Folks like Joe Slowik https://www.youtube.com/watch?v=n7XqxRXwFZ4&ab_channel=CYBERWARCON, Grugq https://www.blackhat.com/docs/webcast/12142017-the-triple-a-threat.pdfand you https://cybersecpolitics.blogspot.com/2016/09/the-stern-stewart-summit-germany-and.html(Dave) have tried to articulate the CONOPS for worms since long. In their current forms, worms look like IO packages in full-spectrum missions. Ignoring technical problems like extreme target dependence https://www.brookings.edu/wp-content/uploads/2018/10/978081573547_ch1.pdf for worms, "harm" would always be defined at the policy level, and then technical. There is a reason why Defend Forward assumes that establishing "contact" in forward areas is a precursor to producing signals or effects (and that reason is not technical). That's also why SolarWinds was missed. You could have neatly placed (wormable) SolarWinds on the axis of Gerasimov Doctrine https://www.militairespectator.nl/sites/default/files/afbeeldingen/Militairy%20Review%20Figuur%20Bartles.jpg where "crisis reaction" morphs into "localisation" and "neutralisation" of conflict. A whole genre of Russian or Chinese doctrinal literature on noncontact operations is highly conducive for worms; but then, you can't see things in isolation. You start talking about things like systems-on-systems warfare. It becomes way more than just target discrimination and noncombatants. You enter an informational conflict (la US vs. Nicaragua). You start imbibing the Russian definition https://www.mitre.org/sites/default/files/publications/pr-19-1004-russian-military-thought-concepts-elements.pdf of asymmetricity and Creative Military Thought -- worms would fall under the same category as "inspection satellites." Everything becomes Reflexive Control. That's where the norms customary law would come from, such behavioral precedents.
On Fri, Jan 29, 2021 at 12:13 AM Dave Aitel via Dailydave < dailydave@lists.aitelfoundation.org> wrote:
I mean, the goal of the question is to start putting some meat on the idea of what "harm" is and how that is reflected both from a policy and technical perspective. But also: It's useful to put some real definitions around what is required to make people comfortable with fully-automated techniques.
I don't think the idea that we are going to come up with and enforce norms is as useful as figuring out what the norms really are sometimes, perhaps.
-dave
On Thu, Jan 28, 2021 at 12:39 AM Dave Dittrich dave.dittrich@gmail.com wrote:
Did any of them mention international humanitarian law, specifically discrimination, respecting territory of neutral ("green") actors and their infrastructure, and avoiding harm to neutral third parties and non-combatants? The problem with most worms is the inability to accurately discriminate targets and resulting harm. This is an area where technical experts need to be balanced with operators and policy makers to ensure that non-technical operators and policy makers fully understand what it is that they are talking about. And where use of *all* of the levers of sovereign power, in partnership with other nations, to establish and enforce norms, is crucial. Should we really consider unconstrained damage and instantaneous global chaos as "fun?" ;)
On Wed, Jan 27, 2021 at 8:45 PM Dave Aitel via Dailydave dailydave@lists.aitelfoundation.org wrote:
So one of my new fav questions to ask policy teams is what they would
do if they were told to switch their offensive team entirely to worms. Nothing else. Just worms. What needs to change to make that happen - from op tempo to supply chain to personnel to policy and technological investment.
And how would their defensive team need to change strategically if they
were facing such an offensive team.
It's a fun thing to see people wrap their minds around. :)
Also, if you missed it, yesterday's CYBER HOT TAKES are here: https://www.youtube.com/watch?v=hzcmfIgvj7A&t=2s&ab_channel=DaveAite...
-dave
Dailydave mailing list -- dailydave@lists.aitelfoundation.org To unsubscribe send an email to
dailydave-leave@lists.aitelfoundation.org
-- Dave Dittrich @davedittrich dave.dittrich@gmail.com https://davedittrich.github.io/
Dailydave mailing list -- dailydave@lists.aitelfoundation.org To unsubscribe send an email to dailydave-leave@lists.aitelfoundation.org