• Blog
  • February 19th, 2018

Offensive Cyber Operations Endanger Us All

NATO cyber

There is increasing debate and concern over the actions of states and non-state actors alike in the cyber domain.  Annegret Bendiek and Ben Wagner, associates of the German Institute for International and Security Affairs (SWP), outline key challenges and the dubious utility of offensive cyber operations in their article Making states responsible for their activities in cyberspace.

Ensuring the stability and integrity of the internet is a crucial goal for policy makers. In the words of the GGE [UN Group of Governmental Experts], it is a “key question for international peace and security.” – Annegret Bendiek and Ben Wagner

The two main methods of combatting cyber-security threats are:

  • “deterrence by resilience” — strengthening defenses and cyber infrastructure to ward off attacks; and
  • “deterrence by retaliation” — offensive responses to cyber-attacks.

While enhanced defensive measures can be highly beneficial, “deterrence by retaliation” can be challenged on many fronts, including effectiveness, legality and political legitimacy as well as the potential for serious “blowback”.

Many leading scholars have warned that the build-up of offensive capabilities only repeats the mistakes of the past. It fosters mistrust, leads to a new arms race and might even lead to the internet’s disintegration as states increasingly assert their sovereignty. – Bendiek and Wagner

As highlighted in an earlier Ceasefire.ca blog post, Canada’s new defence policy asserts Canada’s intention to go beyond much-needed enhancements of cyber defences to the “conduct of active active cyber operations against potential adversaries in the context of government-authorized military missions.”

But this new DND cyber mandate pales in comparison to the “vast mandate” outlined in Bill C-59 for the highly secretive Communications Security Establishment to carry out activities:

to degrade, disrupt, influence, respond to or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security. – Section 20 of the proposed Communications Security Establishment Act (CSE Act)

Such extraordinarily permissive language gives CSE the power not only to undermine fundamental rights and freedoms of Canadian citizens but also to contravene Canada’s international legal obligations.

Using the cyber domain as a battlefield is riddled with perils, with grave potential to undermine the reliability of the internet and the crucial infrastructure that it supports. Clearly our main objective now has to be

to encourage the development of an international order in which there are formidable restraints on the use of cyber force. – Lawrence Freedman

For the full article by Bendiek and Wagner, see: Making states responsible for their activities in cyberspace (The Security Times, February 2017).

Photo credit: NATO website

Read More

Comments are closed.




The too-often ignored legacy of George H. W. Bush

We will never learn the real lessons if we do not face up to the true legacy of departed American presidents. While many argue it is impolite to speak ill of the dead, we agree with Peter Certo at the Institute for Policy Studies that an honest assessment of the legacy of America’s 41st President, […]

Read More
View the Blog »

A new look at Iran and an update on the Saudi/Yemen nightmare

At last a careful and reasoned examination of the many, mainly baseless, charges that Donald Trump has levelled against Iran ...

Law reform needed to ensure Canada meets global arms trade standards

  Status Report on Bill C-47 For all those of you following the passage of Bill C-47, the legislation to permit Canada ...