The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics Book Review

The Hacker and the State

Book written by Ben Buchanan
Book review by Brett Freedmani

Bottom Line

Hall of Fame Candidate

I recommend this nonfiction book for the Cybersecurity Canon Hall of Fame.


I highly recommend “The Hacker and the State” by Ben Buchanan particularly for readers who already have a solid foundation in geopolitics and are looking to understand how it is impacted by the cyber domain.  Ben Buchanan is a professor at Georgetown University’s School of Foreign Service and Senior Faculty Fellow at the Center for Security and Emerging Technology and the author of another book, “The Cybersecurity Dilemma,” which was previously positively reviewed.  In this book, Mr. Buchanan explains his views on statecraft through the lens of cyber attacks.  

As the author suggests, cyber attacks should be considered a “new form of statecraft” (p. 3) in which international relations, diplomacy, and conflict resolution unfold.  After reading this book, I tend to agree.  Cyber attacks fall into one of the following three forms in the author’s view: espionage, attack, and destabilization.  The ensuing chapters are grouped accordingly with each illustrated by such real world examples as Stuxnet and, more recently, Russian interference in the 2016 American Presidential election.  While these events were widely reported, Mr. Buchanan includes previously unknown details and inside information to help the reader better understand each event.

Mr. Buchanan’s underlying thesis is that, while most elements of statecraft can be viewed in the context of signaling or shaping geopolitics, cyber capabilities are only useful for shaping.  To signal is to convey the message that what a government possesses – such as a unique capability - is legitimate and thus must be taken seriously to influence how the other side will react.  In contrast, to shape is to modify the state of play by either changing what one has or somehow changing the capabilities of your opponent without their knowledge.  Mr. Buchanan emphasizes that the value of cyber capabilities resides in the ability to shape geopolitical objectives.

As Mr. Buchanan describes, cyber today represents the primary means by which governments shape geopolitics. This is done mainly via hacking operations which, if successful, can be effective without drawing any attention or, in the physical world, inflicting physical harm.  Yet, when states undertake cyber operations to send a signal to another state, it tends “tend to lack calibration, credibility, and clarity.” (p. 7)  In the cyber domain, subtlety is not a virtue.  The states that are most successful are therefore those that aggressively utilize activities such as hacking to mold the geopolitical environment to be more to their liking vice actors that simply look to hunt, coerce, or threaten.

The book proceeds to test this hypothesis by first looking at the bread and butter of statecraft: espionage.  It starts with the activities of the National Security Agency (NSA) as revealed by Edward Snowden.  Mr. Buchanan then explores the hot button issue of encryption as involved in the 2015 terrorist attack in San Bernardino, the tapping of undersea cables, and the building of backdoors into systems.  He then expands to look at other emerging global actors as China and their cyber espionage campaign dubbed Operation Aurora, their blatant use of cyber intrusions to gain a commercial and military advantage, and their willingness to cast as wide a net as possible without any concern that they will be caught or, if caught, held accountable.  

The book then shifts from spying to the use of cyber as a means of attack.  This section begins with a deep discussion of the destructive computer worm commonly known as Stuxnet.  This effort, widely believed to have been jointly designed by US and Israeli intelligence officials, was aimed at disabling Iran’s nuclear centrifuges.  But Stuxnet was a mixed success for the attackers.  The malicious code escaped, thus making it a useful source for researchers to better understand how cyber operations operate.  This demonstrates that, no matter the extent to which such activities are kept secret by powerful state actors, nonstate actors, including researchers and journalists, are critical to being able to understand these tactics.  This section continues by examining Iran’s own actions against state adversaries to include Saudi Arabia (dubbed Operation Ababil) and the United States financial sector, including the Sands Casino.

“The Hacker and the State” examines efforts by state actors to signal and influence actions.  It looks at the North Korean hack of Sony Pictures to try to prevent distribution of its film “The Interview.”  As the author points out, North Korea failed to achieve its objective.  In fact, it was only when North Korea resorted to threatening physical harm, vice digital destruction, that the film’s release was in jeopardy.  The film instead became a cause celeb for both democracy and free speech.  The cyber coercion attempt fell short.  The same is true with Russian intrusions into the Ukraine power system resulting in blackouts both in 2015 and again in December of 2016. 


In the books’ final section, Mr. Buchanan examines cyber as a means of destabilization.  He highlights election interference as the most tangible example but notes that, historically, it is a tactic used by the British as far back as World War II.  The author states however that “the true importance of cyber operations comes not from their damage to machines, but from their destabilizing effects on humans and societies.” (p. 213)  Other examples explored are the public release of information obtained via cyber intrusions, namely Shadow Brokers and the relatively recent but burgeoning industry of ransomware.

In conclusion, “The Hacker and the State” identifies three characteristics of the cyber domain that are repeated throughout the book: (1) its versatility as a tool of geopolitical shaping, (2) its weakness as a means of geopolitical signaling, and (3) the far-reaching ambition of parties utilizing these capabilities.  Despite often achieving broad objectives, cyber capabilities in the end are ill-suited to communicate with other states or to deter or entice certain behavior.  Moreover, as cyber capabilities more often than not require a degree of secrecy, they tend to be obscured, unpredictable, difficult to calibrate, and nearly impossible to both interpret and accurately convey the degree of commitment behind the cyber activity to others.   Despite these shortcomings, Mr. Buchanan notes that cyber intrusions such as hacking will continue to influence geopolitics and will continue to be used going forward until such time as anyone is willing to put forth both the time and effort to stop it.