Approved for 1 CompTIA CEU: A+, Network+, Security+ and CASP and 1 GIAC CPE
The Internet is a global network designed for collaboration across great distances in real time. It was not designed to be a secure, controlled warfighting environment. Technology outpaced policy however. Today’s military and corporate leaders are faced with a landscape where threats can attack from any point on the globe and be routed through third parties with ease and controlled behind a barrier of intermediate hops through multiple jurisdictions. Long term exploits may run for months targeted to steal intellectual property or to lie dormant as an electronic minefield for future activation.
This session will examine the policy implications of active defense for computer networks from an international perspective. The topics will include:
- The purely defensive
- Encryption
- Network segmentation
- Limited privileges
- Active monitoring
- Standing on the edge
- Honeypots
- Defensive engagements
- Bringing allies to the fight
- Going on the attack
- Hacking back?
- Network manipulation
- Armed attack?
The rules of the game at the international level are still being developed and debated. While recent international consensus on the applicability of the laws of armed conflict to cyberspace has been achieved, there remain significant areas of disagreement. Commercial espionage, reconnaissance of the electronic battlefield, and proportionality are among the challenges. Leaders in and out of uniform need to think through scenarios that consider the international implications of defensive cyber operations.