The concept of an assault on the critical infrastructure of the United States is often referred to as a ‘Cyber Pearl Harbor’. This implies that such an attack would come as a surprise. By 2016, however, few could claim to be surprised by such an event. This paper explains how the Clinton administration addressed cybersecurity in the 1990s as computers became an everyday item. With the benefits of this era, however, came potentially devastating implications for national security as the Clinton administration was required to confront a form of politically motivated violence unlike any that had been seen before Cyberterrorism.
La Chine investit massivement dans le cyberspace et souhaite se positionner comme leader de l'intelligence artificielle. L'objectif est d'assumer, a terme, une capacite mondiale lui permettant d'accroitre son rayonnement et sa souverainete afin d'etendre son influence dans ce domaine d'avenir.
The convergence of telecommunication and computer technologies that has evolved in the field of information and communication technologies (ICT) in the last two decades has had very important effects on new war technologies and the ongoing process of battlefield digitisation. The Stuxnet worm, uncovered in 2010 and responsible for the sabotaging of a uranium enrichment infrastructure in Iran, is a clear example of a digital weapon. The incident shows what is meant by cyber war and what the particular features of this new warfare dimension are compared to the conventional domains of land, sea, air and space, with relevance both at the operational and strategic levels. But cyberspace also extends to the semantic level, within the complimentary field of information warfare involving the content of messages flowing through the Internet for the purposes of propaganda, information, disinformation, consensus building, etc. The overall cyber warfare domain needs to be put into perspective internationally as many countries are developing strong cyber capabilities and an ‘arms race’ is already taking place, showing that these technologies can potentially be used to undermine international stability and security. What is needed is a public debate on the topic and its impact on global stability, and some kind of regulation or international agreement on this new warfare domain, including an approach involving confidence building measures (CBMs).
Cyberspace is an avenue of approach through which a military force can attain objectives of value. Through these cyber avenues of approach, military forces can engage, vet, organize, and direct human agents to accomplish specific activities. Although the objectives of these activities could differ from traditional military objectives, they still have military relevance. This particular manifestation of cyber conflict is neither a new domain of war nor something outside of warfare. Rather, it can be viewed as an emerging avenue of approach in the larger context of military operations, auguring benefits in the integration of cyber activities with operations.
Abstract: The article focuses on the partnership of North Atlantic Treaty Organization (NATO) allies with cybersecurity industry and private sector to improve its cyber capabilities. Topics discussed include the investment of NATO member nations in cyber defense, the assistance of NATO to its alliance members in responding to cyber attack, and the role of NATO Communications and Information Agency (NCI).
Abstract: The article reports on the vulnerability disclosure program of the U.S. Defense Department (DoD) with HackerOne, a cybersecurity firm based in high technology industries in Santa Clara Valley, California. Topics discussed include the legal framework created by the program for friendly hackers to find vulnerabilities in the information technology (IT) systems of DoD, the return on investment (ROI) from the program, and the contracts awarded by the DoD to cybersecurity firm Synack.
Abstract: The article focuses on the concern on how the administration of U.S. President Donald Trump will tackle cybersecurity challenges. Topics discussed include the plan of Trump to improve the U.S. Cyber Command, the appointment of Thomas Bossert as the assistant to the president for counterterrorism and homeland security, and the development of offensive cyber attack capabilities by several countries.
Abstract: The article offers the author's insights on the changes in the status of the U.S. Cyber Command (Cybercom) under the 2017 National Defense Authorization Act. Topics discussed include the proposed separation of the leadership of the National Security Agency and Cybercom, the allegations on the interference of Russian electronic spies in the 2016 U.S. presidential elections, and the statement from Marine Corps General James Mattis.
Notes: The cyberdomain has become “key terrain” of irregular warfare with state and nonstate actors leveraging social media and other digital tools for command and control, intelligence gathering, training, recruiting, and propaganda. Department of Defense cyberstrategy highlights the urgent need for improved cyber situational awareness to reduce anonymity in cyberspace. This requires new technologies, doctrine, and analytical approaches for identifying and targeting adversaries operating in a digital landscape. This article examines identity-based targeting approaches developed during recent conflicts as a possible starting point for this effort.
