Wanted: Global Rules on Cyberwarfare
the Monitor's Board, The Christian Science Monitor
A stunning report by a US digital-security company accuses Chinas military of conducting more than 100 cyberattacks on American corporate and government computers. If accurate, the report by the firm Mandiant only adds to the urgency to develop international norms in cyberwar and cyberespionage.
Each new tool of aggression requires its own rules of war. Cyberwarfare should be no different. Without a code of ethics for conflict in the digital universe, nations could eventually bring down each others water supplies, electric grids, military defenses, and vital institutions. And key values, such as privacy and a right to intellectual property, could also be lost.
Global rules now restrict the use of nuclear, chemical, and biological weapons. They also help safeguard civilians and prisoners of war. What the Mandiant report shows is that the world may be losing the struggle to come up with rules for cyberspace behavior.
The scale of the Chinese cyberthreat is now so massive that it might lead to a rush to imitate rather than a campaign to prevent a cyber blow-for-blow. One of the unusual aspects of cyberweapons is that once they are used, they can be easily replicated for a return attack.
Coming up with such rules will not be easy. For starters, simply defining what is a cyberweapon or a cyberattack could be a problem. Even if that issue is settled, how can an attacks originator be correctly identified? And given the speed of digital technology, the distinction between defensive and offensive capabilities can be easily blurred.
You have to have an offensive mind-set to better focus on defense, said retired Marine Corps Gen. …