Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cyber War Manual Proposes Online Geneva Convention

samzenpus posted about a year ago | from the new-rules dept.

Government 90

judgecorp writes "A new manual for cyber war has been compiled by international legal experts and published by NATO. The manual proposes that hospitals and dams should be off-limits for online warfare, and says that a conventional response is justified if an attack causes death or serious damage to property. The manual might get its first practical application today — South Korea's TV stations and banks have come under an attack which may well originate from North Korea."

cancel ×

90 comments

Sorry! There are no comments related to the filter you selected.

Bite me (-1)

Anonymous Coward | about a year ago | (#43229691)

I'm going to prescribe every politician and banker I can the wrong medication or treatment. I hope you weren't fond of those nuts George.

Brought to you by NATO (0)

Anonymous Coward | about a year ago | (#43229703)

The organization that allows massacres to take place right in front of them, even though they say they are supposed to stop such things.

too many reasons for war (0, Flamebait)

Anonymous Coward | about a year ago | (#43229711)

we already have enough reasons to go to war,
how about we find ways to foster peace,
war takes money from the mouths of children,
why dont we just spend it on education?

 

Re:too many reasons for war (2)

viperidaenz (2515578) | about a year and a half ago | (#43230485)

Money is quite dirty and should never be fed to a child. It also has no nutritional benefits.

Re:too many reasons for war (1)

GPLHost-Thomas (1330431) | about a year and a half ago | (#43232051)

You nailed it. These are just excuses that the Obama administrations are searching for to go to war. At no point, conventional war should be responses should ever be used. This confusions of words ("online warfare", or "Cyber pearl harbor", etc.) should be always denied.

Frightening (3, Insightful)

Hentes (2461350) | about a year ago | (#43229729)

So when the Chinese hack America from an infected Swiss machine the US will bomb Switzerland? From outside it looks like that the military class has a disproportionately large influence in American politics.

Re:Frightening (0)

Anonymous Coward | about a year and a half ago | (#43229863)

My thoughts exactly. Plus, use of a proxy could create the equivalent of digital Al Qaeda cells, and if the Geneva Convention analogy is extended then there's no nation state to target. (GC is only for 2 or more nations in hostilities, not independent terror groups or internal conflicts) The entire concept sounds like a knee jerk reaction by people who don't understand how Big Al's innerweb works.

Re:Frightening (2)

fluffy99 (870997) | about a year and a half ago | (#43231243)

My thoughts exactly. Plus, use of a proxy could create the equivalent of digital Al Qaeda cells, and if the Geneva Convention analogy is extended then there's no nation state to target. (GC is only for 2 or more nations in hostilities, not independent terror groups or internal conflicts) The entire concept sounds like a knee jerk reaction by people who don't understand how Big Al's innerweb works.

Our adversaries are already using proxies and launching attacks from inside the US from compromised US companies and civilians. I think you underestimate the DOD's ability or desire to attribute attacks to the appropriate party before responding. We know damn well who, how, and where from the majority of the intrusions and attacks are coming from.

If there is a significant cyber attack that causes extensive physical damage or casualties, then by all rights it's an act of war and an appropriate response is warranted.

Re:Frightening (1)

jxander (2605655) | about a year and a half ago | (#43229923)

Well, we are #1 in defense spending... surpassing the combined totals of #2 - #15 (probably surpassing the combined totals of the rest of the world)

You are correct though. This makes false flag operations significantly easier, cheaper, and at a much reduced risk to the actual perpetrator.

Re:Frightening (4, Insightful)

geekoid (135745) | about a year and a half ago | (#43230055)

False flag operations are extremely risky, and don't happen as often as you would think.

Re:Frightening (1)

jxander (2605655) | about a year and a half ago | (#43230209)

Extremely risky in the real world, sure ...

But we're talking digital here. Anything can be a false flag (intentional or not) when it only takes a few black hats with a grudge to cause some serious damage. Even if we could perfectly trace any attack to it's true country of origin (and we can't) this online Rules of Engagement is a farce. If some jackass in BFE Wherever, USA gets bored and decides to DDOS a hospital up in Canada, does that put the USA as a whole in violation of this treaty? Should Canada, in this hypothetical scenario, start sharpening up their ice skates in preparation for the invasion?

Re:Frightening (2)

fluffy99 (870997) | about a year and a half ago | (#43231269)

If some jackass in BFE Wherever, USA gets bored and decides to DDOS a hospital up in Canada, does that put the USA as a whole in violation of this treaty?

We've conducted cyber attacks against Iran, so by this convention we've declared war on the nation state of Iran right?

Re:Frightening (2)

Internetuser1248 (1787630) | about a year and a half ago | (#43232191)

The US doesn't follow the existing Geneva conventions of war, what makes you think an internet version would apply?

Re:Frightening (0)

Anonymous Coward | about a year and a half ago | (#43232773)

The US doesn't follow the existing Geneva conventions of war

Oh bullshit.

If we didn't follow the Conventions there'd be no Gitmo and Iraq and Afghanistan would have been completely depopulated by the end of 2003.

Re:Frightening (1)

tehcyder (746570) | about a year and a half ago | (#43236149)

The US doesn't follow the existing Geneva conventions of war

Oh bullshit.

If we didn't follow the Conventions there'd be no Gitmo and Iraq and Afghanistan would have been completely depopulated by the end of 2003.

Bullshit to you. The Nazis didn't follow the Geneva Convention and they didn't completely depopulate the countries they invaded.

Re:Frightening (1)

tehcyder (746570) | about a year and a half ago | (#43236089)

If some jackass in BFE Wherever, USA gets bored and decides to DDOS a hospital up in Canada, does that put the USA as a whole in violation of this treaty?

We've conducted cyber attacks against Iran, so by this convention we've declared war on the nation state of Iran right?

I think it's OK if the US does it. If any other country on Earth had invaded another like Iraq, their head of state, generals, admirals and the rest would be swinging from gibbets as war criminals.

