Hacking the Bomb: Cyber Threats and Nuclear Weapons by Andrew Futter

Author:Andrew Futter [Futter, Andrew]
Language: eng
Format: epub
ISBN: 9781626165656
Google: 9HuhtAEACAAJ
Goodreads: 36820220
Publisher: Georgetown University Press
Published: 2018-01-15T09:47:46+00:00

Deterrence by Denial and Deterrence by Punishment

Given the considerable dissimilarities between nuclear and cyber weapons, and the vast range of different operations that fall under the cyber moniker, the response to the cyber challenge will naturally be multifaceted. Any strategy to address these challenges will therefore need to start with (1) a consideration of the possibilities of cyber defense and security, (2) the potential to limit new threats through arms control and other frameworks, and (3) the applicability of deterrence by punishment in the cyber realm. It will also almost certainly involve consideration of how these might be best combined and balanced; just like the threat, the tools required to address the cyber challenge will not be homogeneous.

The management of cyber threats will therefore be split into two components: (1) defense (including possibly active defense) against attackers seeking to steal secrets, interfere with systems, and cause disruption and (2) defense and deterrence against strategic attacks intended to cause damage and destruction—the focus here. Because the cyber challenge is not uniform, it will require a suite of different types of responses, which will need to be tailored to specific actors and threats. This will necessarily involve both deterrence by denial as well as deterrence through punishment, and perhaps also other tools.37 Part of the problem with the cyberdeterrence debate has been the tendency to conflate the two challenges (and responses), which often results, in the words of a former director of the Los Alamos National Laboratory, Siegfried Hecker, in “straw man comparisons” when considering the possibilities of applying “nuclear-style deterrence in cyberspace.”38 In essence, this is because cyberdeterrence is likely to be far less about punishment than is the case with nuclear deterrence.

The first thing to note is that a significant part of what is labeled “the cyber challenge” is best addressed through deterrence by denial—that is, with better computer network defense, good practices, and enhanced security that deny any benefits (or at least raise the costs) to a would-be attacker.39 As has been explained earlier in this book, the clear majority of cyber operations occur at a relatively low level and involve nuisance, crime, espionage, and exploitation—and they therefore clearly fall well below what one would consider for deterrence through punishment and especially the use of military force.40 Strong defenses, as well as robust cyber hygiene, will create costly barriers for any would-be attacker, and may be particularly useful in deterring terrorists or criminals, who will potentially opt for easier options.41 Deterrence by denial also clearly has a role to play against more serious, strategic cyber challenges, and it is not hindered by the problems of attribution—discussed below—in the same way as is deterrence by punishment.42 As Patrick Morgan notes, this essentially represents a reversal of Cold War nuclear thinking: “For cyberattacks, the deterrence supplied by defense must now compensate for the limits of deterrence based on retaliation.”43

However, cyber security and defense, and the broader notion of deterrence by denial, are far from panaceas—even for supposedly air-gapped, highly redundant, and well-protected systems (e.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.