Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyberwarfare in International Law

Posted by Zonk on from the thorny-issue dept.

belmolis writes "If the CIA is right to attribute recent blackouts to cyberwarfare, cyberwarfare is no longer science fiction but reality. In a recent op-ed piece and a detailed scholarly paper, legal scholar Duncan Hollis raises the question of whether existing international law is adequate for regulating cyberwarfare. He concludes that it is not: 'Translating existing rules into the IO context produces extensive uncertainty, risking unintentional escalations of conflict where forces have differing interpretations of what is permissible. Alternatively, such uncertainty may discourage the use of IO even if it might produce less harm than traditional means of warfare. Beyond uncertainty, the existing legal framework is insufficient and overly complex. Existing rules have little to say about the non-state actors that will be at the center of future conflicts. And where the laws of war do not apply, even by analogy, an overwhelmingly complex set of other international and foreign law rules purport to govern IO.'"

12 of 136 comments (clear)

  1. Re:What is IO? by Nibbler999 · · Score: 5, Informative

    IO = information operations in this context.

  2. Enemy combatants? by KublaiKhan · · Score: 3, Interesting

    I dare say that any "cyberwarrior" would not have a recognizable uniform, and as such, would probably be classed as an 'enemy combatant' by the gov't...which gives me the screaming blue creevles, given the gov't's current attitude towards anyone they suspect to be such an 'enemy combatant'--Guantanamo Bay doesn't have broadband, does it? Will they torture this new class of enemy combatant by making them dial into AOL with a 300 baud modem on a keyboard with a broken shift/caps key?

    --
    In Xanadu did Kubla Khan
    A stately pleasure dome decree
    1. Re:Enemy combatants? by The+Queen · · Score: 3, Insightful

      You are correct in having "screaming blue creevles" as you put it since yes, cyber-warriors are likely to be a mix of military and civilians, and what with all the lawsuits and spying already going on it wouldn't be much of a leap for some hax0r to be tagged by the feds and shipped off for questioning. The real sticky part though is how the law will cross borders. Cyber warfare knows no borders, so what would our government do if someone from Iran came calling to arrest one of our own on such charges?

      This is the inevitable and ingenious evolution of war, IMO. Not, as ST:TOS "A Taste of Armageddon" would have it, but without any bloodshed or casualties in the physical sense. By hitting people in their infrastructure, their way of life, and their economy. (Sortof what the 9-11 guys thought they were doing...and heck, what all us 'rich' countries do all the time through sanctions, trade agreements, 'wars' on drugs, and such...)

      --

      The House Between - Original Sci-Fi Series
  3. Cyber- by Rukki · · Score: 3, Funny

    I must not be the only one worried that the international regulations are being levied by people so out of step that they think "Cyber" still means "Internet" not "Text-Sex"?

  4. Adequate laws? by El+Yanqui · · Score: 3, Funny

    Duncan Hollis raises the question of whether existing international law is adequate for regulating cyberwarfare

    Because existing international law has done such a bang up job regulating real warfare.

    --
    Well, thanks to the Internet, I'm now bored with sex.
  5. True stateless war by G4from128k · · Score: 4, Interesting

    What stops a Saudi IslamoFascist living in Canada from buying malware from the Russian mafia and redirecting attacks through servers in China? Who do we attack when the attacker is a botnet consisting of a bunch of infected PCs on some UK cablemodem network?

    The extreme malleability of data, software, and networks means that anyone can make anyone look like they are a participant in an attack. It won't surprise me if a large percentage of counterattacks, reprisals, or sanctions target the wrong party because they were just the last identifiable node in a long chain of proxies and dark-net hops. If one can make one enemy look like it attacked another enemy, then one can kill two enemy for the price of on DDoSing.

    --
    Two wrongs don't make a right, but three lefts do.
  6. Re:The US=The World by nweaver · · Score: 4, Informative

    Well, execpt that The Estonian "Cyber War" was really internal-to-Estonia script kiddiez.

