1USA CCoE & FT Gordon UMT: World Class Religious Support!

AFCEA TECHNET:

“The Ethics ofCyberspace Warfare”

CH (COL) Timothy S. Mallard, Ph.D.27 August 2015

Augusta, GA//UNCLASS//

2USA CCoE & FT Gordon UMT: World Class Religious Support!

• Context Review

• Reviewing the Just War Construct

• Case Studies: PLA Unit 61398, APT 28, Bureau 121

• Trends and the Way Ahead

• Question and Answer

• Summary

Agenda

3USA CCoE & FT Gordon UMT: World Class Religious Support!

Attack – An offensive task that destroys or defeats enemy forces, seizes and secures terrain, or both. (ADRP 3-90) See also defeat, deliberate attack, demonstration, destroy; feint, offensive operations, raid, secure, seize, spoiling attack. (ADRP 1-02, 2 FEB 2015)

Attack the Network Operations — Lethal and nonlethal actions and operations against networks conducted continuously and simultaneously at multiple levels (tactical, operational, and strategic) that capitalize on or create key vulnerabilities and disrupt activities to eliminate the enemy’s ability to function in order to enable success of the operation or campaign. Also called AtN operations. (JP 3-15.1 as per JP 1-02, 8 NOV 2010)

Complex Catastrophe — Any natural or man-made incident, including cyberspace attack,power grid failure, and terrorism, which results in cascading failures of multiple,interdependent, critical, life-sustaining infrastructure sectors and caused extraordinarylevels of mass casualties, damage, or disruption severely affecting the population,environment, economy, public health, national morale, response efforts, and/orgovernment functions. (DepSecDef Memo OSD001185-13 as per JP 1-02, 8 NOV 2010)

Cyberspace Superiority — The degree of dominance in cyberspace by one force that permits the secure, reliable conduct of operations by that force, and its related land, air, maritime, and space forces at a given time and place without prohibitive interference by anadversary. (JP 3-12 as per JP 1-02, 8 NOV 2010)

Context—Definitions

4USA CCoE & FT Gordon UMT: World Class Religious Support!

Context

The Need for Ethically-trained Cyberspace Warriors:

“…the increasingly blurry lines between cyber criminal and APT tools and tactics further muddies questions of actor intent and the potential fallout. Chalk it up to attackers’ denial and deception, uneven law enforcement, and Byzantine ties between corrupt government agents and the criminal underground.

In this hazy state of affairs, unraveling attackers’ intents and motives can guide your response. Case in point: the Russia-based threat groupcollecting intelligence for a sponsor government is deploying crimeware tools that give it remote access to elements of U.S. critical infrastructure.The group may use common crimeware, but treating these attacks as a run-of-the-mill cyber crime would be a mistake.”

M-Trends 2015 Threat ReportPg. 22

5USA CCoE & FT Gordon UMT: World Class Religious Support!

Seven Basic Criteria:

• Just Cause• Right Authority• Public Declaration• Right Intent• Proportional Means• Last Resort• Reasonable Hope of Success

• NOTE: Additional Four Contemporary Criteria—Non-combatant Immunity; Use of Minimum Force Necessary; Ethical Treatment of E.P.W.s; Prohibition Against Inhumane Means or Tactics

1. Saint Augustine, City of God, ed. Etienne Gibson and trans. Gerald G. Walsh, et. al. (New York: Image Books, 1958), 327-328, 446-447, and 452-453.2. Saint Thomas Aquinas, “Summa Theologiae IIaIIae,” in R.W. Dyson, ed., Aquinas: Political Writings (Cambridge: University Press, 2002), 241. 3. Martin Cook, “Ethical Issues in War: An Overview,” in The U.S. Army War College Guide to National Security Issues, Vol. II: National Security Policy and Strategy, ed. J. Boone Bartholomees, 217-227 (Carlisle, PA: Strategic Studies Institute, 2012).4. Hugo Grotius, On the Law of War and Peace (Whitefish, MT: Kessinger Publishing, 2004), Book III, Chs. 1-22.5. James T. Bretzke, SJ, Handbook of Roman Catholic Moral Terms (Washington, DC: Georgetown University Press, 2013), 127.

The Just War Tradition

6USA CCoE & FT Gordon UMT: World Class Religious Support!

Case StudiesSome Considerations:

• A Cyberspace Event Occurred But Is It An Attack? Is that Attack then also an Act of War?

• Is This a State-on-State or a Sub-State Attack (vice Cyber Crime, Espionage, etc.)?

• Is This Covert or Overt (a Public Declaration)?• What Is the Intent or Purpose of the Attack (e.g. Does the

Event Constitute a Complex Catastrophe?)• What is a Proportional Response?• Is That Response a Last Resort?• Does the Response Offer a Reasonable Hope of Success

(e.g. status quo ante or return to peace)?

• NOTE: Additional Four Contemporary Criteria—Non-combatant Immunity; Use of Minimum Force Necessary; Ethical Treatment of E.P.W.s; Prohibition Against Inhumane Means or Tactics

7USA CCoE & FT Gordon UMT: World Class Religious Support!

Trends and Possibilities:

• JWT Provides an Analytical Framework for Guiding Conduct of Cyberspace Warfare

• State-on-State is the Future but Sub-state Actors Will Remain the Most Immediately Dangerous

• Values + Interests + Aims Will Guide National Actions• Coalition Partners Must Work to Understand Applicable National Laws,

Authorities, Interests, and ROE• International Cyberspace Warfare Coalitions: Allied Cooperation Agreements

(EX: Australia, India, and ROK)• ICANN Will Remain Neutral but Certain Nations will Augur for State-Controlled

Internet (EX: PRC, Turkey, Russia, etc.)• Response Threshold: Cyber Attack w/Lethal Effects (Tactical, Operational, or

Strategic in Nature)• Seams: 1.) Cyber Attack Combined w/CBRNE and/or; 2.) Trans-state Cyber

Alliances (EX: PLA + PDRK + RUS)• Critical Question Will Remain: What is Our (Or Our Enemy’s) Endstate?

The Way Ahead

8USA CCoE & FT Gordon UMT: World Class Religious Support!

Professional Discussion

Question and Answer

9USA CCoE & FT Gordon UMT: World Class Religious Support!

Summary

RE Bureau 121:

“Earlier this year, South Korea's Hydro & Nuclear Power Company suffered a mass data breach, with hackers demanding money to prevent further leaks. South Korea again pointed the finger at Pyongyang, although others noted that asking for a ransom wasn't typical of North Korea's approach in other attributed attacks.

Prof Kim (Heung-Kwang) told me that Bureau 121 is looking to emulate Stuxnet, an attack on Iran, reportedly originating from the US and Israel, that was successful in damaging nuclear centrifuges. Doing so would be a major escalation in North Korea's capability - moving from attacking computer networks to instead harming infrastructure.”

David Lee, BBC Online29 May 2015http://www.bbc.com/news/technology-32925503