A Necessary Contest: An Overview of U.S. Cyber Capabilities

The U.S. government began to worry about vulnerabilities in the cyber domain and to search for ways to reduce them more than twenty years ago. At the same time, in secret, it began developing and using offensive cyberoperations for military purposes while also ensuring that its intelligence agencies amended their collection activities to accommodate the arrival of the internet. The United States' major strategic opponents-Russia and China-at first lagged in developing these military capabilities but are now considered peers or near-peers in terms of their capabilities. Digital technologies and cyberspace have become a new and central domain of conflict among these powers and others. In this domain, however, the U.S. perspective on cybersecurity is somewhat outdated-still too close to its 1990s focus on protecting critical infrastructure and somehow deterring opponents-and no longer sufficient to manage national interests.1Nonstate actors do not have the ability or interest to launch a truly destructive cyberattack. Although, according to European intelligence sources, some Russian-speaking criminal groups have greater cyber capabilities than all but a handful of states and could carry out disruptive attacks, they have little interest in actions that do not yield financial returns (or these proxy groups may be constrained by the Russian state from offering their services to third parties). Terrorist groups lack the expertise and, in most cases, the interest to launch cyberattacks. The most active groups, Hezbollah and Hamas, act largely as proxy forces for Iran. This makes cyber conflict the domain of nation states, something demonstrated by a simple review of public and nonpublic accounts of cyber actions. It is inaccurate to look solely at "cybersecurity," as if this activity occurred outside the larger sphere of military and diplomatic relationships.