#SorryNotSorry: Why states neither confirm nor deny responsibility for cyber operations/ Joseph M. Brown and Tanisha M. Fazal
Material type: TextPublication details: 2021Subject(s): Online resources: In: European Journal of International Security Vol 6 Issue 4, November 2021, pp.401-417 (27A)Summary: States accused of perpetrating cyber operations typically do not confirm or deny responsibility. They issue 'non-denial denials' or refuse to comment on the accusations. These ambiguous signals are prevalent, but they are largely ignored in the existing cyber literature, which tends to treat credit claiming as a binary choice. The ambiguity of non-denial denials and 'non-comments' allows states to accomplish two seemingly opposed goals: maintaining crisis stability and leaving open the possibility of their involvement in the attack. By deliberately remaining a suspect, a state can manipulate rivals' perceptions of its cyber capability and resolve. Refusing to deny responsibility can also shape rivals' perceptions of allies' capabilities, enhancing the credibility of deterrence. All of this can be accomplished without the escalatory risks that would come with an explicit admission of responsibility. Where previous research has focused on the dangers of escalation and the limitations of costly signalling with cyber, we show that non-denial denials and non-comments make cyber operations considerably more useful than the literature appreciates.Item type | Current library | Call number | Copy number | Status | Date due | Barcode | |
---|---|---|---|---|---|---|---|
Journal Article | Mindef Library & Info Centre Journals | INTELLIGENCE (Browse shelf(Opens below)) | 1 | Not for loan | 66843.1001 |
Browsing Mindef Library & Info Centre shelves, Shelving location: Journals Close shelf browser (Hides shelf browser)
States accused of perpetrating cyber operations typically do not confirm or deny responsibility. They issue 'non-denial denials' or refuse to comment on the accusations. These ambiguous signals are prevalent, but they are largely ignored in the existing cyber literature, which tends to treat credit claiming as a binary choice. The ambiguity of non-denial denials and 'non-comments' allows states to accomplish two seemingly opposed goals: maintaining crisis stability and leaving open the possibility of their involvement in the attack. By deliberately remaining a suspect, a state can manipulate rivals' perceptions of its cyber capability and resolve. Refusing to deny responsibility can also shape rivals' perceptions of allies' capabilities, enhancing the credibility of deterrence. All of this can be accomplished without the escalatory risks that would come with an explicit admission of responsibility. Where previous research has focused on the dangers of escalation and the limitations of costly signalling with cyber, we show that non-denial denials and non-comments make cyber operations considerably more useful than the literature appreciates.
CYBERSEC, INTEL
There are no comments on this title.