Throughout history wars have been triggered by events. Being at war is a state or condition. To be legal, a war must be declared by a branch of the government entrusted by the Constitution with this power. In the Constitution of the United States, Article I provides Congress the power to declare war. War is defined as a contention by force; or the art of paralyzing the forces of an enemy. An act of war is typically defined as an aggressive act that constitutes a serious challenge or threat to national security, armed conflict, whether or not war has been declared, between two or more nations; or armed conflict between military forces of any origin. This frames the discussions around traditional war. In the physical sense it is easy to define such infractions; enemy troops crossing another countries border, military strikes by missiles or bombs, basically you know it when you see it. What constitutes a serious challenge and a threat to our national security in cyber space? That is much more difficult to define.
In the U.S. Army’s Cyber Operations and Cyber Terrorism Handbook 1.02 I found the following reference to the definition of Cyber Warfare & Terrorism: “the premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or to further social, ideological, religious, political or similar objectives or to intimidate any person in furtherance of such objectives.” This was an excerpt from an article I wrote back in 2003 when the issue of cyber war was in its infancy. While this frames acts of cyber war, in retrospect it does not address a measure of the disruptive acts or provide guidance assess if individual acts, or a collection of acts rise to the level to be considered an act of cyber war.
If a foreign government hacks a sensitive system of another government and accesses security and defense information, is that an act of cyber war? If so, that has already occurred. If a foreign government hacks a sensitive system of another government and places software on the system that collects data and sends it back, is that an act of war? If military personal from a foreign government infiltrates another nation’s networks or systems through the use of counterfeit hardware and monitors communications, is that an act of cyber war? Both are certainly acts of espionage and have already taken place. The factor that will determine if an act or acts of cyber attack rise to the level of an act of war rests in the magnitude of disruption that accompany the acts. Adding to the complexity is the fact that much of our critical infrastructure that are prime targets for cyber attacks are owned or operated by the private sector not the government. This infrastructure in some cases carries military communications, supports civilian emergency services as well business and consumer services. An attack on the infrastructure impacts multiple segments. The question of what constitutes an act of cyber war remains unanswered.
Given that we are in relatively new territory, each individual attack must be examined and the forensic evidence weighed to determine the source of attack. Little physical evidence will ever exist that you can hold up and point to or take a picture of and say “they did this.” Much debate is currently taking place over the legality of cyber warfare tactics and their use. Is a cyber attack on our networks and systems an act of war? Are acts of cyber espionage a violation of international law? It is better we investigate and answer these questions now rather than reacting to cyber events in the heat of the moment when they occur.
– Kevin Coleman
An important discussion and I couldn’t agree more. Not just when to signify the beginning of a war but how does the Judeo-Christian tradition of a Just War fit in?
LOAC, Geneva Convention, etc, etc…
In terms of office water-cooler discussion: This forms the x and y axis of where computer nerds and history/polisci dorks meet.
And God bless everyone who resembles this remark:)
Another question: if the US and say NATO, determined China and/or Russia were waging cyber-war, what would be the political result of a response like cutting off all access to the internet for those countries — perhaps even cutting the lines themselves in a punitive action? Yes, I recognize there would be “leaks”, but the re-routing of traffic would end up with severe bottlenecks paralyzing internet traffic. Would this be considered an overt act of war and what might it esclate to?
Obviously, I’m ignoring US and NATO countries’ business connections…
I would say that any infiltration, regardless of how it’s done, would constitute an act of war if it can be directly linked to loss of human life. If not, it’s simply spycraft, and it will be taken care of outside of the public eye.
>I would say that any infiltration, regardless of how it’s done, would constitute an act of war if it can be directly linked to loss of human life.
So do we launch a major investigation every time the ASIM box goes off? Oh, and what kind of investigation, one handled by DoD or DoJ?
How do we discern the difference between an act of war and a criminal action?
The simple answer is intent.
The formal answer is proof.
Sounds great until we worry about how to implement it.
We have a tough enough time bringing cybercriminals to justice because we require evidence that will stand up in a court of law. How about an international court?
If we respond to what we perceive to be an act of war, we need to provide proof that we were responding and not initiating. I mean, there are a few countries (everyone knows their names so I won’t bother writing it) who routinely probe our networks, taking full advantage of the gray area where our laws and international laws have not clearly defined.
