US Is Not Drawing 'Red Lines' in Cyberspace

With so much ambiguity, the cyber domain becomes a dangerous space into which conflicts can overflow, and from which conflicts can quickly escalate, because the rules of engagement are unclear.

The US is avoiding drawing "red lines" in cyberspace to maintain strategic ambiguity about its intentions and retain freedom of maneuver in its responses to online aggression, the deputy head of US Cyber Command said recently.

"Ambiguity, not locking yourself in, is the way that our government prefers to do this," Air Force Lt. Gen. Kevin McLaughlin told the 2016 Intelligence and National Security Summit.

He said he "agreed" with former National Intelligence Officer for Cyber Sean Kanuck, who laid out the reasoning in more detail during the panel discussion on cyber deterrence.   

"Currently most countries don't want to be incredibly specific about the red line for two reasons," explained Kanuck, now a consultant. "They don't want to invite people to do anything they want to below that red line thinking they can do it with impunity; and secondly you don't want to back yourself into a strategic corner where you have to respond if they do something above that red line or else lose credibility."

McLaughlin said attribution, it can be hard to know for sure who is behind a cyberattack, was an issue even outside of cyberspace, but that didn't cripple US response.

As an example, he cited the shooting down of Malaysia Airline's flight 17 en route from Holland over Ukraine, an action that has been attributed to pro-Russian militia using Kremlin-supplied anti-aircraft weapons. 

"It's hard to prove exactly who was behind it," he said of such an attack. "When you bring it to the public there's lots of debate and dialogue." Even with improving attribution, cyberattacks are tricky territory when it comes to response, he acknowledged.

"You get into discussions where it's [about] was that cyber action something you want to deter, or was the cyber action something we think of as a legitimate tool of nation-state [actors], but the end result is something that crossed the line."

Although he didn't give examples, one instance is Chinese hackers' looting of intellectual property from US advanced technology companies. US officials recognize that network intrusion and the theft of sensitive data is a legitimate objective for a national intelligence service. But they say it's wrong to give that data to Chinese companies so they can underbid, or out-engineer, their US competitors.

Cyber is, after all, only a domain, like the air and the sea. It's what the adversary does there, and why, that should dictate the US response, McLaughlin said.

"I think those red lines in cyber will firm up to some degree, but I think we'll see a lot of it generate down to: 'What actually was that country trying to do?' It's often not that the action itself in cyber[space] which was the thing that crossed the red line, it's often what was the objective ... behind it, the end result, that actually crossed the red line."

But with so much ambiguity, the cyber domain becomes a dangerous space into which conflicts can overflow, and from which conflicts can quickly escalate, precisely because the rules of engagement are unclear or poorly understood, Kanuck said.

"There's an interest in ambiguity from a strategic sense, but that also leads to strategic uncertainty," he said.

FedScoop
 

« Uber Starts Self Driving Taxis
Oliver Stone’s Snowden Film »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Disklabs

Disklabs

Disklabs are industry leaders in data recovery, digital forensics and data erasure.

National Cybersecurity and Communications Integration Center (NCCIC)

National Cybersecurity and Communications Integration Center (NCCIC)

NCCIC is a cyber situational awareness, incident response, and management center for the US Government, intelligence community, and law enforcement.

Flexera

Flexera

Flexera is reimagining the way software is bought, sold, managed and secured.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

Fraugster

Fraugster

Fraugster provides the most precise anti-fraud solution for e-commerce businesses.

Security Engineered Machinery (SEM)

Security Engineered Machinery (SEM)

SEM provides comprehensive end-of-life solutions for the protection of sensitive information in government and commercial markets.

Proton Data Security

Proton Data Security

Proton Data Security is a certified small business specializing in the design, manufacturing and sales of data security products for permanent erasure of hard drives, tapes and optical media.

DataDome

DataDome

DataDome offers real-time AI protection against all OWASP automated threats, including credential stuffing, layer 7 DDoS attacks, SQL injection & intensive scraping.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

Archon Secure

Archon Secure

Archon GoSilent Cube delivers a CSfC-certified, plug-and-play security solution for classified and unclassified communication when using the public Internet.

Morpheus Enterprises

Morpheus Enterprises

Morpheus Enterprises offer managed security solutions designed to keep your web applications secure and your business running smoothly.

SecureWeb3

SecureWeb3

SecureWeb3 helps businesses and brands to secure their Web3 presence by offering a full suite of security services including training, consultancy & brand protection solutions.

OneStep Group

OneStep Group

OneStep Group are a leading Australian provider of information and communications technology (ICT) services, connecting businesses through technology solutions and support.

Yarix

Yarix

Yarix is the leading company in Var Group’s Digital Security division and one of the most recognised, innovative and authoritative Italian companies in the IT security sector.

Cynch Security

Cynch Security

Cynch Security are passionate about building a world where every business is resilient to cybersecurity risks, no matter what their size.

Barquin Solutions

Barquin Solutions

Barquin Solutions is a full-service information technology consulting firm focused on supporting U.S. federal government agencies and their partners.