National Research Council, Committee on Offensive Information Warfare, Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities (William A. Owens, Kenneth W. Dam & Herbert S. Lin, eds. 2009) (full-text).
This report provides a framework for understanding cyberattacks that describes the basic technologies of cyberattack and cyberexploitation, articulates basic principles of what cyberattack and cyberexploitation might do, and discusses some of the policy goals that these actions might serve. It addresses some of the legal and ethical considerations that such uses might entail, and it suggests some analytical tools that might be useful for thinking about cyberattack from a policy perspective. It includes a number of findings and recommendations.