Cyber Retribution

There is an interesting article over at Lawfaremedia.org on preventing election related cyberattacks. An excellent article, well worth reading. What struck me though was the last paragraph:

“The Biden administration should make clear that interference in the election is a true red line—no matter which campaign is targeted or who benefits. The Biden administration should threaten real consequences and then restore the credibility of U.S. red lines through action. The response to the Iran hack could be a true tit-for-tat: Iran just had an election, and surely the U.S. government collected sensitive information about the candidates. Declassify and release it, ensuring it lands inside Iran’s borders. Embarrassment is a far greater threat to Tehran’s closed authoritarian society than it is to Washington. Some observers may argue that now is the wrong time to push back on Iran, given the tense situation with Israel. They would be wrong. Iran must realize that the United States will not coddle and cajole it into a more responsible posture on the world stage. Especially when it comes to core national values, like a free and fair election—something Iran knows little about—U.S. resolve must be unbending and its tolerance for this sort of meddling gone.”

I am not sure that I agree with the premise of the central sentence; “Embarrassment is a far greater threat to Tehran’s closed authoritarian society than it is to Washington.” One thing is certain though, our current responses to international cyberattacks have been significantly less than effective. This would be a low-cost (financially and politically) solution, and it could not be any less successful than the sanction regimes that have been the “most successful” retaliation to date. Perhaps it is worth a try. In any case, creative thinking like this is going to be needed to deal with state-sponsored or state-encouraged cyberattacks.