Scholarly Works, Political Science

Permanent URI for this collection

https://hdl.handle.net/10919/24327

Browse

Browsing Scholarly Works, Political Science by Author "Brantly, Aaron F."

Now showing 1 - 20 of 30
  • Thumbnail Image
    Analyzing the Russian Way of War: Evidence from the 2008 Conflict with Georgia
    Beehner, Lionel; Collins, Liam; Ferenzi, Steve; Person, Robert; Brantly, Aaron F. (Modern War Institute, 2018-03-20)
    In the dog days of August 2008, a column of Russian tanks and troops rolled across the Republic of Georgia’s northern border and into South Ossetia, sparking a war that was over almost before it began. The war, while not insignificant, lasted all of five days. The number of casualties did not exceed one thousand, the threshold most political scientists use to classify a war, although thousands of Georgians were displaced. By historical comparison, when Soviet tanks entered Hungary in 1956 and Afghanistan in 1979–89, the fatalities totaled 2,500 and roughly 14,000 respectively.1 The Russia-Georgia conflict was a limited war with limited objectives, yet it was arguably a watershed in the annals of modern war. It marked the first invasion by Russian ground forces into a sovereign nation since the Cold War. It also marked a breakthrough in the integration of cyberwarfare and other nonkinetic tools into a conventional strategy— what some observers in the West have termed “hybrid warfare.” Finally, and perhaps most importantly, it provided a stark preview of what was to come in Ukraine in 2014. Russian “peacekeepers,” including unmarked Russian special forces—or Spetsnaz—stationed in the region carried out an armed incursion. That is, Russia used separatist violence as a convenient pretext to launch a full-scale multidomain invasion to annex territory, a type of aggression that many analysts in the West thought was a relic of the twentieth century. The 2008 Russia-Georgia War highlights not a new form of conflict but rather the incorporation of a new dimension to that conflict: cyberspace. Where states once tried to control the radio waves, broadcast television channels, newspapers, or other forms of communications, they now add to these sources of information control cyberspace and its component aspects, websites, and social media.2 This allows Russia to influence audiences around the world. Propaganda, disinformation, and the manipulation of the informational aspects of both conflict and nonconflict settings has been a persistent attribute of state behavior.3 The new dimension added to the conduct of hostilities created by cyberspace is both a challenge to conventional hybrid information manipulation tactics and a benefit. Even though the tactical gains achieved through cyberspace in Georgia by Russian non-state actors had limited impact, the strategic and psychological effects were robust. The plausibly deniable nature of the cyber side of conflict should not be understated and adds a new dimension to hybrid warfare that once required state resources to accomplish. Now, managed through forums and social media, decentralized noncombatants can join the fight. Arguably, the inclusion of cyber means into a kinetic battle, not as a standalone effect but rather as a force multiplier, constitutes a logical progression to the natural evolution of conflict and demonstrates the value of information operations (IO) during conflict.
  • Thumbnail Image
    Back to Reality: Cross domain deterrence and cyberspace
    Brantly, Aaron F. (2018-09-01)
    This paper examines cross domain deterrence strategies involving cyber incidents. By focusing on efforts to halt Russian and Chinese cyber operations against the United States this paper examines the importance of developing, maintaining and implementing (when necessary) cross domain deterrence strategies. This paper departs from more theoretic debates on the value and potential success, or lack thereof relating to cyber deterrence strategies and focuses on two cases in which cross domain retaliations were utilized to halt adversary behavior. From these two cases this paper posits a preliminary theory of cross domain deterrence applicable to cyber interactions between states and advances the debates in the field by shifting the center of gravity away from within domain responses to other mechanisms to deter adversary behavior.
  • Thumbnail Image
    Battling the bear: Ukraine's approach to national cyber and information security
    Brantly, Aaron F. (Routledge, 2022-01)
    Ukraine has faced substantial challenges across multiple fronts in its successful 2014 Revolution of Dignity. Among the greatest challenges Ukraine has faced is the establishment of a national cybersecurity infrastructure capable of withstanding cyberattacks and information operations against military and civilian infrastructures. Ukraine’s experience is counterintuitive to the constant refrain in cyberspace regarding asymmetric advantage. Ukraine has struggled with the help of European and NATO allies to forge multiple organizational structures capable of facilitating national information and cyber defense. This work offers detailed analysis on the construction of national information resilience and cyber capabilities by a medium-sized state under duress and coercion from an adversary state by leveraging interviews with and documents from Ukrainian ministers, general staffs, security service personnel, soldiers, journalists, civilians, and academics conducted over two years. The result is analysis that informs the underlying notions about small to medium state defenses in relation to well-resourced adversaries.
