Upload
rohit-revo
View
9
Download
0
Embed Size (px)
DESCRIPTION
This essay debates whether state nations or even larger organizations that are victims of a cyber attack be able to launch destructive counter attack?
Citation preview
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 1/12
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 2/12
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 3/12
oweer soe scholars clai that an attack on cyber space is not the sae thing as a
physical attack in real world and hence does not warrant a retaliatory action.
Dhile a counter attack ay be a legitiate act of warfare in soe circustances3 = argue
in this paper that fighting back adersaries and pursuing retaliatory cyber attacks is
counter productie and explain the legal and technical issues inoled in this. =t is ore
worthwhile to build your own cyber defense echaniss rather than orchestrating hot
cyber pursuits.
The essay carries out a literature reiew of retaliatory cyber attacks and draws up
arguents for and against such attacks and explains the risks and technical ipacts of
these attacks.
Outline of Argument
0oncerns related to cyber attacks are growing across the globe3 as are the eans
adopted by arious countries to fight this enace.
Source: http://www.ne.!"/en/#l!b$l/s!luti!ns/s$%ety/in%!"$n$#e"ent/ybe&$tt$'.ht"l
A real tie cyber attacks ap deeloped by Easpersky shows the depth and breadth of
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 4/12
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 5/12
0yber attack is asyetric warfare in which an attacker with liited budget and publicly
aailable tools can cause huge daage to the public reputation and business confidence
of the organizations and goernents3 they are attacking. Dhile there are any ethical
hackers or hackers who launch opportunistic attacks3 there are a ery large nuber of
hackers who are launching targeted attacks to either proote their ideology or to discredit
goernents and business organization.
A cyber attack is far easier to orchestrate than cyber defense 8 as @ary Jllen argues that
=nternational law raises substantial barriers to both using cyber weapons and defending
cyber space fro cyber-attacks through the use of force.9 0oputer crie and cyber-
terroris could be stopped dead in its track if those at risk ipleented preentatie
easures3 " howeer gien the changing nature of technology3 hackers are always
finding poor processes and ulnerabilities in =T infrastructure within copanies and
goernent bodies leaing the exposed to cyber attacks. @ost cyber attacks hae not
resulted in any ared conflicts so far3 but there is a growing call for counter cyber attacks
in case of targeted attacks. oweer there is no agreeent on how uch of cyber actiity
and intrusion will classify as a cyber ared attack. Thus the basis of initiating any offensie
cyber capability is issing3 as there is 4no international agreeent on legal interpretation
and to enforce it with respect to cyber-attacks.( ""
A security study has found that ore than one-third of breaches take hours to detect and
resoling breaches could take days3 weeks3 or onths."# Thus identification of cyber
attackers in ost cases would take tie3 which will enable the adersaries either to
regroup or oe locations. The anonyity of the attacker who hides behind a ale of spoof
=> Addresses liits the options of launching counter attacks. Leterining the true identity
of an attacker is a big challenge in cyber warfare. The attackers could be operating in a
) 2hackelford 2cott ?3 F6ro Nuclear Dar to Net Dar7 Analogizing 0yber Attacks in =nternationalGaw *#9+3I Kerkeley ?ournal of =nternational Gaw3 <olue #$ M =ssue "3 p . #$* @ary Jllen /(0onnell3 F0yber 2ecurity without 0yber DarI3 ? 0onflict 2ecurity Gaw *2uer#"#+ "$ *#+7 "8$-#9 doi7"."9%)cslkrs"$3p. #%
1+ Karton >aul and Nissanka <i3 F0yber-crie criinal offence or ciil wrongBI3 0oputer GawO 2ecurity 1eiew <olue "93 =ssue 53 2epteber #%3 p. '%11 Daxan @atthew 03 F0yber-Attacks and the Hse of 6orce7 Kack to the 6uture of Article #*'+I3
The Pale )ournal of international law3 <ol. %&7 '#"3 p. '#512 TK 2ecurity3 iewed # /ctober3 #"'3 http7tbgsecurity.co"%-of-cyber-attacks-take-hours-to-detect:
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 6/12
different country and deterining the geographical boundaries of cyber attack is ery
difficult and launching offensie attacks raises Questions of territorial state control. 40yber
attackers with cloaked identities3 proxied network connections or bulletproof hosting
serices3 and operating bases in reote locations( create probles in identification."%
4=f an aggressor is sitting in 1ussia and launches an attack against an Aerican asset3
een if the aggressor is located and identified it can take three to six onths for =nterpol to
pass a reQuest along to the appropriate police agency for follow up.( "' The inability to
correctly identify the attacker coupled with the unknown collateral daage an offensie
cyber attack would cause3 is the a)or reason why conducting cyber attacks is fraught with
risk. Dhile the attackers could be sall tie players3 the ere act of offensie cyber
attacks by large organizations and goernents could classify the as coitting the
sae crie and expose the to lawsuits and ore cyber attacks.
