this trend of neglect exist, to be sure – for instance, Joseph Nye’s work
on “power diffusion” in the cyber domain and its implications for global
power structures; or Nazli Choucri’s exploration of “cyber politics” as a
new manifestation of anarchic international relations, drawing explicitly
on the discipline’s theoretical debates and frameworks.19 But the analysis
of other foundational concepts and questions remains primitive. Scholars
have not systematically addressed how cyberspace affects notions such
as international order and stability; institutions and regimes; identity,
norms, and ideology; and the balance of power – which are the disci-
pline’s prime units of intellectual currency. Security studies thinkers in
particular have barely begun to apply their conceptual toolkits to clarify,
model, or explain developments in the new domain. In a realm of study
that should be theirs, they have provided no school – so far.

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 10 INTRODUCTION

The current scholarship gap inhibits the intellectual progress of

international relations. Rivalrous cyber phenomena occur with incessant
frequency. Yet there are few or no theories to interpret and explain them.
This situation erodes the explanatory capacity and policy relevance of
the profession. The inability of prevailing paradigms to explain impor-
tant aspects of the cyber question only worsens the problem of “change”
in international relations; it confirms the charge that the discipline has a
recursive but not transforming logic.20
This book’s chief intention is to resolve the growing gap between the
emerging omnipresence of technology and the limited grasp most
thinkers have of its impact on interstate dealings. The book seeks to
prevent or at least arrest this process of intellectual decay: it provides
international relations specialists with a conceptual apparatus on which
to build a new field of cyber studies. The growing number of important
books on cyber issues provides valuable entry points to general audi-
ences.21 This work will go further. It will develop and apply international
relations theory to derive orderly propositions that reduce complex new
realities to a manageable simplicity. Different to existing academic
efforts, the study will create new benchmarks to analyze the broader rela-
tionship between technological revolution and international order.
Where cyber activity fits the frame of prevailing conflict models, espe-
cially rationalist theories, which assume players are unitary actors who
pursue objective goals efficiently, the study applies such models to explain
it. Here, the focus is on problems of instrumental instability, whereby
accidents and misinterpretation of new technology destabilize the inter-
actions even of rational states. Where the technology disturbs these rigid
models, however, the work draws from alternative concepts to refine
them. The chief concern in these cases is with problems of fundamental
instability, in which the empowerment of revolutionary states or, worse,
actors that are alien to the states system, undermines strategic stability
– a situation that rational-choice theory struggles to elucidate. The book
clarifies how technological change affects foundational concepts such as
“anarchy,” “order,” and “international system” to guide theorists in the
formulation of ordered research questions as well as in the selection of
variables when answering them.
The preliminary step in filling the scholarly void is to identify
its possible sources. Largely, it is the outcome of two forms of skepti-
cism. The first concerns methodology: some thinkers believe that the

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 11

technology’s sheer complexity as well as problems of data collection and

reliability inhibit cyber studies. The second involves intellectual precon-
ceptions: some scholars question the significance of cyber phenomena
to security studies because the new weapon lacks an overtly physical
quality or because it is not a useful instrument of interstate coercion,
conquest, and warfighting.
This book challenges these two attitudes. It argues, first, that cyber
studies is both possible and indispensable to the intellectual progress and
policy relevance of international relations and security studies.22 While
problems of data reliability are real, they do not confine cyber studies to
ahistorical abstraction. At most, data gaps reduce the degree of certainty
of hypotheses. Correspondingly, this book seeks to maximize the leverage
of its findings by avoiding single-case inferences and by drawing, where
possible, on a variety of observable cases. Where only single relevant
cases are observable, however, the analysis will seek to derive from them
insights about broader trends, even if these insights are not fully deter-
minate because the conceivable universe of action is much wider.23 For
its qualitative data, the study draws upon a diverse mix of sources that
includes publicly available government documents outlining current
strategy and regulations as well as data available from news reports and
published forensic analyses of recent cyber events (including systems
vulnerabilities manipulated in these events). Furthermore, the book
generates new data from interviews with senior public and private offi-
cials in selected countries and regional organizations.
A further preliminary note on methods is warranted. It comes as
a warning about the dangers of what one might call “scientism,” or
the idolization of quantitative inference over qualitative analysis in the
discovery of reality. Here, the problem that arises is twofold: the observ-
able realm of cyber incidents, while varied and rich, does not reveal the
full scope of real action, because of the many obstacles of data secrecy;
moreover, in building data sets on observable cases, the invocation of
potentially outmoded concepts of interstate violence and conquest may
lead thinkers to ignore nontraditional but relevant incidents and actors.
The sum effect of these two tendencies may be to diminish or
altogether neglect new trends in security affairs. The quest for large
datasets is a symptom of the reluctance of some analysts to consider the
need for new theoretical departures. Worse, it is an abdication of
strategic learning if theorists substitute the defense of prevailing theory

