Analysis of Cyberwarfare Ethics as It Pertains to Civilian Computer Networks/Infrastructures Vanessa Paradine Terms of Reference and Scope The Department of Defense (DoD) currently operates more than fifteen thousand different computer networks across four thousand military installations around the world, with as many as seven million DoD computers and telecommunications tools in use in eighty-eight countries.1 These networks experience over six million unauthorized probes per day.2 Due to the close integration of DoD and commercial networks, an attack within the cyber domain may significantly impact critical civilian infrastructures and networks. For the purpose of this article, the following definitions are pro­ vided: • Cyberspace, as defined by the National Security Presidential Di­ rective 541H0meland Security Presidential Directive 23, is "the interdependent network of information technology infrastruc­ tures, and includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers in critical industries."3 • Cyberspace operations is defined as "the employment of cy­ berspace capabilities where the primary purpose is to achieve military objectives or effects in or through cyberspace."4 • Cyberwarfare/cyberattack has not been defined by the Depart­ ment of the Defense (DoD); however, according to Deputy Defense Secretary William J. Lynn III, it can include a range of things-"from exploitation and exfiltration of data to degrada­ tion of networks to destruction of networks or even physical equipment, physical property."5 • Cyber Threats6 o Virtual-nonkinetic threats to DoD information networks that are just as real and damaging as physical threats. 34 Internatianal Journal of Intelligence Ethics, Vol. 4, No. 1 / Spring/Summer 2013 Analysis of Cyberwarfare Ethics 35 o Physical-kinetic threats mixed with nonkinetic threats; can severely impact the effectiveness of military joint operations. o Nation State-foreign-government sponsored; growing inter­ est in development of more sophisticated cyber capabilities leading to challenges in the defense of DoD information net­ works. o Non-Nation State-support for terrorist and organized crimi­ nal groups that have presented more opportunities for disrup­ tion of the DoD's information networks. • Distributed Denial of Service (DDoS)-An attacker attempts to prevent legitimate users from accessing information or services by targeting a user's computer, its network connection, or the com­ puters and network of the sites that a user is attempting to access. 7 Introduction Cyberspace is a critical component to our everyday lives; nations depend on it for commerce, communication, and control of critical infrastructures such as electric power systems, water supply systems, and emergency services. Many countries and their top leadership recognize this domain as essential to their daily operations. The White House International Strategy for Cyberspace recognizes the importance of a highly developed electronic infrastructure:8 Digital infrastructure is increasingly the backbone of prosperous economies, vigorous research communities, strong militaries, transpar­ ent governments, and free societies. As never before, information tech­ nology is fostering transnational dialogue and facilitating the global flow of goods and services. These social and trade links have become indispensable to our daily lives. Critical life-sustaining infrastructures that deliver electricity and water, control air traffic, and support our financial system all depend on networked information systems. Gov­ ernments are now able to streamline the provision of essential services through eGovernment initiatives. Social and political movements rely on the Internet to enable new and more expansive forms of organiza­ tion and action. The reach of networked technology is pervasive and global. For all nations, the underlying digital infrastructure is or will soon become a national asset. In addition to civilian dependency of cyberspace, the United States and other nation state militaries are also heavily dependent on information networks for command and control of military forces, intelligence and logistics, and developing and fielding weapons 36 VANESSA PARADINE technologies.9 Armed forces that are considered to be modern and global in reach cannot effectively conduct operations without resilient, reliable information and communication networks and assured access to cyberspace. 1o This poses a new and complex ethical dilemma when a nation is conducting cyberwarfare operations. The integration of civilian and military cyber domains no longer limits cyberattacks to the battlefield, and civilian critical infrastructures are also at risk.ll Computer-induced failures of power grids, transportation systems, or on the financial sector could lead to physical damage and economic disruption on a massive scale, affecting civilians and economies world­ wideY Nonphysical damage such as theft of intellectual property may initially seem less destructive, yet it can still cause significant harm if it results in millions of dollars lost or if an adversary has duplicated critical defense science and technology.13 Cyberspace operations have become so advanced that the origin (country) of an attack may not be pinpointed. It is now easier for modern armed forces to infiltrate civilian networks and exploit them for military gain (e.g., shutdown power grids). This concept is perfect for covert operations-offering a protective shield of deniability of acts that may be considered unethical in conventional warfare. Cyberwarfare Rules of Engagement As a new and constantly evolving domain, the rules of cyberwar­ fare are not clearly defined. Recognizing the need for guidelines in cyberspace operations, the Secretary of Defense directed the com­ mander of the U.S. Strategic Command to establish the U.S. Cyber Command in June 2009.14 This new command has been charged with integrating and coordinating the activities of "full-spectrum military cyberspace operations" to ensure "reliable information and communication networks, to counter cyberspace threats, and to assure access to cyberspace. "15 Their strategy for the cyber do­ main is based on five pillars:16 • Pillar 1: Recognize cyberspace as a new domain of warfare. • Pillar 2: Employ defenses that can respond to attacks at network speed, as they happen or before they arrive. • Pillar 3: Ensure military and civilian critical infrastructures are protected. • Pillar 4: Cooperation with allies is essential to counter the cyber threat. Analysis of Cyberwarfare Ethics 37 • Pillar 5: Leverage the national technological base to build supe­ rior military capabilities. The u.s. and Cyber Command have cyberspace defense and deter­ rence measures well covered in their strategy. However, they are still lacking a cohesive plan for offensive operations. This is not surpris­ ing, as the cyber domain continually evolves and interconnects with military and civilian networks around the globe. In an effort to ad­ dress this issue, U.S. general Keith B. Alexander, Commander, u.s. Cyber Command, stated that "the DoD is working on cyber stand­ ing rules of engagement and in the meantime, the laws of land war­ fare and law of armed conflict apply to cyberspace. "17 As it relates to air, land, and sea domains, the law of armed conflict is derived from several sources, such as the Hague Conventions of 1899 and 1907, the Geneva Conventions of 1949, and their Additional Protocols of 1977.18 Article 49 of the Additional Protocols of 1977 defines attack as an act of "violence against the adversary," whether offensively or defensively, regardless of territorial location, and applicable to "land, air, or sea warfare that may affect the civilian population, individual civilians, or civilian objects on land. "19 The law of armed conflict in terms of conventional warfare for the protection of civil­ ians and property is clear and concise. Specific guidance as it pertains to civilians and critical infrastructures is outlined in Articles 51, 56, and 57 of the Additional Protocols of 1977: Article 51-Protection of the civilian population20 • The civilian population as well as individual civilians shall not be the object of attack. • Indiscriminate attacks are prohibited. Indiscriminate attacks are: (a) those which are not directed at a specific military ob­ jective; (b) those which employ a method or means of combat which cannot be directed at a specific military objective; or (c) those which employ a method or means of combat and in each such case, are of a nature to strike military objectives and civilians or civilian objects without distinction. • Types of indiscriminate attacks: (a) bombardment by any methods or means which treats as a single military objective a number of clearly separated and distinct military objectives lo­ cated in a city, town, village or other area containing a similar concentration of civilians or civilian objects; and (b) an attack which may be expected to cause incidental loss of civilian life, 38 VANESSA PARADINE injury to civilians, damage to civilian objects, or a combination thereof, which would be excessive in relation to the concrete and direct military advantage anticipated. Article 56-Protection of works and installations containing danger­ ous forces 21 • Works or installations containing dangerous forces, namely dams, dykes and nuclear electrical generating stations, shall not be made the object of attack, even where these objects are military objec­ tives,
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages13 Page
-
File Size-