The Fog of War is particularly foggy in cyberspace.
Lt. Gen. Keith Alexander, NSA director and the new nominee to head up Cyber Command, produced 32 pages of answers to Senators’ questions leading up to his nomination hearings.
AP wrote a piece on one aspect: the Pentagon’s plan to counter any Internet-delivered attacks “swiftly and strongly.” International law is undefined on these issues…
But commanders have clear rights to self-defense, [Alexander] said. He added that while “this right has not been specifically established by legal precedent to apply to attacks in cyberspace, it is reasonable to assume that returning fire in cyberspace, as long as it complied with law of war principles … would be lawful.”
The problem, of course, is the conundrum of attribution. The apparent source of attacks is almost certainly not the real source of attacks. If you trace the brains of the operation all the way back to a server room in Jilin, China, but the attacks are coming from a server in Alameda, Portugal, do you (electronically) take out the entire internet service provider? What about the related collateral damage?
According to humanitarian law one must always take all efforts to minimize harm to civilians and must react in proportionate ways. It’s unlikely that anyone will die if this Portugese server farm comes down – but it will certainly inconvenience a lot of people. Could you shut off the entire country? If not, where’s the line in there?
These are hard problems. In the same way that terrorists will intentionally hide among civilian populations to use them as shields, international attacks are likely to attempt to route through the most politically problematic places possible.
Counterattack has to be part of the US cyber planning, but it ain’t easy to know who to shoot.