Exploring the prudent limits of automated cyber attack

The notion of cyber conflict occurring at network rates that surpass the speed of decision-making by national leaders has bolstered the possibility of introducing automated cyber attacks as part of their spectrum of response. This paper´s objective is to identify some prudent limits to govern the incorporation of automated cyber attack as an instrument of policy in national and collective defense. For this paper, the concept of automated cyber attack focuses on nations´ in-kind responses to strategic-level attacks by actors that use cyber means. The main aspects of the paper explore the theoretical roles of critical thinking in the development and operation of such systems. Topics include the context, points of view, and cognitive biases of the cyber actors; the assumptions and inferences inherit in their decision making; and the implications of decisions related to automated cyber attack. The structure of research utilizes the Gerras critical thinking model to identify the factors to evaluate. It outlines how techniques such as the analysis using Tallinn Manual criteria may be used to identify assumptions and inferences for categorizing national response actions as cyber attack. It examines several historical incidents involving decisions related to strategic attack for implications to automated cyber attacks. It also investigates the implications of adopting a policy of cyber resilience, focusing on how it could be integrated with automated cyber responses measures. Finally, it studies the implications of automated cyber attack connected to the philosophy and ethics of evolving Just Cyber Warfare theory, such as that proposed by Taddeo.