Cyberspace in Peace and War
By Martin C. Libick
US Naval Institute Press
Cyberspace in Peace and War, written by Martin C. Libicki, a professor of cyber security studies at the US Naval Academy, takes on an ambitious assignment. The book sets out to provide the reader with a comprehensive overview of cyberwar from the perspectives of technology and military strategy. Libicki succeeds in this, offering a remarkably thorough look at a complex set of issues.
Libicki leads off with a meticulously sourced review of how cyberattacks work and proceeds to define the main approaches to cyberdefense. He then delves into the thorny discussion of what the government should or should do about the problem. From there, Libicki undertakes an extensive exploration of the various ways that military can approach cyberwar—from both defensive and offensive points of view.
He differentiates, for example, between strategic and operational cyberwar. The book also gets into a debate lurking beneath the surface of many cyberwar dialogues: the divergence between the disorganized world of hackers and the needs of the military to “professionalize” cyberwar. He also looks at the challenges of mounting an offensive cyberwar campaign in actual war conditions, e.g. being able to time an attack and determine odds of success.
Libicki writes very well. Even though there is a massive amount of material to cover, it’s relatively easy to read. He avoids lapsing into the opaque, insiders-only DoD-speak that can sometimes arise in this kind of discussion.
The only limitation in this book is Libicki’s occasional tendency to take refuge in theory on issues where actual events seem to suggest that the theories don’t reflect reality. He’s very enamored of air gaps, for example, which are not as effective as people want them to be. He also repeatedly offers the insight that cyberattacks are usually short-lived and easy to recover from, which is true, but misses the point a great deal of the time. The hack of the DNC email server, for instance, was a very minor hack, but it changed the course of American history.
That said, what Libicki has accomplished here is to set out a rich array of policy discussions. He enables the reader to appreciate the multiple points of view that can arise on any given cyber war issue. One may not agree with him, but he’s showing you the contours of the policy argument. By combining thoroughness, good writing style and encyclopedic knowledge of the policy issues, Libicki has rendered a great service to anyone in a military or policy making position who wishes to gain a better understanding of what’s happening in cyberspace in peace and war.