top of page

Cyber War Games

Modeling, simulation, war gaming and exercising in the information domain are critical for a modern military to be prepared to fight in cyberspace, but how accurately can we simulate real-life?

The simulation hypothesis proposes that all of our existence and human perceptual experiences are just a simulated reality in a large cosmic computer. Versions of this hypothesis have been featured in science fiction films like The Matrix.

In the movie, Neo stashes his illegal software inside a hollowed-out copy of a book by French postmodern philosopher Jean Baudrillard entitled Simulacra and Simulation. Baudrillard thought that we already live in World in which simulations or imitations have become more real than reality itself.

The Extended Mind Thesis (EMT) says that we are offloading more and more of our cognitive processes and memory onto computers, mobile devices and into cyber space.

Ender's Game is a 1985 military science fiction novel and film. Set at an unspecified date in Earth's future.

Earth's international military force recruits young recruits to be trained as elite officers. The recruits learn military strategy and leadership by playing increasingly difficult war games. In the story, the protagonist destroys the enemy planet but is surprised to discover that simulations he has been fighting were real battles, directing spacecraft remotely through instantaneous communication. The training simulation was so real that it was indistinguishable from the real world by even the players.

Science is very close to producing simulated environments that are as hyper-real.

Today’s super computers running at 1,685 PetaFlops, exceeding the computational power of brain’s sluggish 100 teraflops. The Internet has become the World Brain first prophesied by H. G. Wells in 1936. Quantum computing promises orders-of-magnitude more powerful computers in the near future.

We are building a Quantum Internet with artificial intelligence at its core. Quantum supremacy was achieved in 2019. The measurement of a machine's ability to exhibit intelligent behaviour equivalent to, or indistinguishable from, that of a human, is called the Turing test. Google AI passed this test in 2022.

When it comes to gaming, chess computers were first able to beat grand masters in the late 1980s. Their most famous success was the victory of Deep Blue over then World Chess Champion Garry Kasparov in 1997.

The Central Intelligence Agency (CIA) has augmented its anticipatory intelligence capability using deep machine learning servers that can process big data. These ‘Siren Servers’ can predict social uprisings 3-5 days in advance. Although, Minority Report type pre-cognition technology is far in the future, but Google analytics can predict behaviors with uncanny accuracy today.

Consumer flight simulators are incredibly realistic with precise instrumentation, genuine flight response, ultra-high resolution visuals, sounds, and haptic feedback. Remarkable is the integration of live open geometric data, actual radio communications, weather, vehicle, shipping and air traffic from the real world.

Today’s augmented reality can generate an interactive experience of a real-world environment where the objects that reside in the real world are enhanced by computer-generated perceptual information, sometimes across multiple sensory modalities including: visual, auditory, haptic, somatosensory and olfactory.

The state-of-the-art in sensory technology is incredible. The resolution of the human eye is 576 megapixels and we can perceive roughly 300fps. This is equivalent to 32K resolution camera and display. Nonetheless, the best cameras can capture 3200 megapixels or a trillion frames per second. Fast enough to show light moving across a room. The most powerful displays have a blazing 220 million pixels (10,000 pixels per inch). Haptic technology creates a tactile experience of 3D touch by applying forces, vibrations, or motions to the user.

Meanwhile, sound-system fidelity is indistinguishable from real life.

Virtual Reality (VR) can immerse the user into a simulated experience that can be similar to or completely different from the real world.


You can see right away the military applications for Modeling & Simulation, War Gaming and Exercises for physical, cyber and cognitive domains.

Military Operations Research often deals with the development and application of advanced analytical methods to improve decision-making using game theory to model great power struggles, competition, conflict and combat. Modern wargaming was invented in Prussia in the early 19th-century and was adopted to train military officers in the art of strategic thinking, develop doctrine and to study the nature of potential conflicts.

In their most basic form, Table Top Exercises (TTX) are discussion-based sessions where team members meet in an informal, classroom setting to discuss their roles during an emergency and their responses to a particular emergency situation. In cyber security, a notional incident can guide participants through the process of dealing a scenario. However, there are substantial limitations to TTX for cyber.

Despite the remarkable advances science and technology, few have been able to re-create a common operating picture or achieve hyper-realistic environments for cyber or cognitive warfare domains. The challenges are scale, speed, resolution, precision, fidelity, acuity and depth of understanding of the domain. The complexity of this system is unlike any simple enterprise network. Nor can they be replicated in a simple Table Top Exercise (TTX).

In the context of exercises, modeling and simulation, modeling is the act of building a framework and ontology for something like a common operating picture. A simulation is the process of using a model to study the behavior and performance of an actual or theoretical system. An exercise is running monitoring and assessing participants through crafted scenarios.

“Volatility, uncertainty, complexity and ambiguity characterize the strategic environment.” – U.S. Army War College


The principal challenges for the military simulation of cyberspace at a strategic level involves data volume, speed, scale and complexity. Global information infrastructures are highly complex systems-of-systems communicating petabytes per second of data. A national information infrastructure is not the same as a corporate network in scale, speed or sophistication. This makes direct interfaces incompatible. Facebook alone has 3 billion active users. The data flows between platforms and providers are measured in petabytes per second. Malicious traffic flows are measured in terabytes per second. Upwards of one billion new users and 20 billion devices are forecast to be online within five years.

The rapid evolution of the Internet has presented a variety of multi-order consequences where military will need to study risk-contagion as it traverses critical infrastructure sectors, domains and networks of national importance. These are practical barriers to simply integrating National Information Infrastructure (NII) data into Military Operations or visualizing using scalable data models or interactive dashboards and predictive analytics. Much like visualizing an 8K television signal with a 1930’s AM radio set.

