6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Rain Ottis<br />
Of the three models, the hierarchy probably takes the longest to establish, as the chain of command<br />
and role assignments get settled. During this process, which could take days, months or even years,<br />
the militia is relatively inefficient and likely not able to perform any complex operations.<br />
5. Comparison<br />
When analyzing the three models, it quickly becomes apparent that there are some aspects that are<br />
similar to all of them. First, they are not constrained by location. While the Forum and the Cell are by<br />
default dispersed, even a state sponsored hierarchical militia can operate from different locations.<br />
Second, since they are organizations consisting of humans, then one of the more potent ways to<br />
neutralize cyber militias is through information operations, such as persuading them that their<br />
identities have become known to the law enforcement, etc.<br />
Third, all three models benefit from a certain level of anonymity. However, this also makes them<br />
susceptible for infiltration, as it is difficult to verify the credentials and intent of a new member.<br />
On the other hand, there are differences as well. Only one model lends itself well to state sponsored<br />
entities (hierarchy), although, in principle, it is possible to use all three approaches to bolster the<br />
state’s cyber power.<br />
The requirement for formalized chain of command and division of responsibilities means that the initial<br />
mobilization of the Hierarchy can be expected to take much longer than the more ad-hoc Forum or<br />
Cell. In case of short conflicts, this puts the Hierarchy model at a disadvantage.<br />
Then again, the Hierarchy model is more likely to adopt a “peace time” mission of training and<br />
recruitment in addition to the “conflict” mission, while the other two options are more likely to be<br />
mobilized only in time of conflict. This can offset the slow initial formation limitation of the Hierarchy, if<br />
the Hierarchy is established well before the conflict.<br />
While the Forum can rely on their numbers and use relatively primitive attacks, the Cell is capable of<br />
more sophisticated attacks due to their experience. The cyber attack capabilities of the Hierarchy,<br />
however, can range from trivial to complex.<br />
It is important to note that the three options covered here can be combined in many ways, depending<br />
on the underlying circumstances and the personalities involved.<br />
Conclusion<br />
Politically motivated cyber attacks are becoming more frequent every year. In most cases the cyber<br />
conflicts include offensive non-state actors (spontaneously) formed from volunteers. Therefore, it is<br />
important to study these groups.<br />
I have provided a theoretical way to categorize non-trivial cyber militias based on their organization.<br />
The three theoretical models are: the Forum, the Cell and the Hierarchy. In reality, it is unlikely to see<br />
a pure form of any of these, as different groups can include aspects of several models. However, the<br />
strengths and weaknesses identified should serve as useful guides to dealing with the cyber militia<br />
threat.<br />
Disclaimer: The opinions expressed here should not be interpreted as the official policy of the<br />
Cooperative Cyber Defence Centre of Excellence or the North Atlantic Treaty Organization.<br />
References<br />
Carr, J. (2009) Inside Cyber Warfare. Sebastopol: O'Reilly Media.<br />
Denning, D. E. (2010) “Cyber Conflict as an Emergent Social Phenomenon.” In Holt, T. & Schell, B. (Eds.)<br />
Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications. IGI Global, pp 170-<br />
186.<br />
Krekel, B., DeWeese, S., Bakos, G., Barnett, C. (2009) Capability of the People’s Republic of China to Conduct<br />
Cyber Warfare and Computer Network Exploitation. Report for the US-China Economic and Security<br />
Review Commission.<br />
Nazario, J. (2009) “Politically Motivated Denial of Service Attacks.” In Czosseck, C. & Geers, K. (Eds.) The Virtual<br />
Battlefield: Perspectives on Cyber Warfare. Amsterdam: IOS Press, pp 163-181.<br />
312