Tipping the scales: the attribution problem and the feasibility of deterrence against cyberattack
Reads0
Chats0
TLDR
A formal model is used to explain why there are many low-value anonymous attacks but few high-value ones, showing how different assumptions about the scaling of exploitation and retaliation costs lead to different degrees of coverage and effectiveness for deterrence by denial and punishment.Abstract:
Cyber attackers rely on deception to exploit vulnerabilities and obfuscate their identity, which makes many pessimistic about cyber deterrence. The attribution problem appears to make retaliatory punishment, contrasted with defensive denial, particularly ineffective. Yet observable deterrence failures against targets of lower value tell us little about the ability to deter attacks against higher value targets, where defenders may be more willing and able to pay the costs of attribution and punishment. Counterintuitively, costs of attribution and response may decline with scale. Reliance on deception is a double-edged sword that provides some advantages to the attacker but undermines offensive coercion and creates risks for ambitious intruders. Many of the properties of cybersecurity assumed to be determined by technology, such as the advantage of offense over defense, the difficulty of attribution, and the inefficacy of deterrence, are in fact consequences of political factors like the value of the target and the scale-dependent costs of exploitation and retaliation. Assumptions about attribution can be incorporated into traditional international relations concepts of uncertainty and credibility, even as attribution involves uncertainty about the identity of the opponent, not just interests and capabilities. This article uses a formal model to explain why there are many low-value anonymous attacks but few high-value ones, showing how different assumptions about the scaling of exploitation and retaliation costs lead to different degrees of coverage and effectiveness for deterrence by denial and punishment. Deterrence works where it is needed most, yet it usually fails everywhere else.read more
Citations
More filters
Book
국제정치이론 = Theory of international politics
Kenneth Neal Waltz,건영 박 +1 more
TL;DR: The seeker after the truth is not one who studies the writings of the ancients and, following his natural disposition, puts his trust in them, but rather, one who suspects his faith in them and questions what he gathers from them, the one who submits to argument and demonstration, and not to the sayings of a human being whose nature is fraught with all kinds of imperfection and deformation as mentioned in this paper.
Journal ArticleDOI
Cyber war will not take place
TL;DR: In this article, the authors argue that cyber war has never happened in the past, cyber war does not take place in the present, and that it is unlikely cyber war will occur in the future.
Journal ArticleDOI
Deterrence and Dissuasion in Cyberspace
TL;DR: The lesson for policymakers is to focus on the most important attacks and to understand the context in which such attacks may occur and the full range of mechanisms available to prevent them.
Bargaining and War
TL;DR: In this article, the authors evaluate these ideas and see if they have any clear-cut implications for the occurrence of wars, and they conclude that they have little to say about why war occurs at all.
Journal ArticleDOI
What Is the Cyber Offense-Defense Balance?: Conceptions, Causes, and Assessment
TL;DR: In this article, an empirical analysis shows that the Stuxnet cyberattacks on Iran's nuclear facilities very likely cost the offense much more than the defense, and that the perceived benefits of both the offensive and defense, moreover, were li...
References
More filters
Book
The Strategy of Conflict
TL;DR: In this paper, the authors propose a theory of interdependent decision based on the Retarded Science of International Strategy (RSIS) for non-cooperative games and a solution concept for "noncooperative" games.
After hegemony : cooperation and discord in the world politicaleconomy
TL;DR: Keohane as mentioned in this paper analyzes the institutions, or "international regimes", through which cooperation has taken place in the world political economy and describes the evolution of these regimes as American hegemony has eroded.
Book
After Hegemony: Cooperation and Discord in the World Political Economy
TL;DR: Keohane as discussed by the authors analyzes the institutions, or "international regimes", through which cooperation has taken place in the world political economy and describes the evolution of these regimes as American hegemony has eroded.