Winning the Hardware Software Game Winning the Hardware-Software Game - 2nd Edition

Using Game Theory to Optimize the Pace of New Technology Adoption
  • How do you encourage speedier adoption of your product or service?
  • How do you increase the value your product or service creates for your customers?
  • How do you extract more of the value created by your product or service for yourself?

Read more...

Latest Comments

  • Anonymous said More
    Great explanation for the relationship... 4 days ago.
  • Anonymous said More
    nice analysis, thanks Wednesday, 21 October 2020
  • Anonymous said More
    The fact that CBD from marijuana is... Sunday, 14 June 2020
  • Anonymous said More
    This was excellent and extremely... Tuesday, 21 April 2020
  • Anonymous said More
    Well written. Well constructed. Tuesday, 13 August 2019

A copy of the full analysis can be downloaded by clicking on the link at the bottom of this blog entry.

 

In Part 1: Game Theory Basics of War, I described the three potential options players may take in traditional war: don't arm, arm, or attack. I described the benefits and costs associated with arming for defense, as well as the benefits and costs associated with arming for offense or attacking. I indicated that there are ambiguities in interpretaions by players associated with the actions  other players are taking: sometimes arming can increase a player’s security, while other times, arming can decrease a player’s security. I explained that there are two crucial variables that contribute to the ambiguity: (i) whether defensive weapons can be distinguished from offensive weapons, and (ii) whether defense or offense has the advantage.

 

Now that we have some understanding of the basics of war – the actions players are able to take, the benefits and costs associated with the different actions, and the crucial variables for determining the stability of the situation – we can move on to cyberwar. The first issue to cover is the definition of cyberwar.

 

Why Do We Care How Cyberwar Is Defined?

The terms cyberattack and cyberwar have been tossed around in the media, generally without the writers having provided a clear definition of terms. Why do we care about distinguishing cyberattacks from cyberwar and defining exactly what constitutes cyberwar? It is important because there are vital implications for international law and the appropriate use of policy for addressing the actions.

Part of the reason the terms have been used in such a slippery way is that cyberattacks represent a new form of attack that has not been available before now. Furthermore, attempting to frame cyberattacks in terms parallel to those of traditional, real-world attacks has proven to be problematic and not at all clear-cut.

In “Marching off to cyberwar,” The Economist indicates that

All sorts of “translation problems” arise when trying to apply existing international rules relating to terrorism and warfare to online attacks… The United Nations Charter prohibits the use of force except when authorised by the Security Council, for example, but does not spell out what counts as “the use of force” in cyberspace…

Agreement on a definition is needed because under international law a country that considers itself the victim of an act of war has the right to self-defence—with conventional military (not merely electronic) means. And members of an alliance with mutual-defence obligations, such as NATO, may be duty-bound to respond to an attack on any of their members.

Randall R. Dipert, in “The Ethics of Cyberwarfare” notes the “novelty” of cyberwar, together with the associated “policy vacuum” available for addressing it:

It [cyberwarfare] is arguably the first major new form of warfare since the development of nuclear weapons and intercontinental missiles. This novelty has also meant that there is at present a virtual policy vacuum: there are no informed, open, public or political discussions of what an ethical and wise policy for the use of such weapons would be.

It becomes more complicated, because not only is the nature of the action itself important in determining whether the action is a simple crime versus an act of war versus an act of terrorism, but the identity of the actor is also essential. Again, from the Economist,

A cyberattack on a power station or an emergency-services call centre could be an act of war or of terrorism, depending on who carries it out and what their motives are.

 

Definitions of Cyberwar

Media discussions of cyberwar provide the following definitions.

I thought the most satisfying definition of cyberwar came from Jason Rivera, “A Theory of Cyberwarfare: Political and Military Objectives, Lines of Communication, and Targets” (emphasis mine):

Over 100 years ago, naval strategist Sir Julian Corbett wrote Some Principles of Maritime Strategy to explicate national strategies for the use of naval forces. In part one of this text, Corbett begins by putting forth a theory of war largely inspired by 19th century wartime strategist Carl von Clausewitz, defining war as “an exertion of violence to secure a political end which we desire to attain.” Given this well understood and accepted definition of war in the physical domain, it stands to reason that in an attempt to define cyberwarfare, one might assume that the purpose of cyberwarfare is to achieve political and strategic military objectives via cyberspace.

I also like Wikipedia’s definition of Cyberwarfare:

Cyberwarfare is politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare.

I disagree with the first distinguishing element of cyberwar provided by the Economist, but I agree with the second:

For a cyberattack to qualify as “cyberwar”, some observers argue, it must take place alongside actual military operations...

The strongest definition of cyberwar requires that cyberattacks cause widespread harm, rather than mere inconvenience.

What’s the difference between war and terrorism? According to NewsOne,

War: An organized, armed, and often a prolonged conflict that is carried on between states, nations, or other parties.

Terrorism:The French word terrorisme in turn derives from the Latin verb terreō meaning “I frighten.” Although “terrorism” originally referred acts committed by a government, currently it usually refers to the killing of innocent people by a non-government group in such a way as to create a media spectacle.

NewsOne is basically distinguishing war from terrorism based on the actors and victims. Specifically, war entails government or military actors perpetrating acts on government or military victims. In contrast, terrorism entails civilian actors perpetrating acts on civilian victims.

Based on a reading of the literature, I have summarized in Figure 3 various forms of cyberattacks into categories based on the perpetrator’s type and motivation and on the victim.

