Back
About RSIS
Introduction
Building the Foundations
Welcome Message
Board of Governors
Staff Profiles
Executive Deputy Chairman’s Office
Dean’s Office
Management
Distinguished Fellows
Faculty and Research
Associate Research Fellows, Senior Analysts and Research Analysts
Visiting Fellows
Adjunct Fellows
Administrative Staff
Honours and Awards for RSIS Staff and Students
RSIS Endowment Fund
Endowed Professorships
Career Opportunities
Getting to RSIS
Research
Research Centres
Centre for Multilateralism Studies (CMS)
Centre for Non-Traditional Security Studies (NTS Centre)
Centre of Excellence for National Security
Institute of Defence and Strategic Studies (IDSS)
International Centre for Political Violence and Terrorism Research (ICPVTR)
Research Programmes
National Security Studies Programme (NSSP)
Social Cohesion Research Programme (SCRP)
Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
Other Research
Future Issues and Technology Cluster
Research@RSIS
Science and Technology Studies Programme (STSP) (2017-2020)
Graduate Education
Graduate Programmes Office
Exchange Partners and Programmes
How to Apply
Financial Assistance
Meet the Admissions Team: Information Sessions and other events
RSIS Alumni
Outreach
Global Networks
About Global Networks
RSIS Alumni
Executive Education
About Executive Education
SRP Executive Programme
Terrorism Analyst Training Course (TATC)
International Programmes
About International Programmes
Asia-Pacific Programme for Senior Military Officers (APPSMO)
Asia-Pacific Programme for Senior National Security Officers (APPSNO)
International Conference on Cohesive Societies (ICCS)
International Strategy Forum-Asia (ISF-Asia)
Publications
RSIS Publications
Annual Reviews
Books
Bulletins and Newsletters
RSIS Commentary Series
Counter Terrorist Trends and Analyses
Commemorative / Event Reports
Future Issues
IDSS Papers
Interreligious Relations
Monographs
NTS Insight
Policy Reports
Working Papers
External Publications
Authored Books
Journal Articles
Edited Books
Chapters in Edited Books
Policy Reports
Working Papers
Op-Eds
Glossary of Abbreviations
Policy-relevant Articles Given RSIS Award
RSIS Publications for the Year
External Publications for the Year
Media
Cohesive Societies
Sustainable Security
Other Resource Pages
News Releases
Speeches
Video/Audio Channel
External Podcasts
Events
Contact Us
S. Rajaratnam School of International Studies Think Tank and Graduate School Ponder The Improbable Since 1966
Nanyang Technological University Nanyang Technological University
  • About RSIS
      IntroductionBuilding the FoundationsWelcome MessageBoard of GovernorsHonours and Awards for RSIS Staff and StudentsRSIS Endowment FundEndowed ProfessorshipsCareer OpportunitiesGetting to RSIS
      Staff ProfilesExecutive Deputy Chairman’s OfficeDean’s OfficeManagementDistinguished FellowsFaculty and ResearchAssociate Research Fellows, Senior Analysts and Research AnalystsVisiting FellowsAdjunct FellowsAdministrative Staff
  • Research
      Research CentresCentre for Multilateralism Studies (CMS)Centre for Non-Traditional Security Studies (NTS Centre)Centre of Excellence for National SecurityInstitute of Defence and Strategic Studies (IDSS)International Centre for Political Violence and Terrorism Research (ICPVTR)
      Research ProgrammesNational Security Studies Programme (NSSP)Social Cohesion Research Programme (SCRP)Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
      Other ResearchFuture Issues and Technology ClusterResearch@RSISScience and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
      Graduate Programmes OfficeExchange Partners and ProgrammesHow to ApplyFinancial AssistanceMeet the Admissions Team: Information Sessions and other eventsRSIS Alumni
  • Outreach
      Global NetworksAbout Global NetworksRSIS Alumni
      Executive EducationAbout Executive EducationSRP Executive ProgrammeTerrorism Analyst Training Course (TATC)
      International ProgrammesAbout International ProgrammesAsia-Pacific Programme for Senior Military Officers (APPSMO)Asia-Pacific Programme for Senior National Security Officers (APPSNO)International Conference on Cohesive Societies (ICCS)International Strategy Forum-Asia (ISF-Asia)
  • Publications
      RSIS PublicationsAnnual ReviewsBooksBulletins and NewslettersRSIS Commentary SeriesCounter Terrorist Trends and AnalysesCommemorative / Event ReportsFuture IssuesIDSS PapersInterreligious RelationsMonographsNTS InsightPolicy ReportsWorking Papers
      External PublicationsAuthored BooksJournal ArticlesEdited BooksChapters in Edited BooksPolicy ReportsWorking PapersOp-Eds
      Glossary of AbbreviationsPolicy-relevant Articles Given RSIS AwardRSIS Publications for the YearExternal Publications for the Year
  • Media
      Cohesive SocietiesSustainable SecurityOther Resource PagesNews ReleasesSpeechesVideo/Audio ChannelExternal Podcasts
  • Events
  • Contact Us
    • Connect with Us

