How to Deter Russian Cyber Attacks

July 12, 2017 Topic: Security Blog Brand: The Buzz Tags: RussiaPutinTrumpCyber2016 Election

How to Deter Russian Cyber Attacks

If war is politics by other means, as Clausewitz famously characterized it, deterrence can be thought of as political persuasion by other means.

Washington’s political class may not agree on much these days, but nearly everyone agrees that Russia should be punished for meddling in the US presidential election. The only question is how severe that punishment should be.  Many worry that if the consequences are too lenient, Moscow will interfere in future elections, perhaps on an even grander scale than in 2016. As a result, a consensus appears to be forming around some combination of clear warnings, strengthened sanctions, and retaliatory cyber operations all meant to demonstrate that Russia will pay a severe price for interference in US politics, thus deterring future meddling.

One element of this package, a new and toughened sanctions regime, was passed in the Senate in June 2017 by a vote of 98-2 and includes an automatic renewal provision absent specific Congressional action to lift sanctions.  The Washington Post reported that the second element,  retaliatory cyber operations , was authorized by the Obama administration before it left office and requires no further action by the Trump White House for the bureaucracy to act.  Former Assistant Attorney General for National Security John Carlin advanced a novel suggestion for the warning element in a recent article in Atlantic Monthly, calling for creation of a “dead-hand switch” that would automatically trigger retaliation if the Intelligence Community determines a country has interfered in our elections.

Such steps have undeniable cathartic appeal, and they would certainly enable both the White House and Congress to show they have done something significant in response to what the Washington Post has dubbed “the crime of the century.”  But what makes sense politically does not always produce effective policy.  Deterring cyberattacks by Russia -- and by others -- is a vital U.S. interest, but unless we think carefully about how we do it, we could end up incentivizing the very behaviors we hope to discourage. The U.S. has a long history of success in nuclear deterrence, rooted in a robust literature on deterrence theory. Adapting the principles that proved so effective in dealing with the Soviet nuclear threat is our best formula for deterring Russian cyberattacks today.

Principle One:  Examine Their Motives

If war is politics by other means, as Clausewitz famously characterized it, deterrence can be thought of as political persuasion by other means. The objective is to convince an adversary that his desired goal would be too difficult or costly to achieve. Doing this necessarily requires an accurate assessment of what the adversary hopes to accomplish, how important those objectives are to him, and what outcomes he fears. Misperceptions of his hopes and fears can lead to underestimations of how much pain he is willing to endure in pursuit of his goals or failure to anticipate his countermoves.


When it comes to evaluating Russia’s hopes and fears as they relate to cyber operations, it is tempting but misleading to reason from effect to cause, survey the societal divisions in the United States that have grown during and after the 2016 presidential campaign, and assume that Russia’s influence activities are aimed broadly at destabilizing our country. That reasoning appears to underpin the judgments about Russian goals offered by key intelligence officials. “They’re in to do us in,” former Director of National Intelligence James Clapper has asserted, adding that the Russians  “have to be celebrating” their success in sowing dissension . The much-cited Intelligence Community Assessment (ICA) on Russia’s role in the 2016 US presidential election sings from this same music sheet, asserting that Russia’s goals are nothing less than “to undermine faith in the US democratic process” and “to undermine the US-led liberal democratic order.”  The policy implications of this assessment are clear: unless we meet Russia’s aggression with a resolute response, we will invite even more aggression.

In fact, contrary to Clapper’s expectations, Russia’s diplomats and foreign policy experts  are lamenting  the instability and unpredictability flowing from  what they regard as a U.S. domestic political crisis .  According to Fyodor Lukyanov, one of Russia’s most respected foreign policy analysts and editor-in-chief of the journal Russia in Global Affairs, Russians “are very confused and even a bit terrified by what we see unfolding in Washington.” That American disarray is causing worry rather than celebration in Moscow is a sign that we need to take a deeper, evidence-based look at Russian goals before settling on a policy response to their influence activities.  

Not all threatening behavior flows from aggressive intent. If what we view as aggression is actually fear and insecurity, rooted in Moscow’s perceptions of aggressive U.S. designs, too forceful a response could exacerbate Russian fears and  trigger a dangerous escalatory spiral of hostility . The recent report that Russian intelligence hackers have penetrated the systems of some  U.S. nuclear power plants  and other power generation companies, perhaps to put retaliatory options in place in the event of U.S. cyberattacks on Russia, is an ominous sign in this regard. By contrast, a better understanding of these fears might facilitate negotiation of a mutual pledge of non-interference in each other’s domestic politics, including a provision that  attacks on voting systems and other critical infrastructure will be treated as acts of war .