Cyber ROE

Discussion in 'Current Affairs' started by trelawney126, Feb 3, 2011.

Welcome to the Navy Net aka Rum Ration

The UK's largest and busiest UNofficial RN website.

The heart of the site is the forum area, including:

  1. wave_dodger

    wave_dodger War Hero Book Reviewer

    Interesting topic, largely because the Laws of Armed Conflict need to be considered because effective Defense should be proactive and hence in orderto be fully proactive and seeking to counter a wide range of risk/attack vectors you really need to be "doing stuff" proactively and some of that "stuff" may not be in your own backyard and technically that could be inferred/misconstrued as an aggressive act, perhaps even an act of war.

    And then there is the NATO constitution, an act of aggression against a member state is considered to be an act of aggression against NATO. So if a threat actor was to, lets say conduct CNO against Georgia or Turkey, do we now think NATO should respond - and how?

    Which brings me to another hobby horse, how do you know and prove who was actually behind the CNO that have just been conducted? Lots of States have the capability (at varying degrees of maturity), if they are that good would we be able to fingerprint their involvement, could they not simply sponsor a terrorist proxy, or sponsor a talented individual who is willing to work for money?

    Really interesting area.
     
  2. I call 'House' on that particular game of Security buzzword bingo. Do I have to proceed to the doughnut to collect my prize? :)

    You could also throw into the mix attacks against CNI, many of which do not reside in the normal area of 'hostile act'. Banks, power, water, transport and comms infrastructure are all potential targets. At what point does it cease to be a DoS and become an act of war? 500lb LGB's are such an overt way of indicating displeasure at another country. Stuxnet anyone?

    As an aside WD. If you listen carefully you will hear the sound of eyeballs flipping up into sockets and be able to detect the '1000' yard stares slowly appearing on glazed faces. IT Security awareness is a fantastic way to ensure that you never get invited to [email protected] work do's with sales types.
     
  3. I'm afraid that such phrases as "....effective Defense should be proactive ...." and ".... really need to be "doing stuff" proactively and some of that "stuff" may not be in your own backyard and technically that could be inferred/misconstrued as an aggressive act, perhaps even an act of war ...." merely shows how worn down by US politcal expediency some peoples' views have become.

    Many US acts ARE illegal and ARE acts of war. They merely hide behind the smokescreen of their rather weird ideas on international law and the fact that they are the biggest bully around. It is interesting to compare their views from the 70s/early 80s to their present ones. According to the US way of thinking, the UK would have been quite within its rights to drop bombs on IRA funding sites in US cities and any deaths would be quite justified whether associated with the IRA or not !

    One really must try to remember that laws apply to everyone, and that third-world people do have the same rights as everyone else.

    .

    The British government (ignoring Blair's supine position on Iraq) still manages to actually adhere to most of its legal obligations. And British armed forces are still expected to adhere to the law, not expediency.

    .
     
  4. @Pg55555
    OK, interesting I take it you are not a fan of our colonial cousins.

    I also take it you did not read the article.

    If you had have done you would have noticed the fact that it was a conference delivered by a joint US/Russian group. Reading further down (rather than skimming) you would have also seen the comment from the UK reps along the lines that current regs are OK just need a bit of tweaking to keep up with the times.

    You might want to return the outrage bus to the Guardian readers garage and actually wait for something to come out of the conference that may actually be implemented. I am sure that if anything is suggested that is remotely controversial by our colonial cousins then you will be back revving the engine and attempting to muster the great unwashed in Parliament Square to protest 'peacefully'.

    That is of course if the Black helicopters are not hovering overhead and jamming your SMS/email connectivity........................
     
  5. wave_dodger

    wave_dodger War Hero Book Reviewer

    There's nothing remotely geeky/techie in my OP, it's all common sense and relevant to last nights segement on trying to establish whether or not they could realistically apply a Geneva Convention type construct to "Cyber". Can't see too many people going tilt with that.

    I leave the Sy awareness evangelism to the sandal and beard brigade in the shiny suits toting their CISSP manuals.
     
  6. Jesus "My head hurts"!!!
     


  7. Why do you make such silly statements and ignore the actual post ?

    The fact is that the US's attitude is NOT in line with international law and WOULD mean that we would have been justified in bombing US cities re. the IRA.

    It is stupid to run and hide behind name calling (Guardian reading and conspiracy theories) instead of actually looking at the facts.

    The law is not something which is meant to be bent for the convieience of the rich and powerful.

    Just try keeping on the subject instead of playing to the (non-existent) gallery.

    .
     
