The Ethics of Cyberweapons in Warfare

The Ethics of Cyberweapons in Warfare

Neil C. Rowe (U.S. Naval Postgraduate School, USA)
DOI: 10.4018/978-1-4666-1773-5.ch015
OnDemand PDF Download:


The author discusses the ethical issues of using cyberweapons, software that attacks data and other software during warfare. Many people assume these are relatively benign weapons, but we argue that they can create serious harms like any weapon. He defines cyberweapons and describes them in general terms, and survey their status as per the laws of war. He then discusses the unreliability of cyberweapons, the problem of collateral damage, and the associated problems of damage assessment, maintenance of secrecy, and mounting cyber-counterattacks. He examines some possibilities for creating more ethical cyberweapons and discusses the alternative of cyber-blockades. He concludes that cyberattacks should generally be outlawed by international agreement.
Chapter Preview

The State Of The Art In Cyberweapons

Military organizations have noted the success of amateur attackers (“hackers”) in damaging computer systems, and have hoped to use these techniques or “exploits” for military advantage, much as they seek a wide variety of ways to gain advantage in warfare (Denning, 1999). Many of these techniques exploit flaws in software. Certain kinds of errors such as failure to check for buffer overflows in loops or failure to properly label data on Web sites can lead to granting of unauthorized special privileges to users of a system. Cyberweapons are programs that package a set of such exploits against a computer system and its data. Cyberweapons can be launched or controlled either externally, from another computer or the Internet, or internally, by spies and saboteurs (Knapp & Boulton, 2007).

Cyberattackers can use their access and privileges to destroy the data and software on a computer system or network, but that is pretty obvious and tells the victim they have been attacked. Cyberattackers can modify the data on a victim system to impede military operations, but that requires a good deal of contextual knowledge about the data. So a better goal for cyberweapons is to take control of a system without the knowledge of the system's owner so it can be used for the attacker’s purposes. This technology is called “rootkits” (Kuhnhauser, 2004). Sets of such remotely controlled computers can be used to create “botnets”, networks of slave computers under the control of a single user (Bailey et al., 2009). Hacker botnets have been used to earn money by sending spam or phishing email from the slave computers, have been used for denial-of-service attacks against organizations the attacker does not like, have been used for blackmail of organizations by threatening malicious mischief, and have been used for espionage. Botnets developed for military purposes could stop an adversary's military organization from communicating or defending itself.

Complete Chapter List

Search this Book: