rules pertaining to the use of force.17
Definitions and conceptions of IW are as numerous as they are complex, but generally entail preserving one’s own information and information system while exploiting, disrupting, or denying the use of an adversary’s.18 IW itself is a generic term that refers to a hostile attack by one nation or hostile party against the important information technology (“IT”) systems and networks of another (as compared to a criminal or terrorist attack). Secondarily, IW refers to actions taken to defend IT systems and networks.19 IW conducted against any modern society replete with information technology such as the U.S., either by terrorists20 or a hostile nation, is a matter of national concern. This is due to the well-known dependence of many critical sectors of contemporary economies as well as critical national infrastructure on information systems and networks.21
IT today is ubiquitous and is essential to virtually the United State’s entire infrastructure including dams, nuclear power plants, air-traffic control, communications,
18 Such a conception suggests the possibility that IHL could indeed be stretched to cover cyber law.
19 Herbert Lin, Policy Consequences and Legal/Ethical Implications of Offensive Information Operations and Cyberattack, Computer Science and Telecommunications Board, National Academies, Apr. 4, 2007.
20 Similar to the difficulty involved in defining information warfare, terrorism too is a multi-faceted concept. For purposes of this paper though, terrorism will be defined in terms of non-state-sponsored attacks on civilians, perpetrated with the intent of spreading fear and intimidation. The goal of these attacks is to change perceptions on a high-impact basis in the vein of September 11, 2001. A more diffuse campaign designed to illicit widespread disruptions and loss of public confidence in the ability of government to effectively function is also high impact. Information Technology for Counterterrorism, National Research Council of the National Academies, Apr. 9, 2007.
21 See Information Technology for Counterterrorism, CSTB/National Research Council (2003); Cybersecurity Today and Tomorrow: Pay Now or Pay Later, CTSB/National Research Council (2002).