1. Bibliographic Entry. Cyber threats
2. Author : Brennan
3. Context: nature of the environment, nature of the threat, differences from real world, and potential responses
4. Scope: modern military, political, and law enforcement environment
5. Evidence/credibility: Brennan is a lawyer, and presents her argument as a legal basis for government structural change. Uses federal law as primary source of credibility
6. Central Proposition/Thesis: Governments are in the business of reducing chaos and maintaining order. They do this internally through law enforcement, and externally through the military. Part of the cyber problem is the crossing of these lines (sovereignty?), the anonymous nature of the perpetrators (agency?), and the unknown nature of the activity (crime or war?). (9)
a. PTP: During the Estonian attack, they took their systems offline. A move made possible through high SA. Is it possible to have critical systems go into a defensive posture, maybe preemptively, in the event of a crisis? Perhaps a cyberCON system? (4)
b. PTP: there was once a coordination problem amongst cyber defenders (51), has CYBERCOM resolved this?
c. PTP: It would seem that anonymity is the center of gravity in our initial cyber defense strategic problem. If we can resolve anonymity, then we know agency, and if we know agency, we resolve intent and if we resolve intent, then we know sovereignty and jurisdiction. (72). Can we establish a national online identity program that requires licensing, registry, and verification at each log on?
d. By "de facto" cyberwarfare: Cyberattacks that (a) are launched by non nation-state actors against a nation-state or a corporate entity that has assumed some/all of the functions of a nation-state in order (b) to undermine the victim's viability as a governing system. In each instance, the attacks challenge a system's ability to maintain external order and are therefore factually indistinguishable from traditional warfare. (107)
a. PTP: legitimacy of concept is in question. British East India Trading Co was the 1st multinational, but it was only as good as the protections afforded to it by the British Govt. – primarily the Royal Navy. Global multi-nationals will always need a base, and that base will be a nation state, and that state will be sovereign, even to a degree of influence over the mult-national. 3rd party cyber war will still be attributable to a nation state. Bottom line – I don’t believe the nation state is going away due to cyber war… perhaps it is undermined, but this is more a factor of globalization than cyber
e. 108 multinational corporations could today launch cyberwarfare attacks on hapless nation-states, if they were so inclined.
a. PTP: Also not a new idea. The British EIC essentially waged war on independent Indian spice traders, corporations all but declared war on China over opium trading, and western oil companies have meddled in middle eastern affairs for decades (how about the Shah of Iran?). Cyber is just a new means of achieving the same ends.
f. Civilian infrastructure components will almost certainly become targets in cyberwarfare. and civilians are equally likely to become involved in responding to these attacks. We must recognize these emerging realities and adapt the law of war, (199).
a. This is all sorts of problematic. What if a civilian initiates an action that another country views as an act of war? Is Bob the plumber from Duluth responsible for a war? Who gave him the authorities to strike? Yet another cyber author who is ready to abandon our principles out of fear of the great cyber menace.
g. PTP: page 226. Author assumes too much:
a. All states are not created equal. Totalitarian regimes will not be nearly as vulnerable as an open society. Totalitarian regimes are at an advantage in this environment because they can restrict ‘virtual’ power.
b. The only source of power available through cyber is information. All other national sources of power, or artifacts of power as the author says, are tangible and not directly controllable through cyber. This is a lot of cards still in the state’s hands to declare the state as being powerless and obsolete…
c. Virtual power, or information, can be restricted, modified, cut off, etc, when the state decides it needs to. So, even the single form of cyber power is still at the mercy of the state.
d. All of these issues are reversed in an environment of positive ID, licensing, and registration.
h. PTP. Page 234. Author wants to allow military/LE collaboration on investigations and evidence to determine if there was an attack, and what kind of an attack it was. Claims this is not a violation of the 4th amendment. BS. What happens when it is determined that it was a crime, and the evidence chain came from a 2 stripe airman? What court in the land is going to approve warrants off that basis? What LE agency is going to jeopardize a conviction because it’s evidence is intertwined with military activity? Fantasy.
i. PTP: Author dedicates exactly 2 paragraphs to the issue of resolving anonymity. The other 79 pages of solutions are in dismantling the constitution and destroying the nation state. More fantasy. She misses the C.O.G. (238)
4 <, To maintain at least some internal Internet service, Estonian authorities had to block most access to Estonian sites by people outside the country; this meant. among other things. that Estonians traveling abroad could not access their email, bank accounts, or other resources.
Those who would become their country's first line of defense in the May cyber assaults watched the attacks being orchestrated online in real-time, which gave them an obvious advantage when it came time to respond. (High real-time SA)
5 Estonian authorities claimed that security experts analyzing the DDoS attacks allegedly traced Internet addresses used in the attacks to Russian government agencies, including the office of President Vladimir Putin? (attribution?)
9 Cyberspace presents us with what is, in essence, a fourth (or maybe fifth) dimension -a behavioral dimension rather than a spatial dimension. Cyberspace is not "real" in any tangible sense, but as we saw with the Estonian attacks, it can have very real effects in the spatial world we inhabit. But because cyberspace is neither a "real" place nor is situated in a "real;' tangible space, it is not subject to the terrestrial rules and strategies we use to control chaos within and among our physical enclaves.
29 cyberspace therefore almost exponentially increases the complexity of the cross-jurisdictional investigative challenges early twentieth-century law enforcement encountered when criminals began using motor vehicles.
42 cyberterrorism focuses on using technology to erode our confidence in the information and the systems we necessarily rely on to function in our modern. urban environments. 1; it is the fear of losing control.
44 Weapon of mass destruction: Computers. as such. cannot inflict physical damage on persons or property; that is the province of real-world implements of death and destruction.
