Cyber Deterrence by Punishment: Role of Different Perceptions

Nuclear deterrence based on mutual assured destruction seems to have successfully prevented a global nuclear war for decades. Can deterrence be effective for cyber attacks between nation-states? The cyber environment is drastically different from the nuclear case. A major difference is the possibility of different perceptions by the states which may lead to a failure of cyber deterrence. In this paper, we compare differences between nuclear deterrence and cyber deterrence. We adapt a game theoretic model from the nuclear case to the cyber environment and show that differences in perceived payoffs can lead to attack strategies where deterrence fails in cyberspace

Computable Rationality, NUTS, and the Nuclear Leviathan

This paper explores how the Leviathan that projects power through nuclear arms exercises a unique nuclearized sovereignty. In the case of nuclear superpowers, this sovereignty extends to wielding the power to destroy human civilization as we know it across the globe. Nuclearized sovereignty depends on a hybrid form of power encompassing human decision-makers in a hierarchical chain of command, and all of the technical and computerized functions necessary to maintain command and control at every moment of the sovereign's existence: this sovereign power cannot sleep. This article analyzes how the form of rationality that informs this hybrid exercise of power historically developed to be computable. By definition, computable rationality must be able to function without any intelligible grasp of the context or the comprehensive significance of decision-making outcomes. Thus, maintaining nuclearized sovereignty necessarily must be able to execute momentous life and death decisions without the type of sentience we usually associate with ethical individual and collective decisions

Anti-war and the cyber triangle : strategic implications of cyber operations and cyber security for the state

[From the introduction:]The main driver for this choice of research was the growing influence of Internet-related issues in contemporary politics in various fields. 2009 saw an intensification of this link between information and communication technologies and international relations, particularly in the field of intelligence and military, with the revelation of notorious cyber operations such as AURORA, Ghostnet and Night Dragon (see chapter II). While those events started to attract the broader attention of academics, it was not until the discovery of the Stuxnet malware in 2010 (see chapter IV) that the issue gained momentum in other fields as well. A computer malware targeting a nuclear enrichment facility in a foreign country amidst a latent conflict certainly raised a lot of questions that demanded answers. Its sophisticated design and potential implications for international relations as well as strategic studies was one of the main inspirations for this research.While the emergence of literature on espionage and sabotage in conjunction with the Internet can be traced back to the 1990's, Kello recognises that even in 2013 it remains a weakly developed area, stating that '[t]he range of conceivable cyber conflict is poorly understood by scholars and decision-makers, and it is unclear how conventional security mechanisms, such as deterrence and collective defence apply to this phenomenon' (Kello, 2013: 7). Thus, the aim of this research is to contribute to the literature in this way '[…] in addition to elucidating empirical cyber events, scholars can guide the design of policies to affect them' (Kello, 2013: 38-39). Undertaking research in a field which is state-of-the-art and therefore, highly volatile, presents a particular academic challenge. It does also however enable a researcher to make a potentially crucial contribution, a dent, in the current debate. In areas of research in a vacuum exists, it is imperative for scholars to contribute to filling up that academic lacuna. The main outcome therefore is supposed to be a contribution to the academic debate on the strategic relevance and conduct of cyber operations and the state’s response to it. The intellectual tools developed as part of this research may be of future use for policy-makers. The underlying question for the research is: What are the strategic implications of cyber operations for the state?The Economist recently saw 'intensifying cyber threats' as one of the top challenges for 2014 (The Economist, 2014). The revelations of the past years, starting with Stuxnet, Operation AURORA, APT-1, Red October and activities derived from the NSA Documents revealed by whistleblower Edward Snowden indicate that this threat will not abate soon. More and more states are readying themselves for future conflicts by developing defensive as well offensive cyber operations capabilities (Lewis, 2013b: 9-55). The latest domain for conflict resolution is currently being explored and exploited too by a growing number of different stakeholders. Based on the increased number of stakeholders and the intensity and number of occurrences of said events (see section 3.5 and appendix), its contemporary relevance is high and has been increasing for several years and looks set to continue. Guiding principles in the field of strategy is an important part of this development. Though the debate on strategic implications of cyber operations started in the early 1990's, and promoted under the auspices of the RAND Corporation, '[i]ntellectually, we are in a position not unlike that faced 65 years ago as we began to develop our thinking about nuclear weapons' (Kramer, 2012: I). Nye agrees, stating that 'in comparison to the nuclear revolution in military affairs, strategic studies of the cyber domain are chronologically equivalent to 1960 but conceptually more equivalent to 1950. Analysts are still not clear about the lessons of offense, defense, deterrence, escalation, norms, arms control, or how they fit together into a national strategy' (Nye, 2011: 19). Thus, an intensive academic analysis of this field is pivotal, especially within the framework of strategic studies, in order to enable strategic adaptation and decision-making (Kello, 2013: 14). The timeliness of events, paired with the lack of a properly developed strategic framework, signify the increased contemporary relevance for research of the strategic implications of cyber operations for the state.Definitions are very important in political science, and only more so for research in the field of cyber operations. In the absence of commonly agreed upon definitions for cyber operations, and a multitude of other terms such as cyber warfare, digital warfare, information warfare, electronic warfare (see sub-sections 3.1 and 3.2 as well as section 4) which are at once related and disparate, mean that clarity in definitions is centrally important. While definitions might normally differ slightly, all elements included in the definition of cyber operations might vary. This includes the stakeholders (and their representation as entity in the cyber domain), the means to conduct cyber operations, the platform where it is conducted (for example all digital devices, Internet only, electromagnetic spectrum) and the operations through which it is conducted (for example, if cyber espionage is included or not).Therefore, the coherent and comprehensive definition is of vital importance for the understanding of the research and more so for its outcomes. The terminology of this research applies for the state in the cyber domain, cyber operations and cyber strategy. Thus, the three key definitions which are developed in this research can be found below.The state and its representation in the cyber domain is defined in chapter I: The state’s representation of the cyber domain is the Critical National Information Infrastructure (CNII). The CNII is composed of a particular part of the information infrastructure which is vital to the function of the state according to the state-teachings of Jellinek: territory, people and legitimate use of violence.The definition of cyber operations as developed in chapter II: A cyber operation is the targeted use and hack of digital code by any individual, group, organization or state using digital networks, systems and connected devices, which is directed against CNII in order to steal, alter, destroy information or disrupt and deny functionality with the ultimate aim to weaken and/ or harm a targeted political unit.Subsequently, the definition of a cyber strategy in chapter IV: The development and employment of cyber operations, potentially integrated and coordinated with other operational domains and forms of information operations, to achieve or support the achievement of political objectives

