Hacking Back: Cyber Command lawyer pushes for speedier military responses

GEAR CHECK: Our readers don't just follow the news - they stay ready. Featured gear from this story is below.

Dylan Lassiter

The increasing rate and impact of cyber-attacks on U.S. companies, state actors, and others, has led some in the field to reconsider how U.S. Cyber Command should handle the issue moving forward.

The increasing rate and impact of cyber-attacks on U.S. Kurt Sanger, a member of Cyber Command’s general counsel, is one of the few advocating for a reevaluation of how military anti-hacking operations are decided. He believes that the planning stage for militarily countering cyber-attacks should be reconfigured.

And that it should be done with speed in mind.

Sanger, alongside fellow Judge Advocate Peter Pascucci, co-authored an article on Lawfare.com earlier this month that highlights the need for expedited responses when it comes to cyber-attacks in the U.S.

Before delving into the need for change, the authors tap into the domestic context of cyber. They claim that “The cyber incidents encountered in this calendar year alone are sufficient to highlight the United States’ mounting security challenges.”

Continuing this thought, the authors acknowledged, “The scope and scale of harm from these incidents are also increasing in comparison to past cyber incidents.” The comparison made here is between previous attacks on “discrete communities,” and those that impact a much wider group of people.

The Colonial Pipeline attack in May is just one example of how wide of an impact these sorts of attacks are currently capable of.

Right intention, wrong focus

A separate Lawfare.com post from April, written by Jason Healey, offers a five-pronged test to determine the appropriateness of a U.S. military cyberspace response to criminal hacking activities.

Healey’s list is as follows:

1. Imminence:  There is an upcoming national-security-relevant window of U.S. or allied vulnerability OR intelligence suggests the malware is about to be used in a far more dangerous manner AND

2. Severity:  The targeted malware is particularly large or dangerous OR Likely to cause deaths AND significant destruction of the kind normally associated with military weapons AND

3. Overseas Focus: The targeted malware is located largely overseas, not within the United States AND

4. Adversary:   The targeted malware is tied to a major adversary: China, Russia, North Korea or Iran; AND

5. Military as a last-ish resort: No one else taking effective action OR Military disruption can uniquely complement actions by others.

After injecting the list, Healey states that “In practice, in an emergency, some operations could be approved that meet most but not all criteria.” And that,“The malware must have a connection to a nation-state to ensure it is a proper target for military force.”

The problem here is that “Military Force” in the context of cyber does not usually entail agony or death throes. It is a coordinated engagement with someone targeting U.S. interest’s from afar, and usually involves a counter-attack which isn’t going to result in physical violence.

What Healey’s pronged approach advocates for, albeit implicitly, is a dismissal of scope of impact as the primary determining factor for who should be taking charge of handling such attacks.

By limiting Cyber Command to stringent qualifications pertaining to foreign policy, and to concerns about modality of impact, for action, the only thing left from consideration is the total amount of normal individuals that should be protected from being victimized by attacks like this.

We must safeguard innocent American citizens, regardless of who does the attacking and if the attack is violent or not.

 

You may also like

Blog

For decades, many women serving in military and peacekeeping roles wore body armor designed primarily for men, often sacrificing comfort, mobility, and even protection. Today, that is beginning to change. Through the deployment of Aspetto's MACH-V Female Body Armor, women serving in United Nations peacekeeping missions are receiving equipment designed specifically for their anatomy, improving both safety and operational effectiveness in some of the world's most dangerous environments.
U.S. Senator Lindsey Graham, one of the Republican Party's most influential voices on foreign policy and a close ally of President Donald Trump, has died at the age of 71 following what his office described as a "brief and sudden illness." His death closes a political career that spanned more than three decades and shaped some of America's most consequential debates on war, national security, immigration, and the judiciary.
Just weeks after the United States and Iran agreed to a ceasefire aimed at ending months of fighting, the fragile truce has unraveled. Fresh military strikes, attacks on commercial shipping, and renewed threats from both sides have reignited fears that diplomacy may be giving way to another dangerous phase of the conflict.
The U.S. Navy has identified the naval aviator who went missing after a helicopter was forced to make an emergency landing in the Arabian Sea. Commander Gabriel Edwards, commanding officer of Helicopter Sea Combat Squadron 5, was posthumously promoted to captain as search efforts came to a tragic end.
A former Michigan Army National Guard member has been arrested after federal prosecutors accused him of trying to help ISIS carry out a mass-casualty attack on a U.S. military base. Investigators say the alleged plot involved drones, explosives, and tactical support before the suspect was taken into custody by the FBI.

Like This Story? Check Out What Our Community Is Buying

Our best sellers are designed for real-world use - not hype.

View Best Sellers