Why General Mattis is wrong in thinking ‘deterrence is critical’ for cyberattacks
US Secretary of Defense nominee General Mattis believes deterrence will curb cyberattacks, but he is assuming that the hackers are human.
Retired US Marine General James “Mad Dog” Mattis said that the US has no clear doctrine in place to counter cyberattacks at his Senate confirmation hearing to see if he will become the next Secretary of Defense under the Trump administration.
Instead of answering how to address cyberattacks once they occur, the retired general said that “deterrence is critical,” when dealing with alleged threats from Russia, China, and terrorist groups.
However, Mattis never took into account the threat from AI bots that can hide their points of origin.
If “deterrence is critical,” what does that mean to hackers? How will hackers be deterred from mounting cyberattacks against the US?
If the hacker is a state-sponsored agent, then the deterrent would be not to cause an international incident that could trigger a response from the US — but that could only occur if the hacker’s location were pin-pointed.
The hard part in addressing cyberattacks is determining where an alleged hack comes from, as evidenced by the headlines that claim Russia hacked the US presidential election, although no proof has been made public.
But what if the hacker uses Artificial Intelligence (AI) to launch the attacks? Last year, DARPA held a contest where hackers leveraged their technologies — bot vs bot — to exploit security risks.
“One bot proved it could find and exploit a particularly subtle security hole similar to one that plagued the world’s email systems a decade ago—the Crackaddr bug,” according to Wired. This had previously been thought only to be possible by humans, but not anymore.
Going back to the question of deterrence, AI bots don’t worry about this. In fact, Artificial Intelligence will even represent a paradigm shift in how wars are fought because they make the notion of deterrence irrelevant.
According to the World Economic Forum (WEF) Global Risk Report 2017, swarm attacks risk “upsetting the global equilibrium by neutralizing the defense systems on which it is founded. This would lead to a very unstable international configuration, encouraging escalation and arms races and the replacement of deterrence by pre-emption.”
The WEF was referring to actual, physical attacks using weapons against defenses, but the logic is still the same — machines are becoming smarter than humans and machines don’t “think” like we do when it comes to deterrence.
Whatever General Mattis is suggesting about deterrence, he’d better take Artificial Intelligence into account when addressing cyberattacks.
According to Mattis, a cyberattack “does not need to be deemed an act of war to trigger a response,” while adding that “cyber cuts across everything we do today,” and the US military cannot handle such a large task on its own.
The Secretary of Defense nominee is looking to band together different branches of government to handle the cyberattack problem. He suggested “a multi-agency effort that could include the Defense, State, Treasury, and Homeland Security departments.”