Is A Cyberattack An Act of War?

Uploaded on 2017-09-25 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-Law

As warfare becomes increasingly digital, countries are facing a major problem: It’s hard to define when a cyberattack constitutes an act of war.

Avril Haines, a former deputy national security adviser during the Obama administration, said recently that while there are established norms around what counts as a physical act of war, those same metrics don’t exist for digital attacks.

“In the conventional world, we have a long history of rules that tell us when another country has used force, when what they do constitutes an armed attack, and therefore when we have a legal basis to respond to it in a kinetic way or in other ways,” she said during an onstage interview at the Cloudflare Internet Summit in San Francisco.

But digital attacks don’t have the same set of laws and norms around them, Haines said. That’s particularly important in the case of what she called asymmetric state-sponsored attacks, when one country is able to put a critical piece of digital infrastructure at risk without incurring the costs traditionally associated with such an action.

Another issue is that one country declaring a cyberattack an act of war means that it would then be bound by that same statement for similar situations in the future. In her view, the solution is to create an international framework that can help remove ambiguity around these issues.

Determining the seriousness of attacks isn’t an academic exercise. Consider the United States Justice Department’s indictment in 2014 of four Chinese army officers for hacking-related offenses. The American government has also blamed North Korea for a massive attack on Sony Pictures.

Haines said maritime law provides a ray of hope for nailing down international issues around cyberwar. Because the law of the sea has been so defined, it’s possible for international trade and sailing to take place.

In some cases, it’s possible to sidestep that issue when hacking and other campaigns accompany traditional military actions. Distributed denial of service attacks originating from Russia hit key websites in Georgia prior to and during a war between the two countries in 2008. The Russian government denied responsibility for the attacks.

Tech companies are also getting into the mix around cyberwar regulations. Microsoft chairman Brad Smith has been advocating aggressively on behalf of his company for a “digital Geneva Convention” establishing norms and protecting civilians.

VentureBeat

You Might Also Read: 

International Co-Operation: Challenges & Potential For Engaging In Cyberspace:

NATO Could Go To War In Response To A Cyber Attack:

Image: US DoD:

« Get Your Data Strategy On Board
Wikileaks Release Details Of Mass Surveillance In Russia »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Galaxkey

Galaxkey

Galaxkey is a data protection product that protects email, documents and any data using access control and an encryption platform.

iboss Network Security

iboss Network Security

The iboss cloud is designed to deliver Network Security as a Service, in the cloud, using the best malware engines, threat feeds and log analytics engines.

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

Datacom Systems

Datacom Systems

Datacom Systems is a leading manufacturer of network visibility solutions.

Entersekt

Entersekt

Entersekt is an innovator in push-based authentication and app security.

Belkasoft

Belkasoft

Belkasoft is a software vendor providing public agencies, corporate security teams, and private investigators with digital forensic solutions.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

EvoNexus

EvoNexus

EvoNexus is a technology startup incubator with locations in San Diego, Orange County, and Silicon Valley.

Cado Security

Cado Security

Cado Security is pushing digital forensics, and cyber incident response to the next level with an incident response software platform and specialist consulting services.

Sixteenth Air Force (Air Forces Cyber) - USA

Sixteenth Air Force (Air Forces Cyber) - USA

Air Forces Cyber provides mission integration of Information Warfare at operational and tactical levels, creating dilemmas for adversaries in competition and, if necessary, future conflicts.

Cybrella

Cybrella

Cybrella offers professional cybersecurity services for small to medium sized businesses and to larger enterprises looking to expand their cybersecurity capabilities.

Hush

Hush

Hush is a premium privacy service that gives people unprecedented visibility and control of their digital footprint. Hush assesses threats, and goes to work to eliminate digital risks on your behalf.

Cyber Unicorns

Cyber Unicorns

Cyber Unicorns is a cyber security consultancy created to help drive cyber security outcomes in the small to medium-sized business space.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

Kaavalan

Kaavalan

Kaavalan was founded with a mission and a vision to protect you against cyber threats in the connected world.

Conifers

Conifers

Empower your existing SecOps team with the strength of AI - achieve SOC excellence with Conifers CognitiveSOC.