Body
The North Korean cyber attack against Sony Pictures Entertainment raised important questions about the feasibility of deterrence in cyberspace, the protection of First Amendment values, and the responsibility of the US government to safeguard private networks. It also resulted in the unprecedented attribution of responsibility for a cyber attack to a nation state by a US president, despite public controversy over the evidence.
In a new issue brief for the East-West Center, my colleague Jon Lindsay and I undertake a somewhat more extended analysis of the hack and its broader implications. We argue that the Korean peninsula provides evidence of what is known as the stability-instability paradox. Deterrence has generally worked to prevent large-scale conflict, but has not stopped ongoing lower level conflicts, most notably along the Northern Limit line. The Sony hack has extended this dynamic into cyberspace. It is impossible to deter all forms of cyber harassment, particularly given the so-called attribution problem: the difficulty of identifying hackers with certainty. But we argue that policymakers can manipulate the threshold of ambiguity that makes limited aggression more or less attractive.