Is the best defense a strong offense in cybersecurity?

Summary: The US government appears to assume that — as with nuclear war — “the best defense is a strong offense” Cybersecurity expert Emilio Iasiello asks if this makes sense with cybersecurity, given the difficulty of identifying the attacker (attribution) and striking back at them (often amorphous non-state actors).


Complacency in Cyberspace May Be Our Biggest Vulnerability

By Emilio Iasiello
Posted at Dead Drop (of the LookingGlass Cyber Threat Intelligence Group)
2 December 2015. Posted with his gracious permission.

The volume of cyber incidents that have impacted the United States has caused more than just economic damage, it has become so mainstream that it has become a daily reality and accepted course of action.  A recent article posed the question if advanced persistent threat activity – a sloppy term that refers to suspected nation state or nation state-sponsored cyber operations – has become the new normal.  The sheer volume and magnitude of cyber espionage activity attributed to these groups has escalated to such a degree that they are ceasing to instill the same concern as they did just a few years earlier.

The problem is that the frequency of these events, the escalating damages and data stolen, and the lack of the perpetrators suffering any real consequences is causing calls to improve cyber security procedures to fall on deaf ears.

Instead of focusing on trying to actually improve security, which means having dedicated professionals engaged in daily activities of mitigating cyber threats, we seek to develop advanced cyber weaponry and instill a cadre of “cyber warriors” to take care of the bad guys.  There seems to be growing support for this hacking-back approach as part of a cyber war pre-emption plan to bolster our cyber defenses.  The idea is that while it is generally believed that the United States has advanced cyber weapons, until they are actually deployed, their deterrence value won’t be realized.  In other words, when a bully sees how hard we punch, he may move on to someone else.

However, such an approach, while aspirational, is actually limited.  The diverse threat actor landscape consists of various levels and numbers of state and non-state actors. And while it may make sense on a political level to go after those individuals who conduct high-profile attacks that steal millions of dollars or puts millions of personal identifiable data at risk, improved cyber weaponry at the national level cannot be leveraged by most organizations and individuals.

Read more


Will we repeat our mistakes in the Middle East & lose, or play defense & win?

Summary:  The West’s post-9/11 wars in the Middle East have run down, but our involvement in Syria’s civil war and the attacks by radical Islamists in American — and the far larger Paris attacks — have begun a new phase in this clash of civilizations. Before we attack, repeating the mistakes of the past 15 years, let’s consider an alternative strategy: play defense, and win.

Nike, goddess of victory
Goddess of Victory. Emanuel Lakozas at DeviantArt.



  1. A hegemon’s dilemma.
  2. How to eat soup with a knife?
  3. Who is attacking? Who is defending?
  4. Our response: attack!
  5. A better way: defend.
  6. Other posts in this series.
  7. For more information.

(1)  A hegemon’s dilemma

In chess, a zugzwang means that you believe that all moves weaken your position. It often results from a lack of imagination, an inability to break free from one’s patterns of perception and analysis.

Hegemons often see themselves as in a zugwang, where change itself threatens to their status as #1. For example, Britain responded poorly to Germany’s aggressive aspirations in the decades before WWI, rather than seeking to integrate them into a growing and prosperous multi-polar 20th century.

America’s major 21st century challenge might be cultural as well as geopolitical, as fundamentalist Islam challenges not just American dominance in the Middle East but the West’s cultural supremacy. We’ve reacted to the resulting insurgencies by waging war — treating fundamentalist Islam as an evil ideology, like the NAZI’s. With the usual perversity of events, we’ve succeeded only in toppling secular regimes (Afghanistan, Iraq, Libya, and perhaps Syria), who are replaced by Islamic regimes) — and setting the region afire.

To find a better solution let’s look at T. E. Lawrence’s Seven Pillars of Wisdom (1922), a handbook for insurgents written during the Arab Revolt of WWI.

“The Turks were stupid; the Germans behind them dogmatical. They would believe that rebellion was absolute, like war, and deal with it on the analogy of war. Analogy in human things was fudge, anyhow; and war upon rebellion was messy and slow, like eating soup with a knife.”

We have been “stupid and dogmatical” in our wars since 9/11, dealing with these insurgencies “on the analogy of war.” We are like the pitiful fool “eating soup with a knife”, spilling most of each attempt.

Does America have so few strategic options that we must, in effect, attempt to eat soup with a knife? Lawrence wrote about his experience fighting with locals waging a successful insurgency. American hawks see it as advice for doing the opposite — fighting insurgencies in foreign lands.

The hawks ignore the simple truth of Lawrence’s insight: you cannot eat soup with a knife unless you first change the situation.

Read more

The Cult of the offense returns: why we’re losing the long war, & how to win

Summary: We cannot escape history. It offers lessons to guide us. It’s deployed as propaganda to mislead us. Successful strategy requires distinguishing between the two. Our long war, so far a series of defeats, provides examples of both. We can do better in the future if only we’d pay attention.

