Cyberwarfare in International Law

belmolis writes "If the CIA is right to attribute recent blackouts to cyberwarfare, cyberwarfare is no longer science fiction but reality. In a recent op-ed piece and a detailed scholarly paper, legal scholar Duncan Hollis raises the question of whether existing international law is adequate for regulating cyberwarfare. He concludes that it is not: 'Translating existing rules into the IO context produces extensive uncertainty, risking unintentional escalations of conflict where forces have differing interpretations of what is permissible. Alternatively, such uncertainty may discourage the use of IO even if it might produce less harm than traditional means of warfare. Beyond uncertainty, the existing legal framework is insufficient and overly complex. Existing rules have little to say about the non-state actors that will be at the center of future conflicts. And where the laws of war do not apply, even by analogy, an overwhelmingly complex set of other international and foreign law rules purport to govern IO.'"

What is IO?

[haluness]

As is the tradition, I haven't RTFA and I don't think IO means input/output in this context ...

Re:What is IO?

[Nibbler999]

IO = information operations in this context.

Re:What is IO?

[TBerben]

Not having read TFA but having looked at it for about two seconds my money is on "information operations" Wait, what money?

Re:What is IO?

[smittyoneeach]

Aye, vast and inscrutable as the Indian Ocean they are.

Re:What is IO?

[Uruz+7]

Why do people admit to not reading the articles and post anyway? IO is clearly defined in the first sentence of the second outbound link. I guess reading all of that would have made it impossible to get "first post" status.

Re:What is IO?

[HTH+NE1]

Why do people admit to not reading the articles and post anyway? IO is clearly defined in the first sentence of the second outbound link. Coming late to the party, I can say that loading the page of Slashdot comments was faster than the loading of the first outbound link (second link in the article), and I was able to find the answer here faster, which is generally the case considering the load Slashdot at times cripplingly places on other sites.

I was willing to post a joke about the strategic significance a moon of Jupiter in order to ask the question, or make an observation that someone was being clever in making IO resemble one and zero. But if I had known the answer definitively, I would have also told people instead of telling them to RTFAs (Information Operations).

Undefined abbreviations shouldn't be used as stick and/or carrot to get people to read articles they may not be interested in reading otherwise had they known the abbreviation. It also turns away some that might have had interest but for an opaque abbreviation thrown in their face, sending the message that if you don't know what this stands for, you shouldn't bother reading any further nor participate in any discussion.

Would you like some dam milk with your buckling?

Any Babelfish in the house?

[Pojut]

Anyone care to translate into plain-speak english?

Re:Any Babelfish in the house?

[jase001]

They want to make Cyber warfare illegal thus having a legal recourse for those who use it.

Re:Any Babelfish in the house?

[KublaiKhan]

Existing laws can't be made to fit the crimes of cyberwarfare without extensive revision.

Re:Any Babelfish in the house?

[Dachannien]

Google Translate English->Japanese->English:

If the CIA is right to the recent blackouts cyberwarfare attributes of the computer war However, the reality is no longer science fiction. Op-ed piece in a recent scholarly papers and detailed, legal scholars DANKANHORISU raise the question of whether the existing international law to the appropriate regulatory cyberwarfare. His conclusion is not: 'translating the existing rules IO generated widespread uncertainty in the context of the conflict is a dangerous military escalations where interpretation is not intended to be the difference between what is permissible. Also, this kind of uncertainty might be deterred from the use of low-IO, even if you might have a harmful effect on productivity than traditional means of warfare. Uncertainties beyond the existing legal framework is inadequate and overly complex. Existing rules, which have little to say, especially non-state actors in future conflicts. And the laws of war do not apply where the analogy with the overwhelmingly complex configuration and other foreigners to the rules of international law governing the purpose IO. Hope this helps!

Re:Any Babelfish in the house?

[smittyoneeach]

Certainly, the existing body of law, like this town, needs an enema.
What will be interesting to watch (for those keen on subtle, baseball-like action that is exciting as watching paint dry for the casual viewer) is the interplay between the need for legal recourse, which implies some international body having jurisdiction, and the serious US allergy to anything that sets precedent to diminish national sovereignty.
That issue is among the major reasons http://en.wikipedia.org/wiki/United_Nations_Convention_on_the_Law_of_the_Sea has hung in the air, the way bricks don't, for a few decades awaiting US Senate ratification.

Re:Any Babelfish in the house?

I should have mentioned that IANAL, if the Douglas Adams reference wasn't enough.

Re:Any Babelfish in the house?

[PopeRatzo]

Informative as usual, smitty, but I'm afraid this all has more to do with digital file-sharing than anything else.

Our window of privacy is closing rather rapidly. Today, the US Eavesdropping Regime made a huge step forward, using complicit and spineless democrats like Harry Reid and Jay Rockefeller as their point men. The telecommunications industry's bribes were just to much for them to resist, apparently.

The lesson I've learned in the past 7 years is this: when you start to hear trial balloons floated about an issue of authoritarian enforcement, whether it's surveillance, police powers, rights of the accused, it's almost always about corporate profits rather than the "security" of the citizens of America or anywhere else.

At this point, I'm prepared to take my chances with the terrorists, but I want to be protected from those in power. I like my odds vs. the terrorists. But the people who are currently in power have both motive and opportunity. Plus, they've proven themselves to be hostile to the peace, well-being and liberty of both US citizens and the rest of the world. We have witnessed their misdeeds. It's only a matter of time until they strike again (and I don't mean the Islamonaziliberals).

Re:Any Babelfish in the house?

[Zeinfeld]

They want to make Cyber warfare illegal thus having a legal recourse for those who use it.

I think that they just want to blather on as if they understand what is going on here. Trying to ascribe other motives assumes too much of them.

Cyberwarfare has been going on for almost ten years. It does not amount to very much because we are not as dependent on technology as folk imagine. Case in point we lost all power on the North East coast of the US a few years back, civilization did not collapse. Even if these particular attacks are cyberwarfare and not just vandalism they are not going to bring society to its knees.

I don't think this is a particularly viable approach for extortion either. For an extortion racket to work you have to be sure that the target is not going to go to the police which means you have to either target a criminal business or be able to credibly threaten violence.

The real threat is not from the attack itself but the possibility of using a cyber-attack to augment a physical attack. So take out the Internet when you bomb the city so the disaster relief cannot function.

On terrorism the issue is money. AQ is not likely to turn to cyberwarfare. They have already taken out the NYSE and NASDAQ for a week and nobody cared much about that particular issue - it was the 3,000 murders. some AQ leaders have told their followers to learn how to do Internet crime, they can earn more in a day than a Pakistani policeman earns in a week.

I did a recent blog on this responding to the idiotic Giuliani National Security plan.

Re:Any Babelfish in the house?

[smittyoneeach]

The lesson I've learned in the past 7 years is this: when you start to hear trial balloons floated about an issue of authoritarian enforcement, whether it's surveillance, police powers, rights of the accused, it's almost always about corporate profits rather than the "security" of the citizens of America or anywhere else.

I guess I'd echo that sentiment by saying that the amount and flavors of fear used by both conferences of the American Political Football League is quite staggering.
You've got fear of: old age, unemployment, disease, environmental catastrophe, crime (violent, identity theft), electoral fraud, judicial activism, government peeping, religious extremism...
You're supposed to react to these stimuli like cattle to the prod, and contribute/vote appropriately.

At this point, I'm prepared to take my chances with the terrorists,

OK. I'm not, but the rhetoric is a bit thin, no?

but I want to be protected from those in power.

Yeah, that 10th Amendment, and the minimalist spirit thereof, seems to get as much coverage as a presidential candidate with shallow pockets on http://opensecrets.org/, no? Civ4: "The bureaucracy is expanding to meet the needs of an expanding bureaucracy"

I like my odds vs. the terrorists.

Have you met any?

But the people who are currently in power have both motive and opportunity.

They also have what they perceive is a job to do.
Our job as citizens is to reward courage in leadership, but we seem to reward leadership in earmarks

Re:Any Babelfish in the house?

[Anonymous+Custard]

Another translation:

I had a small house of brokerage on Wall Street... many days no business come to my hut... my hut... but Jimmy has fear? A thousand times no. I never doubted myself for a minute for I knew that my monkey strong bowels were girded with strength like the loins of a dragon ribboned with fat and the opulence of buffalo... dung. ...Glorious sunset of my heart was fading. Soon the super karate monkey death car would park in my space. But Jimmy has fancy plans... and pants to match. The monkey clown horrible karate round and yummy like cute small baby chick would beat the donkey.

Re:Any Babelfish in the house?

In the almost extinct "standard english" dialect: You are in deep deep trouble. Give lots of money to us international lawyers. Or else.

For those more used to the more modern management speak dialect: we need to valuate the information management negativity strands leading to more open communication on the law potential side of the non-positive human interaction value chain.

Re:Any Babelfish in the house?

