ARGUMENT: Cyberspace operations Cyberspace Is Neither Just an Intelligence Contest, nor a Domain of Military Conflict; SolarWinds Shows Us Why It’s Both

Published 14 May 2021

Operations in cyberspace—at least those perpetrated by nation-state actors and their proxies—reflect the geopolitical calculations of the actors who carry them out. Erica D. Borghard writes that cyberspace is sometimes an intelligence contest, and other times a domain of conflict, depending on the strategic approaches and priorities of particular actors at a given moment in time. The SolarWinds campaign shows that “Future conversation needs to move beyond the military versus intelligence contest binary construct to more meaningfully explore how states may seek to use cyberspace for multiple objectives, either in sequence or in parallel,” she writes.

Operations in cyberspace—at least those perpetrated by nation-state actors and their proxies—reflect the geopolitical calculations of the actors who carry them out. Strategic interactions between rivals in cyberspace have been argued by some, like Joshua Rovner or Jon Lindsay, to reflect an intelligence contest. Others, like Jason Healey and Robert Jervis, have suggested that cyberspace is largely a domain of warfare or conflict.

Erica D. Borghard writes in Lawfare that the contours of this debate as applied to the SolarWinds campaign have been outlined recently—Melissa Griffith shows how cyberspace is sometimes an intelligence contest, and other times a domain of conflict, depending on the strategic approaches and priorities of particular actors at a given moment in time.

She adds:

Therefore, rather than focusing on the binary issue of whether a warfare versus intelligence framework is more applicable to cyberspace, the fact that activity in cyberspace takes on both of these characteristics at different times raises interesting questions about how these dimensions relate to one another at the operational level. How does maneuvering in cyberspace for intelligence purposes impact military cyberspace operations, and vice versa? When are these actions not mutually exclusive? Typically, operational considerations of intelligence and military action are discussed in the context of intelligence gain-loss calculations—that is, the trade-offs between prioritizing intelligence versus military objectives. But this framing plays into the overall dichotomy that pervades the discourse. Certainly, in some contexts there are compromises and zero-sum choices between intelligence and military operations—where, for instance, the decision to conduct an offensive cyber operation might jeopardize valuable access to a network that is used for intelligence purposes. However, less explored is how military operations shape and are shaped by intelligence considerations for mutual opportunities.

Borghard notes that her analysis defines intelligence operations in conceptual, rather than legal, terms. It sets aside critical legal distinctions in the United States, for instance, between the authorities that govern Title 50 and Title 10 cyber operations, as well as the different organizational stakeholders involved.

From the Russian perspective, SolarWinds is emblematic of how cyberspace could enable opportunities for both intelligence collection and offensive cyber operations, potentially even those that may serve different strategic objectives.

She writes that while her analysis may seem to be part of an esoteric academic debate, there are important implications for U.S. policy.

Future conversation needs to move beyond the military versus intelligence contest binary construct to more meaningfully explore how states may seek to use cyberspace for multiple objectives, either in sequence or in parallel. This will require improving early warning and intelligence collection focused on adversary intent to better anticipate when cyber operations are likely to be contained to espionage versus when they may also include an offensive component. This also includes developing clear response mechanisms that distinguish between routine (if regrettable) cyber espionage and unacceptable offensive operations that the U.S. seeks to deter.

….

A U.S. declaration that clarifies what constitutes responsible versus irresponsible cyber espionage behavior—distinguished, for instance, by espionage activities that may inadvertently increase systemic vulnerabilities or enable malicious actions by third parties—andpublicly commits the U.S. to that standard would be an important positive step.