Perspectives for Cyber Strategists on Law for Cyberwar

The proliferation of martial rhetoric in connection with the release of thousands of pages of sensitive government documents by the WikiLeaks organization underlines how easily words that have legal meanings can be indiscriminately applied to cyber events in ways that can confuse decision makers and strategists alike. The WikiLeaks phenomenon is but the latest in a series of recent cyber-related incidents––ranging from cyber crises in Estonia and Georgia to reports of the Stuxnet cyberworm allegedly infecting Iranian computers––that have contributed to a growing perception that “cyberwar” is inevitable, if not already underway. All of this generates a range of legal questions, with popular wisdom being that the law is inadequate or lacking entirely. Lt Gen Keith B. Alexander, the first commander of US Cyber Command, told Congress at his April 2010 confirmation hearings that there was a “mismatch between our technical capabilities to conduct operations and the governing laws and policies.” Likewise, Jeffrey Addicott, a highly respected cyber-law authority, asserts that “international laws associated with the use of force are woefully inadequate in terms of addressing the threat of cyberwarfare.” This article takes a somewhat different tact concerning the ability of the law of armed conflict (LOAC) to address cyber issues. Specifically, it argues that while there is certainly room for improvement in some areas, the basic tenets of LOAC are sufficient to address the most important issues of cyberwar. Among other things, this article contends that very often the real difficulty with respect to the law and cyberwar is not any lack of “law,” per se, but rather in the complexities that arise in determining the necessary facts which must be applied to the law to render legal judgments

International humanitarian law and the targeting of non-state intelligence personnel and objects

This Article examines the targetability of individuals and organizations performing intelligence functions for a non-State group involved in an armed conflict. Specifically, it considers the circumstances under which they lose the international humanitarian law (IHL) protections from, and during, attacks that they would otherwise enjoy as civilians. To do so, the piece deconstructs IHL’s “organized armed group” construct to determine when an intelligence organization can be characterized as a component thereof. Noting that some non-State groups consist of both entities involved in the hostilities and organizations having no relationship to them, the Article introduces the concept of a non-State group’s “overall OAG,” a notion that parallel’s the characterization of a State’s various military units as its “armed forces.” Additionally, the Article assesses the circumstances under which individuals engaged in activities intelligence who are not members of an OAG may be targeted on the basis of their “direct participation in the hostilities.

Understanding digital intelligence and the norms that might govern it

Abstract: This paper describes the nature of digital intelligence and provides context for the material published as a result of the actions of National Security Agency contractor Edward Snowden. It looks at the dynamic interaction between demands from government and law enforcement for digital intelligence, and at the new possibilities that digital technology has opened up for meeting such demands. The adequacy of previous regimes of legal powers and governance arrangements is seriously challenged just at a time when the objective need for intelligence on the serious threats facing civil society is apparent. This paper suggests areas where it might be possible to derive international norms, regarded as promoting standards of accepted behaviour that might gain widespread, if not universal, international acceptance, for the safe practice of digital intelligence

A Dynamic Cyber Terrorism Framework

Abstract—Many nations all over the world have increased their dependency on cyberspace by maximizing the use of Information and Communication Technology (ICT). In this digital age, the concept of cyber terrorism or the use of cyberspace to carry out terrorist activities has emerged. Interestingly, there are many concepts of cyber terrorism provided by researchers, policy makers and individuals. This paper proposes a framework describing the core components of cyber terrorism. The authors have analyzed the data by using a grounded theory approach, in which the framework is drawn. The framework defines cyber terrorism from six perspectives: Target, motivation, method of attack, domain, action by perpetrator, and impact. In addition, the proposed framework provides a dynamic way in defining cyber terrorism as well as describing its influential considerations. Continued research in this area can be further conducted, which may lead to the development of strategic and technological framework to counter cyber terrorism

Fifth Dimensional Battlespace: Terrorism and Counter-Terrorism Implications

This essay in the terrorism futures series will highlight the emergence of fifth dimensional battlespace, its implications for both the conduct of terrorism and counterterrorism operations, and, to some extent, interactions with terrorist disruptive targeting capabilities. Additionally, the larger civilizational context in which a dynamic yet little recognized terrorism and counterterrorism ‘fifth dimensional capabilities race’ that is taking place will be highlighted. While initially this concept may seem abstract, the importance of understanding its implications will become apparent

