Abstract
This chapter questions the direct applicability of the just war tradition’s principle of distinction to electronic attacks involving computer network exploitation (CNE). It offers three principle challenges to maintaining the norm of distinction in electronic attacks that are rooted in the impossibility of foreknowledge of the object of attack in a computer network. In lay terms, without significant inside assistance it is impossible for a hostile agent seeking to exploit a computer network from knowing the network’s architecture and role prior to conducting hostile exploitation of the network. Due to this lack of knowledge, it is impossible for the hostile agent to be certain that initial exploitation will be free of negative consequences. This draws attention to the understanding of hostile action in both CNE and computer network attacks (CNA). This impossibility of foreknowledge leads to three challenges in applying the principle of distinction to cyber attacks: the access problem – where if CNE is considered to be an attack, then our understanding of distinction collapses, the boundary problem – where it may be impossible for an agent to know the boundaries or couplings of the system that they are attacking, and the levels problem – where humans are held accountable for non-human agency inherent in the deployment of autonomous software programmes (‘viruses’, ‘malware’, etc). This chapter argues that these problems are surmountable, but not with an understanding of distinction that is directly transposed from human interactions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
See, for example, the US Computer Fraud and Abuse Act of 1984, or the UK’s Computer Misuse Act of 1990.
References
Amini, P. 2008. Kraken Botnet Infiltration. DVLabs. http://dvlabs.tippingpoint.com/blog/2008/04/28/kraken-botnet-infiltration.
BBC Online. 2015. Is cyber-warfare really that scary?. http://www.bbc.co.uk/news/world-32534923.
Betz, D.J., and T. Stevens. 2013. Analogical reasoning and cyber security. Security Dialogue 44(2): 147–164.
Boothby, B. 2013. How will weapons reviews address the challenges posed by new technologies? Military Law & Law of War Review 52:37.
Butler, J. 2009. Frames of war: When is life grievable? London: Verso.
Carvin, S., and M.J. Williams. 2014. Law, science, liberalism and the American way of warfare: The quest for humanity in conflict. Cambridge: Cambridge University Press.
Coates, A.J. 2012. The ethics of war. Manchester: Manchester University Press.
Cooke, E., F. Jahanian, and D. McPherson. 2005. The zombie roundup: Understanding, detecting, and disrupting botnets. In: Proceedings of the USENIX SRUTI workshop, vol. 39.
Dandeker, C. 1990. Surveillance, power & modernity. Cambridge: Polity Press.
Dinstein, Y. 2012. The principle of distinction and cyber war in international armed conflicts. Jounal of Conflict and Security Law 17(2): 261–277.
Dittrich, D., F. Leder, and W. Tillmann. 2010. A case study in ethical decision making regarding remote mitigation of botnets. Financial Cryptography and Data Security, Lecture Notes in Computer Science, vol. 6054, 216–230.
Fisher, David. 2012. Morality and war: Can war be just in the twenty-first century? Oxford: Oxford University Press.
Geiß, R., and H. Lahmann. 2012. Cyber warfare: Applying the principle of distinction in an interconnected space. Israel Law Review 45(3): 381–399.
Grayling, A.C. 2007. Among the dead cities: Is the targeting of civilians in war ever justified? London: Bloomsbury.
Kabay, M.E. 2009. Computer security handbook, 5th ed. New York: Wiley.
Kelsey, J.T. 2008. Hacking into international humanitarian law: The principles of distinction and neutrality in the age of cyber warfare. Michigan Law Review 106: 1427–1451.
Korzak, E. 2011. Computer network attacks, self-defence and international law. In International law, security and ethics: Policy challenges in the post-9/11 world, ed. A. Hehir, N. Kurt, and A. Mumford, 147–163. New York: Routledge.
Langner, R. 2011. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy 9(2): 49–51.
Langner, R. 2013. To kill a centrifuge a technical analysis of what Stuxnet’s creators tried to achieve. The Langner Group, Arlington. Online at http://www.langner.com/en/wp-content/uploads/2013/11/To-kill-a-centrifuge.pdf.
Lee, R.M., M.J. Assante, and T. Conway. 2014. ICS CP/PE (Cyber-to-Physical or Process Effects) case study paper – German steel mill cyber attack. SANS ICS. Online at https://ics.sans.org/media/ICS-CPPE-case-Study-2-German-Steelworks_Facility.pdf.
Levine, A. 2012. Hacking by China not necessarily a “hostile act”. CNN. http://security.blogs.cnn.com/2012/02/14/hacking-by-china-not-necessarily-a-hostile-act/.
Libicki, M.C. 2012. The specter of non-obvious warfare, 88–101. Fall: Strategic Studies Quarterly.
Lubell, N. 2013. Lawful targets in cyber operations: Does the principle of distinction apply? International Law Studies 89: 252.
Mavropoulou, E. 2015. Targeting in the cyber domain: Legal challenges arising from the application of the principle of distinction to cyber attacks. Journal of Law & Cyber Warfare 4: 23.
Mazzetti, M., and D.E. Sanger. 2013. Security leader says U.S. would retaliate against cyberattacks. The New York Times.
Purves, D., R. Jenkins, and B.J. Strawser. 2015. Autonomous machines, moral judgment, and acting for the right reasons. Ethical Theory and Moral Practice, online at http://link.springer.com/article/10.1007/s10677-015-9563-y.
Ramsey, P. 2002. The just war: Force and political responsibility. Oxford: Rowan & Littlefield.
Rid, T. 2012. Cyber war will not take place! Journal of Strategic Studies 35(1): 5–32.
Rid, T. 2013a. Cyber war will not take place. London: Hurst.
Rid, T. 2013b. More attacks less violence. Journal of Strategic Studies 36(1): 139–142.
Roscini, M. 2014. Cyber operations and the use of force in international law, 17. Oxford: Oxford University Press.
Schlosser, E. 2013. Command and control. London: Allen Lane.
Schmitt, M.N., et al. 2013. Tallinn manual on the international law applicable to cyber warfare. Cambridge: Cambridge University Press.
Schneier, B. 2014. There’s no real difference between online espionage and online attack. The Atlantic. http://www.theatlantic.com/technology/archive/2014/03/theres-no-real-difference-between-online-espionage-and-online-attack/284233/.
Schneier, B. 2015. Data and Goliath: The hidden battles to collect your data and control your world. New York: WW Norton & Company.
Sharkey, N. 2010. Saying ‘No!’ to lethal autonomous targeting. Journal of Military Ethics 9(4): 369–383.
Stone, J. 2013. Cyber war will take place! Journal of Strategic Studies 36(1): 101–108.
Strauss, M. 2003–2004. Torture. 48 New York Law Review 201.
Strawser, B.J. 2013. Introduction: The moral landscape of unmanned weapons. In Killing by remote control: The ethics of an unmanned military, ed. B.J. Strawser. New York: Oxford University Press.
The United Nations Office at Geneva. 2014. Report of the 2014 informal meeting of experts on Lethal Autonomous Weapons Systems (LAWS). Geneva: UN.
Walzer, M. 2006. Just and unjust wars: A moral argument with historical illustrations. London: Basic Books.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing Switzerland
About this chapter
Cite this chapter
McDonald, J. (2017). Blind Justice? The Role of Distinction in Electronic Attacks. In: Taddeo, M., Glorioso, L. (eds) Ethics and Policies for Cyber Operations. Philosophical Studies Series, vol 124. Springer, Cham. https://doi.org/10.1007/978-3-319-45300-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-45300-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-45299-9
Online ISBN: 978-3-319-45300-2
eBook Packages: Religion and PhilosophyPhilosophy and Religion (R0)