Everand Logo

Welcome to Everand!

  • The Atlantic

    Writing the Rules of Cyberwar

    The line between offensive and defensive attacks is far from clear, a new book argues.
    by Alyza Sebenius Jun 28, 2017 9 minutes
    Source: Rob Engelaar / Getty

    The Washington Post’s report last week on Russian cyber efforts to disrupt the 2016 election—and the Obama administration’s months-long debate over how to respond—ended on a foreboding note. Among the measures apparently adopted in response to the hack was “a cyber operation that was designed to be detected by Moscow but not cause significant damage,” involving “implanting computer code in sensitive computer systems,” according to anonymous officials who spoke to the paper. The code could be used to trigger a cyberattack on Russia in response to another Russian cyberattack on America, whether that targeted elections or infrastructure. The paper characterized the operation as currently being “in its early stages.”

    From an American perspective, the operation as described could look defensive—if it was “designed to be detected,” it would serve as a warning and potential deterrent against further offensive actions by Russia. Or it could be used purely in retaliation for aggression of some kind. On the other hand, though, once the implants are operational, what’s to stop an American leader from using them for offensive purposes, simply to weaken, undermine, or otherwise mess with Russia? From the Russian perspective, this potential would make the implants look like an offensive cyberoperation—and prompt “defensive” measures on Russia’s part, that would in turn threaten the United States. The cycle could escalate from there.

    This dynamic is an example of the “security dilemma”: When a state takes defensive measures, other states can perceive such behavior as threatening,, that the line between offense and defense is even blurrier in cyberspace. “To assure their own cybersecurity, states will sometimes intrude into the strategically important networks of other states and will threaten—often unintentionally—the security of those other states, risking escalation and undermining stability,” Buchanan writes. Meanwhile, a ransomware attack believed to be using stolen NSA tools spread across the globe on Tuesday for the second time in as many months, showing another way cyber tools can undermine stability: The technologies states develop to protect themselves can be stolen by criminal hackers and turned against their inventors.

    You’re reading a preview, subscribe to read more.

    More from The Atlantic

    The Atlantic8 min readAmerican Government
    The Return of the John Birch Society
    Michael Smart chuckled as he thought back to their banishment. Truthfully he couldn’t say for sure what the problem had been, why it was that in 2012, the John Birch Society—the far-right organization historically steeped in conspiracism and oppositi
    The Atlantic17 min read
    How America Became Addicted to Therapy
    A few months ago, as I was absent-mindedly mending a pillow, I thought, I should quit therapy. Then I quickly suppressed the heresy. Among many people I know, therapy is like regular exercise or taking vitamin D: something a sensible person does rout
    The Atlantic7 min readAmerican Government
    The Americans Who Need Chaos
    This is Work in Progress, a newsletter about work, technology, and how to solve some of America’s biggest problems. Sign up here. Several years ago, the political scientist Michael Bang Petersen, who is based in Denmark, wanted to understand why peop

    Related Books & Audiobooks