By: Sophie Butchers,
on 12/17/2015
As the analysis reaches deeper behind the recent Paris attacks, it has become clear that terrorism today is a widening series of global alliances often assisted and connected via cyber social media, and electronic propaganda.
The post Cyber terrorism and piracy appeared first on OUPblog.
By: Carolyn Napolitano,
on 5/30/2014
“‘There’s probably no issue that’s become more crucial, more rapidly, but is less understood, than cybersecurity,’ warns cyber expert P.W. Singer, co-author of Cybersecurity and Cyberwar: What Everyone Needs to Know. Cybersecurity has quickly become one of the most defining challenges of our generation, and yet, as the threat of cyber-terrorism looms, there remains an alarming “cyber-awareness gap” that renders the many of us vulnerable. We interviewed P.W. Singer in order to learn more about why this issue is so crucial to our daily lives and how well-equipped our government is to protect us from the risks that lie ahead.
P.W. Singer discusses the growing importance of cybersecurity today
Click here to view the embedded video.
P.W. Singer talks about the role government plays in regulating the internet
Click here to view the embedded video.
P.W. Singer highlights the cyber-awareness gap in U.S. government
Click here to view the embedded video.
P.W. Singer and Allan Friedman are the authors of Cybersecurity and Cyberwar: What Everyone Needs to Know. P.W. Singer is Director of the Center for 21st Century Security and Intelligence at the Brookings Institution. Allan Friedman is a Visiting Scholar at the Cyber Security Policy Research Institute, School of Engineering and Applied Sciences at George Washington University.
Subscribe to the OUPblog via email or RSS.
Subscribe to only current affairs articles on the OUPblog via email or RSS.
The post Cybersecurity and the cyber-awareness gap appeared first on OUPblog.
By: Alice,
on 3/31/2014
Alarming headlines have recently started to appear in the media (see, for example, the CNN’s “Cyberwar hits Ukraine”). This, however, is sensationalism. What has actually happened so far is limited disruption of mobile communications through Distributed Denial of Service (DDoS) attacks. In addition, certain state-run news websites and social media have been defaced and their content replaced with pro-Russian propaganda. In the months that preceded the current crisis, Ukrainian computer systems were also allegedly targeted by “cyberspies”.
If the above scenario sounds familiar it is because it isn’t the first time that cyber operations have occurred during a military crisis involving the Russian Federation. In 2008, immediately before and after the Russian troops entered the secessionist Georgian province of South Ossetia, several Georgian governmental websites were defaced and their content replaced with anti-Georgian propaganda, while DDoS attacks crippled the Caucasian nation’s ability to disseminate information. Estonia was also the target of severe DDoS attacks in 2007, although in the context of a political, and not military, confrontation with Russia. In neither case has it been convincingly demonstrated that Russia (or any other state) was responsible for the cyber operations. The same can be said of the cyber operations against Ukrainian computer systems and websites, which have also been, at least until now, far less severe than those on Georgia and on Estonia, leading some to suggest that Russia is exercising restraint in the use of its cyber capabilities.
Does international law apply in this scenario?
While the DDoS attacks and the defacement of websites obviously don’t establish on their own an armed conflict between Russia and Ukraine, the fact that they have been conducted in the context of kinetic exchanges of fire and a situation of occupation may potentially lead to the application of the law of armed conflict (jus in bello). Two points are important from this perspective. First, although there have been no extensive armed hostilities between Ukraine and Russia yet, it has been reported that at least one Ukrainian soldier has been killed and another wounded, allegedly by Russian military forces or pro-Russian militias. Unlike in non-international armed conflicts, the jus in bello applies to any shot fired between states, regardless of intensity thresholds. The Commentary to Article 2 common to the 1949 Geneva Conventions on the Protection of the Victims of War clearly states that “[i]t makes no difference how long the conflict lasts, or how much slaughter takes place, or how numerous are the participating forces” (p. 23). Secondly, the fact that Crimea is now under the control of the Russian forces determines a situation of occupation that also falls under the scope of the law of armed conflict (Article 2(2) of the Geneva Conventions).