  8. wave_dodger

    wave_dodger War Hero Book Reviewer

    I'm quite amazed you think that, would you care to enlighten me on how you think my views have been driven by US political expediancy?

    Crikey, you have some axe to grind, but I'm not sure where any of it really has any relevance, nor adds anything to the OP context?

    Your post does come across as a rather neurotic diatribe.
     
  9. wave_dodger

    wave_dodger War Hero Book Reviewer

    Why have you subverted the thread and turned a possibly interesting discussion on the ROE for "Cyber" operations into a frankly past-it-sell-by-date discourse on your view of US policy?
     
  10. Wave dodger,

    Again, trying to hide from the issue by using phrases as "neurotic diatribe" and "past-it-sell-by-date" for what is, in fact, the official Uk position.

    On an actual matter of substance, the "political expediency" comes about by your esposal of internationally illegal methods which are condoned and carried out by the US, but not the UK.
     
  11. Wave Dodger you have a PM

    PG55555, You really do have a bee in your bonnet about those nasty American cyber warriors don't you.
     
  12. There is very little "International Law", and you'll note that the US very very rarely sign up to conventions that may limit their freedom of action. If you don't like this, become a US Congressmen, and overturn a political tradition that has existed since 1783...

    As for RoE, I would suggest that the JEMS process, if applied properly, may go some way to mitigating the effects.
     
  13. wave_dodger

    wave_dodger War Hero Book Reviewer

    Errm ok, so as you clearly read a different post to the one I typed I'll repeat it, just for you:

    "Interesting topic, largely because the Laws of Armed Conflict need to be considered because effective Defense should be proactive and hence in orderto be fully proactive and seeking to counter a wide range of risk/attack vectors you really need to be "doing stuff" proactively and some of that "stuff" may not be in your own backyard and technically that could be inferred/misconstrued as an aggressive act, perhaps even an act of war.

    And then there is the NATO constitution, an act of aggression against a member state is considered to be an act of aggression against NATO. So if a threat actor was to, lets say conduct CNO against Georgia or Turkey, do we now think NATO should respond - and how?

    Which brings me to another hobby horse, how do you know and prove who was actually behind the CNO that have just been conducted? Lots of States have the capability (at varying degrees of maturity), if they are that good would we be able to fingerprint their involvement, could they not simply sponsor a terrorist proxy, or sponsor a talented individual who is willing to work for money?

    Really interesting area. "

    Now in which part do you see me espousing (thats the better spelling) any illegal methods (conducted unintentionally [thats another word I'd use] or otherwise), and where do I mention the US?


    Nope, didn't think so. You read what you wanted to read. As for the UK position I hazard a guess that you're not really in a position to comment on that.

    The one thing I've noticed since the SDSR and since the announcement of "cyber" and emerging developments there are an enormous amount of people who are jumping on the bandwagon claiming to know something about it when in reality they actually know stuff all and just obfuscate the arguments and debates with ill-informed, out of date, tabloid opinion. You my friend would appear to fall into this category.

    Nothing wrong with tabloids mind you, entertainment at breakast.

    Anyway, you have piqued my curiosity:

    What are these mysterious methods? Why are they illegal? Who in the US conducts these [Cyber] operations? Do the UK not do the same? Why do you think that?

    Careful, Google too much and they'll come looking for you:hiding:
     
    Last edited: Feb 4, 2011

  14. Because you wrote :

    “…………..because effective Defense should be proactive and hence in order to be fully proactive and seeking to counter a wide range of risk/attack vectors you really need to be "doing stuff" proactively and some of that "stuff" may not be in your own backyard and technically that could be inferred/misconstrued as an aggressive act, perhaps even an act of war. …..”

    This is not just technically an act of war, but is regarded as an act of war by the UK government. The only “civilised” government which believes otherwise is the US (as summarised by “Alfred-the-great” they propose the legal fiction that there is very little, if any, International Law – an attitude not taken by other countries including the UK).

    That is why I have posted challenging you and noting the US influence.

    .
     
  15. Seaweed

    Seaweed War Hero Book Reviewer

    Like the stupid limitations on landmines which major landmine players have not signed up to, 'Cyber RoE' will merely hobble the UK. Russia, China and a lot of other states will continue to go their own sweet way, but some may work a teensy bit harder to ensure their acts are deniable.
     
  16. Having been in a PM exchange with WD I now know his understanding of this matter, and hopefully he knows mine after the reply sent.

    PG555555 you on the other hand seem to have a grasp of the legalities surrounding conventional warfare. You miss the point here where a joint US/RUSSIAN team have expounded a view on the requirement for updated or changed ROE to deal with modern non-conventional threats. You have latched onto the fact it is the nasty Americans again playing the world bully.
    The UK has expressed its view that the rules appear, on balance, to be adequate but need refining.

