What is A Cyberwar?

Welcome! Please comment and leave me a note telling me what you like and what you'd like to see more of. Sign up to my RSS Feed!

Over the past month, quite a lot of people weighed in on the issue of what is, and what is not, a Cyberwar.   Here are some of what was said:

 

Winn Schwartau (yes, it is a real name), the person generally credited in creating the concept back in 1994, defined Information War as:

an electronic conflict in which information is a strategic asset worthy of conquest or destruction.

(Catchy, but I think too limited for today’s possibilities)

 

Another one of my respected colleagues, Bruce Schneier, called it

Warfare in cyberspace.

(I do not agree  about the "in cyberspace" part.  I think the definition needs to be much wider.)

 

The US Army weighs in with this…mouthful of a definition

The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or to further social, ideological, religious, political or similar objectives or to intimidate any person in furtherance of such objectives.

Wow, now in 25 words or less?

 

PC Magazine goes the extra mile by defining it as:

equal to information warfare : Also called "cyberterrorism" and "cyberwarfare," it refers to creating havoc by disrupting the computers that manage stock exchanges, power grids, air traffic control and telecommunications. While the term often deals with attacks against a nation, it may also refer to attacks on organizations and the general public. For example, devastating viruses may be considered information warfare.

(I disagree: one could have an information warfare by dropping leaflets, for example.  Nothing Cyber about that.)

 

The online dictionaries at Webster and at Reference.com:

an assault on electronic communication networks

(I don’t agree:  can an assault on a non-networked device, can be from an electronic device)

 

and Wikipedia calls it

the use of computers and the Internet in conducting warfare in cyberspace.

(Nope.  Same narrow definition)

 

So, I decided to try defining it too:

Cyberwar is the act of ongoing electronic attacks and reprisals carried out by nation-states against others.

Note that I define the players.  I believe that if it is not nation-states, it is not "war".  If it is, for example, terrorist, you could adjust it to call it a cyber guerrilla war, I guess, or Cyberterrorism, but not Cyberwar.

 

What do you think?

 

Permalink

DeliciousStumbleUponDiggTwitterFacebookRedditLinkedIn

Time for a Cyber NonProliferation Treaty?

 

The "news" that Russia and other countries is seeking to create a treaty, and potentially an enforcement agency, to prevent, mitigate and control cybercrime and cyberwars is not that new.

Since at least 1995 Russia has attempted to create a formal framework to control and prevent such activity and  is implying that US resistance to such work is a proof that the US encourages and fosters such attacks and crime.

Nothing can be further from the truth.

While it is certainly understood why a government for a country which is not leading in a specific area – for example here – computer technology, would push other states to put a muzzle on their utilization and in such doing, prevent a perceived benefit from being capitalized on, some may not understand what would cause the US to be against such a move.

Allow me to suggest a few reasons why the notion is both ludicrous and abhorrent to a free society.

 

Firstly, unlike the case when referring to Nuclear and to Chemical nonproliferation, there is nothing to "have" or to "store". In contrast to the need to process, create, and securely store ordnance or dual-use items, where the case is Cyber warfare, any and every computer can be, and sometime is, an "instrument of war". Only in very controlled societies, such as Russia or Iran, can access to computing infrastructure be so restricted as to carefully control who, when, where, and how has access to a desktop.

 

Secondly, the definition of war is far from being universal. Some innocent action, automatically performed by routers, for example, might be seen as "offensive" while some, clearly suspicious in nature, such as network-mapping may have completely civilian reasons and need.

Thirdly, as is the case with nearly all cyber-activity, national borders have no meaning, or very little meaning, in this regard. Who would be the aggressor if the activity resulted from a server owned by a Danish company, hosted in the US, traveling over Japanese-owned bandwidth, and controlled by a Romanian? What laws of war have been broken here?

Fourthly, and despite the fact I expect a disagreement over this point, there is a lack of a definition of what constitutes an attack. Would 100,000 pings be one attack or 100,000? Would one attack by 50,000 zombies be one action or 50,000? What if those 50,000 were in 12 different countries? What if they were controlled by an individual from the victim country itself? Would that still be "war"?

The next point is something that can be, and indeed has, been defined successfully Russia demands that we would

…ban a country from secretly embedding malicious codes or circuitry that could be later activated from afar in the event of war.

As I said, this is not new. For over forty years, Dr. Colonel Roger Schell (USAF, Retired) has called for the use of more secure (up to A1 classified) systems in order to counter the threat of Subversion. Dr. Schell certainly knows what he is talking about, and has seen instances of other countries sponsoring such subversion activities – in code or hardware – in devices used in the US. For a country such as Russia, and to a lesser extent, the US, reliance on imported circuitry is de rigueur. The only reason that the US is less reliant on such technologies is that the US military has a specific rule disallowing the use of certain items and code in many sensitive systems. While Russia has similar rules, its industrial base has not fully been able to provide 100% answer to the in-county manufacturing of all needed circuitry, so far. This fact has caused Russia, which is certainly top-notch in its mathematical thinking capacity, to be more dependant on circuitry made elsewhere for some of its critical systems – especially those that have dual-use, i.e. not just military, purpose – such as SCADA networks throughout the country.

Russia is indeed speaking out of both sides of its mouth when it argues that the European convention of cybercrime allows investigation into a case without first informing local authorities – while all the while demanding such super-sovereign ideas be included in a global treaty.

 

Let’s face it. Cyber activity is the reason why 1984 – like scenarios do not work. I am proud to live in a country that understands that the Internet is a Genie which can not be re-bottled.

 


Permalink