At the RSA Conference Europe 2012 last week David and I explained how businesses can build a real Active Defense plan, as reported by The Register.

Companies and governments are constantly under siege by hackers and malware. Standard incident response is failing and police are overstretched. Faced by these challenges, small businesses have the option to actively respond against attackers rather than mounting only a passive defense.

Rather than jumping to the conclusion that any defensive action beyond currently accepted techniques is illegal, better and more effective options need to be considered, the argument runs.

Our presentation emphasizes the philosophy and law of self-defense and the need to formally document engagement rules and steps. After the presentation an audience member asked me to comment on the Clegg criminal law case from Northern Ireland.

I found this case described in detail at a school of law and in Cases & Materials on Criminal Law: Fourth Edition by Mike Molan

In relation to the first three shots, the judge accepted Private Clegg’s defence that he fired in self-defence or in defence of Private Aindow. But with regard to the fourth shot he found that Private Clegg could not have been firing in defence of himself or Private Aindow, since, once the car had passed, they were no longer in danger.

The situation involved soldiers on patrol who ordered a car to stop. When the car failed to follow orders it was fired upon. The soldiers’ claims were evaluated against scientific proof that a fourth shot hit the threatening vehicle after it had passed (entered it from the rear) and was more than 50 feet away. This contradicted Clegg’s testimony that he fired three shots through the front and the fourth shot through the side door as the car passed nearby. The judge thus ruled a fourth bullet was fired “with the intention of causing death or serious bodily harm” and Clegg was found guilty of murder.

YouTube has this archival video of the news with more detail, including an attempt by the soldiers to falsify proof of motive.

https://www.youtube.com/zcXRw–gv1M

In a somewhat related news story of today, several Royal Marines have been arrested for how they handled a captured combatant. The arrests were based on video of the incident found on a laptop during a civilian investigation of one of the soldiers.

Footage discovered on a serviceman’s laptop prompted the arrest of seven Royal Marines on suspicion of murder over an incident in Afghanistan, Sky News has learned.

The Ministry of Defence (MoD) said the arrests by the Royal Military Police relate to an incident that happened after an engagement with an insurgent.

Sky sources revealed it only came to light following an arrest last week by civilian police – for a separate matter – of a man who had been serving in Afghanistan.

During that investigation, they had to look at his laptop – where they discovered a video that showed what were allegedly Royal Marines in a compound in Helmand Province with what appears to be an injured Taliban insurgent.

Sources say the clip contains a conversation about what to do with the injured man and whether to administer first aid.

Five soldiers have now been charged with murder.

Defense Secretary Philip Hammond pledged that any abuse would “be dealt with through the normal processes” of military justice.

“Everybody serving in theater knows the rules of engagement. They carry cards in their uniforms with the rules on them in case they should need to remind themselves,” Hammond told the BBC on Sunday.

These cases bring two points to mind.

First, defensive acts have to be measured and proportionate. Preparation and training are essential so action in the heat of the moment can be found reasonable. Some may see these as prohibitively costly calculations but let’s face it, organizations already are working on disaster recovery policy and procedures that do the same thing.

It is a cost relative to threats; a company that wants to stay in business simply has to do the math and make a business decision.

Second, even trained professional soldiers obviously can violate codes of conduct or rules of engagement. That is why formal documentation and verification of procedures are essential to the success of a defensive action.

On this day in 1863, two and a half years after the start of the Civil War, hundreds of pro-slavery Confederates led by Captain William Quantrill disguised themselves as Federal soldiers, then ambushed and killed more than 50 Wisconsin men stationed in “Bloody Kansas”.

Amongst the killed were the brigade band’s 11 men. Several of them had been pinioned to the band wagon by swords driven through them while still alive and the wagon then set afire. Among these served in this way were T.L. Davis, of Platteville, and Johnny Fritz a 15-year-old drummer boy; a sword had been driven through his thigh and then into the woodwork of the wagon.

Quantrill’s group was known to not only torture and burn men alive but kill them even after surrender. Quantrill himself had earned a reputation as a liar and spy.

By the end of 1863 his methods were a clear burden to the Confederate Army, which had to assign soldiers to protect civilians from his men. He eventually was arrested in Texas by a Confederate General in early 1864 on charges of ordering the murder of an officer.

Civilians were accosted, homes were broken into, church steeples were shot up, and a Confederate recruiting officer, Major George N. Butts, was found shot to death on the side of a road. “They regard the life of a man less than you would that of a sheep-killing dog,” said [General] McCulloch. “I regard them but one shade better than highwaymen.” In Sherman, drunken guerrillas rode their horses into a hotel lobby and shot out the gaslights.

Quantrill easily escaped arrest by McCulloch and then tried to continue his style of guerrilla raids, leading men like Jesse James on campaigns North and East of Texas. He was shot in 1865, as he claimed he wanted to march on the US President, and died while in a hospital.

An explosion on this day in 1931 impacted a section of railway track owned by the Japanese in north-eastern China near Mukden. The blast was weak and displaced less than 2m of track.

It was quite different from an explosion three years earlier, set by Japanese intelligence, which had assassinated the warlord of Manchuria. The 1928 explosion, also on Japanese-owned tracks, was intended to instigate a Japanese invasion. Instead it ended up having the reverse effect and received international condemnation. The large explosion and death led to Manchuria moving further from Japanese control instead of under it.

So, in 1931 after a far smaller explosion and with trains still passing over the damaged section of track, militant factions of government in Japan claimed the need for an emergency response. Invasion was launched under the pretense to secure Japan’s railway, their nationals and defend their colony in Korea against Russia. Economic interests were also obvious; a large market and source of resources was highly desireable to the Japanese after Western markets shutdown in 1929 with the start of the Great Depression.

The Chinese, weakened by civil-war, failed to bring forward any coordinated resistance. The Japanese army swiftly took hold of the entire region and declared a new autonomous state of Manchukuo. Western countries, unlike the 1928 incident, no longer were in a position to intervene or respond to Chinese requests for assistance.

Four days after the 1931 Mukden incident the US Minister in China reported by telegram to the US Secretary of State that the Japanese act was planned aggression.

According to all information available to me here, I am driven to the conclusion that the forceful occupation of all strategic points in South Manchuria, including the taking over and operation of public utilities, banks, and in Mukden at least the functions of civil government, is an aggressive act by Japan apparently long planned and when decided upon most carefully and systematically put into effect. I find no evidence that these events were the result of accident nor were they the acts of minor and irresponsible officials.

The US Secretary of State, based on advice from his ambassador in Japan, opposed the use of a formal League Commission of Inquiry due to fear of further emboldening hawks in the Japanese government. Instead he issued a diplomatic non-recognition statement, known as the Stimson Doctrine. This, similar to the League of Nations efforts that the Japanese simply walked away from, had little to no influence on the conflict.

While it was clear Japanese militant leaders had used false-pretense to breach the post-WWI agreements on peace, nonaggression and disarmament they also faced little tangible resistance and they flatly refused to stand down.

Occupation of Manchuria by Japan soon expanded in threat; the stage was set for escalation into the Second Sino-Japanese War in 1937 and destabilization/expansion into the region, which eventually led to the bombing of Pearl Harbor in 1941.

It’s all food for thought given the debate over premeditation of the recent incident in Libya and the rising territorial resource conflict between China and Japan.