However, the law of armed conflict would extend to the DDoS attacks and other cyber operations against Ukraine only if these have a “belligerent nexus” with the hostilities and the occupation. Otherwise, they would be mere cyber crimes and would fall under the scope of domestic criminal laws. To have a belligerent nexus, the cyber operations must have been designed to cause a certain threshold of harm to a belligerent (Ukraine) in support of another (Russia) (see Recommendation V(3) of the International Committee of the Red Cross (ICRC)’s Interpretive Guidance on the Notion of Direct Participation in Hostilities). Harm must be either death, injury, or destruction on civilian persons or objects, or military harm, whether physical or not (Recommendation V(1)). Even though they didn’t result in material damage on protected persons and property, then, the threshold of harm would have been crossed if the DDoS attacks and other cyber operations had at least aimed at affecting the Ukrainian government’s ability to communicate with and the operability of its armed forces, so to disrupt Ukraine’s military operations or military capacity. From the information available, we don’t know whether this is the case.
Do the DDoS operations against Ukraine amount to “attacks” under the law of armed conflict? The question is important because the rules on targeting and protecting civilians, including the principles of distinction and proportionality and the duty to take precautions, only apply to “attacks”, defined in Article 49(1) of Protocol I Additional to the Geneva Conventions as “acts of violence against the adversary, whether in offence or in defence”. I have argued elsewhere that a cyber operation is an “attack” in this sense whenever it employs cyber capabilities that produce or are reasonably likely to produce “violent” consequences in the form of loss of life or injury of persons, more than minimal material damage to property, or loss of functionality of infrastructures. From the available information, this doesn’t seem to be the case of the DDoS attacks against the Ukrainian communication systems and, even less, of the defacement operations. Cyber “espionage” also doesn’t normally affect the functionality of the accessed system or amend/delete the data resident therein. It doesn’t have “violent” consequences and is therefore not an “attack”, although it may be an act of hostilities.
To conclude, we can’t establish for sure whether the international law of armed conflict applies to the cyber operations conducted so far against Ukraine because we don’t know whether they were designed to militarily support Russia to the detriment of Ukraine. What we do know is that the operations in questions are not “attacks”, and therefore the rules on targeting don’t apply to them, whether or not they have a belligerent nexus.
Dr. Marco Roscini is Reader in International Law at the University of Westminster. He has written extensively in international security law, including cyber warfare and nuclear non-proliferation law. His most recent book, Cyber Operations and the Use of Force in International Law, has just been published by OUP. He is also the author of ‘Cyber Operations as Nuclear Counterproliferation Measures’, published in the Journal of Conflict and Security Law (2014). Dr. Roscini regularly blogs at Arms Control Law and can be followed on Twitter at @marcoroscini.
Oxford University Press is a leading publisher in international law, including the Max Planck Encyclopedia of Public International Law, latest titles from thought leaders in the field, and a wide range of law journals and online products. We publish original works across key areas of study, from humanitarian to international economic to environmental law, developing outstanding resources to support students, scholars, and practitioners worldwide. For the latest news, commentary, and insights follow the International Law team on Twitter @OUPIntLaw.
Subscribe to the OUPblog via email or RSS.
Subscribe to only law articles on the OUPblog via email or RSS.
Image credit: Fingers on a keyboard, via iStockphoto.
The post Is there a “cyber war” between Ukraine and Russia? appeared first on OUPblog.
By: ChloeF,
on 2/19/2013
Cyber attacks on Iran have been well publicised in the press and on Western television. General William Shelton, a top American cyber general, has now turned these attacks around saying that these events are giving Iran a strategic and tactical cyber advantage creating a very serious “force to be reckoned with.”
Since 2010, Iran’s infrastructure has been attacked hundreds of times by cyber viruses. To date the most documented and best known cyber attacks have been aimed at Iran and are known as cyber worms called Stuxnet. These electronic worms were used to attack Iranian nuclear power plants and connected systems. General Shelton, who heads up Air Force Space Command and Air Force cyber operations, gave a briefing to reporters in January 2013, where he said that the 2010 Stuxnet virus attack on Iran’s Natanz uranium processing plant had generated considered responses from Iran that have led to improved offensive and defensive cyber-capabilities.
In December 2012, the Stuxnet virus returned and hit computer and energy operations and companies in the southern Hormozgan region. Shelton claimed that Iran’s improved cyber defense capability had helped Iran protect it against subsequent attacks on oil terminals and other manufacturing plants. This new capability, he believed, will subsequently be used by Iran against its enemies in the near future. “They are going to be a force to be reckoned with,” said General Shelton, “with the potential capabilities that they will develop over the years.” At present he stated that America had over six thousand cyber specialists employed to monitor, analyse and counter cyber attacks, and he was intending to employ another thousand specialists over the next twelve months to improve America’s effectiveness in this vital area.
