Book Review - Cyber Warfare Ethics

Journal Edition

Edited by Catherine Grant, Alessio Patalano and James Russell

Howgate Publishing, 2021, 238 pp

Paperback ISBN: 9781912440269

Reviewed by: Darren Cronshaw

Today’s Defence members are more likely to engage in the demands and dilemmas of ‘war in the grey zone’. The cyber domain is challenging traditional notions concerning the character of war. The cyber domain is also extending into sub-threshold contested spaces with cyber-based sabotage, surveillance information dominance and influence activities. This phenomenon is multiplying the demands and dilemmas faced by soldiers and officers, strategists and politicians. Actions and responses are often required with minimal lead time and with less recourse to the chain of command for technical and ethical advice.

Those training as soldiers today will utilise weaponry and technology that previous generations could not dream of, and they will consider ethical dilemmas we cannot yet foresee. What are the ethical decision-making principles and processes that can guide them? What can we learn from ‘grey zone’ activities of recent years? What might be done with cyber, what should be done, what is being done to us, and how is it appropriate to respond?

Cyber Warfare Ethics, edited by Professor Michael Skerker and Professor David Whetham, attempts to answer some of these questions. Skerker is a Professor at the US Naval Academy, while Whetham is Professor of Ethics and the Military Profession at King’s College London, having previously held the appointment of Assistant Inspector-General to the Australian Defence Force. As editors, they combine with 13 other contributing military ethicists, including two serving military officers, to deliver a thought-provoking volume. More input from serving members would have been welcome; however, it is understandable that many current and former military members may be constrained from writing freely about cyber warfare. This volume will be of considerable interest to those preparing and leading soldiers who operate in the ‘grey zone’ of contemporary conflict.

The first three chapters of Part 1 explore the so-called ‘just war’ principles, question whether cyber attacks are equivalent to armed attacks, and consider what the answer may imply for the use of force in circumstances short of war. Part 1 also considers the limits that should be imposed on warfare in order to assure the human rights of those targeted in cyber operations. Accepting just war principles of proportionality and discrimination, and considering how these precepts apply in vastly different contexts, can support cyber operators to meet the challenges of ethical decision-making in the face of newly emergent technology. As Skerker observes (on p. 208):

It is true, that as a matter of fact, cyber warfare engineers have the technical means to threaten or violate [human] … rights with relative ease, potentially without reliable attribution. Yet just as it is a violation of [one’s] rights if [one] is shot by a soldier; if [one’s] local hospital is bombed; or if a foreign agent reads [one’s] diary; so too are [that same person’s] rights violated if a foreign actor does these sorts of things in a cyber operation, be it covert or overt.

Part 2 considers whether cyber attacks comply with just war principles, and what new challenges they pose. Compliance with just war principles is important in symmetric warfare, as well as within the complexities of asymmetric conflict. Considerations of just war principles extend to situations short of war and may require us to think differently about ‘grey zone’ conflict. Cyber attacks can be more ethical and controlled than kinetic action, with the potential for controlled distinction in the cyber realm. Then again, they can also be unpredictable, volatile and mischievous because they can be hidden and can easily affect non-combatants. Importantly, cyber technology may be far more accessible to decentralised non-state actors than traditional military hardware. In this context, the authors helpfully illustrate decision-making dilemmas that emerge when cyber delivers the same effects as kinetic action but with lower cost; lower physical risk; and instantaneous, selective, deniable, scalable and temporary effects (albeit potentially more indiscriminate and with higher risk of misattribution and misplaced retaliation). Contrary to the oft-quoted comment of a US official that ‘if you shut down our power grid, maybe we will put a missile down one of your smokestacks’, these chapters demonstrate the nuanced nature of cyber attacks. In many regards they are analogous to forms of sabotage, espionage and shaping operations, surveillance, and psychological influence operations.

Part 3 unpacks the ethics of computing technology, automation, machine learning and artificial intelligence. The authors explain the widely accepted principle that machines are not given final authority to take life but they can speed up the decision-making process to use force. Moreover, they may in fact support ethical decision-making because artificial intelligence might be trained to be more morally consistent. Humans can err, and one author helpfully offers the cautionary note that this risk may be acute when influenced by the ‘Dark Triad’ of Machiavellianism, narcissism and psychopathy. Machines do not get tired or angry; however, when they miscalculate (or are potentially misled) the scope for error can be far worse. Machines can also be unfair at various levels, such as when programmed to benevolently filter out destructive influences online or at the customs gate. Further, they may be affected by discriminatory algorithmic bias. The whole book, but especially the final three chapters, suggests the imperative of scrutiny and healthy scepticism as to the ethics of cyber warfare.

For teaching cyber warfare ethics, Cyber Warfare Ethics offers helpful case studies that could be usefully wargamed based on scenarios raised in the book. These include several well-known historical examples such as Israel’s Operation Orchard cyber sabotage of Syria’s radar to allow an attack on a nuclear reactor; Stuxnet’s targeting of the Iranian nuclear program, stealing commercial patents and military technology; and ballot box interference in the 2016 US elections (and possibly the UK Brexit vote). Other scenarios are either imagined or hypothetical possibilities that invite the reader to reflect on the ethical issues they symbolise. Examples include disabling emergency dispatch systems; undermining utilities infrastructure; vaccine disinformation; hacking drones or other weapons; and interfering with banking, traffic, hospital or self-driving systems.

Cyber Warfare Ethics is likely to evoke further questions in the reader’s mind around the use of cyber technology in modern conflict. For example, assuming military ethics training is necessary for all ranks—including the ‘strategic moral Corporal’—what would best practice military ethics training look like for trainees and members of electronic warfare and cyber units? What is the psychological effect on operators of navigating the high-pressure domain of cyber? While there has been extensive research on and support for drone operators, what equivalent attentiveness is needed for cyber operators to mitigate the risks of moral injury? In the range of responses from outright war to force short of war, to peacemaking, what is the role and potency of nonviolence and how might this be expressed in the cyber domain? For my own part as a Baptist chaplain with a clear preference for avoiding violence, let alone war, it is self-evident that the military potential of cyber technology must be harnessed within accepted ethical just war principles. So when and in what ways might cyber engagement foster restraint and the mission better than spiralling violence with kinetic action?

These are contested questions in a contested space. As military operators and strategists alike struggle to understand the full implications of cyber technology within the military domain, Skerker and Whetham have assembled a helpful kaleidoscope of chapters in Cyber Warfare Ethics to help address some of the most pressing issues. As a result, this book is a valuable resource for civilians and military members working in the cyber realm, and those responsible for leading and training them. After all, better informed decision-makers are inevitably better prepared to address the ethical considerations and implications of military cyber capabilities.

About the Reviewer

Darren Cronshaw is an Army Reservist who has served at Army School of Transport, Puckapunyal; at 1st Recruit Training Battalion, Kapooka; and in 2023 on full-time duty at the Defence Force School of Signals. For civilian work he pastors Auburn Baptist Church and teaches leadership and research methods with the Australian College of Ministries (Sydney College of Divinity).

Darren Cronshaw

Latest Land Power Forum

The Strategy of Denial Courtney Stewart 25 February 2025 Book review, Major power competition, Our Region

Soldiers in a green field with irregular long grass. Group of three are investigating the ground with one multi-rotor uncrewed aerial system is airborne to their right.

Detecting Landmines with Magnetometers 13 February 2025 Quantum Technologies, Emerging Technologies, Modernisation