Threat Intelligence, Incident Response, TDR

2 minutes on: The rule of war

The stuff of headlines around the world, cyber warfare undoubtedly is a trending term. However, as nations engage with one another in shadowy conflicts taking place in the digital sphere, experts are questioning whether treaties and rules that were created for kinetic fighting apply to a new era of combat.

Those questions only have intensified following the release by Mandiant, an Alexandria, Va.-based incident response and forensic security firm, of a 60-page report revealing the tactics of a Chinese military unit that remotely stole sensitive data from U.S. organizations. While those actions reportedly were done for spying purposes, there have been real examples of cyber conflict, such as the U.S. and Israel-created Stuxnet worm, which targeted Iranian nuclear facilities, and the 2007 suspected Russian-led DDoS attacks on Estonia.

Still, there are no specific guidelines that dictate international operating norms in cyber warfare, aside from the Geneva Conventions and the International Committee of the Red Cross, which minimally address these clashes. But now, a group of independent experts has taken a crack at producing a guiding document.

The Tallinn Manual on the International Law Applicable to Cyber Warfare, a non-binding creed commissioned by NATO's Cooperative Cyber Defence Centre of Excellence, attempts to resolve the legal disputes of cyber warfare. Among the many advisements in the 300-page document is a section that indicates there should be a one-on-one response to digital “engagements” so governments can decrease collateral damage. Arguably more controversially is that the manual also approves a physical retaliation to cyber attacks if a state can show proof of death or property destruction.

While many say the study serves as a good starting point, Jason Healey, director of the Cyber Statescraft Initiative at the Atlantic Council, which researches cooperation, competition and conflict in cyber space, said it's “absolutely bizarre” to craft guidelines considering the world has not witnessed a full-fledged cyber war.

John McClurg, the CSO of Dell Global Security and the recent co-host of an Overseas Security Advisory Council (OSAC) conference, went one step further. He said there's a “parallel” between the physical and cyber world when it comes to the “instrumentality of war.” As a result, he said, it would be naïve to think that rules specifically intended for the cyber realm could succeed.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.