  • Thumbnail Image
    Battling the Bear: Ukraine's Approach to National Cybersecurity
    Brantly, Aaron F. (2018-09-29)
    Ukraine has faced substantial challenges across multiple fronts its successful 2014 Revolution of Dignity. Among the greatest challenges Ukraine has faced is the establishment of a national cybersecurity infrastructure capable of withstanding cyberattacks and information operations against military and civilian infrastructures. Ukraine’s experience is counterintuitive to the constant refrain in cyberspace regarding asymmetric advantage. Ukraine has struggled with the help of European and NATO allies to forge multiple organizational structures capable to facilitating national cyber defense. This work offers detailed analysis on the construction of national cyber capabilities by a medium sized state under duress and coercion from an adversary state by leveraging interviews with and documents from Ukrainian ministers, General Staffs, Security Service personnel, soldiers, journalists, civilians and academics conducted over two years. The result is analysis that informs the underlying notions about small to medium state cyber defenses in relation to well-resourced adversaries.
  • Thumbnail Image
    Biopolitics: Power, Pandemics and War
    Brantly, Aaron F.; Brantly, Nataliya D. (Elsevier, 2023-01-26)
    COVID-19 and the subsequent global response have had a profound impact on the public health, economic health, and political health in nearly every country. This article examines the biopolitics of power and pandemics in war. Three case studies are presented: the Spanish influenza outbreak of 1918–1920 and responses to the COVID-19 outbreak in both Syria and in eastern Ukraine. The pandemic's impact has been particularly acute in active warzones, undermining the ability of governments and organizations to enforce public health recommendations, provide for the care of patients, secure supplies, and transmit information.
  • Thumbnail Image
    Biopolitics: Power, Pandemics and War
    Brantly, Aaron F.; Brantly, Nataliya D. (2022-03-24)
    COVID-19 and the subsequent global response has had a profound impact on the public health, economic health, and political health in nearly every country. The impact of the pandemic has been particularly acute in active warzones where the ability to enforce public health recommendations, to provide for the care of patients, to secure supplies, and transmit information are all undermined. This paper examines the biopolitics of power and pandemics in war. The paper is rooted in three case studies, the Spanish Influenza Outbreak of 1918-1920 and the COVID-19 outbreak and response in Syria, and Eastern Ukraine. The central question posed is how does war influence the biopolitics of public health in active warzones?
  • Thumbnail Image
    Conceptualizing Cyber Deterrence by Entanglement
    Brantly, Aaron F. (2018-03-01)
    Dr. Brantly was invited to give one of three keynote lectures for the opening of the Cyber Governance and Policy Center at the University of Oklahoma.
  • Thumbnail Image
    CoSINT: Designing a Collaborative Capture the Flag Competition to Investigate Misinformation
    Venkatagiri, Sukrit; Mukhopadhyay, Anirban; Hicks, David; Brantly, Aaron F.; Luther, Kurt (ACM, 2023-07-10)
    Crowdsourced investigations shore up democratic institutions by debunking misinformation and uncovering human rights abuses. However, current crowdsourcing approaches rely on simplistic collaborative or competitive models and lack technological support, limiting their collective impact. Prior research has shown that blending elements of competition and collaboration can lead to greater performance and creativity, but crowdsourced investigations pose unique analytical and ethical challenges. In this paper, we employed a four-month-long Research through Design process to design and evaluate a novel interaction style called collaborative capture the fag competitions (CoCTFs). We instantiated this interaction style through CoSINT, a platform that enables a trained crowd to work with professional investigators to identify and investigate social media misinformation. Our mixed-methods evaluation showed that CoSINT leverages the complementary strengths of competition and collaboration, allowing a crowd to quickly identify and debunk misinformation. We also highlight tensions between competition versus collaboration and discuss implications for the design of crowdsourced investigations.
