Pierluigi Paganini March 21, 2013

Recent explosion of cyber attacks worldwide demonstrating the difficulty to maintain order and stability in the cyberspace, within individual states and among the states themselves. Deterrence strategies adopted by almost all countries are inadequate, cyber warfare need a totally new approach that exceed geopolitical order to mitigate the explosion of cyber threats in the fifth domain.

The absence of roles in the cyber space, even a globally recognized definition of cyber weapon, has caused a cyber arms race, the majority of governments are currently working to improve their cyber capabilities and this is bringing to a fragmentation of the power, cyber warfare is significantly influencing the defense strategies of every governments requesting a review of decisional processes.

A new concept of cyber diplomacy is growing, it is mandatory to work for a global collaboration inter states to prevents that cyber threats will create serious damages to a global economies. The cyber warfare scenario is rapidly evolving and governments must align their strategies working to the definition of a cyber rules globally recognized and accepted.

An International Group of Experts is trying to define this set of rules, formalizing their effort in an handbook that is going to be published later this week. The manual titled “The Tallinn Manual on the International Law Applicable to Cyber Warfare” provides a study on how extant international law norms could be applied to cyber warfare.

NATO Cooperative Cyber ​​Defense Center of Excellence has sustained the drafting of the document, it tries to clarify the position of the states in the cyberspace defining jurisdiction, control and legal responsibilities.

«A State bears international legal responsibility for cyber operation attributable to it and which constitutes a breach of an international obligation.»

The experts provided a legal definition for a concept such as a cyber attack and a cyber weapon, following an abstract from the first draft release:

«A cyber attack is cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects»

The manual provides detailed specification on targets, highlighting the duty of care during attacks on dam, dykes and Nuclear Electrical Generating Stations, and the needs to preserve children, journalists, medical and religious personnel. In cyber warfare, the context is fundamental to introduce the concept of cyber weapons, and experts have approached it defining the ‘Means’ of cyber warfare that are cyber weapons and their associated cyber systems.

Cyber weapons are cyber means of warfare that are by design, use, or intended use, capable of causing either injury to, or death of, persons. The ‘Methods’ of cyber warfare are the cyber tactics, techniques and procedures, by which hostilities are conducted. An example of Means and Methods could be provided referring to a DDoS attack conducted using a Botnet. In this case the botnet is the ‘means’ of cyber warfare while the DDoS attack is the ‘method’.

The handbook  also states two fundamental concepts:

• It is prohibited to employ means or methods of cyber warfare that are of nature to cause superfluous (aggravates suffering without military advantage) or unnecessary suffering.
• Every time the means or methods of cyber war are used it is necessary to conduct a legal review to determine their technical description, nature of targets, effects on targets, precision and scope of intended effects.

“Everyone was seeing the Internet as the `Wild, Wild West,'” U.S. Naval War College Professor. “What they had forgotten is that international law applies to cyberweapons like it applies to any other weapons.” Michael Schmitt, the manual’s editor, declared during an interview :

The document would be an reference as military lawyers worldwide that face with use of cyber tool for warfare purpose. An interesting consideration raised by the document is related to the possibility to identify cyberwar crimes exactly as in ordinary warfare doctrine, to provide an example of a cyberwar crime we can consider the launching of a cyberattack from a neutral nation’s computer network, it is forbidden exactly in the same way happen when hostile armies march through a neutral country’s territory.

New and future conflicts will involve new actors in the geopolitical scenarios such as independent hackers, state sponsored hackers, cyber criminals and cyber terrorists that could influence the delicate balance. The battlefield is changed, the conflicts are primary conduced in virtual and immaterial global network in which concept of time is changed because the offence is instantaneous and unpredictable. Conflicts have asymmetric nature and the element of surprise is crucial causing the need to totally review of concept of deterrence.

Concepts of self-defense and pre-emptive strike are issue debated for a long during the drafting of the manual,  due the immateriality of cyberspace and instantaneity of cyber threats it is not applicable an ordinary military conduct. Discover an actor within internal networks is quite different to find an enemy that violates country borders.

The concept of enemy must be totally reviewed and with him the conditions necessary to its identification.

The manual is a first step of a long journey … but it has an extraordinary importance.

Pierluigi Paganini

(Security Affairs – Cyber warfare)