How To Avoid All-Out War in Cyberspace

Uploaded on 2015-08-11 in INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

china-preparing-to-wage-war-in-cyberspace.jpg

While some fear the Internet will be a primary battlefield for future societies, this alarmism is a bit premature. 

Restraint is the strategic underpinning of how many states confront cyber actions. Despite calls for a response to cyber aggression, the U.S. government still has not decided on a viable reaction given limited options. 
As David Sanger recounts in the New York Times, “in a series of classified meetings, officials have struggled to choose among options that range from largely symbolic responses … to more significant actions that some officials fear could lead to an escalation of the hacking conflict between the two countries.”

Strategic restraint tends to defy a form of conventional wisdom that sees the future of cyberspace as a lawless wild west where anything goes and offensive capabilities need to be built up in order to deter an adversary. This defines the tone of the New York Times story. In fact, some of the most cantankerous states in cyberspace tend to behave in a responsible manner because to act otherwise would invite terrible consequences.

Why do governments tend to not respond to cyber actions? According to our research, despite the massive influx of cyber operations that we are aware of we find little evidence of the escalation processes inherent in typical conflicts. In fact, we might be witnessing an era of Cyberpeace. States operating in cyberspace react differently than in most strategic domains, a reality that drastically differs from perception given the way the news media reports the latest cyber violation as if it is the spark of a new onslaught and validation of the concept of cyberwar. There are two reasons for this: the dynamics of restraint and the development of cyber norms.

It’s easy to assume that the United States and other nations would “hack back” when their systems are targeted by adversaries. In fact, many private companies are moving towards this position after their networks are compromised. Yet government officials tend to understand something that private individuals do not: the inner workings of a bureaucracy are complex and dangerous. Needlessly provoking an escalatory response in a domain where both sides are wholly unprotected and borderline incompetent would be strategic suicide. For this simple reason we often see restraint. There is also the reality states will spy on each other, and sometimes even admire their adversaries’ work.
The U.S. government has so far refrained from responding to the OPM hack. If there is a response, we predict it will likely come through criminal charges on individuals, not the Chinese state. In fact, the great majority of cyber incidents in our data go without a response in the cyber or the conventional domains. A total of seventy-eight percent of cyber actions we code go without a counterstrike. Of those with responses, seventeen (fifteen percent) come in the form of a cyber response—with only two cases of escalation in severity—and seven conventional responses (six percent). The non-response is the typical response, by an overwhelming margin.

d9e1e_responses-to-a-cyber-incident1.jpg

The lack of escalatory activity can also be explained by a system of norms the United States and others seek to enforce in cyberspace. Like traffic laws, a basic understanding of how things work and what limitations exist benefit everyone. Of course there will be violators, but everyone needs to understand the rules of the road first. Even China and Russia appear to be willing to work within some system of norms, though they disagree with the United States on what the norms should be. Nevertheless, Russia and China are engaging in norms-setting institutions and process, such as the devolution of the Internet Corporation for Assigned Names and Numbers, recognizing that a rules-based framework is important to manage the growth of global connectivity.

While many may scoff at the idea of norms, they can be effective means to control the basic behaviors of the majority of actors. Of course there will always be deviants, but as long as we have clear systems of norms, deviancy will be seen as just that—out of the norm.

This all bodes very well for our cyber future. While there is fear that the Internet will be primary threat vector for future societies, this alarmism is a bit premature and primarily based on the lack of understanding of how cyberspace works. We fear what we do not understand. Cyberspace can be controlled and made safe, but this requires us to understand it, to be aware of the possible escalation dynamics at hand in each conflict, and to be take in all available sources of information instead of relying on a few. Given the convergence of the basics of restraint and norms, even the most aggressive of states can be shown to be peaceful actors in cyberspace, even when being poked.
DefenseOne: http://bit.ly/1MhKdVG

 

 

« Inside the FBI Cyber Division
Artificial Intelligence Decodes ISIS »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Securezoo

Securezoo

Securezoo's mission is to simplify and enhance information security by providing trusted security guidance, products, and information to small and mid-sized businesses and security professionals.

SCADAhacker

SCADAhacker

SCADAhacker provides mission critical information relating to industrial security of SCADA, DCS and other Industrial Control Systems.

The Hacker News (THN)

The Hacker News (THN)

THN is a leading source for Information Security, Hacking News, Cyber Security, Network Security with in-depth technical coverage of issues and events

PBOSecure

PBOSecure

PBOSecure is a dynamic and progressive IT consultancy company specializing in IT and Industrial Control System (ICS) security.

Transpere

Transpere

Transpere provides IT Asset Disposition (ITAD), Data Destruction, Electronic Recycling and Onsite Data Services.

Conduent

Conduent

Conduent delivers mission-critical technology services and solutions on behalf of businesses and governments. Solution areas include digital risk and compliance.

Dataprovider.com

Dataprovider.com

Our Brand Protection Suite gives you the tools to discover trademark infringement on the Internet, such as websites selling counterfeit products, even when this is not immediately noticeable.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

BicDroid

BicDroid

BicDroid is a world leader in data and cyber security with innovative solutions that protect your data anywhere, anytime, against everything.

Macquarie Telecom Group

Macquarie Telecom Group

Macquarie Telecom is Australia's datacentre, cloud, cyber security and telecom company for mid-large business and government customers.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.

NSR

NSR

NSR provide trusted solutions that deliver positive business outcomes for our clients in cybersecurity and data protection challenges.

3i Infotech

3i Infotech

3i Infotech offers consulting & professional services to assess, design and build next gen IT infrastructure, and managed services to operate, optimize and continuously improve.

Saiflow

Saiflow

SaiFlow provides a tailor-made cybersecurity solution for Electric Vehicles Charging Infrastructure (EVCI), Distributed Energy Resources (DERs) and energy networks and assets.

CyTwist

CyTwist

CyTwist is an early warning attack detection platform that complement your existing security suite and provides your security teams with unique detection capabilities of stealth targeted attacks.

CorePLUS Technologies

CorePLUS Technologies

CorePlus solutions are designed to empower organizations with the tools they need to ensure the utmost protection for their assets, people, and information.