The law of Cyber-Warfare | Stuxnet change the face of warfare

When someone is in your network your at war – when someone steal your identity your at war, when someone steals you intellectual property your at war.

Stuxnet change the face of warfare. Cyber warfare is very different from conventional warfare. Missile or aircraft takes time to respond cyber warfare happens in seconds. We live with the UN charter that regulate the actions between states. So if someone launches a distributed denial of service attack, you are not supposed to retaliate with a nuclear missile into an industry complex. It’s issue is one of proportionality.

But what can be done about organized crime and their international cyber operation, – stealing credit card numbers from another country who’s responsibility is it? What do you do about a black hat Chinese or Iranina hackers who have been accused of pirating trade and defense secrets from different countries? And the political aspect of China who is a trading partner, while Iran may be an enemy per say. We are civilized, military targets are permissible under international law, attacks of innocent civilians or non-military targets are prohibited. When a governments goes through a civilian contractors do they lose status as a civilian and become a military target. When a private citizen launches an attack (hack),  what  is the country of origin responsible? Do they arrest them. Look at the current Lulzsec (cyber crewz ) arrest all over the world.

My friend Joel Harding wrote on his blog –

gAtOmAlO sAy's -- i LoVe MiSsEs tO PiEcEs -


What is cyberwar?

What is an attack in cyberspace?

How do the laws of armed conflict apply in cyberspace?

How do conventional laws apply in a virtual world?

Someone posited that anytime someone penetrated their network, that was considered cyberwar.  I disagree, that would be an intrusion.

Someone said by stealing the information in my network, that would be considered cyberwarfare. I disagree, that would be theft of intellectual property or a cyber crime.

Someone claimed  that denying, degrading or destroying data on a network would be cyberwar.  I admitted, that would be bad, but by no stretch of the imagination would one single incident be considered a cyberwar.  Yes, it honestly would depend on the targeted network.  Doing this on the domain would definitely be considered an act of war, whereas at (I made that up) it would probably be a pain in the butt.

But What Mr. Harding fails to understand is that has already been hacked, the CIA was already hacked. So I stand by my remarks – When someone is in your network your at war – when someone steal your identity your at war, when someone steals you intellectual property your at war.

It’s only the response to the act (hack) and the politics and the economics of the actors that make it an actionable matter for the military or a compony or a civilian. Warfare has changed in the last 10 years and cyber warfare is only beginning to show it’s ugly head. The international laws (agree by all) that we have today will need to be a world solution so everyone knows the consequences of starting a war in cyberspace.

My 2© cents – gatoMalo_at_uscyberlabs_dot_com



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: