Tag Archive | "cyber attacks"

Experts are focusing on new guidance for cyber warfare. (u-antiq-time.jp)

How Does International Law Apply to Cyberwarfare? New Manual Provides Guidelines – a Good First Step

Experts are focusing on new guidance for cyber warfare. (u-antiq-time.jp)

Experts are focusing on new guidance for cyber warfare. (u-antiq-time.jp)

How should nations behave in the face of cyber attacks? Can you distinguish between civilians and combatants in cyberspace? Are the laws of war capable of guiding actions in the age of cyber conflict? The newly released Tallinn Manual addresses these and many other questions about modernizing international law to address cyber war.

The latest guidance on cyber warfare comes not from governments or treaties, but from a group of experts who researched and wrote for three years. Their efforts resulted in the guidelines that became the Tallinn Manual, released in late March. The authors worked for NATO’s think tank, the NATO Co-operative Cyber Defence Centre of Excellence, which requested the guidelines’ creation. The authors emphasize, however, that this manual is not an official NATO document and the guidelines do not have standing in a court of law. The authors believe these guidelines will be a reference for courts and military decision-makers or lawyers dealing with cyber attacks and their fallout. The manual’s name comes from Tallinn, Estonia – the nation’s capital and the location of the manual’s compilation.

The guidance is welcomed, but controversial: some worry that the guidelines give nations permission to execute hackers involved in cyber conflict. Michael Schmitt, lead author of the Tallinn Manual, clarified that a hacker would only be a target within the context of an armed conflict – “State A versus State B” – when that hacker was “directly participating in hostilities.” Within the cyber world, armed attacks are not clearly defined, but Rule 30 of the Tallinn Manual defines them as “[a] cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects.”

Situations like Stuxnet, the alleged cyber attack by the US and Israel against Iran, arguably falls within the definition of an armed attack or “act of force,” although other examples are unclear. The idea of an armed attack meshes with attacks coming specifically from certain countries. A Mandiant report released in mid-February traced attacks to Shanghai, prompting media and government claims that a Chinese military unit was attacking and spying on the US and other countries including Canada, UK, and Japan.

Laws of war apply even in the cyber context, meaning hospitals, power plants, including dams and nuclear power generators, and other sensitive civilian sites are off-limits for attacks. Some argue that cyber attacks (and espionage) have now risen above terrorism to become the primary security threat in the United States. The Tallinn Manual is timely because the law is struggling to catch up to the reality of cyber conflict. At the same time, the manual leaves many grey areas because it aims to be broad enough to encompass as many situations as possible. There are problems with accurate identification and attribution of cyber attacks, and there are problems dealing with non-combatants. The Tallinn Manual is a good first step toward meshing the laws of armed conflict with the realities of cyber attacks, and its publication begins the process of moving this conversation into a public and legal arena.

Kaiti Carpenter is a third-year law student at the University of Denver, and is a staff editor on the Denver Journal of International Law and Policy.

Posted in DJILP Online, DJILP Staff, Featured Articles, Kaiti CarpenterComments (0)

Denver Journal of International Law and Policy

Preview: Science Fiction No More: Cyber Warfare and the United States

As Volume 40, Issue 4 of the Denver Journal of International Law and Policy heads off to the printers, we are previewing some of the articles.  Here is a look at Science Fiction No More: Cyber Warfare and the United States, by Cassandra Kirsch.

Faced with the increased propensity for cyber tools to damage state computer networks and power grids with the click of a mouse, politicians and academics from around the world have called for the creation of a Geneva Convention equivalent in cyberspace. Yet, members of United Nations Security Council continue to disagree as to what cyber activities might rise to the level of an armed attack under the existing Law of Armed Conflict.  Activities once limited to cyber espionage, and outside the reach of international law, are now the very same tools utilized in cyber operations to disable state communications and wreak havoc on state infrastructure. Wars, traditionally waged between nations and clearly defined groups, can now be fought behind the veil of anonymity inherent of the Internet. While acts of war have yet to happen openly on the Internet, accusations have already been made against Russia for the 2007 cyber attacks on Estonia and against Israel for the Stuxnet worm unleashed on Iran’s nuclear reactors. Just as aerial bombing and nuclear arms revolutionized the battlefield, cyber attacks, and the mechanisms behind them, stand poised as the next evolution in weapons of war and any multilateral treaty must take these facts into consideration.

