By Christoper Folk (J.D./M.A. in Forensic Science Candidate, ’17)
US Cyber Command $460 million Cyber Project
In a follow-up to a recent cyber round-up, according to NextGov an upcoming $460 million project at US Cyber Command will outsource a number of offensive cyber capabilities to the private sector. NextGov reports that these new weapons that will be developed will give the US military the ability to launch logic bombs which would be capable of causing critical infrastructure to essentially self-destruct. The article quotes the head of Raytheon’s Government Cyber Solutions Division, Ret. Adm. Bill Leigher “When I use ‘cyberwar’, I’m thinking of it, in a sense of war … [s]o yes, war is violence.”
In June, the DoD released the “Law of War Manual.” NextGov reports that the chapter entitled “Cyber Operations” provides three potential actions that the Pentagon deems to be legal in cyberspace:
- Triggering a nuclear plant meltdown
- Opening a dam upstream from a population center
- Disabling air traffic control services
In the article, Dunlap goes on to say that this essentially comes down to a balancing test with reasonable collateral damage on one side and the military objectives on the other; so long as the collateral damage isn’t disproportionately greater than the probability of military success, lethal impacts to civilians are acceptable in a cyber strike situation.
Analyzing the Uncertainty of the Scope and Duration of Cyber Weapons
CYBERCOM spokeswoman Kara Soules indicated to NextGov that it is vitally important to understand the success rate of any cyber weapons. The concept of cyber joint munitions effectiveness indicates that a cyber weapon has been carefully evaluated such that there is an understanding of the rate of effectiveness against a given target, according to the article. NextGov reports that Tim Maurer, a cyber policy researcher at the Carnegie Endowment for International Peace, stated that outside the U.S., governments are also hiring private organizations to develop cyber munitions which include zero-day exploits.
One issue which then arises is the fact that malware is not designed to self-neutralize and consequently the impacts can be far-reaching and of an unknown duration, reports NextGov. For instance, in the case of the Stuxnet virus, which was first revealed back in 2010, Microsoft was still dealing with the after-effects of this virus and issued yet another patch, (latest patch released March 2015), according to NextGov. Consequently, statements that NextGov attributes to Cedric Leighton, a retired Air Force Intelligence and National Security Agency Director, are particularly vexing when Leighton states that the use of cyber munitions is like the strategic bombing campaigns of World War II, where we really didn’t fully understand the consequences of using nuclear weapons.
As our ability to wage war has continued to expand and our use of technology becomes pervasive we seem to be removing some of the human elements from the battlefield. With weapons such as smart bombs and drones, we have enabled military actors to engage targets from locations far removed from the actual theater of operations. While this likely has resulted in saving countless U.S. lives, the psychological impacts are vastly different from those engaged in direct line-of-sight hostilities with enemy combatants …
To read the full article, click here.