Re:Frightening (1)

stephanruby (542433) | about a year and a half ago | (#43230453)

How do you know?

Re:Frightening (1)

girlintraining (1395911) | about a year and a half ago | (#43231129)

False flag operations are extremely risky, and don't happen as often as you would think.

... and don't [infowars.com] happen [jobsnhire.com] as [veteranstoday.com] often [presstv.ir] as [wikipedia.org] you [navy.mil] would [historicalrfa.org] think [lonesentry.com] .

Re:Frightening (2)

wonkey_monkey (2592601) | about a year and a half ago | (#43232419)

How is the last one [lonesentry.com] a false flag operation?

Re:Frightening (4, Interesting)

daveschroeder (516195) | about a year and a half ago | (#43230343)

Don't worry, China is on track [economist.com] to outpace the US in military expenditures by 2023 [bloomberg.com] . I'm sure that's all for "peaceful regional defense" and will have no impact on the US.

China's military rise
http://www.economist.com/node/21552212 [economist.com]

The dragon's new teeth: A rare look inside the world's biggest military expansion
http://www.economist.com/node/21552193 [economist.com]

Essential reading on China cyber:

The Online Threat: Should we be worried about a cyber war? (The first page of this is a must read wrt China.)
http://www.newyorker.com/reporting/2010/11/01/101101fa_fact_hersh [newyorker.com]

Great snippet: ""The N.S.A. would ask, 'Can the Chinese be that good?' " the former official told me. "My response was that they only invented gunpowder in the tenth century and built the bomb in 1965. I'd say, 'Can you read Chinese?' We don't even know the Chinese pictograph for 'Happy hour.'"

To say nothing of the more recent news.

But yes, yes...this is all about "false flag" attacks, because naturally the US is always the evil aggressor, and there has never been any oppression or tyranny in the world, save for what the US has foisted upon it. The principles of freedom for which the US stands are just an illusion force fed to a compliant public by the lapdog mainstream press. In fact, we probably have secret time machines so we could extend this evil beyond our nation's short existence in this world. That explains all the bad things that happened before we were around.

Re:Frightening (1)

WindBourne (631190) | about a year and a half ago | (#43230491)

They very likely outspend us in miltary by a great deal. All that we know about is what they tell the world. However, what they tell the world would not even support their sub program, let alone the entire PLA.

Re:Frightening (1)

BasilBrush (643681) | about a year and a half ago | (#43232897)

Hmm. The cols war. Capitalism vs communism. It seemed that capitalism had prevailed. It's going to be quite amusing if communism snatches victory from the jaws of defeat.

Re:Frightening (1)

WindBourne (631190) | about a year and a half ago | (#43230481)

Oh, good god. I hate it when ppl bring up the crap about defense spending and have absolutely NO idea of what they are talking about. The first thing is that you have NO fucking idea of how much spending China does. You only know what they tell you. OTOH, you DO know how much western nations spend.
Secondly, there is the issue of how much something will buy. If China tells their gun manufacturer to sell them copied firearms of ours at $10 per, while We have to buy our at $2000 / unit, well, that is a HUGE difference. That is called buying power.
Finally, the REAL issue is how much per GDP.
So for China, they spend at 4.3 % of their GDP just on military in 2006 [cia.gov] , while the USA spent 4.06% in 2005. And ours include 2 wars, while Chinas is just building new weapons systems. And since 2006, our DOD spending has gone DOWN, while China's has gone up a great deal EACH YEAR (per their announcements).

So, stop the foolish crap about how much USA spends. It is Total BS.

Re:Frightening (2, Interesting)

Anonymous Coward | about a year and a half ago | (#43231161)

China's military might be able to buy things for a fraction of what it costs the Pentagon to buy something comparable, but they also have to deal with the flip side of the equation -- it's hard enough to verify that high-quality components were used to build hardware when you have the kind of supply-chain culture the US defense industry does, and it's technically possible to read the laser-etched code off of a bolt and trace it all the way back to the miners who were working the day the ore was excavated from the mine & the date itself... then follow it through to the lab reports, quality analysis, chain of custody, and everything else all the way to the finished product. This anal retentive obsession is a big part of the reason *why* the Pentagon will end up paying $17 for that bolt & the mile-long paperwork audit trail behind it. However, it also means that the Pentagon's purchasing department can sleep soundly at night knowing that 99.999% of everything that passes through their custody is precisely what it's supposed to be.

That's an advantage the PLA doesn't have today, and it's going to take decades for them to attain because it goes beyond law, punishment, and technology -- you need an entire set of cultural norms to back it up and keep it enforced even when somebody ISN'T necessarily watching like a hawk. China's electronics industry in particular has a grand tradition of finding incredibly creative ways to cut corners and reduce costs in ways that aren't necessarily obvious or readily apparent... at least, not until long after the goods have been sold & delivered.

If an American soldier runs the self-diagnostics on a robot or tank's computer system & it tells him the system is functioning at 100% capacity with no problems, he can pretty much believe it as an article of blind faith. Pity the poor Chinese soldier who takes HIS gear's word for it, and doesn't realize that they were programmed to lie up until a fraction of a second before something fails catastrophically. Oh, if it happens enough, China's government will find someone to blame & execute them in a very public way to make an example out of them, but that's not much consolation to the fighter pilot who's flying near ground level in zero visibility by instruments to avoid detection, and ends up flying into the side of a mountain that's supposed to be 90 feet below him.

That said, if China ever decided to nuke America with ICBMs, we're *all* totally fucked, even more than we would have been in a Soviet nuclear strike, because the same failures that will probably send at least 5-10% of the missiles crashing into the Pacific, northern Canada, and Gulf of Mexico will ALSO probably have at least 10-20% of them raining down on small towns in Alabama, upstate New York, cow pastures in Minnesota, and trailer parks on the edge of the Arizona desert. At least the Soviet missiles would have been reasonably likely to detonate within 5-10 miles of their intended targets, and were mostly aimed at military targets and a few big cities. China would be more likely to take the "middle" route -- shitloads and shitloads of smaller missiles, indiscriminately thrown just about everywhere in the approximate general direction, purchased for 10% of what American missiles cost to build, on the statistical assumption that at least a few will end up detonating somewhat near their intended targets. Residents of Manhattan might head outside the next morning to a city that's largely intact, and eventually see photos of the smoldering cratered wastelands that used to be the Jersey Shore and Appalachia.

