THE LAW OF CYBER WARFARE: CAN THE CURRENT LEGAL REGIME HACK IT?
Presented by the American University International Law Review and National Security Law Brief
November 8, 2012 10:30 am – 2:30 pm American University Washington College of Law
Although cross-border attacks on computers and information systems do not involve a physical invasion of sovereign space, incursions such as the Stuxnet virus increasingly seem to serve a similar purpose. The symposium will examine whether cross-border cyberattacks qualify as acts of war under international law, whether the difficulties of distinguishing civilian and military targets require a special legal regime to govern cyber warfare, and how legislation that has been passed or is currently being considered by the U.S. Congress will affect the international context of such attacks. Are the current legal conventions sufficient to regulate this new kind of warfare? If not, then how should international law account for changing technological capacities? How effective are domestic legislative efforts in addressing the burgeoning foreign threats critical infrastructure institutions in the United States face?
10:00 am Registration
10:30 am When is a Virus a War Crime? Targetability and Collateral Damage Under the Law of Armed Conflict:
As cyber attacks have become an increasingly integral tactic for military strategists, they have raised questions for the international legal regime on the conduct of war. Cyber warfare is particularly challenging because cyber attacks designed to disrupt, deny, or degrade enemy military capabilities may simultaneously damage civilian computer systems. Does the law of armed conflict provide sufficient guidance for establishing targetability? Can the destruction of power grids and other critical infrastructure be counted as collateral damage or could they be considered war crimes? Is international humanitarian law capable of governing rapidly developing technology? If not, can it be amended, or is a new legal regime needed?
Paul Rosenzweig, Professorial Lecturer in Law, George Washington University
Charles L. Barry, Senior Research Fellow, Center for Technology and National Security Policy, National Defense University
John C. Dehn, Senior Fellow, Rule of Law Center, West Point
Gregory S. McNeal, Associate Professor of Law, Pepperdine University
Moderator: Professor Daniel Schneider, American University School of International Service; Director, Center on Non-traditional Threats and Corruption (CONTAC)
1:15 pm Is Domestic Legislation Sufficient Tool to Battle Foreign Attacks? An Analysis of the Efficacy of Domestic Cyber Security Legislation
In an increasingly interconnected world, critical infrastructure in the United States faces foreign cyber threats at an increasing rate, emphasizing possible vulnerabilities in current security systems. Foreign attacks are particularly concerning because accessibility to critical infrastructure systems puts both the United States government and the civilian population at great risk. Is legislation like the Cyber Intelligence Sharing Protection Act or the cyber security bills being considered by the U.S. Congress effective in targeting the risk of foreign attack on critical infrastructure institutions, such as power grids, gas pipelines, and the banking sector, which are prime targets for cyber attacks? If not, should more regulatory efforts be considered or are companies in the business of managing critical infrastructure capable of maintaining their own standards that are effective in combating foreign attacks?
Michelle Richardson, Legislative Counsel, American Civil Liberties Union, Washington Legislative Office
Jamil Jaffer, Senior Counsel, House Permanent Select Committee on Intelligence
Catherine Lotrionte, Director, Institute for International Law, Science and Global Security
Moderator: Professor Melanie Teplinsky, American University Washington College of Law