Cyber Operations

The Evolution of Information Warfare in Ukraine: 2014 to 2022


In January 2022, Russian forces began building up on the Ukrainian border prior to entering Ukraine in what was termed a ‘special military operation’ in support of ethnic Russians. In the ten months of conflict, there has been a range of information warfare tactics deployed, most notably disinformation and cyber operations. Ukraine is a particularly useful case study due to the ongoing tensions and low-intensity conflict, since the social media-led uprisings and annexation of Crimea in 2014. This article conducts an analysis of the information warfare in the Russo-Ukraine conflict, and contrasts this to prior operations to illustrate the evolution, limitations, and possible future of information warfare during a kinetic conflict.

Cyber Offensive Operations in Hybrid Warfare: Observations from the Russo-Ukrainian Conflict


The role of cyber offensive operations has been under increasing attention in the recent Russo-Ukrainian conflict. The interaction between Russia and Ukraine provides many important insights to the future of hybrid conflict, incorporating cyber offensive operations. There are contextual factors related to the Russo-Ukrainian conflict which require assessment before enduring lessons can be developed. The technical nature of cybersecurity and the constant evolution of both technology and geopolitical affairs mean that each conflict is likely to require an assessment against specific criteria before a stable theory of cyber offensive operations can be captured in the context of hybrid and kinetic warfare. The seven factors presented within this paper are intended to assist future researchers to build a theory of cyber offensive operations, when more data comes to light in future hybrid conflicts.

Information Influence in Society’s Information Environment: An Empirical Analysis Using the Grounded Theory


This paper investigates information influence in society’s Information Environment. The Grounded Theory approach was used to collect and to analyse the data. A conceptual framework of the thematic categories and item categories was developed on the basis of empirical evidence and past studies that reflect the findings of the field. The most fundamental components in this conceptual framework were six thematic categories (information influence, information operations, cyber operations, psychological operations, kinetic operations, and deception), their item categories, the items themselves, and the interrelationships between the thematic categories. 

International Humanitarian Law and its Applicability to the South African Cyber Environment


Although International Humanitarian Law (IHL) is considered applicable to all forms of warfare including future warfare, it does not regulate cyberwarfare in its current form. The South African government has introduced the National Cybersecurity Policy Framework and the Cybercrimes Bill in addition to existing Information Communications Technology legislation. However, the areas of jus in bello (just war) and jus ad bellum (the right to go to war) have not been sufficiently addressed regarding cyberwarfare. This paper seeks to explore the interaction between cyberattacks and IHL and its applicability to the South African cyber environment with an overview of South Africa’s cybersecurity posture and framework within a global context.

International Humanitarian Law and Cyber-Influence Operation


Cyber-influenc and ‘fake news’ have become common terms due to high profle inci-dents such as alleged tampering in the 2016 US elections.

Securing the Internet of Battlefield Things While Maintaining Value to the Warfighter


The unremitting use of legacy systems continues to compound risks to the information management environment. As legacy systems become increasingly obsolete, they inefficiently con- sume valuable resources such as data, power, space, and manpower. Additionally, from a cyberse- curity and reliability perspective; systems which have reached the end of their intended life cycles are more susceptible to corruption or interruption of services.

Towards Improving APT Mitigation: A Case for Counter-APT Red Teaming


Vulnerabilities leveraged by Advanced Persistent Threats (APTs) that ultimately allow them to gain access to critical data and unveil private information are often far removed from the portions of the security environment where initial access is gained. This paper presents a defensi- ble scholarly decomposition of the red-team process itself and discusses how traditional red-team assessments may not be the most effective solution for emulating APT threats and mitigating their impacts.

Developing a Cyber Operations Computational Ontology


Cyber operations lack models, methodologies, and mechanisms to describe relevant data and knowledge. This problem is directly reflected when cyber operations are conducted, and their effects assessed, and it can produce dissonance and disturbance in corresponding decision-making processes and communication between different military actors.

On Levels of Deterrence in the Cyber Domain


Deterrence is a coercive strategy to avoid escalation to direct conflicts. In the Cold War, nuclear deterrence was successfully used to prevent a war between the U.S. and the Soviet Union. In the cyber domain, which is man-made and virtual, how deterrence can be effectively applied is one of today’s biggest challenges.

Understanding Operator Fatigue, Frustration, and Cognitive Workload in Tactical Cybersecurity Operations


While the human factors of mission critical systemd weapons systems have been extensively studied, there has been little work on cyber operations. As with any system, the perfect storm of complex tasks in a high-risk environment takes an incredible toll on human operators, leading to errors, decreased performance, and burnout. An extensive studtacticaly of  cyber operations at the National Security Agency found that operator fatigue,  frustration,  and  cognitive  workload  significantly  increase  over  the  course  of  an operation. A discussion of these findings helps us understand the impact that the high-stress, high-risk environment of tactical cyber operations has on its ops such as air traffic control anerators.

The Search for Cyber Fundamentals


The precise rendering of how security is achieved in cyberspace has yet to be pulled together; and, despite the most recent publications of U.S. policy, there is still no settled answer to the core question of what organizing principles should drive military cyber operations strategy. This essay posits that cyberspace is a realm of activity in which new security dynamics are at work due to the revolutionary character of digital technology. The essay introduces six defining conditions that relate to military cyber operations leading to the organizing principle that cyberspace is an offense-persistent strategic environment.

Cyberspace from the Hybrid Threat Perspective


Hybrid threats use conventional and unconventional means to achieve their goals. This paper explores the cyber threats as one possible aspect of hybrid threats. It describes three ways of approaching cyberspace (operations) from the hybrid threats perspective: supporting conventional operations, exploiting non-military systems, and exploring the opportunities provided by this environment. In particular, it highlights the aspects that are or likely will be relevant to the military community.

An Annotated Bibliographical Survey on Cyber Intelligence for Cyber Intelligence Officers


Since 2008, Cyberspace is officially regarded as a distinct military domain, along with land, sea, and air for many countries (Goel 2011). The nature of warfare in cyberspace is radically different than traditional warfare: the attacks are more remote, stealthy, and detecting the identity of the adversary may be impossible (Greengard 2010). Nations need intelligence in this relatively new domain of war in order to know the strengths and weaknesses of other nations and themselves. This paper presents a literature survey on computer science methodologies that can be useful for intelligence officers working in cyberspace.

The Future of Cyber Operations and Defense


National and economic security of most nations have become dependent on cyberspace. Protection of cyberspace will depend, in part, on successful cyber operations. Cyberspace is the domain in which these operations take place, and it is evolving rapidly, through increased use of virtualization and cloud services, ubiquitous mobility, and the integration of cyber systems into the physical world. To be successful in this future environment, cyber operations will need to be supported by more defensible systems, to be informed by a greater understanding of system state and threat actors, and to be more adaptive.

An Information Operations Roadmap for South Africa


The latest arms race can be considered to be information-based, revolving around Information Operations (IO). As with any developing concept, there are innovators, early adopters, and laggards. However, complexities in the constructs of IO result in a number of potential adopters struggling to implement their own brand of IO. A modified Capability Maturity Model is proposed and applied to the case of South Africa. Using guidance from previous studies and publicly available documentation, capability gaps for IO in South Africa are identified. Based on these gaps, a roadmap for developing IO capacity in South Africa is proposed.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.















Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455