The Conference
Cyberweapons and cyberwarfare have become the most dangerous innovation of this century1 and are now considered by the FBI to be the number one threat to national security.2 Cyberweapons imperil economic, political, and military systems by a single, often minimal act, or by multifaceted orders of effect, creating a dreadful new potentiality in every dimension. Cyberattacks put immense pressure on conventional notions of sovereignty and the moral and legal doctrines that were developed to regulate them. Unlike past forms of warfare circumscribed by centuries of just war tradition and law of armed conflict prescriptions, cyberwarfare occupies a particularly ambiguous status in the traditions and conventions of the laws of war. Does prevention of a cyberattack, which knows no borders, involve violations of the sovereignty of independent nations? While the United States has shown a willingness to consider cyberattacks to be acts of war,3 on what grounds would this be justified? How should states handle cases when the threats stem from non-state actors acting independently of any state or organization?4 Does the prevention and defense against cyberattacks require invasion of privacy and an incursion into the domain traditionally reserved for law enforcement? As such, does it pose a threat to due process rights, or the moral equivalent of such rights in the international arena? These legal ambiguities, devoid of moral perspective, make adherence to the rule of law in cyberwafare more challenging than in any other domain of warfare.5
In the United States, cyberwarfare technology was originally developed by the Bush Administration and the Obama Administration has further expanded its use. While Secretary of State Clinton has claimed that such tactics are used against al Qaeda6, the use of advanced techniques in cyberwarfare is most evident in recent operations against Iran. The United States purportedly developed a data-mining virus called Flame, a reconnaissance virus named Duqu and a computer worm dubbed Stuxnet that interrupted Iran’s nuclear program by attacking industrial control systems and causing Iranian centrifuges to spin out of control. In doing so, the United States has for the first time used computer programs for purposes that until recently could only be achieved through bombs and other conventional weapons. These actions will not be the last cyberattacks by the United States as the Pentagon’s Defense Advanced Research Projects Agency (DARPA) has recently funded Plan X, which has the goal of not only protecting computer systems but developing the capabilities to disrupt or destroy enemy systems.
The United States and its allies are not the only world powers that have been developing a cyberwar capacity. In 2007, security firm McAfee estimated that 120 countries had already developed ways to use the Internet to target financial markets, government computer systems, and utilities. In 2008, the Russian government allegedly integrated cyber operations into its conflict with Georgia. According to these accusations, Russian cyber intelligence units conducted reconnaissance and infiltrated Georgian military and government networks. When the conventional fighting broke out, Russia used cyberweapons to attack Georgian government and military sites as well as communication installations. Foreign militaries, such as China’s, have conducted exercises in offensive cyber operations, both stealing information from other governments and simulating attacks on other countries command and control systems. In 2011, Iran boasted of having the world’s second-largest cyber army. With states around the globe improving their cyberwarfare capabilities, the world may experience a cyberarms race reminiscent of the Cold War’s nuclear arms race.
This conference will assist in proactively addressing the ethical and moral issues that surround cyberwarfare by considering, first, whether the Laws of Armed Conflict apply to cyberspace just as they do to traditional warfare, and second, the ethical posture of cyberwarfare against the background of our generally recognized moral traditions in international and domestic humanitarian practice. If cyberwar must be held to the standards of the laws and traditions of war, then multiple questions arise. Not only is it difficult to determine when a cyberattack amounts to an act of war, but other sources of ambiguity arise even if we are certain that a cyberattack does fall within the ambit of military action? Thus, for example, proportionality is a crucial question in military ethics, as well as in domestic criminal law. It requires that no more force be used than is necessary to repel an attack or meet other legitimate military objectives. But how does one determine a proportional response to a cyberattack?
In a similar vein, the U.N. Charter promises that members will not use the “threat or use of force against the territorial integrity or political independence of any state” (Article 2, Section 4). This provision, however, is likely inadequate with increasing use of cyberattacks. It leads to questions of whether problems of cyberwarfare require new treaties and legal definitions. For example, does the cyberweapons race require treaties similar to the Treaty on the Non-Proliferation of Nuclear Weapons? As the country that controls the internet infrastructure and had the highest percentage of internet business as a share of its economy, the United States is in a uniquely difficult negotiating position in developing any treaties. Furthermore, cyberattacks put immense pressure on conventional notions of sovereignty and the moral and legal doctrines that were developed to regulate them. In a world of attack and destruction without conventional military assets, do traditional notions of sovereignty based on geography and territorial integrity retain their relevance? To address such questions and more, this conference seeks to bring together leading authorities in the law, technology, and ethical philosophy. By better understanding these ethical issues now, we can be better prepared as cybersecurity becomes a more integral aspect of national security.
- Beverly Head, World teeters on cyber-war brink, ITwire.com, May 22, 2012
- See, e.g., FBI: Cyber attacks – America’s top terror threat, RT.com, March 2, 2012, and, J. Nicholas Hoover, Cyber Attacks Becoming Top Terror Threat, FBI Says, Informationweek.com, Feb. 1, 2012
- David Sanger and Elisabeth Bulmiller, “Pentagon to Consider Cyberattacks acts of war” New York Times, May 31st, 2012
- Stewart A. Baker and Charles J. Dunlap Jr., What Is the Role of Lawyers in Cyberwarfare?, ABA Journal.com, May 1, 2012,
- Id.
