Since no practical defense exists against nation-state cyber intrusions, countries may need to compromise adversaries' IT assets to establish mutually-assured destruction as a deterrent. Nations with the expertise and budget need to keep compromising each other's assets to maintain this equilibrium.

Mutually-Assured Destruction as a Factor in Cyber Warfare - illustration

I wrote this post in 2012, before public announcements and discussions related to nation-state activities across the Internet. My analysis turned out to be spot on, even if I do say so myself.

Intrusions by nation-states against companies and governments of other countries are motivated by political and economic factors, much like traditional warfare. My hypothesis is that a country seeking to safeguard its cyber interests has no choice but to mount a systemic campaign to compromise its adversaries’ IT assets. One goal of such offensive operations is the condition of mutually-assured destruction, which deters each party in the conflict from taking advantage of the IT assets it has compromised.

The Need for Mutually-Assured Destruction

Public accounts of intrusions conducted or supported by state actors highlight the importance that military and government organizations place on cyber warfare. Those without access to privileged information about such campaigns have been speculating about the principles that shape cyber warfare policies and mechanics. Here’s why I believe the notion of mutually-assured destruction is a significant aspect of modern cyber warfare:

  1. There is presently no practical way to defend the IT infrastructure of any nation against intrusions, be they commercial or government assets. If there were, we wouldn’t be experiencing so many breaches.
  2. As a result, a country needs to assume that an adversarial nation-state will be able to compromise a significant number of the country’s critical IT assets. Many of these intrusions will be undetected.
  3. Therefore, the country will need to find a way to deter the adversary from taking aggressive actions against a significant number of the IT assets it illicitly controls.
  4. One way to accomplish this is for the country to compromise a meaningful number of the adversary’s critical IT assets, establishing the state of mutually-assured destruction as a deterrent.

Deterrence as a Way of Stabilizing the Internet

In a 2011 paper, Matthew D. Crosston proposed that “it is logically more stable and potentially peaceful to have a system of deterrence that is structured mutually across major powers, giving no one state the ability to disrupt cyber equilibrium.” Matthew envisioned a situation where:

“Each major player in the global system would come to fear debilitation equally and therefore would not risk being the first-strike initiator. By capitalizing on this shared vulnerability to attack and propagandizing the open buildup of offensive capabilities, there would arguably be a greater system of cyber deterrence keeping the virtual commons safe.”

The idea of deterrence in cyberspace was later brought up at an RSA Conference panel in 2012. According to the Threatpost’s article that described that panel discussion:

“Deterrence will play an important role in avoiding conflict, as it did in the Cold War with Russia. The Chinese military appreciates that both it and the U.S. have cyber offensive capabilities and defensive vulnerabilities—‘big stones, and plate glass windows,’ said Lewis. ‘We’re back to mutually assured destruction.’”

In an April 2009 paper on the topic, David A. Gale discussed mutually assured destruction as requiring the capability and commitment to destroy all Internet-connected assets, rather than those of a single adversary. He wrote, if “the US can credibly vow to destroy cyberspace, thus destroying world economies, the US can deter an adversary from launching an attack.”

David acknowledged that this approach, like the nuclear mutually-assured destruction doctrine, would not deter non-state actors. He also confirmed the challenges of reliable attack attribution in this context. Regardless, David advocated developing the capability, while leaving it to politicians to decide the conditions for its use. That sounds scary, but it might already be how the world works.

Everyone with the Right Skills is Probably Doing It

If the reasons above persuade the US government to adopt the dogma of mutually-assured destruction in cyberspace, other countries can do the same. Nations with the interest, expertise, and budget to conduct offensive cyber operations are probably busy hacking each other to establish the condition of mutually-assured destruction and avoid being outpaced in this process by their adversaries. Such activities might allow these countries to deter each other from launching large-scale cyber attacks with major “real-world” repercussions. Perhaps such aggressive tactics might just contribute to maintaining the relative peace and stability of the Internet.

Six Signals for Threat Attribution explains how analysts identify the nation-state actor behind an intrusion.

Related Articles

Six Signals for Threat AttributionMaking Sense of Security for AI: The AI Defense Matrix

About the Author

Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. He has built security products and programs from early stage to enterprise scale. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.