Do we need a geneva convention for cyber warfare

Discussion in 'Current Affairs, News and Analysis' started by ark-angel, Oct 17, 2010.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. Could be covered by existing conventions...

    After all you aren't supposed to carry out destruction to too great, or take out nuclear/dam etc.

    If the result of the cyber attack is the detonation of a nuclear power plant or th eopening of valves allowing an oil fire the likes of which we saw in Kuwait after Granby then surely that sort of stuff is already covered.
  2. I believe that the exisiting rules outlaw 'Environmental warfare' where modifying the environment for military purposes is the aim (Persian Gulf oil field firess, Deliberate flooding of Holland in 1944, the Dam Busters raid etc).
    The problem with things like the recent Stuxnet attack is that the virus moves rapidly out into the wild, and could have disproportionate or very unpredictable effects on friend or foe alike.
  3. Biped

    Biped LE Book Reviewer

    Completely pointless having a ban on such activities. We all know that any country with any sense and capability won't be taking any chances - they'll be both protecting themselves against such a form of warfare, as well as being as prepared as possible to wage it if the need arises.

    Chemical, Biological, Nuclear, Radiological, Electronic, Network, Data, Skies, Seas, Land, Space and underground - Some ****** will be prepared to go the extra mile, and we'd be stupid if we ignored the risks to us of that form of warfare, didn't prepare for it or weren't prepared to get stuck in ourselves in that manner.

    Once upon a time, Sniping wasn't the done thing, and then again, nor was blowing up buses full of civvies, flying commercial airliners into buildings, gassing civilians with jets bombers, poisoning people on the underground . . . . what's the rules on White Phos these days?
  4. Acceptable if you happen to hail from Israel and fancy dropping it unto a few schools/hospitals etc.
  5. Well, if in a Cyber War you are the hands down winner, then what do the rules matter?, you simply re write them.......dont you?, winner takes all.
  6. Or from anywhere else in the world and want to generate "white smoke" *ahem*

    Meh! Just win, be it cyberwar or any other kind. There's damn few winners charged with war crimes.
  7. Very doctrinally avant-garde! Aren't they talking about information / narrative as well, though?
  8. HE delayed fuze + white phos 'screening' = shake 'n' bake...

    Heard that from someone in 15 MEU dealing with dug-in positions south of AZB in 2003. Of course, I'm sure he was just joking... *ahem*
  9. Ord_Sgt

    Ord_Sgt RIP

    The Geneva Convention has always been a "we would like". People we are likely to fight will never stand by such rules, just look at history, only Graunaid readers think the worked exists in such boundaries.
  10. Ord_Sgt

    Ord_Sgt RIP

    You know the type, you punch them on the nose and they stand back in shock and ask why you did that! An explanation is pointless.
  11. Biped

    Biped LE Book Reviewer

    Are they? They're talking about talks about factoring it into their game theories, working out the possible outcomes and effects both in terms of military activities as well as civvy collateral damage, and seeing if there's a need for international legislation to protect said civvies if that's what you mean.

    Imagine there's another Georgia/Russia blow-up, but this time Georgia's got shit-hot lasers, powered by a nuclear power station, and the Russians can't get anywhere near it because all their top cover is getting melted, their troops ae being turned into goo and their tanks are frying, but they could win if they knock out the power station with a data bomb, albeit this might result in a melt-down of the reactor, leading to potentially large casualties both military and civvy. Do you not think the Russians might not go ahead anyway, simply to shorten the conflict in their favour, and bollocks to the Geneva Convention?

    Perhaps the might hold off until they're up against China perhaps - potentially a much nastier flash-point with a good deal more at stake than simply beating up a small neighbour - what might their attitude be to a game-changer such as knocking out/blowing up China's fuel storage facilities remotely, without a single bomb being dropped, even if that means massive civvie losses of life, power, and social order?

    I would suggest they'd say "bollocks, let's do it".

    The narrative might include all available means of execution of warfare, subject to the perception of need and devil take the hindmost.
  12. What are we talking about ? Sabotage in real time. Trespass by data that cannot be stopped by a fence or personnel vetting. Oh shock horror.

