Assessing Deterrence Options for Cyberweapons

Slides:

Advertisements

Similar presentations

FREEDOM OF SPEECH. The Harm Principle and Free Speech Another difficult case is hate speech. Most European liberal democracies have limitations on hate.

Advertisements

Challenge of Nuclear Weapons

PAGE 1 | Gradient colors RGBRGB Diagrams RGBRGB RGBRGB 166.

The best US foreign policy is one based on contemporary understandings of realism. Such a policy would be more successful, particularly in avoiding wars,

Internet Vulnerabilities & Criminal Activity Cyber Terrorism and Cyber Warfare November 14, 2011 Cyber Terrorism and Cyber Warfare November 14, 2011.

Cyber Capabilities Example IT 298 / Bohman January 6 th, 2014.

Article: The Cyberweapon that could take down the Internet By Jacob Aron February 11, 2011 Presentation by Jacob Russell CSCE390 April 18 th, 2011.

Copyright Myths. "If it doesn't have a copyright notice, it's not copyrighted." This was true in the past, but today almost all major nations follow the.

The Philosophy of Exotischism Ignorance Is No Excuse 1 Most of us have heard the old expression "ignorance is no excuse for breaking the law". If courts.

Article Summaries - Affirmative Offshore Wind. Article 1 Offshore Wind has: the capability of powering 1/3 of the U.S, especially the East Coast's larger.

17th WATCH: Cyberwar -- Without the Magical Thinking Stewart A. Baker Steptoe & Johnson THURSDAY July 18 th, Noon, Room 110 W ashington A rea T rustworthy.

Understanding and distinguishing among cyber activities Dave Piscitello VP Security and ICT Coordination, ICANN.

THE THREAT LANDSCAPE FROM CYBERCRIME TO CYBER-WAR David Emm Global Research and Analysis Team.

Crime & Punishment The Aims of Punishment Deterrence.

The way to avoid being trap into cyber crime. What is cyber crime? The Department of Justice categorizes computer crime in three ways: 1. The computer.

Copyright © 2015 Scott Borg/U.S. Cyber Consequences Unit. All rights reserved. Making Economics a Cyber-Security Weapon Scott Borg Director (CEO) and Chief.

Can North Korea Build More Nuclear Weapons?. A North Korean People’s Army naval unit tests a new type of anti-ship cruise missile in this undated photo.

Defense Policy Making You may not be interested in war, but war is interested in you.

April 27 th  Learning Target  I can understand the threat of nuclear proliferation.  Opener  Name all the countries you can think of that have nuclear.

DO WE REALLY NEED TO WORRY ABOUT WMDS? What is a “weapon of mass destruction”? Why are they “different”? Is the classification WMD an example of hegemony?

LECTURE PRESENTATION FOR Thomas Rid, Cyberwar will not take place Manjikian

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Brian Marks COSC 380. Cyber War  What is Cyber War?  What attacks have happened?  Could this happen to us?  What defenses are in place to stop it?

By: Taysha Johnson. What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access.

CRIMINAL LAW 1. Ahmed T. Ghandour.. PART 2. PENOLOGY.

Proactive Incident Response

Refuting, Attacking, and Cross-Examination

Nuclear Weapons Part I.

GOVT Module 16 Defense Policy.

Ted Allen Rotary May 17, 2017 WannaCry Ransomware Ted Allen Rotary May 17, 2017.

International Conflict & Cyber Security

Strategic Information Systems Planning

The vulnerability of economic markets to crime in 2015

The Economics of Cyber Security

Richard A. Clarke warned America once before about the havoc terrorism would wreak on our national security -- and he was right. Now he.

International Security and Peace

USH 15:4 Eisenhower’s Cold War Policies

Nixon’s War: Vietnamisation

U.S. Nuclear Strategy toward China

“Existing world order is being redefined.” Henry Kissinger Jan 2015

NATO and the Warsaw Pact

ECON 330 Lecture 22 Wednesday, December 11.

Cyber Aggression and Conflict

Name of the idea Description and Military Application Maturity

What is being assessed? Section B will contain three essay questions of which students are required to answer two. Each essay tests AO1 and is designed.

Name of the idea Description and Military Application Maturity

Modern world today There are a lot of internal and international conflicts all over the world. Force methods are often used and have high effectiveness.

Cybersecurity Awareness

Murder and Stalking Class 1 1.

Is this the Asian Century?

Lessons From The Defensive Security Podcast

Crime DOES Pay (Unless you get caught)

Richard A. Clarke warned America once before about the havoc terrorism would wreak on our national security -- and he was right. Now he.

Theories of Punishment

Chapter 10.2 Justifications.

Today achievement points will be awarded for…

Information Systems for Health:

War and Violence Can war be just?.

Kazuto Suzuki Hokkaido University

Protect Your Ecommerce Site From Hacking and Fraud

Possible Essay… To what extent does a world power you have studied have influence in international relations?

Eisenhower’s Policies

What is being assessed? Section B will contain three essay questions of which students are required to answer two. But for your mock you will get two.

5/6/2019 Information Warfare Trends, Dangers, and the Impact for European Research Policy Dipl. Pol. Ralf Bendrath, Berlin FoG:IS ReG:IS Forschungsgruppe.

Assessing organised crime: threat, anticipation and future

Cold War Containment.