From Here to Cybersecurity: Maturing Your Defenses with the Four Cyber Security Disciplines
WAHLIN, B. (March 2016). THE EUROPEAN SECURITY AND DEFENCE UNION, vol. 23, no. 1, p. 46
Available in print only [Please contact the Library]
ABSTRACT: This article reports on a recent survey designed to capture understandings of cyberterrorism across the global research community. Specifically, it explores competing views, and the importance thereof, amongst 118 respondents on three definitional issues: (a) the need for a specific definition of cyberterrorism for either policymakers or researchers; (b) the core characteristics or constituent parts of this concept; and (c) the value of applying the term “cyberterrorism” to a range of actual or potential scenarios. The article concludes by arguing that while a majority of researchers believe a specific definition of cyberterrorism is necessary for academics and policymakers, disagreement around what this might look like has additional potential to stimulate a rethinking of terrorism more widely
ABSTRACT: Cyberspace has emerged as a potentially new (and unconventional) domain for warfare. Much debate has focused on understanding cyber conflict. The ability to critically analyse this phenomenon is important; however, the nascent nature of cyberwarfare and the complexity of the systems involved create challenges not met by conventional approaches. As a first step, this requires an analytical construct to frame discussions in a way that highlights distinct characteristics of the cyber domain. An approach proposed is one of the postulating conjectures for debate as a way to achieve this and to demonstrate its use, both at the strategic and operational levels. It is suggested that such an approach provides one component of a mature analytical framework for the analysis of cyber across a range of warfare domains.
Abstract: The article discusses strategy from the U.S. Defense Department to create a professional capability requirements development work force. Topics discussed include strategy from the Defense Department to acquire and resource capabilities capable of delivering warfighting capabilities in digital age with the help of U.S. Congress, reform efforts for the acquisition work force, and acquisition work force including military members working in military occupational specialties (MOSs).
Abstract: The article discusses how understanding digital and cyber topography is crucial to successful military operations. Topics discussed include priority of the U.S. Army Signal Corps members to provide soldiers with understanding of the job of the corps and of cyberspace, technological advancements related to U.S. armed forces, and understanding the digital topology and cyber topography.
Abstract: The author reflects on the issue related to increase in the frequency of cyberattacks. Topics discussed include U.S. government reports of Chinese hacking into personnel records of government employees, concern for supervisory control and data acquisition (SCADA) systems, and issues related to data theft and data destruction. It also mentions 2015 Verizon Data Breach Investigations Report, which reveals information and financial services being affected by cybermarauders. INSET: Corporate Data Breach Report Sheds Light on Intrusions.
The debate on the (in)applicability of Article 2(4) to cyber attacks shows attempts to apply the 1945 prohibition to a 21st-century phenomenon. This article argues that the difficulties encountered in doing so do not result from the particular nature of war in cyberspace but from a paradox that lies at the heart of the prohibition on the use of force. This paradox results from alternately using means and effects as a standard to establish the current scope of the prohibition. Article 2(4) includes the use of minor military force, the use of biological and chemical weapons as well as non-military physical force, yet excludes economic coercion and, possibly, minor cyber attacks. On closer consideration the in- or exclusion of these categories from the prohibition cannot be argued on the basis of the same rule of thumb. In other words, the two standards - means and effects - are mutually exclusive as they lead to different legal qualifications for similar cases. At the same time both standards are needed to come to that which is ‘generally accepted’ with regard to Article 2(4). As there is no way out of this paradox old debates resurge, current ones are insolvable and those that are yet to be held are bound to display similar patterns.
Abstract: The idea to legalize hacking back has gained traction the last years and received several influential corporate and political proponents in the United States and Europe. The growing frustration with repeated cyberattacks and lack of credible law enforcement pushes for alternative ways to prevent future cyberattacks. As of today, counter cyberattacks are illegal in a majority of the nations because it constitutes another cybercrime independent from the initial attack. If cyber counter attacks were legalized it raises a set of questions. The first line of questions are linked to the underlying assumptions that the proposal to legalize counter cyberattacks are based upon. The second line of questions are the embedded challenges to the role of the nation state. Privatized and allowed counter cyberattacks could jeopardize the authority and legitimacy of the state. The combined questions raised by hacking back undermines the viability of the action itself, hacking back is likely to be ineffective and have a negative impact on the development of Internet governance and norms.
Who did it ? Attribution is fundamental. Human lives and the security of the state may depend on ascribing agency to an agent. In the context of computer network intrusions, attribution is commonly seen as one of the most intractable technical problems, as either solvable or not solvable, and as dependent mainly on the available forensic evidence. But is it ? Is this a productive understanding of attribution ? This article argues that attribution is what states make of it. To show how, the authors introduce the Q Model : designed to explain, guide, and improve the making of attribution. Matching an offender to an offence is an exercise in minimising uncertainty on three levels : tactically, attribution is an art as well as a science; operationally, attribution is a nuanced process not a black-and-white problem; and strategically, attribution is a function of what is at stake politically. Successful attribution requires a range of skills on all levels, careful management, time, leadership, stress-testing, prudent communication, and recognising limitations and challenges.
Cybersicherheit heute und morgen : Bedrohungen und Losungen
In: OSTERREICHISCHE MILITARISCHE ZEITSCHRIFT, 53. Jg., Heft 1, Janner - Februar 2015, S. 60-63.
Available in print only [Please contact the Library]
Exaggerated fears about the paralysis of digital infrastructure and the loss of competitive advantage contribute to a spiral of mistrust in U.S.-China relations. In every category of putative Chinese cyber threat, there are also considerable Chinese vulnerabilities and Western advantages. China has inadvertently degraded the economic efficiency of its networks and exposed them to foreign infiltration by prioritizing political information control over technical cyber defense. Although China also actively infiltrates foreign targets, its ability to absorb stolen data is questionable, especially at the most competitive end of the value chain, where the United States dominates. Similarly, China's military cyber capacity cannot live up to its aggressive doctrinal aspirations, even as its efforts to guide national information technology development create vulnerabilities that more experienced U.S. cyber operators can attack. Outmatched by the West, China is resorting to a strategy of international institutional reform, but it benefits too much from multistakeholder governance to pose a credible alternative. A cyber version of the stability-instability paradox constrains the intensity of cyber interaction in the U.S.-China relationship - and in international relations more broadly - even as lesser irritants continue to proliferate.
Notes: La cyber-revolution defie les mecanismes traditionnels de dissuasion et de gestion des conflits. Les attaques y sont difficiles a detecter, evaluer et attribuer. Le probleme de l'attribution d'une action offensive et des represailles eventuelles est rendu d'autant plus complexe que les acteurs non etatiques ont acces a un vaste arsenal de cyberarmes. Une cyberattaque de grande ampleur pourrait engendrer une escalade rapide et le declenchement de frappes conventionnelles.
Abstract: A year after the 2013 APEC summit in Vladivostok, Southeast Asia retains and enhances its appeal to Russia as a promising platform for growing trade and economic ties. At the same time, against the backdrop of growing contradictions with the West and the ongoing process of new global power centers coming into their own, regional players in Southeast Asia—and especially ASEAN—are becoming increasingly important partners in the foreign policy dialogue. Within such a dialogue, a wide range of issues is coming to the forefront of the cooperation agenda, including the problems of regional security and global security. What problems lie at the intersection of these two large baskets in the Russia–ASEAN foreign policy dialogue?
The study of this issue has led the PIR enter and invited Russian experts to the conclusion
that one of the most popular and promising, though obviously challenging and highly competitive potential areas of cooperation between Russia and ASEAN countries is the
information technology (IT) sector. On the initiative of the PIR Center, representatives of
government, business, and the technical community and academe made an effort to identify the common interests of Russia and the ASEAN states with regard to trengthening global security in cyberspace, and also to evaluate the potential of Southeast Asia as a market for Russian information security products and services, and additionally as a hardware manufacturing site for Russian companies.1 Another issue on the agenda was the pros and cons of Russia adapting the ASEAN experience in the establishing of effectively functioning networks of Computer Emergency Response Teams (CERTs) and fighting transborder cybercrime with the help of private companies and their resources.
"Stuxnet, the computer worm which disrupted Iranian nuclear enrichment in 2010, is the first instance of a computer network attack known to cause physical damage across international boundaries. Some have described Stuxnet as the harbinger of a new form of warfare that threatens even the strongest military powers. The influential but largely untested Cyber Revolution thesis holds that the internet gives militarily weaker actors asymmetric advantages, that offense is becoming easier while defense is growing harder, and that the attacker's anonymity undermines deterrence. However, the empirical facts of Stuxnet support an opposite interpretation; cyber capabilities can marginally enhance the power of stronger over weaker actors, the complexity of weaponization makes cyber offense less easy and defense more feasible than generally appreciated, and cyber options are most attractive when deterrence is intact. Stuxnet suggests that considerable social and technical uncertainties associated with cyber operations may significantly blunt their revolutionary potential."[ABSTRACT FROM PUBLISHER]
"In 2011, the White House and the Department of Defense released strategies for how the United States will approach cyberspace both from an offensive and defensive perspective. Cybersecurity has long been America's Achilles' heel where public and private networks are consistently exploited by criminals, hacktivists, and espionage actors stealing financial data, intellectual property, and sensitive information. The U.S. government has failed to instill an effective national-level cybersecurity apparatus. In order to better position itself defensively, the U.S. government needs to reposition its federal agencies to better capitalize on their capabilities and authorities to address this twenty-first century threat." [FROM ABSTRACT]
"The cyber threat spectrum that prevails today is both broad and deep. While we cannot protect everything, everywhere, all the time, we can and must make a concerted and sustained effort to shore up national defenses as they pertain to cybersecurity. Despite considerable differences of scale and scope, Estonia's made-in-country cyber solutions may hold promise for the United States, at least with some adjustments and tailoring to take into account differing requirements and traditions. There may be much to learn from a country that bills itself as “e-Estonia, the digital society,” and also delivers on that promise. Specifically, the country's Cyber Defence League is a concept and construct that may prove useful for the United States to consider and contemplate at a time when significant cyber threats continue to multiply, but the skilled personnel needed to counter the challenge are in short supply on the U.S. side." [FROM ABSTRACT]