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 12 INTRODUCTION

for the interpretation of novelties that the old thinking leads them arbi-
trarily to neglect. This book assumes, as a core methodological principle,
that in a new realm of strategic action involving a largely untested tech-
nology, sometimes the most important events in theory construction are
those that did not occur but may plausibly happen.
This book eschews the tendencies and fashions of scientism that
prevail within certain quarters of security studies. By pursuing a deep
analysis of single cases, not always or even primarily involving tradi-
tional national defense purposes, this work strives to provide broader
and truer insights about the nature and scope of the contemporary cyber
revolution than would be possible through the canvassing of a large
number of data points that represent only narrow segments of a much
vaster and varied world of action (both proven and plausible).
Second, the book argues that understanding the cyber question
requires a new paradigm of security commensurate with it, one that
privileges not just physical but also nonphysical threats and that elevates
nonstate actors to a higher level of theoretical existence than the tradi-
tionalist viewpoint allows. This work is a sequel to the few existing
political science books on cyber issues, but it strives to avoid repeating
errors of conviction and omission: of obstinately applying old security
paradigms to the study of new problems, while neglecting alternative
theoretical lenses that may yield a truer picture of present trends.
The book’s main argument is that cyber politics exhibits two states of
nature. One is the traditional system of states locked in familiar contests
for security, but featuring a largely untested weapon whose use is diffi-
cult to model and regulate even among rational contenders. The other
is a chaotic “global” milieu comprising nontraditional players whose
aims and motives may be subversive of national or international order
and who may not accept or even understand (seasoned statesmen often
fail to grasp it) the delicate political framework of the anarchic states
system.
Therein lies the book’s main theoretical contribution: it presents a
framework that clarifies how these two universes converge and collide.
On the one hand, the study shows how the wide diffusion of cyber
capabilities enables new modes of coordination between state and
nonstate players who share certain goals and adversaries. An example of
this phenomenon is the reported collusion between Iran and company
insiders at Saudi Aramco, the Saudi Arabian national oil firm and the

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 13

largest firm in the world, to incapacitate tens of thousands of the firm’s

machines in 2012. On the other hand, there are also dangers of collision
– a cyber event in which nonstate activity encounters the high stakes of
interstate competition, as we saw in the Estonian crisis, in which cyber-
attacks by Russian private culprits prompted officials in Tallinn to
consider invoking NATO’s collective defense clause. The analysis
explores the potential for private actors to produce both convergence
and collision. Take, for example, the question of civilian cyber militias.
These actors furnish governments with the option of plausible denia-
bility in a cyberattack. Furthermore, they provide a means to harness
society’s technological prowess while avoiding the cumbersome organi-
zational structures and costs of traditional military formations. But they
may also generate pressures of instability. In the midst of a heated inter-
state conflict, there is no guarantee that the proxies will remain obedient
to their parent capitals. What was conceived as a device for states to
avoid retribution could become a cause for its invitation. These and
other disruptive forces defy established assumptions of rational-choice
theory: for example, the notion that states conduct their foreign policy
as unitary actors pursuing objective goals. A new conceptual framework
is required that combines the peculiarities of international affairs in the
cyber age with conventional notions of interstate rivalry in a way that is
useful – in fact necessary – for future scholarship.
To impose conceptual order upon these disparate trends, the book
develops benchmarks of “technological revolution” that distinguish
between three basic sets of disruptive forces. They are (in growing degree
of severity): third-order revolution, or systemic disruption, which involves
the appearance of a new technology that disturbs the regularized inter-
actions of rational state contenders (because, for example, it alters the
balance of offensive and defensive forces); second-order revolution, or
systemic revision, which occurs when a new invention empowers revolu-
tionary states (such as North Korea) within the system, thus causing a
rupture in the social order; and first-order revolution, or systems change
– the severest form of revolution, which arises when new players (hack-
tivists and technology firms, for instance) challenge the traditional
supremacy of states, thus altering the system’s very building blocks: the
units. The first two orders of revolution, then, occur within the conven-
tional Westphalian system; they reveal that even on the interstate plane,
important distinctions must be drawn in comprehending technological