    --
    Test your net with Netalyzr
  7. CIA: not exactly a trustworthy source by foqn1bo · · Score: 3, Insightful

    Given their track record, and given who they work for, why on earth should any American in their right mind believe anything the CIA has to say? If this threat were real, they'd just keep it - and the methods used to combat it - a secret for as long as possible, which is what they usually do. What possible reason would they have to reveal it to the press unless the primary objective is propaganda?

  8. no evidence by Presto+Vivace · · Score: 3, Insightful

    Neither the Information Week article I saw, nor any other story has provided any details. It is alleged that blackouts occurred due to cyber attacks, but no specific locations are provided. What black outs? When and where? No details are given. And what is the evidence that cyber attacks were involved? We should with hold judgment until we are provided with the specifics.

  9. Re:cluelessness by Quadraginta · · Score: 3, Insightful

    I think you are confusing "has been regulated" with "has been imagined to be regulated by lawyers and naive fools." To be "regulated" requires a bit more than the mere existence of regulations on paper. It requires that these things have actual force, that they actually do something, they restrain people in some way.

    The only thing that has ever restrained the behaviour of nations in combat is plain fear of the direct consequences, e.g. retaliation by the enemy. Can you give me a counter-example? Some case where a nation committed to a war, with substantial interests at stake, eschewed methods of war because some lawyer somewhere said they were "illegal?" If not, then those "regulations" are as insubstantial as moonbeams.

  10. This crap might end... by rickb928 · · Score: 3, Interesting

    ...when the packet you deliver to the datattackers is measured in kilotons, not kilobytes.

    And that's not gonna happen any time soon.

    It takes a lot to unravel an attack. More work than tracking down the source of a dirty bomb, or Avian Flu dose, or hallucinogens in the water supply.

    More good reasons to not go hell-bent on integrating our utilities over the Internet. It cannot be secured. Only a matter of time before someone breaks into a SCADA access point and causes trouble here.

    In the meantime, maybe Estonia's example is what we face. Temporary paralysis, expensive resolutions, and the awareness that this can and will happen again.

    And in all this, ICANN wants to be independent of the U.S. Harrr... It would appear that the U.S. is not the source of the real trouble on the Internet. It's all the litle wannabees desperate to hurt someone/something else.

    May they get a visit from a B-2 when they get caught.

    --
    deleting the extra space after periods so i can stay relevant, yeah.
  11. Re:cluelessness by rtechie · · Score: 4, Insightful

    All of these quaint efforts overlook the fact that war is, by definition, the breakdown of any shred of mutual trust and willingness to compromise. War is about killing people, and when you get to that stage of mutual rage and madness, no piece of paper full of high-minded sentiment is going to stop you from doing what you think you must to win (or not lose). I can't think of any historical exceptions. Can you? The short answer is: yes. There have been rules of war that have been closely followed, for centuries, by various groups. There were strict laws of war governed by the Church in the Middle Ages. Imperial Japan followed rules of war, right into WWII (you might not agree with those rules, but they existed). The Roman Army followed strict rules. The idea of soldiers acting in a discipled and humane fashion is nothing new. The big problem is that these rules only tend to be followed in cultural sandboxes: European vs. European, Japanese vs Japanese, etc. When conflicts are cross-cultural the tendency to dehumanize opponents increases and you get much bloodier conflicts: Crusades, Native American wars, Vietnam, etc.

    I don't think it's useless to have laws of war. There is no reason to believe they make conflicts worse and every reason to believe that they help reduce civilian casualties, torture, etc. During WW1 gas weapons saw wide deployment, and they were banned not because they were ineffective, but because of the danger they reprsented to all soldiers and civilians. Gas weapons have been used since (notably in the Iran-Iraq war), but widespread use is a thing of the past. Ditto for flamethrowers and flame weapons in general (Phosphor weapons are making a comeback though. Bush apparently thinks burning people alive is fun).