Nuclear Lessons for Cyber Security?

Identifying “revolutions in military affairs” is arbitrary, but some inflection points in technological change are larger than others: for example, the gunpowder revolution in early modern Europe, the industrial revolution of the nineteenth century, the second industrial revolution of the early twentieth century, and the nuclear revolution in the middle of the last century. In this century, we can add the information revolution that has produced today’s extremely rapid growth of cyberspace. Earlier revolutions in information technology, such as Gutenberg’s printing press, also had profound political effects, but the current revolution can be traced to Moore’s law and the thousand-fold decrease in the costs of computing power that occurred in the last quarter of the twentieth century. Political leaders and analysts are only beginning to come to terms with this transformative technology

Deterrence in Cyberspace: A Game-Theoretic Approach

This novel application of the Stackelberg leader-follower game from economic theory illuminates situational constraints that point to a sweet spot, an optimal level of investment in cyber defense, for deterrence by denial. Deterrence is a form of persuasion intended to manipulate the cost-benefit analysis of would-be attackers and convince them that the cost of taking an action against the defender outweighs its potential benefit (Brantly, 2018; Wilner, 2017).1 It is the prevention (of a target) from committing unwanted behavior by fear of the consequences (United States (US) Department of Defense (DoD), 2008; Taipale, 2010). Deterrence differs from compellence by focusing on prevention using ex ante actions. Compellence uses power to force an adversary, post hoc, to take a desired action under threat of possible escalation in the future (Brantly, 2018)

Wargames as Data: Addressing the Wargamer's Trilemma

Policymakers often want the very best data with which to make decisions--particularly when concerned with questions of national and international security. But what happens when this data is not available? In those instances, analysts have come to rely on synthetic data-generating processes--turning to modeling and simulation tools and survey experiments among other methods. In the cyber domain, where empirical data at the strategic level are limited, this is no different--cyber wargames are quickly becoming a principal method for both exploring and analyzing the security challenges posed by state and non-state actors in cyberspace. In this chapter, we examine the design decisions associated with this method.Comment: 3 figure

Asymmetric Threats: Analyzing the Future of Nuclear Terrorism & Cyber Attacks; The Value of Deterrence Theory for Addressing the Challenges of Nuclear Terrorism in the age of 21st Century Cybersecurity

Given the rapid development and ease of access to technology, the threat of extremist organizations utilizing cyberspace as a means to target critical American strategic infrastructure is of increasing concern. The risk posed by the acquisition of fissile material, sabotage, or use of a nuclear device by an extremist organization has been exasperated due to technological development outpacing strategy. Despite policy-makers’ attempts to protect the public from cyber-attacks and nuclear terrorism, the federal policies in place have failed to account for the continual evolution of technology and the gaps in security that this advancement brings. Through examining documents from congressional and bureaucratic agencies using content analysis, this study examines whether or not policymakers, congressional or bureaucratic, use deterrence theory when they make policy, suggestions, rules, and guidelines. This thesis asks how U.S. policy regarding nuclear terrorism has changed given a rise in cyberthreats? This thesis also asks a second question: Which federal agency is most capable of dealing with cyberthreats concerning nuclear terrorism? The findings of this research concluded that as cyberthreats continued to develop, policymakers using deterrence theory shifted to using previous waves of deterrence theory, primarily dealing with rivalry and competitive threats. In addition, this research finds that intelligence agencies are the most capable federal agencies in proving guidelines and informing future policymakers

Cyber deterrence is overrated: analysis of the deterrent potential of the new cyber doctrine and lessons for Germany's "active cyper defence"

Proponents of active, offensive cyber operations argue that they could have a deter­rent effect on potential cyber attackers. The latter would think twice about attacking if a digital counter-attack might be the consequence. The idea that offensive cyber capabilities should have a deterrent effect was one reason why the new US cyber doctrine was adopted in 2018. The same assumption is implicit in the debate about cyber counterattacks ("hack backs") in Germany. Yet these assessments are based on a superficial understanding of deterrence. Cyber deterrence by the threat of retaliation works differently than that of nuclear deterrence. Problems of attribution, displays of power, controllability and the credibility of digital capabilities increase the risk of deterrence failure. Thus, the German cyber security policy would be well advised to increase its "deterrence by denial", cyber security and the resilience of its systems. (Autorenreferat