Integrating bulk NII data streams, even it technically possible, is not practical. It is best to view the data where it resides through dashboards that already exist in within these industries. Furthermore, the wholesale export of sensitive and private data from platform providers to the military is prohibited by the laws of most western nations.


Cyberspace creates a frictionless slope from competition to conflict. Russia and China will continue to engage NATO in cyber and cognitive domains at the threshold of armed conflict, to counter to NATO’s overmatch in kinetic power.

Ukraine will provide a laboratory for the evolution of Russia's hybrid warfare strategy as Moscow adjusts its tactics and expands the scope of such actions around the world. – a prediction made in 2019

The centre-of-authority for cyberspace has migrated. It is less about imperial power and more about multinational corporations, non-government organizations, philanthropy, and social agency.

Corporations can be global cyber powers. Their budgets and client-base may exceed the GNP and number of citizens of most countries respectively. There are military-like cyber capabilities now wielded by the private sector for which there is no analog by nation-states. Western societies rely on infrastructure that is privately owned and governments therefore have no choice but to call on the infrastructure's management to perform actions necessary for national goals – even military ones.

Cyberspace is a synthetic domain, but with a very real physical and human (social) presence. Warfighting is complex in the digital age. It is not something one can do unilaterally, nor can it be solved through workshops. The solution requires a deep understanding of the technical and non-technical issues with a degree of sophistication and finesse supported by high-fidelity simulation.


I remember, when I worked for Bell Canada, being asked to come to room and do paper TTX for a nation-wide cyber defence exercise with the government leading up to the 2010 Olympics. The proposed scenarios were written from the perspective of an office network, not a National Information Infrastructure consisting of hundreds of millions of end-points. The telcos already had National Network Operations and Security Centres (NOC/SOC). So why not just watch the millions of attacks live and actively defend. Real is better than make-believe. The solution we proposed was to shunt off live-data at scale into a simulation, exercise, training environment.


There are a number of valuable components to a realistic cyber modeling & simulation environment for military exercise and training:

  1. Access to secure hyper-cloud infrastructure with massive computing power and big data with the ability to recreate networks with billions of nodes;

  1. Deep learning and expert systems powered by artificial intelligence;

  1. Near-generation visualization technology;

  1. Access to real-world open data feed at scale and speed, network telemetry (Netflow) and live global cyber threat intelligence;

  1. Enriched all-source intelligence picture of the adversary in cyber and cognitive domains;

  1. A comprehensive cyber range and Battle Lab capability capable of live and simulated defensive, active and offensive cyber operations on IT/OT/PT systems;

  1. A means of simulating the cognitive domain ingesting a fire hose of data from the social networking universe and platform providers, conventional media feeds, sentiment analysis and surveys of the human terrain;

  1. Digital fingerprint of blue forces to characterize and baseline the local cyber environment emulating Intrusion detection systems (IDS), Endpoint Detection and Response (EDR), Managed Detection and Response (MDR), Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR) systems;

  1. Threat Hunting systems to detect six-generation malware identify and attribute Advanced Persistent threats (APT);

  1. Exercise module for Digital Force Protection and ability to test Operation Security by simulating Ubiquitous Technical Surveillance (UTS);

  1. A high-fidelity models and a cyber common operating picture specifically one that can model complex systems and the non-deterministic nature of cyberspace and be able to generate multi-order effects.

  1. Sophisticated offensive capability with necessary technology, talent and tradecraft of foreign intelligence experience indicative of pacing military threats and Hostile Intelligence Services (HoIS);

  1. Strategic and Tactical Cyber Threat Simulation with Deep Adversarial knowledge (TTP) and a expert-led red cell that can realistically play the adversary with full-spectrum cyber cognitive warfare and intelligence collection tradecraft. Such a team would test and penetrate, and conduct out-of-the box thinking, conduct alternative analysis, over-the-horizon strategic foresighting. Essentially envisioning where the enemy is going to be. Often we end up playing red force as ourselves; following allied doctrine, with notional TTPs and offensive capabilities as they are. In a shoot war, we risk showing up to gunfight with a knife.

  1. Access to experts in industrial information infrastructure, all-source intelligence collection, analysis, reporting, defensive, active and offensive cyber operations for realistic scenario development. Most importantly, one needs an integrated team and a unified defensive and offensive platform (environment) for cyber and cognitive warfare in training with live modes and experimental modes.

  1. Exercising of cyber authorities requires folks that are experts in technical cyber operations, policy and the law.


Everything in the physical world leaves a digital exhaust. There is nothing that exists in cyberspace that does not leave a trace, which is quantifiable, capturable, and ultimately, subject to analysis and simulation with a good model, computational power of the cloud, big data and expertise. For the military to win on the modern digital battlefield, they must collaborate intentionally with industry players. This will mean investigating previous solutions and substantial investment understanding the national and global information domains.

About the Author

Dave McMahon graduated Royal Military College of Canada with a degree in computer engineering. He has thirty years of service with the military, security and intelligence services. Managed complex national security programs for Bell Canada and research and development for Bell University Labs. Dave is currently the Chief Intelligence Officer of Sapper Labs Group.

Sapper Labs is actively delivering and supporting CAF/DND advanced training and operations in the intelligence and cyber domains leveraging sophisticated cyber range products, modeling & simulation and exercises.

14 views0 comments

Recent Posts

See All

“Canada’s critical infrastructure consists of the physical and information technology (IT) facilities, networks, services, and assets essential to the health, safety, security, or economic well-being

VPN A Virtual Private Network (VPN) is not as private, safe or secure as you might think if you are using it to circumvent geographic resections, obfuscate your Internet address or investigate the dar

Comfortable with a firewall and VPN - think again! The pandemic has triggered dramatic digital transformation of the workplace. Employees have been forced to telecommute remotely using whatever means

bottom of page