      rsis.ntu
      rsis_ntu
      rsisntu
      rsisvideocast
      school/rsis-ntu
      rsis.sg
      rsissg
      RSIS
      RSS
      Subscribe to RSIS Publications
      Subscribe to RSIS Events

      Getting to RSIS

      Nanyang Technological University
      Block S4, Level B3,
      50 Nanyang Avenue,
      Singapore 639798

      Click here for direction to RSIS

      Get in Touch

    Connect
    Search
    • RSIS
    • Publication
    • RSIS Publications
    • CO13151 | Plugging Cyber Warfare Governance: Asia Should Act
    • Annual Reviews
    • Books
    • Bulletins and Newsletters
    • RSIS Commentary Series
    • Counter Terrorist Trends and Analyses
    • Commemorative / Event Reports
    • Future Issues
    • IDSS Papers
    • Interreligious Relations
    • Monographs
    • NTS Insight
    • Policy Reports
    • Working Papers

    CO13151 | Plugging Cyber Warfare Governance: Asia Should Act
    Elina Noor

    15 August 2013

    download pdf

    Synopsis

    While academics debate whether cyber warfare is even possible within the traditional notion of war, three realities need to be confronted.  Thus far silent on the issue, Asia must now contribute to the evolution of laws to govern cyber warfare.  

    Commentary

    IN THE past century when states were pushed to fight wars, they would do it the old-fashioned way: by amassing troops and weapons on a country’s borders, flying overhead and dropping bombs, and launching surprise attacks underwater.  Land, air, and sea were – and remain – the conventional military domains for war.

    Increasingly, however, cyber space is emerging as a complementary domain of, and a perfect extension to, warfare.  If the “virtual wars” of Bosnia and Kosovo in the 1990s allowed for remote-controlled wars from a safe, ensconced distance, technological advances now and in the future will progressively afford the luxury of quicker and cheaper keystroke wars.

    Guns for keyboards

    In cyber space, a virtual realm with no natural or geographic borders, and constantly dynamic packets of data routed from one node to another, the world really is flat.  It is also anonymous since identity verification is not yet required and can be masked through complicated routing patterns.

    For technologically less-advanced states, cyber warfare levels the field by offering asymmetric benefits in cost and effect. Stuxnet, considered a sophisticated malware that was arguably the first to be weaponised and released with intent to destroy critical infrastructure in peacetime, cost only several million US dollars.  Now that the code has been deconstructed, it will be cheaper to replicate or improve upon for future attacks.  Even North Korea, perceived by the outside world to be deprived in so many ways, is believed to have thousands of trained hackers to launch cyber attacks.

    In fact amassing force can be cheap in the digital age. A botnet army recruiting unsuspecting, compromised devices can be marshalled at minimal cost and with zero logistics to propagate malware.  A state in conflict with another might tap into the patriotic, nationalistic fervour of its citizens by crowd-sourcing cyber attacks.

    What makes the prospect of cyber warfare disturbingly distinct from the other domains of war is how blurred the civilian-military line is due to how integrated cyberspace is in daily life.  More and more nations are wiring their critical infrastructure – from the electricity grid to waste management and air traffic control – to cyber space.

    Legal ambiguities

    Additionally, with the exception of some tweaking, much of the software marketed to the military is typically based on the same platforms available commercially.  Even if a system is isolated from the Internet – “air gapped” – the user remains the weakest link so a security breach could happen just by an employee plugging an infected USB device into a computer drive.

