In an Asymmetrical World: Mutually Assured Destruction Means Developed Nations are Disadvantaged

According to an article by Niall Ferguson which appeared in the Boston Globe, we are currently in a state of Cyber War.  This article, entitled “Cyber War I Has Already Begun,” discusses the the Russian hacks surrounding election time in the United States and posits that the largest issue is not whether or not Russia was able to affect the outcome of the election but rather the fact that Russian hackers were able to launch cyber incursions effectively unchecked.

The article quotes Adm. Michael S. Rogers (head of the National Security Agency and US Cyber Command), as saying that “[The Nation is] … at a tipping point.”  Cyber-centric threats are now number one on the Director of National Intelligence’s (DNI) list, the article further states that the Pentagon reports over 10M intrusion attempts per day.  The full text of the article is here.


<opinion>

Thus, the concept of mutually assured destruction (MAD) which has its roots in cold-war nuclear rhetoric is unlikely to prove reliable to maintain any sort of status quo.  Under MAD, nuclear-capable Nations all realized that given the number of nuclear weapons within arsenals throughout the world that any nation that launched a nuclear attack would receive an in-kind response which would trigger additional attacks and counter-attacks which would ultimately result in global thermonuclear war with mankind itself being the ultimate loser.  Due to the fact that the barriers to entry into the  “nuclear-club” were so high and required extensive research and development which could only be funded and maintained in an advanced nation-state context MAD both in theory and as applied prevented the use of nuclear devices in a post World-War II context.

However, those same barriers to entry do not exist in the realm of cyber and thus it is both likely and possible that bad actors who are not necessarily supported by a nation-state could initiate a cyberattack against a developed nation’s cyber resources and in such a scenario the concept of MAD is meaningless given the lack of symmetry.  For instance, while the US could arguably cripple Chinese or Russian infrastructure (and they could, in turn, do the same to the US), no similar offensive could be launched against a single person or even a group of hackers with no direct nation-state ties (obviously a kinetic operation could be launched against either type of group, however that raises a whole other set of issues especially if the only “offense” was cyber in nature).

In short, these are scary times and we may want to consider the relevance of smaller groups or factions that operate outside the context of a traditional nation-state and thus any virtual or kinetic offensive operations launched against such groups may be limited in both reach and effect.  This is somewhat analogous to the early American raids against the British Regular Army, with small incursions designed to hit-and-run, maximize impact and minimize exposure. Thus, a numerically inferior force may wreak havoc amongst a far larger force which does not bode well for the developed world in the realm of cyber.  If this maxim holds true then we will continue to face cyber attacks from a wide-ranging base of potential bad actors, all of whom may find solace in the fact that even if we solve the issue of attribution, retribution will be muted given the nature of the target (and the fact that a group/persons do not possess critical infrastructure or other such target-rich entities).

This should concern all of us, since a lack of a MAD-inspired détente means the world is full of potential threats, many of which have no regard for the cyber or kinetic capabilities of so-called Superpowers. Consequently, as the article quoted Robert Morris Sr., the only “safe” computing device is one that is not in use and is in fact not even powered on (of course Morris, may not have fully factored in the smartphone and IoT variants as some of these devices may continue to be insecure even when powered off by a user).  There may therefore be no such thing as a “safe” computing device — users beware.

Share:

Tags: ,

Authors

Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic.Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

is 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography

Categories