For some years, I was involved in a group in Seattle that pulled both computer security experts together with National and International Law Enforcement. We got together quarterly to talk about computer security and computer related crime. We had regular attendees by top security people from many top companies and Seattle has some top companies related to computers.
We also regularly had the FBI, Secret Service, CIA, NSA, Military, local police, Canadian Law Enforcement, Australian and others. Universities, especially, the University of Washington computer department has been involved. Government officials included briefings from the President's Committee for the Infrastructure, NSA, and so on. It was a dynamic, fascinating group lead by a dynamic, fascinating guy. Richard Clark, among other well known individuals, attended and spoke. This may sound like a group to some to make one paranoid. But I assure you, this group has been a good and necessary thing and much good, more, than otherwise, has come from it.
One day, during a meeting that typically lasts for the first half of the day, several suits stood up and apologized as they had to leave, since the Vice President (of the US) was arriving in Seattle and they had to go join the Secret Service detail in protecting him. That next day, I had the opportunity to shake the Vice President's hand as I was walking off the Ferry to Seattle (and nearly got jumped by the Secret service; don't, reach to your inside pocket as you approach the President, or Vice President, even if its just to put away a paperback book you are reading; and yes, I later realized just how stupid that was).
This group still goes on, and much has been done due to the existence of this group over the years, to help with the concepts in the US and abroad related to cybercrime and cyberwarefare. For instance, they helped set up a computer crime lab in Seattle, which became a model for others.
One of the things we discussed and worked to consider and apply direction to was in the area of cyberwarfare. Back when it was first brought up in the late 90s, it was little thought of by the government and the FBI had no real computer forensic department. So its good that this has gone international and thus, the NPR article today on an international treaty related to cyberattack is in the works. From the NPR article today:
"It may come as a surprise to some war victims, but there actually is a body of international law that establishes when and how nations can legally engage in armed conflict.
"Thanks to various treaties, the United Nations Charter, and the Hague and Geneva Conventions, we are able to draw official distinctions between victims and aggressors, and we have guidelines that, when honored, provide some protection to civilians. Professional militaries train with the rules of war in mind, recognizing that abiding by them works to their benefit as much as to the enemy's.
"A direct attack on a civilian infrastructure that caused damage, even loss of life of civilians, would, I think, be a war crime," Ryan says." - NPR
It would seem that its now internationally being considered that if and when, cyberespionage, turns into cyberattack, it is to be considered an act of war, and under certain circumstances, against international treaty. And that, is a good thing to agree upon.
NPR article on cyberwarfare and international law
A couple of other interesting articles:
US Appoints first CyberWarfare General
new Defense Department cyber command (2009). Interesting here to me, was that the Air Force announced that its cyber command, the 24th Air Force, would be based at Lackland Air Force Base, Texas, according to Defense Systems. I was stationed there the last half of the 70s. That is a great base for this to be, well, based at.
U.S. cyberwarfare command Better late than never"