It seems that the debate over retaliatory cyber strikes is increasing in intensity and occurring more often than it did just a few short years ago. There are a number of reasons this is indeed the case and the least of which is not the frequency or impact of cyberattacks. This time the impact of cyberattacks did not take center stage in the spirited discussions. What replaced it was the growing concern centered on the ability to adequately attribute a specific cyberattack to an attacker or group of attackers and find out who was really behind the specific incident.
My peers in the cybersecurity industry generally are in agreement that achieving this level of assured attribution is a very tall order and the degree of difficulty continues to grow on an ongoing basis. Given the cloaking or masking techniques that have been employed and continue to be pioneered, cyber attribution is a large and growing challenge. Investigating and coming up with the hard evidence necessary for assigning blame to a state and non-state actors to the level of certainty necessary for retaliatory strikes is not being taken lightly. This is even more the case now that it is not uncommon for cyberattack strategists to include obviation, disinformation and embedding misleading information into the design and development of modern cyber weaponry. It is highly likely that a fair amount of research is currently underway for new and unique tools and techniques specifically designed for this purpose.
The question was asked: If you were in charge, would you be willing to launch a retaliatory strike based on the current level of evidence that typically results in the 24, 48, and 72 hours following a cyberattack?
If you think that is a difficulty position to be in and an extremely hard question to answer, consider making the retaliatory strike a combination of bombs and bullets as well as bits and bytes where lives might be on the line!
Featured Video
