Waging Cyberwar In Peacetime

Uploaded on 2015-11-10 in NEWS-News Analysis, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

 

It was only mid-2009, when the US secretary of defense ordered the establishment of a dedicated Cyber Command. Now more than 100 countries have military and intelligence cyberwarfare units.

In the words of then-chairman of the Joint Chiefs of Staff, Martin Dempsey, cyber has become “one of the most serious threats to national security.” A key problem is the absence of well-accepted norms of behavior spanning both their use in conflicts and, more concerning, a broad spectrum of peacetime scenarios.

Russia was first to synchronize cyberattacks with a ground offensive when it invaded Georgia in 2008 and there is no doubt cyber will be integrated into future conflicts. Less clear are the appropriate applications. International law suggests attacks should be proportionate and limit civilian casualties. However, the Internet makes civilian targets the easiest to strike and in many instances causalities are not immediate. For example, disabling an electricity grid during summer might lead to deaths through heat exhaustion.

Responding appropriately to cyberattacks
Also unclear is the appropriate response. If a cyberattack is deadly or enormously destructive, is a conventional military response justified? And if the attacked country has only a limited cyber capability is it justified in reverting to a conventional response at an even lower level of severity? The ease of launching disruptive cyberattacks also makes them tempting, low cost ways for third party states to get involved, and perhaps, allies of the attacked state to launch counter-cyberattacks in response.
The nature of cyberwarfare also means attacks will not always come from states. A well-organized diaspora population located in a third country (or spread across several) could launch a cyberattack during a conflict. If this population was in a friendly state, a law enforcement response would seem likely, but if it was in an unfriendly state, a range of other response options might be on the table depending on the severity of the attack. As the director of National Intelligence noted in his statement to the Senate Armed Services Committee in February, it can also be difficult to distinguish between state and non-state actors within the same country, further complicating a decision on the appropriate response.

State-backed efforts to agree on norms of behavior have begun, but are still in their early stages. One wordily named forum is the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security. This formation was established last year “to study, with a view to promoting common understandings…including norms, rules or principles of responsible behavior of States.” In June 2015, it offered recommendations. Many of these were sensible, such as the suggestion: “A State should not conduct or knowingly support ICT activity contrary to its obligations under international law that intentionally damages critical infrastructure.” Unfortunately, the characterization of some of the recommendations as norms was more aspirational than founded in practice considering they are being breached on a daily basis.

In his statement to the Senate Armed Services Committee in February, the director of National Intelligence, James Clapper, characterized the attacks as a “growing reality” and noted: “foreign actors are reconnoitering and developing access to US critical infrastructure systems, which might be quickly exploited for disruption if an adversary’s intent became hostile.” Key threat actors named were Russia, China, Iran, and North Korea, the latter two noted for having “possibly more disruptive intent.”

Conducting cyberattacks during peacetime
Cyberattacks should now be expected during times of war. Of far more concern though is the emerging norm in favor of conducting cyberattacks during peacetime. In 2012, UK’s former Minister of State for the Armed Forces Nick Harvey even made the case to the Shangri-La Dialogue that cyberattacks were “quite a civilized option.”

Practice would suggest several states agree. In 2012, it was revealed the United States had been targeting Iran’s nuclear program with cyberattacks: It was the first time a cyberattack had turned hot, doing physical real-world damage. In retaliation, Iran launched a major attack in August 2012 on the world’s largest energy company, Saudi Aramco.
North Korea has also been active, attacking South Korean banks and broadcasters in March 2013. In November 2014, it struck again, targeting Sony’s spoof movie, “The Interview,” about the assassination of the North Korean leader. The attackers used the threat of terrorism to persuade theater chains in the United States to pull out of screening the film.
As President Obama said: “We cannot have a society in which some dictator someplace can start imposing censorship here in the United States. Because if somebody is able to intimidate folks out of releasing a satirical movie, imagine what they start doing when they see a documentary that they don’t like, or news reports that they don’t like.”

These attacks didn’t lead to any deaths, but that seems unlikely to last. Major attacks on critical infrastructure could easily result in many, making escalation to traditional military options possible. Cyberattacks may have appeared to be a soft, civilized option when not everyone had them, but with over 100 states now having military and intelligence cyberwarfare units and cyber capabilities increasing, their more benign nature is unlikely to last or to escape the pitfalls of miscalculation and escalation.

As the world’s leading advanced, open economy the United States is vulnerable to cyberattack, including on critical infrastructure. It has a strong interest in leading a much more robust global discussion that will agree on norms of behavior and challenge the emerging norm in favor of using cyber weapons in times of peace.
Brookings Inst: http://brook.gs/1kkJvgX

 

 

« Drone Carrying Drugs Crashes at a US Prison
A Threat No One Is Talking About - Attack On the Power Grid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

FireEye

FireEye

FireEye delivers unmatched detection, protection and response technology through an extensible and flexible cloud-based XDR platform.

MaxMind

MaxMind

MaxMind is an industry-leading provider of IP intelligence and online fraud detection tools.

Dionach

Dionach

Dionach are a certified information security specialists who provide Penetration Testing, IT Security Auditing and Information Security Consultancy.

App-Ray

App-Ray

App-Ray provides fully automated security analysis of mobile applications to find security issues, privacy breaches and data leaking potentials.

Secure Decisions

Secure Decisions

Secure Decisions focus on research and product development related to national security including information assurance, computer network defense, cyber security education, and application security.

CertiK

CertiK

CertiK uses rigorous Formal Verification technology to provide hacker-resistant smart contract and blockchain audits, thorough penetration testing, and customized security integrations.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

Sayata Labs

Sayata Labs

Sayata delivers a streamlined solution for processing cyber policies. Increase profitability with an easy and intuitive platform.

GuardSight

GuardSight

GuardSight is a provider of specialized cybersecurity services to safeguard businesses, government, and remote workers against sophisticated cyber threats.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

Hong Kong Broadband Network (HKBN)

Hong Kong Broadband Network (HKBN)

HKBN are a leading integrated telecom and technology solutions provider that offers a comprehensive range of premier ICT services to both the enterprise and residential markets.

Sixteenth Air Force (Air Forces Cyber)

Sixteenth Air Force (Air Forces Cyber)

Air Forces Cyber provides mission integration of Information Warfare at operational and tactical levels, creating dilemmas for adversaries in competition and, if necessary, future conflicts.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

Strata Information Group (SIG)

Strata Information Group (SIG)

Strata Information Group (SIG) is a trusted partner in IT solutions and consulting services.

Barclay Simpson

Barclay Simpson

Barclay Simpson is proud to have a long history of delivering cyber security, technology and governance recruitment services.

Somos

Somos

From voice to messaging to fraud prevention and beyond, Somos are committed to developing innovative solutions that ensure that our ability to maintain trustworthy connections never stops.