Adam Segal at CFR, the person from whom I learn most about China and cybersecurity (here is a sampling of his posts), has a post that links to a China Defense Daily article on why Chinese experts think the U.S. military will have difficulty achieving its cybersecurity deterrence aims. As Segal reports (based, I think, on his translation):
The article [in China Defense Daily] sees the U.S. as being unable to secure its networks. The announcement of the Defense Department’s Strategy for Operating in Cyberspace, in the Chinese view, encouraged other countries to develop their own offensive capabilities. Attribution is hard, and providing proof of who is behind an attack that would convince others is still extremely difficult. Detection and monitoring capabilities in cyberspace are underdeveloped so it is a real question whether the U.S. military can detect, provide warning of, and deter an attack before it happens. Finally, if the United States decides to retaliate through offensive cyberattacks, it can have no certainty about the outcomes. The impacts on networks are often limited and can be quickly recovered from.
The most interesting point here, I think, is that even if U.S. officials are (as they increasingly say) better able to attribute cyber-operations, the credibility of their public responses to the operations depends in part on being able to convince various audiences in the United States and abroad that the attribution is accurate.
