WikiLeaks logo
The Global Intelligence Files,
files released so far...

The Global Intelligence Files

The Global Intelligence Files

On Monday February 27th, 2012, WikiLeaks began publishing The Global Intelligence Files, over five million e-mails from the Texas headquartered "global intelligence" company Stratfor. The e-mails date between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal's Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defence Intelligence Agency. The emails show Stratfor's web of informers, pay-off structure, payment laundering techniques and psychological methods.

Fwd: Re: US 'to view major cyber attacks as acts of war'

Released on 2012-02-29 11:00 GMT

Email-ID 1661172
Date 2011-06-01 15:20:54
from a source on this...

-------- Original Message --------

Subject: Re: US 'to view major cyber attacks as acts of war'
Date: Wed, 01 Jun 2011 07:44:52 -0400
From: Veni Markovski
To: Nate Hughes

this is sooo old, that even I (though it's not a good idea to quote
myself) wrote about it in 1998, in the Bulgarian Military Journal
magazine (issue 5 for 1998). The article is here:

That's not a new doctrine, it is very old, there are a number of studies
(I just re-read my article, and there are references to resolutions of
the UN, dealing with military responses, etc.), so what comes these days
as a news, is not a real news. It sounds fancy right now, but I doubt
that the Pentagon will actually engage the US in real military actions
(because, if the US responds with conventional weapons, then under the
current international conventions, it might be considered an aggressor -
which is not the goal of the US, one could guess).

Plus, of course, the fact that unlike a conventional war / aggression,
it will be extremely difficult, if not impossible, to prove state


