Report: Cyberdeterrence may be unwise military strategy

Share this article:
The United States shouldn't place too much optimism in its ability to stop cyberattacks by threatening to launch them against its enemy.

That was one of the key findings of a report, “Cyberdetterance and Cyberwar," released Thursday. The report was prepared by nonprofit research group RAND Corp. and commissioned by the U.S. Air Force.

The 203-page report evaluates the merits of cyberdeterrence, a tactic defined by the study as having the capability to "do unto others what others may do unto us." In other words, the report examines whether the United States should threaten to retaliate to cyberattacks as a means of deterring them.

"Cyberdeterrence seems like it would be a good idea,” Martin Libicki, senior management scientist with Rand and the report's author, wrote. "Game theory supports the belief that it might work. The nuclear standoff between the United States and the Soviet Union during the Cold War — which never went hot — provides the historical basis for believing cyberdeterrence should work.”

But Libicki argues that cyberwar presents unique challenges that hinder cyberdeterrence, such as the difficulty of knowing who attackers are, what damages they caused, and if they can repeat the attack.

“Hitting the wrong person back not only weakens the logic of deterrence…but makes a new enemy,” Libicki wrote. “Instead of facing one potential cyberwar, the defender may now face two.”

While deterrence may not be a viable strategy, the U.S. military still must protect its networks and systems, which it uses to function, Libicki told SCMagazineUS.com on Thursday.

“The military has no choice but to assess the threats against it and protect its networks as well as it can,” he said. “They do have to be continually prepared.”

In the report, he suggested focusing on diplomatic, economic and prosecutorial efforts.

Cybersecurity has received considerable attention by the military this year.

In June, Defense Secretary Robert Gates ordered the establishment of the U.S. Cyber Command to protect military networks and organize digital security efforts underway at the Pentagon.

The command is not yet operational but is expected to be soon, Department of Defense (DoD) spokesman Lt. Col. Eric Butterbaugh told SCMagazineUS.com in an email on Thursday.

The Navy last week announced it will merge its information technology, intelligence and communications operations into one organization to improve cybersecurity efforts. The reorganization is planned to be completed by the end of the year.

In addition, during August the 24th Air Force Command, intended to defend the Air Force from cyber intrusions, was activated.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.

Woman charged with using spyware on former cop

Kristin Nyunt of Monterey, Calif., is charged with two counts of illegal wiretapping and possession of illegal interception devices and faces a sentence of up to five years in prison.