Report: Cyberdeterrence may be unwise military strategy

Share this article:
The United States shouldn't place too much optimism in its ability to stop cyberattacks by threatening to launch them against its enemy.

That was one of the key findings of a report, “Cyberdetterance and Cyberwar," released Thursday. The report was prepared by nonprofit research group RAND Corp. and commissioned by the U.S. Air Force.

The 203-page report evaluates the merits of cyberdeterrence, a tactic defined by the study as having the capability to "do unto others what others may do unto us." In other words, the report examines whether the United States should threaten to retaliate to cyberattacks as a means of deterring them.

"Cyberdeterrence seems like it would be a good idea,” Martin Libicki, senior management scientist with Rand and the report's author, wrote. "Game theory supports the belief that it might work. The nuclear standoff between the United States and the Soviet Union during the Cold War — which never went hot — provides the historical basis for believing cyberdeterrence should work.”

But Libicki argues that cyberwar presents unique challenges that hinder cyberdeterrence, such as the difficulty of knowing who attackers are, what damages they caused, and if they can repeat the attack.

“Hitting the wrong person back not only weakens the logic of deterrence…but makes a new enemy,” Libicki wrote. “Instead of facing one potential cyberwar, the defender may now face two.”

While deterrence may not be a viable strategy, the U.S. military still must protect its networks and systems, which it uses to function, Libicki told SCMagazineUS.com on Thursday.

“The military has no choice but to assess the threats against it and protect its networks as well as it can,” he said. “They do have to be continually prepared.”

In the report, he suggested focusing on diplomatic, economic and prosecutorial efforts.

Cybersecurity has received considerable attention by the military this year.

In June, Defense Secretary Robert Gates ordered the establishment of the U.S. Cyber Command to protect military networks and organize digital security efforts underway at the Pentagon.

The command is not yet operational but is expected to be soon, Department of Defense (DoD) spokesman Lt. Col. Eric Butterbaugh told SCMagazineUS.com in an email on Thursday.

The Navy last week announced it will merge its information technology, intelligence and communications operations into one organization to improve cybersecurity efforts. The reorganization is planned to be completed by the end of the year.

In addition, during August the 24th Air Force Command, intended to defend the Air Force from cyber intrusions, was activated.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Ground system for weather satellites contains thousands of 'high-risk' bugs

Ground system for weather satellites contains thousands of ...

An audit of the Joint Polar Satellite System ground system revealed thousands of vulnerabilities, most of which will be addressed in two years when the next version of the system ...

Threat report on Swedish firms shows 93 percent were breached

The study by KPMG and FireEye also found that 49 percent of detected malware was unknown.

Former acting HHS cyber director convicted on child porn charges

Former acting HHS cyber director convicted on child ...

Timothy DeFoggi, who was nabbed by the FBI last year in its Operation Torpedo investigation was convicted by federal jury in Nebraska.