International Agreement for Control of Cyber Weapons

Tag: Hacking

Cyber Arms Control and the Middle East

The current situation in the Middle East is a disaster.  Yesterday, Turkey shot down a Russian SU-24M fighter aircraft flying over Northern Syria near the Turkish border.  Although the Turkish and Russian militaries had set up a “hot line” to handle any crisis or emergency, the Turkish side never bothered to contact the Russians.

Supposedly, the Russian aircraft flew into Turkish air space, but inspection of the radar outputs published by Turkey indicate that the amount of time flying inside Turkey could not have been more than a minute, possibly only half a minute or less.

When the aircraft was shot down, it was already back in Syrian air space, which means that the Turks shot their missiles from Turkey into Syria.

The Turks said that they had warned the Russian pilots for at least ten times over a period of 5 minutes.  At those speeds, this means that the Russian pilots were warned about Turkish air space when they were still in Syria, and heading towards Turkish territory.

The Russian pilot who survived the attack reported that no communication from the Turks had been received.

Originally there were two pilots in the SU-24.  Shortly after the aircraft was hit, they pushed the emergency escape buttons, to eject in their seats and parachute to safety.  On their way down, at a time when they could not possibly do any harm to anyone, Turkomen persons started firing on them with machine guns, killing one of the Russian pilots.

To add insult to injury, when two rescue helicopters were dispatched from nearby Russian ships to rescue the pilots, one was shot down, and yet another soldier or more were killed.

After the incident, the Turks rather than contacting Russia, instead went directly to NATO with a complaint, demanding support as part of the mutual defense treaty.  Military analysts in the United States are saying that this was an ambush by Turkey against the Russians.

Some are worried that this may lead to a third world war.  It is a horrible situation.  Fascinating as it may be, this blog is no place to examine the complex realities of the Middle East, Syria, Iraq, Iran, Turkey, Russia, the United States, and all the other players there.

Cyber War in the Middle East Now

The list of cyber weapons that are being used now in the Middle East and across the world is very large.  We can name only a few, and without doubt could not list them all, even if there were inclination or time.

Electronic Battlefield. The United States is operating a gigantic information battlefield in which soldiers or special forces on the ground in Syria and Iraq are receiving more or less real time information from a variety of intelligence sources, including real time information from drones and satellites.  For every American soldier in the battlefield hell of ISIS, there are satellites overhead looking out for them.  These in effect are teams of persons at various US dark sites around the world. Constantly on duty, they monitor US troop movements are look ahead so as to be able to warn of danger.

Social Media War. ISIS has mastered the use of social media to recruit “sleeper” agents inside Western countries.  The recruits go through three phases:  First, there is general curiosity about propaganda available online.  Second, they make an initial contact with a recruiter for the Islamic State.  Sometimes this recruitment period goes on for a long time.  Some persons in the United States have even received gifts of candy and books.  In the third phase, the recruited agent goes over to the dark web, which means that all of their communications are encrypted, and this makes it impossible for the intelligence communities around the world to read what they are doing.  It is during this phase that the sleeper agent is given specific instructions regarding what they are next to do.

Hacking War. Every day the United States receives more than 100,000 attacks from overseas.  These attacks are aimed at either destroying or stealing important information.  Most attacks come from Russia, China, North Korea, and Iran.  These attacks are monitored by the NSA Cyber Command, but it is difficult to keep up with all of the attacks, as many of them are automated.

It often is noted that even now adversaries have the ability to shut down or disrupt the US transportation system, the electricity grid, and financial institutions.  This merely compliments the constant virus and denial-of-service attacks that constantly flood the Internet.

The Internet is one of the greatest advantages of the US economy, but also it is a great factor of weakness.

Prospects for Arms Control

For the time being, the prospects for cyber arms control are not good.  Countries are too busy engaging in the growing war against ISIS, and in defending their own national interests.  Second, the cyber arms race is a time in which countries are working very hard to develop their capabilities.  Countries would rather develop their capabilities, than cut these efforts short by working on a treaty.

For the time being, the US is a global intelligence and cyber superpower, but no one knows how long that situation can last.




The Rules of Self-Defense in Cyber War

Much effort has been focused on understanding how the rules of war change in a cyber environment. For example, one of the key elements of self defense is the notification that the other party has made the first strike. One immediate complication from cyber war is that most often it is not possible to determine who exactly made the attack. If it is not possible to determine the source of an attack, then it is problematical to consider self-defense.

Another challenge concerns the relationship between government and hackers. If, for example, the hacking against country A is done by a group of citizens in country B, then it is not clear how one can establish a relationship between the hackers and the government. If it is not possible to determine this relationship, then it is not possible to place the blame for the attack against the government. It follows that it would be impossible also to activate the rules of war for self-defense.

The right of self-defense under the United Nations charter is set up so that it is exclusively concerned with relations between nation states. There is, for example, no right of self-defense for a country against a terrorist group which is not a government. This does not mean, of course, that a country is unable legally to take any action against terrorists, but it does mean that when it does so out of self-defense, it is not doing this under Article 51 of the United Nations charter.

The nature of the Internet is such that it is possible to disguise the source of any attack. This is the fundamental problem with the laws of war.  These laws are based upon an assumption that it is possible to identify the source of an attack. When this simple assumption is not available, then some other type of mechanism must be used in order to justify self-defense.

The Level of Force Problem.  A second problem concerns the question of level of force. If, for example, it is in fact possible to determine that a cyber attack has taken place, and that the precise source of the cyber attack has been identified, and also that the source itself is linked to another government, then still the question remains “what is the proper response”. If the offended nation state launches a so-called kinetic attack, then is this a proper response to a virtual attack in the CyberWorld? Or is it permissible only to respond to a cyber attack with another cyber attack?

These are a few of the many concerns that must be accommodated in order to set up an international regime for the control of the cyber arms race.