These recent events demonstrate how quickly the nation’s escalating cyberbattles have outpaced the rush to find a deterrent, something equivalent to the cold-war-era strategy of threatening nuclear retaliation.So far, despite millions of dollars spent on studies, that quest has failed.
Participants in the war game emerged with a worrisome realization. Because the Internet has blurred the line between military and civilian targets, an adversary can cripple a country — say, freeze its credit markets — without ever taking aim at a government installation or a military network, meaning that the Defense Department’s advanced capabilities may not be brought to bear short of a presidential order.
That is what makes the Google-China standoff so fascinating. Google broke the silence that usually surrounds cyberattacks; most American banks or companies do not want to admit their computer systems were pierced. Google has said it will stop censoring searches conducted by Chinese, even if that means being thrown out of China. The threat alone is an attempt at deterrence: Google’s executives are essentially betting that Beijing will back down, lift censorship of searches and crack down on the torrent of cyberattacks that pour out of China every day. If not, millions of young Chinese will be deprived of the Google search engine, and be left to the ones controlled by the Chinese government.
An Obama administration official who has been dealing with the Chinese mused recently, “You could argue that Google came up with a potential deterrent for the Chinese before we did.”
This requires deep thought about the asymmetry of the situation in cyber-warfare, where the identity of the enemy may not be initially known. It shows that excellent defense, while necessary is insufficient, I don't think anyone has a greater vested interest in good defense than Google, but they were still hacked. This is a very tough problem, and I wish I had more insight.