Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Chaos and Coercion with Cyber Weapons: Technical and Organizational Dimensions - FSI Stanford

Yosem Companys companys at
Mon May 12 20:00:04 PDT 2014


Chaos and Coercion with Cyber Weapons: Technical and Organizational Dimensions  


May 15, 2014
3:30 PM - 5:00 PM


Open to the public
No RSVP required


What's the worst a malicious actor can do on the Internet with 100 lines of code? What technical and organizational capacities could routinely cause such effects? How much would it cost to develop them and who can do it?

It has become conventional wisdom among academic researchers that cyber weapons are relatively cheap, easy to produce, offensively advantaged, and destined to diffuse to all governments. The evidence used to make these points, however, is typically at the level of anecdotes related to how headache-inducing malware has propagated quickly and been authored by young individuals with some technical skills. Almost no extant research explores what is necessary to produce cyber power, and which aspects of those processes are most challenging.

This presentation uses the example of a technical approach, global machine scanning, as a case study of how cyber operations capable of routinely causing large-scale effects may be organized. "Machine scanning" is a term for automated processes to explore the entire Internet space to find vulnerable devices and other computer systems that may be exploited to cause cyber and physical effects.

I draw on machine scanning data to demonstrate how small inputs into complex technical systems can cause tremendous consequences -- including interrupting supply chains, disrupting entire business sectors, stopping critical infrastructure services, and denying use of a substantial fraction of the global Internet.

While my analysis shows a guiding logic and many examples of new ways that cyber weapons could be used to cause chaos, I also explain the difficulties in linking such technical operations to broader bureaucratic processes and political decision-making. Chaos does not equal coercion. Incorporating the techniques I describe into a broader cyber warfare work flow is a separate and understudied challenge.


Tim Junio is a cybersecurity postdoctoral fellow at CISAC and received his PhD in political science from the University of Pennsylvania in 201. Dr. Junio’s dissertation focused on principal-agent problems among bureaucracies responsible for cyber operations in the United States, South Korea, and Taiwan, particularly focusing on the military “cult” of the cyber offensive. For the last several years, Dr. Junio has developed new cyber capabilities at the Defense Advanced Research Projects Agency (DARPA), and previously worked on cyber security strategy and analysis for the Office of the Secretary of Defense, RAND Corporation, and Central Intelligence Agency.


CISAC Conference Room
Encina Hall Central, 2nd floor
616 Serra St.
Stanford University
Stanford, CA 94305


Catherine McMillan <camcmill at>

More information about the liberationtech mailing list