Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Active Response Continuum: Ethical and Legal Issues of Aggressive Computer Network Defense

Dave Dittrich
November 19, 2018

The Active Response Continuum: Ethical and Legal Issues of Aggressive Computer Network Defense

This talk discusses some of the computer intrusion sets that drive discussions of "active defense" ("hacking back"), including Mandiant's APT1 report (and their response), Citizen Lab's "Tracking Ghostnet" report, and the Georgian CERT's "Georbot" report. We then explore some common ethical philosophies, "integrity," "just war" doctrine, ACM's Code of Ethics, and the "Common Rule." We look at some legislative proposals (Berman/Coble, the Active Cyber Defense Certainty Act, and Georgia Senate Bill 315. Lastly, we discuss the Active Defense Continuum.

Dave Dittrich

November 19, 2018
Tweet

More Decks by Dave Dittrich

Other Decks in Research

Transcript

  1. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary The Active Response Continuum Ethical and Legal Issues of Aggressive Computer Network Defense David Dittrich <[email protected]> November 19, 2018 JSIS B 355 Cybersecurity and International Studies 1 / 48
  2. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Outline 1 Introduction What are we dealing with? Ethical Philosophies Terms and Concepts 2 Legislative Proposals A Play in Three Acts (Get it? ;) 3 The Active Response Continuum 2 / 48
  3. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Outline 1 Introduction What are we dealing with? Ethical Philosophies Terms and Concepts 2 Legislative Proposals A Play in Three Acts (Get it? ;) 3 The Active Response Continuum 3 / 48
  4. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Mandiant APT1 APT1: Exposing One of China’s Cyber Espionage Units (PDF) 4 / 48
  5. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Mandiant APT1 APT1: Exposing One of China’s Cyber Espionage Units (PDF) 4 / 48
  6. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Mandiant APT1 APT1: Exposing One of China’s Cyber Espionage Unit (YouTube video) 5 / 48
  7. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Tracking GhostNet June 2008 to March 2009 Victims: Foreign embassies, Tibetan government in exile, development banks, media orgs, student orgs, NGOs, multi-national consulting agencies 1,295 infected computers in 103 countries Took control of botnet to observe use http://www.scribd.com/doc/13731776/ Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network 6 / 48
  8. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Tracking GhostNet 7 / 48
  9. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Georbot [Osborne(2011)] C. Osborne. Georgia turns the tables on Russian hacker, October 2012. http://www.zdnet.com/georgia-turns-the-tables-on-russian-hacker-7000006611/ 8 / 48
  10. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Outline 1 Introduction What are we dealing with? Ethical Philosophies Terms and Concepts 2 Legislative Proposals A Play in Three Acts (Get it? ;) 3 The Active Response Continuum 9 / 48
  11. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Aristotle and Virtue Aristotle and Virtue “What makes a human life good? What makes it worth living and what must we do, not merely to live, but to live well?” — Aristotle (died 322 BCE) Teleology, (from Greek telos, “goal,” “end,” or “purpose” and logos, “reason”) Maximizing “happiness” (“eudaimonia”) 10 / 48
  12. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Aristotle and Virtue Aristotle and Virtue “So virtue is a purposive disposition, lying in a mean that is relative to us and determined by a rational prin- ciple, and by that which a prudent man would use to determine it. It is a mean between two kinds of vice, one of excess and the other of deficiency...” — Aristotle, “The Nichomachean Ethics” (350 BCE) A virtuous character is developed through habituation Exemplars: Seek one, be one 11 / 48
  13. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Kant and Duties Kant and Duties “It doesn’t matter whether you want to be moral or not– the moral law is binding on all of us.” — Immanuel Kant, “Groundwork on the Metaphysics of Morals” (1785) The Categorical Imperative rejects teleology (consequentialism) Stressed the importance of education, habituation, and gradual development All humans should have the right to common dignity and respect 12 / 48
  14. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Kant and Duties Kant and Duties Profession Duty Lawyer Avoid conflict of interest Lawyer Confidentiality Physician First, do no harm Accountant Care (accuracy) Spouse Fidelity 13 / 48
  15. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Mill and Outcomes Mill and Outcomes “The creed which accepts as the foundation of morals, Utility, or the Greatest Happiness Principle, holds that actions are right in proportion as they tend to promote happiness, wrong as they tend to produce the reverse of happiness. By happiness is intended pleasure, and the absence of pain; by unhappiness, pain, and the priva- tion of pleasure.” – John Stuart Mill, “Utilitarianism” (1863) 14 / 48