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 14 INTRODUCTION

revolution. The third variety of revolution transpires within the wider

global system – or rather, it represents an intrusion upon the Westphalian
order by forces from below. Although the book applies this framework
only to the current cyber revolution, its benchmarks are applicable to the
study of technological revolution broadly.
The cyber revolution expresses all three orders of technological revo-
lution in different degrees. First is the role of cyberspace as a driver of
systemic disruption. Here, it is important to recognize limits. The virtual
weapon is not reconfiguring the balance of power among large nations,
is only an imperfect tool of coercion, and has not altered the nature of
territorial conquest. Nevertheless, the new capability fuels systemic
disruption because it deprives states of clear “if-then” assumptions on
which to carry out a restrained contest for security. Although it does not
alter the balance of power or transform the nature of war, the cyber
domain is a perfect breeding ground for strategic instability. The new
capability evolves faster than analysts can divine its properties and effects;
it obfuscates the “signature” of power because adversaries can often mask
their identity and location; its offensive dominant nature aggravates the
security dilemma of anarchic politics; and it greatly expands the “depth”
of power: adversaries can use it to affect each other’s intimate political
affairs and core interests remotely. Second, the virtual weapon is a driver
of systemic revision: it empowers revolutionary states. The clearest
example of this trend is North Korea. This small nation, peculiar for its
combination of bizarre ideology and military prowess, is able to use
cyberspace to challenge the basic political purposes of international
society. Importantly, it can use the new technology to sow chaos without
ever resorting to war. The third order of the cyber revolution is the most
notable of all: it challenges the supremacy of the system’s established
units – states. To be sure, states retain their primacy. They possess the
intelligence and other resources necessary to mount the most sophisti-
cated cyber actions. Thus the emergence of new actors does not mean
that states are becoming irrelevant. Yet in important ways their supremacy
is challenged by actors residing outside the conventional system. States
are no longer the sole or even the main sources of national security
threats; some nontraditional players can cause surprising degrees of
harm. States are not the only or even, in some cases, the primary national
security providers. Also, the traditional units can no longer maintain full
control over the dynamics of conflict among them. Other actors can

