Inteligencia y Seguridad Frente Externo En Profundidad Economia y Finanzas Transparencia
  En Parrilla Medio Ambiente Sociedad High Tech Contacto
High Tech  
 
11/06/2011 | U.S. Cyber Strategy - The Perils of Deterrence

Mike Cronin

Last week's announcement by Pentagon officials that cyberattacks could be classified as acts of war caused concern among those who worry that the United States might act outside international law if it retaliates to such attacks with military force. Others assert the move amounts to little more than a money grab by budget-savvy advocates looking to foment fear and exploit public ignorance.

 

But many cybersecurity experts say the policy statement is merely the latest step in a strategy that President Barack Obama began developing two years ago. And, they say, it might act as a deterrent to would-be U.S. enemies.

"This is a good step," said Michael Hayden, former CIA director and a retired Air Force general. "The single greatest limitation in this area has been the lack of clarity in policy. Even if it's stating the obvious, it's helpful because it helps those inside and outside the government to understand the United States' position."

The physical battlefield is far easier to manage because it's more understood, Hayden said. "There's a body of precedence. We know what our capabilities are and the results we're likely to receive. None of those things are as true yet in the cyber domain."

Yet Jody Westby, founder and CEO of Global Cyber Risk in Washington, argued that the strategy ignores the existing legal framework. "We have signed international treaties and we are bound to those. We can't just say we'll do whatever we want to do."

Westby advocates updating global agreements such as the Geneva Conventions to reflect the cyber-realties of today's world. "The U.S. should show leadership," said Westby, who co-authored the recently published "The Quest for Cyber Peace." She added, "Cyber saber rattling is not productive without discussion with other countries."

No country, however, is going to agree to ban cyberweapons, said James Lewis, director of the technology and public policy program at the Washington-based think tank Center for Strategic and International Studies. "You can promise not to make them, but it's hard to verify," said Lewis, who cited China's insistence for a decade that it wasn't making anti-satellite weapons -- until it blew up a satellite with a missile in 2007.

"Cyberweapons are like airplanes before World War I," he said. "Everyone knew by the end of the war that to be a serious military, you had to have planes."

Still that wouldn't be the point of cyber arms control, said Rafal A. Rohozinski, a Canadian computer security specialist and CEO of the SecDev Group in Ottawa. "It's not going to eliminate cyber weapons -- far from it," said Rohozinski, who was part of the team that in 2008 uncovered Chinese infiltration and control of more than 1,300 computers in at least 103 countries, including the U.S. "Just like previous arms-control agreements didn't eliminate nuclear weapons. But at least there were rules of the road. It would give the United States, China and Russia something to agree on and introduce predictability."

A senior official in the Obama administration who spoke on the condition of anonymity emphasized that last week's statement simply says that all options are on the table -- as they always are when the U.S. faces threats.

"Just like those other threats, the response must be proportionate, appropriate and consistent with international laws and our nation's core values," the official said. "An unwillingness to respond, simply because an action occurs in cyberspace, invites attack."

Air Force Lt. Col. April Cunningham, a Defense Department spokeswoman, said that the Pentagon's cyberspace strategy would be made public later this month. The United States will "oppose those who would seek to disrupt networks and systems," Cunningham added. "[The Defense Department] views all threats to our networks and systems as priorities."

Prioritizing that many threats, however, is a mistake, said John Robb, a retired Air Force special operations pilot who is now an analyst specializing in the future of warfare. "You can't do that with every system," Robb said.

It would be better to designate specific systems as off-limits, he said, such as command-and-control software at chemical plants. But that won't happen, said Robb, because former Cold Warriors are looking for a new enemy -- one that will justify funneling money into programs they support.

"By declaring cyberattacks as acts of war, they're justifying incredible expenditures on cyberwarfare," Robb said. "They're hyping up the cyber threat to create big fear and big worry. That's how defense contractors get funded."

But Lewis said last week's declaration only makes official what other countries have assumed of United States' posture all along. "This isn't news to them," Lewis said.

National leaders should be cautious before retaliating to cyberattacks, however, warns Westby. "The U.S. has more infected computers than anybody in the world," she said. "We don't know what malicious code is sitting in our systems. We don't want someone pushing a button to activate a backdoor and blow up our own systems. There has to be an assessment of how vulnerable we are."

Rohozinski granted the point: Deterrence only works when the opponent has more to lose. And in this case, the United States might have the most to lose. But he supports the Obama administration's tack for two reasons. First, it gives the military permission to use cyberweapons when necessary -- permission that didn't exist before.

An intelligence official once told Rohozinski that "it was easier to drop a 500-pound bomb on someone than get permission to put a Trojan [virus] on his computer," he said.
Second, it puts the U.S. on an even playing field with countries such as Russia, Rohozinski said. For years, Russia has stated it would not treat cyberattacks differently than other types of attacks. "They said a nuclear response could be one of their responses. They are very unambiguous."

Of course, the two tracks are not mutually exclusive: Keeping all options on the table and simultaneously pursuing international consensus on acceptable cyberbehavior would highlight the potential consequences of a cyber-attack against the U.S., while helping to minimize the likelihood of such attacks against any country.

**Mike Cronin covers technology, the military and science for the Daily in New York.

World Politics Review (Estados Unidos)

 


Otras Notas Relacionadas... ( Records 1 to 10 of 171 )
fecha titulo
19/08/2013 Cyber Security in South Korea: The Threat Within
26/02/2013 La ciberguerra ya lleva tiempo
21/04/2012 Middle East - Bahrain: Anonymous Hackers Target Formula One Over Bahrain Race
17/03/2012 Cyberwar - Brasil se pertrecha para la guerra cibernética
17/03/2012 América Latina - Cyberseguridad -¿Cuáles son las ciudades más riesgosas para navegar en internet?
17/03/2012 Cyberwar - Brasil se pertrecha para la guerra cibernética
17/03/2012 América Latina - Cyberseguridad -¿Cuáles son las ciudades más riesgosas para navegar en internet?
02/03/2012 Anonymous - La verdadera huella de Anonymous en América Latina
02/03/2012 Anonymous - La verdadera huella de Anonymous en América Latina
02/03/2012 Anonymous - La verdadera huella de Anonymous en América Latina


Otras Notas del Autor
fecha
Título
19/11/2018|

ver + notas
 
Center for the Study of the Presidency
Freedom House