The critical infrastructure component of cybersecurity and concern over terrorist use of the Internet are increasingly being articulated with one another in a larger discourse about cyberspace security.  The critical infrastructure component relates to what Deibert and Rohozinski have identified as “risks to cyberspace,” while terrorist use of the Internet (for recruiting, fundraising, propaganda, etc.) relates to what they have called “risks through cyberspace” [1] and others have even called “cognitive hacking.”  We might also say that the two are articulated in what Cavelty and Brunner have called the larger discourse of information warfare, which includes two different and sometimes competing understandings of “information”–i.e. information as critical data for the effective operation of militaries, organizations, and society versus information as perception, meaning, “hearts and minds.” [2]  One question that deserves more attention is how these two understandings of information and cyberspace security interact with one another.

In a recent article in Joint Forces Quarterly, CJCS ADM Mike Mullen was critical of a dominant interpretation of “strategic communication” that he says focuses too much on words over deeds,* the how over the what of communication.  He wrote (p. 4),

And make no mistake—there has been a certain arrogance to our “strat comm” efforts. We’ve come to believe that messages are something we can launch downrange like a rocket, something we can fire for effect. They are not. Good communication runs both ways. It’s not about telling our story. We must also be better listeners. […]

Only through a shared appreciation of the people’s culture, needs, and hopes for the future can we hope ourselves to supplant the extremist narrative. We cannot capture hearts and minds. We must engage them; we must listen to them, one heart and one mind at a time—over time. […]

To put it simply, we need to worry a lot less about how to communicate our actions and much more about what our actions communicate. [3]

Conversely, we might ask: Does the U.S. worry too much about how jihadists in general, and the Taliban in particular, communicate (especially online), and not enough about what they communicate, both with their words and also with their actions?

What’s more, John Arquilla has advocated taking offensive action against terrorist websites, [4] and a recent operation by the U.S. military that took down a forum allegedly being used by jihadists in Iraq indicates that at least a few folks in the U.S. military are acting in accord with his recommendations.  In addition to the concern that some have raised over whether taking down jihadist websites deprives the U.S. of valuable sources of intelligence, we should also be asking what these types of offensive cyber actions communicate to adversaries and allies alike.

ADM Mullen has written (p. 4) about U.S. adversaries’ talent for detecting U.S. “say-do gaps” and then driving trucks through those gaps that end up damaging U.S. credibility. [3]  He uses Abu Ghraib as an example, where what was done there was in sharp contrast to the things that U.S. leadership said about human rights, dignity, etc.  Similarly, what kinds of “say-do gaps” might be created by offensive cyber operations meant to silence or disrupt adversary communications online?  It might not be difficult for an even moderately observant adversary to point to a contradiction (real or not) between U.S. rhetoric about “Internet freedom” and freedom of speech and expression on the one hand and U.S. actions taken to silence its opponents on the other hand.

Keeping Dunlap’s classic essays in mind, [5] might offensive actions like those recommended by Arquilla and potentially witnessed in the jihadist forum takedown case contribute to creating a perception of U.S. weakness, both in the information battle and the kinetic battle?  Might U.S. attempts to silence opponents look like weakness in the proverbial “battle for hearts and minds?”  A resort to silencing as a result of an inability to effectively engage?  Despite all the talk of markets and freedom of expression, the market that the U.S. fears the most is the marketplace of ideas?  Etc., etc., etc.

I do not have answers to these questions.  But if we are going to articulate “risks to cyberspace” and “risks through cyberspace” into a larger discourse of information warfare, cybersecurity, etc., then we should begin to think about what kinds of messages are communicated to adversaries and allies alike when the U.S. engages in offensive actions that silence or disrupt its opponents online.

* Though I normally reject the rhetoric of a fundamental difference between saying and doing, pointing to the work of linguists, psychologists, philosophers, and others that has demonstrated time and again that language is performative (i.e. at the least, saying is a type of doing with its own effects), [6]  in this case I think that ADM Mullen’s position is actually more nuanced.  I do not read him as rejecting the idea that language is performative, but rather, reminding us that actions are also communicative.


[1] Deibert, Ronald & Rafal Rohozinski (2010) ‘Risking Security: Policies and Paradoxes of Cyberspace Security’, International Political Sociology 4: 15-32.

[2] Brunner, Elgin & Myriam Dunn Cavelty (2009) ‘The Formation of in-Formation By the Us Military: Articulation and Enactment of Informatic Threat Imaginaries on the Immaterial Battlefield of Perception’, Cambridge Review of International Affairs 22(4): 629-46.

[3] Mullen, ADM Michael (2009) ‘Strategic Communication: Getting Back to Basics’, Joint Forces Quarterly 55(4): 2-4.

[4] Arquilla, John. ‘How to Lose a Cyberwar: Why is America Still Letting Online Jihadists Run Amok?’, Foreign Policy (12 December 2009):

[5] Dunlap, Jr, Charles J. (1996) ‘Sometimes the Dragon Wins: A Perspective on Info-Age Warfare’, Phil Taylor’s Web Site,; Dunlap Jr, Charles J. ‘How We Lost the Hi-Tech War of 2007’, The Weekly Standard (1996):

[6] For example, see Austin, J. L. (1962) How to Do Things With Words (Oxford: Clarendon Press); Derrida, J. (1977) Limited, Inc (Baltimore: Johns Hopkins University Press); Lakoff, G. & M. Johnson (1980) Metaphors We Live By (Chicago: University Of Chicago Press).