US Is Not Drawing 'Red Lines' in Cyberspace

With so much ambiguity, the cyber domain becomes a dangerous space into which conflicts can overflow, and from which conflicts can quickly escalate, because the rules of engagement are unclear.

The US is avoiding drawing "red lines" in cyberspace to maintain strategic ambiguity about its intentions and retain freedom of maneuver in its responses to online aggression, the deputy head of US Cyber Command said recently.

"Ambiguity, not locking yourself in, is the way that our government prefers to do this," Air Force Lt. Gen. Kevin McLaughlin told the 2016 Intelligence and National Security Summit.

He said he "agreed" with former National Intelligence Officer for Cyber Sean Kanuck, who laid out the reasoning in more detail during the panel discussion on cyber deterrence.   

"Currently most countries don't want to be incredibly specific about the red line for two reasons," explained Kanuck, now a consultant. "They don't want to invite people to do anything they want to below that red line thinking they can do it with impunity; and secondly you don't want to back yourself into a strategic corner where you have to respond if they do something above that red line or else lose credibility."

McLaughlin said attribution, it can be hard to know for sure who is behind a cyberattack, was an issue even outside of cyberspace, but that didn't cripple US response.

As an example, he cited the shooting down of Malaysia Airline's flight 17 en route from Holland over Ukraine, an action that has been attributed to pro-Russian militia using Kremlin-supplied anti-aircraft weapons. 

"It's hard to prove exactly who was behind it," he said of such an attack. "When you bring it to the public there's lots of debate and dialogue." Even with improving attribution, cyberattacks are tricky territory when it comes to response, he acknowledged.

"You get into discussions where it's [about] was that cyber action something you want to deter, or was the cyber action something we think of as a legitimate tool of nation-state [actors], but the end result is something that crossed the line."

Although he didn't give examples, one instance is Chinese hackers' looting of intellectual property from US advanced technology companies. US officials recognize that network intrusion and the theft of sensitive data is a legitimate objective for a national intelligence service. But they say it's wrong to give that data to Chinese companies so they can underbid, or out-engineer, their US competitors.

Cyber is, after all, only a domain, like the air and the sea. It's what the adversary does there, and why, that should dictate the US response, McLaughlin said.

"I think those red lines in cyber will firm up to some degree, but I think we'll see a lot of it generate down to: 'What actually was that country trying to do?' It's often not that the action itself in cyber[space] which was the thing that crossed the red line, it's often what was the objective ... behind it, the end result, that actually crossed the red line."

But with so much ambiguity, the cyber domain becomes a dangerous space into which conflicts can overflow, and from which conflicts can quickly escalate, precisely because the rules of engagement are unclear or poorly understood, Kanuck said.

"There's an interest in ambiguity from a strategic sense, but that also leads to strategic uncertainty," he said.

FedScoop
 

« Uber Starts Self Driving Taxis
Oliver Stone’s Snowden Film »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IntelliGO Networks

IntelliGO Networks

IntelliGO Networks is a cybersecurity company focused on Managed Detection and Response (MDR).

LRQA

LRQA

LRQA is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

Crypta Labs

Crypta Labs

Crypta Labs is an Award Winning IOT Security startup that is developing a quantum-based encryption chip to secure the Internet of Things.

Dathena

Dathena

Dathena is a company developing data governance software based on machine learning algorithms.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

AnyTech365

AnyTech365

AnyTech365 is a leading European IT Security and Support company helping end users and small businesses have a worry-free experience with all things tech.

Coffee Cup Solutions

Coffee Cup Solutions

We offer a full spectrum of IT Services, from our UK based Helpdesk to IT Consultancy and Cyber Security. Our team has the skills and experience to develop, deliver and manage IT for your business.

NORMA Cyber

NORMA Cyber

NORMA Cyber delivers centralised cyber security services to Norwegian shipowners and other entities within the Norwegian maritime sector.

AI Security Institute (AISI)

AI Security Institute (AISI)

The AI Security Institute’s mission is to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.

Endari

Endari

Endari specializes in building cybersecurity maturity within the operational DNA of early-stage startups and SMBs.