- “Hillary Clinton boasts of US cyberwar against al-Qaeda” The Telegraph, 24 May 2012
Schedule
8:30 – 9:00 | Breakfast – Great Hall, University of Pennsylvania Law School |
9:00 – 10:15 | Session 1 – Status of Cyberwar in the Law of Armed Conflict Moderator: Kevin Govern, Ave Marie School of Law Shuster Court Room, S-147 Readings: Oona A. Hathaway, Rebecca Crootof, Philip Levitz, Haley Nix, Aileen Nowlan, William Perdue, Julia Spiegel, The Law Of Cyber-Attack California Law Review, Forthcoming 2012 David Turns, Cyber Warfare and the Notion of Direct Participation in Hostilities” Journal of Conflict & Security Law, Summer 2012 Sean Watts, Combatant Status and Computer Network Attacks” From the Selected Works of Sean Watts, February 2010 |
10:45 – 12:00 | Session 2 – Are Offensive Uses of Cyberweapons Justified for National Security Moderator: John Dehn, West Point Center for the Rule of Law Shuster Court Room, S-147 Readings: Harold Koh, “International Law in Cyberspace” State Department David Sanger, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, Chapter 8 “Olympic Games” Randall R. Dipert, The Ethics of Cyberwarfare Ethics and Emerging Military Technologies, December 16, 2010 James Cook, Cyberation and Just War Doctrine: A Response to Randall Dipert Journal of Military Ethics, 2010 Strategy for Operating in Cyberspace, Department of Defense, July 2011 |
12:00 – 1:30 | Lunch and Keynote Address: General (Ret.) James CartwrightPenn Law Courtyard |
1:30 – 2:45 | Session 3 – Cybersecurity, Privacy and Police Powers Moderator: Anita Allen, Penn Law Shuster Court Room, S-147 Readings: Nicole Perlroth, Software Meant to fight Crime is Used to Spy on Dissidents, New York Times Kerry L. Childe, Cybersecurity and Privacy: Three Federal Proposals SciTech Lawyer Anita L. Allen, The Virtuous Spy: Privacy as an Ethical Limit The Monist, 2008 |
3:15 – 4:30 | Session 4 – Cyberwar and International Humanitarian Law Moderator: Jens Ohlin, Cornell Law Shuster Court Room, S-147 Readings: Patrick Lin, Fritz Allhoff, and Neil Rowe, Is It Possible to Wage a Just Cyberwar? The Atlantic, June 5, 2012 Roger Crisp, Cyberwarfare: No new Ethics Needed” Practical Ethics, June 19, 2012 Jeffrey T.G. Kelsey, Hacking into International Humanitarian Law: The Principles of Distinction and Neutrality in the Age of Cyber WarfareLt. Col. Patrick Franzese. “SOVEREIGNTY IN CYBERSPACE: Can it exist?” Air Force Law Review 64 (2009):1-42 Michael N. Schmitt, “Attack” as a Term of Art in International Law: The Cyber Operations Context Daniel Rosenfield, “Rethinking Cyberwar” Critical Review: A Journal of Politics and Society |
5:00 – 6:15 | Session 5 – Cybersecurity and the Private Sector Moderator: Derek Jinks, Penn Law Visitor Shuster Court Room, S-147 Readings: Mary Ellen O’Connell, Cyber Security without Cyber War Journal of Conflict & Security Law, 2012 Susan W. Brenner with Leo L. Clarke, Civilians in Cyberwarfare: Conscripts Vanderbilt Journal of Transnational Law Amitai Etzioni, Cybersecurity and the Private Sector Issues in Science and Technology Eric A. Fischer, Federal laws Relating to Cybersecurity: Discussion of Proposed Revisions Congressional Research Service, April 23, 2012 Tim Maurer, Breaking Bad: How America’s Biggest Corporation Became Cyber Vigilantes Foreign Policy Magazine, September 10th, 2012 |
6:15 – 7:15 | Cocktails – POD restaurant (3636 Sansom Street) |
7:15 – 8:45 | Dinner and Keynote Address: Major General John Davis |
Participants
Henry R. Silverman Professor of Law and Professor of Philosophy
Retired Vice Chairman JCS
United States Air Force Academy, Dept of Philosophy
Chairman of Federal Systems
President Dell Dailey and Family
Major General – U.S. Army
West Point’s Center for the Rule of Law
University of Buffalo
Penn Law
Ave Maria School of Law
Yale Law
Temple Law
U.S. Army Reserve
Penn Law, Visitor
New York lawyer
Vanderbilt
Penn Philosophy
Cornell Law School
Penn Law
ACLU Washington office
University of Pennsylvania
Electronic Frontier Foundation
Independent journalist and contributing writer to Fast Company
Penn Law
Human Rights First
Penn Law
Attorney-at-Law
Background Readings
BACKGROUND
- Mark Clayto, Cyberwar timeline
- K. Saalbach, Methods and Practice
- Kenneth Geer, Strategic Cyber Security
- United States Government Accountability Office, Defense Department Cyber Efforts: DOD Faces Challenges In Its Cyber Activities
CYBERSECURITY AND THE LAW
- Bradley Cho, Spot the Hacker: Combating Cyberwarfare under the International Rule of Law
- Cordula Droege, No legal vacuum in cyber space
- Oona Hathaway, Rebecca Crootof, Philip Levitz, Haley Nix, Aileen Nowlan, William Perdue & Julia Spiegel, The Law of Cyber-Attack
- Susan W. Brenner with Leo L. Clarke, Civilians in Cyberwarfare: Conscripts
Civilians in Cyberwarfare: Casualties - Sean Kanuck, Sovereign Discourse on Cyber Conflict Under International Law,Texas Law Review
- ”Convention (IV) respecting the Laws and Customs of War on Land and its annex: Regulations concerning the Laws and Customs of War on Land.” The Hague, 18 October 1907
- Mary Ellen O’Connell, Cyber Security without Cyber War
- Cordula Droege, No Legal Vacuum in Cyber Space” ICRC , August 16, 2011
CYBERWAR AND JUST WAR THEORY
- Patrick Lin, Fritz Allhoff, and Neil Rowe, Is It Possible to Wage a Just Cyberwar?
