What do you think?
Rate this book
Battlefield Cyber: How China and Russia are Undermining Our Democracy and National Security
The United States is being bombarded with cyber-attacks. From the surge in ransomware groups targeting critical infrastructure to nation states compromising the software supply chain and corporate email servers, malicious cyber activities have reached an all-time high. Russia attracts the most attention, but China is vastly more sophisticated. They have a common interest in exploiting the openness of the Internet and social media—and our democracy—to erode confidence in our institutions and to exacerbate our societal rifts to prevent us from mounting an effective response. Halting this digital aggression will require Americans to undertake sweeping changes in how we educate, organize and protect ourselves and to ask difficult questions about how vulnerable our largest technology giants are. If we are waiting for a “Cyber 9/11” or a “Cyber Pearl Harbor,” we are misunderstanding how our adversaries wage cyber warfare. This is a timely and critically important book. No other book has analyzed the threat of cyber warfare with the depth and knowledge brought to the subject by the authors. It has now become a cliché to argue that a “whole of government” or “whole of society” response is necessary to respond to this crisis, but that concept has never been more important. It will take many years and billions of dollars to even begin to secure our IT systems and prevent the slow rot that is destroying America. Using language that the layman can understand, we wish to educate Americans about what has happened and inspire them to seek solutions.
300 pages, Hardcover
Published August 15, 2023
29 people are currently reading
186 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 11 of 11 reviews
February 17, 2024
Outstanding Read
This is an extremely important national security read.
One of the better books I have read on China in the last month or so.
A timely and important read. I thought it was full of actionable information.
Some really powerful recommendations and insights in this book. Thoroughly enjoyed this.
Utmost of important read towards securing national cyber efforts for both hard and soft targets.
Highly recommended.
4.8/5
This is an extremely important national security read.
One of the better books I have read on China in the last month or so.
A timely and important read. I thought it was full of actionable information.
Some really powerful recommendations and insights in this book. Thoroughly enjoyed this.
Utmost of important read towards securing national cyber efforts for both hard and soft targets.
Highly recommended.
4.8/5
March 22, 2025
Terrifying
September 29, 2023
I didn't get two pages in before I realized this is just another long list of leftist talking points that have been consistently disproven for everyone who isn't glued to propaganda mouthpieces. A shame... I was expecting and hoping for a real examination of the very real dangers we face from our adversaries in cyberspace. Good thing I didn't pay a penny for this garbage. It's unfortunate I have to return it to the library where it can reinforce the echo chamber that too many live in these days.
October 23, 2025
Holstein and McLaughlin’s "Battlefield Cyber" offers a panoramic look at the cyber-driven strategies used by China and Russia to subvert Western democracies. From election interference to industrial espionage, the book paints a picture of two nation-states executing long-term asymmetric warfare campaigns in the digital domain. The authors argue that these operations aren’t just one-offs—they are part of sustained efforts to weaken U.S. institutions, sow discord among citizens, and shift the global balance of power.
The authors open with a provocative thesis: that the U.S. is at war and doesn’t know it. While this framing may strike cybersecurity professionals as exaggerated, it sets the tone for a book more interested in broad strategic patterns than in technical accuracy. The early chapters track China’s campaign of intellectual property theft, highlighting how companies like Huawei and ZTE benefited from stolen research, and detail Russia’s effective use of disinformation—especially during the 2016 U.S. presidential election.
Each chapter blends reporting, historical context, and expert commentary. Chapter 3 explores how Russian state-backed actors use cyber to manipulate culture and narrative, targeting not infrastructure, but trust. The SolarWinds breach and NotPetya attacks are presented not just as technical incidents but as examples of cyber power projection. The authors succeed in helping the lay reader see these acts not as isolated events but as coordinated strategies.
Chapters 5 and 6 stand out for their real-world examples, interviews with frontline analysts, references to DHS briefings, and behind-the-scenes accounts from corporate and military cyber responders. These stories ground the book and give it a human dimension. However, the narrative tends to generalize and occasionally dramatize, favoring impact over precision.
Notably, the authors avoid hyper-technical jargon, which is a strength for general readers but a limitation for cyber professionals seeking deep insight. The book does not offer a taxonomy of threat actors, an analysis of adversary playbooks, or a blueprint for resilience. Instead, it focuses on showing how little prepared the U.S. public and private sectors have been to respond.
The final chapters turn toward prescription—calling for greater public-private collaboration, improved cyber literacy, and an ethical framework for offensive cyber operations. While these calls are directionally right, they remain broad. The authors stop short of proposing specific policy reforms or institutional models that could improve U.S. cyber posture.