[Ajehals]

To be fair to PopeRatzo, pointing out (even in rhetorical terms) that he is more afraid of his Government than those his government tell him to fear is an important and valid point*. Even more so if you take his example that he would rather have government security programs reduced and thus the reduce the ability of the state to 'monitor' and 'oppress' its citizens, even if it increases his risk of being killed by a terrorist.

* I was going to find a statistic on the number of Fatal shootings annually by police in the US or the number of deaths in custody (jails and on arrest as either would indicate a direct level of quantifiable threat by the state, but that data seems hard to come by

Re:Any Babelfish in the house?

[rtb61]

It looks far more like they want to make cyber warfare legal, 'With new rules, however, nations could agree to waive sovereignty concerns and permit a direct response' and 'We need new rules of international law so military commanders can operate with greater certainty in cyberspace'.

So I read it to mean that pencil dick military commanders want to be able to hack and destroy other peoples computers in other countries if they disclose damaging information about the military, or the put of evidence of military abuses, or if the commit the heinous crime of all their published opinion differs the opinion put out by military propagandists.

For fuckity fuck fucking sake, talk about wildly out of control grab for power. What's next, a stealth cruise missile with an emp warhead will be considered am effective response because some computer geek in a foreign country is using Linux rather than windows and military counter intelligence (a truly appropriate title) can't hack into the computer.

Re:Any Babelfish in the house?

[smittyoneeach]

It's important in this sort of discussion to remember the difference between tactical and strategic.
Tactically, terrorism is a bigger threat. The evidence is fairly clear that they don't mind dying, and that freedom from normal concerns about self-preservation renders terrorists highly unpredictable. Fortunately, there are not too many of them, as a fraction of world population.
Strategically, the concern about the government is well-founded. Bureaucrats seem to believe in government with the same fervor that the terrorist adheres to extremism. Scary indeed, and a reason to vote against those who'd turn the US into a European-style nanny state.

Re:Any Babelfish in the house?

[Ajehals]

Sadly I'd disagree with you on all points.

Tactically the state (through policy) and terrorism pose a similar if different (in aims and method) threat. The chances of any given individual being abused and or killed by the state, (or an individual acting for personal gain but with the protection of state granted power) is much greater than any threat actually posed by terrorists. These actions are usually justified as being in the interests of the state (invasive security measures, the inappropriate use of lethal force), a by-product of existing legislation (the vast number of individuals who face legal penalties that neither reflect their crimes nor appear effective as a deterrent) or as simple bureaucratic incompetence (the cost and time required for justice to be served for example). These acts in isolation can seem very minor (when compared to a suicide bombing) but happen on a much larger scale (the US has faced extremely few terrorist attacks, even if one of them was of a disproportionate scale in comparison to others in the western world), and whilst most incidents are minor there are a large number of acts that directly take life or destroy liberty.

The extremism of terrorists cannot be equated to the devotion of a civil servant to the state. The former believes what he is doing is right, the latter hopes he is doing what his seniors would wish, usually based on a political stance that is already heavily compromised. Abuses of power and (mis)uses of the same occur because the state alows them to, and state employee's feel they can use them. (the policeman who speed's off duty, the airport security staff that stop pretty women/men, the bureaucrat who prevents you from proceeding because he *can*.

Strategically many of the concerns posed by the state evaporate. They are misuses by individuals of powers that the state has assumed . The fact that someone's freedom of movement has been removed because he has been misidentified is, in most cases, a failure by an individual, not part of a larger strategic goal. The fact that a police officer shoots and kills an innocent person is not because the state has decided that that would aid some larger goal, it is simply the the police officer has made a poor decision, often because the consequences of that decision are either unclear or insufficient to pose a deterrent. In some cases abuses of power happen because the person wielding the power has not been sufficiently trained or vetted and is therefore unsuitable to wield it (see the abuses at Abu-Gareb, issues surrounding airport security staff or indeed the bureaucratic nature of some state organisations). I doubt very much that the state has any direct wish to oppress and/or kill its citizenry, it is unlikely that there is a grand conspiracy in that direction. Much more likely is that the strategic goals of the state are those of its primary actors, I would suggest that these are the acquisition and use of great power and the accumulation of great wealth (as well as an element of nepotism and megalomania).

On the other hand terrorists often have well defined (if unlikely) strategic goals, each act is intended to further those goals, the attacks on 11th of September were an attack on US economic and military targets, suicide bombings in Iraq are attacks on the ability of the state to ensure order (although more recently this is probably being added to by a situation that is turning into more of a civil war, with both sides adopting similar methods to those who are simply opposed to the coalition presence). The problem here is that almost any target with sufficient impact(a shopping mall, a cinema, a school etc..) is seen as an advancement toward strategic success. Terrorists are not intending to erode the US's military strength, nor to destroy its economic capacity. They want to see the US isolate itself, their attacks are attacks on the US's willingness to fight.

Lastly, the US government is unlikely to adopt any but the most repulsive practices that you perceive are rampant i

Re:Any Babelfish in the house?

[smittyoneeach]

OK, I think you buried my argument decisively.
Not buying off on your analysis of Terrist goals, though. The counter-argument is that they would like to, in essence, repeat the North Vietnamese pattern post-Tet Offensive.
Thank you most sincerely for a though-provoking post.

Re:Any Babelfish in the house?

[PopeRatzo]

Smitty, I think we're on the same side of this. If the threat of terrorism really was as serious as our government is warning, it would be a different matter. I just don't believe that it's so.

Second, if I thought the type of authoritarian approaches (widespread surveillance, no habeas corpus, renditions, torture, etc) really helped fight terrorism, it would be a different matter, but I don't think so.

Third, it's not so much that I think there is something inherently threatening about government, I don't. It's that I think there is something threatening about this particular administration, and their efforts to simultaneously frighten Americans and enhance the surveillance and enforcement powers of government, while minimizing the liberties of citizens is a bigger threat than we face from Global Terrorism.

Re:Any Babelfish in the house?

[smittyoneeach]

It's that I think there is something threatening about this particular administration, and their efforts to simultaneously frighten Americans and enhance the surveillance and enforcement powers of government, while minimizing the liberties of citizens is a bigger threat than we face from Global Terrorism.

The rub of my argument about the strategic threat of government is that "this particular" means little.
It's all one vast, continuous business run by a very small group of incredibly loaded oligarchs. The elections are the icing, but not the cake.
I haven't reached 9-11 Truther stage, but the URL in my sig, like all good humor, packs a lot of truth.

Inside Oapeshitcrazygovernmentclusterfucks

got it?

Enemy combatants?

[KublaiKhan]

I dare say that any "cyberwarrior" would not have a recognizable uniform, and as such, would probably be classed as an 'enemy combatant' by the gov't...which gives me the screaming blue creevles, given the gov't's current attitude towards anyone they suspect to be such an 'enemy combatant'--Guantanamo Bay doesn't have broadband, does it? Will they torture this new class of enemy combatant by making them dial into AOL with a 300 baud modem on a keyboard with a broken shift/caps key?

Re:Enemy combatants?

[The+Queen]

You are correct in having "screaming blue creevles" as you put it since yes, cyber-warriors are likely to be a mix of military and civilians, and what with all the lawsuits and spying already going on it wouldn't be much of a leap for some hax0r to be tagged by the feds and shipped off for questioning. The real sticky part though is how the law will cross borders. Cyber warfare knows no borders, so what would our government do if someone from Iran came calling to arrest one of our own on such charges?

This is the inevitable and ingenious evolution of war, IMO. Not, as ST:TOS "A Taste of Armageddon" would have it, but without any bloodshed or casualties in the physical sense. By hitting people in their infrastructure, their way of life, and their economy. (Sortof what the 9-11 guys thought they were doing...and heck, what all us 'rich' countries do all the time through sanctions, trade agreements, 'wars' on drugs, and such...)

Re:Enemy combatants?

[KublaiKhan]

The real sticky part though is how the law will cross borders. Cyber warfare knows no borders, so what would our government do if someone from Iran came calling to arrest one of our own on such charges?
It wouldn't be pretty, that's for sure--probably some sort of extradition amongst allied countries, o'course, but with hostile countries, it could lead to a meatspace conflict of some kind should it escalate far enough.

But what exactly would be considered an 'act of war' in such a situation, anyway? Would it have to cause some form of physical or financial damage to a person or institution in the country being attacked? Or would merely an "illegal border crossing" (e.g. gaining access to a server) be sufficient?

Re:Enemy combatants?

No such a thing exists in relation to the uniform. Endangering an occupying state's security, that is the USA security, justifies the goverment to withhold an individual the Geneva Convention right of communication (between people), no more. The occupying state, that is the USA, is also obligated to return the Convention protection as soon as possible (that is undefined, possibly indefinite time), but no sooner. The (cyber-/freedom-/whatever-) warrior have a right to a fair and regular trial, that is no military trial, by the Convention. I the case of the cyberwarrior not been located in the set of countries currently occupied by the USA, the cyberwarrior is resposible under the normal criminal law and corresponding extradition agreements are in force. The act of cyberwarfare by a national entity should judged as a normal criminal act by this national entity, say a military force.

