Cyber war capabilities and mass surveillance

We definitely need cyber defence capabilities. Foreign powers, terrorists, and criminal networks have the capability to harm key functions in our societies.

We also need capacity for offensive cyber operations. No doubt, this will be a part of tomorrow’s conflicts and there is an ongoing cyber war arms race. Several western countries affiliated with NSA is adapting to this. (E.g. Sweden has recently made changes to legalise offensive operations, that according to the Snowden documents are already in place.)

First of all, the threshold for cyber attacks is lower than for conventional military conflicts. At the same time, most countries have made it clear that they will consider cyber attacks as an actual act of war. So there are reasons to tread carefully.

This is a grey area. It is difficult to be sure if a cyber attack originates from another nation or a criminal or terrorist organisation. In the same way, it is difficult to know who you engage in defensive or offensive cyber operations. Things might easily escalate.

Second, there is no clear line separating conventional mass surveillance and cyber warfare. One can easily spill over into the other. The lines are muddled. The rule of law can easily be circumvented by labelling surveillance that would be illegal in “civil” law enforcement as secret “military” operations.

Third, cyber warfare capabilities are frequently outsourced to private contractors. This will make it even harder to uphold democratic oversight and accountability.

I would argue that one major problem with cyber warfare capabilities is that they might be used to conceal domestic intelligence operations outside the realm of the law.

This calls for vigilance.

/ HAX

Statewatch » Council documents: responses to offensive cyber operations; “cyber capacity building” in non-EU countries; implementation report on Cyber Defence Policy Framework »

No comments yet.

Leave a Reply