The writing style is accessible and journalistic, often anecdotal. That makes it ideal for policymakers, students, and concerned citizens looking to understand the stakes. For cyber professionals, however, the book may feel underpowered. It lacks the evergreen insights or technical depth that would make it a Hall of Fame candidate in the CyberCanon tradition.
Yet the book does serve as a useful narrative companion to more technical or policy-heavy works. If you pair "Battlefield Cyber" with books like Richard Clarke’s "Cyber War," Nicole Perlroth’s "This Is How They Tell Me the World Ends," or even Thomas Rid’s "Active Measures," it rounds out the picture by emphasizing the psychological and societal dimensions of cyber conflict.
"Battlefield Cyber" is a well-written and timely exploration of how China and Russia use cyber operations to undermine democracies. It is especially valuable for non-experts who want to grasp the geopolitical stakes of cybersecurity. If you're interested in the narrative of cyber conflict, disinformation campaigns, or the fusion of digital tools and psychological warfare, this book is worth your time.
The authors open with a provocative thesis: that the U.S. is at war and doesn’t know it. While this framing may strike cybersecurity professionals as exaggerated, it sets the tone for a book more interested in broad strategic patterns than in technical accuracy. The early chapters track China’s campaign of intellectual property theft, highlighting how companies like Huawei and ZTE benefited from stolen research, and detail Russia’s effective use of disinformation—especially during the 2016 U.S. presidential election.
Each chapter blends reporting, historical context, and expert commentary. Chapter 3 explores how Russian state-backed actors use cyber to manipulate culture and narrative, targeting not infrastructure, but trust. The SolarWinds breach and NotPetya attacks are presented not just as technical incidents but as examples of cyber power projection. The authors succeed in helping the lay reader see these acts not as isolated events but as coordinated strategies.
Chapters 5 and 6 stand out for their real-world examples, interviews with frontline analysts, references to DHS briefings, and behind-the-scenes accounts from corporate and military cyber responders. These stories ground the book and give it a human dimension. However, the narrative tends to generalize and occasionally dramatize, favoring impact over precision.
Notably, the authors avoid hyper-technical jargon, which is a strength for general readers but a limitation for cyber professionals seeking deep insight. The book does not offer a taxonomy of threat actors, an analysis of adversary playbooks, or a blueprint for resilience. Instead, it focuses on showing how little prepared the U.S. public and private sectors have been to respond.
The final chapters turn toward prescription—calling for greater public-private collaboration, improved cyber literacy, and an ethical framework for offensive cyber operations. While these calls are directionally right, they remain broad. The authors stop short of proposing specific policy reforms or institutional models that could improve U.S. cyber posture.
The writing style is accessible and journalistic, often anecdotal. That makes it ideal for policymakers, students, and concerned citizens looking to understand the stakes. For cyber professionals, however, the book may feel underpowered. It lacks the evergreen insights or technical depth that would make it a Hall of Fame candidate in the CyberCanon tradition.
Yet the book does serve as a useful narrative companion to more technical or policy-heavy works. If you pair "Battlefield Cyber" with books like Richard Clarke’s "Cyber War," Nicole Perlroth’s "This Is How They Tell Me the World Ends," or even Thomas Rid’s "Active Measures," it rounds out the picture by emphasizing the psychological and societal dimensions of cyber conflict.
"Battlefield Cyber" is a well-written and timely exploration of how China and Russia use cyber operations to undermine democracies. It is especially valuable for non-experts who want to grasp the geopolitical stakes of cybersecurity. If you're interested in the narrative of cyber conflict, disinformation campaigns, or the fusion of digital tools and psychological warfare, this book is worth your time.
October 30, 2024
Very useful book. I gave it three stars only because the general public might not benefit from it. That said, I'd be happy if someone on the staff of every member of Congress, every infrastructure organization, every major federal agency, every corporate CIO and CISO, every computer science department dean, and every state government read it and took the lessons to heart.
The first half of the book lays out evidence and arguments that China and Russia are literally at war with the United States in "cyberspace". They will (and have!) use any approach to gather information, steal secrets, and weaken our society in order to increase their global power. McLaughin and Holstein stress that we shouldn't wait for a cyber Pearl Harbor or 9/11 attack. Instead China and Russia are infiltrating slowly and carefully planting backdoors in our infrastructure, accumulating passwords and vulnerability knowledge, and subverting social media and everyday on-line life. (The United States is not their only target. They are penetrating governments and societies all over the world.)
