Cyberwarfare – Game Theory Analysis
In today’s society with the advancement of technology and the ever-increasing cyberattacks on both private and government industries, cyberwarfare is an evermore present and important topic to talk about. Much like how traditional war can be analyzed using game theory with examples such as the Hawk-Dove game, so too can cyberwarfare and an analysis of the effects of offensive and defensive measures. Under war conditions such as the Cold War with tensions high, the wrong move could prove disastrous, whether that be offensively firing a nuclear weapon that would surely lead to mutual assured destruction or defensively building countermeasures that could be mistakenly construed as a preparation for a counterattack after one attacks themselves (defensive measures due to expectation of retaliation from an attack).
These game theory applications of a traditional war setting can be applied to the current cyberwarfare battlefield that state governments currently fight on now. Is it wise to pour resources into cracking enemy firewalls to obtain their sensitive data or is it wiser to pour resources into defending one’s own firewalls to secure their own sensitive data? These type of questions can lead strategists to use Nash equilibria to analyze and determine best strategies, both pure and mixed. How much should one invest into attack and defense strategies, how effective are such said strategies, and what are the benefits and drawbacks are all valid and important questions to ask.
On the other hand, we can also analyze cyberwarfare in terms of reactivity and retaliation. From a political standpoint, it’s not always possible to determine the attacker(s)’ identities and who is responsible for a cyberattack. Is it worth the potential public backlash to identify and blame states or governments and even in doing so, is there a beneficial cost? If the public demands retaliatory action, is it even possible to do so or would such actions be useless and thus, the cost of placing blame on a group be higher than the cost of no action? The lack of any rules on this new domain of attack is ultimately what makes legislation and developing proper strategies in light of cost analysis from game theory so hard. The extent and complexity of cyberwarfare can vary and the amount of damage a cyberattack can have is not always apparent either. Therefore, as cyberwarfare continues to develop in the coming years, it’s essential that strategists and analysts stay fluid and adaptive with game theory principles.