Summary List Placement
SolarWinds. Colonial Pipeline. New York City’s subway. These are only some of the targets of cyberattacks on the US government and private sector in recent months.
Although damage from these mostly unattributed cyberattacks — Russia and China are suspected — varies, private citizens have started feeling the impact in their daily lives, as shown by the gas shortage after the Colonial Pipeline cyberattack.
In light of these cyberattacks, the US government is pondering a more aggressive strategy, even starting to give ransomware investigations the same attention as terrorism cases.
Meanwhile, NATO’s secretary general said a cyberattack against a member could meet “the thresholds for triggering Article 5,” the alliance’s collective-defense clause.
In military parlance, the US government must figure out how it can “threaten to impose unacceptable costs” by, with, and through persistent physical and virtual engagement.
Although the Geneva Conventions and Tallinn Accords offer some guidance, they are by no means definite. There is also the issue of attribution. If Russia, for example, used a criminal group as proxy, the US would have to verify Moscow’s role before responding.
That response also has to deal with questions of proportionality.
Would halting Moscow’s subway be a proportionate response to election interference? Would publishing the personal information of Chinese intelligence officers be a proportionate response to the theft of classified personal information of millions of US government employees and troops?
The absence of rules of engagement or, at the very least, of red lines only enables adversaries to test the US.
Special operations and cyberwarfare
The Pentagon and the Intelligence Community have differing aims for cyber operations, and inside the military there are varying capabilities and goals — mainly those of US Cyber Command and US Special Operations Command — in that domain.
Those divides underline the absence of a …read more