1. 1
USA CCoE & FT Gordon UMT: World Class Religious Support!
AFCEA TECHNET:
“The Ethics of
Cyberspace Warfare”
CH (COL) Timothy S. Mallard, Ph.D.
27 August 2015
Augusta, GA
//UNCLASS//
2. 2
USA CCoE & FT Gordon UMT: World Class Religious Support!
• Context Review
• Reviewing the Just War Construct
• Case Studies: PLA Unit 61398, APT 28, Bureau 121
• Trends and the Way Ahead
• Question and Answer
• Summary
Agenda
3. 3
USA CCoE & FT Gordon UMT: World Class Religious Support!
Attack – An offensive task that destroys or defeats enemy forces, seizes and secures terrain, or
both. (ADRP 3-90) See also defeat, deliberate attack, demonstration, destroy; feint, offensive
operations, raid, secure, seize, spoiling attack. (ADRP 1-02, 2 FEB 2015)
Attack the Network Operations — Lethal and nonlethal actions and operations against networks
conducted continuously and simultaneously at multiple levels (tactical, operational, and strategic)
that capitalize on or create key vulnerabilities and disrupt activities to eliminate the enemy’s ability
to function in order to enable success of the operation or campaign. Also called AtN operations.
(JP 3-15.1 as per JP 1-02, 8 NOV 2010)
Complex Catastrophe — Any natural or man-made incident, including cyberspace attack,
power grid failure, and terrorism, which results in cascading failures of multiple,
interdependent, critical, life-sustaining infrastructure sectors and caused extraordinary
levels of mass casualties, damage, or disruption severely affecting the population,
environment, economy, public health, national morale, response efforts, and/or
government functions. (DepSecDef Memo OSD001185-13 as per JP 1-02, 8 NOV 2010)
Cyberspace Superiority — The degree of dominance in cyberspace by one force that permits the
secure, reliable conduct of operations by that force, and its related land, air, maritime, and space
forces at a given time and place without prohibitive interference by an
adversary. (JP 3-12 as per JP 1-02, 8 NOV 2010)
Context—Definitions
4. 4
USA CCoE & FT Gordon UMT: World Class Religious Support!
Context
The Need for Ethically-trained Cyberspace Warriors:
“…the increasingly blurry lines between cyber criminal and APT tools and
tactics further muddies questions of actor intent and the potential fallout.
Chalk it up to attackers’ denial and deception, uneven law enforcement,
and Byzantine ties between corrupt government agents and the criminal
underground.
In this hazy state of affairs, unraveling attackers’ intents and motives can
guide your response. Case in point: the Russia-based threat group
collecting intelligence for a sponsor government is deploying crimeware
tools that give it remote access to elements of U.S. critical infrastructure.
The group may use common crimeware, but treating these attacks as a
run-of-the-mill cyber crime would be a mistake.”
M-Trends 2015 Threat Report
Pg. 22
5. 5
USA CCoE & FT Gordon UMT: World Class Religious Support!
Seven Basic Criteria:
• Just Cause
• Right Authority
• Public Declaration
• Right Intent
• Proportional Means
• Last Resort
• Reasonable Hope of Success
• NOTE: Additional Four Contemporary Criteria—Non-combatant Immunity; Use of Minimum Force Necessary; Ethical
Treatment of E.P.W.s; Prohibition Against Inhumane Means or Tactics
1. Saint Augustine, City of God, ed. Etienne Gibson and trans. Gerald G. Walsh, et. al. (New York: Image Books, 1958), 327-328, 446-447, and 452-453.
2. Saint Thomas Aquinas, “Summa Theologiae IIaIIae,” in R.W. Dyson, ed., Aquinas: Political Writings (Cambridge: University Press, 2002), 241.
3. Martin Cook, “Ethical Issues in War: An Overview,” in The U.S. Army War College Guide to National Security Issues, Vol. II: National Security Policy and Strategy, ed. J. Boone Bartholomees, 217-227 (Carlisle, PA: Strategic Studies Institute, 2012).
4. Hugo Grotius, On the Law of War and Peace (Whitefish, MT: Kessinger Publishing, 2004), Book III, Chs. 1-22.
5. James T. Bretzke, SJ, Handbook of Roman Catholic Moral Terms (Washington, DC: Georgetown University Press, 2013), 127.
The Just War Tradition
6. 6
USA CCoE & FT Gordon UMT: World Class Religious Support!
Case Studies
Some Considerations:
• A Cyberspace Event Occurred But Is It An Attack? Is that
Attack then also an Act of War?
• Is This a State-on-State or a Sub-State Attack (vice Cyber
Crime, Espionage, etc.)?
• Is This Covert or Overt (a Public Declaration)?
• What Is the Intent or Purpose of the Attack (e.g. Does the
Event Constitute a Complex Catastrophe?)
• What is a Proportional Response?
• Is That Response a Last Resort?
• Does the Response Offer a Reasonable Hope of Success
(e.g. status quo ante or return to peace)?
• NOTE: Additional Four Contemporary Criteria—Non-combatant Immunity; Use of Minimum Force Necessary; Ethical
Treatment of E.P.W.s; Prohibition Against Inhumane Means or Tactics
7. 7
USA CCoE & FT Gordon UMT: World Class Religious Support!
Trends and Possibilities:
• JWT Provides an Analytical Framework for Guiding Conduct of Cyberspace
Warfare
• State-on-State is the Future but Sub-state Actors Will Remain the Most
Immediately Dangerous
• Values + Interests + Aims Will Guide National Actions
• Coalition Partners Must Work to Understand Applicable National Laws,
Authorities, Interests, and ROE
• International Cyberspace Warfare Coalitions: Allied Cooperation Agreements
(EX: Australia, India, and ROK)
• ICANN Will Remain Neutral but Certain Nations will Augur for State-Controlled
Internet (EX: PRC, Turkey, Russia, etc.)
• Response Threshold: Cyber Attack w/Lethal Effects (Tactical, Operational, or
Strategic in Nature)
• Seams: 1.) Cyber Attack Combined w/CBRNE and/or; 2.) Trans-state Cyber
Alliances (EX: PLA + PDRK + RUS)
• Critical Question Will Remain: What is Our (Or Our Enemy’s) Endstate?
The Way Ahead
8. 8
USA CCoE & FT Gordon UMT: World Class Religious Support!
Professional Discussion
Question and Answer
9. 9
USA CCoE & FT Gordon UMT: World Class Religious Support!
Summary
RE Bureau 121:
“Earlier this year, South Korea's Hydro & Nuclear Power Company suffered
a mass data breach, with hackers demanding money to prevent further
leaks. South Korea again pointed the finger at Pyongyang, although others
noted that asking for a ransom wasn't typical of North Korea's approach in
other attributed attacks.
Prof Kim (Heung-Kwang) told me that Bureau 121 is looking to emulate
Stuxnet, an attack on Iran, reportedly originating from the US and Israel,
that was successful in damaging nuclear centrifuges. Doing so would be a
major escalation in North Korea's capability - moving from attacking
computer networks to instead harming infrastructure.”
David Lee, BBC Online
29 May 2015
http://www.bbc.com/news/technology-32925503