Cybersecurity in National Defense: Understanding Adversarial Capabilities; Classified Information and Ethical Obligations

Wiler, Jonathan, School of Engineering and Applied Science, University of Virginia
Graham, Daniel, EN-Comp Science Dept, University of Virginia
Baritaud, Catherine, EN-Engineering and Society, University of Virginia

Information is a crucial tool, and it is a tool whose exchange today is managed in large quantities online. Information exchanges hands in many different ways on the internet, and as more devices connect to the web with more information to offer, it is important to expect that information will be protected, private, and safe. The technical research report examines how nation states adversarial to the United States attempt to breach this protection of information via cyberspace attacks. The STS research report explores a case study of Edward Snowden, a former employee of the United States government who leaked classified information in an attempt to protect the privacy of American citizens. Both reports examine the shifting dynamics of information in government and warfare, and how such an important and widespread tool needs to be protected.
As cyberspace expands and advances in importance, it becomes a more significant target for attacks from nation states that are adversarial to the United States. In fact, the United States has been the target of some pretty significant cyberattacks in recent years. Understanding the threat presented in the cybersphere by these adversarial nation states allows the United States to better promote national security in their cyberspace actions. The technical report covers an internship where an unclassified brief was prepared for customers of the Department of Defense to inform them of the capabilities and methods of the chief adversaries to the United States. A team of analysts identified threat actor groups and major attacks originating from these nations and used this evidence to assemble a list of typical attacks, motivations, and actor groups from each nation.
The technical report assessed that the nations of Russia and China possess an advanced capability for cyberattacks while the nations of North Korea and Iran possess a moderate to advanced capability for cyberattacks. All nations launch cyberattacks you would expect to see in most cases, such as phishing attacks where users are emailed links to infected sites with the hope that the victim will click the link and enter sensitive information, or zero-day exploits where threat actors will attempt to find an unidentified vulnerability in some software or hardware and use it to inject malware. Nation states also have different motivations for launching cyberattacks on the United States, ranging from political to economic.
The STS research investigates the question of ethics in the case of whistleblowing classified government information. The thesis statement is that there are certainly cases where whistleblowing this form of information is morally obligated, but there is the added obligation to the United States citizens if the information is exposed because of the potential harm it could cause to national security. The paper uses Actor-Network Theory (ANT) to explore the case of Edward Snowden, an employee for the United States government who exposed a program that was tracking data from United States citizens’ cell phones without their permission.
The paper uses ANT to examine how Snowden’s decision was ethical, but not a perfect example of how to handle such a situation. Snowden correctly assessed that the damage to national security would not outweigh the benefit to privacy given to Americans by the reveal of the information. However, Snowden did not use the available channels within the organization to raise an issue with the unethical collection, which he would have done in an ideal situation.
Overall, information and how it is treated in society remains critically important. How that information is protected will always be something on the forefront of the minds of leaders. The more we know about keeping information private and protected, the better we will be able to defend that privacy and safety.

BS (Bachelor of Science)
National Security, Cybersecurity, Edward Snowden, Classified Information

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Daniel Graham
STS Advisor: Catherine Baritaud

All rights reserved (no additional license for public reuse)
Issued Date: