Cyber Warfare Capabilities: An Analysis of Variables Driving States to Develop Cyber-Weapons and The Strategies that Emerge from Possessing Them

Written by Jose Miguel Lopez Arroyo, GPI Undergraduate Fellow


Technological improvements in weaponry changes the way a state fights war. A classic example is how achieving nuclear capabilities has created a mentality of mutually assured destruction, which deters the escalations of conflict between the nuclear states. Another example is the invention of the Maxim gun that brought automatic fire into the battlefield, which changed the way infantry charges takes place. It is clear to see that technological developments affect the way states engage with each other. This in turn incentivizes the development of better technology to maintain an edge over the adversaries. This field is important to study because the world is rapidly transitioning into a higher reliance on the online world for everyday functions. With this ongoing online transition, the battlefield is changing once again, focusing on cyberspace offensive and defensive operations. Countries like Russia and China have been developing cyber weapons and actively testing. The paper analyzes two possible hypotheses that attempt to explain why states are engaging in activities of investing in the development of cyber warfare capabilities and are interested in dominating the space.  

The first hypothesis (H1) is that states want to develop and deploy cyber weapons because it allows them to engage in asymmetric warfare against the United States and its allies. This form of warfare is defined as the implementation of unconventional methods due to a power imbalance between the states engaged in a conflict. Additionally, upon analyzing military statistics, it can be insinuated that the United States still maintains a dominance over Russia and China. Furthermore, the US is perceived amongst the major global powers as its allies, which further limits the military capabilities of the enemy states. Engaging in traditional warfare against the US would most likely result in a loss for those states, which incentivizes them to deploy cyberattacks in their arsenal. `It is simply an attempt to balance the power distribution in other ways. 

The second hypothesis proposed (H2) is that states engage in cyber warfare because of the low cost and relatively inconspicuous nature. This allows the states to utilize it as a tool to leverage a better position when they engage in negotiations across the international theater. It can either be a defensive or an offensive advantage that they are looking to obtain. As the world rapidly transitions into having a heavy reliance on online platforms for everyday activities, the threat of disruption to the infrastructure by an adversary remains eminent. The attributes of cyberattacks make it appealing for states like Russia and China to implement them, as they serve as a tool to deter actions that intend to hurt them or help them obtain a better deal during negotiations.  

The two hypotheses suggested will be analyzed in the following segments. Each hypothesis will introduce an argument based on previous research in the field along with some examples. The advantages and disadvantages of each will be compared to determine which of the two provides a better explanation based on preliminary evidence on why states chose to engage in cyber warfare and seek domination in this avenue. Lastly, the paper will elaborate on what future research topics that will help us better understand this phenomenon. 

Hypothesis 1 

Part of the current hierarchical system is guided by the superiority of conventional military capabilities. States like Russia and China possess a strong military; however, they are still not able to surpass the U.S. Challenging the U.S authority through conventional methods would be a complicated task that will bring unfavorable consequences for the contender. Therefore, cyber warfare becomes an attractive strategy for states to deploy in the turf of asymmetric warfare against the U.S. The ability to launch online attacks and operations gives states the power to target areas that were not previously possible by using conventional military methods. This means that a state can disrupt online operations that are crucial for the daily functioning of a state such as hospital systems, oil/natural gas pipelines, communication networks, and government systems. At present, any possible gain from a cyberattack is only temporary because the damages inflicted are easy to fix and do not create violence. According to Gartzke, cyberattacks require being well coordinated in order to affect big portions of the population. However, they only cause chaos for a small window of time. The only way cyberattacks can cause major disruption is if they are paired with traditional methods of warfare. The disruption generated would be utilized as a strategic advantage to make targets more vulnerable. The limited capability of cyberattacks is a disadvantage that indicates that the usage of cyberattacks does not attempt to change the status quo, rather they look to gain momentary advantage while testing the U.S capabilities in order to defend itself.  

In addition to disrupting of government and private operations, cyberattacks also lead to financial damages that negatively impacts the adversary’s economy. Cyberattacks are low risk, making them easy to deploy. An example is the Chinese attacks on the natural gas pipelines back in 2011-2013 which targeted 23 pipeline systems with the intent of stealing data, system blueprints, and passwords. There was no attempt to alter the operation of the pipelines, but it highlighted the vulnerability of the U.S system. Another more well-known example is of the 2019 Microsoft exchange servers breach that disrupted the system operation resulting in loss of sensitive data. In this case, there were financial losses that affected users and the corporations itself. These examples serve as evidence that cyberattacks are an effective asymmetric strategy that can achieve the temporary impairment of a rival and can cause a negative financial impact. Estimates put the cost of Chinese cyberattacks in the U.S at around 20 to 30 billion dollars annually, summing up to a total of 600 billion dollars over the last two decades.

Furthermore, the current research on field takes a neorealism approach to analyze how likely is the threat of entering into a cyberwar with another state. Under neorealism, the international system is anarchic. Which makes states adopt behavior to ensure their survival and the balance of power. This neorealism view of the system also applies to cyberspace because there is not a single authority to regulate the system. According to Akdag, cyberspace currently is a multipolar system that has a low cost of entry. In the current multipolar system, the U.S is a major player because it has a stronghold on the internet cooperation and e-commerce. However, states like China are labeled as the rising powers in this field because they are rapidly developing web platforms and indulging internet governance. Additionally, Russia is another state that holds substantial power in this sphere. They have demonstrated their cyberattack capabilities in the 2007-2008 conflicts against Estonia and Georgia, where the infrastructure was successfully targeted to help with the military invasion. The analysis highlights how the superiority of the U.S is not absolute, and states have the ability to challenge it with some success.  

Moreover, neorealism argues that a multipolar system increases the likelihood of conflict happening because states will look to balance their capabilities to come out on top. Applying this to the current analysis, allows us to explain the desire of states like China and Russia to keep developing and deploying cyber weapons against the U.S. The short-term goals of China and Russia are to momentarily slow down the U.S and test for weaknesses in the system. By engaging in this form of asymmetric tactics,  Russia and China can get a better understanding of what the U.S’s capabilities are, as well as how to make improvements on to their arsenal. Their strategy is to play the long-term waiting game, while looking to slowly improve their abilities to eventually challenge the US in a more efficient manner.  

Lastly, China’s and Russia’s actions have caused the U.S to implement counterbalancing actions to protect its infrastructure and allies with the goal of retaining power. The Russian implementation of sophisticated cyberattacks in the invasion of Estonia, demonstrated the need to develop a better level of preparedness for cyber defense. This led NATO to sponsor and develop the Cooperative Cyber Defense Center of Excellence (CCDCOE) to better prepare the allies. Another important point that Akdag’s research mentioned is that a bigger balancing strategy will likely emerge if the cyber conflict continues to escalate between China and the U.S. However, a major obstacle to overcome is the buck-passing and the freeloader states because they will make the balancing efforts less effective if they are vulnerable to cyberattacks. These are the factors that needs to be taken into consideration for the U.S to adequately assure their safety and preserve their current position in the system.  

After analyzing the examples and researching for the hypothesis, it is clear to see that states like China and Russia have a bigger interest to keep developing and introducing cyber weapons to deploy against the US and its adversaries. The primary reason is that it allows them to engage in asymmetric warfare while laying the groundwork for the future warfare. Although the advantages of these instruments are not long-lasting or create a significant damage to an opponent by themselves, they demonstrate a useful tool to have in their arsenal. Implementing them allows these states to engage with the U.S in an unconventional method that does not pose a significant threat to the continuation of their regime and preservation of power.  

Hypothesis 2 

Maintaining a conventional large military comes at an expensive cost because they require a lot of resources to remain operational. One of the advantages of cyber warfare is that a relatively small number of resources is required to carry out operations. The low operational cost is one of the reasons that cyber attacks have become an attractive strategy for states to engage in. Additionally, the operations can be performed from relatively anywhere in the world. The location of the perpetrators can be hidden easily with the usage of location “spoofers” that alter the IP address of the attacker. Tools like this allow the attackers to have a certain level of anonymity and make it harder for them to be discovered. Another benefit is the inconspicuousness of these tactics, which allows states to have an avenue of deniability if they are discovered engaging in this behavior. These two benefits of cyber warfare allow states like China and Russia to easily implement this tactic into their arsenal and use it as a tool for negotiations in the international theater.  

In comparison to other methods of warfare, recruiting cyber soldiers is a relatively easy task since the technology utilized in these operations are very similar to what the civilians already access. According to Simone Dossi, almost all states have the ability to quickly recruit and build cyber capabilities, which makes the field have a low cost of entry. However, what makes a difference in the field is the type of technology a state has access to. China is still behind the U.S, in terms of technology, but they have been investing heavily in their military modernization since the 1990s. The commitment to modernizing the military is reflected in China’s budget expenditures, which has increased from $45 billion in 1990 to $150 billion in 2010. These actions reflect the interests that China has in becoming a competitor in the cyber space, as they recognize the importance that this field has in the future of warfare. As a result, they would want to enter this space while its still cheaper to do so. On the other hand, Russia has been developing cyber weapons since the early 2000s and has implemented them in previous conflicts, making them knowledgeable in this domain on how to effectively deploy them.  

Furthermore, U.S intelligence estimates that China has and several uniformed cyber warfare units such as the Technology Reconnaissance Department, Electronic Countermeasures, and Radar Department. Russia has also invested to develop sophisticated methods in this field.  Multiple Russian units, including Fancy Bear, Sandworm, and Tsar Team, are known to have engaged in espionage and security breaches against the U.S. Having military units allows states to carry their agenda at a relatively low cost since they are already being accounted for under the military budget. Additionally, having private sector hackers is surprisingly cheap since estimates reveal that buying malware ranges from 1,000 to 3,500 dollars. It is clear to see there is a low cost and a high opportunity of return in this field of warfare, making it appealing for states to participate in it. The low-level cost of entry has allowed China and Russia to rapidly develop their cyber warfare capabilities. The financial investment and constant development from their side serve as evidence that both states are taking advantage that this field is not fully developed. It could mean that they are looking to secure a good position of power within the field before it is too late. The U.S might still dominate the field, but if it is not careful in improving its abilities the U.S will fall behind. Currently, China and Russia are not limited in their access to resources as they have been able to produce competing technologies, similar to the U.S. in recent years. They have also tried to become less reliant on foreign technology because it is seen as a security risk. Creating independence from outside states also serves the purpose of developing regional superiority. 

At this time both states possess the ability to quickly increase their cyber capacities if they choose to, posing a potential risk for rival states. This ability of exponential buildup can serve as a tool for China and Russia to negotiate the outcomes of agreements. In other words, having cyber capabilities serve as an offensive advantage since they can coerce an enemy state to give up more out of fear of further consequences. According to Greenhill, cyber weapons have three primary uses which are coercion, deterrence, and compellence. Coercion is a form of signaling to an opponent that certain undesirable actions will have consequences. In the context of cyber warfare, a state can make demands from another with the threat of implementing systemic attacks if they do not get what they desire. This can come in the form of extortion or blackmail. Secondly, cyber abilities serve as deterrence in three ways. The first is deterrence by data gathering. This means implementing espionage tactics to compile enough information with the intent to prevent attacks. This option is easy to deploy as it can be easily hidden in the systems. The second form is by fear of detection. Constant surveillance deters the opponent from organizing and carrying out actions. Lastly, deterrence by denial is also a cyber defense tool to redirect or block access to information. Moreover, another way to utilize cyber weapons is for compellence purposes. Compellence consists of utilizing forms of coercion or threats to get an opponent to change its behavior. This tool utilizes deception to convince an adversary that a proposed option is more desirable than it is. In a way, it is a form of “seduction” that tries to create an illusion to avoid conflict or get a better outcome for the party implementing this tactic. Despite having the potential to be utilized as an effective tools for negotiation, cyber weapons have limitations that make them difficult to incorporate into the battlefield. For instance, when engaging in coercion it is hard for a state to add credibility to its threat since it could alert an enemy of its weaknesses. This then can be fixed, and the upper hand will be lost. If a state tries to bypass this obstacle by remaining anonymous, its threats will lack validity and most likely be dismissed due to their ambiguity. Lastly, cyber weapons currently do not have the potential to create long-lasting disruptions, which limits a state’s military reliance on them. Nonetheless, if implemented with an appropriate strategy cyber weapons can serve as a powerful negotiation tool. 

A real-world example of cyberattacks being carried out is the ongoing Russia-Ukraine conflict. Russia has been targeting military and civilian infrastructure to send a message to the government of Ukraine that they have superior capabilities. This is with the intent to convince them to accept their terms to end fighting. Another example was the Chinese cyber attacks on Federal web pages after the accidental NATO bombing of the Chinese embassy in Yugoslavia. The attacks disrupted access to websites and presented anti-American rhetorics. China and Russia have shown that they can attack online targets, causing temporary damages in weak states and disrupt the operations in more powerful states. These actions serve as evidences both the powers see the potential in cyber weapons for future conflicts.  

The research and examples provided for this hypothesis highlight that cyber warfare tools have positive attributes and benefits that can be utilized in a state’s favor. Despite some complications to implementing these weapons, they are still appealing for states like Russia and China to utilize them as tools to deter actions that intend to hurt them or help them obtain a better deal when they engage in negotiations. Both the states recognize the importance of possessing cutting-edge technologies and their roles to carry out cyberattacks. They have seen the advantages and influence that the U.S has access to, by possessing such advanced cyber capabilities. In other words, they want their piece of the pie. Lastly, the current low cost of entry facilitates new entrants into the field. For these two reasons, China and Russia have invested in developing their cybersecurity capabilities and will continue to do so.  


After analyzing the preliminary research and arguments presented in the two proposed hypotheses, it can be argued that low operational cost and anonymity, (H2) best explains why China and Russia are interested in developing their cyber warfare capabilities. The first reason is that currently the field has a low entry and operational cost that serves as an incentive for these states to start an early development of the technology. This could signify that early investment is a strategic move to help them in the long run to secure a powerful position in the field. A second reason is that the financial investment in military modernization from both states signals an intent to better prepare their forces in this area since they recognize the importance cyber capabilities will have in the future of warfare. Early investment and military modernization serve as evidence that both states are taking advantage of, thus ensuring they can have a relatively low cost and prepared military units at the disposal of the state’s authority. Furthermore, an important point that H1 made was that China and Russia are developing these technologies to engage in asymmetric warfare. This observation might be true for the moment. However, the cyber warfare field is likely to continue growing as the world keeps more on the internet for daily operations. This could indicate that China and Russia might be utilizing asymmetric tactics momentarily to test their abilities and those of the U.S to gather information. Since the cyber warfare field will keep growing, it would be erroneous to discard the possibility that China and Russia do not have a long-term strategy, meaning that eventually their capabilities will be implemented in regular warfare and not just asymmetrically. More research is required to make accurate claims in this area. Additionally, the analysis provided by Greenhill, on the coercion, deterrence, and compelling applications of cyber weapons highlights their utility in offensive, defensive, and bargaining abilities. This means that both states recognize that having access to these types of weapons is a useful tool to increase their negotiation status with other states. Lastly, they see the advantages of developing cutting-edge technology and the influence that the U.S has by simply possessing such advanced cyber capabilities. H2 better captures the reasoning behind the two states’ actions and offers strategic observations that helps explain their behaviors in this field.   

