People walking in front of building

Journal of Peace Research: Special Issue 
Cyber-Conflict: Moving from Speculation to Investigation

Investigating cyber-conflict has proven to be enormously difficult. This special issue lays out a vision of cybersecurity research that embraces a culture of rigorous inquiry based on theoretically robust, and policy relevant investigation. The 11 articles that make up this issue collectively highlight two key features that are needed to rejuvenate research into cyber conflict.

First, research at the intersection of cybersecurity and political science must incorporate the human dimension of cyber conflict. By viewing cybersecurity through a human lens, and exploring the behaviors and decisions of attackers, victims, and decision-makers, we lower the resolution of inquiry to smaller and more precise units of analysis. Applying this microfoundational lens allows us to identify how predictably irrational human behavior maps onto international relations in cyberspace. Second, cyber research must widely adopt rigorous, creative, and empirical methods. Whether by using immersive experimental stimuli, and dedicated wargaming exercises, or be it by in-depth case studies, or generating novel datasets, our special issue proves once and for all that high-quality empirical cyber research is now widely available.

What this special issue accomplishes is to aggregate 11 pieces of scholarship that collectively affirm that there is now a critical mass of substantively diverse and empirically rigorous research in the field of cybersecurity, and that we as a community are capable of making bold, accurate, theoretically grounded, and empirically tested claims that verify how cyber power is or is not altering the nature of peace, conflict and international relations.

Edited by Ryan Shandler (Georgia Tech) & Daphna Canetti (University of Haifa)

Image
decorative logo

Published Special Issue Articles

How the process of discovering cyberattacks biases our understanding of cybersecurity

Social scientists do not directly study cyberattacks; they draw inferences from attack reports that are public and visible. Like human rights violations or war casualties, there are missing cyberattacks that researchers have not observed. The existing approach is to either ignore missing data and assume they do not exist or argue that reported attacks accurately represent the missing events. This article is the first to detail the steps between attack, discovery and public report to identify sources of bias in cyber data.

By Harry Oppenheimer (University of California) 

Abducted by hackers: Using the case of Bletchley Park to construct a theory of intelligence performance that generalizes to cybersecurity

Most cyber intrusions are a form of intelligence rather than warfare, but intelligence remains undertheorized in international relations (IR). This article develops a theory of intelligence performance at the operational level, which is where technology is most likely to affect broader political and military outcomes. It uses the pragmatic method of abduction to bootstrap general theory from the historical case of Bletchley Park in World War II.

By Jon Lindsay (Georgia Tech) 

Cyberattacks and public opinion – The effect of uncertainty in guiding preferences

When it comes to cybersecurity incidents – public opinion matters. But how do voters form opinions in the aftermath of cyberattacks that are shrouded in ambiguity? How do people account for the uncertainty inherent in cyberspace to forge preferences following attacks? This article seeks to answer these questions by introducing an uncertainty threshold mechanism predicting the level of attributional certainty required for the public to support economic, diplomatic or military responses following cyberattacks.

By Ryan Shandler (Georgia Tech), Eric Jardine (Chainalysis), and Nathaniel Porter (Virginia Tech)

Who spies on whom? Unravelling the puzzle of state-sponsored cyber economic espionage

Traditional conceptions of state-sponsored cyber economic espionage suggest that countries with different product profiles should experience high levels of espionage between them. However, this is not what we observe empirically. Incidence of economic espionage tends to be prevalent between countries with similar product and manufacturing profiles. This suggests that we may be missing critical parts of what drives state-sponsored cyber economic espionage.

By William Akoto (American University)

Cyber and contentious politics: Evidence from the US radical environmental movement

This article ties together these strands – concerns over climate change, anti-technology attitudes, cyberattacks, and attitudes towards contentious tactics – to form cohesive theory about technology, threat, and contentious politics.

The authors focus on three sets of questions:

  1. How does the American public view different types of contentious eco tactics known as eco direct actions?
  2. How do the threat of climate change and attitudes towards technology shape support for different tactics?
  3. How do eco activists and experts think about the role of technology and cyber tactics in shaping tactics surrounding the broader radical environmental movement?

By Thomas Zeitzoff and Grace Gold (American University) 

If it bleeps it leads? Media coverage on cyber conflict and misperception

What determines media coverage on cyber conflict (CC)? Media bias fostering misperception is a well-established problem in conflict reporting. Because of the secrecy and complexity surrounding cyber operations (COs), where most data moreover come from marketing publications by private sector firms, this problem is likely to be especially pronounced in reporting on cyber threats. Because media reporting shapes public perception, such bias can shape conflict dynamics and outcomes with potentially destabilizing consequences. Yet little research has examined media bias systematically.

By Christos Makridis (Stanford University), Lennart Maschmeyer, and Max Smeets (ETH Zürich)

How cyber operations can reduce escalation pressures: Evidence from an experimental wargame study

Cyber operations ranging from deception and espionage to disruption and high-end degradation have become a central feature of modern statecraft in the digital age, yet we lack a clear understanding of how decision-makers employ and respond to cyber operations in times of crisis. Our research provides theoretical mechanisms and empirical evidence for understanding how decision-makers react to cyber triggers and utilize cyber responses during crises.

By Benjamin Jensen (Marine Corps University), Brandon Valeriano (Seton Hall University), and Sam Whitt (High Point University) 

Allies and diffusion of state military cybercapacity

Understanding the diffusion of military capabilities is a central issue in international relations. Despite this, only a few works attempt to explain this phenomenon, focusing on threats. This article explains why threats alone cannot account for cybercapacity-development diffusion and introduces a more consistent explanation: the role of alliances. Allies with cybercapacity help partner-countries without cybercapacity start developing their own capacity to increase the alliance’s overall security by reducing mutual vulnerabilities in cyberspace.
 
By Nadiya Kostyuk (Georgia Tech)

Cyber-enabled influence operations as a ‘center of gravity’ in cyberconflict: The example of Russian foreign interference in the 2016 US federal election

Russia’s cyber-enabled influence operations (CEIO) have garnered significant public, academic and policy interest. 126 million Americans were reportedly exposed to Russia’s efforts to influence the 2016 US election on Facebook. Indeed, to the extent that such efforts shape political outcomes, they may prove far more consequential than other, more flamboyant forms of cyber conflict. Importantly, CEIOs highlight the human dimension of cyber conflict. Focused on ‘hacking human minds’ and affecting individuals behind keyboards, as opposed to hacking networked systems, CEIOs represent an emergent form of state cyber activity.
 
By: Jelena Vićić (Leiden University) and Erik Gartzke (University of California, San Diego)
 

Special Data Feature

Until consensus: Introducing the International Cyber Expression dataset

Extant scholarship has until now relied on informal-theoretic, case study, and interpretative methods to assess patterns of norm development in cyberspace. Ideally, these accounts would be complemented with more systematic cross-national and longitudinal empirical evidence. To address this gap, this article introduces the International Cyber Expression Dataset.

By Justin Key Canfil (Carnegie Mellon University)