Difference between revisions of "Scenario 15: Cyber deception in time of armed conflict"

From International cyber law: interactive toolkit
Jump to navigation Jump to search
(Revisions were made to F3 and F5, as described via email.)
(Replaced content with "''This page is under construction.''")
Tag: Replaced
 
Line 1: Line 1:
 
''This page is under construction.''
 
''This page is under construction.''
 
[[File:Cyberwar2.jpg|thumb|"Cyber attacks", photo by [https://www.flickr.com/photos/christiaancolen/21205579608/in/photostream/ Christiaan Colen].]]
 
[Executive summary]
 
 
== Scenario ==
 
 
=== Keywords ===
 
International armed conflict, international humanitarian law, perfidy, protective indicators, ruses of war
 
 
=== Facts ===
 
'''[F1]''' States A and B are involved in ongoing armed hostilities involving the use of kinetic as well as cyber operations. State A is preparing to launch a major military offensive against State B in region R, which is currently under the control of State B’s forces led by commander X. In order to distract and weaken the enemy, State A’ cyber command engages in several discrete deception operations against various targets in State B.
 
 
'''[F2]''' State A’s operatives set up a complex layered set of fake digital platforms built to lure State B’s cyber operatives to attempt to penetrate State A’s military networks ('''incident 1'''). Although the systems look authentic, they are entirely separate from actual State A’s networks. State B’s cyber command spends a considerable amount of time and resources trying to compromise the fake systems. Every time State B’s operatives gain access to a layer of the deceptive platform, they are led to another authentic-appearing environment, losing more time. In the meantime, State B’s cyber command fails to effectively defend against simultaneous hostile cyber operations launched by State A, which are detailed below.
 
 
'''[F3]''' State A discovers that commander X is a diabetic patient who uses a type of insulin pump that allows a healthcare provider to deliver the commander's insulin doses through a wireless communications system (i.e., a remote control). State A’s cyber operatives hack into the pump's communications system, take over the remote control, and administer an under dose of insulin to commander X, which leads to death ('''incident 2'''). As a result, the operation accomplishes its main goal of killing the commander, thus leaving State B’s forces in region R without effective command for a few hours.
 
 
'''[F4]''' State A hacks into the online systems used by the International Committee of the Red Cross (ICRC) to run a humanitarian smart phone application called “e-Red Cross” and used by persons affected by the armed conflict in region R. State A’s operatives then send a message through the app to all users, which falsely claims that the ICRC will distribute humanitarian aid next to the only bridge connecting two sides of a major river in region R ('''incident 3'''). As a result, thousands of civilians obstruct the bridge, preventing State B’s forces from being able to cross the river for several hours, thereby making it impossible for State B to send reinforcements to defend against State A’s attack on State B’s forces on the other side of the river.
 
 
'''[F5]''' Finally, State A's armed forces use artillery to attack a small town that State B controls and is using as a location for a forward operating base. Knowing that State B would likely call in close air support to repel State A's forces, State A had hacked into State B's force tracking system prior to the operation. As State A advances on the small town, the hack allows State A to make State B's forces appear as belonging to State A and to make State B's forces appear to be State A forces ('''incident 4'''). When State B's forward air controller calls in air support, the controller provides the pilots with accurate information. But the conflicting information that the pilots receive from the hacked force tracking system make the pilots suspend the attack in accordance with their ROEs. As a result, State A inflicts significant casualties on State B force.
 
 
=== Examples ===
 
* [TBC]
 
 
== Legal analysis ==
 
''For a general overview of the structure of analysis in this section, see [[Note on the structure of articles]].''
 
 
=== Characterization as an international armed conflict ===
 
{{#lst:International armed conflict|Definition}}
 
 
'''[L1]''' Analysis (very short: yes there is an IAC)
 
 
=== Perfidy and ruses ===
 
- Box on perfidy vs. ruses
 
 
'''[L#]''' Analysis (incident-by-incident)
 
 
=== Improper use ===
 
- Box on improper use
 
 
'''[L#]''' Analysis (incident-by-incident)
 
 
== Checklist ==
 
* [TBC]
 
 
== Appendixes ==
 
 
=== See also ===
 
* [[Military objectives]]
 
* [[Scenario 10: Cyber weapons review]]
 
* [[Scenario 12: Cyber operations against computer data]]
 
* [[Scenario 13: Cyber operations as a trigger of the law of armed conflict]]
 
 
=== Notes and references ===
 
<references />
 
 
=== Bibliography and further reading ===
 
* Gary P Corn and Peter P Pascucci, ‘The Law of Armed Conflict Implications of Covered or Concealed Cyber Operations: Perfidy, Ruses, and the Principle of Passive Distinction’ in Ronald TP Alcala, Eric T Jensen, ''[https://www.oxfordscholarship.com/view/10.1093/oso/9780190915322.001.0001/oso-9780190915322 The Impact of Emerging Technologies on the Law of Armed Conflict]'' (OUP 2019).
 
*Cordula Droege, ‘[https://www.icrc.org/en/download/file/13738/irrc-886-droege.pdf Get Off My Cloud: Cyber Warfare, International Humanitarian Law, and the Protection of Civilians]’ (2012) 94 IRRC 533.
 
*Yves Sandoz, Christophe Swinarski, and Bruno Zimmermann (eds), ''[http://www.loc.gov/rr/frd/Military_Law/pdf/Commentary_GC_Protocols.pdf Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949]'' (ICRC 1987).
 
*Michael N Schmitt (ed), ''[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations]'' (CUP 2017).
 
 
=== Contributions ===
 
* Scenario by: Jonathan Horowitz & Kubo Mačák
 
* Analysis by: [TBC]
 
* Reviewed by: [TBC]
 
 
{| class="wikitable"
 
|+
 
|Previous: [[Scenario 13: Cyber operations as a trigger of the law of armed conflict|Scenario 13: Armed conflict]]
 
|}
 
<!--
 
[[Category:International armed conflict]]
 
[[Category:International humanitarian law]]
 
[[Category:Perfidy]]
 
[[Category:Protective indicators]]
 
[[Category:Ruses of war]]
 
[[Category:Scenario]]
 
-->
 

Latest revision as of 10:27, 26 June 2020

This page is under construction.