  16. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Outline 1 Introduction What are we dealing with? Ethical Philosophies Terms and Concepts 2 Legislative Proposals A Play in Three Acts (Get it? ;) 3 The Active Response Continuum 15 / 48
  17. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Integrity “When I refer to integrity, I have something very simple and very specific in mind. Integrity, as I will use the term, requires three steps. (1) discerning what is right and what is wrong; (2) acting on what you have discerned, even at personal cost; and (3) saying openly that you are acting on your understanding of right and wrong. — Stephen Carter, “Integrity” (1996) 16 / 48
  18. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Just War Theory Tenets of “Just War” (Jus ad bellum) Right Purpose Duly Constituted Authority Last Resort (Proportionality) Concepts of Just Warfighting (Jus in bello) Non-combatant immunity Proportionality More good than harm J. Arquilla. Ethics and Information Warfare. In Strategic Appraisal The Changing Role of Information in Warfare, Monograph Reports series Ch. 13. The RAND Corporation, 1999. https://www.rand.org/content/dam/ rand/pubs/monograph_reports/MR1016/MR1016.chap13.pdf 17 / 48
  19. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Just War Theory Tenets of “Just War” (Jus ad bellum) Right Purpose Duly Constituted Authority Last Resort (Proportionality) Concepts of Just Warfighting (Jus in bello) Non-combatant immunity Proportionality More good than harm J. Arquilla. Ethics and Information Warfare. In Strategic Appraisal The Changing Role of Information in Warfare, Monograph Reports series Ch. 13. The RAND Corporation, 1999. https://www.rand.org/content/dam/ rand/pubs/monograph_reports/MR1016/MR1016.chap13.pdf 17 / 48
  20. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts Right Action Justification The right agent to do it It is done to the right person At the right time and place To the right degree In the right way For the right reasons “Right action is that which a person with practical wisdom, that is, the ability to reason well, would choose in the circumstances.” — David Chan, “Beyond Just War” (2012) 18 / 48
  21. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts ACM Code of Ethics https://ethics.acm.org/code-of-ethics/code-2018/ 19 / 48
  22. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts ACM Code of Ethics Difference between 1992 and 2018 Draft 1 20 / 48
  23. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts ACM Code of Ethics Case Study 21 / 48
  24. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts ACM Code of Ethics Difference between 2018 Draft 1 and Drafts 2, 3 22 / 48
  25. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts 45 CFR 46 The Common Rule Respect for Persons Participation as a research subject is voluntary. Individuals treated as autonomous agents. Respect rights to decide about own best interests. Protect those with diminished autonomy. Beneficence Do not harm. Maximize possible benefits; minimize possible harms. Systematically assess both risk & benefit. Justice To each an equal share in treatments & benefit of research according to individual need, effort, societal contribution & merit. Fairness of procedures & outcomes in selection of subjects. 23 / 48
  26. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts 45 CFR 46 The Common Rule Respect for Persons Participation as a research subject is voluntary. Individuals treated as autonomous agents. Respect rights to decide about own best interests. Protect those with diminished autonomy. Beneficence Do not harm. Maximize possible benefits; minimize possible harms. Systematically assess both risk & benefit. Justice To each an equal share in treatments & benefit of research according to individual need, effort, societal contribution & merit. Fairness of procedures & outcomes in selection of subjects. 23 / 48
  27. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts 45 CFR 46 The Common Rule Respect for Persons Participation as a research subject is voluntary. Individuals treated as autonomous agents. Respect rights to decide about own best interests. Protect those with diminished autonomy. Beneficence Do not harm. Maximize possible benefits; minimize possible harms. Systematically assess both risk & benefit. Justice To each an equal share in treatments & benefit of research according to individual need, effort, societal contribution & merit. Fairness of procedures & outcomes in selection of subjects. 23 / 48
  28. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary What are we dealing with? Ethical Philosophies Terms and Concepts 45 CFR 46 The Common Rule Respect for Persons Participation as a research subject is voluntary. Individuals treated as autonomous agents. Respect rights to decide about own best interests. Protect those with diminished autonomy. Beneficence Do not harm. Maximize possible benefits; minimize possible harms. Systematically assess both risk & benefit. Justice To each an equal share in treatments & benefit of research according to individual need, effort, societal contribution & merit. Fairness of procedures & outcomes in selection of subjects. 23 / 48
