Everand Logo

Welcome to Everand!

  • The Atlantic

    Writing the Rules of Cyberwar

    The line between offensive and defensive attacks is far from clear, a new book argues.
    by Alyza Sebenius Jun 28, 2017 9 minutes
    Source: Rob Engelaar / Getty

    The Washington Post’s report last week on Russian cyber efforts to disrupt the 2016 election—and the Obama administration’s months-long debate over how to respond—ended on a foreboding note. Among the measures apparently adopted in response to the hack was “a cyber operation that was designed to be detected by Moscow but not cause significant damage,” involving “implanting computer code in sensitive computer systems,” according to anonymous officials who spoke to the paper. The code could be used to trigger a cyberattack on Russia in response to another Russian cyberattack on America, whether that targeted elections or infrastructure. The paper characterized the operation as currently being “in its early stages.”

    From an American perspective, the operation as described could look defensive—if it was “designed to be detected,” it would serve as a warning and potential deterrent against further offensive actions by Russia. Or it could be used purely in retaliation for aggression of some kind. On the other hand, though, once the implants are operational, what’s to stop an American leader from using them for offensive purposes, simply to weaken, undermine, or otherwise mess with Russia? From the Russian perspective, this potential would make the implants look like an offensive cyberoperation—and prompt “defensive” measures on Russia’s part, that would in turn threaten the United States. The cycle could escalate from there.

    This dynamic is an example of the “security dilemma”: When a state takes defensive measures, other states can perceive such behavior as threatening,, that the line between offense and defense is even blurrier in cyberspace. “To assure their own cybersecurity, states will sometimes intrude into the strategically important networks of other states and will threaten—often unintentionally—the security of those other states, risking escalation and undermining stability,” Buchanan writes. Meanwhile, a ransomware attack believed to be using stolen NSA tools spread across the globe on Tuesday for the second time in as many months, showing another way cyber tools can undermine stability: The technologies states develop to protect themselves can be stolen by criminal hackers and turned against their inventors.

    You’re reading a preview, subscribe to read more.

    More from The Atlantic

    The Atlantic7 min readAmerican Government
    The End of the Biden Era
    This is an edition of The Atlantic Daily, a newsletter that guides you through the biggest stories of the day, helps you discover new ideas, and recommends the best in culture. Sign up for it here. Joe Biden didn’t just have a bad night. American dem
    The Atlantic4 min read
    Amazon Decides Speed Isn’t Everything
    Amazon has spent the past two decades putting one thing above all else: speed. How did the e-commerce giant steal business away from bookstores, hardware stores, clothing boutiques, and so many other kinds of retailers? By selling cheap stuff, but mo
    The Atlantic4 min readCrime & Violence
    What the Supreme Court Doesn’t Get About Homelessness
    The Supreme Court has just ripped away one of the rare shreds of legal protections available to homeless people. In a 6–3 ruling, the Court has decided that the city of Grants Pass, Oregon, did not violate the Eighth Amendment by enforcing camping ba

    Related Books & Audiobooks