Think tank in Estonia ponders war in cyberspace
During a cyberattack, the traditional rules of warfare don't quite fit
IDG News Service - When one nation launches a missile at another, it's easy to pinpoint the aggressor. But during a cyberattack, the aggressor may not be so identifiable, and the traditional rules of warfare don't quite fit.
As nations increasingly develop their cyber offenses and defenses, an international think tank in Estonia is researching a range of legal questions and concepts around clashes in cyberspace.
One of those questions is how to label these skirmishes and whether it's appropriate to call them "cyberwarfare" or "cyberconflict," said Rain Ottis, a scientist with the Cooperative Cyber Defense Center of Excellence (CCDCOE) in Tallinn, Estonia.
The CCDCOE was launched in May 2008 to help NATO countries deal with ever-growing cyberthreats by focusing on defense tactics, training, protection of critical national infrastructure, and policy and legal issues.
Although several nations have experienced significant cyberattacks, "we don't have a single good instance of real cyberwarfare," Ottis said. He believes that warfare occurs between states.
"We are trying to come up with a way to explain this in a more formal way so not everything by default is cyberwarfare," Ottis said. "Personally, I don't want to devalue the word war."
How to define a cyberincident is one of the topics on the agenda for the CCDCOE's 2010 Conference on Cyber Conflict in June, which will include a new legal and policy track.
CCDCOE researchers are also part of a working group studying the laws of armed conflict to see how cyberattacks should be interpreted. The laws of war, encompassed in international treaties -- some of which are more than 100 years old -- deal with issues such as when a nation can go to war and what is considered legal when at war, Ottis said.
It's brand-new legal territory, but one with which nations will soon have to deal. "When the first cyberwar kicks off, mostly likely in conjunction with a physical war, all of these questions will come up in a hurry," Ottis said.
The working group will eventually write a manual for how cyberconflict fits into the existing laws of war.
The CCDCOE is also looking into how Cold War-era concepts such as deterrence fit into cyberspace. Deterrence -- which is based on meeting aggression with greater aggression -- doesn't quite apply, said Kenneth Geers, a civilian with the U.S. Navy's Naval Criminal Investigative Services who is assigned to the CCDCOE.
Geers presented a paper last October in Moscow on deterrence in cyberspace. One of the problems with deterrence is attribution, or identifying the enemy.
"It's really easy to hide in cyberspace," Geers said. "You need much more than computer log files to know what happened."
The basic building blocks of deterrence are capability, communication and credibility. There's also the question of whether a physical response such as bombing is appropriate.
"You have to be able to get back at the aggressor, and in cyberspace, there's no guarantee of that," Geers said. "You may not know who is attacking you, and to get back at them, you have to hack back or do a kinetic response."
It is hard to deter an aggressor who can invest a small amount and cause the target one-hundred-fold damage, Geers said.
Geers is also writing a paper exploring how the 1997 Chemical Weapons Convention could be used as an arms control model for cyberspace, exploring concepts such as prohibitions and inspections. Again, cyberspace poses vexing questions.
"There's just not a way, given the fact there are gigs of data on something the size of a stick of gum, that you can possibly verify that no malicious code exists anywhere," Geers said.
- After Google-China dust-up, cyberwar emerges as a threat
- Targeted attacks test enterprise security controls
- Is the U.S. the nation most vulnerable to cyberattack?
- In cyberwar, who's in charge?
- Schmidt: Private sector key to stopping Google-style attacks
- Threat of cyberattacks from overseas high, federal IT execs say
- Estonia readies for the next cyberattack
- Think tank in Estonia ponders war in cyberspace
- Botnets 'the Swiss Army knife of attack tools'
- 'Cyber War' author: U.S. needs radical changes to protect against attacks
- Special report: Web giants attacked
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you think getting it right from day one is always what matters, you probably haven't been following technology too closely.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Bring Networks and Applications Closer--Cisco ONE
- A series of sweeping trends is placing new requirements on the tried-and-true network model--requiring network infrastructure and applications to communicate. Get the open...
- Lippis Research Reviews the Cisco Catalyst 2960-X
- In this Lippis Report Research Note, Lippis Research reviews the latest edition of the "most popular access switch on the planet" -- the...
- Design Guide--Scaling Up to a Campus-Wide LAN
- Is it time to scale your network environment to a campus wired LAN? Here's the framework you need to set up your LAN...
- Comprehensive Security: Cisco Catalyst 2960 Series
- With a rich and comprehensive set of security features, Cisco Catalyst 2960-X and 2960-XR Series Switches can help you address networking megatrends such...
- Be Energy Efficient--The Cisco Catalyst 2960 Series
- How much energy could be saved if all 230 million Layer 2 and 3 fixed managed switch ports sold in 2012 were as... All Government IT White Papers
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- Vblock™ Specialized System for SAP HANA® Overview video from DJ Long about the new Vblock Specialized System for SAP HANA®.
- The Power of the Citrix Mobility Solution, XenMobile Does everything become a smartphone? Or does the smartphone begin to do everything? How can we afford to support BYOD? Rather, how can...
- BYOD Happens: How to Secure Mobility How to navigate the journey of securing mobility, including the BYOD corruption of IT, the top ten mobility strategies, and the mobility management...
- Fighting Fraud Videos: IBM Intelligent Investigation Manager Short videos about IBM Intelligent Investigation Manager (IIM) for Fraud. IIM optimizes the investigation of fraud for customers across many industries in both...
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 20, 2013.