Re:Enemy combatants?

ahh... those were the days... /reminiscing

Re:Enemy combatants?

[docwatson223]

To say that the loss of satellites, power generation, and communications facilities wouldn't cause deaths is irresponsible. Did you think that your Internet arrives magically over tubes to your desktop and that all of the medical, financial, and power station controls are handled by fairies? Are you a Senator or something? A *real* coordinated attack will be the kneecap shot to the US Economy and it won't take much under the next administration to push us over the edge. :/

cluelessness

[Quadraginta]

Gosh, only a lawyer could have the utter cluelessness about the real world and real people necessary to imagine that war has ever been, or ever will be, regulated by law.

Re:cluelessness

[Chirs]

But it has. There is a whole regulatory framework around things like "just war", definition of a combatant, treatment of spies/prisoners, etc.

Now if you'd said that someone would have to be clueless to imagine that combatants always *abide* by the laws regarding war, that's a whole different issue.

Re:cluelessness

[Beardo+the+Bearded]

War has rules. Check out the Geneva Convention.

They aren't always followed, and they certainly aren't being followed by some countries I could mention, but war is supposed to have rules.

The problem with electronic warfare (Cyberwar? e-war? wartronics?) is that you're attacking civilians. There are horrible weaknesses in a great many systems (including the trunked radios used by first responders) that can easily be exploited. Remember, a lot of our coding is done overseas and/or done by exchange students on co-op terms. It doesn't really effect the army if every mortgage in North America gets the "foreclose" tag set. The Air Force doesn't stay home if the SCADA system controlling the reservoir gets false readings about chloroform counts and turns off the taps. If the phone companies are hit with DDoS attacks and you can't get a dial tone, that doesn't stop aircraft carriers.

What those acts do is target civilians. Suddenly, the water's off, the police are trying to kick me out of my home, and nobody can call a lawyer. War is supposed to target just those in uniform, fighting at the time.

Re:cluelessness

[cptdondo]

War has been regulated by law for a very, very long time. Geneva Conventions aside, there is a long history of rules of war. RTF History....

Re:cluelessness

[moderatorrater]

I'd also like to point out that, while there are conventions for war that western countries tend to follow, China is in the section of the world that has the worst record for treatment of prisoners. Vietnam and Japan were both brutal to POW's. Who's to say whether China would pretend to abide by the rules like the rest of the world does?

Re:cluelessness

I disagree. There are no laws regulating warfare. There are simply treaties in which the signatory countries agree to do or not to do specific things. Treaties are more akin to contracts between entities. The whole concept of international law is not really law but simply a web of agreements between various countries.

War, by it very nature, is a chaotic business. One cannot regulate chaos using lawyers.

Re:cluelessness

[Quadraginta]

Garbage. What you're saying is that people have described "rules" for warfare. But they're not followed when inconvenient, and there's no way at all of enforcing them -- what would you threaten? More war? Those aren't "rules." They're wishes and hopes.

Re:cluelessness

Gosh, only a lawyer could have the utter cluelessness about the real world and real people necessary to imagine that war has ever been, or ever will be, regulated by law.

War has rules. Check out the Geneva Convention.

The thing about international law is that it's based on treaties. This leads to some very counter-intuitive aspects of international law.

Imagine if it was only illegal to murder someone if you and the person you killed had both agreed not to murder each other. Pretty weird, huh? Well, strictly speaking, that's how the Geneva conventions are structured. If two countries go to war, the Geneva conventions only apply if both countries are signatories to the conventions.

So...what happens if the warring parties aren't even both countries. What if a country declares war on a tactic (e.g. "terrorism")? What if a country declares war on a loosely affiliated group of individuals who lack a defined leadership structure that could sign on to the Geneva Conventions on the group's behalf?

When it comes to the Bush administration, you end up with these weird double standards where the same individual is claimed to both fall outside the jurisdiction of the Geneva Conventions (no protections whatsoever) but also somehow have violated the terms of the Geneva Conventions (guilty of "war crimes").

Bottom line: the problems with international law go far beyond malicious use of the internet.

Re:cluelessness

[Quadraginta]

Ah? Why don't you check out the history of, say, the war in the Pacific 1941-1945 and tell me if you think the Geneva Conventions have any serious force. Better yet, ask a vet. Then duck. The Geneva Conventions are one of history's endless series of pious wishes that seek to outlaw inhumanity, like the Kellogg-Briand pact, the founding charter of the League of Nations, the UN, et cetera and so forth ad infinitum.

All of these quaint efforts overlook the fact that war is, by definition, the breakdown of any shred of mutual trust and willingness to compromise. War is about killing people, and when you get to that stage of mutual rage and madness, no piece of paper full of high-minded sentiment is going to stop you from doing what you think you must to win (or not lose). I can't think of any historical exceptions. Can you?

The problem with electronic warfare (Cyberwar? e-war? wartronics?) is that you're attacking civilians

What's new about that? What do you suppose the Eighth Army Air Force was doing over Berlin in 1945? Who got snuffed in Hiroshima?

Re:cluelessness

[Quadraginta]

I think you are confusing "has been regulated" with "has been imagined to be regulated by lawyers and naive fools." To be "regulated" requires a bit more than the mere existence of regulations on paper. It requires that these things have actual force, that they actually do something, they restrain people in some way.

The only thing that has ever restrained the behaviour of nations in combat is plain fear of the direct consequences, e.g. retaliation by the enemy. Can you give me a counter-example? Some case where a nation committed to a war, with substantial interests at stake, eschewed methods of war because some lawyer somewhere said they were "illegal?" If not, then those "regulations" are as insubstantial as moonbeams.

Re:cluelessness

[cptdondo]

I agree with you. What regulates military actions is the real or imagined consequences if the tables are reversed. Atrocities on a systematic basis occur if and when the conflict is one-sided either due to military might or sheer force of numbers.

My biggest concern with the currect US treatment of supposed terrorists, is that we are implicitly agreeing to the same treatment of our GIs in enemy hands. There is no doctrinal difference between the Hanoi Hilton and Guantanamo Bay.

There are dozens of examples of fighting men (and women, but mostly men) treating each other with respect and courtesy even while being determined to kill each other.

Re:cluelessness

[lgw]

War is supposed to target just those in uniform, fighting at the time. No, war is supposed to achieve a political objective by destroying the opponent's ability to resist your political will. This can be achieved by:

1. Destroying the enemy's manpower - kill all his soldiers and anyone likely to become a soldier.
2. Destroying the enemy's equipment and his ability to produce new equipment (or at least prevent delivery to the troops).
3. Destroying the enemy's moral strength, so that he is unwilling to continue the fight.

Case 1 is very traditional, but since nations conscript soldiers in times of war and it's better to kill them before they are handed guns, civilians are often targets.

Case 2 has proven relatively ineffectual in modern times, as rebuilding a factory just isn't that hard, but all modern wars have seen significant civilian casualties when bombing manufacturing, often out of simple revenge. The recent Gulf Wars are the first time in many decades that anyone's bombers actually made any effort to avoid civilian targets.

Case 3 works very well, and in the US you've got the press attacking our will to fight automatically, so that's an easy path -- but normally it involves making the war so expensive that the enemy would rather give in to your political objectives as less costly.

Re:cluelessness

[Quadraginta]

Atrocities on a systematic basis occur if and when the conflict is one-sided either due to military might or sheer force of numbers.

I think I don't agree with that. It doesn't explain why the Japanese in the Pacific theater were monsters both to the Chinese (to whom they were militarily superior) and to the Americans (to whom they were military inferior). It makes it hard to explain why the Red Army did terrible things in Berlin in 1945 but the US Army did not.

There are plenty of cases when a clearly superior force has done terrible things (My Lai, the British camps during the Boer War, the Rape of Nanking) and there are plenty of other cases when a clearly inferior force has done terrible things, the most obvious being the current round of hideousness by Islamic terrorists. A better case might be made by whether one or the other combatants feels there is no chance of coexistence afterward, so there will be no conceivable "turning of the tables." Either I'll win or I'll be dead, the thinking goes, so it doesn't matter what I do to them now. Perhaps. The thinking of people in such situations -- if it can even be called "thinking" -- is hard to understand when you haven't been in a similar situation.

My biggest concern with the currect US treatment of supposed terrorists, is that we are implicitly agreeing to the same treatment of our GIs in enemy hands.

Er...but isn't it already the case that GIs (or even civilian noncombatants) in enemy hands are treated far worse? Remember Dan Pearl? The contractors in Fallujah? Nick Berg? Seems to me it would be fairly hard to sink as low as the other side at this point.

