Are offensive cyber operations an act of war?
“I would say specifically to your question what defines an act of war [in the cyber domain]– that has not been defined. We are still working towards that definition across the interagency,” said Thomas Atkin of the Office of Secretary of Defense at a congressional hearing last year.
He elaborated in newly published responses to questions for the record:
“When determining whether a cyber incident constitutes an armed attack, the U.S. Government considers a number of factors including the nature and extent of injury or death to persons and the destruction of, or damage to, property. Besides effects, other factors may also be relevant to a determination, including the context of the event, the identity of the actor perpetrating the action, the target and its location, and the intent of the actor, among other factors.” See Military Cyber Operations, hearing of the House Armed Services Committee, June 22, 2016.
If cyberwar is in fact war, would civilians who support military cyber operations be lawful combatants? They might not be, Mr. Atkin said.
“During armed conflict, some civilians who support the U.S. armed forces may sit at the keyboard and participate, under the direction of a military commander, in cyberspace operations. The law of war does not prohibit civilians from directly participating in hostilities, such as offensive or defensive cyberspace operations, even when that activity would be a use of force or would involve direct participation in hostilities; however, in such cases, a civilian is not a ‘lawful combatant’ and does not enjoy the right of combatant immunity, is subject to direct attack for such time as he or she directly participates in hostilities, and if captured by enemy government forces may be prosecuted for acts prohibited under the captor’s domestic law.”
But any such danger to unlawful civilian cyber-combatants is probably not an imminent hazard, he added. “Most, if not the great majority, of our civilian cyber workforce involved in providing support to cyberspace operations during armed conflict will not be serving on the battlefield where they may be the object of attack or risk being detained by the enemy. Instead, most will be providing their support remotely from areas outside the area of hostilities, are not easily identifiable as an individual, and are likely serving in the United States.”
Datasets and variables that do not align with Administration priorities, or might reflect poorly on Administration policy impacts, seem to be especially in the cross-hairs.
One month of a government shutdown is in the books, but how many more months will (or can) it go? Congress is paralyzed, but there are a few spasms of activity around healthcare and the prospects of a continuing resolution to punt this fight out until January or later.
At a period where the federal government is undergoing significant changes in how it hires, buys, collects and organizes data, and delivers, deeper exploration of trust in these facets as worthwhile.
Moving postsecondary education data collection to the states is the best way to ensure that the U.S. Department of Education can meet its legislative mandates in an era of constrained federal resources.