Crisis and Escalation in Cyberspace

Crisis and Escalation in Cyberspace

Martin C. Libicki
Copyright Date: 2012
Published by: RAND Corporation
Pages: 198
  • Cite this Item
  • Book Info
    Crisis and Escalation in Cyberspace
    Book Description:

    The chances are growing that the United States will find itself in a crisis in cyberspace—the escalation of tensions associated with a major cyberattack, suspicions that one has taken place, or fears that it might do so soon. Such crises can be managed by taking steps to reduce the incentives for other states to step in, controlling the narrative, understanding the stability parameters of the crises, and recognizing escalation risks.

    eISBN: 978-0-8330-7679-3
    Subjects: Technology

Table of Contents

  1. Front Matter
    (pp. i-ii)
  2. Preface
    (pp. iii-iv)
  3. Table of Contents
    (pp. v-viii)
  4. Figures and Table
    (pp. ix-x)
  5. Summary
    (pp. xi-xxii)
  6. Acknowledgments
    (pp. xxiii-xxiv)
  7. Abbreviations
    (pp. xxv-xxvi)
  8. CHAPTER ONE Introduction
    (pp. 1-18)

    The chances are growing that the United States will find itself in a cybercrisis—the escalation of tensions associated with a major cyberattack, suspicions that one has taken place, or fears that it might do so soon. Bycrisis, we mean an event or events that force a state to take action in a relatively short period or face the fraught consequences of inaction. Typically, because of fear that failure to act leads to war or a great loss of standing, states believe they must quickly decide whether to act.¹ When we use the termcyberattack, we refer to what...

  9. CHAPTER TWO Avoiding Crises by Creating Norms
    (pp. 19-38)

    Norms, we¹ now argue, can be an important component in modulating cybercrises, given some realism about what norms can or cannot do.

    Those norms that call on states to separate themselves from freelance hackers and organized-crime elements not only make the ecosystem of cyberspace more trustworthy; they also limit the number and power of rogue actors that might otherwise go fishing in troubled waters. Those norms that require the victims of cyberattacks to exercise caution assigning responsibility to other states or in modulating how they respond can help spread oil on those troubled waters. Adroitly applying the laws of war...

  10. CHAPTER THREE Narratives, Dialogue, and Signals
    (pp. 39-72)

    The writer Tom Wolfe used to argue that modern art had “become completely literary: the paintings and other works exist only to illustrate the text.”¹ Using this insight, he argued that a modern art museum that, like classical art museums, had large paintings and small explanations of them should instead have large explanations with small paintings in order to illustrate the point. So, too, with narratives about cyberwar. What happened may pale compared with what people say happened. Perhaps more than any other form of combat, cyberwar is storytelling—not inappropriately for a form of conflict that means to alter...

  11. CHAPTER FOUR Escalation Management
    (pp. 73-122)

    Once a crisis has blossomed into conflict, crisis management becomes escalation management. The success of escalation management depends on the fact that both sides would prefer less disruption and violence rather than more of it—but not necessarily before they make their point to one another. At the very least, both sides share an interest in keeping control over what breaks out rather than ceding control to fate, the passions of warriors, the intrigues of factions, or third parties.

    Admittedly, escalation in cyberspace remains a speculative topic. Few government officials have declared their red lines. The cyber equivalent of Herman...

  12. CHAPTER FIVE Implications for Strategic Stability
    (pp. 123-146)

    Cyberwar is said to present stability problems similar to those associated with nuclear weapons. Not for nothing did a summer 2010 cover story in theEconomistpicture cyberwar as the digital equivalent of the nuclear bomb, a threat to civilization that necessitated international negotiations and arms control. But does cyberwar threaten strategic stability? Although the matter is still not settled,¹ this chapter argues that the factors that make nuclear instability an issue do not apply in cyberspace, or at least not in the same way.

    If the definition ofstrategic stabilityis widened to include all possible sources of inadvertent...

  13. CHAPTER SIX Can Cybercrises Be Managed?
    (pp. 147-150)

    Crises are usually best avoided or resolved with speed. Cybercrises are no exception. Perhaps there are times when a lesson needs to be forced on others. Perhaps, someone else wants a crisis for reasons having nothing to do with what any other state (or at least the United States) did, and a response of some sort is, alas, unavoidable. But, often, there are choices that can be made.

    Cybercrises are not an inevitable feature of cyberspace per se. Because it is nearly impossible to disarm cyberattackers, and because cyberdefense is rarely utilized to its fullest (e.g., by disconnecting networks), states...

  14. APPENDIX A Distributed Denial-of-Service Attacks
    (pp. 151-154)
  15. APPENDIX B Overt, Obvious, and Covert Cyberattacks and Responses
    (pp. 155-158)
  16. APPENDIX C Can Good Cyberdefenses Discourage Attacks?
    (pp. 159-162)
  17. Bibliography
    (pp. 163-172)