Confess or Deny? Strategies for Dealing with Cyber Attacks

The manner in which a nation-state reacts to a cyber-attack, both domestically and internationally, is significant. In light of the unique characteristics of cyber operations and the growth of their frequency, there is an intensified need for discussion regarding the efficacy of policies and practices to manage reactions to cyber-attacks. The proposed research investigates the preferred strategy for attacked nation-states in admitting or hiding an attack. The research focuses primarily on democracies, in which public transparency holds a significant value, which serves the overall interests of society and its government. In contrast, unreliable official announcements, intended to hide and cover an attack, can lead to constant suspicion towards governmental systems and public officials. On the other hand, one cannot discount the fact that hiding an attack may serve specific national security objectives.

In open and democratic societies, over time, public mistrust may develop when actual attacks are being covered up as technical malfunctions. This loss of public trust may have severe consequences and long-term effects on national security.

We argue that an admission of a cyber-attack may promote transparency and generate public confidence in the governmental system; neither of which should be ignored as they hold significant value, especially in a democracy.

Nation-states often avoid admitting they had been attacked, making such case studies a rare phenomenon. Therefore, theoretical scenarios will be used in the theoretical discussions in order to illustrate the dilemmas and allow for the discussion of the various considerations that said nation-states should take into account.