At what point do IT geeks become legitimate military targets?



 The authors attention was drawn today to a short article on the BBC discussing how a 19yr old had won a competition by GCHQ to provide the best form of online protection against the hacking threat. http://www.bbc.co.uk/news/technology-17333601

 The emergence of Cyberspace as a new battleground has been widely predicted, and many good papers and books exist on the subject. The issue that has raised questions in the authors head is not on the importance of the UK being able to protect itself from the electronic threat, but more broadly how the current generation of computer literate individuals would be able to sit within the defence community as a whole. For those readers with an interest in such things, he would strongly commend a read of the UK Govt Cyber Security strategy paper at http://www.cabinetoffice.gov.uk/resource-library/cyber-security-strategy , which attempts to set out the UK Govts position on how it will meet the cyber threat.

 What is clear is that the cyber debate represents one of the most challenging future developments that could essentially be a paradigm shift in how security is provided. The move away from the reliance on the Government to provide security for the nation, and instead a realisation that national security is dependent on a hugely complex set of companies, organisations, and groups, and that the resources required to provide this defence are a truly national asset.

While there is unlikely to be a reduction in the requirement to use physical military force in future, it is increasingly clear that the cyber context will be seen as an integrated part of any major powers military and Governmental campaign. The work sits across a range of campaign areas, and Humphrey wanted to use this article to raise a couple of questions.

Is Cyber Security something that should sit within the J1-J9 framework, or has the time come to create a J10 division to handle these matters?

This author genuinely holds no view on this, but would welcome the views of others. For while we focus heavily on issues such as hard power, soft power and influence, it does feel that Cyber Security simultaneously feels as if it sits in all of these roles and none of them at the same time.

 One final question, more rhetorical than anything else, but which perhaps illustrates the complexity of this debate.

 During a military campaign, is it legitimate to kinetically target a building containing an internet café full of civilian students, if those individuals are engaged in hostile acts of aggression against an opposing nation’s critical national infrastructure using cyber means? Do the unarmed civilian students represent a military threat, and how do the laws of war extend to acts involving cyber offence & defence?

Humphrey suspects there is no clear answer to either question, but feels it would make a fascinating debate - where is the line drawn for cyber purposes. Is Cyberspace to be treated as a virtual battleground for targeting purposes, or do the physical facilities and people involved in the process count as legitimate targets for a military operation?


Comments

  1. TrT12 March 2012 at 09:19

    I always find peoples obsession with "legitimate targets" fascinating.
    Although I doubt anyone who could would bother hitting an internet cafe, it would be far easier to cut the communications links on a grander scale, exchanges, trunk lines, even border crossings.

    ReplyDelete
  2. Anonymous12 March 2012 at 16:02

    Cyber defence is business as usual, good old service management. Wrapping it up as cyber is polishing the turd to attract (much needed) money. Other cyber activities do need more consideration, but as part of effects based warfare should remain a component of J3s toolbox.

    A2/waved

    ReplyDelete
  3. Anonymous12 March 2012 at 20:20

    With regard to your second question - I suspect the Laws of Armed Conflict will be re-written to include the deployment of offensive Cyber capabilities. Despite what has recently been written regarding Cyber weapons being strategic tools of fine precision, it is clear their employment, particularly against critical national infrastructure would threaten life and consequently if it were possible to identify and target the orchestrators of such an attack they would be legitimate targets - to my mind. The problem is this domain so difficult to see clearly, obfuscation is everything and nothing is what is seems - all to easy for a nation state to use proxies to deliver a cyber weapon without their even knowing. Interesting times.

    A2

    ReplyDelete
  4. Vic Williams13 March 2012 at 03:36

    This is one sided. How about business travelers outside the legal wall? Say inside China. Look at the Chinese activity and the actions and recommendations for people visiting China. If business depends on travel and the protection outside the wall is limp-wristed then the cash flow is going to dribble. It's the same for ongoing attacks on IP. If tech is copied and sold things can do downhill. Doesn't have to be swiped off a inside-the-wall computer, just copied from tech sold outside.

    ReplyDelete
  5. Anonymous13 March 2012 at 14:33

    J6 surely??

    ReplyDelete
  6. Alex15 March 2012 at 11:08

    Cyber defence is business as usual, good old service management.

    BCP 38 for the win!

    Further, I would argue that offensive "cyberwar" makes as much sense for us as maritime piracy, kinetic ASAT, or suicide bombers. We benefit enormously from free passage over the information commons, rather like we do from free passage over the sea and through Earth orbit.

