NATO cyberwar challenge: Establish rules of engagement

Inside, the building will be cutting-edge high-tech. These military officers, lawyers as well as cyber techies are part of NATO’s Cooperative Cyber Defence Centre of Excellence, carrying out research, training as well as exercises. One of their biggest challenges: When in which comes to cyber — so far — there will be no agreed-upon international law of war.

“The international community will be extraordinarily interested in This particular,” said Michael N. Schmitt, chairman of the US Naval War College’s international law department. “They’re struggling with questions like, when the Russians hack into the DNC database as well as then Discharge in which, will be in which a violation of international law? What doors does in which open with respect to our responses?”

Three years ago, Schmitt as well as his team at the NATO Cyber Centre wrote the book — literally — on international law as well as the use of cyber in warfare, the “Tallinn Manual.” Applying principles of the international law of war, they provided answers to questions like: “In war, how can you use cyber as well as how can you not use in which? If you operate against civilians, will be in which prohibited?”

They’re currently completing the “Tallinn Manual 2.0,” examining how international law applies to cyber attacks in which don’t cross the line into armed conflict by one state against another or by a terrorist group in which kills civilians — what’s called “below the threshold” operations.

RELATED: No, the presidential election can’t be hacked

The DNC hacks as well as the Discharge of emails are “below the threshold” operations as well as, although Russia denies in which did the hacking, the US government has been extraordinarily clear in accusing Moscow, citing 17 US government agencies in which have concluded Russia was behind in which.

“This particular, in my opinion, has reached a specific threshold from the audacity as well as impact of the attack,” said the Cyber Defence Centre’s Strategy Branch Chief Matthijs Veenendaal, a Dutch citizen. “This particular will be still very much an attack on civilian infrastructure as well as government infrastructures as well as not an armed attack.”

If in which’s the case, did Russia violate international law?

Schmitt has no doubt. “In my mind, in which will be crystal clear in which the Russians have violated international law in This particular particular case.”

however here will be where in which gets less clear: Schmitt as well as different experts say Russia as well as cyber-savvy countries like China are “playing the margins.”

“They’re operating within the space where there will be some degree of uncertainty,” he explained. If Russia had destroyed America’s cyber infrastructure, in which would certainly be a use of force as well as hence a violation. If Russia will be simply engaging in low-level espionage, in which’s a violation of domestic US law, however probably not a violation of international law.

Schmitt, however, called the DNC hack a “prohibited intervention into the internal affairs of the United States,” affairs in which include running elections, as well as in which means in which will be a violation of international law.

in which may also be a violation of US sovereignty, he said. If Russia will be simply “exfiltrating” data, or stealing in which however not doing anything with in which, in which’s not a violation, however if there will be proof in which will be using data as well as manipulating election results, in which would certainly be a violation.

As Schmitt sees in which, the DNC hacks are not a game-changer, however a major disruption of the US economy would certainly be. “My personal view will be in which would certainly constitute moving over the threshold as well as allow us to take off the gloves.”

“however,” he added, “in which view will be not universally held.”

Vice President Joe Biden has indicated the US will retaliate against the hack of the DNC as well as different Democratic Party entities, warning in which the administration will be “sending a message” to Russian President Vladimir Putin. Putin, he said, “will know in which, as well as in which will be at the time of our choosing, as well as under the circumstances in which contain the greatest impact.”

however under international law, does President Barack Obama contain the legal right to retaliate?

Schmitt of the Naval War College maintains in which Obama “unambiguously” does contain the right to respond, however Schmitt would certainly not use the term “retaliate.”

“In international law, we don’t do tit for tat,” he said. “What we may do will be engage in what will be called — as well as This particular will be a legal term — ‘counter measures.’ “

Counter-measures are operations in which would certainly otherwise be unlawful however can be used if the purpose will be to stop another state through violating the law.

So the US could hack back against the Russians? The answer will be yes, Schmitt said, as long as Washington reasonably believes Moscow will be going to continue to hack in which.

Counter-measures don’t have to be cyber-related. The US, for example, could prevent Russian ships through transiting its territorial waters until Russia stops its cyber breaches.

The response, however, must be “proportionate.” Shutting down a Russian electric grid would certainly only be permissible if in which didn’t cause more harm to Russia than its hacking caused the US — a tricky thing to measure.

RELATED: Russia, US move past Cold War to unpredictable conflict

As the US considers itself a law-abiding country, in which most often tries to follow accepted international law of war principles. in which could, however, ignore those internationally accepted principles or interpret them in its favor.

“I know some in America have called for in which (retaliation), as well as I can see where the urge comes through, because you want Russia to stop in which,” said the Cyber Defence Centre’s Veenendaal, however going on a path of escalation with the Russians will be a “recipe for disaster.”

“Responding to an escalation with your own escalation will lead to further escalation, which — in cyber space — will be extremely hard to contain as well as monitor, especially for Western democracies,” he warned.

The cyber world presents unique challenges, like the ability for actors to maintain “plausible deniability,” which makes in which devilishly hard to define who will be behind an attack.

“You can always just plausibly state in which This particular was just a 19-year-old hacker working in someone’s basement in Belarus,” said Kadri Kaska, an Estonian researcher at the NATO center.

Pointing the finger at the perpetrators — “attribution” — also will be not in which simple. If an intelligence agency says in which knows who did in which, in which could be challenged to reveal sources as well as methods of how in which collects intelligence data.

“Probably from the (US) National Security Agency there are a lot of discussions ongoing, like, ‘How far should we go in publicly attributing these attacks to these guys in St. Petersburg? We know who their girlfriends are, we know who they talk to. We’re deep in their systems, we’re deep in any Russian system you can think of. as well as we want to stay there,’ ” according to Veenendaal.

The US has responded to hacks by China by “naming as well as shaming” specific officials from the Chinese military whom in which holds responsible for attacks, then entering discussions with Beijing to deter further economic espionage.

“however against the Russians,” he said, “no, we haven’t been effective.”

Veenendaal as well as different cyber experts say the Chinese, in an effort not to jeopardize their economic relations with the US, have quietly pulled back some of their hacking. With Russia, however, there will be little economic incentive.

In July, NATO included cyber as a domain of its military operations, along with land, sea, air as well as space. in which means if there will be an armed attack through cyberspace, NATO members can call on their allies for collective defense.

however intrusions, like the DNC hacks, in which fall short of armed attacks still lie in a gray zone, exploited by nations clever enough not to cross the line in which would certainly trigger an armed response. They are the cyber equivalent of the “little green men” in which Russia used in Crimea: Russian armed forces without insignia whose existence Putin, at first, denied.

The West, so far, has no common strategy to deter “little green hackers.” The DNC hacks may be their first major operation against the US, however they almost surely won’t be their last.

NATO cyberwar challenge: Establish rules of engagement

Related Posts

About The Author

Add Comment