In your opinion, how far are we from a international consensus as to what constitutes an act of cyber warfare and what issues do you predict will be the major stumbling blocks on the road to such an agreement?
There have been various incidents that could be described as acts of cyber warfare.
The Cyber-attacks against Estonian systems in starting in April 2006 with data-flooding attacks on key government websites, culminating on a coordinated Distributed Denial of Service (DDoS) attacks on key government, financial and media sites in May 2006 certainly would fall under this category.
In terms of what constitutes an act of cyber warfare, I would have to refer this to international lawyers and powers such the United Nations. There has been enough debate around what constitutes an act of war in convention terms e.g. Iraq Like the definition of "war" itself, the term "cyber war" is complex. The most basic definition is that cyber war simply entails waging war through digital, technological means. According to the Institute for Advanced Study of Information Warfare (ASIW), they have defined cyber as "the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, and adversary's information, information-based processes, information systems, and computer-based networks while protecting one's own.
A country will have to be extremely careful when it comes to attributing attacks to a source, because the cyber world is eminently suitable for misdirection and subterfuge, and traces left by attackers are not obvious to the greater public. Do you think there will be a need for some kind of international court or body that will have final ruling on who's to blame for attacks and breaches that cross the line between cyberterrorism and cyber espionage and cyber warfare?
In the example above, the Estonian defence authorities traced the sources of the attacks to Russian IP addresses. However the Russian authorities were unable provide details on the individuals owning these IP addresses stating that they had no legal powers to do so, apparently stating that these acts were not illegal in Russia at that time.
Organization such as The Internet Governance Forum (IGF) have been doing some excellent work in areas such as:
- The definition of security threats, international security cooperation, including such issues as cybercrime, cyber terrorism and cyber warfare.
- The relationship between national implementation and international cooperation.
- Cooperation across national boundaries, taking into account different legal policies on privacy, combating crime and security.
- The role of all stakeholders in the implementation of security measures, including security in relation to behavior and uses.
- Security of internet resources.
It is in the interest of national security and law enforcement organizations to work together with major Internet providers such as Google to combat all forms of e-crime to make the Internet as safer place to work and play. Users have a choice when signing up to use such services and should read privacy and service level contractual terms if they have any concerns. I would expect other Internet service providers and products vendors to follow.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.