IGCC Postdoc Adi Rao Talks Cyber, Wargaming, and Network Theory

What about IGCC initially caught your eye?

The connection between my research interests and the policy network at IGCC is a match made in heaven.

I did my PhD in the Department of Government at Cornell University under Sarah Kreps. I studied intelligence and information-seeking behavior, asking how new technologies reshape the international system and alter how states gather and act on information. My work spans cyber espionage, emerging technology, and intelligence failures—in short, how to make intelligence more efficient for us and less efficient for our adversaries.

IGCC sits at the nexus of those concerns. Its connections to the strategic research divisions at the Lawrence Livermore and Los Alamos National Laboratories gives the fellowship the ideal blend of technical depth and strategic relevance. I felt that IGCC offered a unique combination of technology, strategy, and policy that no other fellowship could match.

The second draw for me was the network access. I’m a PhD scholar, and we can often be a very “ivory tower” sort of bunch, diving deep into data but with limited exposure to policy and strategy practitioners. Being in the thick of things, on Think Tank Row in Washington, D.C., a stone’s throw from the White House, Congress, and the Pentagon, is the perfect place to be to expand my horizons beyond the academic bubble.

Is this your first experience venturing out of the ivory tower?

It isn’t, actually. Last summer I did a stint at the RAND Corporation, a think tank that, while academic, is very connected with policymakers. I’ve also taken part in workshops—at UC San Diego, Georgia Tech, and the Naval War College—where we brought academics and practitioners together to debate cyber escalation and asked whether Russia or China would initiate certain kinds of attacks.

For me, those experiences highlighted the gap between academic models and real‑world practice.

What are you looking forward to most about being in D.C.?

As an extrovert, the idea of talking to everyone in D.C. excites me. I plan to block off time in my calendar specifically for conversations to learn from practitioners. I’ll also be able to attend conferences, workshops, and meet my friends already based in D.C.

Having lived in New York for my undergraduate studies, and having family in Atlanta, I really enjoy life in big‑city environments. D.C. feels like a natural next step for me.

Tell me about your PhD dissertation.

My dissertation investigates systematic information‑seeking behavior—what we traditionally call espionage—through the lens of cyberattacks. The core question I was trying to solve was: why do states launch overt cyber operations like ransomware attacks if their primary goal is to collect intelligence from an adversary?

This question came up in the course of my studies as I noticed a paradox in how states do battle in cyberspace. We see nations like Russia and China harbor groups that conduct ransomware attacks on the United States and its allies. The point of a ransomware attack is to make the victim aware of a breach in their digital defenses so they’ll pay—“we’ve hacked into Colonial Pipeline,” for instance, “and won’t let you operate it until you wire us 75 bitcoin.”

There’s a real paradox between these highly visible ransomware attacks and traditional espionage. Cyber intelligence, like any other form of intelligence, depends on not spooking the target. Yet overt cyberattacks do the opposite—they’re designed to announce themselves, since hackers need their victims to pay up. The same governments often back both the covert spying and the overt destruction, raising the question: don’t these loud attacks risk hardening the very targets they’re trying to quietly observe?

And how did you go about unravelling this paradox?

First, I taught myself IT fundamentals via the CompTIA certification—I’d never worked with computers or networks before. That training helped me understand malware code, network traffic, and the practicalities of cyber operations—knowledge most social‑science scholars lack.

After getting trained up, I built a live Internet experiment: I deployed 60 custom computers on the public Internet, half configured to look like defense consulting firms and half mimicking benign civilian businesses like fashion boutiques. I then logged every inbound cyber incident, recording attack vectors, payloads, and timestamps.

Surprisingly, the defense‑related machines experienced fewer attacks. This suggests attackers sometimes spare high‑value targets, and I think this may be to preserve a covert source of intelligence. In either case, this controlled experiment appears to reveal a systematic bias in attackers’ target selection.

How will you advance your cyber espionage research during the fellowship?

My next steps are driven by the data. The dissertation uses network theory to demonstrate how actors search for and acquire intelligence in cyberspace. Think of how you can graph network connections; in TV police dramas they use thumbtacks to connect pieces of string between persons-of-interest in an investigation. Here, the thumbtack nodes are pieces of information, and the string represents possible pathways to acquire them.

The entity seeking the information—whether a hacker backed by Russian intelligence or an analyst with the Chinese People’s Liberation Army Information Support Force—navigates this massive network looking for a specific target, like the U.S. Navy’s next‑generation submarine design hidden among millions of files stashed across thousands of Pentagon contractors.

I will expand the model used by the dissertation into a book that uses network theory to explore a range of puzzles, like, for example, how China’s Thousand Talents program shapes research incentives. The book will also focus on geopolitical predictioneering—the ability to forecast international events. This is a big part of what intel agencies have to do—provide enough foresight to decisionmakers in order for them to have time to react.

Beyond the book, I’m organizing other randomized control trials and I aim to publish additional papers on the strategic implications of spying that is focused on estimating the nuclear capabilities of another country. All of this will benefit from IGCC’s proximity to labs, policymakers, and the broader Washington, D.C. research community.

I understand you used to work for Coca-Cola. What was that like?

I’m from Georgia, and Coca-Cola is the big company there. After college I worked on marketing analytics, using stats to evaluate the return-on-investment for various ad campaigns—TV spots, YouTube ads, radio, et cetera. That job taught me how to turn messy business questions into quantitative answers.

However, I quickly realized I wanted a more intellectually stimulating application for my statistical skills. Working on how to sell more cola felt too narrow a pursuit. What I really wanted to do was address problems that mattered for national security and public policy.

I understand a lot of your teaching at Cornell used game theory and simulations. How do you use those tools in an educational setting?

Game theory often gets misunderstood. At its core, it’s the study of decision‑making when outcomes depend on the actions of multiple actors. It’s essential for modeling strategic interactions—whether it’s two states considering nuclear use or firms competing for market share.

In my teaching, I’ve found the traditional chalk‑and‑board approach—scribbling down mathematical concepts like payoff matrices and solving for equilibria—doesn’t really engage many students. Instead, I favor interactive simulations and wargames that let students experience the dynamics described by these concepts in a more captivating way.

When I was at RAND and during various wargame exercises I participated in with the U.S. military officers, I saw how simulation can turn abstract theory into a more tangible experience. That distilled into me the sense that games and simulations are the best teaching tool when we’re discussing grand strategy and state-to-state bargaining.

In my teaching, students run through scenarios, make decisions, see the consequences, and receive immediate feedback. This “learning by doing” mirrors the way boxers spar to develop intuition about timing and technique. It’s far more effective than a lecture for internalizing strategic concepts, especially in areas like zero‑sum games where the stakes feel abstract.

The boxing metaphor is interesting. Does it come for first-hand experience?

[Laughs]. I’m actually an avid martial arts enthusiast. In fact, I just spent a month training in Thailand, focusing on Muay Thai, which is basically Thai kickboxing. It’s lots of fun and helps me cut loose after a long day of research and teaching.

But I also tend to take the ideas I deal with at work into gym with me. I often think about fights through a game theory lens: if he throws a high kick, I block; if he feints, I counter. People far better than me at kickboxing will tell you—it’s a thinking man’s game.

Is that your primary form of exercise?

I also used to compete in powerlifting back in Atlanta.

Both teach the same lesson as research: progress comes from patience, repetition, and learning to stay composed under pressure.