There is no doctrinal difference between the Hanoi Hilton and Guantanamo Bay

Not sure what you mean by "doctrinal" difference. You mean they are both POW camps? Of course. But if you mean there is no practical difference between being interned in the one or the other, you need to read John McCain's autobiography, or the descriptions by any other inmate of the place. They have scars. Not just psychological scars from being scared half to death, either.

Re:cluelessness

[m50d]

Some case where a nation committed to a war, with substantial interests at stake, eschewed methods of war because some lawyer somewhere said they were "illegal?"

Howabout the non-use of nuclear weapons in Vietnam?

Re:cluelessness

[twiddlingbits]

You can also ask the residents of Serbia, Croatia, Sudan, Congo, and Zimbabwe if the Geneva Convention is real. Unfortunately, I see this "cybercrime" issue becoming the domain of the UN which means nothing worth a crap will ever be done about it.

Re:cluelessness

[rtechie]

All of these quaint efforts overlook the fact that war is, by definition, the breakdown of any shred of mutual trust and willingness to compromise. War is about killing people, and when you get to that stage of mutual rage and madness, no piece of paper full of high-minded sentiment is going to stop you from doing what you think you must to win (or not lose). I can't think of any historical exceptions. Can you? The short answer is: yes. There have been rules of war that have been closely followed, for centuries, by various groups. There were strict laws of war governed by the Church in the Middle Ages. Imperial Japan followed rules of war, right into WWII (you might not agree with those rules, but they existed). The Roman Army followed strict rules. The idea of soldiers acting in a discipled and humane fashion is nothing new. The big problem is that these rules only tend to be followed in cultural sandboxes: European vs. European, Japanese vs Japanese, etc. When conflicts are cross-cultural the tendency to dehumanize opponents increases and you get much bloodier conflicts: Crusades, Native American wars, Vietnam, etc.

I don't think it's useless to have laws of war. There is no reason to believe they make conflicts worse and every reason to believe that they help reduce civilian casualties, torture, etc. During WW1 gas weapons saw wide deployment, and they were banned not because they were ineffective, but because of the danger they reprsented to all soldiers and civilians. Gas weapons have been used since (notably in the Iran-Iraq war), but widespread use is a thing of the past. Ditto for flamethrowers and flame weapons in general (Phosphor weapons are making a comeback though. Bush apparently thinks burning people alive is fun).

Re:cluelessness

[the_womble]

Biological and chemical weapons are little used, at least partly because they have been banned by treaty.

The Geneva Conventions on treatment of PoWs have largely been followed for decades as well.

There are obvious exceptions to both, but they have largely held. It is also true that fear of consequences played its part: but this was as much indirect consequences (it would influence the actions of currently neutral countries) as the direct reaction (if we use them, they will).

Re:cluelessness

[Timothy+Brownawell]

They have scars. Not just psychological scars from being scared half to death, either.

Which kind doesn't go away when you close your eyes?

Re:cluelessness

[Maestro485]

Who's to say whether China would pretend to abide by the rules like the rest of the world does? Wait, by "rest of the world" you mean the United States? I'm pretty sure calling your enemy an "enemy combatant" (what the hell else could they be?) and shoving the off to gitmo is at least on par with what China would do.

Perhaps Europe respects such laws, but the USA consistently makes up "loopholes" to excuse themselves from abiding by the treaties they sign.

Re:cluelessness

[Quadraginta]

Who cares? The important question is: which kind can't be fixed, ever. You can get over being scared. You can't get over having your eye put out with a cigarette.

Re:cluelessness

[Quadraginta]

So far as I know no one seriously suggested the use of nuclear weapons in Vietnam, so the question of whether it would be "legal" was never even asked. What would they have done with them, anyway? What could be bombed from the air was being very effectively bombed using conventional high explosive. It's not like the NVA was gathering in large armies that could be neatly despatched with a big explosion from the air. The problems in Vietnam had much more to do with the Viet Cong and North Vietnamese infiltration, not to mention the successful PR campaign waged on the world stage and in US media -- and of course Johnson knew none of these could be dealt with by nukes. I suppose in principle he could have threatened North Vietnam's sponsor (the Soviet Union) with nukes, but by the 1960s the Soviets had achieved a very credible nuclear deterrent and such a threat would have been empty bluster.

You would be much better off citing Korea, where the use of nuclear weapons was not only considered on a number of occasions, but publically threatened (indirectly) by Truman in a news conference in November of 1950. Both MacArthur and Ridgway requested their use. However, while the reasons they were not used, ultimately, are complex, I don't think any serious historian considers "legality" one of the important reasons. Truman and the JCS debated whether their use would necessarily broaden the war to openly include China, whether European public opinion would be too negative (Truman needed to maintain the Atlantic coalition to keep a lid on the Berlin issue, which was threatening to open up war with the Soviets at any time), and whether their use would draw down the US strategic arsenal too much -- but I've never heard of them wondering whether it would be "legal" according to some "international law."

Re:cluelessness

[Quadraginta]

Well...first of all, when you say "not used" you mean not used by First World major powers, right? Because of course they have been used in other places, most notoriously by Saddam Hussein against both the Iranians and rebel Kurds in Iraq.

And then, what do we mean by "not used" even then? Were nuclear weapons "not used?" They were certainly built and stockpiled, and used to threaten, deter, and otherwise advance national interests. The same is true of both bio and chem weapons, which were also built and stockpiled by the major First World powers. It's true they weren't as openly brandished as nukes. Perhaps that is because they were seen as more double-edged weapons, hard to control, which could be as dangerous to the user as to the intended target. The experience of poison gas on the Western Front in 1914-1917 taught people that chemical weapons, at least, were often as dangerous to your own guys as to the enemy, and didn't really do enough damage to be worth the risk. It's also true the Soviets and Americans negotiated an end to their chem and bio weapons stockpiles, but that was part of a general negotiated reduction in strategic arms in which both sides traded away their least useful and most expensive weapons in order to purchase better public opinion, both domestically and internationally. It was more a case of agreeing to get rid of all your muskets so you could spend the money freed up on automatic rifles, I think.

In any event, I suggest the reason bio and chem weapons were never actually used by First World powers post-1945 is the same reason nukes weren't used: they were such fearsome total-warfare weapons that they would only have been used in an all-out general war -- and such a war never erupted, although there were numerous close calls.

I'm also not sure what you mean by saying the Geneva Conventions have been followed for decades. There hasn't been a general war for decades, either. Do we award nations credit for following the Conventions even when there's no war on? Seems odd. But if you look at smaller wars, then I still think you're wrong. The North Vietnamese certainly did not follow them. The Koreans did not. Grenada and the First Gulf War hardly count. The behaviour of the warlords in Somalia, or any putative guerilla insurgency in Iraq, certainly deviates very far from the Conventions.

So in what war, exactly, have the Geneva Conventions been followed??

Re:cluelessness

[kisak]

I think you are confusing "has been regulated" with "has been imagined to be regulated by lawyers and naive fools." To be "regulated" requires a bit more than the mere existence of regulations on paper. It requires that these things have actual force, that they actually do something, they restrain people in some way.

I guess among the naive fools you find Goering, Milosevic, Taylor, and W. Bush. Of course, the frat boy Bush hasn't really paid the price yet, while the US has lost status morally and politically because of torture being done by CIA and US military. Only a naive fool believes that torturing suspect enemies do not have a price both economically and politically, while influencing directly the security of US citizens abroad and at home.

Do you think Bliar checked with the lawyers just for fun before the Iraq invation? Do you think commanders in the field don't know that one day there will be peace and maybe it would not look so good if it appeared in the papers that his troops raped those civilian girls? Do you think armies court martial soldiers for unlawful killings just to lose some pure killing machines? My interpretation is that any military knows that keeping to international laws and standards is good for moral, gives an advantage in the propaganda war and that a displined army is infinitely stronger than a bunch of random killers.

Heck, even al-quada justify their killings with their twisted interpretation of the Quaran; notice how bin laden replaces international law with his own sets of laws taken from a religious text to justify for his supporters and backers how al-quada is conducting their jihad (holy war).

It seems to be hard for naive fools to understand that diplomacy is not weakness, that international law exists because it is a win-win for nations, and that breaking international law has consequences even though there is no world police. The bully on the block maybe thinks that he will always be the strongest, but the smart guy knows that he needs friends and allies to get by and survive.

Re:cluelessness

[Oktober+Sunset]

There was a treaty banning poison gas before WW1, and the Germans broke it, the only response the British, French and Canadians had was to break the treaty themselves. In WW2, no-one put any faith in the anti-gas treatys, the fear of gas attacks was massive, with everyone in Britain carrying gas masks where ever they went. As a counter measure, Churchill stockpiled absolutely massive amounts of mustard gas, which was to be dropped on every German city in the event of any gas attack on Britain, which the Germans knew about. That was the amount of faith that was put into treaties, the reason there were no gas attacks in WW2 was more because mutually assured destruction than treaties. As soon as the war was over, Churchill found a use for some of his gas stockpile by gassing the Kurds, no hesitation because of none of the Arabs he had gassed had any gas of their own to retaliate with.

