Jan Kallberg

• PhD and MA University of Texas at Dallas, JD/LL.M. Stockholm University
• Adjunct Professor at George Washington University

A failed cyberdefense can have wider effects than discussed in earlier debates of potential consequences of a cyberattack. The need for cyberdefense to protect the environment has not drawn the attention it deserves as a national security matter. Adversarial nations are covertly pursuing methods to damage and disrupt the United States in a cybercon...

Comprehensive theories of conflict in the cyber world have not yet been developed, but the utilization of traditional military strategy and operational concepts in lieu of existing strategies in this realm can mislead, resulting in spurious assessments and unfavorable outcomes. Four tenets of the cyber world present profound challenges for the appl...

The U.S. and NATO deterrence by calibrated force posture in Eastern Europe against a Russian fait accompli attack can evaporate if the Russian leadership consider these four following assumptions are valid. First, the U.S. and NATO will not be the first to use nuclear arms. The second assumption is the arrival of substantial U.S. and NATO forces to...

The emergence of deepfakes has challenged long-standing protocols concerning prisoners of war in the Geneva Conventions. The United States, its Allies, and partners must educate ser-vicemembers about the potential exploitation of any recorded media obtained if they become prisoners of war. A future great power conflict could potentially involve lar...

Sharing cyber weapon/cyber capabilities requires trust between the member states, becoming a high-end policy decision due to the concerns of proliferation and the investment in designing a cyber-weapon that has a limited ’shelf-life’. The digital nature of cyber weapons creates a challenge. A cyber weapon can spread quickly, either self-propagating...

Executive Summary Prompted by Russia’s war in Ukraine, the countries of the Baltic Sea region are belatedly building coherent security architecture, but revanchist Russia poses grave challenges. Time is short. Consensus about the gravity and breadth of the threat from Russia is emerging. Agreement about how to counter it is patchier. The militar...

The leaves of 2022 protected the Ukrainians from the Russian onslaught. In the summer of 2023, the leaves gave the Russians protection from Ukrainian precision artillery strikes and drones. Now, the leaves are falling or being blown away. Increasingly, Russian positions are exposed. War is far more practical than the international relations theor...

For the first time in history, micromanagement is punishable by death. “Long overdue” might be the response from millions of office workers, and it might sound witty, but it is the core lesson learned in the war against Russian aggression in Ukraine. Generals and colonels wanting to micromanage their troops will be identified, and their command po...

The Managing Insider Risk & Organizational Resilience (MIROR) Journal (Online ISSN 2832-5427 Print ISSN 2832-5419) is a scholarly Open Access journal published by the West Point Press, the publishing arm of the United States Military Academy, and produced by the Insider Threat Research Research Program at the Department of Mathematical Sciences at...

In a changing operational environment, where command posts are increasingly vulnerable, intent can serve as a stealth enabler. A communicated commander’s intent can serve as a way to limit electronic signatures and radio traffic, seeking to obfuscate the existence of a command post. In a mission command-driven environment, communication between co...

The Summer issue 2023 of the Cyber Defense Review

The bleakness of the Western commentariat’s recent output is striking — Ukraine’s counteroffensive has made little progress, they say. Major US news outlets cite intelligence agencies opining that things are “grim” and that hopes are fading that Ukraine can reach its (supposed) objective of Melitopol, more than 50 miles away. This is simply wrong....

Sheer weight of metal and manpower make a difference to major military operations. But just as important are the young men and women on the battlefield whose tactics implement the bigger strategy. Their leadership is critical. The coming Ukrainian offensive will pit the two sides’ tactical leaders against each other. Differences in education, doctr...

The Spring 2023 Cyber Defense Review.

During the Cold War, the insider threat to the transatlantic alliance was either infiltration by the Warsaw Pact or some form of theft. The central focus was on counterintelligence, and the main enemy was Soviet espionage. Today, in 2023, the insider threat is not only spies and sabotage; it is any misalignment with the mission, which undermines th...

In war, some truths remain self-evident. Perhaps the most important — and the most neglected — isthat Russia’s aggression against Ukraine is the act of a country with the landmass of a giant but the industrial potential of a dwarf.

Cyber Defense Review Fall 2022 Vol.7 Issue 4

The Cyber Defense Review Vol. 7 No. 3 Summer 2022

The skill and capacity of Army cyber forces have grown in the decade since their creation. This article focuses on needed structural changes to the Army's portion of the Cyber Mission Forces that will enable their continued growth and maturity since the Army's past organizational and structural decisions impose challenges impacting current and futu...

But OSINT, like all other intelligence, cuts both ways — we look at the Russians, and the Russians look at us. But their interest is almost certainly in freely available material that's far from televisual — the information a Russian war planner can now use from European Union (EU) states goes far, far beyond what Europe’s well-motivated but slight...

In 1997, the First Opium War officially ended with the British administration and forces leaving Hong Kong. The Second Opium War is still ongoing, since the Russian Federation continues to occupy the Amur region and Outer Manchuria. This land area was extorted from China in 1860 during the Second Opium War, under threat to set Beijing ablaze. Sure...

The alliance’s expansion to include two large Baltic Sea powers changes the military map. It will give NATO operational depth and logistic routes that it previously lacked. When Sweden and Finland were non-aligned, the main route for NATO reinforcements heading to Finnmark, the northernmost part of Norway, had to follow the single coastal road, th...

Drones have changed the battlefield, providing additional situation awareness and the ability to strike targets, but their high success rates in the Ukraine war is a result of unique conditions unlikely to be replicated elsewhere. Unmanned combat aerial vehicles (UCAV) such as the Turkish Bayraktar TB2 have been successful in the Russian-Ukrainian...

The Cyber Defense Review Vol. 7 No. 2 Spring 2022

Seen from the West, the Red Army was an able, well-integrated, and competent opponent able to rapidly launch joint offensive operations with no or little warning. Every Western soldier learned how the Soviets would fight by watching Red Army propaganda movies which projected a fast-moving armored onslaught that would either overrun any defense, or...

The U.S. Army, NATO armies, and other advanced nations actively seek to implement augmented reality (AR) and mixed reality (MR) support for their operational forces. These platforms are intended to improve tactical awareness, target acquisition, and situational awareness, and also to develop an information upstream for commanders to act upon. The U...

Embedded in this Swedish line of thought was a fundamental assumption that the threshold of war in Central and Northern Europe was so high that it could only be a major war between the two great power blocs. The threshold would be maintained by the political, economic, and diplomatic consequences of war, and shored up by the military deterrence of...

Russia has three means to bolster its international image and project strength —conventional forces, cyber, and nuclear weapons. Only one has been used so far, and for good reason. Across the political landscape and in the media, both in North America and Europe, there is a recently established assumption that Russia is poised to unleash its full r...

he Russian-Ukrainian War is the most significant ground war in Europe since World War II and a test of the treatment of prisoners of war (PoWs). With a few exceptions in the Balkans in the 1990s, Europe has not experienced a large number of captured personnel since 1945. The American experience is close to 50 years away, ending with the War in Viet...

The Kremlin makes dark threats about the fate of foreign volunteers captured on the battlefield, but these are likely to rebound. Vladimir Putin’s war on Ukraine has produced some strange and unexpected results, not least the rush among Western citizens to join President Volodymyr Zelenskyy’s armed forces. Ukrainian defense officials claim that ov...

The prospect of continued armed resistance is far morecomplex than simply picking up arms. Armed resistanceis a high-risk, violent activity exploiting local and tacticalopportunities to increase the cost for the occupying force.Armed resistance that lasts for months requires planning,structure, and organization. The viability of a prolongedinsurgen...

U.S. Defense Department cyber units are incrementally becoming a part of the response to ransomware and system intrusions orchestrated from foreign soil. But diverting the military capabilities to augment national civilian cyber defense gaps is an unsustainable and strategically counterproductive policy. The U.S. concept of cyber deterrence has fa...

In cyberspace, the focus is on threats from malicious activity — a tangible threat. A less obvious threat to cyber is inflation that undermines any cyber organization by eroding budget and employee compensation. Inflation can create unseen resignation rates if not addressed, and jeopardize ongoing cyber efforts and the U.S. Defense Department’s mig...

Academia, homeland security, defense, and media have accepted the perception that critical infrastructure in a future cyber war cyber conflict is the main gateway for a massive cyber assault on the U.S. The question is not if the assumption is correct or not, the question is instead of how did we arrive at that assumption. The cyber paradigm consid...