If we're lucky, we might get one tiny consolation prize... reports that Tianjing and Chonggqing were nuked 27 minutes before the American missiles even arrived, courtesy of two Chinese missile launches that went horribly, horribly wrong, hurled their payloads ~50 miles over the horizon, then crashed into the ground at sufficiently high speed to trigger criticality.

That said, I don't believe China would do anything as stupid as launch missiles at the US. Regardless of how wealthy and powerful they might become, China would get WAY more "bang per buck" (or Yuan) by going to Mars. If China were to nuke Seattle, Portland, San Francisco, Los Angeles, and San Diego, their more or less instant reward would be the US sending their country back to the stone age, then standing back and letting Russia and India scavenge through the rubble for anything worth salvaging. If China spent the money instead on getting Taikonauts to Mars, they can plant the red flag on the Red Planet, claim the whole thing for themselves as a territorial extension of China... then smile, say they'll recognize territorial claims from other nations that extend 100 kilometers from any point permanently occupied by that nation, and ask whether anybody would like to purchase transportation & logistics services between Earth & Mars... for a rather hefty price. Eventually, the US would end up having to match China's space spending just to avoid having Saudi Arabia end up owning a bigger chunk of Mars than the US.

Re:Frightening (0)

Anonymous Coward | about a year and a half ago | (#43232023)

Ah, don't worry, we'll get rid of the residents of manhattan also. In a scenario like that they will starve to death.

Re:Frightening (1)

tehcyder (746570) | about a year and a half ago | (#43236189)

Residents of Manhattan might head outside the next morning to a city that's largely intact, and eventually see photos of the smoldering cratered wastelands that used to be the Jersey Shore

So, what you're saying is that every cloud has a silver lining?

Re:Frightening (1)

DogPhilosopher (1149275) | about a year and a half ago | (#43237213)

Residents of Manhattan might head outside the next morning to a city that's largely intact, and eventually see photos of the smoldering cratered wastelands that used to be the Jersey Shore and Appalachia.

Uhm.. how would that be a bad thing?

Re:Frightening (0)

Mitreya (579078) | about a year and a half ago | (#43229975)

From outside it looks like that the military class has a disproportionately large influence in American politics.

I have an even better suggestion.
How about we start enforcing the existing physical Geneva convention. So that no excuse (such as "terrorism!") can be used to violate the Geneva convention rules.

Re:Frightening (2)

Kell Bengal (711123) | about a year and a half ago | (#43230497)

Fortunately, the Geneva Convention specifically excludes non-state combatants from its protection. Mercenaries, terrorists and insurgents/freedom-fighters are all excluded. The moment you take up arms without being in the military, you are not covered by it.

Re:Frightening (1)

rtb61 (674572) | about a year and a half ago | (#43231619)

In the eyes of the law and under the requirements of justice prove it, until then they are innocent and only suspects. So either the Geneva Convention or the rule of law apply, take your pick or declare yourself the terrorist and criminal.

In any cyber attack the results in loss of life, first up those responsible for security should be audited and punished if they failed. Question that need to be asked, did it need to be connected to the internet, was it effectively isolated, how rapidly was an incursion detected and was proper security in place. For high security system things like honey pots should be in place as the primary defence because they can most effectively lead to counter measures being applied, as attacks can be detected within seconds of being initiated.

Re:Frightening (1)

tehcyder (746570) | about a year and a half ago | (#43236253)

Fortunately, the Geneva Convention specifically excludes non-state combatants from its protection. Mercenaries, terrorists and insurgents/freedom-fighters are all excluded. The moment you take up arms without being in the military, you are not covered by it.

Indeed, but you are still covered by the civilian laws of that country. Terrorists are arrested, tried and convicted for murder and sent to prison, not indefinitely detained and tortured.

The British worked this out a while ago with the Troubles.

Re:Frightening (0)

Anonymous Coward | about a year and a half ago | (#43230335)

what America really want to do is:
American hack America from an infected machine in X then bomb X.

Re:Frightening (0)

Anonymous Coward | about a year and a half ago | (#43230417)

More like this:

America hacks America from an infected machine in X, then bomb Y

Re:Frightening (0)

Anonymous Coward | about a year and a half ago | (#43231159)

So when the Chinese hack America from an infected Swiss machine the US will bomb Switzerland? From outside it looks like that the military class has a disproportionately large influence in American politics.

Or when a solar flare punctures a big enough hole in the GPS network over a popular enough shipping/logistics lane and causes an accident that destroys enough property and takes enough life ...

Re:Frightening (0)

Anonymous Coward | about a year and a half ago | (#43231525)

Who says this attack did not come from the banking industry. Maybe they are really iching to see a fight for which they can finance both sides in keeping with their traditions..

I say dams are legitimate targets. (-1)

Anonymous Coward | about a year ago | (#43229791)

I say dams are legitimate targets.

Yes. (0)

Anonymous Coward | about a year and a half ago | (#43229987)

I say dams are legitimate targets.

Isn't it interesting that as we become more "civilized" and come up with rules for war, we have more of them?

I think if we bring back the Roman way - kill everyone down to the last man woman and baby, tourch the city and salt the Earth - maybe we'd have less wars.

Yep ... and here we are with our 10th aniversary of the Iraq war.

Yes siree. We're so civilized.

Re:I say dams are legitimate targets. (0)

EmagGeek (574360) | about a year and a half ago | (#43230051)

So are hospitals, IMHO.