  • Thumbnail Image
    Countering the Cyber Threat
    Brantly, Aaron F.; Henry, Shawn (The Army Cyber Institute, 2018-05-09)
    The current path to national cybersecurity hides a fatal design flaw. Resident within the current national approach is the assumption that we can continue business as usual with limited sharing between the public and the private sector, the creation of information sharing and analysis centers, the National Cybersecurity and Communications Integration Center, and a range of ad hoc local, state and federal organizations each addressing a slice of a complex and highly interconnected environment. The result is a lack of integrated coordination, continued hacks, and a public increasingly weary of all things cyber. We are approaching the current challenge as if we are living in August of 2001, ignorant and oblivious to the tragedies just over the horizon. All the while the private sector treats each incident in isolation, highly focused on their slice of a broader digital ecosystem. In the aftermath of the 9/11 attacks, Congress, the executive agencies and departments, and the judicial system in coordination with the will of the American people moved swiftly on legislation and strategies to address a complex asymmetric threat. While many of these new pieces of legislation failed in the courts, the unity of effort and the subsequent cooperative environment across all levels of government, and with the private sector, have arguably altered the national security posture and environment within the United States. Most of these changes have created a safer and more resilient domestic environment that has largely been spared the ravages of foreign-inspired terrorism. While not perfect, the current approaches adapted through years of learning, information sharing, and practice have safeguarded the homeland in an increasingly dangerous world. Lessons from the last 16 years of countering terrorism (CT) should serve as a roadmap for developing a robust, whole-of-society approach to safeguarding the homeland against the threats emanating from cyberspace looming beyond view.
  • Thumbnail Image
    Critical Protection for the Network of Persons
    Hiller, Janine S.; Berger-Walliser, Gerlinde; Brantly, Aaron F. (University of Pennsylvania School of Law, 2022)
    The world is facing a future of sensored surveillance, filled with pervasive ultra-small connected devices, added to relatively larger ones already present in appliances and everyday technology today. Sensors will be bound to people as well as the environment, and people will provide much of the data that will compose the fundamental building blocks of a decisional infrastructure. Threats emanating from incompetence, unethical conduct, criminals, and nation states will put national security at increased risk because of new levels of potential harm to individual citizens as well as potential damage to physical infrastructure. A future that includes intimate electronic connections with a person’s body creates an imperative to secure a Network of Persons (NoP), rather than of things. Sensor driven collection of huge amounts of data from individuals can impact the fundamental meaning of citizenship, affect economic prosperity, and define personal identity, all in a world composed of dwindling nodes of mediation between humans and automated systems. Intimately connected technology is increasingly interweaving persons in ways that extend the importance and relevance of critical infrastructure protections to the person. The present disjointed and fragmented approaches of Europe and the United States exacerbate the problems and elevate the importance of reconsidering designations of critical infrastructure. A new designation of a Critical Network of Persons (CNoP) does not obviate or alleviate the risks associated with the technologies; rather, it begins to shift the burden of risk mitigation and protection away from those least capable, towards the state and its partners. This paper proposes critical infrastructure protection for life critical functions in the NoP and argues that because the person is the building block for this critical infrastructure protection, the government’s duty is qualitatively different from its duty to protect other critical infrastructures. Establishing a CNoP reorients the scope and focus to that of the citizen, the person—the building block of the nation. Ensuring the security at the individual level is imperative for maintaining national security for all.
  • Thumbnail Image
    Cyber Actions by State Actors: Motivation and Utility
    Brantly, Aaron F. (2014-05-12)
    Covert action is as old as political man. The subversive manipulation of others is nothing new. It has been written about since Sun Tzu and Kautilya. People and nations have always sought the use of shadowy means to influence situations and events. Covert action is and has been a staple of the state system. A dark and nefarious tool often banished to philosophical and intellectual exile, covert action is in truth an oft-used method of achieving utility that is frequently overlooked by academics. Modern scholars contend that, for utility to be achieved, activities such as war and diplomacy must be conducted transparently. Examined here is the construction of utility for a subset of covert action: cyber attacks.
  • Thumbnail Image
    The Cyber Deterrence Problem
    Brantly, Aaron F. (Nato Ccd Coe, 2018-05-30)
    What is the role of deterrence in an age where adept hackers can credibly hold strategic assets at risk? Do conventional frameworks of deterrence maintain their applicability and meaning against state actors in cyberspace? Is it possible demonstrate credibility with either in-domain or cross-domain signaling or is cyberspace fundamentally ill-suited to the application of deterrence frameworks? Building on concepts from both rational deterrence theory and cognitive theories of deterrence this work attempts to leverage relevant examples from both within and beyond cyberspace to examine applicability of deterrence in the digital age and for digital tools in an effort to shift the conversation from Atoms to Bits and Bytes.