Cyberterrorism in the Context of Contemporary International Law

The present Article addressed the legal issues surrounding cyberterrorism. In the first chapter, the author explains why cyberterrorism should be described as “the use of electronic networks taking the form of a cyber-attack to commit a) a substantive act criminalized by the existing legal instruments prohibiting terrorism, or b) an act of terrorism under international customary law.” Further, with a special emphasis on existing anti-terrorism conventions and customary international law, it was demonstrated which actors are likely to engage in acts of cyberterrorism (non-state actors, corporations and individuals), as well as which targets are protected by law and which aims are to be pursued by terrorists. The last two chapters concentrated on permissibility of individual response to cyberterrorism and applicability of this concept to jus in bello. The author noted that although generally self-defense in jus ad bellum is permitted, the controversial legal theories will have trouble adapting to the realities of cyberterrorism without international support. The author also highlights the paradoxical situation of two regimes on terrorism (archaic and conventional) coexisting during armed conflicts and its impact on cyberterrorism. Future convergence of these regimes on political level will require legal coordination of international organizations. This Article demonstrates why conventional terrorism by states should be ruled out as a viable concept in international law. at the same time the author argues in favor of the organization of the islamic conference suggestion to exclude freedom-fighters from the applicability of anti-terrorism conventions. major legal gaps identified in this article include preservation of prisoner of war privileges by conventional terrorists during wars, as well as legal discrepancy created by the conventions regime on terrorism which ensures freedom-fighters and cyber-guerillas receive less legal protection than military forces of a state despite their equal status under the additional protocol I

The significance of the transition of Supervisory Control and Data Acquisition (SADA) Systems to TCP/IP platforms

SCADA system security is a significant United States national security issue based on the systems’ vulnerabilities and the cyber threats that seek to exploit them. Within the last fifteen years as SCADA systems have collectively transitioned to Transmission Control Protocol/ Internet Protocol (TCP/IP) networks, analysts and policy-makers have expressed increased concern over the general security and protection of SCADA systems, which are responsible for monitoring and controlling our nation’s critical infrastructure. SCADA systems are susceptible based on their ease of entry and their attractiveness as a target. In addition, there a number of cyber threats such as hackers and malware, insiders, terrorist organizations and state actors that are dangerous based on their intent and capabilities. U.S. government engagement with private sector owners and operators of critical infrastructures is essential for mitigating the abundant threats that characterize cyber-terrorism

The North Atlantic alliance and collective defense at 70: confession and response revisited

The North Atlantic Treaty was largely a response to global sentiment that other international organizations, namely the United Nations, were not accomplishing their intended purpose of the maintenance and promotion of peace and order in the world. This had a magnifying effect due to the global trauma and destruction that had been witnessed by the world following World War II. This Article visits the realities of history that led to the formation of NATO as a collective measure for self-defense and the effectiveness it had as a response to global concern of peace preservation. Importantly, this Article analyzes the substantive military functioning articles of the North Atlantic Treaty, namely Article 5. This Article serves to provide a reflection on the instability and overwhelming concerns that motivated the creation of NATO and its rippling effect felt globally as a responsory action. Lastly, this Article positions collective self-defense in the context off issues faced in 2019 and how it serves to respond to them

Cyberterrorism after STUXNET

View the Executive SummaryThe discovery of STUXNET was a recent milestone in the arena of cyber security because it was the first malware designed to cause real world damage to industrial control systems. It demonstrated that a sufficiently determined adversary might be able to cause physical damage to U.S. critical infrastructure through a cyberattack. This monograph asks if STUXNET has had an effect on cyberterrorism in terms of motive, means, and opportunity. It is argued that terrorists have ample motive, opportunity, and modest means, which raises the question of why a major cyberattack has not happened yet. The lack of cyberattacks can be explained by a cost-benefit argument, and STUXNET has not changed the cost-benefit equation. Cyberattacks are unlikely in the near future, but the cost-benefit argument does not rule out the possibility of cyberattacks in the long term if costs change. There seems little that can be done to change terrorist motive or means. The only factor that is feasible to address is opportunity. Specifically, policies should enhance protection of national infrastructure to reduce the risk exposure to cyberattacks.https://press.armywarcollege.edu/monographs/1492/thumbnail.jp