The Boston Globe has an article from a fellow at the Harvard Kennedy School of Government arguing that the United States should assert its right to cyber self-defence by declaring that “it will promptly counter-attack as accurately and as proportionally as technology allows”.
This is an interesting – if scary – argument. It conjures up memories of the Cold War and “Mutually Assured Destruction” or even further back of Lord Palmerston and “the send a gun-boat” style of diplomacy. Did either strategy work? Well, some would argue there was no nuclear war during the Cold War years (although, the aftermath poses some interesting problems of proliferation etc). And, of course, during the Palmerston era the Sun never set on the British Empire (allegedly because the Sun knew it could never trust the British Empire in the dark).
It is undeniably the case that a number of nation-states are developing an offensive cyber-warfare capacity and those that ostensibly are only interested in developing a defensive strategy can readily reverse the process to become offensive (Porton Down was always ostensibly about developing chemical weapons defence …).
Similarly, non-state-sponsored cyber attacks often emanate from countries who are either indifferent to the activities going on within their borders or are powerless to intervene.
Does this give a country the right to retaliate? The Boston Globe article suggests that a few bouts of such retaliation would bring about the creation of some international means of regulating and protecting cyberspace. That may be true, but it would be good to think that such an outcome could be achieved without the digital trench warfare that the article describes.