- Roger Crisp, Cyberwarfare: No New Ethics Needed
- A. Edward Major, Law and Ethics in Command Decision Making [PDF]
- Randall R. Dipert, Ethical Issues of Cyberwarfare
DANGERS OF CYBERATTACKS
- Beverley Head, World teeters on cyber-war brink
- Homelandsecuritynewswire.com, China’s cyber espionage campaign described as “the greatest transfer of wealth in history”
- J. Nicholas Hoover, Cyber Attacks Becoming Top Terror Threat, FBI Says
- Bryan Krekel, Patton Adams and George Bakos, Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage
- James A. Lewis, Cybersecurity Assessing the Immediate Threat to the United States
- RT.com, FBI: Cyber attacks – America’s top terror threat
- David E. Sanger and Eric Schmitt, Rise Is Seen in Cyberattacks Targeting U.S. Infrastructure
- Editorial, A New Kind of Warfare
- Adam Cummings, Todd Lewellen, David McIntire, Andrew P. Moore and Randall Trzeciak, Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector
RECENT NEWS ON CYBERATTACKS
- Nicole Perlroth, Virus Seeking Bank Data Is Tied to Attack on Iran
- Homeland Security News Wire, Civilian Cyberwarriors Not Motivated by Patriotism
CYBERSECURITY AND PRIVACY
- Anna Mulrine, Cyberdefense: Should Americans be concerned about their privacy?
- Nicole Perlroth, Software Meant to Fight Crime Is Used to Spy on Dissidents
EXECUTIVE ACTION
- DHS.gov, Presidential Policy Directive / PPD-8: National Preparedness
- Whitehouse.gov, International Strategy for Cyberspace
- Stewart Baker, Draft Cybersecurity Executive Order Leaks
- Brendan Sasso, White House Confirms Cybersecurity Order in the Works The Hill
- The White House, The Comprehensive National Cybersecurity Initiative, 2009
- The White House, Cyberspace Policy Review, 2011
- Department of Homeland Security, Blueprint for a Secure Cyber Future, November
- Department of Defense, Strategy for Operating in Cyberspace
- The White House, Cybersecurity Progress after President Obama’s Address
- Cheryl Pellerin, US Leaders Cite Partnership as Key to Cybersecurity
- Scott Shane, Cyberwarfare Emerges From Shadows for Public Discussion by U.S. Officials
LEGISLATIVE ACTION
- Michael S. Schmidt, Cybersecurity Bill Is Blocked in Senate by G.O.P. Filibuster
- Michael S. Schmidt, Senators Force Weaker Safeguards Against Cyberattacks
- John O. Brennan, John Brennan Response to Sen. Rockefeller on Cybersecurity Legislation
- Homeland Security New Wire, US Always Ends up Regulating New Technologies for Public Safety
- Eric Fischer, Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions
- Letter to President From Republican Senators on Cybersecurity Legislation
INTERNATIONAL ACTION
- Council of Europe, Convention on Cybercrime
- Homeland Security Newswire, EU Considers Far-reaching Internet Security Initiativ
- NATO Cooperative Cyber Defence Centre of Excellence Tallinn, Estonia 2012, The Tallinn Manual (Draft) on the International Law Applicable to Cyber Warfare
MEDIA
- David E. Sanger and Eric Schmitt, Rise Is Seen in Cyberattacks Targeting U.S. Infrastructure: Video
- Sen. Susan Collins, Gen. Keith Alexander, Anthony Romero, Cyber Gridlock: Why the Public Should Care
- Michael Schmitt, On the Tallinn Manual
Contact us
For any questions regarding the conference or registration, please contact: Jennifer Cohen at [email protected]