In an era of ever more alarming cyberattacks, Western policymakers are increasingly looking to the concept of ‘cyber deterrence’ as a force for stability. Understood as the ability to dissuade enemy attacks through the credible threat of retaliation, deterrence looms large in discussions of Russian cyberattacks. However, for such a deterrence relationship to work, it must at least be tacitly accepted by the other side. Yet the Russian strategic community currently appears highly critical of cyber deterrence, with many officials and experts deriding the concept as unworkable.
This report examines key Russian theoretical objections, alongside Russia’s practical, albeit partial, implementation of the concept. Indeed, in spite of sustained criticism, the Russian position on cyber deterrence has in some ways come to mirror that of the West.
Even so, unless Russia fully embraces the concept, instability and the risk of unintended escalation will remain. Thus, Western policymakers need to convince and incentivise Russia to accept cyber deterrence as a stabilising framework. This requires Western countries to:
- Improve their cyber deterrence posture by drawing select and credible red lines, such as a declaration that attacks on critical national infrastructure will incur a response
- Build allied capacity and cyber defences to better withstand and mitigate attacks, thereby increasing the cost of attacks and deterring Russia through denial
- Engage Russia in a multiyear, governmental dialogue on cyber issues to argue the case for cyber deterrence and address Russian objections
The long-term goal of such efforts should be to eventually reach a politically binding agreement with Russia on acceptable behaviour in cyberspace. This would cover:
- Non-interference in political processes
- Refraining from attacks on critical national infrastructure
- Refraining from attacks on the ‘public core’ of the internet
- Agreeing common standards for attribution
- Agreeing that attacks on nuclear command and control are impermissible
Although these aims are ambitious, they are the best solution for creating lasting West-Russia stability in cyberspace.
The opinions articulated above also do not necessarily reflect the position of the European Leadership Network or any of its members. The ELN’s aim is to encourage debates that will help develop Europe’s capacity to address pressing foreign, defence, and security challenges.