| ID | 181129 |
| Title Proper | #SorryNotSorry |
| Other Title Information | Why states neither confirm nor deny responsibility for cyber operations |
| Language | ENG |
| Author | Fazal, Tanisha M ; Brown, Joseph M |
| Summary / Abstract (Note) | States accused of perpetrating cyber operations typically do not confirm or deny responsibility. They issue ‘non-denial denials’ or refuse to comment on the accusations. These ambiguous signals are prevalent, but they are largely ignored in the existing cyber literature, which tends to treat credit claiming as a binary choice. The ambiguity of non-denial denials and ‘non-comments’ allows states to accomplish two seemingly opposed goals: maintaining crisis stability and leaving open the possibility of their involvement in the attack. By deliberately remaining a suspect, a state can manipulate rivals’ perceptions of its cyber capability and resolve. Refusing to deny responsibility can also shape rivals’ perceptions of allies’ capabilities, enhancing the credibility of deterrence. All of this can be accomplished without the escalatory risks that would come with an explicit admission of responsibility. Where previous research has focused on the dangers of escalation and the limitations of costly signalling with cyber, we show that non-denial denials and non-comments make cyber operations considerably more useful than the literature appreciates. |
| `In' analytical Note | European Journal of International Security Vol. 6, No.4; Nov 2021: p.401 - 417 |
| Journal Source | European Journal of International Security Vol: 6 No 4 |
| Key Words | Intelligence ; Deterrence ; Coercion ; Cyber Conflict ; Signalling |