In the discussion of great power competition and cyberattacks meant to slow down a U.S. strategic movement of forces to Eastern Europe, the focus has been on the route from the fort to port in the U.S. But we tend to forget that once forces arrive at the major Western European ports of disembarkation, the distance from these ports to eastern Poland...

Cyber Defense Review - vol. 6 no. 4 (Fall 2021)

There is a risk that we overanalyze attacks on critical infrastructure and try to find a strategic intent where there is none. Our potential adversaries could attack critical American infrastructure for other reasons than executing a national strategy. In many cases, it can be as simple as hostile totalitarian nations that do not respect internatio...

In previous conflicts, authoritarian regimes have attempted to exploit their American prisoners of war for propaganda gain. These efforts often took the form of video and audio recordings as well as pictures of the POWs, despite such activities being in clear violation of the Geneva Conventions. The prospect of advanced digital capabilities such as...

The Cyber Defense Review - Summer 2021 - vol. 6 no. 3.

After U.S. forces implement the multidomain operations (MDO) concept, they will have entered a new level of complexity, with multidomain rapid execution and increased technical abilities and capacities. The U.S. modernization efforts enhance the country’s forces, but they also increase the technological disparity and challenges for NATO. A future f...

The default modus operandi when facing negative cyber events is to overreact. It is essential to highlight the cost of overreaction, which needs to be a part of calculating when to engage and how. For an adversary probing cyber defenses, reactions provide information that can aggregate a clear picture of the defendant’s capabilities and preauthoriz...

The Cyber Defense Review Spring 2021 Vol. 6 No. 2.

The change from a focus on counter-insurgency to near-peer and peer-conflicts has also introduced the likelihood, if there is a conflict, for a fight in colder and frigid conditions. The weather conditions in Korea and Eastern Europe are harsh during winter time, with increasing challenges the farther north the engagement is taking place. In tradi...

With the return of great power competition comes another renewed threat most of us probably have not thought about in a long time: American soldiers could become prisoners of war. To put it in perspective, the last con ict where America suffered hundreds of POWs was the Vietnam War. Today, after two decades of ghting non-state insurgents, Survival,...

The relevance of Cyber Pearl Harbor. https://thecyberwire.com/stories/de19e53c8af847e589872bb7ade27695/bye-bye-cyber-pearl-harbor

The Cyber Defense Review - vol. 6 issue 1 - Winter 2021

The exploitation of SolarWinds’ network tool at a grand scale, based on publicly disseminated information from Congress and media, represents not only a threat to national security — but also puts the concept of cyber deterrence in question. My concern: Is there a disconnect between the operational environment and the academic research that we gene...

The Cyber Defense Review (CDR) journal is a scholarly effort from the Army Cyber Institute (ACI) at West Point. The CDR generates an intellectual multidisciplinary dialogue through thought provoking scholarly articles and essays on the strategic, operational, and tactical aspects of the cyber domain. The CDR breaks down barriers and fosters innovat...

The SolarWinds breach points out the importance of having both offensive and defensive cyber force experience. The breach is an ongoing investigation, and we will not comment on the investigation. Still, in general terms, we want to point out the exploitable weaknesses in creating two silos — OCO and DCO. The separation of OCO and DCO, through th...

The Cyber Defense Review vol. 5 issue 3 (Fall 2020)

COVID-19 has provided an essential data set for understanding what matters to the population. The environmental aspect of cyber defense, linked to public health, has not drawn attention as a national security matter. As living beings, we react to threats to our living space and the immediate environment. Jeopardizing the environment, intentionally...

In the last three decades, the great powers have become increasingly dependent on satellite communication (SATCOM), very high frequency (VHF), and ultrahigh frequency providing high bandwidth line-of-sight communications. These military communication channels lack resilience because an electronic warfare (EW) campaign can affect both VHF and SATCOM...

Great power competition will require force protection for our minds, as hostile near-peer powers will seek to influence U.S. troops. Influence campaigns can undermine the American will to fight, and the injection of misinformation into a cohesive fighting force are threats equal to any other hostile and enemy action by adversaries and terrorists. M...

What happens if China engages in a great power conflict and loses? Will the Chinese Communist Party’s control over the society survive a horrifying defeat? There is an assumption lingering over today’s public debate that China has a strong hand, advanced artificial intelligence and the latest technology, and that it is an uber-able superpower. I am...

