Cyber Warfare and Nation States 2010

  • Screen Shot 2014-12-03 at 8.43.24 am

    Recent developments in offensive and defensive capabilities to advance national interests

    23 September 2010, Canberra

    Program
    9:00 Welcome
    Program Chair: Athol Yates, Director, Australian Security Research Centre
    9:05 Welcome and Context
    Conference Chair: Ian Dudgeon, co-author of Australia and Cyber-Warfare (2008)
    9:15 Trends in Cyber Warfare and the Challenges for Developing Military Capabilities – Presentation
    Dr Gary Waters, Principal author of Australia and Cyber-Warfare (2008)
    10:05 Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities –Presentation
    Dr Herbert Lin, Chief Scientist, Computer Science and Telecommunications Board, National Research Council of the National Academies and Co-editor of Technology, Policy, Law, and Ethics Regarding U.S Acquisition and Use of Cyberattack Capabilities (2009)
    10:45 Break
    11:15 Cyber Warfare – The Opposition’s View
    Senator The Hon David Johnston, Shadow Minister for Defence, Senator for Western Australia
    11:25 Characteristics of a National Cyber Warfare Capability
    Panel discussion
    11:55 The commonalities between cyberwarfare and biological warfare, and what this means for developing counter cyberwarfare strategies – Presentation
    Brian Mazanec, Senior Defense Analyst with the U.S. Government
    12:30 Break
    1:30 Session Theme: Building cyber warfare capability
    Session Chair: AVM (Retd) John Blackburn, Director, Kokoda Foundation
    Session Theme: Cyber warfare defence
    Session Chair: Ian Dudgeon, co-author of Australia and Cyber-Warfare (2008)
    1:35 Blowback problems in employing cyber weapons
    Madeline Carr, Department of International Relations, Australian National University
    Australia’s approach to cyber security
    Mike Rothery, First Assistanct Secretary, National Security Resilience Policy Division, Attorney-General’s Department
    2:05
    Insider Access and Malicious Software as Mutually Reinforcing Threats
    Ted Mallo, Threat Management, Raytheon Oakley Systems

    Insider Access and Malicious Software as Mutually Reinforcing Threats –Presentation
    Ted Mallo, Threat Management, Raytheon Oakley Systems

     
    2:35 Intelligence Support Requirements for Offensive Computer Network Operations: An Achilles Heel for a Usable Capability? – Presentation
    Jeff Malone, University of New South Wales (Australian Defence Force Academy)
    Defending the home front – Emerging threats from use of the Internet by dfence personnel and their social networks – Presentation
    Duncan Unwin, Management Consultant, Business Aspect
    3:05 Break
    3:35 Countering Cyber Piracy and Cyber Vandalism: A New Perspective –Presentation
    James Farwell, Farwell Group, New Orleans
    4:05 Future Issues for Australia
    AVM (Retd) John Blackburn, Director, Kokoda Foundation
    4:35 Chairman’s closing remarks
    Speakers

    Dr Gary Waters
    Gary Waters spent thirty-three years in the Royal Australian Air Force, retiring as an Air Commodore in 2002.  He then spent three years as a senior public servant in Defence before joining Jacobs Australia as Head of Strategy. He has written twelve books on doctrine, strategy and historical aspects associated with the use of military force.

    His latest two books are ‘Firepower to Win’ (with Air Vice-Marshal Al Titheridge and Professor Ross Babbage, 2007), and ‘Australia and Cyber Warfare’ (with Professor Des Ball and Ian Dudgeon, 2008). He has been a Fellow of the Australian Institute of Company Directors and a Vice President of the United Services Institute, and Inaugural Board Member and Treasurer of the Kokoda Foundation.

    Dr Herbert S. Lin
    Committee on Offensive Information Warfare, Computer Science and Telecommunications Board, National Research Council (US).

    Dr Lin is the Co-editor of Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities (2009). At the National Research Council of the National Academies, he has been study director of major projects on public policy and information technology.  He previously served as a professional staff member and staff scientist for the U.S. House Armed Services Committee, where his portfolio included defense policy and arms control issues.

    Bryan Krekel
    Bryan Krekel is the principal author of Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation (2009).