"In the wake of Stuxnet, there has been an increasing tendency on the part of politicians and analysts to see the sophistication of a cyber-attack as an indication of its perpetrator. Indeed, the more sophisticated the attack, the more sophisticated the attacker, thereby pointing to a state actor as the culprit – or so it is argued. However, Clement Guitton and Elaine Korzak note the lack of clarity and inconsistency around the term ‘sophistication’, contending that it is context-dependent and therefore that it cannot be used unquestioningly in identifying the perpetrator of a cyber-attack." [FROM ABSTRACT]
"Since Operation Enduring Freedom, Central Asian militants, such as the Islamic Movement of Uzbekistan, have fled to Pakistan from their previous strongholds in Afghanistan. However, many militants have begun returning to Central Asia. Thus questions are raised as to what extent militancy has the potential to thrive with the pending North Atlantic Treaty Organization withdrawal from Afghanistan set for 2014? Is militancy a legitimate security threat to Central Asia? What strategies might militants implement? Thus, this article examines the current state of militancy, analyzes militant trends, introduces Afghanistan and Pakistan into the Central Asian equation, and determines the militants' capability and overall strategy. The article concludes that militant Islam, regardless of its current numbers, remains a viable threat to regional security, Afghanistan will be an essential factor for the future of Central Asian militancy, and the form this re-emergence will take becomes apparent." [FROM ABSTRACT]
ABSTRACT: The article argues that greater skills and technological improvements are showing results in a better-prepared cyber workforce against attacks on U.S. networks. National Security Agency's (NSA) Information Assurance Directorate head Debora Plunkett believes in a brighter cyber future with a public more informed on the potential risks of using information technology. Some experts believe that cyber threat includes attacks sponsored by nation-states or organized crime from China, Russia or Iran.
ABSTRACT: The article features Sandia National Laboratories' Cyber Engineering Research Laboratory (CERL) in Albuquerque, New Mexico. CERL reportedly focuses on stopping cybercriminals by enhancing enterprise security through internal and external collaboration with academic, industry and government personnel. It talks about its sister institute, the Cyber Technology Research Laboratory (CTRL) in California and the Cyber Engineering Research Institute (CERI), a virtual organization, that spans the two.
ABSTRACT: The article argues the need for planners of the U.S. Defense Department's Joint Information Environment (JIE) to specify the requirements that can cope with the surges in asymmetric cyberwarfare. It explains that asymmetric warfare describes conflicts in which the resources of the two belligerents differ in terms of their weapons and organization. It also cites the advantages of a shared security environment like cost reduction, improved personnel utilization, and faster tracking of attackers.
ABSTRACT: The article discusses the second of a two-part report on the future of cybersecurity in the U.S. Cyber industry experts predict developments including a greater reliance on law enforcement to solve state-sponsored hacks, increased automation, and more outsourcing, driven in part by government strategy and funding uncertainties. It also explains the Administration's Strategy on Mitigating the Theft of U.S. Trade Secrets and the Federal Risk and Authorization Management Program (FedRAMP).
ABSTRACT: The author discusses cybersecurity threats being faced by the U.S. government. He reports testimony issued by U.S. Director of National Intelligence James R. Clapper regarding cyberattacks against critical infrastructure. Aside from government networks, he explains that these attacks also target industries and private citizens. He also offers information on the June 2013 Cyber Symposium to be presented by Armed Forces Communications and Electronics Association (AFCEA) International.
ABSTRACT: The article discusses the strategy being developed by the U.S. Cyber Command to address cybersecurity threats against critical infrastructure in the U.S. It reports the creation of a cyberteam concept by U.S. National Security Agency (NSA) Director Keith B. Alexander that would be responsible for all aspects including signal community, signals intelligence and cyber community. The significant contributions of information technology trends to this initiative are also noted. INSET: Smart Moves to Secure Mobile.
ABSTRACT: The article discusses cybersecurity threats against critical infrastructure in the U.S. It acknowledges the vulnerability of information technology, power grid and transportation sectors to cyberattacks. According to Eugene Kaspersky of computer security provider Kaspersky Lab, malware attacks continue to proliferate. The growing interest of criminals in hacking corporate bank accounts for their financial gain is also explored.
ABSTRACT: The article discusses cybersecurity training of the U.S. Army. Aside from receiving instruction on passwords and mobile device security matters, Army Signal Corps members are also trained on network management protocols. Chris Haigh of the U.S. Army Cyber Command asserts that network access are only given to soldiers that took cybersecurity classes. It also describes collaboration of federal research laboratories and the defense community on said cybersecurity training.