“As we shall show, defense is a stronger form of fighting than attack. … I am convinced that the superiority of the defensive (if rightly understood) is very great, far greater than appears at first sight.”
— Clausewitz’s On War, Book 1, Chapter 1.



  1. The Cult of the Offense Returns.
  2. The allure of a losing strategy.
  3. Learning from the Revolution.
  4. For More Information.
  5. Clausewitz gets the last word.


(1)  The Cult of the Offense Returns

A reader brought to my attention Nothing Less than Victory: Decisive Wars and the Lessons of History by the late scholar John David Lewis (2010). It’s an excellent example of history as political propaganda, of the kind Victor David Hanson deployed to build support for our defeats in Iraq and Afghanistan (e.g., Carnage and Culture: Landmark Battles in the Rise to Western Power). The genre uses cherry-picked examples overlaid with moralism, telling a story made convincing by lavish use of historical detail to tell one side of the story.

Lewis advocates unceasing belligerence to our foes, always attacking. It’s a commonplace in history, often leading to ruin. It’s become the geopolitical strategy of American neoconservatives, ignoring lessons from American history about the frequent superiority of defense over offense.

De l’audace, encore de l’audace, toujours de l’audace et la Patrie sera sauvée!” (Audacity, more audacity, always audacity and the Fatherland will be saved!)

— George Danton in a speech to the Assembly of France on 2 September 1792. He was the first President of the Committee of Public Safety. The radical Jacobins on the Committee took his advice, sent him to the guillotine for “leniency” to the enemies of the Revolution, and audaciously soaked the Revolution in blood — wrecking it.

Read more

The Best Defense Is a Strong Defense. Never Fight a Land War in Cyberspace.

Summary: Why defense experts obsess about the relative advantages of different military hardware (e.g., the A-10 vs the F-35), the US has unleashed the tools of cyberwar on Iran. We can expect more in the future, begun by friends and foes. So let’s learn the rules. Today Marcus Ranum explains the nature of attack and defense in cyberwar, and the advantages of each.  {@nd of 2 posts today.}

Cyber Warriors


My 2014 presentation “Never Fight a Land War in Cyberspace” compared key elements of warfare in the real world with warfare in cyberspace, exploring the interchangeability of tactics and strategy in those domains. I expected that “cyberwar” would have similar underlying principles as regular war, but found that “cyberwar” bears no resemblance to warfare at all — tactically or strategically. Of course it fits in the overall grand strategy of conflct and power, but our tendency to reason by analogy breaks down quickly here.

In this series I will lift some of the main themes from that presentation and give them the more detailed explanation they deserve.

I will use two terms as shorthand.

Cyberwar“, which I do not think is a real thing, as shorthand for “conflict in cyberspace” — which I consider real. This series continues my attempt to explain why “cyberwar” is not a useful concept; unfortunately, the term has taken on a life of its own. Caveat Emptor.

Topological warfare” as shorthand for the idea of warfare that is bound to a real-world existence. The real-world-ness of topological warfare is the basis for what we know as military strategy and tactics; it’s an environment in which armies have to eat and cannot move at light speed, etc. The topological nature of warfare deeply penetrates virtually all of our thinking about strategy and tactics.

“The Best Defense is a Strong Offense”

Read more

How I learned to stop worrying and love Fourth Generation War. We can win at this game.

Summary: Looking through the archives of any website discussing modern war quickly reveals how little we have learned since 9-11, despite our futile but large expenditures of money and blood. The resistance to war with Syria (outcome still unknown) suggests that the time might have come to dust off these lessons. Perhaps America has grown weary of failure, and become willing to explore different paths.

This series expands on a post from July 2005. The other chapters:

  1. We are the attackers in the Clash of Civilizations. We’re winning.
  2. Handicapping the clash of civilizations: bet on America to win

4gw vs USAF bomber


  1. Introduction
  2. History of defense vs offence
  3. A new era of defensive strategy
  4. Making the change
  5. About fourth generation warfare
  6. About the win rate of foreign armies fighting insurgents


(1) Introduction

In 2009 I wrote that our military’s response to 9-11 was to adopt the WW1-era cult of the offense (natural, since our military doctrine was largely WWi-era 2GW). Two failed occupations later, we continue to seek foreign monsters to destroy. The American public’s opposition to intervention in Syria indicates that the bankruptcy of this doctrine has become obvious. But what can replace it?

In both his “On War” articles, in the Fourth Generation Warfare Field Manual, and particularly in his article “Strategic Defense Initiative”, William Lind points to a possible solution to America’s strategic problems:

{O}ne matter of prime importance seemed to be agreed by all parties: in the so-called War on Terror, America must remain on the offensive. … There is little doubt that “being on the offensive” sounded good to most voters. But if the objective is to design a strategy that brings victory in the War on Terror, a different approach may have much to recommend it.

