Goodreads helps you follow your favorite authors. Be the first to learn about new releases!
Start by following Ben Buchanan.
Showing 1-7 of 7
“hacking was a fundamental, though mostly secret, tool of American statecraft, one deployed clandestinely against foe and friend alike”
―
―
“But states have difficulty evaluating cybersecurity threats. If a state does detect an intrusion in one of its vital networks and if that intrusion looks to be from another state, what should the state suffering the intrusion conclude? On the one hand, it might be a defensive-minded intrusion, only checking out the intruded-upon state’s capabilities and providing reassuring intelligence to the intruding state. This might seem unsettling but not necessarily threatening, presuming the state suffering the intrusion was not developing capabilities for attack or seeking conflict. On the other hand, the intrusion might be more nefarious. It could be a sign of some coming harm, such as a cyber attack or an expanding espionage operation. The state suffering the intrusion will have to decide which of these two possibilities is correct, interpreting limited and almost certainly insufficient amounts of data to divine the intentions of another state. Thus Chapter Four’s argument is vitally important: intrusions into a state’s strategically important networks pose serious risks and are therefore inherently threatening. Intrusions launched by one state into the networks of another can cause a great deal of harm at inopportune times, even if the intrusion at the moment of discovery appears to be reasonably benign. The intrusion can also perform reconnaissance that enables a powerful and well-targeted cyber attack. Even operations launched with fully defensive intent can serve as beachheads for future attack operations, so long as a command and control mechanism is set up. Depending on its target, the intrusion can collect information that provides great insight into the communications and strategies of policy-makers. Network intrusions can also pose serious counterintelligence risks, revealing what secrets a state has learned about other states and provoking a damaging sense of paranoia. Given these very real threats, states are likely to view any serious intrusion with some degree of fear. They therefore have significant incentive to respond strongly, further animating the cybersecurity dilemma.”
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
“The first objection is that states are not capable of attributing the source of a network intrusion, short-circuiting any security dilemma. The second objection is that the danger posed by network intrusions does not pose an existential risk and so the cybersecurity dilemma is not a major concern. The third and final objection is that cyber capabilities are unevenly distributed; strong states are more likely to possess cyber capabilities than weak ones, but, the objection argues, this is true of all military weapons and so cyber capabilities are not significant. In responding to these objections, this chapter establishes the boundaries of the cybersecurity dilemma argument.”
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
“The situation gets still more concerning. As Chapter Six argues, two important factors that are frequently assumed to be constants in the traditional security dilemma models are in fact variables in cybersecurity. In most other security dilemma discussions, each actor sees the moves of its potential adversaries and must determine the intentions behind those moves. In cybersecurity, the distribution of information is vastly more asymmetric, which increases risk and uncertainty for decision-makers. With proper tradecraft, many actions, including the development of powerful capabilities and the launching of significant intrusions, often remain out of view to others. Thus, unlike in many historical and theoretical textbook cases, in cyber operations not only must states potentially fear what they see, but they must potentially fear what they do not see as well. Defensive-minded intrusions that resolve this uncertainty thus seem still more appealing. Similarly, in the traditional security dilemma model there is almost always some status quo of shared expectations. This implicit or formal consensus of behavior provides significant guidance about which activities the involved parties consider normal and non-threatening. The potential for escalation in this model occurs only when this shared vision of normalcy breaks. In cybersecurity, however, there is only a nascent status quo. Without a common conception of appropriate national behavior, the probability of dangerous misinterpretation increases. Building on these five steps to the argument, the final two chapters of the book are somewhat different in kind. Chapter Seven pauses to consider three objections to the cybersecurity dilemma logic and how they might constrain the argument.”
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
“Without solid information, a military is open to feints and surprises and is likely to miss opportunities. Intelligence aids in the production, use, and conservation of power.37 In short, the right intelligence can lead to better and more rational policy-making. In a world full of many possible threats, contingencies, and opportunities, sound intelligence can help policy-makers prioritize objectives and tasks. Once focused, policy-makers rely on accurate information and analysis to guide their decisions, as no policy-maker can ever hope to know offhand all that he or she must about a potential adversary or a geopolitical event. Good intelligence can also sometimes act as a brake on unchecked ideology. Although policy-makers largely retain decision-making power, well-reasoned analysis can minimize the degree to which decisions rely on hunches, biases, and predispositions. By accurately and fairly framing issues, intelligence can ensure that reason has a place in government. This is a role long prized by some famous analysts.38 But intelligence collection can be threatening to the state targeted by the operation. States must bear additional costs to keep their operations secret. If”
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
“Even when states attain security, it is too often fleeting. Instead, states must always be on their guard, and possibly even always seeking to expand, regardless of what effect it might have on other states.24 Norms, institutions, and international organizations are of little value in dampening this dangerous state of affairs.25 This result is something more properly termed a “security paradox,” in which the innate desire for security counterintuitively begets insecurity and instability.26 The”
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
“collecting the intelligence has only benign intentions, paralleling the structure of the military-focused security dilemma.35 Intelligence collection can empower and secure states. Most obviously, good intelligence can guard against devastating surprise attacks. As the attacks on Pearl Harbor and on the World Trade Center have shown, intelligence collection is essential in peacetime as well as in war.36 States must never get too comfortable about their own security. The collection and integration of intelligence from a wide range of disparate sources is a key part of efforts to detect and prevent unexpected dangers.”
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
― The Cybersecurity Dilemma: Hacking, Trust and Fear Between Nations