Re:cluelessness

All of these quaint efforts overlook the fact that war is, by definition, the breakdown of any shred of mutual trust and willingness to compromise. War is about killing people, and when you get to that stage of mutual rage and madness, no piece of paper full of high-minded sentiment is going to stop you from doing what you think you must to win (or not lose). I can't think of any historical exceptions. Can you?

I'd recommend reading this: On Killing.

From the article (my emphasis):
"The book reveals that contrary to popular perception, the majority of soldiers in war do not ever fire their weapons and that this is due to an innate resistance to killing."

The book decribes how the Vietnam conflict was one of the earliest to feature modern training methods that dehumanise enemies, and result was a massive increase in the psychological harm to returning soldiers.

Re:cluelessness

[Rubik+Rubrik]

I have read slashdot daily for a long time now and I registered specifically to address this asinine statement. When I read it, it had been moded up to a 4. That's the only reason I read it, I don't read 3 and lower. Mod system failed. Counter-example: U.S. army takes German soldiers prisoner in 1945 as the push to Berlin. They receive treatment that complies with the Geneva Conventions of 1929. Counter-example: U.S. army takes Iraqi soldiers prisoner in Operation Iraqi Freedom. They receive treatment that complies with the Geneva Conventions of 1929. I know the poster might actually believe that rules and laws of war are not followed, but he is simply wrong, along with all the moderators that agree with him. Sure, Guerrillas don't always follow them, but official armies usually do. When official armies don't, they engender great hatred. For example, the Soviets hated the Germans very deeply because the Germans didn't follow Geneva in dealing with Soviet prisoners. The Americans hated the Japanese deeply because, among other things, the Japanese did not follow Geneva. However, Geneva Conventions have been followed by many nations' armies in many conflicts, and this fact is very well documented. Please mod down parent.

Re:cluelessness

[moderatorrater]

The Geneva Conventions only apply to soldiers in uniform, and it only applies to those countries that signed the treaty. That's why their "enemy combatants" instead of "soldiers". As much as I disagree with what the US is doing, it's not the same as what the Vietnamese did to US soldiers. Like it or not, international law only applies to soldiers, and since terrorists aren't soldiers for a nation, but fighters for a cause, the laws don't apply.

Re:cluelessness

[greenbird]

All of these quaint efforts overlook the fact that war is, by definition, the breakdown of any shred of mutual trust and willingness to compromise. War is about killing people, and when you get to that stage of mutual rage and madness, no piece of paper full of high-minded sentiment is going to stop you from doing what you think you must to win (or not lose).

It really annoys me when people who are completely ignorant of history and even the most basic concepts of war and politics go spouting off about how they know it all. You sir are completely ignorant as to what is the purpose and objectives of war. At least read the basics like Sun Tzu and Clausewitz before you go claiming to have a complete understanding of the subject. To start you off, war is about attaining a political objective not killing people. The fewer the number of people killed is one measure of the success of a war.

I can't think of any historical exceptions. Can you?

That's because you apparently have very little knowledge of history. I can come up with dozens...Hmmm, maybe hundreds... just off the top of my head. I'll give you one little hint as to how far off base you are. Vietnam.

Re:cluelessness

[Quadraginta]

I think you are confusing the complex effects of public opinion with "international law." If that's all you mean by the phrase -- what people will think of you -- then, sure, war, like all other human activities, is "regulated" by "international law," because the people involved in it obviously consider what other people will think of what they do, both then and later on.

But most people draw a much stronger distinction between what your neighbors think of you and whether or not you are a lawbreaker. Laws are usually considered much more definite things than mere reflections of the current opinion of the body public. You're entitled to your own definitions, of course. But I think they are confusing, rather than enlightening, and serve to muddle the discourse, rather than sharpen it.

But perhaps that's your purpose, actually. By muddling "public opinion" with "law" you are able to give "public opinion" a heavier weight than it usually has. People usually consider the breaking of laws to be much more clearly an outrage than merely defying public opinion. By saying (for example) that the President has "broken international law" when all you can really prove is that he has "defied public opinion" you imply -- falsely -- that his actions are much more obviously wrong, and less subject to principled disagreement, than the facts would warrant. Those are not the tactics of an honest debater.

It seems to be hard for naive fools to understand that diplomacy is not weakness

Of course. It's hard for naive fools to understand anything, by definition. But to address your underlying point, the difficulty here is that sometimes "diplomacy" is actually "betrayal for the sake of present convenience." Think Neville Chamberlain in 1938, and the 6 million who died in the camps, not to mention the 10-20 million on the battlefield, who suffered and died because of it. Or for a more recent example the "diplomatic" refusal of the UN peacekeepers to intervene in the Rwanda slaughter, or the "restraint" that has limited world response to the killings in Darfur to the passing of stiffly-worded resolutions in the UN General Assembly.

Reasonable men can differ on when "diplomacy" is really diplomacy and when it is merely a weaseling refusal to get involved, of course. But slapping a bogus label of "diplomacy" on nearly any substitution of talk for action is, again, not the tactic of an honest debater.

Re:cluelessness

[Quadraginta]

Well, this is hardly a debate that can be resolved in /. comments.

However, for the record, as a modest student of history, I disagree with you. I'm aware that people have set "rules of war" for millenia, but I stand by my position that there are no historical examples whatsoever in which these have had actual and serious measurable force. The fact that the behaviour of combatants has accidentally or for other, more compellingly practical reasons, sometimes conformed to the "rules" proves nothing. If, standing on the sidewalk, I wave my hand and all the traffic in the street stops -- because the stoplight has just turned red -- I would be an idiot to conclude that my waving of hands has power over traffic. Coincidence does not equal causation.

Nor is the fact that any one combatant makes rules for its own armed forces, for whatever reasons of efficiency, public opinion, et cetera, relevant to the question of whether effective international rules -- rules promulgated jointly by all combatants -- exist. If the Roman Army put strict limits on for how many days after a city was taken the soldiers were allowed to rape any woman they saw, this proves only that the Roman Army saw fit to conduct itself more civilly than the general tradition of the time. It certainly does not prove that they were forced to do so by some imaginary regime of "international law."

When conflicts are cross-cultural the tendency to dehumanize opponents increases

A popular 1970s-era multiculti notion, but easily proved wrong, or at least naive. Just consider the unusual viciousness of civil wars, e.g. the American Civil War, the Terror in post-Revolutionary France, the Thirty Years War within Germany, or the Russian Civil War. For that matter, notice that the rage and inhumanity displayed by divorcing spouses or disagreeing siblings greatly exceeds that between strangers in a deal gone bad. A decent case can be made in the other direction, that it is when people are most similar that they draw the sharpest distinctions, and feel the greatest sense of betrayal and rage, and hence act most heinously. The wound from a brother is always more painful, more like to anger. But in truth I suspect the causes of unusual hideousness in warfare are far too complex to be reduced to any simple formula.

Re:cluelessness

[rtechie]

Just consider the unusual viciousness of civil wars, e.g. the American Civil War, the Terror in post-Revolutionary France, the Thirty Years War within Germany, or the Russian Civil War. ... The wound from a brother is always more painful, more like to anger. I think you're singling out the particularly bad civil wars. The Civil War WAS a cultural conflict, the Terror and the Russian Civil War followed centuries of oppression. The breakup of the Soviet Union, for example, did not see so much acrimony. And where their was conflict, it was clearly ethnic.

If we're talking about NUMBER OF PEOPLE KILLED, the conflicts you cite don't hold a candle to even ancient examples of ethnic cleansing, like the Roman destruction of Egypt and Judea.

But in truth I suspect the causes of unusual hideousness in warfare are far too complex to be reduced to any simple formula. On the small scale, I think you're right. On the large scale, it seems pretty clear to me that ethnic conflicts are worse.

Re:cluelessness

The Geneva Convention holds only for nationals of states who have signed the treaty. It does not hold for people who have no nationality. The Convention is worthless at protecting the weak, that is the non-nationals, from the strong, that is the nation states. The Convention is not about protecting human-rights or dignity, but a balance of terror between the nation states of post-war Europe.

Re:cluelessness

[kisak]

Both Chamberlain and Bush were weak when it came to diplomacy. Both were fools in their peculiar way, and people die because of it.

International law exists. It is the reference frame for nations interacting. What kind of idiot are you who mixes international law with public opinion?

Dear Bush Drone

The term "enemy combatant" defies operational definition. Please check the court cases. It's a meaningless device designed as a category to place individuals who can't be categorized any other way.

Re:Dear Bush Drone

[KublaiKhan]

Exactly why I get the screaming heebeejeebies about how our gov't would treat someone classed as an 'enemy cyber combatant'--and what would the proof be? Connecting to a 'foreign' IP address?

Cyber-

[Rukki]

I must not be the only one worried that the international regulations are being levied by people so out of step that they think "Cyber" still means "Internet" not "Text-Sex"?

