Every Friday, I present a topic or question for our merry band of thinkers, leaders, and pirates to discuss in an open thread. Here is this week’s conversation starter:
The Biden administration is openly signaling that it will pursue cyber operations against Russia in response to Moscow’s supply-chain cyber attack against thousands of US networks. Is this type of public “signaling” helpful or harmful to American interests? Why?
Seems to me like it takes away one of cyber's major advantages, the haziness of attribution.
On the other hand, I can see how demoralizing and stress inducing it could be for Russia's cyber and defense officials just waiting for something to happen. And when it does, not being able to do anything about it.
Well, some obvious considerations. You MUST respond with something, can't be seen as spinelessly accepting the Russian attack and moving on. I think that countering with cyber operations is a given, so it's not really revealing anything. So it is simply "signalling". I think "signalling" with other forms of retaliation - economic, social, political, etc. - would be more genuine, and more effective.
While it's fun to speculate, I'm reminded that chess Grandmasters will place bets on the next move in a game they are all watching, with all the information, unchanging rules, and a clearly defined goal.
We have minimal information, a wildly changing world, and what is the goal, exactly?
IF BIDEN REALLY HAD A RETALIATION PLAN, WHICH I DOUBT, WHY WARN ANY OF OUR ENEMIES - RUSSIA/CHINA/IRAN? JUST DO IT AND SURPRISE THEM INSTEAD OF GIVING THEM TIME TO PREPARE/REACT.
Public “signaling” is a poor idea. To “signal” plans is to invite preemptive attack and or enhanced defense. Signals should only be used after we prove we are able and willing to pursue offensive cyber operations against Russia or any enemy state.
U.S. cyber operations against Russia is helpful to American interests if they're done the same way and for the same reason as our response to Pearl Harbor. Moscow's cyber attacks on us are physically destructive, deliberately. They are acts of war, thus, as serious as Pearl Harbor even if they don't cause death to Americans. We have been in a state of war with Russia and we must respond accordingly, with very powerful cyber counter attacks and with overwhelming military power waiting in the wings, ready to use if needed, preemptively if possible. Russia brings war upon us. We must WIN the war.
Criminals expect a response. Good guys expect a effective response. Nothing unusual. Our friends will still be our friends and our enemies will remain enemies. It's like saying that if a stray pit bull attacks your child, you'll shoot it to stop the attack. Wouldn't expect anything less.
The US military has indicated, over the past year or two, that under certain conditions, it will consider a cyber attack to be equivalent to a physical attack, and that it reserves the right to respond via either a cyber or a physical counterattack, depending on how it sees fit. There is also the consideration of to what extent the Russian cyber attack was espionage, vs sabotage. Espionage needs an espionage-type response. Sabotage, or preparations for sabotage (which is what the SolarWinds thing was) could be preparations for war.
However, we need to think who we're dealing with. Russia is not Iran. SolarWinds would be similar to the USSR digging tunnels under the border of West / East Germany, in preparation for the Big Attack that may never actually happen. On the one hand, we need to deal with the immediate fallout from the issue, itself, and we need to take action to make sure it doesn't happen again. But on the other hand, you don't want to use that same tunnel as a means of blowing something up, on their side, as retaliation, because that could tick them off and actually start the war.
Thus, the extent of "cyber operations" against Russia, I believe, should be limited to the equivalent of digging our own tunnels onto their side, and maybe letting them know that we can do that, plus continued espionage. The only punitive actions should be of the sanctions variety. There has to be balance.
And we also need to be wary of tipping our hand, about the extent of our actual ability to do things, as these types of cyber operations have previously, later on, been found, reverse engineered, and turned against us. And we don't want that happening again.
I don’t think that signaling accomplishes anything with countries like Russia and China and what do you gain by telling them what you are going to do. If you can show it has been effective maybe so, but according to what I hear and read they continue to rip off our data at every opportunity. Advertising often will or can cause dictators to do nothing to correct an issue to save face, the last thing they want is to appear to be bowing to the demands of the US, they are never going to admit guilt. Action sends a message without advertising it to the world.
It would be helpful if we knew what cyber operations are on the table and the degree of deterrence expected from those operations.
I think this is a stupid idea, you never tell your enemy what you are going to do. But consider the source.
Some very wise and thought provoking responses. I am hopeful that the most experienced and judicious minds are chosen to create future responses to our aggressors actions. These topics are so serious in nature--how we respond REALLY matters.