Cyber deterrence: Is it possible? | By Rimsha Malik


Cyber deterrence: Is it possible?

CYBER deterrence is the use of threat and defensive strategy to prevent or discourage cyber-attacks on a country or organization. The goal of cyber deterrence is to create a disincentive for potential attackers by making it clear that the consequences of an attack will outweigh any potential benefits. This can include both proactive measures, such as strengthening a country or organization’s cyber defences and reactive measures, such as the threat of retaliation. Cyber security professionals predict that by 2025, global cyber crime would cost $10.5 trillion yearly.

To reduce cyber-related dangers, states must develop effective deterrent measures and strong, effective methods. China and the United States have distinct policies for cyber deterrence. China’s policy is focused on protecting its critical infrastructure and national security interests through a combination of legal measures, technical means and international cooperation. The Chinese government has also been accused of using cyber espionage to acquire sensitive information from other countries.

The United States, on the other hand, has a more proactive approach to cyber deterrence. The U.S. government has emphasized the need for strong cyber defences and has launched offensive cyber operations in response to perceived threats. The U.S. has also imposed sanctions and indictments on individuals and organizations involved in cyber activities that threaten U.S. national security. Additionally, the US has also been promoting international norms of responsible state behaviour in cyberspace. Both countries have sought to shape the global governance of cyberspace to align with their respective interests and values, which has resulted in a certain level of tension between them.

In the global cyber security index, Pakistan is ranked 79th. As new forms of warfare threaten states, terms like “cyber wars,” “cyber attacks,” and “cyber-intrusions” have crept into the discourse of state security. Pakistan has a relatively sophisticated cyber warfare capability and has been involved in a number of cyber attacks against its adversaries in the past. It is not clear what specific cyber deterrence strategy Pakistan employs, but it is likely that the country has a mix of defensive and offensive capabilities to deter potential cyber-attacks.

Cyber deterrence is possible, but it can be challenging to implement effectively. One of the main challenges of cyber deterrence is that it can be difficult to attribute cyber-attacks to a specific individual or group. This makes it difficult to determine whom to hold accountable and what specific actions to take in response to an attack. Additionally, the constantly evolving nature of technology and the internet makes it challenging to stay ahead of potential threats and to effectively defend against them. Another challenge with cyber deterrence is that it requires a complex, multi-layered approach that includes both defensive and offensive measures.

This can involve implementing robust cyber security measures, developing a strong incident response plan and having the capability to respond to attacks in a timely and effective manner. Despite these challenges, governments and organizations are actively working to develop and implement strategies for cyber deterrence. This includes cooperation on a global scale, sharing information and building trust among nations in order to better detect and respond to potential cyber threats. However it is challenging, cyber deterrence is possible, but it requires a multi-layered approach and ongoing efforts to stay ahead of evolving cyber threats. The policy primarily employs deterrence by denial, which involves denying the offender any benefit.

Cyber deterrence is aimed at maintaining peace by preventing or discouraging cyber-attacks from occurring. This can be done through a variety of means, including, Building strong defensive capabilities: By fortifying its own cyber defences, a country can make it more difficult for adversaries to successfully launch cyber-attacks against it. Developing offensive capabilities: Having the ability to launch cyber-attacks against an adversary can serve as a deterrent, as the adversary may be less likely to attack if they know they will face retaliation.

Diplomatic efforts: Countries can engage in diplomatic efforts to establish norms of behaviour in cyberspace and to build trust with other nations to reduce the likelihood of cyber conflict. Deterrence through punishment: If a cyber-attack occurs, a country can respond with a variety of measures, including sanctions, diplomatic isolation and even military action. By using a combination of these strategies, a country can effectively deter potential adversaries from launching cyber-attacks, thus helping to maintain peace and stability in the cyber realm.

Pakistan must establish a centralized command that would act as the main entity in charge of developing military capabilities in cyberspace. The development of a framework for protecting the nation’s critical infrastructure from cyber attacks requires collaboration between the government, military and commercial sectors. The reduction of cyber vulnerabilities requires a strong cyber security infrastructure. Further investments in new technologies must be undertaken in addition to the implementation of policies and improving the regulatory framework. This will strengthen the cyber defence, establish a strong posture of deterrence and improve Pakistan’s domestic cyber capability.

—The writer is Researcher at Centre for International Strategic Studies, AJK and working on cyber warfare and national security.