But computers can be used to set in motion forces that produce physical damage.
45 Weapon of mass distraction: Computer technology is used to manipulate a civilian population psychologically. 1his manipulation saps civilian morale by undermining citizens· faith in the efficacy of their government.162 Depending on the type of manipulation involved, it can also result in the infliction of personal injury, death, · and property destruction.
51 defenders tended to deal with each attack as an "individual and discrete" event; they had great difficulty in coordinating their efforts into a cohesive, cross-sector response, especially when the attacks increased in number and frequency,
National Cyber Response Coordination Group (NCRCG) became so overwhelmed by the attacks that developing an accurate situational picture was challenging: (PTP: has this been resolved with the stand up of cyber command?)
65 Definitionally. cyberwarfare is the conduct of military operations by virtual means?68It consists of nation-states' using cyberspace to achieve essentially the same ends they pursue through the use of conventional military force: achieving advantages over a competing nation-state or preventing a competing nation-state from achieving advantages over them.
72 given the opportunities cyberspace creates for the remote commission of attacks and attacker anonymity. it is more common than not for cybercriminals to go unidentified and unapprehended. Or only were the BIS attackers never identified. The nature of the attack itself was never identified.
83 The problem. of course. is that the BlS attackers (whoever they were) never physically entered u.s. territory; cyberspace makes it possible for anyone with an Internet connection and basic computer skills to remotely attack a computer in another country." The transnational aspect of virtual attacks is merely one factor we must consider in the attack-attribution process, a factor that may very well be inconclusive.
88 As those who understand cyberspace realize. the Internet protocol addresses networked computers use can easily be spoofed, or faked, so an attack that seems to come from one computer actually comes from another. in a different location.
106 creveld sees the future as bringing a decentralization of government, a system in which the entities that carry out the functions now monopolized by nation-states will be more idiosyncratic in nature and structure and more integrated with each other than are nationstates:
107 3 By "de facto" cyberwarfare: Cyberattacks that (a) are launched by non nation-state actors against a nation-state or a corporate entity that has assumed some/all of the functions of a nation-state in order (b) to undermine the victim's viability as a governing system. In each instance, the attacks challenge a system's ability to maintain external order and are therefore factually indistinguishable from traditional warfare.
108 multinational corporations could today launch cyberwarfare attacks on hapless nation-states, if they were so inclined.
i.l am saying that as the power to wage warfare ceases to be a nation-state monopoly, we must expect that attacks analogous to but much more sophisticated and much more devastating than those Estonia underwent in May of 2007 will be directed at nation-states.
l43 ,An identified point of attack origin in another nation-state cannot routinely be construed as an attack by that nation-state because cyberspace gives essentially anyone the ability to launch transnational attacks.
178 \ And it has been "uniformly interpreted to apply to National Guard members only when they are in federal service and not when they are in service to their states
179 . The Military Cooperation with Law Enforcement Officials Act consequently draws a clear, inviolate distinction between the military's providing civilian law enforcement with equipment and facilities and its becoming involved in the process of law enforcement.
· 189 The eroding efficacy of our current model of law enforcement is compounding the difficulty of maintaining order in cyberspace: The model's increasing inefficacy in controlling online crime erodes societies' disparate abilities to discourage criminal activity in cyberspace; this not only undermines the perception that social order is being maintained "in' cyberspace. it also erodes Ithe perception that societies are maintaining order in the real-world.
199 · Their role must be reassessed because the rationale for excluding civilians from traditional combat operations either (a) does not apply at all to cyberwarfare or (b) applies in a less compelling fashion. The rationale for excluding civilians from combat is to protect them from retaliatory attacks by an opposing military force. As we have seen, cyberwarfare tends to erase the distinctions between civilian and military targets. Civilian infrastructure components will almost certainly become targets in cyberwarfare. and civilians are equally likely to become involved in responding to these attacks. We must recognize these emerging realities and adapt the law of war, along with other components of our law and our institutional structures, to them. We explore ways we can do this in the next chapter.
203 , many of the challenges derive from the fact that · activities in cyberspace defy the constraints of the physical world: Territory and identity become meaningless and often irrelevant in an online environment;
The migration of activities into cyberspace is eroding l-states' ability to sustain that monopoly. a phenomenon the influence of which was implicit in our examination of the more evident challenges comprising the first category.
222 Nation-states monopolize the artifacts of power to maintain internal and external order and thereby ensure that they survive and prosper. Why is the monopoly eroding?
The answer lies in the changing nature of the artifacts of power. As we saw above, they have historically been tangible, zero-sum commodities:-have existed primarily. or exclusively. in tangible. physical form.
The tangible, zero-sum nature of these artifacts has made it relatively easy for states to control access to and use of them.
223 if a state could effectively control (a) movement into and out of its territory and (b) conduct within its territory. it could control access to and use of the artifacts of power.
225 . Information control becomes challenging. if not impossible.
· As technology evolves in sophistication · and pervasiveness, the impact of the virtual overlay cyberspace has given us will only become more profound.
226 We can modify the approaches we now use to maintain order so they accommodate an intertwined physical-virtual reality. The other option is to implement a twenty-first Peace of Westphalia, that is. to devise a new governing configuration. one that is not predicated on. and limited by. territory.
227 " Professional law enforcement officers overtly maintain internal order by responding to violations of the criminal rules that control chaos within a state; and professional military personnel overtly maintain external order by responding to assaults from other nation-states. The activities of both implicitly maintain order by discouraging internal rule violations and external attacks. As we have also seen. this system is not adept at dealing with threats vectored through cyberspace.