In fact, in any war, Hospitals should be the FIRST things blown the smithereens. Then, your enemy has no hospitals - no way to treat anyone who is injured - and will absolutely have to surrender because any other option means slow, painful deaths for their citizens.

Hospitals, dams, power gen, water treatment, bridges, and schools should all be the very first targets destroyed in any war.

Re:I say dams are legitimate targets. (1)

shentino (1139071) | about a year and a half ago | (#43230237)

citizens.

Deliberate targeting of civilian assets is a well established violation of the laws of war.

Even when done accidentally it's considered collateral damage and in cases of profound recklessness the aggressing party may be liable for reparations.

Re:I say dams are legitimate targets. (0)

Anonymous Coward | about a year and a half ago | (#43230351)

"Laws of War" is an oxymoron.

WW2 was not won by following "laws of war." It was won by dropping nuclear fucking weapons on civilian targets. It was won by fucking carpet bombing Dresden and a dozen other German cities.

If WW2 were fought following today's "'laws of war," we'd all be eating sauerkraut and speaking German.

Re:I say dams are legitimate targets. (1)

viperidaenz (2515578) | about a year and a half ago | (#43230429)

There wouldn't be any Jews left either.

Re:I say dams are legitimate targets. (1)

viperidaenz (2515578) | about a year and a half ago | (#43230437)

Unless you properly win the war and there is no party left to pay reparations.

Re:I say dams are legitimate targets. (1)

shentino (1139071) | about a year and a half ago | (#43230713)

Fighting dirty in a war tends to piss off the world at large and is very costly in terms of international relations. Which in turn has strategic implications if you need their support in the future, or if they may choose to retaliate out of principle.

As an example, I cite how the Holocaust was the main factor resulting in the Nuremberg trials.

Hitting someone below the belt is a good way to bring your opponent down, but your victory will be short lived if you get an army of outraged fans climbing the ropes to poke your eyes out.

Re:I say dams are legitimate targets. (1)

viperidaenz (2515578) | about a year and a half ago | (#43230805)

Would there have been Nuremberg trials if Germany took over Europe?

Re:I say dams are legitimate targets. (2)

jewens (993139) | about a year and a half ago | (#43232491)

Sure, but Joe and Winston would have been the ones on trial.

Re:I say dams are legitimate targets. (0)

Anonymous Coward | about a year and a half ago | (#43231271)

> Fighting dirty in a war tends to piss off the world at large and is very costly in terms of international relations.

I dunno... it worked pretty well for American rebels during the Revolutionary War against Britain. British military leaders had their hands tied and were forced to fight in a "respectable" manner so as to avoid antagonizing the (presumably, and as a matter of fact, mostly) content loyalists who were either ambivalent or happy under British rule. The fact of the matter is, Americans basically *invented* the concept of asymmetric guerrilla warfare. It's how a group of poorly-armed amateurs managed to beat the crap out of one of the mightiest empires the world has ever seen. George Washington didn't cross the Delaware wearing an immaculate uniform and photo-ready (pretending they had cameras) wig that would have made a member of Britain's House of Lords envious... truth be told, he probably looked more like Che Guevara in a ragged winter coat.

Half the reason why the British walked away from the American Revolution and let us have our way was because their entire government pretty much took for granted that we'd be buried up to our ears in shit and squalor within a decade, and BEGGING them to take us back. We ultimately proved them wrong, of course, but their arrogance wasn't entirely unwarranted. When news of the Civil War reached London, people were taking bets over how many days it would be until the Confederacy went bankrupt & had delegates heading to London to seek protection from the North as British Territories, or maybe as a new Dominion.

American history has been very, VERY extraordinarily whitewashed & sanitized over the past 100 years. The truth is a lot grittier than most of us will ever realize. To a large extent, we fought dirty, then hit the jackpot and became fabulously wealthy from natural resources that were almost embarrassingly abundant compared to just about anywhere else in the world.

Re:I say dams are legitimate targets. (1)

fluffy99 (870997) | about a year and a half ago | (#43231277)

Well there wouldn't be a US if we hadn't fought dirty against the Brits.

This just in: Still clueless (4, Insightful)

girlintraining (1395911) | about a year ago | (#43229807)

These people still do not understand the basics of networked systems. Adherence to this proposed list requires several things which are absent on the global telecommunications networks. First, determining who's attacking. In conventional warfare, attributation is easy: They're wearing distinctive uniforms. Computer viruses and malware doesn't have an embedded flag in it to tell you which government sent it, and even if it did, it couldn't be trusted. Second, attacks that are meant to go after one thing can inadvertently hit something else (collateral damage). This is usually geographically-based in the real world... if a hospital happens to be next to a military munitions depot, umm, oops? But online, the hospital could be in another country and yet still be hit by the attack, because its digital signature is similar to the actual target. Either it's on the same network, or has a similar network address, or even a simple one character typo, is all it takes to send a "cyber bomb" (gags) veering off target. And last, but not least... you can have all the countries on Earth sign this and it still leaves out the guns for hire, the mercenaries. The A-Teams of the digital world: Freelancers. They don't have to go by your rules, and if a hospital happens to have a juicy source of personal information that could be turned into cash through extortion, blackmail, or reselling, they may just decide to go for it.

This document underscores just how little our military and political leaders understand about this new theatre of war. They're drafting up treaties without even knowing where the borders are yet.

Re:This just in: Still clueless (-1, Flamebait)

Intrepid imaginaut (1970940) | about a year and a half ago | (#43229937)

Correct. As long as there is online anonymity, all the agreements in the world mean nothing. With that said, long live online anonymity.

Re:This just in: Still clueless (3, Funny)

malacandrian (2145016) | about a year and a half ago | (#43229947)

In conventional warfare, attributation is easy: They're wearing distinctive uniforms. Computer viruses and malware doesn't have an embedded flag in it to tell you which government sent it, and even if it did, it couldn't be trusted.

Just require all state-sponsored malware to be signed and verified by the a third party. I can see no reason why such a system would fail.

Re:This just in: Still clueless (4, Funny)

girlintraining (1395911) | about a year and a half ago | (#43230003)

Just require all state-sponsored malware to be signed and verified by the a third party. I can see no reason why such a system would fail.

"Unable to launch nuclear missiles; The application was unable to contact the licensing server. If the problem persists, please contact your network administrator. The launch bay doors will now close."

Re:This just in: Still clueless (0)

Anonymous Coward | about a year and a half ago | (#43242675)

Followed by
"Igniting engines"
"Releasing clamps"

Re:This just in: Still clueless (1)

geekoid (135745) | about a year and a half ago | (#43230033)

"These people still do not understand the basics of networked systems. "
yes they do, and probably better then you do.

" First, determining who's attacking. "
often easier then you think. You act as if there isn't 100's of people smarter on you working on this every day. Don't make that mistake. I have seen virus traced to a single group with some pretty inventive ways. Plus, people talk more then you would think.

"Second, attacks that are meant to go after one thing can inadvertently hit something else (collateral damage). "
yes, and that is frowned upon. For example,. if a bomber accidentally took out a damn that flooded thousands of people. That's frowned upon on the global stage. and yes, there are ramifications for this, sometimes they last decades.

" could be in another country and yet still be hit by the attack, "
and the attacker shouldn't be responsible? Of course it would require the collateral damage to have the same vulnerabilities as that intended target. A lot of these attacks are very specific to targets.

"They don't have to go by your rules, "
HAHAHAHahaha. oh you. The poeple that hire them would be responsible, and the country would demand their arrest.

You post underlines how little you know of current SotA technology, the political playing field, and the current global stage.

you caa't even grasp what its about, much less the details.
Go back to Norris jokes and eating cheesy poofs

Re:This just in: Still clueless (1)

apoc06 (853263) | about a year and a half ago | (#43230599)

----"You act as if there isn't 100's of people smarter on you working on this every day. Don't make that mistake. I have seen virus traced to a single group with some pretty inventive ways. Plus, people talk more then you would think."

This may be the case with many normal attacks, but once you start considering the sophistication of state sponsored attacks [which TFA is referring to], it becomes quite difficult to track down the true source. Most times this generally relies on the attacker making a mistake somewhere.

----"A lot of these attacks are very specific to targets."

This is also true "for now". Not all actors on the world stage have the same level of concern for collateral damage. There are currently no set rules regarding targeting; just a "gentleman's agreement" amongst countries that do not even admit to actively participating in cyber warfare in the first place.

Re:This just in: Still clueless (1)

xQx (5744) | about a year and a half ago | (#43230109)

"Second, attacks that are meant to go after one thing can inadvertently hit something else (collateral damage)."

So, war was originally fought between kingdoms where the peasants didn't vote their king in. It was generally regarded as poor form to attack peasants because the kingdom relies on them regardless of who the king is. The king had a military, who fought other kings and other kings military.

In western society we evolved some strange rules of war, which evolved to 'civilized' war - when people would stand in lines at opposite ends of a clear paddock and shoot at each other. Snipers, assassins etc. were regarded as poor form.

We have uniforms for skirmishes, it's nice to have a uniform so you can easily tell if someone is on your side or not.

But then we had a couple of world wars and found that these Asians didn't play by 'civilized' rules. They somehow had this strange notion that war was about winning - sniping, torture, kamikaze, assassins, spies - were all valid means to an end. In a rather wicked turn of events, that 'end' was a western attack that resulted in the death of 100,000 to 200,000 Japanese civilians.

" In conventional warfare, attributation is easy: They're wearing distinctive uniforms. "
Veitnam was a further wake-up-call to the west, (that's the war we lost) - It started out with the south Vietnamese fighting the north, then we came in to help, but couldn't tell the difference between an north and south Vietnam combatant, and couldn't tell the difference between a combatant and non-combatant (what?! The CHILDREN are COMBATANTS?!) .

"This document underscores just how little our military and political leaders understand about this new theatre of war."

I couldn't agree more. Now we are fighting via remote control, in a world of mutual assured destruction, where the peasants vote for their kings(presidents) who wage war - so you could say that the civilian population is now at least in part responsible for their warlords.

So you tell me - just what is a "proportional response" to a 'drone' - a flying assassin that is controlled from the other side of the planet, given orders by a warlord who was elected by his peasants; that you can't kill, but it can kill you. It might target an individual, but could take your wife and children in doing so, depending on the orders that it's being given by your enemy, and the value they put on "collateral damage".

The rules of war have changed. The rules of mutually assured destruction and proportionate response are being re-defined.

Geneva never really had a chance of developing a document that would still be relevant in 10 years time.

Re:This just in: Still clueless (0)

Anonymous Coward | about a year and a half ago | (#43231295)

> But then we had a couple of world wars

Actually, it happened about 150 years before that, in a war you might have heard about called the "American Revolution". The United States basically *invented* the concept of "guerrilla warfare". Ragtag amateurs with no regard for the formal rules of war, who went out and beat the crap out of well-armed, well-trained professional mercenary soldiers who were the 18th Century's version of Blackwater (the Hessians).

Re:This just in: Still clueless (1)

viperidaenz (2515578) | about a year and a half ago | (#43230421)

In conventional warfare, attributation is easy: They're wearing distinctive uniforms.

Because people are physically incapable of changing clothes.

Re:This just in: Still clueless (0)

Anonymous Coward | about a year and a half ago | (#43230425)

These people still do not understand the basics of networked systems.

I stopped reading after that. You are missing the point. People will speak up. They won't go after cyberwar criminals like they go after piracy. If this will happen, people might turn over documents proving who caused the attacks. They won't do grep 'sshd' /var/log/.

Re:This just in: Still clueless (1)

RedLeg (22564) | about a year and a half ago | (#43230513)

There are flaws to both sides of your analysis because you left out a couple of "players" which are obviously and currently present in both meatspace and cyberspace: terrorists and rogue states.

Terrorists typically have no specific nationality, do NOT wear uniforms, and are not necessarily readily identifiable as such, or as to their origin or objective.

Rogue States simply by definition do not follow the rules, and believe it or not, in conventional warfare, there are internationally recognized laws of war, Geneva conventions, etc. Not only do these guys not play by the rules, they have also been known to sponsor terrorists, and hackers.

The proposal might help if signatory nation states ever openly "went at it". It won't help in the case of covert attacks because of the problem you and others point out of attribution, and won't help at all with the players I describe above.

They'll simply ignore it.

Red

Re:This just in: Still clueless (1)

Sarten-X (1102295) | about a year and a half ago | (#43234049)

The proposal might help if signatory nation states ever openly "went at it".

All such treaties and agreements are applicable only to the nations involved, but they do let both nations stand together and apply political pressure on non-NATO countries with a bit of mutually-reinforcing moral high ground:

We've agreed not to attack hospitals, so why do you still consider hospitals to be targets?

In war, even the complete destruction of your enemy doesn't guarantee victory. The goal is to win both the military battles and the political battles, so your control is recognized once the fighting stops. Fighting dirty might make military victories easier, but you'll piss off other states who may have otherwise been accepting of your rule.

Covert attacks from unknown parties could indeed avoid the political condemnation of treaty signatories, but once they start taking the blame for the prohibited attacks, they start losing political acceptance. If a rogue group ever intends to mainain or rise to power, they'd do well to avoid such rule-breaking attacks, even though the rules don't really apply to them.

Re:This just in: Still clueless (1)

stephanruby (542433) | about a year and a half ago | (#43230537)

This document underscores just how little our military and political leaders understand about this new theatre of war. They're drafting up treaties without even knowing where the borders are yet.

Don't worry. It's not like the US/NATO adheres to the real Geneva Convention.

Even its own Constitution, the US makes a mockery of it by ignoring the clear language the Founding Fathers used to describe who it pertained to.

Re:This just in: Still clueless (1)

fluffy99 (870997) | about a year and a half ago | (#43231301)

Our military is very much aware of the new theater and have a heck of a lot more information about it than the average citizen. Attribution in conventional or unconventional non-nation state warfare as we see in the Middle East is not as simple as you make it out to be. A good example would be roadside bombs, where it's not immediately obvious which group was responsible. Someone of Arabic descent bombed the train, but which terror group did it?

Despite what you think, malware does contain indicators of the country of origin and can be traced albeit not with 100% certainty. Just look at Stuxnet which was designed by experts and had plenty of clues and hints as to its authors. You can reverse engineer a piece of software and figure out hints like what compiler was used, the native language, other hints like date conventions, etc.

And oil rigs (2)

plover (150551) | about a year ago | (#43229819)

They might leak and make a mess. And electric grids, boy, that would be inconvenient. And not water treatment plants, or traffic signals. And not banks or shops, either.

The Geneva Convention worked (mostly) because there were mutual prisoners of war who could be mistreated, and horrific effects all around from mustard gas. If Anonymous could post flashing GIFs on an epileptic support group web site for teh lulz, what makes anyone think an attacker will stop at a hospital's firewall?

Re:And oil rigs (1)

girlintraining (1395911) | about a year and a half ago | (#43229963)

what makes anyone think an attacker will stop at a hospital's firewall?

"Excellent question, Internet! To answer that, I'm going to turn the mic over to Government Man, a man from the government. Take it away, Government Man!"

Well, fellow Netizen, it's basically like this. We're the government. The government controls everything, starting with you. Now we know you get these things called liberties and freedoms and stuff, and we let you hold on to the notion that you have them, because they keep you in line. But make no mistake, we're in charge, not you. And we're not gonna have it be any different on this newfangled interwebtubes thing. So we're going to create a bunch of treaties and laws made using really big letters, and possibly with a bunch of all caps "PROHIBITED ACTIONS, DEFINED." sections as well. And that should scare most of you off doing anything we don't approve of, leaving just a very small number of agitators that we'll ask your neighbors and friends to turn on for a healthy profit. It's worked everywhere else, and I don't see how it could fail here either. But if it does, we'll just have to start detaining, disappearing, and murdering our way through the general population until an appropriate level of fear is instilled in them -- enough to flush out the people we don't like. It's worked well enough for us since about 8000 BC, and we're pretty sure it'll work just fine here as well. Back to you, forum poster!

"Umm, thank you for that enlightening post, Government Man. Now if you'll excuse me, I'm going to be deleting my browser history and then cowering under my desk."

Re:Just bomb them instead (1)

jblb (2639331) | about a year and a half ago | (#43230357)

So it's not ok to hack Hospitals and Dams, but it's fine to drop bombs on them?

Re:And oil rigs (0)

Anonymous Coward | about a year and a half ago | (#43232487)

They might leak and make a mess. And electric grids, boy, that would be inconvenient. And not water treatment plants, or traffic signals. And not banks or shops, either.

The Geneva Convention worked (mostly) because there were mutual prisoners of war who could be mistreated, and horrific effects all around from mustard gas. If Anonymous could post flashing GIFs on an epileptic support group web site for teh lulz, what makes anyone think an attacker will stop at a hospital's firewall?

The same reason the Geneva Convention works most of the time: because rules in war are there to be obeyed, and violation of those rules cause other nations to involve themselves in the conflict. You don't want to have the world against you because you hacked some hospital or dam, just like you don't want to have the world against you because you blew one up.

Re:And oil rigs (1)

plover (150551) | about a year and a half ago | (#43233285)

That's the thing about cyberwar. Anyone can jump on the battlefield, from anywhere, at any time. You don't have to spend billions of dollars to field a standing army of cyberwarriors, or rabble-rouse your church members into forming a militia. You can be sitting alone in your mother's basement, muster up a couple thousand bots, and suddenly you're making as much impact on the world as the entire nation-state of North Korea. People who do that have shown themselves to have notoriously poor judgement when it comes to many things, including choices of targets. It only takes the one person, and he's certainly not a signatory to the no-soft-targets treaty.