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 15

disturb the fragile political framework of interstate dealings. States, in

short, are no longer the sole masters of international security.
The skeptics would ask us to suspend analysis at the conceptual
bounds of systemic disruption; the search for revolution ceases before it
has truly begun. They cannot grasp the cyber revolution because their
concepts act as blinders to its existence. The conventional model of the
international system, to be sure, is a good basis on which to measure the
degree of change wrought by new technology. But by itself it is a poor
and incomplete indicator of change. By defining three distinct kinds of
technological revolution, two of which transcend the conventional
model, and by integrating their disruptive trends into the study of
international relations, this book will add new theoretical content to the
view – derided by traditionalists – that the contemporary world confronts
an enormous cyber danger.
Beyond building concepts, the book seeks to guide the laborious task
of strategic interpretation of new technology. In other words, it strives to
benefit not merely theory but also statecraft. The necessity of this book
arises from the novelties and urgencies of the cyber danger and the diffi-
culties for practitioners of international politics in dealing with them.
Western intelligence agencies rate the cyber threat higher than or equal
to that of global terrorism.24 They warn of the potential for a calamitous
cyberattack. Many of the major developments in domestic and interna-
tional politics – for example, the possibly decisive intervention by Russia
in the 2016 U.S. presidential election – are incomprehensible unless one
grasps the role of new technology in enabling them. Yet makers of policy
have little time to interpret the strategic implications of the transforming
technology because the pressures for action are immediate. There is little
consensus on how to reduce the new threat. Does “declaratory ambi-
guity” deter attacks or merely increase the chances that the prospect of
retaliation will be underrated? What dangers does a policy of cross-
domain deterrence that includes escalation to conventional force pose
for the management of a cyber crisis? What signaling procedures and
confidence-building measures could halt an exchange involving nonstate
actors from accelerating beyond the ability of states to control it? With
what mechanisms can private actors be coopted into the national cyber
establishment so that states can leverage civilian resources for strategic
gain? NATO’s Supreme Allied Commander Europe (2009–13), Admiral
James Stavridis, captured the anguish of practitioners when he observed

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 16 INTRODUCTION

that understanding of cyber interactions is in a similar state of develop-

ment as was the early theory of flight.25 The growth of cyber arsenals, in
short, is outpacing the design of doctrines to limit their risks.
Amid these growing pains of statecraft, scholarly attention to the
cyber question is necessary to preserve the policy relevance of the inter-
national security studies field. Removed from the pressures of having to
defeat the new threat, yet possessing concepts necessary to analyze it,
theorists are in a privileged position to resolve its strategic quandaries.
The deductive models of theorists have in the past served as a basis on
which to develop strategy: for example, the influence of game theory
and other rational-choice models (some ported from microeconomics)
on the development of strategies to prevent conflict and enhance coop-
eration among states.26 Similarly, this book proposes new avenues of
thinking – conceptual frameworks, empirical analyses, and doctrinal
reviews – that can assist practitioners in the reevaluation of strategic
axioms on which the efficacy of security policy ultimately rests.
Overall, the book addresses the concerns of scholars, practitioners,
and laypersons – not always equally, because the work’s emphasis is on
theory and strategy, not policy or technical arcana, though often in
tandem. The emphasis in Part I on elaborating conceptual benchmarks
will appeal especially to international relations scholars. Students in
other disciplines may also derive valuable insights. Computer specialists
in particular may find this analysis useful in framing nontechnical ques-
tions, for example, meanings of cyber “security” and “attack” that concern
assets beyond cyberspace, or a conception of “threats” that emphasizes
not lines of code but the human agents who employ it. Part II on degrees
of the cyber revolution may appeal to a wide audience of observers
wanting to make sense of the contemporary cyber danger. Part III may
interest security professionals and practitioners most directly, for it
engages in a task that is often crucial but always perilous for theorists:
the application of concepts to policy guidance. Overall, then, the book
strives to cast a wide net of interest. Technologists will find in it a
perspective on the cyber question that is distinct but complementary to
theirs; business analysts and consultants, a new criterion on which
to build and refine risk models; national security experts, a comprehen-
sive analysis of threats that affect nations in various regions of the world
in equal measure, but that require responses attuned to the specific polit-
ical and institutional restraints of each society.