Figure 3

In Figure 3, I have unofficially classified any political or military attack by a government on another government as cyberwar. However, one would think, as per the Economist, that there should be a minimum threshold that must be exceeded to classify such an attack as an “act of war” that would invoke the right of self-defense under international law.

Let’s see what the official definition of “act of war” is. From 18 U.S.C. § 2331 : US Code - Section 2331: Definitions (emphasis is mine):

As used in this chapter -

(1) the term "international terrorism" means activities that -

(A) involve violent acts or acts dangerous to human life that are a violation of the criminal laws of the United States or of any State, or that would be a criminal violation if committed within the jurisdiction of the United States or of any State;

(B) appear to be intended -

(i) to intimidate or coerce a civilian population;

(ii) to influence the policy of a government by intimidation or coercion; or

(iii) to affect the conduct of a government by mass destruction, assassination, or kidnapping; and

(C) occur primarily outside the territorial jurisdiction of the United States, or transcend national boundaries in terms of the means by which they are accomplished, the persons they appear intended to intimidate or coerce, or the locale in which their perpetrators operate or seek asylum;



(4) the term "act of war" means any act occurring in the course of -

(A) declared war;

(B) armed conflict, whether or not war has been declared, between two or more nations; or

(C) armed conflict between military forces of any origin

The official definition does not appear to easily allow for a politically motivated cyberattack to be classified as an act of war unless it occurs within the context of a declared war. But then how do you distinguish a cyberattack that incites a war; that is, what is the cyber equivalent of 9/11? I think the Department of Defense is going to have a difficult time constructing a clear definition of a cyberattack that constitutes an act of war.

An act of terrorism, however, seems to have a much lower threshold than an act of war: any politically motivated criminal act by a civilian on a civilian. As a note, the difference between an action being considered as occurring within the context of war versus within the context of terrorism is the type of law applied and the rights accorded the perpetrators. Terrorists have fewer rights than soldiers.

It seems, then, that in the interim, until the government is able to construct a clear definition of a cyberattack that falls within the realm of cyberwar, most politically motivated attacks by government on government will be classified as cyberterrorism rather than cyberwar.

 

Go to Part 3: Unique Properties of Cyberwar

More Blogs

Cannabis Cultivation: Seeds vs. Clones

26-09-2020 - Hits:1763 - Ruth Fisher - avatar Ruth Fisher

Cannabis plants are dioecious, that is, they are either male or female. Plant reproduction occurs naturally, when male plants pollinate female plants, causing female plants to produce seeds. New cannabis plants can thus be cultivated by collecting seeds from fertilized females and replanting them, or by buying seeds generated by...

Read more

Cannabis Cultivation: Indoor vs. Outdoor vs. Greenhouse

22-09-2020 - Hits:1448 - Ruth Fisher - avatar Ruth Fisher

There are three basic locales for growing cannabis: indoors, outdoors, or in greenhouses. Greenhouses enable growers to benefit from natural light, while also being able to strategically block out light to induce quicker flowering. Budget-friendly greenhouse operations are more subject natural climate variations, while higher-end greenhouses are more similar to...

Read more

Would the Endocannabinoid System Have Been Discovered Earlier without the Ban on…

10-06-2020 - Hits:1588 - Ruth Fisher - avatar Ruth Fisher

Cannabis was used medicinally in the Western world from the mid-1800s through 1940, even though doctors did not understand cannabis’s mechanisms of action. The Marijuana Tax At of 1937 Federally banned the use of cannabis in the US for either medical or recreational uses, and it restricted scientific studies of...

Read more

How Regulations Shape the Cannabis Industry

16-05-2020 - Hits:2367 - Ruth Fisher - avatar Ruth Fisher

  The cannabis industry is highly regulated, and the various regulations play a powerful role in shaping the structure, and thus outcome, of the industry. This analysis examines the following questions: How do cannabis market regulations shape market structure? Are the resulting outcomes favorable to suppliers and/or consumers? What are the pros and cons...

Read more

Cannabis Industry Rollouts: Lessons Learned from States’ Experiences

27-04-2020 - Hits:1754 - Ruth Fisher - avatar Ruth Fisher

Bart Schaneman from MJ Business Daily recently released, “2020 Cultivation Snapshot: U.S. Wholesale Marijuana Prices & Supply.” The information contained in the report helped cement certain insights I’ve had about the evolution of the cannabis market. Background info In addition to the myriad other laws and regulations, all states essentially have two...

Read more

A Data-Generating System: A Framework for Data Assessment

14-04-2020 - Hits:1069 - Ruth Fisher - avatar Ruth Fisher

Suppose I gave you, the Data Analyst, a dataset of information on sales of Ford automobiles, and suppose I told you to use that dataset to predict total national sales of Ford automobiles for next 12 months. What would you want to know about the data you were given? If you...

Read more

Hemp and CBD Market Supply

06-04-2020 - Hits:1890 - Ruth Fisher - avatar Ruth Fisher

The information in this post was compiled in an attempt to understand 2 issues: Does the cultivation of hemp differ depending on the hemp product supplied (fiber, seed, or flower)? Is the CBD produced from hemp (cannabis with ≤ 0.3% THC) identical to the CBD produced from marijuana (cannabis with > 0.3%...

Read more

Trends in Cannabis Patents Over Time

08-12-2019 - Hits:2353 - Ruth Fisher - avatar Ruth Fisher

Patent Counts by Year I searched the USPTO patent database for all patents for which the patent abstract contained any of the following terms: cannabis, cannabinoid, marijuana, tetrahydrocannabinoid, or cannabinol. My search yielded 914 patents. As seen in Figure 1, there were only a handful of cannabis patents each year until the...

Read more