Abstract: The article discusses the establishment of Joint Cyber Centers (JCC) to ensure safety of U.S. Transportation Command (TRANSCOM) logistic activities. It describes transactions involving supplies and people being conducted by TRANSCOM that are deemed significant to U.S. military operations. It acknowledges the incorporation of the Theater Network Operations Control Center (TNCC) to JCC situational awareness capabilities. The vulnerability of TRANSCOM to cyberattacks is also explored.
ABSTRACT: The article discusses how large companies in the U.S. have been addressing cybersecurity threats and trends. Despite increasing attention to network security, large firms continue to foster sharing of information among public and private sectors. It acknowledges opportunities being offered by the emerging cybersecurity market to industries. Remarks from General Dynamics Fidelis Cybersecurity Solutions president Peter George regarding the need for enterprises to defend themselves are presented.
ABSTRACT: The article discusses cybersecurity networking efforts of the U.S. Air Force (USAF). It describes restructuring efforts launched by the USAF to improve discipline within the organization and its operations, emphasizing how it considered interaction with various services including the commercial sector. William L. Shelton of the USAF Space Command remarked that a more streamlined organization is the overall goal of the USAF. The migration of the USAF to a single unclassified network is explored.
"When news of Stuxnet first emerged, many thought that it had caused a major setback to Iran's uranium-enrichment programme. Ivanka Barzashka argues instead that while Stuxnet may have had the potential to seriously damage Iranian centrifuges, evidence of the worm's impact is circumstantial and inconclusive. Her analysis of the related data shows that the 2009 version of Stuxnet was neither very effective nor well-timed and, in hindsight, may have been of net benefit to Tehran." [FROM ABSTRACT]
The ‘cyber’ issue is not new, but rather has taken a half-century to develop. Indeed, it was already decades old before the general public and many senior leaders
recognized its salience in the mid-1990s. It developed, moreover, along a logical path, which can be depicted as the successive dawning (for American policymakers, officials, and intelligence officers) of four insights, each of which was glimpsed in theory at least shortly before empirical evidence verified that it was indeed a reality to consider in setting policies, standards, and doctrine. Thus the official responses to the emergence of the cyber issue in the late-1990s were shaped by the outcomes of those earlier debates; the options available to policy-makers in the White House, Congress, the Pentagon, and the various agencies were already conditioned and even determined by previous arguments.
ABSTRACT: Which government agency should have primary responsibility for the Internet? The USA seems to have decided this question in favour of the military-the US military today has the largest concentration of expertise and legal authority with respect to cyberspace. Those in the legal community who support this development are divided as to the appropriate legal rules to guide the military in its oversight of the Internet. Specialists on the international law on the use of force argue that with analogy and interpretation, current international law can be applied in a way that allows great freedom without sending the message that the USA is acting lawlessly when it comes to the Internet. Others reject this argument as unnecessary and potentially too restrictive. The USA need not observe international law rules, especially not with respect to the Internet. The way forward is to follow the Cold War strategy of threatening enemies with overwhelming force and preparing to act on these threats. This article also questions the application of international law on the use of force to the Internet. Rather than rejecting international law in general, however, the thesis here is that international law rules governing economic activity and communications are the relevant ones for activity on the Internet. Moving away from military analogy in general and Cold War deterrence in particular, will result in the identification and application of rules with a far better chance of keeping the Internet open and safer for all.
The legality of cyber attacks is generally approached from the use of force prohibition contained in Article 2(4) UN Charter. In order to constitute an unlawful use of force it is widely accepted that an intervention must produce physical damage. Of course, a cyber attack can cause physical damage and therefore violate Article 2(4). Upon the available evidence, I submit that the deployment of the Stuxnet virus against Iran in 2010 is such an example. However, the issue is that many cyber attacks do not manifest physical damage and are thus not captured by Article 2(4). Contrary to claims in existing cyber war literature, this does not mean that such attacks are lawful. Instead, I argue that where such attacks are coercive in nature they will nevertheless violate the non-intervention principle that is embedded in customary international law. I suggest that the cyber attack against Estonia in 2007 provides a good example of a cyber attack amounting to an unlawful intervention.
This article examines the conditions under which a cyber attack can trigger a State's right to self-defence and argues that the current international law standards for attributing attacks to a State can cover the case of cyber attacks. More specifically, the victim State can use force by way of self-defence against another State if the attack has been committed by the latter's organs or agents or has been committed by non-State actors tolerated by that State. When no State is implicated in the cyber attack, the victim State can take direct self-defence action against the non-State actor. It is however noted that future State practice may amplify further the attribution standards or introduce new standards.
This article examines the classification of conflicts consisting of only cyber operations under international humanitarian law. 'International armed conflicts' are those that are 'armed' and 'international'. The article contends that the former criterion is met when cyber operations amount to an 'attack' because they injure individuals or damage objects, whereas the latter requires that the operations be between or attributable to States. 'Non-international armed conflict' occurs when hostilities between a State and an 'organized' armed group reach a particular level of intensity. To be sufficiently intense, such cyber operations must be 'protracted'; isolated incidents do not suffice. Intensity also requires that the level of violence exceed that of riots or civil disturbances. Injury or damage is not alone sufficient. Cyber operations conducted by individuals cannot qualify because they are insufficiently 'organized'. Groups organized on-line may be assessed on a case-by-case basis, but the traditional organization criteria render it difficult for them to qualify. The article concludes that while cyber exchanges may sometimes amount to international armed conflict, classification as non-international armed conflict is problematic.
Computer Network Attacks (CNAs) do not automatically come within the framework of the definition of 'attack' in conformity with the law of armed conflict (LOAC). Consequently, some so-called CNAs (especially, those used only as means of intelligence gathering) do not qualify as 'attacks' in the sense of LOAC. Only CNAs entailing 'violence' do. CNAs constituting 'attacks' in the LOAC sense are governed by the same rules that apply to kinetic attacks. In particular, they are subject to the application of the cardinal principle of distinction between combatants/military objectives and civilians/civilian objects. Consequently, deliberate attacks against civilians/civilian objects are prohibited, and so are indiscriminate attacks. An important extrapolation of the principle of distinction is the principle of proportionality, whereby-when lawful targets are attacked-collateral damage to civilians/civilian objects must not be expected to be 'excessive' compared with the military advantage anticipated. This is a complex construct, applying to CNAs as much as to other attacks. Feasible precautions must be taken prior to any attack, including a CNA. When a civilian is engaged in any form in a CNA, the act constitutes direct participation in hostilities and the actor loses civilian protection from attack.
The domain of cyber warfare being relatively new, it is not yet matched by any comparatively novel international legal paradigm; the cyber conflicts of the present and (probably) the future therefore fall to be regulated under the existing lex lata. This article, assuming a scenario of international armed conflict, seeks as a specific example to apply the notion of direct participation in hostilities from Additional Protocol I (1977) to cyber war. This aspect of the topic is likely to assume particular importance in light of the contemporary tendency in many developed, Western armed forces to outsource technical specialist work (like information technology) to civilians. Whether or not such civilians can be said to be directly participating in hostilities-based on the accepted constitutive elements of threshold of harm, direct causation and belligerent nexus identified in the International Committee of the Red Cross' Interpretive Guidance (2005)-will also have implications for the objects and places that could lawfully be targeted in future cyber conflicts.
Les mutations d’Al-Qaïda : Évolutions combattantes et effet démultiplicateur du cyber-djihad
This article argues that the United States government should be acting rapidly to decrease the risks the country is running in cyberspace. While the private sector has a critical part to play in enhancing the country's cybersecurity posture, the government also has a necessary role. It is on the government's role that this article focuses. The article begins by discussing the characteristics of cyberspace. Next, the challenge of cybersecurity is explored through a risk management model that addresses, in turn, threats, vulnerabilities, and potential consequences. Finally, the article lays out some of the characteristics of an effective government response, which help to illuminate a few of of the strategic and organizational challenges that will have to be overcome to improve the country's security in the cyber realm.
"The contribution focuses on the issue regarding security of information shared within the decision-making processes concerning control activities and information protection, which represents a key factor in the cyberspace. One of the main principles, which are considered as the basis for network operations and information sharing under the conditions of environment digitalization for users, lies in security and protection of mutually interconnected networks. Information superiority on the one hand and meeting requirements for secrecy and security on the other hand will result in high demands on personnel and implementation of cyber security and protection measures."
ABSTRACT: What are cyber-weapons? Instruments of code-borne attack span a wide spectrum, from generic but low-potential tools to specific but high-potential weaponry. This distinction brings into relief a two-pronged hypothesis that stands in stark contrast to some of the received wisdom on cyber-security. Maximising the destructive potential of a cyber-weapon is likely to come with a double effect: it will significantly increase the resources, intelligence and time required for development and deployment – and more destructive potential is likely to decrease the number of targets, the risk of collateral damage and the political utility of cyber-weapons.
FROM ABSTRACT: "The article offers the author's insights on the threats of cyber crime to information security in Russia. He mentions that the attacks against web sites of Russian government agencies are becoming increasingly frequent and sophisticated wherein attacks like the Stuxnet worm in 2011 could have very negative effects for the Russian economy unless measures are developed. He adds that measures against cyber terrorism are regulated by individual pieces of legislation in Russia."
Cette réflexion normative originale fait le lien entre l’apparition de la grammaire stratégique de la puissance nucléaire et celle de la puissance numérique. Elle montre les limites du parallèle entre guerre nucléaire et guerre numérique et esquisse les stratégies du combat dans le cyberespace.