Rationally thinking about it, someone who can go from "the kid who doesn't help his mom with the trash" to "world power" is going to realize the personal consequences can never outweigh the balance of power they wield. If you were to unleash an all-out attack on dams around the world, manage to open the floodgates and disable the systems that would shut them, you could destroy dozens of populated valleys, killing or displacing thousands of people. There is no sentence commensurate with mass murder. They have only one life to lose; and the continued existence of suicide bombers demonstrates that plenty of people are willing to die for their causes. And the number of school shooters is proof that people are even willing to die for absolutely nothing at all.

Every nation is at least half full of innocent people who are unwilling to sacrifice themselves for the Glory of Dear Leader, and they have a much better self-preservation instinct than an individual, so they will typically obey such a concord. But the "mutually assured destruction" incentives that the Geneva Convention was built around fall apart when one side has nothing to lose. Sadly, we're seeing evidence of that in Syria today, where Assad is in such a losing position that he is now using chemical weapons.

Get off our lawn (2)

mars-nl (2777323) | about a year and a half ago | (#43229893)

Can't all these generals just get on World of Warcraft of whatever online game and fight each other there, instead of wasting everyone's money on using our internet as their newest play yard?

Re:Get off our lawn (3, Insightful)

Nyder (754090) | about a year and a half ago | (#43229985)

Can't all these generals just get on World of Warcraft of whatever online game and fight each other there, instead of wasting everyone's money on using our internet as their newest play yard?

Because of all the Chinese gold farmers, the Chinese will have the advantage.

Re:Get off our lawn (0)

Anonymous Coward | about a year and a half ago | (#43230001)

Generals don't usually want to fight, they might get hurt and filling out all the paperwork to replace damaged, destroyed, or lost boxes of toilet paper is really dull.

It's the politicians who employ the generals who should be trapped in a full immersion World of Warcraft sim, so they get all the upset and irritation that comes from fighting a war.

Stop the politicians, and you stop the war.

Re:Get off our lawn (0)

Anonymous Coward | about a year and a half ago | (#43230177)

Because there's no way to enforce the outcome of the virtual match in the real world other than actually going to war anyway.

You know (1)

geekoid (135745) | about a year and a half ago | (#43229955)

you can only poke the bear for so long.

military industrial complex propaganda (0)

Anonymous Coward | about a year and a half ago | (#43229995)

The UN has no credibility.

War is War (0)

Anonymous Coward | about a year and a half ago | (#43230017)

War is War, and War should be fought to be won, at all costs.

We've watered down the concept of War to the point that we too easily run off and start one because it's not really War anymore.

If War really meant War, we wouldn't start one unless the objective was to actually fight and win a war.

War means you shoot and bomb the everliving shit out of your enemy until you obtain complete and utter capitulation and compliance with your terms.

War does NOT mean you blow up a few military targets here and there to make a fucking point.

Re:War is War (1)

AHuxley (892839) | about a year and a half ago | (#43230463)

The US and UK have learned from : The French in Vietnam/Algeria,
The UK in Malaysia, Ireland
Russia in Afghanistan
Russia in Chechnya
South Africa and it long boarder wars
The death squads of Latin/South America.
To actually fight and win a war you end up with Iraq and NATO in Afghanistan - the body count, body bags, drone wars in Africa, Pakistan...
You have to hold the country, change the country and get a lot of locals to betray their country long term.
Better to use local/regional youth as "freedom fighters" as MI6/CIA/SAS are doing to Syria, Iran, Africa and fund them/help them long term.
Constant tension is way more fun for job security, contractors, mercenaries, political leaders and military academies.
As for cyber war - the West gave the world Stuxnet, NATO bombed the Radio Television of Serbia headquarters, NATO went after Serbia's power grid, the Grdelica train bombing, Chinese embassy in Belgrade-
So a train, some "embassy", a television station are all "mistakes" under international law..
A power grid, Stuxnet seems to be fair game... We seem to be doing just fine with getting "utter capitulation and compliance".
All civilians can look forward to is cyber war offering power cuts, no local tv and the idea to avoid any embassy districts?
That will connect with peoples insulin, chemotherapy, water purification, sewerage pumping/treatment, food distribution...
That was the last war - the next war comes with drones- turn on that generator in suburbia - you could be powering a cell tower/helping block a drone's signal, helping with "passive radar"- no more generator for you.
Cyber war is way beyond just computer networks - its about turning off anything electrical via a network or a drone :)

Ive got a simple one (0)

Anonymous Coward | about a year and a half ago | (#43230023)

Don't weaponize the internet.
We have seen how bad weaponizing space can be.

This is why we can't have nice things. Keep hacking illegal and spend those billions on cracking down on those who violate the 'peace'. No one wants to be the cyber-south Africa and give up their cybernukes. We should resist and draw down the militarization.

Captcha: Lawgiver

Is there really a "Cyber War" ? (1)

llzackll (68018) | about a year and a half ago | (#43230027)

I don't believe any of the hype I hear on the news about the "Cyber War". Is it real?

I just don't see how they can claim that power grids, and other critical infrastructure are as vulnerable as they say, especially when the fix is easy: Take them off the public Internet.

Re:Is there really a "Cyber War" ? (0)

Anonymous Coward | about a year and a half ago | (#43230205)

Iran's nuclear program was air-gapped. It was still hit.

Re:Is there really a "Cyber War" ? (1)

viperidaenz (2515578) | about a year and a half ago | (#43230385)

Did someone add WiFi to their centrifuges?