    Brian Mazanec
    Brian Mazanec, Senior Defense Analyst with the U.S. Government. Mr Mazanec provides analyses, recommendations, and policy options to congressional and Executive Branch officials on a wide range of defense issues. He has prior experience working in the Joint Staff; Office of the Secretary of Defense; Defense Threat Reduction Agency; Department of Homeland Security; and the Intelligence Community with a focus on strategic issues. He is a current doctoral student in George Mason University’s WMD-oriented program in the Department of Public and International Affairs.

    Ian Dudgeon
    Ian is the Principal of Ian Dudgeon & Associates P/L, a consultancy established in 1997 whose services include providing policy advice, research and training on matters relating to  national security. He previously served for 32 years in the Foreign Affairs and Trade, and Defence portfolios. Within Defence, and subsequently as a consultant, Ian has written major policy studies for government relating to Australia’s National Information Infrastructure, and the development of a national Information Operations capability. Ian is also a co-author of Australia and Cyber Warfare, published by ANU in 2008, and has written other articles and lectured publicly at ANU, ADFA and various seminars and conferences on related, and other, national security issues.

    Mike Rothery
    Mike heads the National Security Resilience Policy Division created in March 2009.  The Division is responsible for policy, legislation, advice and programs related to developing national resilience to the full range of natural and human made hazards, including the areas of critical infrastructure protection, chemical, electronic and identity security, and protective security policy.  In this position Mike chairs the E- Security Policy and Coordination Committee and the Protective Security Policy Committee. Prior to this Mike headed up the Emergency Management Policy and Liaison Branch of Emergency Management Australia, the E-Security Policy and Coordination Branch and the Critical Infrastructure Protection Branch from December 2004.  Since joining the Attorney-General’s Department in 1995 Mike has worked on counter terrorism policy & training, e-security and secure communications. Mike is a panel member of the National Centre for Security Standards of Standards Australia, a member of the Advisory Board to the Defence and Security Applications Research Centre (UNSW at ADFA), and is chair of the Advisory Board of the Research Network for a Secure Australia.

    Duncan Unwin
    Duncan Unwin is a consultant with Business Aspect, a specialist management consulting firm focussing on the effective use of Information and Communications Technology by organisations to achieve their strategic and operational objectives.  His area of focus is information security risk management and governance.

    Duncan has been working in the information security and information assurance area since the 1990s.  His experience includes work in the roll out of the first global internet payment systems with MasterCard International and American Express, where he witnessed the evolution of online card fraud and the industry responses to it.  During this time he was responsible for the security architecture of a payments processing platform that was regularly exposed to concerted cyber-attack.   Recently he has been involved in establishing the information security architecture for a new Federal government department.   Duncan has strong linkages with the Griffith University Business School, where he is involved in providing industry advice into programme development, has conducted research into organisational adoption of new technology (funded by INTEL) and in new approaches to ICT planning to support information management, and where he received a Masters in Information Systems with Honours.

    Madeline Carr
    Madeline Carr has worked at the juncture of the technology sector and the media for two decades. Working at the forefront of digital publishing and digital film-making as well as Web 2.0 has given her an insight into the opportunities and challenges which rapid changes in technology pose for societies. A PhD in International Relations from the Australian National University has allowed her to pursue her interest in these issues by researching the relationship between US power and emerging technology. Her research interests include the social construction of technology, computer security in state to state conflict, network neutrality and internet governance.

    James Farwell
    James Farwell is an attorney, political consultant, and since 9/11 has acted as a consultant to the U.S. Special OperationsJ Command and other areas of the U.S. Department of Defense as an expert in strategic communication. The ideas and opinions expressed in this paper are entirely his own and do not represent those of the U.S. government or any of its agencies, departments, or instrumentalities.

    Athol Yates
    Athol Yates specialises in analysing policy and programs related to domestic national security, principally critical infrastructure protection, the protection of the built environment, and harnessing industry and research communities to enhance the security of Australia.

