This article proposes the creation of an international organization modeled after the International Committee of the Red Cross (ICRC) to provide assistance and relief to vulnerable citizens and enterprises affected by serious cyberattacks. Companies that have signed onto the Tech Accord principles would form the core of the organization, thereby filling an important gap in an increasingly volatile geopolitical environment.
Latest in Cyber attack
In February 2018, the German government’s network was attacked. Germany did not specify what kind of information was accessed by the foreign hackers, but it is publicly known that the hackers successfully attacked the IT system of the Ministry of Foreign Affairs.
As Bobby Chesney recently discussed, President Trump on Aug. 15 reportedly substituted a new classified order for a classified Obama-era presidential directive governing the interagency review and decision process for cyber operations.
In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.
Below is a condensed version of the statement I have prepared for my testimony tomorrow before the Senate Armed Services Committee on the international law dimensions of U.S. cyber strategy and policy (link to the hearing is here). The full version, which also includes some extra detail and sourcing in the footnotes, is available here.
In my first post on this subject, I quoted a news story in fedscoop saying that
The development of “loud” offensive cyber tools, [that could be definitively traced to the United States and thus] able to possibly deter future intrusions, represent a “different paradigm shift” from what the agency has used to in the past.
From our friends at CYBERCOM:
NATO recently announced that it will regard cyber as a domain of conflict, joining land, sea, and air as other domains in which conflict may occur. At a press conference on June 14, 2016, NATO Secretary General Jens Stoltenberg said that NATO “will recognize cyberspace as an operational domain, just like air, sea and land. Cyber defence is part of collective defence.
Just how sophisticated are the nations planning and carrying out cyberattacks on electric grids? Very, is the short answer.
Last Tuesday’s Wall Street Journal (November 10, 2015) carried a front-page story titled “Ukraine: Cyberwar’s Hottest Front.” A few weeks earlier, the Journal had carried a related front-page article, “Cyberwar Ignites a New Arms Race” (October 11, 2015) – subtitled “Dozens of countries amass cyberweapons, reconfigure militaries to meet threat.” Militaries and policy-makers around the world have awoken to the fact that cyberwarfare is already a r