CYBER WARFARE

What is cyber warfare? Don’t try to find a particular definition. There isn’t one.

It could be armed conflict where cyber tools are used, or the cyber domain is used to leverage traditional kinetic effects. Or it could be a conflict exclusive to the cyber world, where data can be both weapon and target. Whatever the definition, it ushers in a host of ambiguities and questions. When is a cyber incident an armed attack that could trigger UN or treaty provisions? Is a cyber incident vandalism, theft, espionage or an attack? (Note that I do not regard any use of cyber by an actual or potential adversary as an “attack”. Words have meaning. Attacks trigger treaties and void insurance policies. Choose your words wisely.)

Finally, what does a cyber incident mean for traditional government response? If a private utility is shut down by a cyber incident, what right or obligation does local, state or federal government have to restore service? And who pays for it? Cyber transcends the old boundaries of combatants and lawful targets in a way that fashions anew our understanding of proper defensive response.

In my seven years of teaching this topic, a few areas of emphasis always rise to the top as being most important to students of cyber warfare. Check out the links below as they are built out.

Incident Classification

Tallin and the Cyber LOAC

Authorities for Cyber Operations

The Cyber Mission Force