Deterrence & Cyber Attacks On The US Electoral System

Uploaded on 2017-02-20 in NEWS-Cybersecurity News, GOVERNMENT-National, GOVERNMENT-Local, FREE TO VIEW

 

The sanctions and expulsions announced recently against Russia raise important questions about how the United States can effectively deter cyberattacks of this kind in the future, and how effective the measures announced will likely be in doing so.

 

Deterring future cyber-meddling in US elections will require convincing adversaries, Russia and others, that any future such meddling will either be:

A. Ineffective and/or

B. Too costly to be worthwhile.

There are at least two ways to make such operations ineffective:

  • First, the United States could seek to dampen or counter the influence on the actual electoral debate, for example, by swiftly exposing them, a resilience strategy akin to what was sometimes called passive defense during the Cold War.​
  • Second, the United States could seek simply to make such operations impossible by developing highly effective cyber-network defenses, a strategy akin to what was sometimes called active defense.

To make it clear that cyber operations against future elections will be costly, the United States must also demonstrate both a capability and a will to strike back in the future, in other words to punish those states and actors that might contemplate using their cyber capabilities in this way.

Demonstrating a capability to punish is relatively easy, indeed almost unnecessary. The United States has a broad arsenal of military, diplomatic, financial and other means at its disposal to inflict costs on any country that might seek to use cyber tools to interfere in its elections.

Demonstrating the will to do so is much, much more difficult. It requires making clear that the United States judges the stakes at hand to be so important that it would be willing to make use a broad range of tools from its arsenal, even if the costs of doing so were high, to punish future leaders who conducted cyberattacks against US elections.

Given these requirements, how much will the US response help deter future attacks?

On the helpful side, the measures should help make future enemy cyber operations easier to detect and thus riskier and more likely to fail. The Department of Homeland Security and the Federal Bureau of Investigations will now make certain information about Russian cyber capabilities available to the private sector. How much of an effect this will have, however, remains to be seen.

Also on the helpful side, the expulsions and the sanctions impose some cost on the perpetrators while also demonstrating some will on the part of the United States to make some sacrifices because expulsions may eventually be met with reprisals in kind from Moscow, not-with-standing President Vladimir Putin's announcement that he won't retaliate in kind to the expulsions.

Yet whether accepting this cost is enough to impress the Kremlin and deter future action is debatable.

If it truly wishes to deter future action, the United States may thus move toward a stronger declaratory posture by going further in emphasising (publicly and privately to the Kremlin) the very high importance of the integrity of the US democratic process in the future.

The recent White House statement refers to international law and harm to US interests, but it might have stated more forcefully that attacks on the US democratic process are utterly unacceptable and will not be tolerated.

Criticisms of the response on the basis that it does not use existing cyber tools to retaliate are misplaced.

First of all, the US response leaves that possibility open by stating that “we will continue to take a variety of actions at a time and place of our choosing, some of which will not be publicised.” So the United States might still exercise the cyber options it has.

There is no reason to assume that a cyber response is necessarily the best deterrent against cyber-attacks.

If it doesn't, however, that's not necessarily a mistake. There is no reason to assume that a cyber response is necessarily the best deterrent against cyber-attacks. Meanwhile, using existing military cyber tools would have been escalatory while removing options that the United States would better reserve for wartime. Some cyber weapons, once used, can't be used again.

A US cyber operation that exposed corruption within the regime now or later might have some deterrent effect. However, exposing corruption would be mostly cost-free for the United States, so it doesn't underscore US will or stake. It's also difficult to repeat.

A better option would perhaps be to demonstrate a capability to expose corruption, perhaps by exposing the tip of the iceberg, while leaving much of the capability in reserve, to keep the proverbial powder dry so that it can deter future attacks.

A single response does not need to constitute a complete cyber deterrence posture and the measures announced recently should not be judged as such. Effective deterrence in the cyber domain can only emerge out of a consistent set of actions, policies, and declarations over time.

Looking ahead, however, the United States will need to emphasize consistently the importance of the integrity of the electoral process. The time may soon come when the United States needs to demonstrate its willingness to sacrifice to protect it.

Rand:    

Electoral Influence: 40yrs Of Kremlin Interference:       German Spy Chief Fears Russian Interference In 2017 Elections:

 

« Uber Wants Self-Flying Vertical Takeoff Cars
How To Automate Cyber Defense »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Leonardo

Leonardo

Leonardo (formerly Finmeccanica) is a global high-tech company in Aerospace, Defence, Security & Information Systems including Cybersecurity & ICT solutions.

Capita

Capita

Capita is a consulting, digital services and software business, providing end-to-end enterprise IT services and solutions focused around digital transformation and innovation.

L J Kushner & Associates

L J Kushner & Associates

L.J. Kushner is a leading Information Security recruiting firm.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

Cyber Discovery

Cyber Discovery

Cyber Discovery, the UK Government's Cyber Schools Programme, is a learning programme designed to give young people the opportunity to learn the skills needed to enter the cyber security profession.

BA-CSIRT

BA-CSIRT

BA-CSIRT is a center which is dedicated to assist and raise awareness among citizens and the Government of the City of Buenos Aires in everything related to information security.

CryptoSec.info

CryptoSec.info

CryptoSec.info is a web resource focused on educating the beginners in the cryptocurrency space on how to properly secure their online assets from hackers and scammers.

SAFECode

SAFECode

SAFECode is a global industry forum where business leaders and technical experts come together to exchange insights on creating, improving, and promoting effective software security programs.

XpertDPO

XpertDPO

XpertDPO provides data security, governance, risk and compliance, GDPR and ISO consultancy to public and private sector organisations.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

Mitra Informatics Integration (MII)

Mitra Informatics Integration (MII)

Mitra Informatics Integration is the information communication technology solution business of the Metrodata Group.

Layer 8 Security

Layer 8 Security

Layer 8 Security is a cybersecurity advisory, consulting, and technical services firm that arms businesses with practical compliance, risk management, and security program strategies.

Atumcell

Atumcell

Atumcell’s targeted risk assessment exposes emerging threats before they cause harm.

SGNL

SGNL

SGNL redefines identity-first security by integrating business context, closing critical gaps, and transforming how enterprises manage privileged access for a secure, adaptive future.

EU CyberNet

EU CyberNet

EU CyberNet – the bridge to cybersecurity expertise in the European Union. We establish a network and a practical learning platform with the goal to strengthen cybersecurity globally.