  • Thumbnail Image
    The Cyber Losers
    Brantly, Aaron F. (2014-05-22)
    National security cyber activities harm human rights and democracy activists. With increasing state cyber capabilities comes heightened pressure on civil society and democracy activists.We often think of the cyber arms race from the perspective of states and corporations; however, the real losers are activists who seek to promote democracy, development, and human rights. This article examines how advances in national security activities have created a new spectrum of issues for activists not previously encountered, and posits a theory of externalities emanating from the cyber arms race.
  • Thumbnail Image
    Defending the Borderland: Ukrainian Military Experiences with IO, Cyber, and EW
    Brantly, Aaron F.; Cal, Nerea M.; Winkelstein, Devlin P. (Army Cyber Institute at West Point, 2017-12-01)
    Ukraine is currently experiencing a conflict in two separate regions within its boundaries that challenges traditional conceptions of war, intervention, international law, and peacekeeping. The involvement of foreign military forces, unaffiliated foreign fighters, domestic rebels, irregular military units, and civilians in the conflict it a case study in hybrid warfare. This report seeks to understand the current state of hybrid warfare in Ukraine with a particular emphasis on the use of Information Operations (IO), Electronic Warfare (EW), and Cyber Operations (CO). We examine Ukraine’s technical, training, political-legal, financial, and cultural vulnerabilities and illustrate how Russian and Russian-backed actors have tailored their IO, CO, and EW operations in Ukraine to exploit these vulnerabilities to achieve their strategic objectives. This model of hybrid warfare has affected Ukraine militarily and domestically and has had geopolitical implications within the region and the broader international community. We argue that the conflict in Ukraine serves as a testing ground for a new, more complex and dynamic form of hybrid warfare for which the United States Army and Department of Defense (DoD) must be prepared. Developing a robust and detailed understanding of the conditions that enabled this style of warfare and how Russia has exploited those conditions in Ukraine will serve to inform strategists and decision-makers of the measures that must be taken to prevent or counter future uses. The context in which hybrid warfare has transpired in Ukraine is important as it forms the starting point for all subsequent findings on the impact of cyber, IO and EW on Ukraine’s military and society. This report focuses on the military impact of hybrid warfare, a future report building on these findings will focus on the societal impact. Our analysis is based on two weeks of in country meetings conducted with members of the Ukrainian government, military leadership and rank and file, volunteer battalions, members of the academic community, military industrial and commercial sectors as well as civilians. The result is an analytical work that provides an array of insights into many of the technical and societal aspects of a complex conflict.
  • Thumbnail Image
    The Efficacy of European Union Spyware Regulations
    Phillips, Riley (Tech4Humanity Lab, 2023-12-01)
    Supranational organizations like the European Union (EU) have struggled to enforce successful legal frameworks that adequately regulate and enforce the export and misuse of malware technologies. Considering the Pegasus Project and the newly released Predator Files, EU systems of regulation fall short at addressing the broader malware market abuse, production, and proliferation. Despite numerous export regulations EU states membership in the acclaimed organization has provided a false sense of security and accountability for the upholding of human rights. Pegasus Project and Predator files reveal the mass proliferation of spyware throughout the EU by leveraging its vague export controls and state centered accountability methods. The 2022 EU directive and legislation efficacy fails to uphold export arrangements and by extension United Nations (UN) and EU human rights standards through terminological loopholes and proliferative export regulations.
