Cyber Deterrence

Prof. John E. Savage
Brown University

Deterrence Methods

  1. Cyberdeterrence and Cyberwar by Martin Libicki, Rand, 2009
  2. Deception, Disinformation, and Strategic Communications: How One Interagency Group Made a Major Difference by Fletcher Schoen and Christopher J. Lamb, Institute for National Strategic Studies, Strategic Perspective, No. 11, National Defense University, June 2012
  3. Toward Theory for Dissuasion (or Deterrence) by Denial: Using Simple Cognitive Models of the Adversary to Inform Strategy by Paul K. Davis, RAND NSRD WR-1027, January 2014
    "This Working Paper grew out a conference paper presented at the Munk School of the University of Toronto, October 18-20, 2013. The conference, Deterrence by Denial: Theory, Practice, and Empiricism, was co-organized by the Munk School of Global Affairs and the Center for Security Studies, ETH Zurich."
  4. How the United States Can Win the Cyberwar of the Future: Cold War-era deterrence theory won't cut it anymore. by P.W. Singer, Foreign Policy, December 18, 2015
    "There is perhaps no national security problem more 21st century in both its definition and form than cybersecurity. And yet to solve it, the ready solution in nearly every U.S. national security conversation today is that tried and true 20th-century framework of deterrence."
  5. Cyber-Deterrence by Kim Taipale, Boston Global Forum, December 12, 2016
  6. Raising the Consequences of Hacking American Companies: Why the United States Needs an Explicit Cyber Deterrence Policy for the Private Sector by David A. Simons, CSIS, October 2017
  7. Deterrence and Dissuasion in Cyberspace by Joseph S. Nye Jr., International Security, Vol. 41, No. 3, Winter 2016/2017
  8. Deterring Cyberattacks How to Reduce Vulnerability by Susan Hennessy, Foreign Affairs, November/December 2017
  9. Botched CIA Communications System Helped Blow Cover of Chinese Agents: The number of informants executed in the debacle is higher than initially thought. by Zach Dorfman, Foreign Policy, August 15, 2018
  10. Revealed: Pentagon Push to Hack Nuke Missiles Before They Launch: A former U.S. official calls the 2017 Pentagon policy document an 'exercise to legally justify a potential attack on a North Korean missile on the launchpad.'
    From the article: "The Pentagon has embraced a controversial policy of destroying enemy nuclear missiles before they launch, an internal policy document from May 2017 shows. Itb bs an effort that appears to include executing cyberattacks against missile control systems or components." The Pentagon document Declaratory Policy, Concept of Operations and Employment Guidelines for Left-of-Launch Capability is cited in the news article.

Hacking Back

  1. Hacking Back Without Cracking Up by Jeremy Rabkin, Ariel Rabkin, Aegis Paper Series No.1606, Hoover Institution, June 28, 2016
    The authors examine the risks and rewards of hacking back and conclude that it is worth conducting experiments to determine its effectiveness. It also refers to some interesting sources.
  2. The Digital Vigilantes Who Hack Back: American companies that fall victim to data breaches want to retaliate against the culprits. But can they do so without breaking the law? by Nicholas Schmidle, The New Yorker, May 7, 2018
    This article provides an excellent introduction to hacking back. It cites CFAA, provides analogies for hacking back such as use of dye packs by banks, and discusses nascent effortsB to legalize some types of hackback, which some call vigilantism. It also highlights the difficulty of attributing hackers, calls attention to "escalation dominance," and notes that hackers do make serious personal threats against those hacking back. Several experts warn that hacking back can be very dangerous and could lead to cyberwar.

Assessment of Deterrence Strategies

  1. Not The Cyber Deterrence the United States Wants by Jason Healey, Council on Foreign Relations, June 11, 2018
  2. What War Games Tell Us About the Use of Cyber Weapons in a Crisis by Jacquelyn G. Schneider, The Council on Foreign Relations, June 21,2018
  3. The Limits of Deterrence Theory in Cyberspace by Mariarosaria Taddeo, Philos. Technol. (2018) 31: 339.
    I ... argue that ... applicability [of deterrence] to cyberspace is limited and that these limits are not trivial.

Cyber Offense

  1. On the Theft and Reuse of Advanced Offensive Cyber Weapons by Gil Baram, Defense One, June 19, 2018
  2. Symantec warns of China-based espionage campaign targeting satellites by Olivia Beavers, The Hill, June 20, 2018
  3. Trump, Seeking to Relax Rules on U.S. Cyberattacks, Reverses Obama Directive: Administration has faced pressure to show that it is taking seriously national-security cyberthreats by Dustin Volz, The Wall Street Journal, August 15, 2018

Legality of Cyber Operations

  1. US DoD Laws of War Manual (Updated December 2016)
    Page 1012 of Chapter XVI applies these laws to Cyber Operations.
    Section 16.1.2.1 Examples of Cyber Operations on page 1012 refers to the pre-emplacement of capabilities or weapons.
  2. Ex-NSA Hackers Worry China And Russia Will Try to Arrest Them: The US government has been indicting foreign government hackers, and American government hackers are worried China and Russia might start doing the same to them. by Lorenzo Franceschi-Bicchierai, Motherboard, December 1, 2017

Guide to Cyberspace Operations

  1. The Cyber Security Forum Initiative
  2. The Joint Force Commander's Guide to Cyberspace Operations by Brett T. Williams, USAF

John Savage