This sybiotic relationship of crie and cyber warfare 4coplicates the broad battle-space
understanding for early warning igilance or defensie and offensie aneuers against
nebulous networks and asked relationships("5 . That is not to say that there are no
proponents for waging an offensie cyber attack. 2oe argue that building effectie cyber
security easures inoles fighting back adersaries. @cGaughlin recoends that the
ability to coit an aggressie and copletely deastating counter attack should be part
of an organization(s incident response toolkit."& HE has signaled that it will carry out
offensie cyber warfare "$ while H2 >atriot Act carries a prison ter for # years for
coitting cyber attacks."8 According to edia reports3 H.2. intelligence serices hae
13 2wanson 2cott 3 Astrich 0raig and 1obinson @ichael3 F0yber Threat =ndications O Darning7>redict3 =dentify and 0ounterI3 2all Dar ?ournals3 ?uly #&3 #"#3 iewed "st /ctober #"'http7sallwars)ournal.co)rnlartcyber-threat-indications-warning-predict-identify-and-counter:14 @cGaughlin3 Eein G3 F0yber Attack R =s a 0ounter Attack DarrantedBI =nforation 2ecurity?ournal7 A lobal >erspectie3 <olue #3 =ssue "3 #""3 p. 59
15 2wanson 2cott 3 Astrich 0raig and 1obinson @ichael3 op. cit.
16 @cGaughlin Eein G3 op. cit.3 p. &#
1( 6inancial Ties3 FHE becoes first state to adit to offensie cyber attack capabilityI3 iewed #/ctober #"' http7www.ft.cointlcss9ac&ede&-#8fd-""e%-ab&#-"''feab$de.htlSaxzz%6'2H@:
1) Dashington >ost3 accessed " /ctober #"'3 http7www.washingtonpost.coworldnational-securityus-spy-agencies-ounted-#%"-offensie-cyber-operations-in-#""-docuents-show#"%8%d9a&ae-""9e-""e%-b'cb-fd$ce'"d8"'story.htl:
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 7/12
already carried out #%" offensie cyber-operations in #"". "9
There are software tools like 0rowdstrike in the arket3 which allow you to feed fake data
to attackers and helps identify the patterns and otie of attackers and identify who is
conducting these attacks. The otiation of cyber attack is a typical factor in deterining
response.
1esponding to cyber attack reQuires Quick decision aking using 4systes that are
theseles targeted and hot pursuit can be applied in cyberspace )ust as in aritie
doain3 which along with air3 land3 and space is iewed as a global coons.( #
Hnlike conentional weapons that can be identified by intelligence and satellites3 4the
deelopent of a cyber weapon is rather difficult to locate( #" as this could be done in the
confines of a priate hoe with little or no connectiity.
The options for adopting a legal recourse can be a non-starter as cyber laws in different
countries ary and soe countries ay not adopt a hard line approach to cyber intrusions.
Thus countereasures3 sanctions and een law enforceent cannot substitute for frontline
coputer and network security easures.## There are no consistent guidelines to identify
a state sponsored cyber attacker is-U-is an opportunistic attacker3 to identify the real
intent of attackers and also to pin point their exact geographical coordinates. 2cholarly
articles hae failed to arrie at a definition of how a cyber intrusion can be classified as a
cyber attack and how should passie and offensie strategies be initiated. Eenneth eers
akes a alid point by suggesting that 4>ropaganda and low-leel coputer network
exploitation *0NJ+ ay trigger the first line of passie cyber defense3 while the
anipulation of code in an operational weapons syste could be grounds for real-world
retaliation.( #%
1* Dashington >ost3 accessed " /ctober #"'3 http7www.washingtonpost.coworldnational-securityus-spy-agencies-ounted-#%"-offensie-cyber-operations-in-#""-docuents-show#"%8%d9a&ae-""9e-""e%-b'cb-fd$ce'"d8"'story.htl:2+ 6arwell ?aes and 1ohozinski 1afal3 FThe New 1eality of 0yber DarI accessed # /ctober#"'3 http7www.defenceiQ.cocontributors%'&'-)aes-farwell-and-rafal-rohozinski:
21 >aganini >ierluigi3 F0yber DeaponsI3 The acker New @agazine3 April #"#3 =ssue " iewed% /ctober3 #"'3 http7news.thehackernews.coTN-April#"#.pdf:
22@ary Jllen /(0onnell op. cit.3 p. #&
23 eers Eenneth3 F2trategic 0yber 2ecurityI3 NAT/ 0ooperatie 0yber Lefence 0entre ofJxcellence3 p. %#
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 8/12
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 9/12
,!u&e: -I,T ,P )++61 p&!ess !w %!& ybe& inident &esp!nse
=n a physical war against other Nation3 in ost cases a Hnited Nations 2ecurity 1esolution
is reQuired3 howeer there is no conention of who can launch a counter cyber attack. =n
case of a physical or a nuclear war there is a defined coand structure in place3
whereas the chain of coand for conducting a cyber attack is nebulous. A decentralized
approach can cause confusion that will liit the efficiency of a coordinated cyber attack.
