Thomas White / Reuters Binary code set against a North Korean flag, November 2017.

How the U.S. Can Play Cyber-Offense

Deterrence Isn't Enough

The United States has been the victim of repeated cyberattacks by foreign powers, and it seems to have little power to stop them. During the 2016 U.S. presidential campaign, Russian hackers broke into the Democratic National Committee’s e-mail servers and made more general efforts to influence the election’s outcome, as detailed in Special Counsel Robert Mueller’s indictment of 13 Russians and three Russian entities. In February, U.S. intelligence and law enforcement officials warned that the Russian government would again try to use cyber-operations to interfere with midterm elections in November. That same month, the White House publicly blamed Russia for “the most destructive and costly cyberattack in history,” the 2017 NotPetya malware campaign, which crippled the government of Ukraine before spreading to multinational corporations such as FedEx and Maersk, causing billions in damage.

The Russians are not the only ones hacking at the United States’ expense. Chinese hacking groups have stolen U.S. intellectual property from industrial manufacturers and military contractors. In 2015, China weaponized its “Great Firewall” and conducted distributed denial of service attacks against U.S. websites, including GitHub, which Beijing wished to punish for hosting content that the Chinese leadership found undesirable. In 2014, North Korean hackers attacked the U.S. film studio Sony Pictures to block the release of a movie, The Interview, that depicted the attempted assassination of North Korean leader Kim Jong Un. The attack erased the content of thousands of computers, released embarrassing internal e-mails, and intimidated Sony into canceling the movie’s theatrical release. Iran too has lashed out in cyberspace, attacking U.S. financial institutions and a dam in New York.

These threats have led to renewed calls for cyber-deterrence measures that would impose greater costs on would-be hackers while denying them benefits. The administration of President Donald Trump, for instance, has elevated U.S. Cyber Command to a unified combatant command, which it believes will signal greater capability and resolve. Deterrence is also likely behind the Trump administration’s broad declaratory

Loading, please wait...

Related Articles

This site uses cookies to improve your user experience. Click here to learn more.

Continue