Guns & Drugs on the Deep Web

fpazdzin at January 26,2016
Since the traditional form of war has been with us for so long it seems like we haven’t had enough time to determine what kind of digital acts can be considered cyberwarfare. Technology has advanced so fast that laws are having a hard time keeping up and this technology is being implemented before laws can be written to say what we can and cannot do with it. I think that even after cyberwarfare laws are finalized, they will be in a constant state of being updated.

canales at January 29,2016
To me this video is telling me that we should prepare for a major cyberwar. Yes we have people in the filed fighting against it but cyberwar fare will never end and only continue to grow and get more sophisticated. I believe that training as many people as possible would be a great start but also having laws to determine what will occur during cyberwar. But, even with the laws, just how technology changes rapidly so would the laws. It is just scary to think that someone can take control with them not even being in the same country as you. Makes you think on how can you slow this down because in reality cyberwar fare will always exist and never end as long as computers and technology exists.

tcmahony at January 30,2016
While the thought of cyber and the possible depictions in this video could lead to terrible things I think people around the world are starting to realize the impacts what an insecure system can lead to particularly when it comes to industrial control systems. Not only does it lead to greater awareness but preventative in nature because systems we value highly are not vulnerable. However given the legal system it will probably take a large event to set things in motion for lawmakers to create the necessary laws and policies. Cyber minded people need to make a effort to help those lawmakers be proactive as opposed to reactive.

BrianDaugette at January 30,2016
One of the hardest issues with regards to cyber attacks in general is that of attribution. How do you figure out who is responsible and how confident are you in that assessment? As presented in the video, cyberwar is already a complex issue due to the lack of laws and norms of behavior, even when it is assumed you know who is responsible. But what about examples in which you have no clue who is responsible other than a few technical clues, such as an IP address in an adversary country? Is that enough to assume they are responsible? Does that country have a burden to assist the victim country in investigating the attack? What about instances in which an attacker took steps to make it look like someone else was to blame for the attack?

nick at February 03,2016
@BrianDaugette made some excellent point regarding attribution. This is a very difficult task when investigating threat groups. How can the level of attribution certainty be defined in cyber warfare to ensure that innocent nation states are not targeted just because attackers transited a third party nation's network infrastructure. During a limited cyber war, can only military IT infrastructure be targeted or do the commercial telecommunications networks on which it may operate also be targeted? When can the response to a digital attack, such as a DDOS attack, involve the use of kinetic force? If an attacker disrupted the national power supply, which in turn shut down nuclear power safety features or left hospitals disabled, can nation states elevate the response to kinetic strikes against the attacking computer, building, or the military or intelligence unit that is conducting the attack. The lack of defined laws of war covering the cyber realm leave the possibility of ambiguity between adversaries. This could quickly escalate from digital attacks to physical confrontations unless each such understands the redlines associated with cyber attacks, leading to loss of life.