Hijinks ensue in definition? (2)

girlinatrainingbra (2738457) | about a year and a half ago | (#43230077)

What, should the main page return a "Red Cross" or a "Red Crescent" or an appropriate meta-tag on a web-site's front page in order for it to qualify as an "off-limits" target? Will it be like saying "hey they're not really soldiers 'cause they're not wearing a uniform with patches 'n' shit!" forgetting that the USA's minute-men and civilian militia were definitely a rag-tag bunch of townies who also wore no uniform, while King George's men had their beautiful red-coats!
.
Has the USA turned ourselves into the British colonial empire building with our own red-coats? Why would anyone think the USA would follow a NATO directive or another Geneva convention about "cyber-warfare" when the USA is currently unwilling to follow the already agreed-to Geneva Convention against torture and extra-ordinary rendition and recognition of the sovereignty of other states?

Re:Hijinks ensue in definition? (1)

DNS-and-BIND (461968) | about a year and a half ago | (#43231093)

USA didn't join the Geneva Convention until 1862. And yes, the British would execute any rebels they caught, just like today ununiformed combatants are subject to summary battlefield execution. Also conveniently ignoring the Continental Army, which was a regular military force.

Re:Hijinks ensue in definition? (1)

gl4ss (559668) | about a year and a half ago | (#43235043)

USA doesn't adhere to geneva convention today so....

I really don't see the point. (3, Insightful)

TsuruchiBrian (2731979) | about a year and a half ago | (#43230085)

Everyone just breaks these sorts of rules whenever they feel like. It just provides an excuse to attack other countries shrouded in contrived legitimacy. If we want to attack a country for hacking into a dam we'll do it. If other countries want to be mad at us or even retaliate, they will do that. Pretending that we are just following some coherent rules is a joke, and this should be transparent to everyone.

Here is how this works:

1. We do what we want. This is the most important part. Example countries like Axistan are there for our benefit.

2. We invent rules giving us justification for attacking other countries and removing justification from other countries to attack us. Example A: Axistan is bad because they cyber attacked our hospitals and dams. We need to destroy them. Example B: Axistan attacked us for cyber attacking them, but since we attacked just about everything except their hospitals and dams, their retaliation was unjust and therefore they are the initial aggressors and now we must destroy them.

3. We pretend these rules are fair and implicitly agreed to by all other countries. Any country that would not agree to these terms is surely an evil country that gets what's coming to them anyway. So even though Axistan never agreed to this rule, we can still punish them for violating it.

4. When it doesn't work out the way we expected, and we need to break our own rules, that's ok because we still have all the guns, and the American people have a short memory. Oops it turns out we needed to cyber attack one of Axistan's dams. That's fine we'll just invent some reason why it was justified. You mean Axistan somehow managed to cyber attack us without hitting any hospitals or dams? Well lets just invent some reason why it actually broke our rules and lets attack them anyway.

All of this political bullshit is designed to trick a gullible American public that those in charge are righteous in our actions. I think this is giving far too much credit to the average American's ability to think critically. We can skip most of this show and dance. It would be less insulting to the intelligence of all involved if we just said "We're taking your stuff because we want to and we are bigger."

In a lot of ways we never really evolved past the politics of the playground. We just wear suits and use expendable high school kids with m-16s and m-1 tanks to pick on the other kids. We are a bully. But that's the way the world is. There are no adults to make us play nice or punish us. We're all bullies or victims or both. It's lord of the flies on a macro scale.

Dams? (3, Informative)

viperidaenz (2515578) | about a year and a half ago | (#43230381)

Since when were they off the table for war? They blew up German dams in WW2.

Re:Dams? (2)

mjwalshe (1680392) | about a year and a half ago | (#43230557)

That was prior to the current UN laws of war - the USA did not attack dams in Korea as there was debate about its legality.

Re:Dams? (1)

AHuxley (892839) | about a year and a half ago | (#43230671)

A multi national might own the dam~ think of the paperwork to a long term loan.
Better just to short out/ the city/national grid as its for the war effort - tell the press its for local radar, SAM sites.
Make good PR with the optics of a non lethal graphite bomb ie the "Blackout Bomb".
You can get 70%+ of that country's power grid anytime you want.

Off-topic (2)

FatLittleMonkey (1341387) | about a year and a half ago | (#43230701)

The Hermit Kingdom's obsession with propaganda and rewriting history, and common language and history with South Korea, seems to make it ideal for a "backdoor" cultural attack.

The modern equivalent of a propaganda leaflet drop. Smuggle, or even airdrop, OLPC-style satellite receivers into North Korea, able to receive dedicated Korean language info dumps from suitable satellites, as well as rebroadcasted live radio and (power willing) TV channels. News, music, live weather, etc. (And dedicated counter-propaganda channels.) And encyclopedias, text books, banned poetry/history/music, stored on the devices. Modular, repairable, with solar panels and crank-generators repurposeable to reduce the number of units turned in or destroyed.

Designed in South Korea, manufactured in China, a few hundred thousand units per year. Bargain.

[Designed well, they could be more generally suited to the poorest parts of the world. Charities might buy them, increasing the production size, reducing the per-unit costs.]

INSERT INTO slashdot VALUE cyber.bullshit (0)

Anonymous Coward | about a year and a half ago | (#43231251)

Or try not using Windows ...

Really Now (0)

Anonymous Coward | about a year and a half ago | (#43231299)

Obviously the US does not follow the Geneva Convention that we whine about incessantly. An electronic Geneva Convention would hardly be honored by us and it certainly would not be followed by other nations including gangs of terrorists.
                        If we followed any civilized protocols Bradley Manning would not have been kept nude and isolated nor would we have tortured prisoners or asked anything of them other than their names. We also would not have used quite a few weapons of war such as shotguns in Vietnam.
                          Matter of fact the Unibomber was subjected to savage experiments by the CIA through a psychologist named Murray at Harvard well before he lashed out and became a killer. Apparently we should not have him as a prisoner at all as the very idea of the experiment was to overwhelm an unstable person and see how he reacted. Well we did find out what can happen if you break a man's mind.

Seriously? (0)

Anonymous Coward | about a year and a half ago | (#43231843)

So, following that line of reasoning, if someone cuts my cable and hacks my bank account I have the right to kill them? Um....no.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?