Dhile Nation states hae an inherent right to self-defense3 the HN 0harter Art #*'+ states
that 4All @ebers shall refrain in their international relations fro the threat or use of force
against the territorial integrity or political independence of any 2tate3 or in any other
anner inconsistent with the >urposes of the Hnited Nations(. Thus an actie pursuit of
cyber adersaries ay put Nations at risk of iolating HN regulations. =nternational law
related to self-defense and ared inasions is still unclear after so any years of debate
as the onus of proiding a credible proof of cyber attacks becoes the responsibility of the
country which is attacked. Thus foring an effectie international cyber crie law will take
tie3 which will leae the field open for Nations to pursue cyber attackers and also proide
cyber criinals to spread terror and seek fae and satisfaction in disrupting digital
econoies.
Gife in the digital world iics life in the real world. As traditional crie and terror oes
into digital space and traditional warfare oes into digital doain3 there is a need to
replicate the sae easures in online world as well. There are growing calls for cyber
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 10/12
disaraent and following the sae protocols as defined in nuclear disaraent. Dhile
the analogy is correct3 the building of offensie cyber weapons has ery low barriers to
entry as copared to nuclear world3 where you need specialized eQuipent and huan
resources and rare aterials like Hraniu and cyber attackers ostly indiiduals could
collaborate in real tie to launch attacks. The life cycle cost of deeloping cyber weapons
are inial and also hae the potential to scale draaticallyV a single algorith could
disable a whole class of adersary systes.#9
There is disagreeent between experts about the feasibility of designing cyber tools that
can be reliably eployed with confidence about their collateral effects.%
=f a retaliatory cyber attack causes a disruption in critical serices or loss of life3 then thishas the potential to escalate into a a)or conflict and rather than affecting the adersary
will put the offending entity at risk of ciil liability and copensating for the loss of life and
daage to infrastructure if any. >rotocol "3 Article 5" codifies the law of proportionality3
which indicates that the punishent offered should be coensurate with the crie
coitted and that indiscriinate attacks are not tolerated.%" An offensie attack in cyber
space ay be seen as disproportionate to the intensity of crie conducted by cyber
attackers and if the offensie attacks put the lies of citizens in danger3 this could be a
iolation of HN laws.
A cyber attack can either hae no direct physical conseQuence or it could facilitate kinetic
attacks3 which results in physical destruction. %# Any offensie cyber retaliation is ore
likely to be seen as disproportionate by the global counity and is likely to backlash and
priate copanies don(t hae the legal right of conducting hot pursuits across its business
boundaries.
Conclusion:
2* Geed @aren3 op. cit.3 p 9.
3+ Geed @aren3 op. cit.3 p 5.
31 Hnited Nations3 "99' 0onentions and Additional protocols and their coentaries3 iewed '
/ctober #"'3 https7www.icrc.orgihlDebA1T'$-$5&5:32 athaway /ona A3 0rootof 1ebecca3 et al3 FThe law of cyber-attackI3 0alifornia Gaw 1eiew3#"#3 p #&
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 11/12
Lue to the interconnectedness of the world3 it is likely that a country can be a cyber
attacker as well as be a icti of cyber attacks. 0urrently there is no consensus about
when does a cyber attack warrant a counter retaliatory physical or cyber strike. 1ather
than concentrating the efforts on counter attacks3 it is prudent to build defence
echaniss to dissuade cyber attackers so that they concentrate on less secure
enironents.
REFERENCES
Karton >aul and Nissanka <i3 F0yber-crie criinal offence or ciil wrongBI3 0oputer Gaw O2ecurity 1eiew <olue "93 =ssue 53 2epteber #%3 p. '%
0isco;s <isual Networking =ndex 6orecast >ro)ects Nearly alf 3 iewed "st /ctober #"'3http7newsroo.cisco.corelease""9$%9"
0onnell3 A.V >alko3 T.V Pasar3 .3 W0erebro7 A platfor for collaboratie incident response andinestigation3W Technologies for &omelan Security '&ST(, #$!) I*** International Conference,pp.#'"3#'53 "#-"' No. #"%
6arwell ?aes and 1ohozinski 1afal3 FThe New 1eality of 0yber DarI accessed # /ctober #"'3 http7www.defenceiQ.cocontributors%'&'-)aes-farwell-and-rafal-rohozinski:
6K=3 Terroris ##"3 iewed 5 /ctober #"'3 http7www.fbi.gostats-sericespublicationsterrorterroris-#-#"SThe!#H2A!#>AT1=/T:
6inancial Ties3 FHE becoes first state to adit to offensie cyber attack capabilityI3 iewed #/ctober #"' http7www.ft.cointlcss9ac&ede&-#8fd-""e%-ab&#-"''feab$de.htlSaxzz%6'2H@:
6orbes3 0aution7 Actie 1esponse to 0yber Attacks as igh 1isk3 iewed "st /ctober #"'3
http7www.forbes.cosites)odywestby#"#""#9caution-actie-response-to-cyber-attacks-has-high-risk:
eers Eenneth3 F 2trategic 0yber 2ecurityI3 NAT/ 0ooperatie 0yber Lefence 0entre ofJxcellence3 p. %#
http7csrc.nist.gopublicationsnistpubs8-&"re#2>8-&"re#.pdf
athaway /ona A3 0rootof 1ebecca3 et al3 FThe law of cyber-attackI3 0alifornia Gaw 1eiew3#"#3 p #&
7/21/2019 Should cyber attack victims launch counter attacks?
http://slidepdf.com/reader/full/should-cyber-attack-victims-launch-counter-attacks 12/12
=nfosec =nstitute3 The 1ise of 0yber Deapons and 1elatie =pact on 0yberspacehttp7resources.infosecinstitute.cothe-rise-of-cyber-weapons-and-relatie-ipact-on-cyberspace:
?erey A. 1abkin and Ariel 1abkin3 FDhy the 0urrent Gaw of Ared 0onflict 2hould Not 6etterH.2. 0yber 2trategy *#"#+3I in Jerging Threats in National 2ecurity and Gaw3 edited by >eterKerkowitz3 http7www.eergingthreatsessays.co p. "
?uniper 1esearch3 @obile >ayents to 1each ,".%tn Annually by #"$3 as N60 and >hysicaloods 2ales Accelerate3 iewed "st /ctober #"'3http7www.)uniperresearch.coiewpressrelease.phpBprC%%#:
Geed @aren3 F/ffensie 0yber 0apabilities at the /perational GeelI3 0entre for 2trategic and=nternational 2tudies3 2epteber #"%3 p. 5
@ary Jllen /(0onnell3 F0yber 2ecurity without 0yber DarI3 ? 0onflict 2ecurity Gaw *2uer#"#+ "$ *#+7 "8$-#9 doi7"."9%)cslkrs"$3p. #%
@cGaughlin3 Eein G3 F0yber Attack R =s a 0ounter Attack DarrantedBI =nforation 2ecurity?ournal7 A lobal >erspectie3 <olue #3 =ssue "3 #""3 p. 59
>aganini >ierluigi3 F0yber DeaponsI3 The acker New @agazine3 April #"#3 =ssue " iewed %/ctober3 #"'3 http7news.thehackernews.coTN-April#"#.pdf:
2hackelford 2cott ?3 F6ro Nuclear Dar to Net Dar7 Analogizing 0yber Attacks in =nternationalGaw *#9+3I Kerkeley ?ournal of =nternational Gaw3 <olue #$ M =ssue "3 p . #$
2wanson 2cott 3 Astrich 0raig and 1obinson @ichael3 F0yber Threat =ndications O Darning7>redict3 =dentify and 0ounterI3 2all Dar ?ournals3 ?uly #&3 #"#3 iewed "st /ctober #"'
http7sallwars)ournal.co)rnlartcyber-threat-indications-warning-predict-identify-and-counter:
TK 2ecurity3 iewed # /ctober3 #"'3 http7tbgsecurity.co"%-of-cyber-attacks-take-hours-to-detect:
Hnited Nations3 "99' 0onentions and Additional protocols and their coentaries3 iewed '/ctober #"'3 https7www.icrc.orgihlDebA1T'$-$5&5:
Daxan @atthew 03 F0yber-Attacks and the Hse of 6orce7 Kack to the 6uture of Article #*'+I3
The Pale )ournal of international law3 <ol. %&7 '#"3 p. '#5
Deb Dar ==7 Dhat a future cyberwar will look like3 "st /ctober #"'3http7www.bbc.conewsagazine-"$8&8$89:
William J. Lynn, III, Deputy Secretary of Defense, National Defense University, Washington, D.C.,Thursay, July !", #$!! %http7www.defense.gospeechesspeech.aspxBspeechidC"59%:
Dashington >ost3 accessed " /ctober #"'3 http7www.washingtonpost.coworldnational-securityus-spy-agencies-ounted-#%"-offensie-cyber-operations-in-#""-docuents-show#"%8%d9a&ae-""9e-""e%-b'cb-fd$ce'"d8"'story.htl: