Skip to main content
SpringerLink
Log in

Five Kinds of Cyber Deterrence

  • Research Article
  • Published:
Philosophy & Technology Aims and scope Submit manuscript

Abstract

There were five kinds of cyber deterrence presented at the workshop on Landscaping strategic cyber deterrence, hosted at the Oxford Internet Institute. They were the well-studied areas of deterrence by ‘punishment’ and ‘denial’, and the novel concepts of deterrence by ‘association’, ‘norms and taboos’, and finally, ‘entanglement’. In the following workshop commentary, I present these five kinds of deterrence and explain them in light of recent developments in the academy and industry. I argue for analytical congruence between all three novel concepts, since they aim to alter the behaviour of actors by adding a social cost in response to breaking norms and conventions. Throughout, I argue that we are beginning to understand how cyber deterrence works, both in theory and practice, and when all concepts are taken together, they become more than the sum of their parts. Finally, I point out an omission of the workshop, where computational modelling and simulation could be added to the landscape of strategic cyber deterrence.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. Here, I cite the decrease in the volume of computer network operations (CNOs) and industrial espionage between the USA and China, as reported by FireEye’s iSight intelligence unit. While the report highlights the reduction in the overall volume of CNOs between the USA and China, the authors are quick to comment on the increasing sophistication of attacks that are ‘focused, calculated, and still successful in compromising corporate networks’. FireEye iSight Intelligence, ‘Red Line Drawn: China Recacluates Its Use of Cyber Espionage’, (Milpitas, CA 2016).

  2. Throughout the course of the day, presentations were given by leading professors, lecturers and thinkers in the disciplines of the humanities, such as philosophy and law, as well as the social sciences in the areas of sociology, political science and subfields of military studies and international relations. I hope to paraphrase each concept accurately and I accept all misinterpretations as my own.

  3. Thomas Rid and Ben Buchanan, ‘Attributing Cyber Attacks’, Journal of Strategic Studies 38, no. 1–2 (2015).

  4. Jon R Lindsay, ‘Tipping the Scales: The Attribution Problem and the Feasibility of Deterrence against Cyberattack’, Journal of Cybersecurity (2015).

  5. Mandiant, ‘Apt1: Exposing One of China’s Cyber Espionage Units’, (Alexandria, VA 2013).

  6. US Department of Justice, ‘U.S. Charges Five Chinese Military Hackers with Cyber Espionage against U.S. Corporations and a Labor Organization for Commercial Advantage’, (Office of Public Affairs, 2014).

  7. Federal Bureau of Investigation, ‘Iranian Ddos Attacks’, FBI.gov, https://www.fbi.gov/wanted/cyber/iranian-ddos-attacks.

  8. Paul Cornish, ‘Arms Control Tomorrow: The Challenge of Nuclear Weapons in the Twenty-First Century’, America and a changed world: A question of leadership/ed. by Robin Niblett. Chatham House.-Chichester…: Wiley-Blackwell (2010).

  9. United Nations General Assembly, ‘Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security’, (A/70/174 2015).

  10. Thomas G Mahnken and Scott Jasper, Conflict and Cooperation in the Global Commons: A Comprehensive Approach for International Security (Georgetown University Press, 2012).

  11. The White House, ‘Remarks by President Obama and President Xi of the People’s Republic of China in Joint Press Conference’, (Office of the Press Secretary, 2015).

  12. There are other sematic iterations of deterrence not presented at the workshop or discussed in detail here in the commentary. ‘Deterrence by deception’ is one such concept, developed by Erik Gartzke and John Lindsay, in Erik Gartzke and Jon R Lindsay, ‘Weaving Tangled Webs: Offense, Defense, and Deception in Cyberspace’, Security Studies 24, no. 2 (2015).

  13. Lindsay, ‘Tipping the Scales: The Attribution Problem and the Feasibility of Deterrence against Cyberattack’.

References

  • Cornish P. (2010). Arms control tomorrow: the challenge of nuclear weapons in the twenty-first century. America and a changed world: a question of leadership/ed. by Robin Niblett. Chatham House.-Chichester…: Wiley-Blackwell 223–37.

  • Federal Bureau of Investigation. Iranian Ddos attacks. FBI.gov, https://www.fbi.gov/wanted/cyber/iranian-ddos-attacks.

  • FireEye iSight Intelligence (2016). Red line drawn: China recalculates its use of cyber espionage. Milpitas, CA

  • Gartzke, E., & Lindsay, J. R. (2015). Weaving tangled webs: offense, defense, and deception in cyberspace. Security Studies, 24(2), 316–348.

    Article  Google Scholar 

  • Lindsay J R. (2015). Tipping the scales: the attribution problem and the feasibility of deterrence against cyberattack. Journal of Cybersecurity: tyv003.

  • Mahnken, T. G., & Scott, J. (2012). Conflict and cooperation in the global commons: a comprehensive approach for International Security. Washington D.C: Georgetown University Press.

    Google Scholar 

  • Mandiant. (2013). Apt1: exposing one of China’s cyber espionage units. 76. Alexandria.

  • Rid, T., & Buchanan, B. (2015). Attributing cyber attacks. Journal of Strategic Studies, 38(1–2), 4–37.

    Article  Google Scholar 

  • The White House (2015). Remarks by President Obama and President Xi of the People’s Republic of China in Joint Press Conference. Office of the Press Secretary.

  • United Nations General Assembly. (2015). Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security. A/70/174.

  • US Department of Justice. (2014). U.S. Charges Five Chinese Military Hackers with Cyber Espionage against U.S. Corporations and a Labor Organization for Commercial Advantage. Office of Public Affairs.

Download references

Acknowledgements

I would like to thank Oxford Internet Institute for hosting the workshop and acknowledge RAND Europe for covering the costs of my attendance. I would like to thank Dr. Mariarosaria Taddeo for her invitation and encouragement to write the workshop commentary. Thanks go to Prof. Paul Cornish and Erik Silfversten for their efforts in reading early drafts of the commentary, as well as the two anonymous reviewers.

Author information

Authors and Affiliations

  1. Defence, Security and Infrastructure, RAND Europe, Cambridge, CB4 1YG, UK

    N. J. Ryan

Authors
  1. N. J. Ryan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to N. J. Ryan.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ryan, N.J. Five Kinds of Cyber Deterrence. Philos. Technol. 31, 331–338 (2018). https://doi.org/10.1007/s13347-016-0251-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13347-016-0251-1

Keywords

Search

Navigation