In Kuhn's The Structure of Scientific Revolutions, the critical term is paradigm-shift when it suddenly becomes evident that earlier assumptions no longer are correct and the plurality of the scientific community that studies this domain accepts the change. These types of events can be scientific findings or as in social science system shock that c...

Any attempt to interfere with democratic elections, and the peaceful transition of power that is the result of these elections, is an attack on the country itself as it seeks to destabilize and undermine the core societal functions and constitutional framework. We all agree on the severity of these attempts and that it is a real, ongoing concern fo...

The OODA loop has become been a central concept in cybersecurity the last decade, as it is seen as a vehicle to address what attackers do by deciding when, where and what you should do and how to do so most effectively; essentially, you need to get inside the attacker’s OODA loop to understand the adversary and tailor your own defensive actions. Re...

The summer edition 2020 of the Cyber Defense Review - a special issue on information warfare.

The utility of strategic cyberwar is contingent on the institutional stability of the targeted society. The core claim is that cyber will be a way to reach geopolitical goals in the future by destabilizing adversarial nations. Strategic cyberwar theory is a tool to exploit the weaknesses in adversarial states – if needed. Eventually, cyber will be...

There is always something taken away when there are added functionalities. Does the concept of wearing augmented reality that digitally provides situational awareness create an upside that outweighs what it takes away for rifleman skills? The supercharged hearing, six senses for those equipped, broader view of sight, picking up smells, changes in l...

Each strategy has a foundation, an overarching way of explaining why things are the way we see them and how to successfully reach our goals. Therefore, strategy is theory based because theory provides an intellectual framework for predicting outcomes leading to the end goal the strategy pursues. This article will present a theory, strategic cyberwa...

In the last three decades, the great powers have become increasingly dependent on satellite communication (SATCOM), very high frequency (VHF), and ultra-high frequency (UHF) providing high bandwidth line of sight (LOS) communications. These military communication channels lack resilience because an EW campaign can affect both VHF and SATCOM simulta...

The market for artificial intelligence is growing at an unprecedented speed, not seen since the introduction of the commercial Internet. The estimates vary, but the global AI market is assumed to grow 30 to 60 percent per year. Defense spending on AI projects is increasing at even a higher rate when we add wearable AI and systems that are dependent...

We propose that there should be an option for immediate entry into the cyber operator WO track. Relied on as technical experts, WOs usually are drawn from the midgrade and senior NCO ranks. In the same way as in aviation, not everyone will have the whole kit to be successful, but for those who have what it takes, the Army would benefit from a six-y...

The Cyber Defense Review (CDR) journal is a scholarly effort from the Army Cyber Institute (ACI) at West Point. The CDR generates an intellectual multidisciplinary dialogue through thought provoking scholarly articles and essays on the strategic, operational, and tactical aspects of the cyber domain. The CDR breaks down barriers and fosters innovat...

The Cyber Defense Review (CDR) journal is a scholarly effort from the Army Cyber Institute (ACI) at West Point. The CDR generates an intellectual multidisciplinary dialogue through thought provoking scholarly articles and essays on the strategic, operational, and tactical aspects of the cyber domain. The CDR breaks down barriers and fosters innovat...

What draws our attention is what COVID-19 has meant our society, the economy, and how in an unprecedented way, family, corporations, schools, and government agencies quickly had to adjust to a new reality. Why does this matter from a cyber perspective? COVID-19 has created increased stress on our logistic, digital, public, and financial systems an...

The Iranian military apparatus is a mix of traditional military defense, crowd control, political suppression, and show of force for generating artificial internal authority in the country. If command and control evaporate in the military apparatus, it also removes the ability to control the population to the degree the Iranian regime have been abl...

The adversary in the future fight will have a more technologically advanced ability to sense activity on the battlefield – light, sound, movement, vibration, heat, electromagnetic transmissions, and other quantifiable metrics. This is a fundamental and accepted assumption. The future near-peer adversary will be able to sense our activity in an unpr...

The Cyber Defense Review - Fall 2019 - Vol. 4 No. 2

Incrementally, over the last decades, cyber physical systems — which include all digital assets, computers and networking equipment — have been added to the inventory without a structured way to ensure the highest level of readiness. We propose that cyber maintenance is embedded in the maintenance cycle as any other military hardware. The cyber mai...