    At the margin, operations of "cyberwar" become indistinguishable from the activities of (say) Syrian secret police hunting down and torturing bloggers.

    We would do better to concentrate on protecting targets and after-the-fact clean-up (respectively, information security and CERT) on the one hand, and exploiting the information commons on the other.

    If you have an SSN cut the Telecom Italia Sparkle/Seabone cable into Syria, they can't get the BBC or Al Jazeera (and their correspondents struggle to get reporting out), and are left with enemy propaganda. Pro-regime cyber attackers are as likely to use several hundred unpatched Windows PCs in the suburbs of Copenhagen as they are to do anything from their home country.

    ReplyDelete
  7. Sir Humphrey16 March 2012 at 16:43

    Some very interesting comments there - it seems to me that we are in a very grey area with the principle of cyberwarfare. While to some, the deliberate targeting of people engaged in hostile acts seems legitimate, at present it feels as if the laws of armed conflict distinguish between teenage geeks, and teenage geeks in uniform - despite them both being able to have the same damaging effect on opponents infrastructures.

    How would the media treat an attack on a cybercafe, which it had been believed was a legitimate target for its cyberwarfare actions, when the result was many dead people.

    The difficulty of cyberwar is that it blurs the edges - conflict has gone from being a distinct phenomenon, often conducted in clearly defined areas, to something in which the homefront is now potentially the frontline for offensvie actions, even when it is not necessarily under attack, or potentially even in a nation formally engaged in hostile acts against another (3rd party interests or hackers could try to conduct sympathetic acts of support) - Cleary a difficult area, and one that may see much more debate in the future.

    ReplyDelete

Post a Comment

Popular posts from this blog

OP WILMOT - The Secret SBS Mission to Protect the QE2

Image
  In April 1973 the iconic Cunard cruise liner ‘Queen Elizabeth 2’ (QE2) steamed out of Southampton docks on a private chartered cruise. Her voyage would take her through the Mediterranean Sea to Israel to mark the 25 th anniversary of the founding of the Israeli state. The risks were high though, with an increase in terrorism around the world, particularly targeting Israelis, and there was considerable hostility from other regional states. There was a clear concern about the security of passengers onboard, which is why when the QE2 sailed, she was carry 29 heavily armed Royal Marine members of the Special Boat Section (SBS) as both overt and covert passengers onboard to deal with any threat. This is the story of that operation, known as OP WILMOT. UK MOD © Crown copyright The QE2 was chartered to sail on 15 April from Southampton with around 700 passengers onboard, many of whom were believed to be American. The plan for the cruise involve calls at Lisbon, call at the ports of A...
Read more

"One of our nuclear warheads is missing" - The 1971 THROSK Incident

Image
On a dark February day in early 1971 off the coast of Plymouth, there was rising concern about the fact that the unthinkable had happened. The small elderly Naval Armaments Vessel (NAV) THROSK, on passage to the Royal Navy Armaments Depot Coulport, in Scotland, and carrying Polaris nuclear warhead sub-assemblies, had vanished. Warships put to sea, and helicopters from RNAS Culdrose were launched in a desperate search operation to find her. Despite this, no sign could be found. At 0824 that morning, Flag Officer Plymouth sent a SECRET signal initiating the procedures for a possible ‘Nuclear Weapon Accident’ and the Royal Navy prepared for the previously unthinkable reality that one its strategic nuclear warheads was missing… This sounds the stuff of good Cold War fiction, or a scenario from a disaster planning exercise. In fact it is completely true and represents an all but forgotten story of the early days of the Polaris force and the challenges faced by the Royal Navy as it set up ...
Read more

"The Bomber Will Always Get Through" - The Prime Minister and Nuclear Retaliation.

Image
  The 2024 UK General Election has been held, and a new Government returned. For only the 4 th time in 45 years, there has been a handover of power, on this occasion between the Conservative and Labour party. The new Prime Minister, Sir Keir Starmer MP had, within hours of his election victory assumed office in a peaceful and smooth transition of power, the sort of moment that makes you realise how truly fortunate the UK is to enjoy an election where the outcome is accepted without question or debate. Now that the Prime Minister is settled in No 10 Downing Street, the detailed business of the transition of power has begun. If you believe various media accounts, practically the first thing that happens is that the newly appointed Prime Minister is given a briefing on the nuclear deterrent, a pad of paper and a pen, and ask to discreetly write down their views on what the end of the world should look like. Known as the ‘Letters of Last Resort’ these documents have assumed a near myt...
Read more