The cybersecurity dilemma: hacking, trust, and fear between nations* 论文

摘要

There is hardly a more pressing topic in contemporary security affairs than cyber security—yet none so perplexing. Cyber weapons are a recent addition to the arsenal of states, and ‘cyberwar’ in general is a remarkably and increasingly worrisome prospect. Since the beginning of history, states seeking to enhance their security have faced a dilemma: to ensure their own security through actions that threaten the perceived security of others (e.g. military buildup) or to do nothing and risk being left vulnerable. When actions cannot be clearly interpreted, the ‘security dilemma’ drives fear. When there is sufficient fear, the security dilemma drives war. In The cybersecurity dilemma, Ben Buchanan applies the old dilemma of interpretation and response to cyberspace, arguing that what states do to ensure their own cyber security, in turn, destabilizes the system. By invading other states' networks, states can prepare the groundwork for future aggression without committing to it. They scan for unknown weakness inside another state's system or plant malicious worms that later have knock-on cyber effects—as happened with Stuxnet, a jointly built American–Israeli cyber weapon that targeted Iran's nuclear programme in 2010 through Iranian industrial computer systems. Gaining meaningful access to another state's network is by far the hardest part of a cyber operation given the time and effort required compared to the final, exploitation stage.