We tend to see vulnerabilities and concerns about cyber threats to critical infrastructure from our own viewpoint. But an adversary will assess where and how a cyberattack on America will benefit the adversary’s strategy. I am not convinced attacks on critical infrastructure, in general, have the payoff that an adversary seeks. The American reactio...

In the future, the United States government can seek to limit the ownership of cyber weapons. The question is whether the Second Amendment to the United States Constitution gives a right to bear and own military-grade cyber weapons. The dual-use nature of cyber arms undermines the government's argument.

It is questionable and even unlikely that cyber supremacy could be reached by overwhelming capabilities manifested by stacking more technical capacity and adding attack vectors. The alternative is to use time as the vehicle to supremacy by accelerating the engagements’ velocity beyond the enemy’s ability to target and precisely execute and comprehe...

The Vol.3 No. 3 issue of the Cyber Defense Review.

The core of Conti and Raymond's On Cyber: Towards an Operational Art for Cyber Conflict is found in the preface under the self-explanatory title, "Why this book?" and embedded in the following sentence: "The lack of an operational art for cyberspace operations is the inspiration for this book." Conti and Raymond have identified a wide and open gap...

The Cyber Defense Review is a forum for current and emerging research on cyber operations focused on the strategy, operations, tactics, history, ethics, law and policy in the cyber domain. The Cyber Defense Review (CDR) is positioning itself as the leading online and print journal for issues related to cyber for military, industry, professional and...

Book review: Strategic A2/AD in Cyberspace

It is questionable and even unlikely that cyber supremacy could be reached by overwhelming capabilities manifested by stacking more technical capacity and adding attack vectors. The alternative is to use time as the vehicle to supremacy by accelerating the velocity of the engagements beyond the speed at which the enemy can target, and precisely exe...

It is questionable and even unlikely that cyber supremacy could be reached by overwhelming capabilities manifested by stacking more technical capacity and adding attack vectors. The alternative is to use time as the vehicle to supremacy by accelerating the velocity of the engagements beyond the speed at which the enemy can target, and precisely exe...

In the future, the United States government can seek to limit the ownership and usage of cyber weapons. The question is whether the Second Amendment to the United States Constitution gives a right to bear and own military-grade cyber weapons, and if so, under which conditions. The framers of the Bill of Rights, ratified in 1791, did not limit the r...

The Department of Defense (DoD) must abandon its “up-or-out” promotion model for cyber forces. It should let competent officers hold their positions longer. Applying the outdated Defense Officer Personnel Management Act’s (DOPMA) staffing model to the cyber force is foolish, and makes it difficult to keep experienced, technically-proficient cyber o...

The Internet and the cyberenvironment offer an unprecedented opportunity for intelligence and espionage, not only because of the vulnerability or breaches but also because of the massive voluntary dissemination and sharing of data. Espionage has radically changed since the early 2000s, and open source intelligence is utilized to a great extent. Lar...

The Cyber Defense Review, vol. 3 issue 1. The complete journal. Editor in Chief Dr. Corvin Connolly, Managing Editor Dr. Jan Kallberg, and the Director of the Army Cyber Institute COL Andrew O. Hall, PhD.

The Cyber Defense Review, vol. 2 issue 3. The complete journal. Editor in Chief Dr. Corvin Connolly, Managing Editor Dr. Jan Kallberg, and the Director of the Army Cyber Institute COL Andrew O. Hall, PhD.

Column in Fifth Domain - Defense News

"Defending the Democratic Open Society in the Cyber Age –Open Data as Democratic Enabler and Attack Vector" RESEARCH NOTE TO BE PUBLISHED IN CYBER DEFENSE REVIEW VOL.2:3. FALL 2017. Privacy is in the security paradigm framed as a major challenge for an open society to achieve a high level of security against current cyber threats. In contemporary s...

Black Code: Surveillance, Privacy, and the Dark Side of the Internet by Dr. Ronald J. Deibert Reviewed by CDT Monte Ho and Dr. Jan Kallberg

The paradigm for the growing interest for militarized cyber operations is seeking an ability to be able to strike back and launch cyber counter strikes. In this short commentary, we will challenge this view based on the argument that it leads to a contra-productive tit-for-tat game with no decisive or deterrent outcome. Our argument is that cyber a...

See book review end of Cyber Defense Review 2:2.