    His current research areas of interest include:

    • adapting infrastructure and the broader built environment to climate change
    • the nexus between security, business continuity, resilience, emergency management and safety
    • non-traditional threats – influenza pandemic, climate change and energy security
    • critical infrastructure protection policy
    • the role played by the private sector in enhancing national security
    • the use of military forces for domestic emergencies

     

    Athol’s qualifications include a Bachelor of Engineering, GradDip Soviet Studies, and Masters of Public Policy. He is the editor of the National Security Practice Notes, and editor of the 3 volume pandemic influenza history series.

    Background

    “The availability of cyber attack technologies for national purposes greatly expands the range of options available to U.S. policy makers as well as to policy makers of other nations”, Admiral (ret.) William A. Owens, former Vic Chairman of the Joint Chiefs of Staff, and former CEO of Nortel, and chair for the report committee – Technology, Policy, Law and Ethics regarding U.S. acquisition and use of cyberattack capabilities (2009).

    Cyber capabilities to support national objectives are no different from other land, air, sea and space capabilities. They are a tool which can expand the range of options available to governments. However unlike other capabilities, the policy and legal framework controlling their development and use is in its infancy. The debate on these capabilities is currently conducted behind closed doors which impedes the understanding of their implications, and does not provide the rigour required to develop robust policy, guidance and doctrine.

    Historically, academics, researchers and others in the non-government sector have led the development of strategy and doctrine for nuclear, chemical and biological weapons. This discussion was carried out in the open. Unclassified discussion built consensus on the strategic use of these technologies, as well as leading to international approaches to counter their proliferation.

    Given the recent opening of Cyber Security Operations Centre (CSOC) within the Defence Signals Directorate which “provides Defence with a cyber warfare capability” and that the Defence White Paper states that “the ADF of 2030 will need to be a more potent force in … cyber warfare”, it is timely to consider the policy framework in which cyber warfare capabilities function.

    The following are key points from the report for the Technology, Policy, Law and Ethics regarding U.S. acquisition and use of cyberattack capabilities (2009). The report’s chair was Admiral (ret.) William A. Owens, former Vic Chairman of the Joint Chiefs of Staff, and former CEO of Nortel.

    • The availability of cyber attack technologies for national purposes greatly expands the range of options available to U.S. policy makers as well as to policy makers of other nations.
    • Although the actual cyberattacks capabilities of the U.S. are highly classified, they are at least as powerful as those demonstrated by the most sophisticated cyberattacks perpetrated by cybercrimals.
    • The U.S. Government should conduct a broad, unclassified national debate and discussion about cyberattack policy.
    • Secrecy has impeded widespread understanding and debate about the nature and implications of U.S. cyberattack.
    • The failure to engage non-governmental analysis increases the likelihood that the full array of national and international intellectual capital will not be brought to bear on the issue, thereby depriving policy makers of its potential contribution to understanding the issue.
    • From the report   Technology, Policy, Law and Ethics regarding U.S. acquisition and use of cyberattack capabilities (2009), National Research Council, National Academies, Washington.
    Details

    This conference will start this discussion and focus on questions including:

    • How are government building defensive capabilities to counter cyber warfare threats?
    • What are the foreign perspectives on cyberattack?
    • How can cyber capabilities (defensive and offensive) be used as an instrument of national policy?
    • What would cyberconflicts look like?
    • What are the lessons to be learned in developing strategy from the nuclear, chemical and biological weapon experience?
    • How does the Law of Armed Conflict and International Law apply to cyberattacks?
    • What could be the rules of engagement for cyber attacks?
    • How do cyber capabilities be used in a graduated fashion?
    • How could cyber capabilities be used to support national missions, including intelligence?
    • What are the escalation dynamics of cyberconflicts?

    The conference will consist of plenary sessions and discussions. A restricted workshop will be held on the afternoon of 22 September 2010.

    The location is Rydges Lakeside, Canberra.

    Speakers are required to register for the conference but are entitled to the recovery price rate for the conference (ie. Aus$300). However, a waiver of this requirement is available on application.

    People interested in presenting at the conference are requested to send a 50 word summary of their topic to Trudy Southgate at admin@securityresearch.org.au or call 02 6161 5143 or Int+612 6161 5143.

    Supporting Organisations

    SECAU logo