    In recent years the Parliamentary Office for Science and Technology was asked to report on the terrorist threat to our nuclear power plant. Technical sabotage was excluded as a defence responsibility. It was a bickering point whether it was a homeland security or a health and safety responsibility. Mike Smith, Head of Civil Nuclear SEcurity at DTI, said "Sabotage is not a security issue. Security is about how high the fences are and who gets access that kind of thing"

    Commons Defence Select Cttee considered a report on technical sabotage already in place (sleeping triggers like detecting harmonics from fluorescent lighting or detecting mains switching conditions by "Bugs" in control electronics) and ruled that the area was the responsibility of Works and Pensions who have responsibility for Health and Safety.

    Tony Blair, even when helpfully guided by the IRA having produced a written plan dating back to 1962 of developing and deploying technical sabotage, still left it out of the Good Friday Agreement.

    When in 2003 Gen De Chasterlain made a report of concern to the NI Secretary that terrorist weapon systems of technical sabotage had been left out of the declaration and decommissioning terms of the GFA as you know that was shortly followed by the instant retirement without notice of Kent Chief constable Sir David Phillips. The Chief constable who refused to record crime complaints of technical sabotage consistent with the IRA terrorist plan.

    But now the terrorist or enemy has broadband govt can harness a label "Cyber war" and pretend there is a new threat rather than a a new dimension of existing threat (and deployment) which UK has signally failed to address.
  13. In 2004/5 the press was interested in publishing a report re GFA and Blair's failure to include sabotage as a declarable terrorist weapons capability. But the press wanted a report that did not identify any accused or identify any incidents.

    Had Article 2 Inquests existed then and been held for the eleven Royal Marines murdered by IRA at Deal Barracks 89 and been held for the child patient who died during a power cut to post op ICU at Guys 1995 the details would have been on record as HM Coroners evidence. And hence reportable by press.

    Article 2 of the ECHR is about rights to life. Which is rather the point of defence too. Nowadays HM Coroners can ask Article 2 questions and determine whether there was a failure to protect life by agencies like the police. And lessons can be learned and applied.

    You take the case of emergency power generators. Whoopee doo BSI quality control accreditation. BUT when push came to shove after the death of the child at Guys 95 what did BSI tell us ? That their accreditation does not extend to the company supply chain. Oh dear. The company subbed out assembly of its electronic control boards to a non ISO accredited company. And they in turn subbed out assembly into the black economy to homeworkers moonlighting on dole. So much for static handling protected assembly to ensure reliability expectations.

    That ends up as the electronics controlling the emergency power to shut down nuclear power plant or to sustain power to pressurised seals and negative pressure containments at Porton Down or to sustain power to hospitals.

    And what happens when power does fail and emergency power fails at hospitals ? Well such power failures are not reportable incidents under the HSAW Act. Hence HSE nuclear inspectorate people looking at three failures of backup power at Dounreay, for example, have no records of inquiries into similar failures which have afflicted hospitals.

    So quality control accreditation and health and safety provisions do not act as a protection or as a trawl for information which, when relevant, can be passed to anti terrorism or MOD (or Works and pensions or Home Office or DTI whoever is responsible)

    The fact is we are not geared up as a country. We are vulnerable and we have had incidents in which sleeper tech sabotage in systems has manifested by circumstance. Politicians and public sector have had their heads buried in the sand. Worst are the police in spite of all their rhetoric about "Intelligence led" who would not even look at an alleged saboteur whose mate was a Reliance guard at Deal Barracks 89 (Having cleared civvi vetting with a forged REME REcord of service allegedly)

    And so far we have got away with it (Save for ten billion decommissioning Dounreay ?)
  14. AT&T Network Crash originally blamed on hackers but later found to be a fault within the system. But it's the simple things that can make the biggest impact. Does it have to be a power grid and not something such as traffic lights stuck at red or the Motor way information boards saying closed leave at next exit or such.