Posted in Article Preview, Cassandra Kirsch, DJILP Online, Featured ArticlesComments (0)

Sources: BBC, NY Times, Int'l Business Times, Reuters, WSJ, Huffington Post, LA Times, Washington Post, IT World

News Post: Cyber Espionage Continues

Sources: BBC, NY Times, Int'l Business Times, Reuters, WSJ, Huffington Post, LA Times, Washington Post, IT World

Sources: BBC, NY Times, Int'l Business Times, Reuters, WSJ, Huffington Post, LA Times, Washington Post, IT World

On September 20, Japan’s top weapon’s manufacturer, Mitsubishi Heavy Industries (MIH), confirmed it was the victim of a cyber attack reportedly targeting sensitive data on advanced weaponry and nuclear power plants.  After nearly a month of internal investigation, a media leak persuaded MIH to inform the Japanese government of the attack, which infected servers and desktop computers at multiple MIH facilities with at least eight different viruses.  Although the Japanese government stated that the attack did not succeed in accessing any important information, the Japanese Ministry of Defense ordered Mitsubishi to have its security audited.  A report in one Japanese newspaper said that a Chinese language script was detected in one of the viruses.  However, it remains unclear where the attacks originated. One security company has revealed that MIH’s servers were connected to 14 overseas sites, including China, Hong Kong, the United States, and India.

Japanese investigators have said that they suspect that these attacks were perpetrated by the same Chinese hacking operations that succeeded in penetrating U.S. and military sites earlier this year.  Back in June, Google, Inc. disclosed that unknown hackers had tried to steal the passwords of hundreds of Gmail account holders, including those of senior U.S. government officials and officials in several Asian countries.  Google claims that it was able to trace the attack on its systems to central China.  News of the attack on Google broke only weeks after the U.S. Department of Homeland Security disclosed a data theft at Lockheed Martin, where hackers broke into the Defense Department’s F-35 fighter program.  The attack compromised a system of the advanced fighter jet that is responsible for diagnosing maintenance problems during flight.  A spokesman for the Defense Department said that the impact on the Pentagon was  “minimal” and that the department didn’t “expect any adverse effect.”  Investigators of the Lockheed Martin attack traced the security breach “with a high level of certainty” to Chinese IP addresses and digital fingerprints.

The growing prominence and severity of global cyber attacks has prompted U.S. lawmakers to demand action from the Obama administration.  At a hearing on October 4, Michigan Rep. Mike Rogers, who chairs the House Intelligence Committee, accused the Chinese government of engaging in a policy of cyber theft that has reached an “intolerable” level.  Rogers said that the U.S. should establish international rules against stealing corporate secrets through cyber attacks.  “I don’t believe that there is a precedent in history for such a massive and sustained intelligence effort by a government to blatantly steal commercial data and intellectual property,” he said.

The Obama administration’s release of its International Strategy on Cyberspace last May marked a divergence from former U.S. policy resisting international efforts to limit military use of cyberspace.  The document states that the U.S. is committed to working with other nations to reduce threats to computer networks by “oppos[ing] those who would seek to disrupt networks and systems, dissuading and deterring malicious actors, and reserving the right to defend these vital national assets as necessary and appropriate.”  Currently, cyber espionage is treated the same under international law as non-cyber espionage; it is legal.  It will be interesting to see if and how the Obama administration reacts to Congressional pressure on this front.

Posted in DJILP Online, DJILP StaffComments (0)

University of Denver Sturm College of Law