US Is Not Drawing 'Red Lines' in Cyberspace

With so much ambiguity, the cyber domain becomes a dangerous space into which conflicts can overflow, and from which conflicts can quickly escalate, because the rules of engagement are unclear.

The US is avoiding drawing "red lines" in cyberspace to maintain strategic ambiguity about its intentions and retain freedom of maneuver in its responses to online aggression, the deputy head of US Cyber Command said recently.

"Ambiguity, not locking yourself in, is the way that our government prefers to do this," Air Force Lt. Gen. Kevin McLaughlin told the 2016 Intelligence and National Security Summit.

He said he "agreed" with former National Intelligence Officer for Cyber Sean Kanuck, who laid out the reasoning in more detail during the panel discussion on cyber deterrence.   

"Currently most countries don't want to be incredibly specific about the red line for two reasons," explained Kanuck, now a consultant. "They don't want to invite people to do anything they want to below that red line thinking they can do it with impunity; and secondly you don't want to back yourself into a strategic corner where you have to respond if they do something above that red line or else lose credibility."

McLaughlin said attribution, it can be hard to know for sure who is behind a cyberattack, was an issue even outside of cyberspace, but that didn't cripple US response.

As an example, he cited the shooting down of Malaysia Airline's flight 17 en route from Holland over Ukraine, an action that has been attributed to pro-Russian militia using Kremlin-supplied anti-aircraft weapons. 

"It's hard to prove exactly who was behind it," he said of such an attack. "When you bring it to the public there's lots of debate and dialogue." Even with improving attribution, cyberattacks are tricky territory when it comes to response, he acknowledged.

"You get into discussions where it's [about] was that cyber action something you want to deter, or was the cyber action something we think of as a legitimate tool of nation-state [actors], but the end result is something that crossed the line."

Although he didn't give examples, one instance is Chinese hackers' looting of intellectual property from US advanced technology companies. US officials recognize that network intrusion and the theft of sensitive data is a legitimate objective for a national intelligence service. But they say it's wrong to give that data to Chinese companies so they can underbid, or out-engineer, their US competitors.

Cyber is, after all, only a domain, like the air and the sea. It's what the adversary does there, and why, that should dictate the US response, McLaughlin said.

"I think those red lines in cyber will firm up to some degree, but I think we'll see a lot of it generate down to: 'What actually was that country trying to do?' It's often not that the action itself in cyber[space] which was the thing that crossed the red line, it's often what was the objective ... behind it, the end result, that actually crossed the red line."

But with so much ambiguity, the cyber domain becomes a dangerous space into which conflicts can overflow, and from which conflicts can quickly escalate, precisely because the rules of engagement are unclear or poorly understood, Kanuck said.

"There's an interest in ambiguity from a strategic sense, but that also leads to strategic uncertainty," he said.

FedScoop
 

« Uber Starts Self Driving Taxis
Oliver Stone’s Snowden Film »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

Rapid7

Rapid7

Rapid7 unites cloud risk management and threat detection to deliver results that secure your business and ensure you’re always ready for what comes next.

MixMode

MixMode

MixMode's PacketSled platform delivers network monitoring, deep forensic analysis and incident response.

bwtech@UMBC

bwtech@UMBC

The bwtech@UMBC Cyber Incubator is an innovative business incubation program that delivers business and technical support to start-up and early-stage cybersecurity/IT products and services companies.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Archivo

Archivo

Archivo is a value added reseller focused on Disaster Recovery as a Service (DRaaS), backup, hyper-convergence, hybrid storage and Cyber security.

IntaPeople

IntaPeople

IntaPeople are IT and engineering recruitment specialists. We have specialist teams for job sectors including Cybersecurity, IT infrastructure and DevOps.

Meterian

Meterian

The Meterian Platform is a fuss-free solution to protect you against vulnerabilities in your app’s software supply chain.

Kontron

Kontron

Kontron offers a combined portfolio of secure hardware, middleware and services for Internet of Things (IoT) and Industry 4.0 applications.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Schneider Downs

Schneider Downs

Schneider Downs & Co. provides accounting, tax and business advisory services through innovative thought leaders who deliver their expertise to meet the individual needs of each client.

Oman Technology Fund (OTF)

Oman Technology Fund (OTF)

Oman Technology Fund aims to make Oman the preferred destination for emerging tech companies in the region, and an attractive and stimulating destination for venture capital.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

Pulsar Security

Pulsar Security

Pulsar Security is a team of highly skilled, offensive cybersecurity professionals with the industry's most esteemed credentials and advanced real-world experience.

modePUSH

modePUSH

modePUSH is a cybersecurity company focused on end-to-end breach response from Digital Forensics to Restoration across the enterprise and cloud environments.

RedArx Cyber Group

RedArx Cyber Group

At RedArx Cyber Group, our vision is to empower businesses with cutting-edge, proactive security solutions that safeguard their digital landscapes.