Defense One | By: Alyza Sebenius | June 28, 2017:
The Washington Post’s report last week on Russian cyber efforts to disrupt the 2016 election—and the Obama administration’s months-long debate over how to respond—ended on a foreboding note. Among the measures apparently adopted in response to the hack was “a cyber operation that was designed to be detected by Moscow but not cause significant damage,” involving “implanting computer code in sensitive computer systems,” according to anonymous officials who spoke to the paper. The code could be used to trigger a cyberattack on Russia in response to another Russian cyberattack on America, whether that targeted elections or infrastructure. The paper characterized the operation as currently being “in its early stages.”
From an American perspective, the operation as described could look defensive—if it was “designed to be detected,” it would serve as a warning and potential deterrent against further offensive actions by Russia. Or it could be used purely in retaliation for aggression of some kind. On the other hand, though, once the implants are operational, what’s to stop an American leader from using them for offensive purposes, simply to weaken, undermine, or otherwise mess with Russia? From the Russian perspective, this potential would make the implants look like an offensive cyberoperation—and prompt “defensive” measures on Russia’s part, that would in turn threaten the United States. The cycle could escalate from there.
This dynamic is an example of the “security dilemma”: When a state takes defensive measures, other states can perceive such behavior as threatening, and respond accordingly. Underlying this dilemma is the difficulty of distinguishing “offensive” from “defensive” moves when trying to evaluate another state’s intentions.
To read full article – please click here.