Hypothesis testing  

The way that H2 could be tested is by first gathering data on the precise cost of cyber warfare units and the equipment from countries such as the US that already has advanced capabilities. This can serve to create baselines on the cost and road maps of what are the different stages a state must undergo to develop competitive cyber capabilities. This will serve to compare the investments China and Russia are doing and can help yield information regarding their current capabilities. Depending on the outcome, it could prove whether China and Russia are actually planning a long-term strategy or are simply engaging in asymmetric warfare for short-term gains. In addition, it can also help determine the cost of entry into the field and help create projections on how the price of entry has fluctuated. The results could serve to prove that a low cost of entry incentivizes the states to develop cyber weapons. A second step to test H2 would be to run mock simulations with individuals and computers to test how actors behave when they have accessibility to tools that give them an upper hand in negotiation tactics. These simulations will need to incorporate different scenarios to account for the different applications identified for cyber weapons. The results can help understand how significant it is to have certain advantages when negotiating. They could also help explain if indeed they encourage states to seek the development of such advantages. To further prove this, a historical analysis needs to be conducted on how states have utilized cyber weapons across times. Historical data can help gather the information that proves the utility of cyber capabilities and if they are effective or not in real-life scenarios. The results of this analysis can be used to determine whether there is an identifiable strategic advantage under the possession of the states. Lastly, the creation of a longitudinal study where future data is collected regarding cyberattacks strategies and developments will serve to analyze the transformation of the field. The purpose of this is to record how states implement it into their overall strategies, helping to determine if its implementation remains asymmetrical and witness the catalytic evolution. 


After an extensive analysis, the preliminary research positions H2 to be a better explanation for the observation of why China and Russia are interested in investing and developing cyber warfare capabilities. The low cost of entry is a variable that seems to influence a state’s decision to engage in this practice. Entering at a low cost combined with a long-term strategy could ensure that a state has a powerful position in the future. Additionally, the offensive and defensive applications are variables that seem to incentivize their development. There is a need for more research to be conducted to make accurate claims on this topic. Additional methods to test this hypothesis could be to gather data on the cost of cyber warfare units and the equipment required to create baselines-roadmaps that serve to compare the states’ abilities. Furthermore, the implementation of a historical and longitudinal study can analyze the strategic advantages of these weapons and how state strategies evolve. As the world moves to having a heavier reliance on online platforms for their daily operations, the cyber field will continue to grow and become more relevant in all our lives. For this reason, it is important to study the state’s intentions and the abilities to showcase its influence through power projection. 

The views represented herein are those of the author and do not necessarily reflect the views of the Global Policy Institute.



Alert (AA21-062A). CISA. (n.d.). Retrieved March 2022, from   

Alert (AA21-201A). CISA. (n.d.). Retrieved March 2022, from   

Akdag, Yavuz. “The Likelihood of Cyberwar between the United States and China: A Neorealism and Power Transition Theory Perspective.” Journal of Chinese Political Science 24, no. 2 (06, 2019): 225-247. DOI: 

 Dossi, Simone. “On the Asymmetric Advantages of Cyberwarfare. Western Literature and the Chinese Journal Guofang Keji.” Journal of Strategic Studies 43, no. 2 (04, 2020): 281-308. DOI: 

 Gartzke, Erik. “The Myth of Cyberwar: Bringing War in Cyberspace Back Down to Earth.” International Security 38, no. 2 (Fall, 2013): 41. DOI: 

 Greenhill, K. M., Krause, P., Lindsay, J., & Gartzke, E. (2018). Coercion Through Cyberspace. In Coercion: The power to hurt in international politics (Vol. 1, pp. 178–204). essay, Oxford University Press. 

 How much have the Chinese actually taken? | Center for Strategic and International Studies. (2022, March 9). Retrieved March 2022, from   

 Manson, George Patterson. “Cyberwar: The United States and China Prepare for the Next Generation of Conflict.” Comparative Strategy 30, no. 2 (04, 2011): 121-133. DOI: 

 Nation Master. (n.d.). Russia vs United States Military Stats compared. Retrieved March 2022, from   

 Russian Cyber Units – (n.d.). Retrieved March 2022, from 

 Sexton, E. (n.d.). Asymmetrical Warfare. Encyclopædia Britannica.  

 Swinhoe, D. (2020, May 1). How much does it cost to launch a cyberattack? CSO Online. Retrieved March 2022, from