Wednesday, December 10, 2008

Calls to Define Cyberwar

One of the critical points made in the recently released report from the Commission on Cybersecurity for the 44th President was the need to actually define what is and is not cyber war.
"The U.S. military , meanwhile , lacks a formal doctrine on offensive military operations in cyberspace, although the Bush administration is " racing " to finalize such a policy before it leaves office, says one person familiar with the White House ' s work on the issue."
It is always concerning when we see a government body "racing" to do anything and this issue is too important to be done in a haphazard fashion.

However, the report does define three important questions that need to be answered sooner rather than later:

"There are three central issues with which the international legal community must grapple as the debate continues, says James Lewis, the project director of the Commission on Cybersecurity of the 44th Presidency, which issued its report this week. Each country might have different answers, but the questions will be universal.

  • "At what point does a cyberattack constitute an act of war or a violation severe enough to justify a response?
  • "How do we protect the civil liberties of the Internet-using public while improving security?
  • "Which legal authorities will assume responsibility for investigating a cyberattack—the intelligence community, the military, or law enforcement?"
Answering these questions, combined with the creation of Rules of Engagement for Cyber Warfare and better investigative capabilities to determine actual source and motive, would be excellent first steps in gaining some measure of control over the situation.

When Do Online Attacks Cross the Line Into Cyberwar?

No comments: