The next National Defense Authorization Act (the NDAA FY’18) is nearing the finish line. A Conference Report is now available, and so the time has come for a closer look at some of the key provisions of interest to Lawfare readers. My colleague Scott Anderson is going to post a broad overview shortly. For my part, I’d like to walk you through the “Cyberspace-Related Matters” section (sections 1631-1649C).
Latest in deterrence
U.S. assurances to China are critical for securing cooperation.
Thoughts on the international law dimensions of the Defense Science Board’s Task Force Report on Cyber Deterrence and Joseph Nye’s article on Deterrence and Dissuasion in Cyberspace.
Matthew Waxman testifies before the Senate Armed Services Committee on the international law dimensions of U.S. cyber strategy and policy.
The United States' seemingly insufficient reaction may have been informed by international law; the United States might have responded to the DNC hack as it did because international law did not permit it to do more. Limited state recourse to escalatory self-help measures is a feature of the modern international legal order—but, as the DNC hack, Sony hack, and growing number of similar cyber-enabled interferences demonstrate, in cyberspace this feature may have become a bug.
What does the US accusation of Russian election interference, and contemplated responses, tell us about our cyber deterrence strategy (or lack thereof)?
The U.S. government has once again decided not to impose sanctions on China or its companies for their massive public and private cyber thefts. President Obama says that there "comes a point at which we consider [digital intrusions by China and others] a core national security threat." One what extreme event or events will have to occur for us to reach that point.