GCSC critical infrastructure protection questions: your input needed.

George William Herbert george.herbert at gmail.com
Wed Nov 15 06:53:59 UTC 2017

That's a good question.

Part of the problem is that the line between defense and offense, between intelligence gathering and attacking is more muddy than with "real weapons".  Movies aside, you don't do intelligence gathering with guns in peacetime.  Bringing guns makes it paramilitary operations and is or borders on an act of war, shots fired or not.

If we just define cyber operations as weapons then most of what gets done is on that border.  Independent ops (criminal, commercial) from state A into state B can lead to claims of A harboring terrorists.  If that keeps up, B may legitimately take offensive real world responses.  Like droning a hacker house or hostile cyber intelligence company.

Actions like Microsoft disabling botnets remotely approach incidental acts of war worldwide.

Accidentally doing damage in the course of non offensive intelligence gathering becomes MUCH worse.

Government workers/ military who've been engaged in those activities may be seized as terrorists if they travel abroad.

Gets ugly fast.  Not simple.

Sent from my iPhone

> On Nov 14, 2017, at 9:59 PM, William Herrin <bill at herrin.us> wrote:
>> On Wed, Nov 15, 2017 at 12:19 AM, Bill Woodcock <woody at pch.net> wrote:
>> One of PCH’s long-term efforts has been to encourage governments to
>> restrict their use of offensive cyber attacks against civilian networks.
>> As you might imagine, this is a reasonably popular idea everywhere except
>> the US, Russia, and China.  We’ve successfully gotten that effort out of
>> the U.N., where it was floundering, and into a well-supported stand-alone
>> commission.  It’s being taken very seriously by governments, and will be
>> one of the most important topics under discussion at the Global Conference
>> on Cyberspace in Delhi next week.
>> The work has been divided into two working-groups: one is addressing the
>> question of what a norm should say (i.e. “Governments shouldn’t
>> cyber-attack X”).  The other is addressing the question of what
>> infrastructures should be protected (i.e. what is the X that shouldn’t be
>> attacked). I’m chairing that second working group. The main thing we’re
>> delivering in Delhi is the result of a survey of what infrastructure people
>> think should be protected.  That survey is still open, and we’d like as
>> many people to respond as possible.  So, please consider doing so.  It’ll
>> only take a couple of minutes, and it’s a critical part of an admittedly
>> very lengthy process to make your life easier.
> Hi Bill,
> Aren't there already laws of war that forbid targeting civilians and
> civilian infrastructure as well as laying out the combatants' duties to
> mitigate collateral damage from strikes on government personnel and
> facilities? Is there some reason these laws should not continue to apply
> when the attacks are carried out with bits instead of bombs?
> Regards,
> Bill Herrin
> -- 
> William Herrin ................ herrin at dirtside.com  bill at herrin.us
> Dirtside Systems ......... Web: <http://www.dirtside.com/>

More information about the NANOG mailing list