Startseite Sozialwissenschaften US Policy on Active Cyber Defense
Artikel
Lizenziert
Nicht lizenziert Erfordert eine Authentifizierung

US Policy on Active Cyber Defense

  • Angelyn Flowers und Sherali Zeadally EMAIL logo
Veröffentlicht/Copyright: 19. Juni 2014
Journal of Homeland Security and Emergency Management
Aus der Zeitschrift Journal of Homeland Security and Emergency Management Band 11 Heft 2

Abstract

Today cyberspace is playing a pivotal role in many sectors of society and has become an integral part in the lives of individuals. Much of the critical infrastructure responsible for basic facilities such as water, energy, food, gas and electricity has become heavily integrated with cyberspace. As a result, securing cyberspace has become an issue of high national priority for many governments around the world and the US is no exception. For quite some time, this has been achieved through passive cyber defense strategies. Unfortunately, in recent years, these strategies have proved ineffective in accomplishing this goal, requiring a shift in strategy from passive to active cyber defense strategies. We examine the US policy on active cyber defense and the circumstances under which active cyber defense may be utilized by the US Government or those acting on its behalf. It can be difficult in some circumstances to distinguish active cyber defense from cyber offense. As may therefore be expected, the utilization of active cyber defense has the potential for creation of political, ethical as well as legal, and operational risks. In a brief comparison of US policy on active cyber defense with a few selected cybersecurity policies of other states the US policy is on the aggressive end of the spectrum, at least among the democratic states.

Keywords: cyber attacks; cyber defense; law; policy; risk
Corresponding author: Sherali Zeadally, College of Communication and Information, University of Kentucky, Lexington, KY, 40506, USA, email:

Acknowledgments

We thank Jasmine McNealy for her useful comments and feedback on early drafts of this paper. We would also like to express our gratitude to the anonymous reviewers for their valuable feedback and comments which help us to improve the quality and presentation of this work.

References

Adams, A., P. Reich and S. Weinstein (2012) “A Non-Militarised Approach to Cyber-Security.” In: Proceedings of the 11th European conference on Information Warfare and Security, Laval, France, 2012.Suche in Google Scholar

“Argentina, Brazil Agree on Cyber-Alliance Against U.S. Espionage.” September 15, 2013. [Online]. Available at: http://rt.com/news/brazil-argentina-cyber-defense-879/ (accessed February 26, 2014).Suche in Google Scholar

Chabinsky, S. (2013) Passive Cyber Defense: The Law of Diminishing and Negative Returns. American Center for Democracy: Economic Warfare Institute, May 6, 2013. [Online]. Available at: http://acdemocracy.org/passive-cyber-defense-the-laws-of-diminishing-and-negative-returns/ (accessed March 3, 2014).Suche in Google Scholar

Clarke, R. and R. Knake (2010) Cyber War. New York: HarperCollins Publishers.Suche in Google Scholar

Crosston M. (2012) “Virtual Patriots and a New American Cyber Strategy: Changing the Zero-Sum Game,” Strategic Studies Quarterly, Winter: 100–118.Suche in Google Scholar

“Cybersecurity Strategy of the European Union: An Open, Safe, and Secure Cyberspace,” July 2, 2013. [Online]. Available at: http://eeas.europa.eu/policies/eu-cyber-security/cybseccomm en.pdf. [accessed 26 February 2014].Suche in Google Scholar

DARPA. (2013) “Driving Technological Surprise: DARPA’s Mission in a Changing World.” April 2013. [Online]. Available at: http://www.darpa.mil/WorkArea/DownloadAsset.aspx@id=2147486475.pdf (accessed October 26, 2013).Suche in Google Scholar

Denning, D. (2014) “Framework and Principles for Active Cyber Defense,” Computers and Security, 40(February):108–113.10.1016/j.cose.2013.11.004Suche in Google Scholar

Department of Homeland Security. (2013) “Critical Infrastructure Sectors.” 2013. [Online]. Available at: http://www.dhs.gov/critical-infrastructure-sectors (accessed November 6, 2013).Suche in Google Scholar