The authors flow into suggestions on what we should do in the second half of the book. Suggestions begin with standard fare such as get media giants and tech companies to take more care to protect our society and improve the security of software. Chapter 12 has their more exciting proposals: first, establish a Cyber Force, parallel to the Air Force, Navy, or Coast Guard. Their job would be to train to detect and react to cyber intrusions and disruptions and, when necessary, counterattack. Similar to Coast Guard, Cyber Force would have police powers as well as military powers, since much of the conflict takes place within our systems. They recommend that a National Cyber Force, analogous to State National Guards, be established to have a large pool of well trained people who can be mobilized in case of widespread catastrophe. I mean, what if every Windows computer needed an hour of personal attention to remove a pernicious virus??
McLaughlin and Holstein also argue for a Department of Digital Services, equal to the Department of Defense and the Department of Homeland Security. I don't think this is necessary. Just adding another Department doesn't guarantee funding, political and social will, clear objectives and goals, and the leadership needed.
They call for a reboot of education. With reason they argue that "only trained humans can keep computers secure, no matter what hardware and software they use." Although training is critical, it has little meaning unless they are moral and diligent. No amount of cybersecurity training or technology or Cyber Force can yield a secure world if the citizenry lacks honesty, discipline, and integrity. In addition, to these outward changes, each individual needs to turn to God, as they understand it, and walk by His principles.
Let me disclose that I and my work are quoted and referenced extensively.
The first half of the book lays out evidence and arguments that China and Russia are literally at war with the United States in "cyberspace". They will (and have!) use any approach to gather information, steal secrets, and weaken our society in order to increase their global power. McLaughin and Holstein stress that we shouldn't wait for a cyber Pearl Harbor or 9/11 attack. Instead China and Russia are infiltrating slowly and carefully planting backdoors in our infrastructure, accumulating passwords and vulnerability knowledge, and subverting social media and everyday on-line life. (The United States is not their only target. They are penetrating governments and societies all over the world.)
The authors flow into suggestions on what we should do in the second half of the book. Suggestions begin with standard fare such as get media giants and tech companies to take more care to protect our society and improve the security of software. Chapter 12 has their more exciting proposals: first, establish a Cyber Force, parallel to the Air Force, Navy, or Coast Guard. Their job would be to train to detect and react to cyber intrusions and disruptions and, when necessary, counterattack. Similar to Coast Guard, Cyber Force would have police powers as well as military powers, since much of the conflict takes place within our systems. They recommend that a National Cyber Force, analogous to State National Guards, be established to have a large pool of well trained people who can be mobilized in case of widespread catastrophe. I mean, what if every Windows computer needed an hour of personal attention to remove a pernicious virus??
McLaughlin and Holstein also argue for a Department of Digital Services, equal to the Department of Defense and the Department of Homeland Security. I don't think this is necessary. Just adding another Department doesn't guarantee funding, political and social will, clear objectives and goals, and the leadership needed.
They call for a reboot of education. With reason they argue that "only trained humans can keep computers secure, no matter what hardware and software they use." Although training is critical, it has little meaning unless they are moral and diligent. No amount of cybersecurity training or technology or Cyber Force can yield a secure world if the citizenry lacks honesty, discipline, and integrity. In addition, to these outward changes, each individual needs to turn to God, as they understand it, and walk by His principles.
Let me disclose that I and my work are quoted and referenced extensively.
October 30, 2025
Battlefield Cyber by Michael McLaughlin and William Holstein manages to take one of the most complex, jargon-filled subjects of modern defense, cyberspace operations, and make it readable, relevant, and occasionally alarming in just the right proportions. For a book tackling a realm where the terms “hybrid warfare” and “zero-day exploit” usually send readers running for caffeine, this one keeps you turning pages without needing a decoder ring or a government clearance.
The authors do not confine their analysis to the digital trenches of the U.S. military. They broaden the battlefield to include the whole of government, exposing the tangled web of vulnerabilities that connect federal agencies, private industries, and even local governments. They remind us, with the subtle grace of a well-aimed cyber intrusion, that the power grid, health records, and city water systems are all part of the same fragile ecosystem. It is a sobering but useful reminder that cybersecurity is not just for generals and geeks, it is for mayors, CEOs, and anyone with a Wi-Fi password written on a sticky note.
McLaughlin and Holstein’s writing style is accessible without being condescending, making Battlefield Cyber a strong entry point for readers new to the topic. They manage to weave together policy, strategy, and technology in a way that neither drowns you in acronyms nor sugarcoats the stakes. You might not walk away ready to run the National Security Agency, but you will certainly have a better grasp of why your local hospital’s ransomware problem is part of a much bigger story.
There is also an understated humor in the authors’ approach, intentional or not, in describing bureaucratic sluggishness and interagency rivalries as if they were as natural as gravity. Anyone who has ever attended a meeting with three departments, two committees, and one working group will find these sections deeply relatable and maybe just a little too accurate.