    A 2011 study, “Cyber security and cyber warfare: Preliminary assessment of national doctrine and organisation” estimated at least 33 states that include cyber warfare in their military planning and organisation.  Given the limitations of open-source data, the possibility of undervaluation, and the likelihood that this number will only keep growing, there is a need for a set of regulations to govern the developing conduct of cyber operations as a means and method of warfare.

    International law, broadly framed, offers markers to the rules of the road.  There is also an analogical corpus of laws related to other unconventional weapons – nuclear, biological, chemical, and radiological – that provide insight into how existing international laws might apply to cyber warfare.

    Of course, questions would need to be resolved, such as whether the provisions on peace and security within the UN Charter would apply to non-state actors, or whether they would treat economic collapse of a nation brought about by cyber attacks equally to physical destruction by kinetic weapons.

    Asia should act now

    As things stand, however, Asia – despite having some of the most connected systems and populations in the world – is curiously quiet in this unfolding discussion.  The challenges of war in or using cyber space affect any and every country that pins reliance of its critical infrastructure on the millions of nodes in cyber space.  The region must actively participate in, contribute to, and influence the conversation now as norms are being shaped.  Otherwise it risks being left out at later stages when laws have crystallised.

    Security and defence cooperation among ASEAN and its partners should be expanded to tabletop exercises and simulations of cyber warfare.  The concept of interoperability in military affairs is even more of an imperative in the virtual realm; so regular cooperative exercises should increasingly become the norm.

    Given that cyber space cuts across the public/private divide, effective policy solutions must embrace and leverage on the technical skills of the private sector.  The two “industries” often not only speak different languages but also past each other.  A comprehensive cyber warfare stratagem must involve the private sector at policy roundtables and in simulations, whether at the Track One or Track Two level.

    Conversely, private sector-organised IT security forums across the region should include strategic policy discussions to encourage not only meaningful exchanges but also coherent approaches to managing cyber warfare.

    Finally, there should be greater engagement of the legal community within the defence ministries around the region as well as of multilateral organisations such as the International Committee of the Red Cross in exploring and elaborating the sets of rules that should govern the evolution of cyber warfare. Track Two institutions could, for example, act as intermediary in engaging with these parties within their respective countries to formulate national positions on these issues which would, in turn, clarify interactions and negotiations at the regional and international levels.

    About the Auhor

    Elina Noor is Assistant Director for Foreign Policy and Security Studies at the Institute of Strategic and International Studies (ISIS), Malaysia. She contributed this specially to RSIS Commentaries. 

    Categories: RSIS Commentary Series

    Synopsis

    While academics debate whether cyber warfare is even possible within the traditional notion of war, three realities need to be confronted.  Thus far silent on the issue, Asia must now contribute to the evolution of laws to govern cyber warfare.  

    Commentary

    IN THE past century when states were pushed to fight wars, they would do it the old-fashioned way: by amassing troops and weapons on a country’s borders, flying overhead and dropping bombs, and launching surprise attacks underwater.  Land, air, and sea were – and remain – the conventional military domains for war.

    Increasingly, however, cyber space is emerging as a complementary domain of, and a perfect extension to, warfare.  If the “virtual wars” of Bosnia and Kosovo in the 1990s allowed for remote-controlled wars from a safe, ensconced distance, technological advances now and in the future will progressively afford the luxury of quicker and cheaper keystroke wars.

    Guns for keyboards

    In cyber space, a virtual realm with no natural or geographic borders, and constantly dynamic packets of data routed from one node to another, the world really is flat.  It is also anonymous since identity verification is not yet required and can be masked through complicated routing patterns.

    For technologically less-advanced states, cyber warfare levels the field by offering asymmetric benefits in cost and effect. Stuxnet, considered a sophisticated malware that was arguably the first to be weaponised and released with intent to destroy critical infrastructure in peacetime, cost only several million US dollars.  Now that the code has been deconstructed, it will be cheaper to replicate or improve upon for future attacks.  Even North Korea, perceived by the outside world to be deprived in so many ways, is believed to have thousands of trained hackers to launch cyber attacks.

    In fact amassing force can be cheap in the digital age. A botnet army recruiting unsuspecting, compromised devices can be marshalled at minimal cost and with zero logistics to propagate malware.  A state in conflict with another might tap into the patriotic, nationalistic fervour of its citizens by crowd-sourcing cyber attacks.

