Hack Attack Or Whack The Politics Of Imprecision In Cyber Law

NATO has a section of their website with a timeline of the history of cyber-attacks. An intriguing aspect of the list is that many of the events listed are referred to as hacks, without any definitive explanation of why or how they qualify as cyber-attacks. On September 3, 2013, abc NEWS reported that, "U.S. officials confirmed a cyber attack by the Syrian Electronic Army on the Marine Corps recruiting website late Monday in which the pro-Assad collective replaced the normal page with on calling on U.S. servicemen to refuse orders to fight in Syria should they be called." On September 10, 2013, Fox published a story titled, "Hackers Plot 9/11 Cyber Attacks on U.S., Israel." The article explains that "Politically-motivated hackers recently announced a call to arms to Muslim hackers aimed at attacking U.S. and Israeli websites on Wednesday, the 12th anniversary of the September 11 terrorist attacks." The Markey- Waxman report, based on information gathered through a survey containing 15 questions and sent to more than 150 utility companies, found that the electric grid is the target of numerous and daily cyber attacks. "Those events range from phishing emails to malware infections to unfriendly probes." Thus it is all too clear that any cyberintrusion, whether mundane or malicious, from a teenager, a criminal or a nation state, regardless of place of origin, is likely to be described as a cyberattack. However, to a military attorney the term "cyber-attack" actually includes only a small segment of this spectrum of activity. Cyber-attacks must meet certain criteria to justify this designation, i.e., involving damage or destruction to property or injury or death to persons. If we use this definition, arguably, there have only been a handful of actual cyber-attacks that rise to the level of either use of force or armed attack over the past ten years or so. Indeed, some would argue that we have yet to see an actual cyber-attack. I can only think of two examples, that if perpetrated against the United States, would likely be considered either a use of force or armed-attack for cyber purposes: Stuxnet and the Iranian attack on Saudi Aramco. We can arguably use these as baselines for future events - we know it when we see it.

The Journal of Law & Cyber Warfare provides a public peer-reviewed professional forum for the open discussion and education of technology, business, legal, and military professionals concerning the legal issues businesses and governments arising out of cyber attacks or acts of cyber war. The Journal of Law and Cyber Warfare is published twice per year by top legal professionals and scholars from the law, technology, security, and business industries. The views expressed in the Journal of Law and Cyber Warfare are those of the authors and not necessarily of the Journal of Law and Cyber Warfare.

There is little doubt that cyber-space has become the battle space for confrontations. However, to conduct cyber operations, a new armory of weapons needs to be employed. No matter how many, or how sophisticated an aggressor’s kinetic weapons are, they are useless in cyber-space. This book looks at the milieu of the cyber weapons industry, as well as the belligerents who use cyber weapons. It discusses what distinguishes these hardware devices and software programs from computer science in general. It does this by focusing on specific aspects of the topic—contextual issues of why cyber-space is the new battleground, defensive cyber weapons, offensive cyber weapons, dual-use weapons, and the implications these weapons systems have for practice. Contrary to popular opinion, the use of cyber weapons is not limited to nation states; though this is where the bulk of news reporting focuses. The reality is that there isn’t a sector of the political-economy that is immune to cyber skirmishes. So, this book looks at cyber weapons not only by national security agencies and the military, but also by law enforcement, and the business sector—the latter includes administrations termed non-government organisations (NGOs). This book offers study material suitable for a wide-ranging audience—students, professionals, researchers, policy officers, and ICT specialists.

The Finnish Yearbook of International Law aspires to honour and strengthen the Finnish tradition in international legal scholarship. Open to contributions from all over the world and from all persuasions, the Finnish Yearbook stands out as a forum for theoretically informed, high-quality publications on all aspects of public international law, including the international relations law of the European Union. The Finnish Yearbook publishes in-depth articles and shorter notes, commentaries on current developments, book reviews and relevant overviews of Finland's state practice. While firmly grounded in traditional legal scholarship, it is open for new approaches to international law and for work of an interdisciplinary nature. The Finnish Yearbook is published for the Finnish Society of International Law by Hart Publishing. Earlier volumes may be obtained from Martinus Nijhoff, an imprint of Brill Publishers.

