Deterrence and the Problem of Attribution in Cyberspace: An Analysis of Vulnerabilities and Options for Pakistan

Abstract

This study examines the concept of deterrence and the problem of attribution in cyberspace. Unlike conventional deterrence, deterrence in cyberspace is perplexing, and the problem of attribution makes it even more complex. However, the advancement of technology and its sophistication have made deterrence in cyberspace, as well as attribution, relevant. States in the context of cyber rivalry employ different strategies to deter their rivals in cyberspace, such as threat of punishment, denial by defense, entanglement, etc. This study further argues that the threat of punishment is relatively less effective as compared to denial by defense and entanglement because robust infrastructure and a resilient system would imbalance the cost-benefit equation, making the attack futile and costly. Furthermore, this study suggests that investing in and advancing scientific capabilities, as well as strengthening infrastructure and defense capabilities, would help improve attribution forensics while improving the deterrence capability of states in general, and Pakistan in particular. This would make the attacking states realize that the costs of attacks would exceed the benefits.