Moreover, assassinations and assassination attempts in conjunction with cyber attacks are thought to be part of an integrated plan of attacks on Iran’s nuclear research and manufacturing capabilities. A year ago on 11 January 2012, Ahmadi Roshan, a 32-year-old Iranian scientist, and his driver were both killed when a motorcyclist attached a bomb to their car as they were driving. So far these attacks, which seem to form part of the broader cyber-related strategy aimed at Iran’s nuclear program, have successfully killed five Iranian nuclear scientists in the last two years according to FARS, a Tehran news agency. However, in January 2013, the Iranian Intelligence Minister Heydar Moslehi claimed that his organisation had stopped a number of attempts to kill nuclear scientists so it is uncertain which reports are accurate.
These attacks on Iran’s electronic systems represent only a very small amount of the current cyber attack and threat capability. Increasingly, all governments and corporations must respond to the cyber reality. With an interconnected world, cyber attacks on infrastructure have become frequent and damaging. Cyber crime is costing businesses billions of pounds although they tend to keep quiet about the attacks. (The BBC reported that UK cyber crime costs £27bn a year.) Efforts to get a grip on the problem had been hampered by firms who don’t want to admit they had been the victims of attacks for fear of “reputational damage”. Baroness Neville-Jones, Prime Minister David Cameron, and Foreign Secretary William Hague met the bosses of some of Britain’s biggest businesses, including Barclays, HSBC, Tesco and BA, to urge them to take the problem more seriously.
In September 2012, a hacker called vorVzakone posted a message on a Russian online forum saying that a malevolent Trojan, called Project Blitzkrieg, was capable of attacking the American financial industry, that it had already critically affected up to five hundred American targets, and that it had stolen over five million dollars. “This attack combines both a technical, innovative backend with the tactics of a successful, organized cybercrime movement,” a McAfee report explained, adding that the next target would probably be investment banks.
Hackers, apparently working independently as criminal gangs, have grown in their specialization faster than most police and government intelligence organisations would have believed possible. Yet cyber hackers working for governments have targeted everything from computer systems to power plants from the US to Iran, Europe to China, Australia and beyond. These civil servant hackers are often employed by governments to help fulfill a strategy, to change information and publicity, or to gain information and bring systems down.
One example comes from Ray Boisvert, who recently retired from the post of Assistant Director of Intelligence for the Canadian Security Intelligence Service. He believes the current capabilities of most governments is not enough to counter the current cyber threats. He said that cyber threats were fundamentally undermining Canada’s “future prosperity as a nation.” He stated there is a lack of response on three levels. First from government and corporate policy-makers who do not, in his opinion, understand the technical complexities of digital telecommunications security. Second the government has not invested enough to protect Canada’s communications and electricity systems from cyber attacks. Third, he thought there was an inherent corporate shortsightedness regarding protecting Canada’s communications infrastructure.
The cyber issue is growing and will become a rising threat to governments and corporations. It may require a serious attack such as a massive electricity system shut down before a full government response is played out.
Alfred Rolington is the author of Strategic Intelligence for the 21st Century: The Mosaic Method, an industry insider’s assessment of current intelligence methods and offers a new strategic model, directed toward the police, military, and intelligence agencies. He was formerly CEO of Jane’s Information Group, responsible for such publications as Jane’s Defense Review and Jane’s Police Review, as well as CEO for Oxford Analytica. He has over thirty years’ experience of analytical publishing and media companies, producing information and intelligence for commerce, law enforcement, the, military and government. He has written about and given lectures on intelligence and strategic planning to Cambridge, Oxford, and Harvard Universities, and to organisations such as Thomson Reuters, the CIA, SIS (MI6), NATO Headquarters, and GCHQ.
Subscribe to the OUPblog via email or RSS.
Subscribe to only law and politics articles on the OUPblog via email or RSS.
Image credits: Information Systems Technician 2nd Class Ryan Allshouse uses the intrusion detection system to monitor unclassified network activity from the automated data processing workspace. As a work of the U.S. federal government, the image is in the public domain via Wikimedia Commons; Maps and charts are scanned from “Atlas of the Middle East”, published in January 1993 by the U.S. Central Intelligence Agency. [Public domain], via Wikimedia Commons
The post Cyber attacks: electric shock appeared first on OUPblog.