Re:Cyber-

[El+Yanqui]

What do you expect when you get rid of congressmen like Mark Foley who clearly understand what "Cyber" means?

Re:Cyber-

[Rukki]

While I see your point, I disagree with the sentiment that we've gotten rid of "congressmen like Mark Foley" Clearly there are still many like him floating about the hallowed halls. I refer of course to two groups in particular; the Democratic and Republican parties.

CIA = zero credibility

The CIA thought Iraq had WMD, the CIA financed and armed the Taliban, and the CIA still has no idea where Bush family friend Osama Bin Laden is at.

So why does the CIA think it has, as an institution, any credibility left with the American public?

Quite frankly, I'm not believing a single thing officially said by the government until after GWB leaves office... at which point I'll start thinking about it.

Conservatives are right about government not working. A government with conservatives in it NEVER works... so the solution is to get rid of all the conservatives.

Re:CIA = zero credibility

>> ...at which point I'll start thinking about it.

Sucker.

Re:CIA = zero credibility

>So why does the CIA think it has, as an institution, any credibility left with the American public?

Why does it need credibility? It has shown that it has the capability to call a shot, have a country's government overthrown, and its leader executed. All other considerations fade to insignificance compared to that.

Allow suing the power companies

[mOdQuArK!]

If they're so incompetent or unwilling to spend money to protect their control systems from something as stupid as an Internet-based attack, then they should be liable for ALL damages that occur to their customers.

This is definitely one situation where passing new laws to try and catch/punish the culprits is going to do diddly-squat, so they'll have to expend resources necessary to make a defense so solid that the matter becomes irrelevant.

Re:Allow suing the power companies

[conureman]

But it will justify the price increase.

A big IF

[mangu]

"If the CIA is right to attribute recent blackouts to cyberwarfare, ...

Hey, look, "Die Hard 4" is fiction, and not very good fiction at that.

Re:A big IF

[presidentbeef]

Hey! Die Hard 4 is a great movie if you watch it with the understanding that it is a comedy.

Re:A big IF

[Joe+The+Dragon]

The power system does have a lot remote switch's , recloser's and so on with wire less links on them. So you may be able to tell them to trun off by taking over that link.

Re:A big IF

[rrohbeck]

Amen. Bruce Willis bull riding an F-35 - I laughed so hard.
But why didn't he shout "YEE-HAW!!!"?

Overly Complex

[Atomm]

like the summary?

The US=The World

[STrinity]

"If the CIA is right to attribute recent blackouts to cyberwarfare, cyberwarfare is no longer science fiction but reality.

So Estonia only exists in sci-fi novels?

Re:The US=The World

[nweaver]

Well, execpt that The Estonian "Cyber War" was really internal-to-Estonia script kiddiez.

Re:The US=The World

[KublaiKhan]

Mod parent up. It seems that the "Estonian Cyberwar" has got just as much legs, as urban legends go, as the "Obama's secretly a muslim" bit of nonsense.

(I don't personally care for some of Obama's policies, but fer heaven's sake, there's plenty to criticize without making stuff up...)

Re:The US=The World

[zoney_ie]

There was actual severe disruption to Estonia's online presence in the incident, and there was genuine sabre-rattling from Estonia as a result of them blaming Russia (they tried to get the EU to do something about it). It was a major enough current event here in Europe due to the political context (even amongst uninvolved Western EU countries the news reporting fed into the "Russia=evil" theme that people are picking up).

The fact of it turning out to be an Estonian student is in many ways, irrelevant. It could as easily have been someone in Russia, which is the scenario some seem to consider as being sci-fi or implausible.

Adequate laws?

[El+Yanqui]

Duncan Hollis raises the question of whether existing international law is adequate for regulating cyberwarfare

Because existing international law has done such a bang up job regulating real warfare.

True stateless war

[G4from128k]

What stops a Saudi IslamoFascist living in Canada from buying malware from the Russian mafia and redirecting attacks through servers in China? Who do we attack when the attacker is a botnet consisting of a bunch of infected PCs on some UK cablemodem network?

The extreme malleability of data, software, and networks means that anyone can make anyone look like they are a participant in an attack. It won't surprise me if a large percentage of counterattacks, reprisals, or sanctions target the wrong party because they were just the last identifiable node in a long chain of proxies and dark-net hops. If one can make one enemy look like it attacked another enemy, then one can kill two enemy for the price of on DDoSing.

Re:True stateless war

[kitgerrits]

From what I gather from recent Government History, I guess they simply want to know what kind of excuse they need to start a full-on war.

Once they know what can be used as what, all they need to do is trigger the right event from the right country and they can start an all new war.
(After all, it is cyberWARfare, they government has the right to kill people over it).

Maybe a portscan of dod.gov will have the gov't simply ask your ISP for your name and address, for future reference.
If they see a valid inciming hack attack (Anything a modern firewall might call hostile), they will -demand- the information from the ISP, so they can storm the location (be it a datacenter or a home) and confiscate any equipment they may want^H^H^H^H^H need.

There have never been laws about these things, because everyone know that investigating a single attack takes a -lot- of time to do the legal way, but having -all- the information available beforehand makes things go a lot quicker.

All they need is a database of all Internet subscribers, and a log of all their IP traffic (HTTP/POP3/SMTP/SIP/SSH/etc).
That way they can easily draw a straight line from anyone they don't like to the current Axis of Evil.

I know this sounds very paranoid, but am I paranoid enough?

Re:True stateless war

The extreme malleability of data, software, and networks means that anyone can make anyone look like they are a participant in an attack.

What do you mean by "look like"? If someone runs a botnet node, they are a participant. Nobody has to run whatever software is sent to them. At some point, the owner of the machine makes a risky decision. I don't think they should killed for it, of course, but why fuck not take at least some responsibility?

Re:True stateless war

[MadMidnightBomber]

Who do we attack when the attacker is a botnet consisting of a bunch of infected PCs on some UK cablemodem network?

Nuke LINX?

Re:True stateless war

[I'm_Original]

I'm not familiar with all the details on this stuff, either from a political or security standpoint, but isn't this the excuse that every country needs to set up its own Great Firewall? Some counties may be forced to do so, either by public opinion or international pressure.

Fixed

[philam3nt]

I fixed this for you:

Existing [international] laws can't be made to fit the crimes of cyberwarfare without extensive revision.

The world is growing into the tech age at different rates. The issue is that international laws differ greatly on what constitutes a cyber-crime (see: China) -- what one country considers harmless in another country may result in a lifetime sentence in prison. This discourages not only crime, but international espionage, because the consequences could be disastrous. Laws also differ in times of war, or if the citzen is a government agent, making things currently very complicated. Not to mention a [cr|h]acker routing their way through an unknowing 3rd party country. Where does the responsibility lie?

Examples, FTA:

...serious "translation" problems make [the laws] ill-suited to the task. For example, the U.N. Charter clearly prohibits states from using force except in self-defense or with U.N. authorization. So does that ban Russia from computer attacks on Estonia? It might. Or is it a "use of force" only if the target is physically harmed? Or only if it leads to death and destruction? Or simply whenever the target is critical to a nation's security? Similar uncertainties surround rules on neutrality and civilian distinction...states may shy away from cyberattacks entirely if they don't know what's allowed -- even in cases in which those attacks might cause less harm than the bombs they'll use instead.

When the laws of war don't apply -- even by analogy -- an overwhelmingly complex set of other international and foreign laws kicks in. For example, assume the hackers in the Estonia case were indeed operating from Russia but had no ties to the government or military. Under existing rules, Estonia should respond by asking Russia to police its own territory. To counter-attack would violate Russia's sovereignty. With new rules, however, nations could agree to waive sovereignty concerns and permit a direct response in certain cases, such as cyberattacks by terrorists that all nations might want thwarted.

Hope that helps! The article is much more clearly written as a whole than what's just in the summary.

Re:Fixed

[KublaiKhan]

I stand corrected. The difference in tech levels (and further, the governments' understanding of said tech) amongst countries is extremely pertinent to the issue at hand.

I personally think that the understanding is more important than the tech level insert series of tubes comment here.

Thought i'd actually read the TFA

[MacarooMac]

and find out what this IO business is all about. From the paper

IO involves the use of information technology, such as computer network attacks or psychological operations, to influence, disrupt, corrupt, usurp or defend information systems and the infrastructure they support. More than thirty states have developed IO capacities. But IO is also undoubtedly attractive to non-state actors like Al Qaeda, since the technology is mostly inexpensive, easy-to-use, and capable of deployment from virtually anywhere.

How do come up with thirty states? Presumably this only refers to rogue states. I notice they've left off Hawaii.

Re:Thought i'd actually read the TFA

[belmolis]

In this context state means "country".

Re:Thought i'd actually read the TFA

[MacarooMac]

And there was me thinking the Pentagon maintained a secret black list of rogue US states they suspected of plotting to launch net-based attacks against.. eachother!
My, this is not a particularly stately state of affairs to be in.