In the Digital Age of the twenty-first century, the question is not if you will be targeted, but when. Are you prepared? If not, where does one begin? For an enterprise to be fully prepared for the immanent attack, it must be actively monitoring networks, taking proactive steps to understand and contain attacks, enabling continued operation during an incident, and have a full recovery plan already in place. Cybersecurity expert Ray Rothrock has provided for businesses large and small a must-have resource that highlights: the tactics used by today’s hackers, vulnerabilities lurking in networks, and strategies not just for surviving attacks, but thriving while under assault. Businesses and individuals will understand better the threats they face, be able to identify and address weaknesses, and respond to exploits swiftly and effectively. From data theft to downed servers, from malware to human error, cyber events can be triggered anytime from anywhere around the globe. Digital Resilience provides the resilience-building strategies your business needs to prevail--no matter what strikes.

Cyber Mercenaries explores how and why states use hackers as proxies to project power through cyberspace.

Welcome to the all-new second edition of Navigating the Digital Age. This edition brings together more than 50 leaders and visionaries from business, science, technology, government, aca¬demia, cybersecurity, and law enforce¬ment. Each has contributed an exclusive chapter designed to make us think in depth about the ramifications of this digi-tal world we are creating. Our purpose is to shed light on the vast possibilities that digital technologies present for us, with an emphasis on solving the existential challenge of cybersecurity. An important focus of the book is centered on doing business in the Digital Age-par¬ticularly around the need to foster a mu¬tual understanding between technical and non-technical executives when it comes to the existential issues surrounding cybersecurity. This book has come together in three parts. In Part 1, we focus on the future of threat and risks. Part 2 emphasizes lessons from today's world, and Part 3 is designed to help you ensure you are covered today. Each part has its own flavor and personal¬ity, reflective of its goals and purpose. Part 1 is a bit more futuristic, Part 2 a bit more experiential, and Part 3 a bit more practical. How we work together, learn from our mistakes, deliver a secure and safe digital future-those are the elements that make up the core thinking behind this book. We cannot afford to be complacent. Whether you are a leader in business, government, or education, you should be knowledgeable, diligent, and action-oriented. It is our sincerest hope that this book provides answers, ideas, and inspiration.If we fail on the cybersecurity front, we put all of our hopes and aspirations at risk. So we start this book with a simple proposition: When it comes to cybersecurity, we must succeed.

A world of "smart" devices means the Internet can kill people. We need to act. Now. Everything is a computer. Ovens are computers that make things hot; refrigerators are computers that keep things cold. These computers—from home thermostats to chemical plants—are all online. The Internet, once a virtual abstraction, can now sense and touch the physical world. As we open our lives to this future, often called the Internet of Things, we are beginning to see its enormous potential in ideas like driverless cars, smart cities, and personal agents equipped with their own behavioral algorithms. But every knife cuts two ways. All computers can be hacked. And Internet-connected computers are the most vulnerable. Forget data theft: cutting-edge digital attackers can now crash your car, your pacemaker, and the nation’s power grid. In Click Here to Kill Everybody, renowned expert and best-selling author Bruce Schneier examines the hidden risks of this new reality. After exploring the full implications of a world populated by hyperconnected devices, Schneier reveals the hidden web of technical, political, and market forces that underpin the pervasive insecurities of today. He then offers common-sense choices for companies, governments, and individuals that can allow us to enjoy the benefits of this omnipotent age without falling prey to its vulnerabilities. From principles for a more resilient Internet of Things, to a recipe for sane government regulation and oversight, to a better way to understand a truly new environment, Schneier’s vision is required reading for anyone invested in human flourishing.