Cyberthreats
Introduction
The Evolution of Cyberthreats
- Dependency, Interconnectivity, and New Vulnerabilities
- Boundlessness, Anonymity, and Technological Progress
- The Vagueness of Cyberintrusions and Unclear Responsibilities
- The Problem of Attribution and Sovereignty in Cyberspace
Understanding Cyberthreats
Technical Background
- Computerization and Interconnectivity
- The Role of Hard- and Software
- Oligarchy
- Flaws
Institutional Background
- The Evolution of the Internet
- A Short History of Governance in Cyberspace
- Actors and Terms
- Hackers
- Script Kiddies and Cybervigilantes
- Non-State Actors with a Political Agenda
- System Administrators and Cybersecurity Companies
- Cybercriminals
- ICT Companies
- State Actors and CERTs
- The Mass Media
Nature of Cyberweapons
Tools
- Viruses and Worms
- Backdoors: Trojans and Rootkits
- Botnets
Techniques
- DoS Attacks
- Infiltration
- Social Engineering
- Probing, Sniffing, and Mapping
- Anonymization Techniques
- Ever-Growing Sophistication
Cyberthreats and Critical Infrastructure
- Definition and Risk Assessment of Critical Infrastructure
- Critical Information Infrastructure
CII as Catalyst for Vulnerabilities
- Connectivity
- Ownership
- Origin
- Interdependencies
The Internet as CII
- Critical Elements of the Internet
- The Internet’s International Character
- Case Study: The Susceptibility of Power Grids to Cyberattacks
- Cyberattacks Against Critical Infrastructure – A Probable Danger?
The Scope of Cyberthreats
Myth or Reality? Case Studies on Reported Cyberincidents
- Evolution of Cyberthreats as a Matter of National Security
- Estonia
- South Ossetia War
- Kyrgyzstan
- GhostNet – Tibetan Authorities
- Stuxnet – Iranian Nuclear Program
- Operation Aurora – Google vs China
- Other Occurrences and Trends
- Analysis and Lessons Learned
Strategic Reflections on Cyberintrusions
A Challenge for International Law
Part II Interstate Cyberthreats
Outlining Cyberwar
- Definition
- The Role of Cyberspace in Warfare
National and Regional Strategies
- United States of America
- People’s Republic of China
- Russian Federation
- European Union
- North Atlantic Treaty Organization
- Others
- A New “Cyber Cold War” ?
- Cyberwar in International Law
The Contemporary Jus Ad Bellum
- The Prohibition of the Use of Force
Self-Defense
- Armed Attack
- Aggression
- Indirect Force
- State Responsibility for the Conduct of Non-State Actors
- Immediacy
- Necessity and Proportionality
- Collective Self-Defense and Regional Collective Security
- The Role of the Security Council with Regard to Self-Defense
Action Taken by the Security Council under Chapter VII of the UN Charter
- Measures under Article UN Charter
- Force Authorized by the Security Council
- Retorsions and Reprisals
- The Principle of Non-Intervention
Cyberwar and the Jus Ad Bellum
The Use of Force in Cyberspace
- The Obscurity Dilemma
- The Consequential Dilemma
- Cyberattacks as Use of Force
- Schmitt’s Scheme
- Measurability
- Presumptive Legitimacy
- Severity
- Immediacy and Directness
- The Threat of the Use of Force in Cyberspace
Self-Defense
- Cyberattacks as Armed Attack
- Invasion, Occupation, and Attacks Against the Territory of a State
- Naval Blockade vs Infoblockade
- Attack Against the Armed Forces of a State
- Third State Involvement
- Indirect Force
- State Responsibility for Cyberwar Activities by Non-State Actors
- Immediacy
- Necessity and Proportionality
- Adequate Form for Self-Defense Against Cyberattacks
- Collective Cyber Self-Defense and Collective Cybersecurity
- The Role of the Security Council with Regard to Self-Defense Against Cyberattacks
Security Council Actions under Chapter VII
- Cybermeasures Under Article UN Charter
- Cyberforce Authorized by the Security Council
- Cyberspace and the Maintenance of International Peace and Security
- Retorsions and Reprisals in Response to Cyberattacks
- Cyberattack asIntervention or Other UnlawfulAct UnderInternational Law
Neutrality and Cyberwar
- Inviolability of Neutral Territory
- Telecommunication-Specific Provisions
- Neutral Popular Participation
Cyberespionage in the Jus Ad Bellum
Cyberwar and the Jus in Bello
- Introduction
Applicability of IHL on Cyberwar
- International Armed Conflict
- Violence
- Non-International Armed Conflict
IHL Aspects Relevant to Cyberwar
- Distinction
- Military Objectives
- Dual-Use and Human Shields
- Discrimination
- Precautions and Proportionality
- Feasibility
- Differentiated Responsibility Due to Technical Proficiency
- Specifically Protected Objects
- Cultural Property
- Works and Installations Containing Dangerous Forces
- Natural Environment
- Indispensible Objects
- Ruses of War and Perfidy
- Weapon Restrictions
The Legal Status of Involved Actors
- Combatant Status
- Cyberwarriors: Combatants or Civilians?
