The fog of (cyber) war
Cybermilitias, black hat hackers and other non-nation-state bad guys blur the lines on the virtual battlefield.
Computerworld - Analysts and strategists gathered at the Cyber Warfare 2009 conference in London last January were grappling with some thorny problems associated with the cyberaggression threat. One that proved particularly vexing was the matter of exactly what constitutes cyberwarfare under international law. There's no global agreement on the definitions of cyberwarfare or cyberterrorism, so how does a nation conform to the rule of law if it's compelled to respond to a cyberattack?
Back in the U.S. trenches, drawing up a legal battle plan is indeed proving to be extraordinarily complex. Those definitions are especially elusive when you consider that no one can even be sure who the potential combatants are.
"There is some real work that needs to be done, not only in the U.S., but globally, to think about what is a use of force or an act of war in cyberspace," says Paul Kurtz, a partner at Good Harbor Consulting LLC in Arlington, Va., and a former senior director for critical infrastructure protection on the White House's Homeland Security Council.
The need to establish global norms about what is acceptable behavior in cyberspace, he says, is complicated by the fact that "the weapons are not just in the hands of nation-states. They're essentially in everybody's hands."
"Laws of war would forbid targeting purely civilian infrastructure," adds Steven Chabinsky, senior cyberadvisor to the director of national intelligence. "But terrorists, of course, don't limit themselves by the Geneva Conventions."
Time, effort and expertise
Further fogging up the battlefield is the fact that it's nearly impossible to identify all of the potential targets. It is possible to conduct a threat assessment, however, and there appears to be general consensus in the cyberdefense community that the biggest threat in terms of scale is presented by nation-states.
"Cyberattacks which seek to manipulate [an adversary's] critical infrastructures would take more time, effort and expertise than mere data theft," says Kenneth Geers, U.S. representative to the Cooperative Cyber Defense Centre of Excellence in Tallinn, Estonia. "But computer network defenders should understand that time, effort and expertise are resources that militaries and foreign intelligence services often have in abundance."
Analysts and former intelligence officials, including Kurtz, say that, not surprisingly, China and Russia top the list of countries with highly developed cyberwarfare capabilities. Kurtz also named Iran and North Korea as countries with known cyberwarfare aspirations.
While Chabinsky declined to be specific because of concerns about compromising intelligence-gathering methods, he affirmed that the U.S. has identified "a number of sophisticated nation-state actors who we believe have the capability to bring down portions of our critical infrastructure." Fortunately, he added, "we don't think they have the intent to do so, [since] our country would respond accordingly, and not necessarily symmetrically through cyber means."
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- Mission Critical: Managing Mobile Applications & Content
- Smartphones, tablets and other mobile devices have become embedded in enterprise processes, thanks to the consumerization of IT and a new generation of...
- Securing Mobility, From Device to Network
- At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Planning for Mobile Success
- Many organizations are seeing clear and quantifiable benefits from the deployment of mobile technologies that provide access to data and applications any time,...
- The Challenges and Opportunities of Mobile Application Development
- Nearly all business users now demand mobile devices--their own or company-owned--along with anywhere access to corporate applications and data. What turns mobile devices... All Government IT White Papers
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope...
- All Government IT Webcasts