TERRORISM Terrorism—the planned threat or use of violence, often against the civilian population, to achieve political or social ends, to intimidate opponents,

Marcial Quinones-Cardona

10 Signs You Should Invest In Security Automation

Presentation transcript:

Assessing Deterrence Options for Cyberweapons Elizabeth E. Wanic and Neil C. Rowe (presenter) U.S. Naval Postgraduate School Monterey, California, USA ncrowe@nps.edu

Motivation Deterrence doesn’t seem to be working in cyberspace. The U.S. is being attacked repeatedly in cyberspace by Russia, China, Iran, and North Korea. However, some forms of cyber-deterrence seem to be working: No countries have launched a cyberwar even when they have capability to do so. Cyber operations today deliberately fall short of “armed attack”. Can we still deter them if we cannot threaten major retaliation?

Defining deterrence “Discouraging adversaries against taking an action against your interests.” Two forms: Deterrence by punishment: Threaten that an attack will be met by a worse counterattack in response. Threat needs to be credible. It is hard to be credible in cyberspace without giving away at least some secrets. Deterrence by punishment doesn’t work well in deterring crime since criminals aren’t very rational. Deterrence by denial: Make adversary think they will waste resources attacking you. Also requires a credible reason they will waste their time, but this is hard to prove. Requires a cost-benefit analysis by the adversary.

Traditional deterrence Deterrence works well with conventional weapons. If you have a large army, it deters another army from invading you. How do you demonstrate capabilities? Do a military exercise. Do a weapons test. How do you show the will to use weapons? Make clear the weapons are easy to use, as by showing many ways to deliver them. Make clear you have plenty of weapons. Affirm your determination to resist aggression in public statements.

Credibility of cyberweapons as a deterrent The U.S. is being repeatedly attacked in cyberspace by China. Why doesn’t the big U.S. arsenal of cyberweapons deter China? Possible reasons: Chinese cyberattacks do not rise to the level of an “armed attack” in international law which would justify counterattack. Cyberattacks on U.S. businesses are often easy, and victims can blame their cybersecurity as inadequate rather than China. Deterrence is not credible because the U.S. has rarely used cyberweapons. Retaliation risks escalation, and the U.S. is more vulnerable in cyberspace than China. China does not believe the U.S. will risk escalation.

Key problems with cyber-deterrence Cyber weapons are highly varied compared to conventional military weapons. Thus it is hard to assess their threat. Cyberweapons usually exploit flaws in software, and flaws can get fixed unexpectedly, making the weapon useless. Adversaries may not act rationally according to a reasonable cost-benefit analysis. It could be hard to attribute cyber attacks to a country, though the technology for doing so is getting better. Damage assessment of a cyber attack is difficult. Victim may not know they have been attacked, so attack may have little effect. Attacker may do overkill in an attack to be sure of success. Cyberattacks may have unexpected consequences since everything is connected in cyberspace.

Country specifics Russia has signed agreements regarding cyberattacks, but has not stopped them. Deterrence is not working. China has been stealing intellectual property for some time, and deterrence is not working against them. Iran has been deterred to some extent from cyber attacks on major powers even though they have the capability. North Korea has not been deterred on cyber attacks, but most of their attacks are symbolic or for monetary gain. It is hard to reason with a dictatorship. The U.S. has been successfully deterred from attacks against Russia and China.

Tactics for cyber deterrence (1) Stockpiling cyber weapons It’s hard to convince people you have cyber weapons because revealing anything hurts their effectiveness. Fake demonstrations are easy to arrange for cyber weapons. Cyber weapons become obsolete quickly since software flaws can get fixed unexpectedly. Criminal investigation of cyberattacks Most cyberattacks violate national cybercrime laws, so they can be prosecuted. Indictments can serve notice of potential retaliation as well as ability to attribute a cyberattack. However, it’s hard to extradite criminals whose governments want to protect them.

Tactics for cyber deterrence (2) Sanctions Economic sanctions have worked in the past against a wide range of countries. They require substantial international agreement. Most cyberattacking nations are already under sanctions for other reasons, so more sanctions won’t do much. International agreements The Tallinn Manuals represents a good attempt at norms for cyber operations as well as cyber war. However, they are not law. Getting laws for cyberspace has been difficult. Nonetheless, de facto standards are emerging. This has already happened with ideas in the Tallinn Manuals.

Tactics for cyber deterrence (3) Improving cyber defenses If an adversary is sure they won’t succeed with a cyber attack (as against the U.S. military), they likely won’t try. Cyber defense can be demonstrated without giving away too many secrets. Active defenses like planting deceptive “bait” files can discourage adversaries from using stolen data. Demonstrations of capabilities A potential victim can stage a demonstration of its defense or offense. Such demonstrations can be faked in a controlled environment. Alternatively, a real counterattack on a real target can indicate capabilities.

Tactics for cyber deterrence (4) Counterattack Can be automated so adversary is sure they will suffer. Can be non-automated but staged to have a major effect. Counterattacks to cyber attacks need not be cyber attacks, especially if the original attack was serious. Counterattacks are justified in international law, unlike first attacks.

Conclusions Cyber deterrence is hard, but it is becoming more possible, as capabilities become better understood. Stockpiling does not seem useful. This is different from conventional weapons. International agreements are a good idea, even partial ones. Cyber operations cover a broad spectrum, so a range of activities can have a deterrent effect.