When do we consider something has crossed the line? Where is that line?
So did the hacking of the computers of the Senators’ by the Chinese constitute an act of war? Did the theft of 27 tera bytes of data form DoD in 2007 equate to an act of war?
Based on some of the comments the answer appears to be yes!
So does that mean we are at war?
I was in your presentation at the Disaster Management Conference in Toronto on Monday. I loved it and this site is a great addition to the info you provided!
A very good question & even more confusing in the larger context:
1) 10s of 1000s of troops dead in Korea & Vietnam, 1000s more in Iraq, not 1 declaration of war
2) Israel attacks the Liberty in ’67, US aid to Israel increases
3) North Korea seizes the Pueblo in ’69, they “get a by” on account of the Vietnam War
4) Don’t we all want to forget the events before after the bombing of the Marine barracks in Beirut?
5) The Iraqis attack the Stark in ’87, we go to war against Iran instead
6) It’s too early to talk about the invasion of Iraq with any detachment. Eventually we will be able to.
Before you tell me what is or isn’t a cyber act of war, can you tell me what is the significance of an act of war?
Yes when Chinese openly attack US systems.
When cyber terrorists assult key US systems.
When finances Freeze IE ETF.
Then we are at WAR.
Time to rally the forces.
24/7 war in cyberspace.
Expand AF Cyber Command beyond the AF to the Navy 2nd.
We are at war & it can cost us the economy alone.
Human rights is a given, and laws addressing this internationally, when someone intrudes in some ones computer, to disrupt, crash a computer system with a virus or hacks information, this should be a crime, no country or agency is above this. I was hacked from China, my software traced this, it was done from 3 different locations, this was attached to pictures of merchandise, I was to sell! It took me 3 days for my computer to function normal. The motherboard later crashed!
Why does this article here (as well as most of the posters who comment it) try to make any distinction between
1) “war-like” (“war-triggering”?) computer espionage
and
2) (seemingly) “perfectly acceptable” electronic espionage (Echelon) and human espionage (U.S. Embassy staff) ?
Both are preparation for war. For coherence’s sake, both should be dealt with equally.
Free falling bomb
There are many aspects to espionage and not all are preludes to war, for example, corporate espionage. One company conducting espionage operations on another is not a prelude to war. Espionage and spying goes on continuously and these acts have become so common they are accepted as a norm and not a leading event to war. If we were to say that all espionage is an event leading up to war, then we would have to say we are always at war because of how frequent espionage and spying is today. That was the reason I try to establish a very fine line between the two.
To the poster “Kevin”:
You wrote: “Espionage and spying goes on continuously and these acts have become so common they are accepted as a norm and not a leading event to war.“
I’m sorry, but you just can’t defend such extreme, shocking, cynical realism and pragmatism towards all others and then simultaneously start your own essay with bomb(-ast)ic phrases like:
“What Constitutes an Act of Cyber War? Throughout history wars have been triggered by events. Being at war is a state or condition.”,
etc. etc. . There was also another recent article here on “defensetech-org” that seemed to try to justify U.S. American Airforce strikes against civilian hackers all over the World, imagine!
What’s good for the goose (= the U.S.A.) is good for the gander/s (= Russia, China, any teen skater and his friends hacking into the Pentagon in a Cyber-Caf
To Free falling bomb
I hate to break this news to you but — In testimony before congress High Ranking Government Officials have admitted that 27 tera bytes of DoD data was stolen via hacking from China in 2007. They went on to say that the Pentagon is attacked via cyber hacking 3 million times a day. On average within my corporate clients their systems are attacked over 1250 times a day and finally a government report stated that as many as 40% of computers in the U.S. have been compromised by bots and are part of “BotNets” and that 17% of the DDoS traffic that was used to attack Estonia last year origionated from the U.S
SO with all those acts and no decalared cyber war yet I STAND BY MY STATEMENT
and
WE DO NOT HAVE AN ESTABLISHED SET OF CRITERIA THAT DEFINES AN ACT OF CYBER WAR!
Cyber-war can be defined as a problem caused by a power equal to or more than your government. This problem has to take up more time that can be required to fix it.