Search GSSD

Raising the Consequences of Hacking American Companies

Abstract: 
This article discusses the need for the US to create an explicit cyber deterrence policy againststate-sanctioned attacks on the private sector. Citing two recent ransomware attacks, Simon outlines how hostile foreign powers sponsor and enable attacks against private infrastructure for monetary gain, intellectual property theft, and political outcomes. He also notes the efficacy of cyber attacks; law enforcement cannot respond while they occur due to their speed, and victims have with limited responsive options beyond investing in more defensive mechanisms due to pre-existing laws. He emphasizes a need for a policy that clearly signals when and how the US will respond to cyber attacks against its private sector, warning that these attacks will only increase if not addressed soon. While he does mention the steps the US has already taken to build norms for responsible state behavior within cyberspace, he also acknowledges their limitations and puts forth suggestions for a cyber deterrence policy he think will effectively deter future attacks while leaving room for flexible responses by the state. He concludes his paper by raising the question of the extent to which the US is responsible to protect its own private sector. Key words: hegemony, deterrence, state-sponsored cybercrime, hacking, private sector, norms, intellectual property
Author: 
David Simon
Year: 
2017
Input By: 
Ianka Bhatia
Affiliation: 
MIT
Dimensions-Problem/Solution: 
Industry Focus: 
Internet & Cyberspace
Country: 
United States
Datatype(s): 
Policies
Theory/Definition