Lind quotes from Carl von Clausewitz’s On War :

“{D}efense is simply the stronger form of war, the one that makes the enemy’s defeat more certain. We maintain unequivocally that the form of warfare that we call defense not only offers greater probability of victory than attack, but that its victories can attain the same proportions and results.”

Lind’s essay develops the strategic implications of a defensive strategy. Quite sensibly, since history shows us that a defensive posture is stronger than offense. Look at Europe: since the Treaties of Westphalia in 1648 few invaders have achieved profitable victories against roughly equal opponents; all of the large aggressors have lost. This post looks at other aspects of this solution.

(2) History of defense vs offence

Bill Bonner, an American expatriate living in France, once observed that after 300+ years of French military adventures — with their dead scattered over Europe – the French have considered what they gained from this sacrifice, and find it insufficient. Perhaps the French and their neighbors in Europe have learned the impotence of 2nd and 3rd generation militaries in a 4th generation world. Their conventional wars against each other produced no victors; their 4GWs waged as colonial powers after WW2 produced only defeats.

Read more

Important reading for every American who wishes to understand our foreign wars

On rare occasions we are blessed with essays both brilliant and timely, words that meet our immediate needs.  Here we have one such by a veteran and military expert.  Here is a brief excerpt from the current issue of Armed Forces Journal — given only to illustrate as an sample of the author’s thinking, to encourage you to read in full this important article.

At the end are references to other valuable articles about our foreign wars.  Plus other posts from on the FM site discussing why a defensive strategy will work best for America in an age when 4GW has become the dominant form of warfare — and the home court advantage often becomes decisive.

Refusing battle – The alternative to persistent warfare“, Douglas MacGregor (Colonel, US Army, retired), Armed Forces Journal , April 2009 — Excerpt:

In this volatile setting {of today’s world}, direct American military involvement in conflicts where the U.S. itself is not attacked and its national prosperity is not at risk should be avoided. Otherwise, American military involvement could cause 21st century conflicts to spin out of control and confront Americans with regional alliances designed to contain American military power; alliances that but for American military intervention would not exist. It is vital the U.S. not repeat the mistakes of the British Empire in 1914: overestimate its national power by involving itself in a self-defeating regional war it does not need to fight and precipitate its own economic and military decline.

Avoiding this outcome demands new goals for American military power and a strategic framework that routinely answers the questions of purpose, method and end-state; a strategy in which American military action is short, sharp, decisive and rare. Such a strategy involves knowing when to fight and when to refuse battle.

Read more

What Tom Barnett should have told Congress about America’s 21st century Navy

Thomas Barnett is one of our foremost geopolitical visionaries, so his presentations are always worth attention.  His latest is insightful and elegantly expressed, as always.  However, I have a few suggestions — minor changes to make  it better suit the current situation and needs of America.  (I have a draft post in the pipeline describing the implication of the revised Barnett speech for our naval forces.)

Statement submitted By Dr. Thomas P.M. Barnett, Senior Managing Director, Enterra Solutions LLC to the Seapower and Expeditionary Forces Subcommittee, House Armed Services Committee, United States Congress, 26 March 2009 (Hat tip to the always-interesting Zenpundit).

I fully agree with the opening of Barnett’s presentation:

I appear before the subcommittee today to provide my professional analysis of the current global security environment and future conflict trends, concentrating on how accurately–in my opinion–America’s naval services address both in their strategic vision and force-structure planning. As has been the case throughout my 2 decades of working for, and with, the Department of Navy, current procurement plans portend a “train wreck” between desired fleet size and likely future budget levels dedicated to shipbuilding.

I am neither surprised nor dismayed by this current mismatch, for it reflects the inherent tension between the Department’s continuing desire to maintain some suitable portion of its legacy force and its more recent impulse toward adapting itself to the far more prosaic tasks of integrating globalization’s “frontier areas” — as I like to call them — as part of our nation’s decades-long effort to play bodyguard to the global economy’s advance, as well as defeat its enemies in the “long war against violent extremism” following 9/11. Right now, this tension is mirrored throughout the Defense Department as a whole: between what Secretary Gates has defined as the “next-war-itis” crowd (primarily Air Force and Navy) and those left with the ever-growing burdens of the long war — namely, the Army and Marines.

Let’s skip ahead to the money paragraph:

As someone who helped write the Department of Navy’s white paper, …From the Sea, in the early 1990s and has spent the last decade arguing that America’s grand strategy should center on fostering globalization’s advance, I greatly welcome the Department’s 2007 Maritime Strategic Concept that stated:

“United States seapower will be globally postured to secure our homeland and citizens from direct attack and to advance our interests around the world. As our security and prosperity are inextricably linked with those of others, U.S. maritime forces will be deployed to protect and sustain the peaceful global system comprised of interdependent networks of trade, finance, information, law, people and governance.’

I suggest a few tweaks to the remaining text.  Better yet, let’s throw it out and substitute the following text.

Read more