Dittrich, D. and K. Himma (2005) “Active Responses to Computer Intrusions.” In: (H. Bidgoli, ed.) The Handbook of Information Security, Vol. II. Hoboken, John Wiley & Sons.Suche in Google Scholar

Fleming, J. (2013) “Security Reports say EU needs More ‘Honeypots’ for Lure Cyberattackers.” March 2013. [Online]. Available at: http://www.euractiv.com/specialreport-cybersecurity/europe-needs-honeypots-trap-cybe-news-518279. (accessed February 25, 2014).Suche in Google Scholar

Flowers, A., S. Zeadally and A. Murray (2013) “Cybersecurity and U.S. Legislative Efforts to Address Cybercrime,” Journal of Homeland Security and Emergency Management, 10(1):29–55.10.1515/jhsem-2012-0007Suche in Google Scholar

Ginsberg, W., M. P. Carey, L. E. Halchin and N. Keegan (2012) Government Transparency and Secrecy: An Examination of Meaning and Its Use in the Executive Branch. Congressional Research Service, Washington DC.Suche in Google Scholar

Government Accountability Office. (2013) Cybersecurity: National Strategy, Roles, and Responsibilities Need to Be Better Defined and More Effectively Implemented. GAO, Washington DC.Suche in Google Scholar

Greenwald, G. and E. MacAskill (2013) “Obama Orders U.S. to draw up Overseas Target List for Cyber-Attacks,” The Guardian, June 7, 2013. [Online]. Available at: http://www.theguardian.com/world/2013/jun/07/obama-china-targets-cyber-overseas (accessed April 23, 2014).Suche in Google Scholar

Keating, J. (2010) “U.S. and Europe at Odds Over Cyberdefense Policy.” October 5, 2010. [Online]. Available at: http://blog.foreignpolicy.com/posts/2010/10/05/us_and_europe_at_odds_over_cyberdense_policy (accessed February 22, 2014).Suche in Google Scholar

Kesan, J. P. and C. M. Hayes (2010) “Thinking Through Active Defense in Cyberspace.” In: Proceedings of the Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options. Washington: National Research Council, National Academies of Science.Suche in Google Scholar

Lachow, I. (2013) Active Cyber Defense: A Framework for Policymakers. Washington, DC: Center for a New American Security.Suche in Google Scholar

Lotrionte, C. (2012) “State Sovereignth and Self-Defense in Cyberspace: A Normative Framework for Balancing Legal Rights,” Emory International Law Review, 26:825–919.Suche in Google Scholar

Luiijf, H., K. Besseling, M. Spoelstra and P. de Graff (2013) “Ten National Cyber Security Strategies: A Comparison.” In: (S. Bologna, B. Hämmerli, D. Gritzalis, and S. Wolthusen, eds.) Critical Information Infrastructure Security: 6th International Workshop, CRITIS 2011, Lucerne, Springer Berlin Heidelberg, pp.1–17.10.1007/978-3-642-41476-3_1Suche in Google Scholar

McGhee, S., R. V. Sabett and A. Shah (2013) “Adequate Attribution: A Framework for Developing a National Policy for Private Sector Use of Active Defense,” Journal of Business & Technology Law, 8(1):1–47.Suche in Google Scholar

Melnitzky, A. (2012) “Defending America Against Chinese Cyber Espionage Through the Use of Active Defenses,” Cardozo Journal of international and Comparative Law, 20: 537–570.Suche in Google Scholar

Natashima, E. (2012) “Obama Signs Secret Directive to Help Thwart Cyberattacks.” The Washington Post, November 14, 2012. [Online]. Available at: http://www.washingtonpost.com/world/national-security/obama-signs-secret-cybersecurity-directive-allowing-more-aggressive-military-role/2012/11/14/7bf51512-2cde-11e2-9ac2-1c61452669c3_story.html (accessed April 22, 2014).Suche in Google Scholar

National Academy of Engineering of the National Academies. (2012) National Academy of Engineering Grand Challenges for Engineering. [Online]. Available at: http://www.engineeringchallenges.org/cms/challenges.aspx. (Accessed April 20, 2014).Suche in Google Scholar

Obama, B. (2008) The Comprehensive National Cybersecurity Initiatve. [Online]. Available at: www.whitehouse.gov/issues/foreign-policy/cybersecurity/national-initiative. (accessed October 28, 2013).Suche in Google Scholar

Obama, B. (2011) “International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World.” [Online]. May 2011. Available at: http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf. (accessed October 20, 2013).Suche in Google Scholar

Obama, B. (2012) Presidential Policy Directive/PPD-20. Washington: White House.Suche in Google Scholar

O’Connell, M. E. (2012) “Cyber Security without Cyber War,” Journal of Conflict & Security Law, 17(2):187–209.10.1093/jcsl/krs017Suche in Google Scholar

Osawa, J. (2013) Is Cyberwar Around the Corner? Collective Defense in the Near Future. Brookings Institute East Asia Commentary Series No. 73 of 75, November 12, 2013. [Online]. Available at: http://www.brookkngs.Edu/reserach/opinions/2013/11/12-cyber-defense-us-jana-alliance-osawa (accessed February 20, 2014).Suche in Google Scholar

Ragsdale, D. (2013) “Active Cyber Defense (ACD) Information Innovation Office.” November 8, 2013. [Online]. Available at: www.darpa.mil/Our_Work/120/Programs/Active_Cyber_Defense_(ACD).aspx. (accessed November 10, 2013).Suche in Google Scholar

Schmitt, M. (2013) Tallinn Manual on the International Law Applicable to Cyber Warfare. NY: Cambridge University Press.10.1017/CBO9781139169288Suche in Google Scholar

U.S. Department of Defense. (2011) Strategy for Operating in Cyberspace. Washington, DC, 2011.Suche in Google Scholar

United Nations. (1945) Charter of the United Nations and Statute of the International Court of Justice, as amended. United Nations, New York, 1945.Suche in Google Scholar

Wong, T. (2011) Thesis: Active Cyber Defense – Enhancing National Cyber Defense. Monterey: Naval Postgraduate School.Suche in Google Scholar

Zeadally, S., H. Martinez and H. Chao (2013) “Securing Cyberspace in the 21st Century,” IEEE Computer, 22–23.10.1109/MC.2013.144Suche in Google Scholar

Published Online: 2014-6-19

©2014 by Walter de Gruyter Berlin/Boston

Artikel in diesem Heft

  1. Frontmatter
  2. Opinion Article
  3. Bridging the Gap: Hazard Mitigation in the Global Context
  4. Research Articles
  5. The Impact of Natural Disasters on Critical Infrastructures: A Domino Effect-based Study
  6. How Does Climate Adaptation Affect Emergency Management?
  7. Emergency Preparedness on Campus: Improving Procedural Knowledge and Response Readiness
  8. Environmental Security and Climate Change: A Link to Homeland Security
  9. Challenging Illicit Bulk Cash Flows: Next Steps for US Law Enforcement
  10. US Policy on Active Cyber Defense
https://doi.org/10.1515/jhsem-2014-0021
Schlagwörter für diesen Artikel
cyber attacks; cyber defense; law; policy; risk

Artikel in diesem Heft

  1. Frontmatter
  2. Opinion Article
  3. Bridging the Gap: Hazard Mitigation in the Global Context
  4. Research Articles
  5. The Impact of Natural Disasters on Critical Infrastructures: A Domino Effect-based Study
  6. How Does Climate Adaptation Affect Emergency Management?
  7. Emergency Preparedness on Campus: Improving Procedural Knowledge and Response Readiness
  8. Environmental Security and Climate Change: A Link to Homeland Security
  9. Challenging Illicit Bulk Cash Flows: Next Steps for US Law Enforcement
  10. US Policy on Active Cyber Defense
Jetzt anmelden und 20% sparen
Institutioneller Zugang
Wie funktioniert Authentifizierung?
Haben Sie eine Idee, wie wir unsere Website verbessern können?
Bitte schreiben Sie uns.
© 2026 De Gruyter Brill
Heruntergeladen am 15.1.2026 von https://www.degruyterbrill.com/document/doi/10.1515/jhsem-2014-0021/html
Button zum nach oben scrollen