Deterrence in the cyber domain differs from conventional deterrence in that the offensive capabilities of the attacker and defender are usually unknown by the opposing party. Attackers often only receive noisy signaling from the defender offering little information about the defender’s retaliatory capabilities. This signaling in these conflicts creates a guessing game for the attacker unsure about the potential consequence of attack. The analysis finds that faking signaling as a defender can provide added deterrence or even, counter-intuitively, induce attacks so as to gain better knowledge of the attacking capabilities. The effectiveness of this strategy infers that deterrence is a strong cyber defense strategy.
