When do you "declare" cyberwar?

Simple question: If you were President/PM/Chief Autocrat, what would have to occur for you to make the argument to Congress/Parliament/Yourself that we are under cyber-attack and that the country needs to respond in kind, both in strengthening defenses and going on the offensive? What’s that tipping point where you say, “Last week you stole 100,000,000 Home Depot credit card numbers and that was bad, but THIS WEEK… that’s the final straw!”

(Feel free to discuss possible responses, but I’m wondering about the tipping point - what, in your opinion, would be difference between “hacking” and “attacking” when it comes to the sort of shenanigans the Russians are playing with us, and we, I’m sure, with the Russians. Hell, I can see an argument that we won’t know we’re in a cyberwar until we are in the cyberwar, by which time we’re theoretically completely fubared.)

Stealing Home Depot credit card information is not a cyber attack on a nation state. When a cyber attack brings down strategic assets or critical infrastructure, AND can be positively attributed to a nation-state (and not just hackers seemingly operating out of the country), THEN it may become a nation-state cyber attack.

No, one such attack isn’t cyberwarfare. However, a series of such attacks may be seen as such by the public.

The criteria you mention seem… I don’t know, but it seems like if we have to wait until strategic infrastructure is brought down and we must wait until we are POSITIVE that this was done by country X… well, it seems, from this layman’s POV, that the war will be lost by then.

There are such ‘attacks’ every day. Most of them are not cyber “attacks” per the definitions promulgated by the DoD. Stealing credit card numbers is not an attack in the eyes of the military, despite what the public may think.

As far as attribution, it’s kind of hard to bomb a country in retaliation if you don’t know which country attacked you.

Would it be possible to make it look like the attack originated from country A when it was actually carried out by country B?

Interesting question OP.

You must say “1-2-3-4 I declare a cyber war!” Then it is legal.

I think we are already in one, and have been for some time. It’s just that it is even more diffuse than the WoT. There are too many independent players.

It doesn’t matter if we “declare” it or not - we’re in it up to our collective neck. Stealing HD credit card info is just “collateral damage”. Whether that meets the Dod threshold of attack, that’s up to them. But the result is the same. Massive damage by a large scale cyber attack, or collective death by a thousand cuts - it still impacts out way of life ™.

If there is a serious cyber attack that if definitely attributable to a particular country, I would not be thinking about proclaiming CYBER war – just plain old WAR.

it wouldnt be necessarily official remember bill Clinton basically gave out letters of marquee to hackers to loot Milosevic’s and other Serbian officials off shore bank accounts since it was "common " knowledge that all the money was stolen from the state during the civil war

They got pardoned and immunity and got to keep something like up to 5 percent for their trouble

Well, then it would HAVE to be official, wouldn’t it?

I’ve never heard of this. I’d love to see a cite for it.

China is much more involved in hacking of the US than Russia. But to answer your question, you probably would unleash your own cyber warfare team officially and balls to the wall if someone attacked your critical infrastructure or systems…shut down your financial system, or attack your power grid, say, or some other critical and key part of your system. Other attacks will most likely be met with covert strikes back that you may or may not want your adversary nation to even know about. I’m fairly sure that after the recent string of attacks against US companies by the Chinese cyber security arm of their government we did some rather nasty things back…which is why, when Obama spoke to Xi Jinping officially about cyber attacks, China was willing to start playing nice (with the US anyway). That sort of thing happens all the time…we just hear about US companies being hacked because they make the news, while when China gets hacked that news is systematically suppressed.

To get to the point where you are going to ‘declare’ cyberwar, however, you are basically at the point where you are going to be going to regular war. Anything less than a critical attack is going to get a more covert response…and anything that attacks a countries fundamental cyber systems IS a direct attack, so bombs are probably going to fly as well as cyber attacks in response.

Given what has transpired and become known since XT’s post, any more thoughts about this?

I am firmly of the opinion that Russia has committed an act of cyberwar in their attempts to influence the election. But, again, “cyberwar” is not codified to include specific actions (to my knowledge). But, fuck, if this wasn’t it, I’m interested in learning what is.

Not so. It is only legal if the two opponents, while reciting the above, intertwine their fingers and position their thumbs.

OK, you’re in a cyberwar, and it has risen to the level of acknowledged belligerence. What do you do when your generals report that you are losing ground on the theater of battle, but you have superiority of conventional military weapons?

It seems to me that every Democratic administration in the past century has found a way to escalate, or at lest keep simmering, whatever “war” seemed ready at hand. Did Obama think he could slip away without being enumerated among them?

Actually it’s 0001-0010-0011-0100, I declare Cyberwar.

There have been several publicly noted instances of another nation committing serious cyber-offenses. China is frequently mentioned. Russia as well, both as a government, and as a nation that harbors hackers. North Korea was involved in a hack against Sony (I think it was Sony) over a movie they didn’t like.

We probably need rules of engagement - do they exist anywhere? Candidates for triggering a response, cyber or conventional:

-Attack on financial infrastructure. This could be anything from hacking the NYSE to hacking info and blackmailing bank officials. Use your imagination. There are a lot of ways hackers could really wreck banking or the stock market.
-Attack on energy grids. Imagine they’ve shut down all of the power in the Northeast.
-Attack on the military. They’ve hacked into a communications network, or have changed the launch codes, or have access to our satellites. Again, there’s a really long list of ways they could do really bad things if they got into computer networks.
-Attack on our Intelligence agencies or Law Enforcement. Compromising our ability to gather Intel anywhere, or enforce law and order in this country.
-Interference in internal politics.

Those are just a few ideas off the top of my head. If a country is responsible for cyber-attacks in those areas, I think we have no choice but to respond. I believe that so far we have responded with a mixture of counter-attacks and sanctions. We cannot credibly state that as a nation we solely respond when attacked, btw. There are also documented incidents of the US instigating a cyber-attack.

I wonder also if there’s a “cold war” type of thing going on. Certain countries are obviously pretty active in terms of cyber-crimes. We haven’t declared war, cyber or otherwise, on any of them. I wonder how much of that is due to a concern over any resulting escalation. As long as we pretend these are isolated incidents, do we keep the activity relatively low level?

Rules of engagement already exist. People must be careful on what is called an “attack” Most, if not, all of the recent revelations regarding cyber events are not “attacks” - they are more like “cyber espionage” Attack has a very specific meaning with regards to cyber events affecting this country.

Let’s be clear, though, that none of these rules apply to the US, right? We’re the good guys, so when we do it, it’s not an act of war.

Of course it would be an act of war, if it was an actual cyber attack. Why would you think different?

Where are you getting this from? I’m not aware of any response to, say, the State Department hack or the hack of federal employee data.

So… bumping this in light of the recent indictments.

In December 2016 I was convinced that what we were experiencing was cyber warfare… psyops, possible vote changing, etc.

Nothing revealed since had made me change my mind. Has it changed yours?