Few people would dispute the complexities that are all so common in the cyber domain of conflict. Arguably, one of the most complex areas deals with the laws of conflict and international law.
A number of events, some as recent as two weeks ago, have once again demanded revisiting the comments made by U.S. government representatives as to how conflict in the cyber domain fits into the legal framework of war.
It is not uncommon to reference comments recently made by government officials surrounding the rule of law as it is being applied to cyber conflict. For some unknown reasons, these comments did not receive a significant amount of notice, far short from that which they call for.
In a recent cyber war game, the laws of cyber conflict once again came up. The question was, “Does international law apply to cyber space?” One document that I commonly reference (http://www.state.gov/s/l/releases/remarks/197924.htm) came out of the 2012 USCYBERCOM Inter-Agency Legal Conference, and it specifically answers that question, yes. The author, Harold Hongju Koh, legal advisor to the U.S. Department of State, went on to say at the conference that this view is not universally accepted in the international community.
The United Nations has a web page that is helpful in respect to international law (http://www.un.org/en/law/index.shtml), but after reviewing their site I was unable to find the UN’s view of cyber conflict in the context of international law. It is impractical to operate solo in this domain. It is dangerous to operate without universal acceptance of the application of international law to the cyber domain by the majority if not all of the 231 countries/territories connected to the Internet.
Posted on May 10, 2013 at 2:46 PM0 comments
The term power projection has been around for decades. U.S. Department of Defense has defined power projection as the ability of a nation to apply all or some of its elements of national power. Elements of national power include political, economic, informational, or military force.
You don’t have to go very far to see these elements in use right now. Current headlines are chocked full of examples of how nation’s leverage these elements as a mechanism of influence, and the current activity has intensified the research and development of cyber weapons.
Now try to apply power projection in cyber space. The definition doesn’t fit too well. I started out calling this cyber soft power projection, and that evolved as cyber weapon capabilities increased and the cyber threat domain changed. Consider this aspect of the problem: virtual-states have the same opportunity to use cyber to inform, influence or force decisions and demonstrate the virtual-state’s power.
The differences don’t stop there. Consider the fact that oftentimes cyber attacks are not really visible to the public. If anything, all they know is something didn’t work. When a cyber attack takes down an element of critical infrastructure (like online banking) it is much more public, but easily explained away as a “technical glitch.” If you think about it, explaining away a cyber attack as a technical glitch among all the real technical glitches that the online world experiences would not be that difficult.
Now consider all the technical glitches that we have experienced or heard about in the past year. How many of those were actually cyber attacks? We may never know. With all the recent talk of cyber war and all the cyber attacks that are said to have taken place, one has to wonder how much we don’t know? All indications are the answer is...a lot.
Follow Kevin Coleman on Twitter @KGColeman.
Posted on May 03, 2013 at 2:04 PM0 comments
Ever considered what special operations in the cyber domain might look like? This is boots on the ground cyber operations.
Special operations stories have been captured by Hollywood and usually result in big audience draws, though Hollywood might have a harder time with the limited actions commonly equated with cyber attacks.
The topic of special cyber operations came up in a recent military training lecture I recently gave. This is not the first time the concept for special cyber operations has come up. When many hear the term they envision a lone-wolf hacker in front of a computer coding away. In reality that could not be further from the truth.
Special cyber ops can have all the action, danger and intrigue of conventional operations we attribute to a Seal-team raid. All it takes is to understand the threat domain, a fundamental understanding of the exploitation of computer and communications technology.
This thinking has made it to the frontal lobes of military planners, and we even include two special cyber ops scenarios in the cyber war-gaming that we use in our training. The mental models of special cyber ops missions include “boots on the ground,” a term that was used in one discussion on this topic.
I hinted at this three years ago (http://defensesystems.com/articles/2010/04/06/digital-conflict-cross-functional-teams.aspx) when I blogged about cross-functional teams and the need for collaboration. A year later on my cyber intelligence blog (http://gov.aol.com/2011/11/07/cyber-intelligence-american-s-innovation-and-creativity-under-c/).
I talked about the need for innovation and creativity in the development of our strategies and tactics for offensive, defensive and intelligence activities in cyber space. This is what provides the element of surprise when targeting an adversary.
The concept of special cyber ops is rapidly evolving, as are most of the concepts, strategies and weapons used in the cyber domain. Perhaps in the not so distant future, details about one of the highly sensitive special cyber ops missions will leak out like most things are doing these days. You can be sure that Hollywood will quickly follow.
Posted on Apr 25, 2013 at 12:55 PM0 comments
It would be nearly impossible to dispute the fact that there are differing opinions as to the current cyber threat level. Some say it is overblown, while others express deep concern and warn that we are not ready.
Now add the question of the likelihood of a successful cyber attack that disrupts or destroys our nation’s critical infrastructure and you will get a glimpse of the distribution of opinions on this subject. So who’s right and who’s wrong? That is the question that commonly arises, but there is a much better question that should be asked.
Why is there such a difference in opinion? I asked that question and received the response that I had expected.
The answer to that question deals with access to cyber threat intelligence—much of which is classified. For those of you with security clearances you know that classified intelligence is protected so that our sources and methods of intelligence collection are not compromised. There are those out there who say “classified” is just an excuse to cover-up the lack of credible information or to justify made up information to suit the government’s specific purposes.
I asked an individual who had a very high-level security clearance but is no longer cleared to reflect on this. He responded without hesitation: “There is no way anyone without access to classified threat intelligence can appreciate the real level of threat.”
After about five minutes of conversation about this he expressed his concern about the continuous balancing that must take place. He went on to say it is conceivable that cyber attacks may or have already taken place and we could not alert the targets due to the classified nature of the intelligence.
This led me to ask at what point does our classifying threat intelligence put us at greater risk, and how do we deal with that issue? There was no answer, but you know what, we had better come up with one. That is hot a hypothetical situation; it is one we face today.
Posted on Apr 19, 2013 at 2:04 PM0 comments