    You cite the international laws about crossing national boundaries with a military force to engage in hostile acts upon the physical infrastructure of a sovereign state. This conventional warfare is so last century! The whole point of this meeting is that a group has identified and made public the issues surrounding Cyber warfare. By its nature normal national boundaries do not apply in this instance. The web is everywhere.

    How do you redefine a sovereign states inherent right to self defence where, in an electronic act of self defence, reacting to a identified and active threat, it chooses to defend itself in a similar way;
    It physically cuts a major node of the internet severing the attackers primary attack route
    It reacts in such a way it attempts to 'bring down' the attacking countries ability to wage Cyber warfare electronically.
    It takes down an element of the internal infrastructure of the country where the attack originates from such as telecoms, power or such like?

    These could be considered acts of war in a conventional sense, however when viewed within the cyber realm it is a legitimate defensive act.
    Under conventional ROE and international law there is no theoretical inherent right to self defence in Cyber space, you remain purely reactive. You remain reactive in electronic terms and you are accepting the loss of a service or at minimum its severe degradation.

    'Joined up Government' is a statement used and loved by our politicians. The days where government departments can function in isolation are rapidly being left behind, the problem is it is not just Government that is in this state, take a look at Home to see how everything is linked. As we move forward this will become more and more essential. Its not just us that are realising it, the Americans, Chinese, Russians other counties and various terrorist and criminal groups are coming to realise this (or more accurately have realised it).

    Where IT security is concerned there is no such thing as an entirely secure system, if it has connections it is vulnerable. The connections may not be directly obvious, in fact they may not even be physically connected. Example could you bring down the financial sector in a country by isolating the power grid at a crucial time? Another example could you take down a specific areas telecoms to cause disruption while a major criminal or terrorist act is taking place?

    This is where this conference is coming from, and as WD has pointed out it raises some interesting questions. It is not a simple of matter of the developed world picking on the third world or the Americans throwing their weight around. To be honest the Americans, Chinese and Russians will always choose to give international law the finger if they think it is in their interest. We (the UK) would if we were in the big boys club still, but those days are long gone.

    'One really must try to remember that laws apply to everyone, and that third-world people do have the same rights as everyone else.' and ;
    'The law is not something which is meant to be bent for the convenience of the rich and powerful
    .'

    The above quotes are from your posts and studiously avoid the fact that Cyber warfare means that small countries not in the big boys league now have a potential ability, through easily obtained and learnt technology, to punch well above their weight. Should we not be prepared and able to defend ourselves in such an event?
     
    Last edited: Feb 5, 2011
  17. Security geek,

    I don't disagree with much of your post, but there are lots more areas to cover between what could be regarded as EQUIVALENT to peace time "teasing" or "sabre-rattling" or diplomatic mis-behaviour through to illegal but regarded as normal/acceptable activities such as spying, through to full scale EQUIVALENTS to acts of war. All those activities can be ignored or can give rise to grave circumstances.

    I objected to the original post because of the seeming blase acceptance of the US's rather idiosyncratic views of International Law. Other than that the idea behind the conference is fascinating, but anything coming out of it must be taken with the normal cynical pinch-of-salt as with anything else when the major powers find agreement.

    The idea that crossing borders warfare is "so last century" is unfortunate considering the also current debates on "cyber" (in another context I'm afraid) rules for drones (typical mixing of neologisms).

    And, of course, we are all tip-toeing around the totally unconfirmed rumours concerning the worm attack on Iranian centriguge facilities.

    As for your highlighting the word "Russian" - it is to be noted that the Russians have eagerly adopted US rhetoric when announcing actions against their problems with "terrorists".

    .
     
  18. wave_dodger

    wave_dodger War Hero Book Reviewer

    You've still not been able to show where that is in my post!


    If you haven't got anything of value add to the thread take your political views and stick them in Diamond Li'ls or somewhere equally useful.
     
  19. wave_dodger

    wave_dodger War Hero Book Reviewer

    Let's be straight here, this paragraph you have written is utter, unqualified, drivel! "This is not just technically an act of war, but is regarded as an act of war by the UK government"; and how do you arrive at that. The whole point of the debate is in legal terms no-one has actually been able to work this out yet.

    You haven't noted any US influence, because there isn't any - all you have highlighted is your lack of knowledge in this arena and demonstrated you don't like US foreign policy. They must be crying themselves to sleep at night!
     

Share This Page