“A must-read…It reveals important truths.”
—Vint Cerf, Internet pioneer

“One of the finest books on information security published so far in this century—easily accessible, tightly argued, superbly well-sourced, intimidatingly perceptive.”
—Thomas Rid, author of Active Measures

Cyber attacks are less destructive than we thought they would be—but they are more pervasive, and much harder to prevent. With little fanfare and only occasional scrutiny, they target our banks, our tech and health systems, our democracy, and impact every aspect of our lives. Packed with insider information based on interviews with key players in defense and cyber security, declassified files, and forensic analysis of company reports, The Hacker and the State explores the real geopolitical competition of the digital age and reveals little-known details of how China, Russia, North Korea, Britain, and the United States hack one another in a relentless struggle for dominance. It moves deftly from underseas cable taps to underground nuclear sabotage, from blackouts and data breaches to election interference and billion-dollar heists.

Ben Buchanan brings to life this continuous cycle of espionage and deception, attack and counterattack, destabilization and retaliation. Quietly, insidiously, cyber attacks have reshaped our national-security priorities and transformed spycraft and statecraft. The United States and its allies can no longer dominate the way they once did. From now on, the nation that hacks best will triumph.

“A helpful reminder…of the sheer diligence and seriousness of purpose exhibited by the Russians in their mission.”
—Jonathan Freedland, New York Review of Books

“The best examination I have read of how increasingly dramatic developments in cyberspace are defining the ‘new normal’ of geopolitics in the digital age.”
—General David Petraeus, former Director of the CIA

“Fundamentally changes the way we think about cyber operations from ‘war’ to something of significant import that is not war—what Buchanan refers to as ‘real geopolitical competition.’”
—Richard Harknett, former Scholar-in-Residence at United States Cyber Command

Are nuclear arsenals safe from cyber-attack? Could terrorists launch a nuclear weapon through hacking? Are we standing at the edge of a major technological challenge to global nuclear order? These are among the many pressing security questions addressed in Andrew Futter’s ground-breaking study of the cyber threat to nuclear weapons.

Hacking the Bomb provides the first ever comprehensive assessment of this worrying and little-understood strategic development, and it explains how myriad new cyber challenges will impact the way that the world thinks about and manages the ultimate weapon. The book cuts through the hype surrounding the cyber phenomenon and provides a framework through which to understand and proactively address the implications of the emerging cyber-nuclear nexus. It does this by tracing the cyber challenge right across the nuclear weapons enterprise, explains the important differences between types of cyber threats, and unpacks how cyber capabilities will impact strategic thinking, nuclear balances, deterrence thinking, and crisis management. The book makes the case for restraint in the cyber realm when it comes to nuclear weapons given the considerable risks of commingling weapons of mass disruption with weapons of mass destruction, and argues against establishing a dangerous norm of “hacking the bomb.”

This timely book provides a starting point for an essential discussion about the challenges associated with the cyber-nuclear nexus, and will be of great interest to scholars and students of security studies as well as defense practitioners and policy makers.

Russia has deployed cyber operations to interfere in foreign elections, launch disinformation campaigns, and cripple neighboring states—all while maintaining a thin veneer of deniability and avoiding strikes that cross the line into acts of war. How should a targeted nation respond? In Russian Cyber Operations, Scott Jasper dives into the legal and technical maneuvers of Russian cyber strategies, proposing that nations develop solutions for resilience to withstand future attacks.

Jasper examines the place of cyber operations within Russia’s asymmetric arsenal and its use of hybrid and information warfare, considering examples from French and US presidential elections and the 2017 NotPetya mock ransomware attack, among others. A new preface to the paperback edition puts events since 2020 into context. Jasper shows that the international effort to counter these operations through sanctions and indictments has done little to alter Moscow’s behavior. Jasper instead proposes that nations use data correlation technologies in an integrated security platform to establish a more resilient defense.

Russian Cyber Operations provides a critical framework for determining whether Russian cyber campaigns and incidents rise to the level of armed conflict or operate at a lower level as a component of competition. Jasper’s work offers the national security community a robust plan of action critical to effectively mounting a durable defense against Russian cyber campaigns.

Cyber weapons and the possibility of cyber conflict—including interference in foreign political campaigns, industrial sabotage, attacks on infrastructure, and combined military campaigns—require policymakers, scholars, and citizens to rethink twenty-first-century warfare. Yet because cyber capabilities are so new and continually developing, there is little agreement about how they will be deployed, how effective they can be, and how they can be managed.

Written by leading scholars, the fourteen case studies in this volume will help policymakers, scholars, and students make sense of contemporary cyber conflict through historical analogies to past military-technological problems. The chapters are divided into three groups. The first—What Are Cyber Weapons Like?—examines the characteristics of cyber capabilities and how their use for intelligence gathering, signaling, and precision striking compares with earlier technologies for such missions. The second section—What Might Cyber Wars Be Like?—explores how lessons from several wars since the early nineteenth century, including the World Wars, could apply—or not—to cyber conflict in the twenty-first century. The final section—What Is Preventing and/or Managing Cyber Conflict Like?—offers lessons from past cases of managing threatening actors and technologies.