Printer Friendly and PDF



19 Dec 2016

Russian President Vladimir Putin signed the updated information security doctrine, which should be a response to increasing foreign cyber-efforts to affect Russia's internal affairs and endanger its critical infrastructure, Reuters reported. The doctrine recognises that countries but also terrorist and extremist groups are building capacities to influence information infrastructure for military purposes. It alerts that the Russian government agencies, scientific centres and military industries are being targeted by foreign intelligence services through cyber-espionage, while the youth are becoming affected by the information bias and psychological operations from other countries using online media. In response, Russia will build strategic deterrents and strengthen the protection of its critical infrastructure, but will also further pursue efforts to prevent armed conflict that stem from the use of ICT.

18 Dec 2016

The Russian-speaking hackers may have also penetrated the US election agency network after the elections, and obtained the credentials of hundred of people at the commission and access to non-public reports on flaws in voting machines, Reuters reports. Earlier, the two renown mathematicians have stated that it is likely that the very system for counting the votes in some states was hacked as well. The FBI and the CIA have agreed that Russian cyberattacks that preceded the elections aimed at helping Donald Trump to win the elections, Washington Post reports. Following up on the CIA claims, 80 members of the Electoral College have signed the Open Letter requesting the Director of the National Intelligence to make the facts related to the outside interference with the elections public. US President Obama has previously ordered a full review into the claims that Russia was behind the cyber-operations related to elections, and has reviewed possible options to respond to Russia's hacking including using the US cyber-presence in the systems of the Russian critical systems, New York Times reports.

8 Dec 2016

Almost one million routers within the Deutsche Telekom have been put down due to a cyber-attack, which caused a country-wide Internet outage for about 900,000 users. According to the official information, the attack attempted to infect the routers with malware but have instead crashed small percentage of them; a software update is now available. It is likely that the attack was caused by the modified version of the Mirai worm which employs thousands of hijacked Internet of Things devices, Wired reports. German Office for Information Security reported that this was part of a global campaign to take down parts of the Internet, and issued a statement that the attack has also targeted government networks. The Director of the German intelligence agency has expressed concerns that this attack may be part of the campaign to disrupt forthcoming federal elections next year.


Cyber-attacks can have a background in international relations, or bring about the consequences that can escalate to a political and diplomatic level. An increasing number of states appear to be developing their own cyber-tools for the defense, offence and intelligence related to cyberconflict.

The use of cyber-weapons by states - and, more generally, the behavior of states in cyberspace in relation to maintaining international peace and security - is moving to the top of the international agenda.


Dealing with cyberconflicts as policy issue is in an early stage, with some early agreements related to the implementation of the existing international law to cyberspace and drafts of the norms and confidence building measures.

The complex nature of cyberconflict

The traditional forms of war are well known. There is established international law that regulates the conduct of armed conflict and seeks to limit its effects, such as the Geneva Convention which protects those who are not a part of the fighting. The rules of war, however, are different from the possible event of interstate cyber-conflicts, which are still not well defined.

A major characteristics of the cyberconflict is an almost impossible attribution of the attack even to a certain users, let alone to sponsorship by any state, due to the very complex and sophisticated weapons used which are able to work through a number of proxy layers (including botnets). Another difference between a traditional war and a possible cyberwar, however, exists in the scale: cyber-incidents do not take place between two nations while other countries silently watch. The Internet is a global resource and the cyberweapons, such as botnets, will employ the computing resources of other nations, making cyberwarfare effectively global. It is, therefore, reasonable to understand that the issues of cyber-conflicts and cyberwarfare belong to the Internet governance area and should be debated along with other security threats.

In 2013, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), prepared the Tallinn Manual elaborating on the implementation of the existing international humanitarian law on entering and conducting a war (jus ad bellum and jus in bello) in cyberspace. One attempt by academics and non-state actors to draft an international agreement is that of the Stanford Draft Convention on Protection from Cyber Crime and Terrorism. This draft recommends the establishment of an international body, named the Agency for Information Infrastructure Protection (AIIP). The UN Governmental Group of Experts has confirmed, in 2013, that the existing international law applies to cyberspace, but is yet to discuss on how it applies in practice. The OSCE has developed the Confidence Building Measures to enhance cooperation and prevent cyber-conflicts.




Resolutions & Declarations

Wuzhen World Internet Conference Declaration (2015)

Other Instruments

2013 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2013)
2015 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2015)


International Cybersecurity Norms (2016)


Internet Governance Acronym Glossary (2015)
An Introduction to Internet Governance (2014)


Hostile Drones: The Hostile Use of Drones by Non-State Actors against British Targets (2016)
National Security Implications of Virtual Currency. Examining the Potential for Non-state Actor Deployment (2015)

The GIP Digital Watch observatory is a service provided by


in partnership with


and members of the GIP Steering Committee



GIP Digital Watch is operated by