"For almost two decades, experts and defense establishments the world over have been predicting that cyber war is coming. But is it? This article argues in three steps that cyber war has never happened in the past, that cyber war does not take place in the present, and that it is unlikely that cyber war will occur in the future. It first outlines what would constitute cyber war: a potentially lethal, instrumental, and political act of force conducted through malicious code. The second part shows what cyber war is not, case-by-case. Not one single cyber offense on record constitutes an act of war on its own. The final part offers a more nuanced terminology to come to terms with cyber attacks. All politically motivated cyber attacks are merely sophisticated versions of three activities that are as old as warfare itself: sabotage, espionage, and subversion." [FROM ABSTRACT]
INFO:"Au niveau des Etats, maîtriser l'espace informationnel, et donc le cyberespace, est aujourd'hui un enjeu majeur. Le cyberespace est devenu un lieu d'affrontements, de conflits entre acteurs étatiques (autorités, militaires, renseignement), ou non étatiques (civils, hackers, hacktivistes, terroristes, etc.). Malgré leurs tentatives pour contrôler l'ensemble des dérives de l'internet, il apparaît que les Etats n'y parviendront jamais complètement eu égard à l'architecture même du réseau. La volonté de puissance et de contrôle rencontre des limites, "l'affaire Wikileaks" l'a montré. Par des logiques de subversion aussi permanentes que le sont les ambitions de mise en ordre des Etats, la société civile résiste notamment par la protestation publique, l'anonymisation collective, comme on a pu le voir lors des évènements du "printemps tunisien", ou par le biais de l'activisme médiatique." (Extrait de la quatrième de couverture)
"Cyber security cooperation should be a natural area of cooperation between India and the United States for a number of reasons; both countries are democracies, with similar values and economic systems, and both have also been severely affected by threats emanating from cyberspace. The structural complementarities between the two economies, especially in the service sector, which is a major user of cyber networks provides further motive for the two countries to cooperate in this sector. Despite this strategic fit, there has been very little in the nature of cooperation, either bilaterally or multilaterally. In fact, both countries seem to have embarked on the futile exercise of securing their respective corners of cyber space in this shapeless and formless domain. Cyberspace would be better served if the two countries utilised their respective leadership positions to work pro-actively towards a cyberspace that is open, global and secure."
The article focuses on the growth in the threat posed by cyber attacks on U.S. computer networks, reported by three U.S. officials including James A. Baker, associate deputy attorney general, Greg Schaffer, assistant secretary for cyber security and Robert W. Holleyman, president of the Business Software Alliance. Holleyman referred to four categories of the current cybersecurity threats.[ABSTRACT]
Cyber security is a complex issue that requires a smart, balanced approach to public-private partnership. However, there is not a simple gold standard or mandatory minimum standard of cyber security, which can cause friction in the relationship between government and private industry. There are fundamental differences in these two unevenly yoked partners: government's fundamental role under the U.S. Constitution is to provide for the common defense; industry's role, backed by nearly a hundred years of case law, is to maximize shareholder value. Further differences are that government partners and industry players often assess risk differently, based on their differing missions and objectives. To be successful, both government and industry need to remain committed to the relationship and continue working on it by understanding the complexity of the situation, adapting where appropriate to their partner's perspective. For the public-private partnership to endure and grow, an appreciation of these differing perspectives—born from different legally mandated responsibilities—must be reached. Ultimately, the government should compensate private entities for making investments that align with the government's perspective, such as the social contract, rather than mandating that the shareholders subsidize the government function of providing for the common defense.
This article presents three reasons for states to use cyber warfare and shows that cyberspace is—and will continue to be—a decisive element in
China's strategy to ascend in the international system. The three reasons are: deterrence through infiltration of critical infrastructure; militarytechnological espionage to gain military knowledge; and industrial espionage
to gain economic advantage. China has a greater interest in using cyberspace offensively than other actors, such as the United States, since it has more to gain from spying on and deterring the United States than
the other way around. The article also documents China's progress in cyber warfare and shows how it works as an extension of its traditional strategic thinking and the current debate within the country. Several
examples of cyber attacks traceable to China are also presented. This includes cyber intrusions on a nuclear arms laboratory, attacks on defense ministries (including the Joint Strike Fighter and an airbase) and the U.S.
electric grid, as well as the current Google affair, which has proved to be a small part of a broader attack that also targeted the U.S. Government. There are, however, certain constraints that qualify the image of China as
an aggressive actor in cyberspace. Some believe that China itself is the victim of just as many attacks from other states. Furthermore, certain actors in the United States and the West have an interest in overestimating
China's capabilities in cyberspace in order to maintain their budgets.