You don't understand, there is no law against war

[NotQuiteReal]

You are just supposed to have nice, legal wars.

Clear on that?

New Product: Firewalls for Home Electrical Grid?

[davidsyes]

I can just see it now. First, we had to have duct tape (what a fiasco...). Now, we're likely to see snake-oil salespeople and inept government officials inducing a semi-panic.

But, it couldn't hurt to have a slew of Honda generators, arm-driven dynamo radio-cell phone charger units on hand.

A new war...

[Unlikely_Hero]

great...a new war on a poorly defined noun, this will go well.

There's only one thing that can be done against any attacks in this vein, (and I don't trust a governmental analysis at all as a rule), and that is to tighten security on the defensive end. Trying to find and prosecute anybody is going to be a complete waste of time.

Oy...gives the politicians something to scare people with though, most of whom still think the word "hacker" means criminal...

Op-Ed and Rules of Engagement - retaliation...

[hschickel]

From the op-ed piece...
When the laws of war don't apply -- even by analogy -- an overwhelmingly complex set of other international and foreign laws kicks in. For example, assume the hackers in the Estonia case were indeed operating from Russia but had no ties to the government or military. Under existing rules, Estonia should respond by asking Russia to police its own territory. To counter-attack would violate Russia's sovereignty. With new rules, however, nations could agree to waive sovereignty concerns and permit a direct response in certain cases, such as cyberattacks by terrorists that all nations might want thwarted.

Article I, Section 8 of the US Constitution gives Congress these powers among others...
*To define and punish Piracies and Felonies committed on the high Seas, and Offenses against the Law of Nations;
*To declare War, grant Letters of Marque and Reprisal, and make Rules concerning Captures on Land and Water;

I'm not sure the last time a Letter of Marque or Reprisal was issued... It seems that they could apply here though. I am certainly curious for the opinions of any more knowledgeable on the subject.

Re:Op-Ed and Rules of Engagement - retaliation...

This is one of the serious issues that states will face when dealing with these types of attacks - attribution. When an army is massing on your border, it's pretty obvious whose army it is, and when attacks start occuring, you know who to blame and who to legitimately strike back against.

You don't have this in IO - you can bounce your attack through as many countries as you like and the target has to firstly figure out the path you used, and then be able to prove that they have found the ultimate source of the attack, rather than just another country that it was bounced through. If I was say, the government of Ireland, and wanted to attack the US, I would most definately bounce it through the more likely culprits of Iran, Russia and China, and hope to be able to cut the forensic link at that point. I would be able to launch my attack, and someone else would get blamed for it. Now that's what I call warfare!

Re:Op-Ed and Rules of Engagement - retaliation...

[docwatson223]

The last Letters of Marque and Reprisal were in the 1800's. The use of Letters of Marque was discontinued by many countries who signed the Declaration of Paris in 1856. The United States as well as several other countries signed the International Treaty much later. We could, arguably, re-issue them but the implications in International Law would be huge.

CIA: not exactly a trustworthy source

[foqn1bo]

Given their track record, and given who they work for, why on earth should any American in their right mind believe anything the CIA has to say? If this threat were real, they'd just keep it - and the methods used to combat it - a secret for as long as possible, which is what they usually do. What possible reason would they have to reveal it to the press unless the primary objective is propaganda?

Re:CIA: not exactly a trustworthy source

[TubeSteak]

If this threat were real, they'd just keep it - and the methods used to combat it - a secret for as long as possible, which is what they usually do. What possible reason would they have to reveal it to the press unless the primary objective is propaganda? Obviously, the need for a secure U.S.A. infrastructure outweighs the CIA's desire for secrecy. If you keep it a secret, you can't really fix it now can you?

Unless you think that somehow the Gov't will be able to get the private sector to fix the problem without any information leaks. That'd be impressive as hell.

Re:CIA: not exactly a trustworthy source

[bulled]

why should anyone believe them? Because it is profitable to do so or they never question anything that this administration says.

We need laws against cyberwarfare!

Because the ones against spamming, using drugs and having intercourse with someone of the same sex are working so well!

no evidence

[Presto+Vivace]

Neither the Information Week article I saw, nor any other story has provided any details. It is alleged that blackouts occurred due to cyber attacks, but no specific locations are provided. What black outs? When and where? No details are given. And what is the evidence that cyber attacks were involved? We should with hold judgment until we are provided with the specifics.

Re:no evidence

[Ignis+Flatus]

exactly. nor does the IW article say anything about WARFARE, it says EXTORTION. and as we all know, extortion happens all the damn time. maybe it was even an inside job, in which case, local laws will apply just fine thanks.

rules of engagement mean nothing in cyberspace

[petes_PoV]

Laws pertaining to war only have a meaning if real people can see if they are being broken or adhered to. A country's population can only protest anout atrocities (either committed by their own side or the other guy) if they know about them - which really means if they appear on TV.

Cyber warfare does not exist in places you can get TV cameras. It is the perfect deniable operation. Therefore it is not possible to present "evidence" of transgressions to the court of public opinion, or international outrage and consequently no protests or action can be taken.

As it is, rules of war are only drafted after the event and would therefore need recedents to be set inorder to know where the limits of acceptability lay.

I would expect that the attitude of some governments (not to mention any names) would allow them to treat anyone with a computer as an "enemy combatant" and therefore would be fair game in any cyber warfare action. In that situation, we should all expect to be targets - sometimes it's best to get your defence in first.

This crap might end...

[rickb928]

...when the packet you deliver to the datattackers is measured in kilotons, not kilobytes.

And that's not gonna happen any time soon.

It takes a lot to unravel an attack. More work than tracking down the source of a dirty bomb, or Avian Flu dose, or hallucinogens in the water supply.

More good reasons to not go hell-bent on integrating our utilities over the Internet. It cannot be secured. Only a matter of time before someone breaks into a SCADA access point and causes trouble here.

In the meantime, maybe Estonia's example is what we face. Temporary paralysis, expensive resolutions, and the awareness that this can and will happen again.

And in all this, ICANN wants to be independent of the U.S. Harrr... It would appear that the U.S. is not the source of the real trouble on the Internet. It's all the litle wannabees desperate to hurt someone/something else.

May they get a visit from a B-2 when they get caught.

Re:This crap might end...

[bishiraver]

or hallucinogens in the water supply.

Could you imagine if DC's water supply got tainted with lsd?

Hundreds of thousands of people would see pretty patterns, a relatively large percentage of those would have a religious experience, and most of them would come out of it feeling refreshed, seeing the world in a new light with optimism and peace.

Sounds like it might end up being pretty rad, not terrorist at all...... that is, if they released it in such a low concentration that you'd only get 4-50 micrograms (as opposed to the typical 100-150 microgram street dose these days, or the 250microgram street dose in the 60s, or a 400 microgram dose that would drive you insane...)

Nah, the only hallucinogen that would supremely cause terror would be if they tainted the water with Datura extract.

Of course, that's a deliriant and not a psychedelic -- but that's splitting hairs.

Heinlein's Razor

[Kozar_The_Malignant]

>If the CIA is right to attribute recent blackouts to cyberwarfare

Never attribute to malice that which can be adequately explained by stupidity.

Fucking with us

[sz.evolution]

A week ago, they wanted to expand domestic internet surveillance, now the CIA says that a war is already going on. Nice one, Bush.

old fashioned warfare

[tyrantking31]

Because existing international law is more that adequate for regulating conventional warfare.

Re:What is IO, CoOp, and WTFC?

[OldHawk777]

IO for the CIA/NSA/FBI... management (not field folks) for the past few decades ... Vietnam falls to Vietnam communist threat "WHAT? but Nixon promised?" ... Iron-Curtain-Wall collapses surprising everyone ... Israel bombs a Nuk-plant, who could have guessed ... USA commercial aircraft fly into two previously targeted tall NYC buildings "AMAZING?" ... Levey/Dike fail, bridges collapse, anthrax released ... China and Saudi crackers attack DoD/DNS.... ...

CIA guessed that cyberwar caused city blackouts. I guess, CIA management guessed wrong again ... it could have been piss-poor and failing infrastructure and/or organized corporatist criminals that cased power-grid failures and city/regional blackouts. I could be wrong, but my track record is as good (maybe better) as any CIA/NSA/FBI... politicized management truth-spinning.

Oh, CoOp (Covert Operations) CIA field folks are good. WTFC (who the fyck cares) about CIA/NSA/FBI... politicized management truth-spinning that is used to improve agency budget/funding and proof-fabrication for questionable politically savvy IO assessments.

Again, I am sure, I am wrong, but why not make a NSWAG/IDWAG (non-scientific.../Intelligence-Design Wild Ass Guess).

CIA/NSA/FBI/MI... credibility will greatly improve (for me) when they terminate BinLadin and about a thousand close associates in his general area. BinLadin lives by the political will of others not in Saudi; So, kill them all (First BinLadin...).

