Rules of the Cyber Road for America and Russia
In the cyber realm, the difference between a weapon and a non-weapon may come down to a single line of code, or simply the intent of a computer program’s user. While this makes negotiating cyber arms-control treaties problematic, it does not make diplomacy impossible.
CAMBRIDGE – The United States responded weakly after Russian cyber operations disrupted the 2016 presidential election. US President Barack Obama had warned his Russian counterpart, Vladimir Putin, of repercussions, but an effective reply became entangled in the domestic politics of Donald Trump’s election. That could be about to change.
Recently, American officials anonymously acknowledged that US offensive cyber operations prevented a Kremlin troll farm from disrupting the 2018 Congressional elections. Such offensive cyber operations are rarely discussed, but they suggest ways to deter disruption of the US presidential election in 2020. Attacking a troll farm will not be enough.
Deterrence by threat of retaliation remains a crucial but underused tactic for preventing cyber attacks. There has been no attack on US electrical systems, despite the reported presence of Chinese and Russians on the grid. Pentagon doctrine is to respond to damage with any weapon officials choose, and deterrence seems to be working at that level.