In short, Battlefield Cyber is both a wake-up call and a crash course. It is ideal for the general reader who wants to understand the digital front lines shaping modern conflict and governance. You will come away more informed, a little more paranoid, and possibly motivated to update your passwords. For a book about cyberspace, that is about as real-world as it gets.
The authors do not confine their analysis to the digital trenches of the U.S. military. They broaden the battlefield to include the whole of government, exposing the tangled web of vulnerabilities that connect federal agencies, private industries, and even local governments. They remind us, with the subtle grace of a well-aimed cyber intrusion, that the power grid, health records, and city water systems are all part of the same fragile ecosystem. It is a sobering but useful reminder that cybersecurity is not just for generals and geeks, it is for mayors, CEOs, and anyone with a Wi-Fi password written on a sticky note.
McLaughlin and Holstein’s writing style is accessible without being condescending, making Battlefield Cyber a strong entry point for readers new to the topic. They manage to weave together policy, strategy, and technology in a way that neither drowns you in acronyms nor sugarcoats the stakes. You might not walk away ready to run the National Security Agency, but you will certainly have a better grasp of why your local hospital’s ransomware problem is part of a much bigger story.
There is also an understated humor in the authors’ approach, intentional or not, in describing bureaucratic sluggishness and interagency rivalries as if they were as natural as gravity. Anyone who has ever attended a meeting with three departments, two committees, and one working group will find these sections deeply relatable and maybe just a little too accurate.
In short, Battlefield Cyber is both a wake-up call and a crash course. It is ideal for the general reader who wants to understand the digital front lines shaping modern conflict and governance. You will come away more informed, a little more paranoid, and possibly motivated to update your passwords. For a book about cyberspace, that is about as real-world as it gets.
December 16, 2023
(Audiobook) (3.5 stars) This work looks at the current cyber environment for the US and its allies in relation to its two biggest adversaries, Russia and China. Between those two, most analysts tend to agree with McLaughlin and Holstein that Russia will make the most noise, but China is likelier the more dangerous threat due to their not broadcasting as much of their activity. It can read a bit alarmist when reading on China, given their role in the supply chain and how so many tech products are made there, offering untold number of chances to mess with the US in the event of a conflict.
It is apparent that these authors did their homework on US cyber actions and ways that America is dealing with its adversaries in the cyber realm. In some areas, the US is doing fine, but in others, it is falling behind. Granted, the authors don’t quite account for China’s deficiencies, but given the recommendations they make in the second part of the book, highlighting those might undercut the thesis of this one. Not a bad read overall, but many of their solutions already exist, or are likely never to be implemented due to politics and funding.
It is apparent that these authors did their homework on US cyber actions and ways that America is dealing with its adversaries in the cyber realm. In some areas, the US is doing fine, but in others, it is falling behind. Granted, the authors don’t quite account for China’s deficiencies, but given the recommendations they make in the second part of the book, highlighting those might undercut the thesis of this one. Not a bad read overall, but many of their solutions already exist, or are likely never to be implemented due to politics and funding.
November 3, 2024
Captivating, timely, and practical
This book is ripped straight from the headlines with mind-blowing examples of how China and Russia are dominating the dynamic information environment worldwide. The first several chapters are riveting examples of how China and Russia have employed people, resources, and money to sway American policy without ever firing a shot. It was a page turner for the first 3/4 of the book.
The last quarter is filled with practical, yet lengthy, ways the international community can respond. It's a little drab and boring, but the suggestions at the end would benefit legislators, educators, cybersecurity professionals, and the general public.
This book is ripped straight from the headlines with mind-blowing examples of how China and Russia are dominating the dynamic information environment worldwide. The first several chapters are riveting examples of how China and Russia have employed people, resources, and money to sway American policy without ever firing a shot. It was a page turner for the first 3/4 of the book.
The last quarter is filled with practical, yet lengthy, ways the international community can respond. It's a little drab and boring, but the suggestions at the end would benefit legislators, educators, cybersecurity professionals, and the general public.
August 30, 2023
Essential read if you're interested in the topic. Well written. The author has practical -- if not pie in the sky -- suggestions for how to address this problem. While I did not care for some of the politics, and the complete lack of acknowledgment that literally everything China is doing is something the Western "techno-democracies" (as he frequently calls them) don't either do or wish they could. But it didn't detract from the book and was never heavy handed about it.
9/10
9/10
June 24, 2024
Terrifying, thought-provoking, and practical, but a bit lacking in technical explanations.
Displaying 1 - 11 of 11 reviews