May 08, 2019
As any fan of martial arts knows, one of the best moves is to take an attacker's weapon and turn it back on them. In 2016, that's just what Beijing did – in cyberspace: after American operatives used a particular bit of code to attack Chinese computer systems, Chinese hackers took it, repurposed it, and used it to attack a bunch of US allies, according to The New York Times.
The technical details of the story are fascinating, but it also raises some big political questions:
If countries can't control their cyber arsenals, can they at least establish some ground rules for how they are used? Avoiding a destructive free-for-all in cyberspace may depend on it. But hacking tools aren't like conventional or nuclear arms, where countries have agreed to enforceable limits on capabilities and behavior. They're invisible, with no real way to count them or verify they've been destroyed, and prone to being stolen.
And despite an ongoing attempt by the US and its allies to deter bad behavior by indicting hackers, imposing sanctions, and even threatening military force in response to malicious cyber-attacks, there's nothing in cyberspace comparable to the doctrine of mutually assured destruction that has helped deter and prevent conflicts between nuclear-armed powers.
Why is that so difficult? For one thing, it's relatively easy to hide your identityor get hired guns to do your bidding in cyberspace – making it hard for the victims of cyber-attacks to be 100 percent confident in targeting their response.
There's also a lot of mischief that state-backed hackers can get up to that is short of outright war, but can still hurt an adversary (think: swiping personal data that can help identify spies or stealing trade secrets). Governments don't want to give those capabilities up. This helps explain why attempts to establish widely agreed, enforceable "cyber norms" have made limited progress, despite 15 years of wrestling with the issue at the UN.
The upshot: We already knew the US was struggling to secure its cyber arsenal. Now we know that just using a cyber weapon means there's a risk it'll be stolen and used by someone else. As more countries gain access to these tools, reaching a basic agreement on rules of behavior will become even more important.More For You
Participants hold placards during a protest to condemn the U.S. and Israeli attacks on Iran and commemorate students killed in a strike on a girls' primary school in Minab in southern Iran on February 28, in front of the U.S. embassy in Seoul, South Korea, March 12, 2026.
REUTERS/Kim Soo-hyeon
175: The number of people killed at an Iranian girls’ school in a strike on Feb. 28. Initial intelligence reports suggest that the US was to blame for the strike, per the New York Times, after the military used a now-defunct set of coordinates to deploy the hit.
Most Popular
Strong communities start with opportunity. Bank of America invested nearly $40 million in workforce development programs in 2025 — helping 86,400 people connect to jobs, and 264,000 build new skills that strengthen local economies. Explore how Bank of America is building the workforce of today and tomorrow.
Chris, an Army veteran, started his Walmart journey over 25 years ago as an hourly associate. Today, he manages a Distribution Center and serves as a mentor, helping others navigate their own paths to success. At Walmart, associates have the opportunity to take advantage of the pathways, perks, and pay that come with the job — with or without a college degree. In fact, more than 75% of Walmart management started as hourly associates. Learn more about how over 130,000 associates were promoted into roles of greater responsibility and higher pay in FY25.
© 2025 GZERO Media. All Rights Reserved | A Eurasia Group media company.