On 5/31/2011 18:13, Nate Hughes wrote:
> Veni,
> We've been discussing this internally today. What do you make of it?
> Any word about what the actual public statement is expected to look
> like? We always appreciate your insight.
> Hope all is well.
> Cheers,
> Nate
>> *Cyber Combat: Act of War
>> Pentagon Sets Stage for U.S. to Respond to Computer Sabotage With
>> Military Force*
>> MAY 31, 2011
>> /SB10001424052702304563104576355623135782718.html?mod=googlenews_wsj
>> WASHINGTON-The Pentagon has concluded that computer sabotage coming
>> from another country can constitute an act of war, a finding that for
>> the first time opens the door for the U.S. to respond using
>> traditional military force.
>> The Pentagon's first formal cyber strategy, unclassified portions of
>> which are expected to become public next month, represents an early
>> attempt to grapple with a changing world in which a hacker could pose
>> as significant a threat to U.S. nuclear reactors, subways or
>> pipelines as a hostile country's military.
>> In part, the Pentagon intends its plan as a warning to potential
>> adversaries of the consequences of attacking the U.S. in this way.
>> "If you shut down our power grid, maybe we will put a missile down
>> one of your smokestacks," said a military official.
>> Recent attacks on the Pentagon's own systems-as well as the
>> sabotaging of Iran's nuclear program via the Stuxnet computer
>> worm-have given new urgency to U.S. efforts to develop a more
>> formalized approach to cyber attacks. A key moment occurred in 2008,
>> when at least one U.S. military computer system was penetrated. This
>> weekend Lockheed Martin, a major military contractor, acknowledged
>> that it had been the victim of an infiltration, while playing down
>> its impact.
>> The report will also spark a debate over a range of sensitive issues
>> the Pentagon left unaddressed, including whether the U.S. can ever be
>> certain about an attack's origin, and how to define when computer
>> sabotage is serious enough to constitute an act of war. These
>> questions have already been a topic of dispute within the military.
>> One idea gaining momentum at the Pentagon is the notion of
>> "equivalence." If a cyber attack produces the death, damage,
>> destruction or high-level disruption that a traditional military
>> attack would cause, then it would be a candidate for a "use of force"
>> consideration, which could merit retaliation.
>> The War on Cyber Attacks
>> Attacks of varying severity have rattled nations in recent years.
>> June 2009: First version of Stuxnet virus starts spreading,
>> eventually sabotaging Iran's nuclear program. Some experts suspect it
>> was an Israeli attempt, possibly with American help.
>> November 2008: A computer virus believed to have originated in Russia
>> succeeds in penetrating at least one classified U.S. military
>> computer network.
>> August 2008: Online attack on websites of Georgian government
>> agencies and financial institutions at start of brief war between
>> Russia and Georgia.
>> May 2007: Attack on Estonian banking and government websites occurs
>> that is similar to the later one in Georgia but has greater impact
>> because Estonia is more dependent on online banking.
>> The Pentagon's document runs about 30 pages in its classified version
>> and 12 pages in the unclassified one. It concludes that the Laws of
>> Armed Conflict-derived from various treaties and customs that, over
>> the years, have come to guide the conduct of war and proportionality
>> of response-apply in cyberspace as in traditional warfare, according
>> to three defense officials who have read the document. The document
>> goes on to describe the Defense Department's dependence on
>> information technology and why it must forge partnerships with other
>> nations and private industry to protect infrastructure.
>> The strategy will also state the importance of synchronizing U.S.
>> cyber-war doctrine with that of its allies, and will set out
>> principles for new security policies. The North Atlantic Treaty
>> Organization took an initial step last year when it decided that, in
>> the event of a cyber attack on an ally, it would convene a group to
>> "consult together" on the attacks, but they wouldn't be required to
>> help each other respond. The group hasn't yet met to confer on a
>> cyber incident.
>> Pentagon officials believe the most-sophisticated computer attacks
>> require the resources of a government. For instance, the weapons used
>> in a major technological assault, such as taking down a power grid,
>> would likely have been developed with state support, Pentagon
>> officials say.
>> The move to formalize the Pentagon's thinking was borne of the
>> military's realization the U.S. has been slow to build up defenses
>> against these kinds of attacks, even as civilian and military
>> infrastructure has grown more dependent on the Internet. The military
>> established a new command last year, headed by the director of the
>> National Security Agency, to consolidate military network security
>> and attack efforts.
>> The Pentagon itself was rattled by the 2008 attack, a breach
>> significant enough that the Chairman of the Joint Chiefs briefed
>> then-President George W. Bush. At the time, Pentagon officials said
>> they believed the attack originated in Russia, although didn't say
>> whether they believed the attacks were connected to the government.
>> Russia has denied involvement.
>> The Rules of Armed Conflict that guide traditional wars are derived
>> from a series of international treaties, such as the Geneva
>> Conventions, as well as practices that the U.S. and other nations
>> consider customary international law. But cyber warfare isn't covered
>> by existing treaties. So military officials say they want to seek a
>> consensus among allies about how to proceed.
>> "Act of war" is a political phrase, not a legal term, said Charles
>> Dunlap, a retired Air Force Major General and professor at Duke
>> University law school. Gen. Dunlap argues cyber attacks that have a
>> violent effect are the legal equivalent of armed attacks, or what the
>> military calls a "use of force."
>> "A cyber attack is governed by basically the same rules as any other
>> kind of attack if the effects of it are essentially the same," Gen.
>> Dunlap said Monday. The U.S. would need to show that the cyber weapon
>> used had an effect that was the equivalent of a conventional attack.
>> James Lewis, a computer-security specialist at the Center for
>> Strategic and International Studies who has advised the Obama
>> administration, said Pentagon officials are currently figuring out
>> what kind of cyber attack would constitute a use of force. Many
>> military planners believe the trigger for retaliation should be the
>> amount of damage-actual or attempted-caused by the attack.
>> For instance, if computer sabotage shut down as much commerce as
>> would a naval blockade, it could be considered an act of war that
>> justifies retaliation, Mr. Lewis said. Gauges would include "death,
>> damage, destruction or a high level of disruption" he said.
>> Culpability, military planners argue in internal Pentagon debates,
>> depends on the degree to which the attack, or the weapons themselves,
>> can be linked to a foreign government. That's a tricky prospect at
>> the best of times.
>> The brief 2008 war between Russia and Georgia included a cyber attack
>> that disrupted the websites of Georgian government agencies and
>> financial institutions. The damage wasn't permanent but did disrupt
>> communication early in the war.
>> A subsequent NATO study said it was too hard to apply the laws of
>> armed conflict to that cyber attack because both the perpetrator and
>> impact were unclear. At the time, Georgia blamed its neighbor,
>> Russia, which denied any involvement.
>> Much also remains unknown about one of the best-known cyber weapons,
>> the Stuxnet computer virus that sabotaged some of Iran's nuclear
>> centrifuges. While some experts suspect it was an Israeli attack,
>> because of coding characteristics, possibly with American assistance,
>> that hasn't been proven. Iran was the location of only 60% of the
>> infections, according to a study by the computer security firm
>> Symantec. Other locations included Indonesia, India, Pakistan and the
>> U.S.
>> Officials from Israel and the U.S. have declined to comment on the
>> allegations.
>> Defense officials refuse to discuss potential cyber adversaries,
>> although military and intelligence officials say they have identified
>> previous attacks originating in Russia and China. A 2009
>> government-sponsored report from the U.S.-China Economic and Security
>> Review Commission said that China's People's Liberation Army has its
>> own computer warriors, the equivalent of the American National
>> Security Agency.
>> That's why military planners believe the best way to deter major
>> attacks is to hold countries that build cyber weapons responsible for
>> their use. A parallel, outside experts say, is the George W. Bush
>> administration's policy of holding foreign governments accountable
>> for harboring terrorist organizations, a policy that led to the U.S.
>> military campaign to oust the Taliban from power in Afghanistan.
>> Read more:
>> *US 'to view major cyber attacks as acts of war'*
>> 31 May 2011 - 13H04
>> AFP - The Pentagon has adopted a new strategy that will classify
>> major cyber attacks as acts of war, paving the way for possible
>> military retaliation, the Wall Street Journal reported on Tuesday.
>> The newspaper said the Pentagon plans to unveil its first-ever
>> strategy regarding cyber warfare next month, in part as a warning to
>> foes that may try to sabotage the country's electricity grid, subways
>> or pipelines.
>> "If you shut down our power grid, maybe we will put a missile down
>> one of your smokestacks," it quoted a military official as saying.
>> The newspaper, citing three officials who had seen the document, said
>> the the strategy would maintain that the existing international rules
>> of armed conflict -- embodied in treaties and customs -- would apply
>> in cyberspace.
>> It said the Pentagon would likely decide whether to respond
>> militarily to cyber attacks based on the notion of "equivalence" --
>> whether the attack was comparable in damage to a conventional
>> military strike.
>> Such a decision would also depend on whether the precise source of
>> the attack could be determined.
>> The decision to formalize the rules of cyber war comes after the
>> Stuxnet attack last year ravaged Iran's nuclear program. That attack
>> was blamed on the United States and Israel, both of which declined to
>> comment on it.
>> It also follows a major cyber attack on the US military in 2008 that
>> served as a wake-up call and prompted major changes in how the
>> Pentagon handles digital threats, including the formation of a new
>> cyber military command.
>> Over the weekend Lockheed Martin, one of the world's largest defense
>> contractors, said it was investigating the source of a "significant
>> and tenacious" cyber attack against its information network one week ago.
>> President Barack Obama was briefed about the attack.