In April 2007, the Estonian Government moved a memorial commemorating the Soviet liberation of the country from the Nazis to a less prominent and visible location in Tallinn. This decision triggered rioting among Russian-speaking minorities and cyber terrorism targeting Estonia's critical economic and political infrastructure. Drawing upon the Estonian cyber attacks, this article argues that globalization and the Internet have enabled transnational groups—such as the Russian diaspora—to avenge their grievances by threatening the sovereignty of nation-states in cyberspace. Sophisticated and virtually untraceable political "hacktivists" may now possess the ability to disrupt or destroy government operations, banking transactions, city power grids, and even military weapon systems. Fortunately, western countries banded together to effectively combat the Estonian cyber attacks and minimize their effects. However, this article concludes that in the age of globalization, interdependence, and digital interconnectedness, nation-states must engage in increased cooperative cyber-defense activities to counter and prevent devastating Internet attacks and their implications.
The risk of cyber-warfare is growing. With a low-level technological requirement, it is a form of warfare that can be prosecuted by military and civilian, state and non-state actors alike. Its anonymity makes it difficult to trace perpetrators, complicating inter-state relations. But cyberspace is not yet an active battleground for cyber-warfare, and could still be amenable to conflict prevention and restraint measures. The time has come to adopt an 'arms control approach' to cyber-security.
The cyber power of a nation does not necessarily derive solely from the number of government cyber warriors it has, but rather the sum total of resources or capabilities it can leverage to support political goals. A major portion of these cyber capabilities are invariably outside of direct government control, and reside in the non-state (business and civil-society) sector. While both China and Russia can be said to co-opt and coerce their non-state cyber elements into integration with public policy, the West mostly depends on voluntary cooperation. Thus, for Western democracies, the most important aspect of cyber power might be the ability to motivate and attract its own citizens - and thus create a whole-of-nation cyber power capability based on an inward-focused soft power approach.
The discovery in June 2010 that a cyber worm dubbed 'Stuxnet' had struck the Iranian nuclear facility at Natanz suggested that, for cyber war, the future is now. Yet more important is the political and strategic context in which new cyber threats are emerging, and the effects the worm has generated in this respect. Perhaps most striking is the confluence between cyber crime and state action. States are capitalising on technology whose development is driven by cyber crime, and perhaps outsourcing cyber attacks to non-attributable third parties, including criminal organisations. Cyber offers great potential for striking at enemies with less risk than using traditional military means. It is unclear how much the Stuxnet program cost, but it was almost certainly less than the cost of single fighter-bomber. Yet if damage from cyber attacks can be quickly repaired, careful strategic thought is required in comparing the cost and benefits of cyber versus traditional military attack. One important benefit of cyber attack may be its greater opportunity to achieve goals such as retarding the Iranian nuclear programme without causing the loss of life or injury to innocent civilians that air strikes would seem more likely to inflict. Nevertheless, cyber attacks do carry a risk of collateral damage, with a risk of political blowback if the attacking parties are identified. Difficulty in identifying a cyber attacker presents multiple headaches for responding. A key strategic risk in cyber attack, finally, lies in potential escalatory responses. Strategies for using cyber weapons like Stuxnet need to take into account that adversaries may attempt to turn them back against us.
ABSTRACT: The risk of cyber-warfare is growing. With a low-level technological requirement, it is a form of warfare that can be prosecuted by military and civilian, state and non-state actors alike. Its anonymity makes it difficult to trace perpetrators, complicating inter-state relations. But cyberspace is not yet an active battleground for cyber-warfare, and could still be amenable to conflict prevention and restraint measures. The time has come to adopt an 'arms control approach' to cyber-security.
GROBLER, Marthie, JANSEN VAN VUUREN, Joey and ZAAIMAN, Jannie. (2011). PROCEEDINGS OF THE EUROPEAN CONFERENCE ON INFORMATIONS WARFARE & SECURITY, p. 92-98. Available to NATO staff only [Please contact the Library]
Cyberspace is a new warfare domain. Computers and the information
they contain are prizes to be won during any military
conflict. But the intangible nature of cyberspace can make victory,
defeat, and battle damage difficult to calculate. Military
leaders today are looking for a way to understand and manage
this new threat to national security. The most influential military
treatise in history is Sun Tzu‟s Art of War: its recommendations
are flexible and have been adapted to new circumstances
for over 2,500 years. This article examines whether Art of
War is flexible enough to encompass cyber warfare. It concludes
that Sun Tzu provides a useful but far from perfect
framework for the management of cyber war, and urges modern
military strategists to consider the distinctive aspects of the
La guerre informatique a commence
DELPECH, Therese. (2010-2011). POLITIQUE INTERNATIONALE, no. 130, Hiver 2010-2011, p. 219-232. Available only in print [Please contact the Library]
A two-day colloquium titled Cyber Security Infrastructure Protection was conducted on June 8-9, 2011, by the Center of Information Networking and Telecommunications (CINT) at the Grove School of Engineering, the Colin Powell Center for Public Policy, both at the City University of New York, City College (CCNY), and the Strategic Studies Institute (SSI) at the U.S. Army War College.