We all know, or at least understand, that there are weapons that do not need to be used to do their job.
Over time the nuclear weapon, after some demonstrative actions perhaps not necessary to end a war already won, has become a bogeyman like the black man employed by mothers and grandparents to force children to obey and go to bed without saying a word. The non-trivial function of the nuclear weapon is therefore to act as a deterrent.
In order for the deterrence to work, any employment must be recognized by the opponent as a punishment that one cannot risk suffering (which state would like to see its city of a few million inhabitants reduced to lightning ashes ?!).
Everlasting at the basis of deterrence is the concept of limiting the spread of the weapon capable of inflicting damage. This is because deterrence works if few exercise it and many suffer it. If everyone had the final weapon, deterrence would be exercised mutually and would result only in preventing the use of the weapon itself.
In any case, possessing a weapon of such Power that it can frighten the enemy just by possessing it is not enough to exercise deterrence, you need the "will" and "strength" of a state that is ready, to extreme evils, to use it!
This means in the first place that the state must be strong and must have a government capable of making decisions, even unpleasant ones if necessary.
What has been said so far does not in any case be andeterrence analysis but only to recall some concepts that may be useful in our case: can cyber be seen as a capacity for deterrence?
The discussion has long animated the restricted contexts in which strategic culture is not banned like the plague ...
Cyber has several features that potentially make it a strategic tool (if in the hands of a few) but it also has several features that limit its effectiveness.
La cyber deterrent it can be achieved mainly in two ways:
- becoming strong enough to protect itself, to make any attempt to attack useless, so-called "cyber deterrence by denial";
- having the ability to hit the opponent in such a way as to put him on his knees, the so-called "cyber deterrence by punishment".
There are naturally many boundary conditions that I cannot and do not want to deal with in these few lines but some simple considerations must instead be made.
Cyber deterrence, in the "by denial" form, seems hardly reachable by anyone, unless we hypothesize technological revolutions that allow one of the actors to make a qualitative leap. Could this be the case with quantum technology? Or the massive use of Artificial Intelligence? Or, maybe the combination of multiple factors? We'll see...
Cyber deterrence in the "by punishment" form also seems impractical. The "formula" has some possibility of working only if supported by a great intelligence capacity employed in order to identify the culprit of a cyber attacks with almost absolute certainty.
Having said that it seems rather difficult that cyber capability can be used alone as a deterrence tool, different is the case of its use in the context of a "deterrence strategy", where each "weapon" runs with its peculiarities to achieve the goal .
So let's start thinking that the world is a place where conflicts are real and where, to survive as a nation, you need to have a strategy ... cyber ability can therefore play its role, as long as you don't arrive last!
To learn more:
- https://ccdcoe.org/uploads/2018/10/Challenges_in_Developing_Credible_Cyb...
- https://www.swp-berlin.org/10.18449/2019C34/
- https://www.fifthdomain.com/dod/2019/04/30/is-there-such-a-concept-as-cy...
- https://nationalinterest.org/feature/case-cyber-deterrence-plan-works-46207
- https://ccdcoe.org/uploads/2018/10/Art-02-The-Cyber-Deterrence-Problem.pdf
Photo: US Marine Corps Forces Cyberspace Command