    What makes the prospect of cyber warfare disturbingly distinct from the other domains of war is how blurred the civilian-military line is due to how integrated cyberspace is in daily life.  More and more nations are wiring their critical infrastructure – from the electricity grid to waste management and air traffic control – to cyber space.

    Legal ambiguities

    Additionally, with the exception of some tweaking, much of the software marketed to the military is typically based on the same platforms available commercially.  Even if a system is isolated from the Internet – “air gapped” – the user remains the weakest link so a security breach could happen just by an employee plugging an infected USB device into a computer drive.

    A 2011 study, “Cyber security and cyber warfare: Preliminary assessment of national doctrine and organisation” estimated at least 33 states that include cyber warfare in their military planning and organisation.  Given the limitations of open-source data, the possibility of undervaluation, and the likelihood that this number will only keep growing, there is a need for a set of regulations to govern the developing conduct of cyber operations as a means and method of warfare.

    International law, broadly framed, offers markers to the rules of the road.  There is also an analogical corpus of laws related to other unconventional weapons – nuclear, biological, chemical, and radiological – that provide insight into how existing international laws might apply to cyber warfare.

    Of course, questions would need to be resolved, such as whether the provisions on peace and security within the UN Charter would apply to non-state actors, or whether they would treat economic collapse of a nation brought about by cyber attacks equally to physical destruction by kinetic weapons.

    Asia should act now

    As things stand, however, Asia – despite having some of the most connected systems and populations in the world – is curiously quiet in this unfolding discussion.  The challenges of war in or using cyber space affect any and every country that pins reliance of its critical infrastructure on the millions of nodes in cyber space.  The region must actively participate in, contribute to, and influence the conversation now as norms are being shaped.  Otherwise it risks being left out at later stages when laws have crystallised.

    Security and defence cooperation among ASEAN and its partners should be expanded to tabletop exercises and simulations of cyber warfare.  The concept of interoperability in military affairs is even more of an imperative in the virtual realm; so regular cooperative exercises should increasingly become the norm.

    Given that cyber space cuts across the public/private divide, effective policy solutions must embrace and leverage on the technical skills of the private sector.  The two “industries” often not only speak different languages but also past each other.  A comprehensive cyber warfare stratagem must involve the private sector at policy roundtables and in simulations, whether at the Track One or Track Two level.

    Conversely, private sector-organised IT security forums across the region should include strategic policy discussions to encourage not only meaningful exchanges but also coherent approaches to managing cyber warfare.

    Finally, there should be greater engagement of the legal community within the defence ministries around the region as well as of multilateral organisations such as the International Committee of the Red Cross in exploring and elaborating the sets of rules that should govern the evolution of cyber warfare. Track Two institutions could, for example, act as intermediary in engaging with these parties within their respective countries to formulate national positions on these issues which would, in turn, clarify interactions and negotiations at the regional and international levels.

    About the Auhor

    Elina Noor is Assistant Director for Foreign Policy and Security Studies at the Institute of Strategic and International Studies (ISIS), Malaysia. She contributed this specially to RSIS Commentaries. 

    Categories: RSIS Commentary Series

    Popular Links

    About RSISResearch ProgrammesGraduate EducationPublicationsEventsAdmissionsCareersVideo/Audio ChannelRSIS Intranet

    Connect with Us

    rsis.ntu
    rsis_ntu
    rsisntu
    rsisvideocast
    school/rsis-ntu
    rsis.sg
    rsissg
    RSIS
    RSS
    Subscribe to RSIS Publications
    Subscribe to RSIS Events

    Getting to RSIS

    Nanyang Technological University
    Block S4, Level B3,
    50 Nanyang Avenue,
    Singapore 639798

    Click here for direction to RSIS

    Get in Touch

      Copyright © S. Rajaratnam School of International Studies. All rights reserved.
      Privacy Statement / Terms of Use
      Help us improve

        Rate your experience with this website
        123456
        Not satisfiedVery satisfied
        What did you like?
        0/255 characters
        What can be improved?
        0/255 characters
        Your email
        Please enter a valid email.
        Thank you for your feedback.
        This site uses cookies to offer you a better browsing experience. By continuing, you are agreeing to the use of cookies on your device as described in our privacy policy. Learn more
        OK
        Latest Book
        more info