Everand Logo

Welcome to Everand!

  • The Atlantic

    Writing the Rules of Cyberwar

    The line between offensive and defensive attacks is far from clear, a new book argues.
    by Alyza Sebenius Jun 28, 2017 9 minutes
    Source: Rob Engelaar / Getty

    The Washington Post’s report last week on Russian cyber efforts to disrupt the 2016 election—and the Obama administration’s months-long debate over how to respond—ended on a foreboding note. Among the measures apparently adopted in response to the hack was “a cyber operation that was designed to be detected by Moscow but not cause significant damage,” involving “implanting computer code in sensitive computer systems,” according to anonymous officials who spoke to the paper. The code could be used to trigger a cyberattack on Russia in response to another Russian cyberattack on America, whether that targeted elections or infrastructure. The paper characterized the operation as currently being “in its early stages.”

    From an American perspective, the operation as described could look defensive—if it was “designed to be detected,” it would serve as a warning and potential deterrent against further offensive actions by Russia. Or it could be used purely in retaliation for aggression of some kind. On the other hand, though, once the implants are operational, what’s to stop an American leader from using them for offensive purposes, simply to weaken, undermine, or otherwise mess with Russia? From the Russian perspective, this potential would make the implants look like an offensive cyberoperation—and prompt “defensive” measures on Russia’s part, that would in turn threaten the United States. The cycle could escalate from there.

    This dynamic is an example of the “security dilemma”: When a state takes defensive measures, other states can perceive such behavior as threatening,, that the line between offense and defense is even blurrier in cyberspace. “To assure their own cybersecurity, states will sometimes intrude into the strategically important networks of other states and will threaten—often unintentionally—the security of those other states, risking escalation and undermining stability,” Buchanan writes. Meanwhile, a ransomware attack believed to be using stolen NSA tools spread across the globe on Tuesday for the second time in as many months, showing another way cyber tools can undermine stability: The technologies states develop to protect themselves can be stolen by criminal hackers and turned against their inventors.

    You’re reading a preview, subscribe to read more.

    More from The Atlantic

    The Atlantic4 min read
    Hayao Miyazaki’s Anti-war Fantasia
    Once, in a windowless conference room, I got into an argument with a minor Japanese-government official about Hayao Miyazaki. This was in 2017, three years after the director had announced his latest retirement from filmmaking. His final project was
    The Atlantic7 min readAmerican Government
    The Americans Who Need Chaos
    This is Work in Progress, a newsletter about work, technology, and how to solve some of America’s biggest problems. Sign up here. Several years ago, the political scientist Michael Bang Petersen, who is based in Denmark, wanted to understand why peop
    The Atlantic4 min read
    KitchenAid Did It Right 87 Years Ago
    My KitchenAid stand mixer is older than I am. My dad bought the white-enameled machine 35 years ago, during a brief first marriage. The bits of batter crusted into its cracks could be from the pasta I made yesterday or from the bread he made then. I

    Related Books & Audiobooks