Cyber attribution is hard. It’s not impossible, but it takes time. Time that doesn’t exist when your infrastructure is collapsing and you’re thinking about resorting to what is euphemistically called a “kinetic response”.
Retaliation against the wrong target could well result in disaster.
One possible solution, at least in part, could be installing direct “cyber hotlines” between national leaders.
The Moscow–Washington hotline of Cold War fame is the archetype.
During the high-stakes nuclear Cuban Missile Crisis of 1962, official diplomatic messages took up to six hours to deliver. Presidents John F Kennedy and Nikita Khrushchev had to resort to unofficial channels, including relaying messages via TV news correspondents.
The Moscow–Washington hotline was installed the following year.
This hotline was never the iconic red telephone of TV and movies. At first it was a teletype, then a fax machine, and now email. Initially, its terrestrial phone lines were backed up by a radio link via Tangier in northwestern Morocco. Today, a set of satellite links are backed up by optical fibre.
At least eight other pairs of nations have developed their own hotlines.
Cyber versions of these hotlines are a key recommendation of the Cyberspace Solarium Commission (CSC), a US government initiative to “develop a consensus on a strategic approach” to defending the nation against “cyber attacks of significant consequences”.
“The US government should develop a multi-tiered signaling [sic] strategy aimed at altering adversaries’ decision calculus and addressing risks of escalation. This signaling strategy should also effectively communicate to allies and partners US goals and intent,” says the CSC’s final report [PDF].
“The strategic level of signaling should involve overt, public diplomatic signaling through traditional mechanisms that have already been established for other domains, as well as private diplomatic communications through mechanisms such as hotlines and other nonpublic channels (including third party channels in instances in which the United States may lack robust diplomatic relationships).”
The CSC also recommends developing a framework to guide “when and under what conditions the US government will voluntarily self-attribute cyber operations and campaigns for the purposes of signaling capability and intent to various audiences”.