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 17

Plan of the Book

The remainder of this volume is organized into three parts. Part I deals
primarily with theory and concepts. It contains three chapters. Chapter
1 explores the interdisciplinary character and disciplinary boundaries
of cyber studies, sketching the sometimes ambiguous contours of
an emergent “Congress of Disciplines.” It provides comprehensive
groundwork on the cyber question – its novelties and complexities, its
central theoretical debates and contending positions within them. In
addition, the chapter reviews the technical and conceptual rudiments
of cyber activity from the perspective of the international relations
specialist. In the process, the analysis will draw important conceptual
distinctions, some of which contravene prevailing understandings.
Chapter 2 dispels the view – popular among traditionalist thinkers –
that the cyber threat is largely a myth. The analysis examines five major
defensive costs: offense unpredictability, defense denial, complex defense
surface, defense fragmentation, and supply-chain risks. It draws on
observable cases of cyberattack and exploitation to illustrate the
defensive gap. Moreover, it introduces a new concept – the state of
unpeace – to characterize the new range of rivalrous activity that falls
between the binary notions of war and peace, which together do not
adequately capture the full spectrum of cyber activity.
Chapter 3 develops a conceptual framework appropriate for the
analysis of technological revolution in international relations. It defines
an ideal type of international system – the Conventional Model – as a
basis for distinguishing the three degrees of the cyber revolution exam-
ined in this book, each with varying implications for stability and order
in the system. Along the way, the discussion will refer to historical cases
of rapid change in weapons systems to derive “test” principles on the
general relationship between technological revolution, international
order, and strategic adaptation.
Part II applies these frameworks to identify and clarify the virtual
weapon’s implications for international order. Chapter 4 analyzes third-
order problems of systemic disruption, principally the risks of unwanted
or accelerating cyber crises among rational state adversaries. In order to
illustrate these problems, the chapter reviews past cyber incidents, such as
the Stuxnet operation against the nuclear facility at Natanz in Iran.27
Chapter 5 reviews the potential for cyberspace to aggravate second-
order problems of systemic revision. Here, the plight of the analyst and

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 18 INTRODUCTION

policymaker is especially acute, for they must decipher problems of a

rational but also an ideological nature. The cyber domain is a perfect
breeding ground for political subversion; more so when the source of
subversion is a powerful player such as North Korea that repudiates
elements of the world consensus and which possesses potent instru-
ments to pursue its deviant ideals.
Chapter 6 explores first-order problems of systems change – namely,
the threat that nonstate actors will use cyberspace in ways that subvert
international order (or national order, with similar effects). The discus-
sion analyzes proliferation dynamics: these mark the difference between
first-order technological revolution and lesser orders. The analysis
designs conceptual typologies that clarify the relative capacities of
nontraditional players to acquire and employ cyber instruments and
their motives for doing so. It examines manifestations of fundamental
instability in the states system – such as the danger that new players will
crash foreign computer systems without their own government’s direc-
tion or even sanction.
Part III focuses on applied aspects of strategy and policy. Chapter 7
examines problems of deterring a major cyberattack in the absence of
viable measures to repulse it. It considers two classical techniques
of deterrence: denial and punishment. The virtual weapon spoils the
logic of each. Another mechanism – entanglement – may be more
effective at explaining deterrence in the new domain; it is not, however,
failsafe. The chapter also analyzes the challenges of preventing mid-
spectrum cyberattack and proposes a new approach to overcome them:
punctuated deterrence, which prescribes a response to a series of actions
and cumulative effects, rather than individual actions and particular
effects. Chapter 8 reviews Russian innovations in the methods of
information warfare. It explores the cyber operations that disrupted the
U.S. presidential election process in 2016 and threatened to subvert
liberal democracy. These occurrences reveal an important truth about
security in our times: the nonviolent methods of unpeace can be more
potent sources of national power and influence than the overt
violence of Clausewitzian war. Chapter 9 explores the possible
strategic and other consequences of private sector active defense (e.g.
intrusion and incapacitation of attacking machines) in foreign
jurisdictions. The analysis evaluates the challenges and opportunities of
convergence in the new domain between the world of states and the

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 INTRODUCTION 19

world of citizens – traditionally treated as separate universes by inter-

national relations theorists – and the dangers associated with a collision
of these two universes.
Chapter 10, the concluding discussion, summarizes the book’s
argument and explores ongoing evolutions in the threat landscape.
For example, it asks: will the emergence of the Internet of Things and
universal quantum computers exacerbate the cyber curse of modern
society?

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]
 20

EBSCOhost - printed on 10/21/2021 1:33 PM via BODLEIAN LIBRARIES - UNIVERSITY OF OXFORD. All use subject to [Link]