  • Thumbnail Image
    An Exploratory Mixed-methods Study on General Data Protection Regulation (GDPR) Compliance in Open-Source Software
    Franke, Lucas; Liang, Huayu; Farzanehpour, Sahar; Brantly, Aaron F.; Davis, James C.; Brown, Chris (ACM, 2024-10-24)
    Background: Governments worldwide are considering data privacy regulations. These laws, such as the European Union’s General Data Protection Regulation (GDPR), require software developers to meet privacy-related requirements when interacting with users’ data. Prior research describes the impact of such laws on software development, but only for commercial software. Although opensource software is commonly integrated into regulated software, and thus must be engineered or adapted for compliance, we do not know how such laws impact open-source software development. Aims: To understand how data privacy laws affect open-source software (OSS) development, we focus on the European Union’s GDPR, as it is the most prominent such law. We investigated how GDPR compliance activities influence OSS developer activity (RQ1), how OSS developers perceive fulfilling GDPR requirements (RQ2), the most challenging GDPR requirements to implement (RQ3), and how OSS developers assess GDPR compliance (RQ4). Method:We distributed an online survey to explore perceptions of GDPR implementations from open-source developers (N=56). To augment this analysis, we further conducted a repository mining study to analyze development metrics on pull requests (N=31,462) submitted to open-source GitHub repositories. Results: Our results suggest GDPR policies complicate OSS development and introduce challenges, primarily regarding the management of users’ data, implementation costs and time, and assessments of compliance. Moreover, we observed negative perceptions of the GDPR from OSS developers and significant increases in development activity, in particular metrics related to coding and reviewing, on GitHub pull requests related to GDPR compliance. Conclusions: Our findings provide future research directions and implications for improving data privacy policies, motivating the need for relevant resources and automated tools to support data privacy regulation implementation and compliance efforts in OSS.
  • Thumbnail Image
    A First Look at the General Data Protection Regulation (GDPR) in Open-Source Software
    Franke, Lucas; Liang, Huayu; Brantly, Aaron F.; Davis, James C.; Brown, Chris (ACM, 2024-04-14)
    This poster describes work on the General Data Protection Regulation (GDPR) in open-source software. Although open-source software is commonly integrated into regulated software, and thus must be engineered or adapted for compliance, we do not know how such laws impact open-source software development. We surveyed open-source developers (N=47) to understand their experiences and perceptions of GDPR. We learned many engineering challenges, primarily regarding the management of users’ data and assessments of compliance. We call for improved policy-related resources, especially tools to support data privacy regulation implementation and compliance in open-source software.
  • Thumbnail Image
    The Most Governed Ungoverned Space: Legal and Policy Constraints on Military Operations in Cyberspace
    Brantly, Aaron F. (2016)
    Winning wars in cyberspace might sound easy: the click of a mouse or the press of the enter key on a keyboard. Yet, the web of networks that constitutes cyberspace is imbued with challenges. Seemingly every day there is a new story of a government, business, or individual, suffering from a serious hack. These hacks are often attributed to state actors or transnational criminal organizations. Combined, the almost daily revelations of serious incidents compound a common misperception that cyberspace is an ungoverned space. The reality of cyberspace, however, is far different and constitutes a complex environment of overlapping jurisdictions. The overlapping geographic, legal, and technical boundaries affect everything from the freedom of information to the decision to engage in military operations. Technical specifications as well as laws and policies established by local and national governments, international institutions, non-governmental organizations, and corporations form the decision-making framework for national policymakers and military commanders. Understanding how all the elements of cyberspace interact provides context for when, why and how the United States engages in military operations in cyberspace. This paper examines the complexities of the environment and their impact on the decisions of states (with emphasis placed on the United States) to engage in offensive cyber operations, cyber exploitation, and defensive cyber operations against other states and non-state actors. Moreover, it examines the important role that overlapping governmental and non-governmental organizations have in affecting the types of behaviors that occur within cyberspace.
  • Thumbnail Image
    Narrative Battles: The Impact Open-Source Intelligence on the Framing of Russia’s War on Ukraine
    Brantly, Aaron F. (2022-10-13)
    The War in Ukraine has been ongoing since 2014. Since the outset hostilities have coincided with a new era in decentralized, technologically enabled intelligence known as open-source intelligence (OSINT). OSINT increasingly shapes the domestic and global narratives surrounding the conflict. Winning the narrative war is critical to overall strategic and tactical successes on the battlefield and beyond. The volume and velocity of OSINT generated since the escalation in hostilities initiated by the Russian Federation on February 24th, 2022, is the result of a confluence of factors that creates an information battle that contextualizes and frames the political, military, economic, societal, informational, infrastructural, physical environmental, and temporal aspects of the conflict (PMESSI-PT). Shaping global, and in particular allied, perceptions of all the variables within of the PMESSI-PT model are critical sustaining and building support. This analysis examines how the dramatic increase in OSINT in Ukraine has both facilitated and hindered the Ukraine’s efforts to counter Russian aggression.
  • Thumbnail Image
    Oil and War: Unpacking the Putin - Mohammed bin Salman Matryoshka
    Brantly, Aaron F. (Tactics Institute for Security and Counter Terrorism, 2022)