Dr. Ben Buchanan discusses the latest trove of documents released by WikiLeaks.

In a drumbeat of news stories and corporate press releases, one phrase has dramatically grown in use over the last decade: “sophisticated cyber attack.” These words have been used to describe specific intrusions into telecommunication providers, insurance companies, social media hubs, banks, the Pentagon, a host of security firms, government agencies, research labs, movie studios, and much more. It seems the world is awash in sophisticated network intrusions. 

But if everything is sophisticated, nothing is. This paper unpacks “sophistication” in cyber operations, exploring what it means, and what it should mean, for an operation to attain such a status. It examines the incentives for victims and observers to overstate the sophistication of other actors. Additionally, it offers a more rigorous framework for defining the term that takes into account technical and operational factors. But deploying the lens of sophistication by itself can be misleading; this paper also explores the incentives some actors have to deploy less sophisticated capabilities. 
 

In this book, Cyber Security Project Fellow Dr. Ben Buchanan shows not only that the security dilemma applies to cyber operations, but also that the particular characteristics of the digital domain mean that the effects are deeply pronounced. The cybersecurity dilemma is both a vital concern of modern statecraft and a means of accessibly understanding the essential components of cyber operations.

Cyber Security Project Fellow Dr. Ben Buchanan discusses how the traditional concept of the "security dilemma" applies to conflict in cyberspace, arguing that as states play offense and defense in the digital domain, they risk tension no one wants.

Russian cyber operations against the United States aim to both collect information and develop offensive capabilities against future targets. Washington must strengthen its defenses in response.

This paper addresses a growing concern to one of the most fundamental components of our democracy: how cybersecurity risks can influence the integrity of our elections.

Encryption's new normal is changing the way in which states assert their sovereignty at home and abroad. Cryptography has gone mainstream. Now more than ever, encryption is used by ordinary citizens, often without their knowledge, and is a subject of national debate.