Abstract
This paper considers the basic question of how to effectively prevent, discourage, and inhibit hostile activity against important U.S. information systems and networks. It contains four main sections (Sections 2.1–2.3 of this paper are essentially a reproduction of The NRC letter report for the committee on deterring cyberattacks: informing strategies and developing options for U.S. policy, available at http://www.nap.edu/openbook.php?record_id=12886&page=2, 2010. Section 2.4 is based on material contained in National Research Council, in Proceedings of a workshop on deterring cyberattacks: informing strategies and developing options for U.S. policy, 2010). Section 2.1 describes a broad context for cybersecurity, establishing its importance and characterizing the threat. Section 2.2 sketches a range of possible approaches for how the nation might respond to cybersecurity threats, emphasizing how little is known about how such approaches might be effective in an operational role. Section 2.3 describes a research agenda intended to develop more knowledge and insight into these various approaches. Section 2.4 provides a summary of 15 papers by individual authors that address various aspects of the research agenda.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This report does not consider the use of electromagnetic pulse (EMP) attacks. For a comprehensive description of the threat from EMP attacks, see Report of the Commission to Assess the Threat to the United States from Electromagnetic Pulse (EMP) Attack, available at http://www.globalsecurity.org/wmd/library/congress/2004_r/04-07-22emp.pdf.
- 2.
- 3.
Analysts also invoke the concept of deterrence by denial, which is based on the prospect of deterring an adversary through the prospect of failure to achieve its goals—facing failure, the adversary chooses to refrain from acting. But denial is—by definition—difficult to practice in an offense-dominant world.
- 4.
Of course, a forensic investigation might still be necessary to rule out the possibility that the putative attacker was only claiming responsibility for the attack when in fact it had no real ability to conduct the attack on its own. To mitigate the possibility that it might not be believed, the party claiming responsibility could leave a “calling card” in the wake of an attack whose contents only it could know.
- 5.
Chapter 1 of National Research Council (2009). As illustrations, a change in defensive posture might include dropping low-priority services, installing security patches known to cause inconvenient but manageable operational problems, restricting access more tightly, and so on. Law enforcement actions might call for investigation and prosecution of perpetrators. Diplomacy might call for demarches delivered to a perpetrator’s government or severing diplomatic relations. Economic actions might involve sanctions.
- 6.
- 7.
One particular option deserves mention along these lines. As noted earlier, the U.S. Joint Chiefs of Staff wrote in 2004 that “Nuclear capabilities… [provide] military options to deter a range of threats, including the use of WMD/E and large-scale conventional forces.” The same document defines WMD/E as follows: “The term WMD/E relates to a broad range of adversary capabilities that pose potentially devastating impacts. WMD/E includes chemical, biological, radiological, nuclear, and enhanced high explosive weapons as well as other, more asymmetrical ‘weapons.’ They may rely more on disruptive impact than destructive kinetic effects. For example, cyberattacks on U.S. commercial information systems or attacks against transportation networks may have a greater economic or psychological effect than a relatively small release of a lethal agent.” Although the use of nuclear weapons against a known adversary could indeed impose very substantial costs, the threat to use nuclear weapons in response to any kind of cyberattack on the United States would not be credible to all adversaries.
- 8.
Some of these potential responses are less escalatory (e.g., changes in defensive postures); others, more so (e.g., retaliatory cyberattacks or kinetic attacks). Implementing less escalatory responses would seem to require lower levels of authority than would more escalatory responses, and thus would be more easily undertaken.
- 9.
See Box 9.1 (National Research Council 2009).
- 10.
Indeed, the United States has until recently avoided discussions on military uses of cyberspace. In December 2009, it was publicly reported that the United States had begun to engage with Russian officials and with UN officials (see Markoff and Kramer 2009), although the emphasis of the United States in these talks was apparently directed toward combating Internet crime and as a collateral effect strengthening defenses against any militarily-oriented cyberattacks.
- 11.
- 12.
For example, the White House Cyberspace Policy Review of May 2009 called for the nation to “implement, for high-value activities (e.g., the Smart Grid), an opt-in array of interoperable identity management systems to build trust for online transactions” (White House 2009). More recently, a trade press article reported on the intent of the Defense Information Systems Agency of the U.S. Department of Defense to establish an enclave for its unclassified networks that is isolated from public Internet access (Corrin 2010).
- 13.
The term “act of war” is a colloquial term that does not have a precise international legal definition. The relevant terms from the UN Charter are “use of force,” “threat of force,” and “armed attack,” although it must be recognized that there are no internationally agreed-upon formal definitions for these terms either.
References
Cha, A. E., & Nakashima, E. (2010). Google China cyberattack part of vast espionage campaign, experts say. Washington Post. 14 January 2010.
Corrin, A. (2010). DISA to establish safe haven outside the Internet. DefenseSystems.com. 12 February 2010. Available at http://defensesystems.com/articles/2010/02/12/disa-dmz.aspx?s=ds_170210.
Joint Chiefs of Staff (2004). The national military strategy of the United States of America. Available at http://www.strategicstudiesinstitute.army.mil/pdffiles/nms2004.pdf.
Markoff, J., & Kramer, A. E. (2009). U.S. and Russia open arms talks on web security. New York Times. 13 December 2009. Available at http://www.nytimes.com/2009/12/13/science/13cyber.html.
National Research Council (2002). In Cybersecurity today and tomorrow: pay now or pay later. Washington: The National Academies Press.
National Research Council (2007). In Toward a safer and more secure cyberspace. Washington: National Academies Press.
National Research Council (2009). In Technology, policy, law, and ethics regarding U.S. acquisition and use of cyberattack capabilities. Washington: National Academies Press.
National Research Council (2010). In Proceedings of a workshop on deterring cyberattacks: informing strategies and developing options for U.S. policy. Washington: National Academies Press (material from the NRC is reprinted with permission, courtesy of the National Academies Press, Washington).
Sofaer, A. D., & Goodman, S. E. (2000). A proposal for an international convention on cyber crime and terrorism, Center for International Security and Cooperation, Stanford University. August 2000.
The NRC Letter Report for the Committee on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy (2010). Available at http://www.nap.edu/openbook.php?record_id=12886&page=2.
U.S. Department of Defense (2006). Deterrence operations: joint operating concept, Version 2.0, December 2006. Available at http://www.dtic.mil/futurejointwarfare/concepts/do_joc_v20.doc.
White House (2009). Cyberspace Policy Review. Available at http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag London
About this chapter
Cite this chapter
Lin, H. (2013). Laying an Intellectual Foundation for Cyberdeterrence: Some Initial Steps. In: Krüger, J., Nickolay, B., Gaycken, S. (eds) The Secure Information Society. Springer, London. https://doi.org/10.1007/978-1-4471-4763-3_2
Download citation
DOI: https://doi.org/10.1007/978-1-4471-4763-3_2
Publisher Name: Springer, London
Print ISBN: 978-1-4471-4762-6
Online ISBN: 978-1-4471-4763-3
eBook Packages: Computer ScienceComputer Science (R0)