  29. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Outline 1 Introduction What are we dealing with? Ethical Philosophies Terms and Concepts 2 Legislative Proposals A Play in Three Acts (Get it? ;) 3 The Active Response Continuum 24 / 48
  30. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Berman-Coble Bill (2002) 25 / 48
  31. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Berman-Coble Bill (2002) “If we can find some way to do this without destroy- ing their machines, we’d be interested in hearing about that. If that’s the only way, then I’m all for destroying their machines. If you have a few hundred thousand of those, I think people would realize the seriousness of their actions. There’s no excuse for anyone violating copyright laws.” — Senator Orrin Hatch, (R) Utah 26 / 48
  32. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Active Cyber Defense Certainty Act (2017) Problematic terms Active cyber defense measure (Persistent) Intrusion Attack Breach Beacon 27 / 48
  33. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Active Cyber Defense Certainty Act (2017) Problematic terms 28 / 48
  34. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Active Cyber Defense Certainty Act (2017) Calls for Two-year Pilot Program (FBI) Voluntary advance review by National Cyber Investigative Task Force (NCIJTF) Prioritization of requests (FBI) Annual report by DoJ+FBI+other agencies NLT March 31 each year DoJ to update “Prosecuting Computer Crimes Manual” Exclusion from prosecution clause sunsets 2 yrs. after enactment 29 / 48
  35. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Active Cyber Defense Certainty Act (2017) Analysis https://medium.com/@dave.dittrich/ thoughts-on-the-active-cyber-defense-certainty-act-2-0-d0b456a56d8b 30 / 48
  36. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Georgia Senate Bill 315 (2018) 31 / 48
  37. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Play in Three Acts Georgia Senate Bill 315 (2018) http://www.legis.ga.gov/legislation/en-US/ Display/20172018/SB/315 31 / 48
  38. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora/Cisco Active Defense Workshops Levels of Response Level Response Posture 32 / 48
  39. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora/Cisco Active Defense Workshops Levels of Response Level Response Posture 0 Unconscious 1 Involved 2 Interactive 3 Cooperative 4 Non-cooperative 32 / 48
  40. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Level 0: Unconscious “Right Out-of-the-box” The firm/system owner/operator takes no active role, ei- ther directly or through proxy, to modify, improve, en- hance, or alter defensive capabilities inherent in the hardware, firmware, and/or software as delivered from the manufacturer or installer. 33 / 48
  41. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Level 1: Involved “Doing business” The firm/system owner/operator establishes (either di- rectly or via proxy) a baseline, tailored, day-to-day de- fensive posture involving only resources directly owned or operated by that owner/operator. The posture is maintained and kept current. 34 / 48
  42. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Level 2: Interactive “We’ve Got a Problem” The firm/system owner/operator applies measures, in response to warning or evidence of malfeasance, to re- sources directly owned or operated by them. The mea- sures are beyond the baseline because they cause some loss of flexibility, capability, or ease of use and the owner/operator does not want/intend them to become routine business practice. 35 / 48
  43. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Level 3: Cooperative “Reach Out...” The firm/system owner/operator engages other organi- zations/firms/systems to take measures intended to at- tribute, mitigate, or eliminate the threat through coop- erative efforts beyond the ability of the owner/operator to effect but within the lawful authority of the other co- operating party or parties. 36 / 48
  44. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Level 4: Un-Cooperative “...and Touch Someone/Something” The firm/system owner/operator takes measures, with or without cooperative support from other parties, to attribute, mitigate, or eliminate the threat by acting against an uncooperative perpetrator or against an or- ganization/firm/system that could themselves (if coop- erative) attribute, mitigate, or eliminate the threat. 37 / 48
  45. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Agora workshop attendees defined “Active Defense” to be activity at Level 4 Level 4 has sub-levels Less intrusive to more intrusive Less risky to more risky Less disruptive to more disruptive Justification for your actions depends on how well you progress through all 4 stages Involves systems outside your sphere of authority, without cooperation of their owners/operators 38 / 48
  46. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Agora workshop attendees defined “Active Defense” to be activity at Level 4 Level 4 has sub-levels Less intrusive to more intrusive Less risky to more risky Less disruptive to more disruptive Justification for your actions depends on how well you progress through all 4 stages Involves systems outside your sphere of authority, without cooperation of their owners/operators 38 / 48