- The Problem of Visual Distinction
- Cybermercenaries and Private Contractors
Direct Participation in Hostilities
- The ICRC Interpretive Guide
- The Expert Meeting Report
- Undue Preference for Cyberattacks Among Civilians?
- Critical Examination of the Examples in the ICRC Guide
- Belligerent Nexus
- The Temporal Element of Loss of Immunity
- Unintentional Participation in Hostilities
- Involuntary Participation in Hostilities
- Wanton Participation
- Uncertainty Prevails – A Call for Generalization?
Cyberespionage in the Jus in Bello
Part III Non-State Actor Cyberthreats
Cyberterrorism
- The Changing Face of Terrorism
- The Challenge of Cyberspace
- Why Cyberterrorism?
A Real Threat or Just Exaggerated Cyberangst?
- The Use of Cyberspace for Terrorist Purposes
- The Elements of Cyberterrorism
- The Likeliness of Cyberterrorism
- Probable Manifestation of Cyberterrorism
Definition of Cyberterrorism
- Shifting from a Terrorist Intents-Based to an Effects-Based Approach
- Delimitation by the Scale of Attacks
The Convention on Cybercrime
- Scope of the Convention and its Application on Cyberterrorism
- Prevention of State-Sponsored Cyberattacks?
Hacktivism and Webtivism
- The Use of Cyberspace for Political Purposes
- A Case Study of Hacktivism: Anonymous
- Patriotic Hacking
Human Rights Aspects
- Censorship in Cyberspace
- Surveillance in Cyberspace
- Balancing Human Rights
New Instruments to Tackle Cyberterrorism?
Part IV Jurisdiction and Cyberspace
Possible Bases of Jurisdiction
- Principles of Jurisdiction
- The Jurisdictional Regime of the Convention on Cybercrime
- Universal Jurisdiction
- Possible ICC Jurisdiction?
Applying Traditional Principles to Cyberspace
- Enforcement
Cyberspace as International Space
Analogies to the High Seas
- Hot Pursuit
- Piracy
Jurisdictional Responses to Cyberintrusions
Part V A New Approach Toward Cyberthreats
Summary of Research Results
- Concept of Cyberthreats
Interstate Cyberthreats
- The Jus Ad Bellum
- The Jus in Bello
- Non-State Actor Cyberthreats
- Jurisdiction and Cyberspace
Recommendations to the International Community
- Separate Consideration of State and Non-State Actor Threats
- Harmonization of State Practice
- Shaping of a Global Opinion
Adaptation of the Law of Armed Conflict
- The Current Situation
- Reasons for Action
- Elaboration of a Compendium of State Positions
- Exclusion of Cyberespionage
- Obstacles
- The Use of Force Quandary
- The Obscurity Dilemma
- International Humanitarian Law not (yet) in the Spotlight
New Instruments
- Arms Control Regimes
- Arms Control Based on Monitoring and Verification
- Arms Control Based on a Declaration of Principles
- Non-State Actors
- Harmonization to Address Serious Cyberattacks
- Establishment of Cooperative Procedures
- Address Massive Compromisation
- Leave Out Content Issues
- Potential Controversy
- State-Borne Threats
- Non-State Actor Threats
Overarching Obstacles
- Obstacles to Investigation
- Anonymity
- Absence of Evidence Standards
- Obstacles to Cooperation: Differing Agendas and Capabilities
- Remedy by Other Types of Cooperation
Leave a Reply