Re:You don't understand, there is no law against w

...there is no law against war...You are just supposed to have nice, legal wars...Clear on that?

I assume that you are mocking certain pro-war viewpoints here - and I don't disagree with you on that.

On this topic, though, a while back there was some international outrage because some "class A" Japanese war criminals were honored in various complicated ways by the Japanese government. So...what is a class A war crime? A class A war crime is a "crime against the peace" - that is, waging a war of aggression.

So, despite what the pro-war crowd might imply. There are actually some very serious laws, not just about the conduct of war, but about going to war in the first place.

Cyberwarfare is against Cyberlaw

[garlicbready]

you shouldn't be using the term "Cyberwarfare" I've just trademarked it
now your breaking my CyberLaw ... oh wait

Re:You don't understand, there is no law against w

nice, legal wars.

For example, the Hague Convention of 1899 prohibited dum-dum bullets.
http://en.wikipedia.org/wiki/Dum-dum#Law [1]

There's a long history of international law regulating particularly nasty applications. There is/was a similar restriction on using anti-aircraft weapons on ground troups, which is usually overlooked by gear-head historians writing about vehicles like the Skink and M42.

And of course there are the Geneva defintions about treatment of military personel, and what constitutes military personel.

This is not to say that abuses do not occur -- there are no man-made laws that go unbroken. But there is indeed a large body of generally-followed war laws that keep the disgusting slaughter within some sort of order while it is occuring (important for maintaining troop dicipline if nothing else), shorten the post-war recouperation periods, and reducing (not removing) the revenge-headset of all sides.

Which I appreciate is difficult to wrap one's head around -- but war can in fact be much worse than it is, and would have been worse than it was during the last century. War laws are not simply a bad joke.

[1] Side-track time (geeks are in love with detail, after all) -- the wiki article is a little off in the WW1 reference. Once the conflict was well underway, the medics could certainly tell without confusion when dum-dum style rounds were in use. The records show spikes of such wounds on particular days in particular areas.

Research is indicating these were probably reversed-rounds -- alterations by the troops, rather than supply. It has a dum-dum effect, and it was useful against tanks, oddly enough. Regular rifle bullets shattered - the blunt end of a reverse-round acted like a die-punch against early armour, creating a hole. It's still unclear which effect was the intent and which the by-product.

The laws are never adequate

[daemonenwind]

No bureaucrat has ever been hatched who believes we have enough laws.

Small wonder a legal scholar thinks we all need more laws - his job is to read them.

Lawyers are like other people--fools on the average; but it is easier for an ass to succeed in that trade than any other.
-quoted in Sam Clemens of Hannibal, Dixon Wecter

Government and cyberwarfare

[argoff]

Using government and global quasi government agencies to stop bad deeds on the internet is simply not a rational solution. You can't stop information with planes, boats, guns, and tanks. But this is exactly what government (global or otherwise) is about. Government is a tool of coercion. That tool simply doesn't work well online any more than it will work of you threaten to beat the crap out of me if you don't like what I say. Seriously, try it - see if I even care. The rational solution is self organization and technological solutions. Black lists and AI have done more to stop spam than every government law on the books combined. All those lawsuits from the RIAA were barely able to even minutely influence peoples online behaviors.

Politics and the English Language

[J'raxis]

Translating existing rules into the IO context produces extensive uncertainty, risking unintentional escalations of conflict where forces have differing interpretations of what is permissible.

Translation: "Not knowing what we're doing could fuck things up." Orwell would like to have a word with you...

Perhaps countries should obey non-Cyber laws first

[MrSteveSD]

Clearly major powers are not even obeying the Geneva Conventions at the moment so it seems even less likely they will obey any kind of Cyber-International Law. This is all compounded by the fact that the Security Council of the UN is permanently controlled by some of the very countries most likely to be breaking international law. There is the ICJ of course (World Court) but it's fairly powerless, especially against the larger powers.

For example, in 1986 the World Court condemned the US for its terrorist activities in Nicaragua, which (among many other things) included mining harbours, putting civilian shipping in danger. The US just rejected the ruling. The UN General Assembly then voted twice for the US to obey the ruling of the World Court, but again, to no avail. Perhaps the view of the entire planet should be binding, rather than just the word of a few countries in the Security Council. Without any effective mechanism of enforcing international law against the main offenders, what hope is there? Why should anyone obey international law when the largest powers in the world do not?

Stupid laws for stupid people

[moogyboog]

Anyone that wants to create and pass more and more laws forbidding more and more behavior needs to get their heads examined. As far as this goes, just forget about it...the future will be vastly different than a centralized electrical grid system because there maybe no real purpose of having a system that can be easily taken down by people with some gasoline and a few matches. To think that someone would need a computer to destroy the grid maybe more akin to fantasy. Remember the recent blackouts that occured thanks to a bird? How many times do we need to have the fact of "total" deregulation put into effect with home generation systems based on the new cheap and efficient solar paneling now coming onto market and we also need to have cars that can also run a house come onto market we are still thinking in the 1950's kind of pattern and it needs to be shattered into a new paradigm. The old paradigm of massive internet providers instead of local wifi or massive electrical plants for homes instead of tiny self contained units should be about over, if we can decentralized computers then we should do the same for the grid, it maybe time for the society to crawl out of the womb.

mod parent up

[cathector]

as subject, despite using the word withhold as two words. ;)

The End of World War II In Europe...

[Etherwalk]

As the end of WWII in Europe approached, the German Army started coming west for the purpose of surrendering. They were being closed in on from two sides, but they went to the Western Front because the Geneva Convention was in effect, and prisoners were relatively well treated.

That being said, the western allies might not have been so friendly if the Germans had gotten as close to DC as they did to Moscow.

And that being said, the Germans got pretty damn close to London.

Rules of War do matter. Not always, but sometimes. And even if they had never mattered, practically, in the history of the world, it would still be right to make them and try to live up to them. I'd rather know soldiers who were proud of saving lives than soldiers who were proud of taking them--but who were, of course, damned good at killing when they had to.

Re:Perhaps countries should obey non-Cyber laws fi

[docwatson223]

...and we should all line up for our chip implants too? Before you espouse the position of a 'New World Order' you need to consider the net effect on personal liberty in the *only* country that you can pretty much say what you want, whenever and wherever you want without the risk of being whisked away to somewhere much, much worse than Gitmo and a bullet in your head for your troubles. Slashdot can't exist anywhere but the US and when you eliminate US governance over it's own international and domestic policies, you are eliminating the ability of every US citizen the rights of being a US citizen. Think it through!!!

hackers have been some benefit

[Grampaw+Willie]

Hackers have been of some benefit, that being they have demonstrated to us, in spades, that "security" on our existing network is no better than a bad joke.

If the internet is to be a component of the commercial business system the security problem has to be corrected.

the troubles that we have on the network today are largely the result of UN-AUTHORIZED programming. Considering this, the first thing that needs to happen is we have to change our thinking about how we update programming

un-authorized programming cannot be allowed, anywhere or anytime. we will need a commercial business type organization such as IBM to make the change,-- the stuff that comes out of academia just don't cut it.

I'm talking RACF for Windows. We need to look at not only who is trying to update what, but also what tools are they using, and just exactly where did they get those tools?

this is necessary to insure that only properly authorized changes are made to any programming

NO SIGNATURE? NO EXECUTE.

Re:hackers have been some benefit

[douochrti]

Ive always been worried about the various control systems out there that are connected to the Internet. Ive been in charge of the SCADA sys for a cities water system for 18 yrs and I never allowed any type of outside connection to it.

Re:Perhaps countries should obey non-Cyber laws fi

[Watson+Ladd]

It's also the only country where 38 million people going hungry is a non-issue. The US also does not protect the secrecy of correspondence to the extent Europe does. The freedom of the press is also absolute in the Netherlands, as well as many other European countries.

Re:What is IO, CoOp, and WTFC?

Unintelligible: Please take your lithium and repost.

Law Pertaining to Cyberwarfare

[KenBen]

Law limiting or regulating cyberwarfare is a bad idea. No one, I say again no one, inclined to attack us will comply with the law. Absolutely no one. So the law will become merely a source of carping, kibitzing, and limiting how the US responds to attacks. Such law will do us no good, only harm. So lets not have any.

There are no wars anymore

[rrohbeck]

Only police actions, peacekeeping missions or interventions.

Reply:I took my lithium, What is LSD?

[OldHawk777]

CIA guessed that cyberwar caused city blackouts. I guess, piss-poor and
failing infrastructure and/or organized corporatist criminals caused
power-grid failures and city/regional blackouts over the past few decades.

It is a CIA budget ploy, or another whoops mistake by government managers.

It is always easy to scare the shit out of god fearing annal retentive
folks, because belief in mythology is pervasive in primitive cultures.

Fear-Capitalism mythology is the new Politically-Correct exploitation for US.