Cashing in on Cyberpower: How Interdependent Actors Seek Economic Outcomes in a Digital World by Mark T. Peters II. Potomac Books, 2018, 280 pp.
The 2017 National Security Strategy claims that “America’s response to the challenges and opportunities of the cyber era will determine our future prosperity and security.” It is now axiomatic that modern economies are critically dependent upon digital access to interdependent global markets and resources. But this dependence comes at a cost. It is a persistent struggle where state and nonstate actors exploit cyberspace vulnerabilities to further policy aims, disrupt political opponents, and financially benefit from illicit use of the internet. Cashing in on Cyberpower explores how interdependent actors use cyberspace to gain and maintain economic advantages in the era of globalism.
Leveraging his previous career Air Force intelligence and cyberspace experience, author Mark T. Peters II applies theory, analyzes data sources, and looks at case studies to discover how and why actors use cyberspace capabilities to influence state and nonstate economic systems. In one generation the global impact of the cyber era has drastically changed how we view and use traditional instruments of national power. Symmetrical military power is increasingly relegated to a lesser role for managing competition and conflict with the rise of the digital means for influencing state and nonstate actors in the international arena. As a result of this study, Cashing in on Cyberpower reveals important implications for cyber theorists, researchers, and security professionals.
The author fills an important niche for understanding cyberpower in the “global commons,” specifically in its potential to threaten or enhance the economic livelihoods of states and other financial actors. Because many cyberspace studies focus on security threats to networks, systems, and organizations, few follow through with economic implications. The author’s inquiry sought to answer the question: “how do state and nonstate actors use cyber means to achieve economic outcomes?” Peters developed eight hypotheses as a framework to focus subsequent analysis in support of the primary research question. Interdependence theory and how cyberpower influences economic outcomes provides the theoretical basis by which cyber means are analyzed in light of data derived from almost 200 instances of major cyberattacks. Peters then provides more in-depth analysis of how and why cyber means are used to influence economic outcomes with three case studies. He used both quantitative and qualitative assessments as his methodology.
Although international relations has many streams of thought to describe the international political environment, the author chose interdependence theory as his starting point. Originating in the neoliberal school of international relations, interdependence theory was developed by Robert Keohane and Joseph Nye in their 1977 book, Power and Interdependence. The three primary characteristics of their theory—developed before the cyber era—provide explanatory power for how cyberspace influences the international environment today: interconnected relationships between international actors across multiple channels, dispersed power structures operating across multiple channels rather than control from within traditional hierarchical organizations, and a reduced appetite for military solutions. The obvious strength of this theory is that it neatly dovetails with the cyberspace environment and current observations of the global system. The cyberspace environment is also characterized by similar attributes, and as Steven Pinker has also observed, military force is seemingly less applicable for solving modern problems. However, a limitation of this study points to further research and comparison with other international relations theories to determine the superiority of interdependence theory for predictive analysis. The theory is also suspect in its claim that military power is progressively less important. With the end of American primacy and the rise of multipolar military powers, there is greater potential for large-scale conflict.
Peters examines 197 cyberattack events from May 2006 to June 2015. Data collected from each attack is organized into multiple categories that are then analyzed to determine how cyber means are employed by actors to influence economic conditions. Chapter 4 painstakingly describes the method by which the data was analyzed. After crunching the data, Peters presents correlations between variables, data trends, and preferences for how the various actors actually use cyberpower. There are numerous charts and graphs that visually display the analyzed data. The author also conducted a case study analysis of three cyberattack events to determine if the general principles outlined in earlier chapters applied to specific incidences. The three events include the espionage-related hacking of the Japanese Trans-Pacific Partnership (TPP) negotiation strategy, a disruption of the Ukrainian power grid, and corporate intellectual property theft. His analysis concludes with an evaluation of his framework hypotheses. All but one of the eight supported the ability of the researcher to answer the primary research question.
Much of what we know about cyberspace is rapidly changing. Although the book was published in 2018, most of the data and research was assembled prior to 2015. In his discussion on cyber operations, much of what he discussed has been largely superseded by new doctrine, organizations, and approaches to cyber threats. His assumption that “cyberpower expressions may actually be more accessible than other means to researchers” is increasingly more difficult to defend. For example, there is a growing trend among corporations and financial interests to hide cyberattacks conducted for ransom or theft in order to protect investor and business partner confidence, which will likely affect future data collection efforts.
This is not a book for the casual reader. Nor is it a book for those seeking a narrative description to enhance their understanding of cyberspace. I would recommend this book for researchers and scholars interested in cyber-related data collection, analysis, and method. It is also a useful reference for cybersecurity practitioners and theorists. As with most dissertations that are published in book form, if the author wants access to wider audiences, the details of the methodology are better left to appendices rather than being part of the main body of the text.
LTC Kurt P. VanderSteen, USA, retired
US Army Command and General Staff College