  47. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Agora workshop attendees defined “Active Defense” to be activity at Level 4 Level 4 has sub-levels Less intrusive to more intrusive Less risky to more risky Less disruptive to more disruptive Justification for your actions depends on how well you progress through all 4 stages Involves systems outside your sphere of authority, without cooperation of their owners/operators 38 / 48
  48. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Agora workshop attendees defined “Active Defense” to be activity at Level 4 Level 4 has sub-levels Less intrusive to more intrusive Less risky to more risky Less disruptive to more disruptive Justification for your actions depends on how well you progress through all 4 stages Involves systems outside your sphere of authority, without cooperation of their owners/operators 38 / 48
  49. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Level Response Posture 4.1 Non-cooperative “intelligence” collection (External services; Back doors/remote exploit to access internal services) 39 / 48
  50. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Level Response Posture 4.1 Non-cooperative “intelligence” collection (External services; Back doors/remote exploit to access internal services) 4.2 Non-cooperative “cease & desist” (“Interdiction” ala Berman-Coble bill; Disabling malware) 39 / 48
  51. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Level Response Posture 4.1 Non-cooperative “intelligence” collection (External services; Back doors/remote exploit to access internal services) 4.2 Non-cooperative “cease & desist” (“Interdiction” ala Berman-Coble bill; Disabling malware) 4.3 Retribution or counter-strike 39 / 48
  52. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Agora and “Active Defense” Level Response Posture 4.1 Non-cooperative “intelligence” collection (External services; Back doors/remote exploit to access internal services) 4.2 Non-cooperative “cease & desist” (“Interdiction” ala Berman-Coble bill; Disabling malware) 4.3 Retribution or counter-strike 4.4 Preemptive defense 39 / 48
  53. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Response Timeline 40 / 48
  54. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Risk over Time 41 / 48
  55. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Risk v. Difficulty 42 / 48
  56. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Summary Scale, scope, severity of compromises increasing Victims are getting frustrated Law makers are attempting to respond No concrete vehicles for regulation, This area is ripe for novel, thoughtful, deliberate proposals 43 / 48
  57. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary A Viable Framework Should handle deconfliction (in more than the military sense) Should provide before- and after-action review Should favor government over private sector action at the extreme end of the ARC Should favor civil/criminal process over extrajudicial private sector action Should follow virtue ethics (Integrity + “Right Action” justification) 44 / 48
  58. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary The Active Response Continuum Ethical and Legal Issues of Aggressive Computer Network Defense David Dittrich <[email protected]> November 19, 2018 JSIS B 355 Cybersecurity and International Studies 45 / 48
  59. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Referenced in the talk Stephen L. Carter. Integrity. BasicBooks – A division of Harper Collins Publishers, 1996. ISBN 0-465-03466-7, https://www.thriftbooks.com/w/integrity_ stephen-l-carter/290385 David Chan. Beyond Just War: A Virtue Ethics Approach. ISBN 978-1-137-26340-7. Palgrave Macmillan, 2012. David Dittrich and Katherine Carpenter. Protecting Property in Cyberspace using “Force”: Legal and Ethical Justifications. Presentation to the NATO CCDCOE Cyber Conflict 2014 conference, June 2014. http://staff.washington.edu/dittrich/talks/ CyCon-2014-DittrichCarpenter.pdf 46 / 48
  60. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Referenced in the talk David Dittrich and Erin Kenneally (co-lead authors). The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research, December 2012. http://www.dhs.gov/sites/default/files/publications/ CSD-MenloPrinciplesCORE-20120803.pdf David Dittrich and Erin Kenneally (eds.). Applying Ethical Principles to Information and Communication Technology Research: A Companion to the Department of Homeland Security Menlo Report, January 2012. https://www.dhs.gov/publication/csd-menlo-companion 47 / 48
  61. . . . . . . . . . .

    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction Legislative Proposals The Active Response Continuum Summary Referenced in the talk Dave Dittrich. The Conflicts Facing Those Responding to Cyberconflict. In USENIX ;login: vol. 34, no. 6, December 2009. http://www.usenix.org/publications/login/ 2009-12/openpdfs/dittrich.pdf David Dittrich. The DoS Project’s trinoo distributed denial of service attack tool, October 1999. http://staff. washington.edu/dittrich/misc/trinoo.analysis.txt Other publications: https: //staff.washington.edu/dittrich/home/writing.html 48 / 48