1. Preparation of the battlefield is only a hostile act if you get caught.
2. Economic espionage is only bad if you use it for profit.
3. You shouldn’t change votes or engage in social media manipulation but it’s okay to try and help your allies win with aid packages or hurt your opponent with sanctions.
4. It’s totally legit to use infrastructure in a third country to hide your tracks.
5. Related to four, you aren’t responsible if threat actors use your infrastructure.
6. International law enforcement assistance works on a best effort basis
I'm still reading Rob Knake and Richard Clarke's latest
book, so no book report yet. I will note that I think there are some tough questions left to be asked about the list above. My first thoughts are that we need to account for China's
BigCannon DDoS tool, Stuxnet, the FBI's "Tor means we can Hack It with Domestic Authority" rule, etc. Also I'm pretty sure only the 5Eyes will agree with #2 and #3.
But it's a good start. :)
