Connect with us

Hi, what are you looking for?

Book Review

Offensive Cyber Operations: Understanding Intangible Warfare by Daniel Moore

ISBN 978-0-19765-755-3, Oxford University Press, August 2022, 328 pages, $37.69 hardcover

Reviewed by: Sean Pascoli, Army Research Lab

Offensive Cyber Operations is a timely book that is highly recommended as a primer for the Special Operations Forces (SOF) community as it evaluates the role that United States Special Operations Command forces can fill in the cyber domain. Daniel Moore adroitly explores the principles and boundaries of cyber warfare. The author does a masterful job of demonstrating how conflict on the cyber domain is a natural evolution of warfare and how traditional conflict has employed software as a weapon. He goes on to demonstrate the symbiotic relationship between military technology and civilian advancements throughout the annals of human conflict.

Moore examines in detail how the threat landscape is arrayed and expertly explains in an easy-to-understand narrative how significant the impact of civilian intelligence agencies can have on offensive cyber operations. He proposes a model to assess network attacks and determine if these attacks constitute an act of war. This model is composed of five categories: target, impact, attacker, goals, and relationships. These five parameters allow governments to differentiate between three different types of activities—hostile attacks, intelligence campaigns, and criminal activities.  A model to assess network attacks is crucial in offensive cyber operations as it enables a systematic understanding of vulnerabilities, tactics, and potential exploits. Such a model allows offensive teams to anticipate, simulate, and counteract adversarial strategies effectively, enhancing the overall cybersecurity posture. By incorporating threat intelligence and advanced analytics, these models contribute to a proactive defense strategy, ultimately safeguarding critical digital infrastructure from sophisticated cyber threats.

The book then goes on to discuss the challenges associated with building an international consensus on what constitutes offensive cyber operations, paying particular attention to how the lack of a universal lexicon leads to confusion when trying to apply terminology and analogies to cyber incidents. The most interesting part of the book was the author’s argument for why it is so important in the context of national security to identify where intelligence activities end and cyberattacks begin. He goes on to suggest that offensive cyber operations should be defined more clearly by expanding them to encompass different varieties while maintaining a balance between inclusiveness and cohesion. Not an easy task when you lack consensus on international norms and a common lexicon. His thesis on the differences between presence-based and event-based cyber operations introduces a new way to describe military cyber operations, identifying each as either presence-based or event-based. It has shaken up academia and has brought a scientific taxonomy into a discussion otherwise dominated more by international relations experts and less by scholarship from people with his level of military and technological expertise.

 The author originally submitted this book as his Ph.D. thesis at Kings College London. He is a well-respected contributor to the infosec community and served in the Israeli Defense Force’s Unit 8200—a famed Cyber/Signals Intelligence operations corps widely recognized as one of the most elite such units in the world. The author does a superb job of explaining the complexities of cyber warfare by using real world examples such as the TV5 Monde and Seoul Winter Olympics to name just a few of the compelling real-world examples discussed in the book. These examples highlight how these attacks often reside in a gray area between warfare and non-warfare activities with unique capabilities applicable to both.

Offensive Cyber Operations: Understanding Intangible Warfare is an excellent primer for everyone in the SOF community to read for a better understanding of the principles and boundaries of offensive cyber operations. SOF are a force multiplier for offensive cyber operations primarily due to their placement and access. As SOF continue to formalize its doctrine and training standards for Offensive Cyber Operations (OCO), an understanding of OCO is critical for its success. For those already working in SOF cyber operations, the comprehensive framework for assessing network attacks and understanding the complexities of offensive cyber operations is relevant and of great interest to SOF Cyber Operators and Planners.  

You May Also Like