Chapter 18. Active Defense for Cyber: A Legal Framework for Covert Countermeasures

[T]he United State reserves the right, under the law of armed conflict, to respond to serious cyberattacks with an appropriate, proportional, and justified military response.

William J. Lynn, III, “The Pentagon’s Cyberstrategy, One Year Later,” Foreign Affairs, September 28, 2011

By Catherine Lotrionte[215]

During the Cold War, the United States and the Soviet Union constantly maneuvered to achieve superiority and to counter and deter any aggressive moves by each other. When one nation was perceived to overstep its bounds, the other would signal its discontent by moving aircraft carrier groups, conducting military exercises, pursuing diplomatic engagement, seeking sanctions from the United Nations Security Council, enforcing embargoes, and even conducting proxy wars. These signals may well have prevented a nuclear exchange that would have resulted in the loss of many innocent lives and possibly a world war.

Today, when the threat of cyber conflict among nations is a reality, signaling is just as important if not more so because of the global connectivity of the Internet and its links to nations’ critical infrastructure assets. This chapter presents one type of signaling: the use of covert counter cyber strikes. The use of such measures would be an element of the US active defense strategy in cyberspace, carried out either by the United States directly or third parties on its behalf, and subject to the ...

Get Inside Cyber Warfare, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.