AddToAny

Printer Friendly and PDF

 

Cyberconflict

Updates

18 Feb 2017

Global Commission on the Stability of Cyberspace (GCSC), the new global multistakeholder body addressing risks in cyberspace, has been established during the Munich Security Conference (MSC) 2017. According to the announcement by The Kingdom of the Netherlands, The Hague Centre for Strategic Studies (HCSS) and the EastWest Institute (EWI), GCSC is "a global body formed to convene key global stakeholders to develop proposals for norms and policy initiatives to improve the stability and security of cyberspace". Headquartered in The Hague, GCSC will gather number of independent commissioners from over 15 countries and from various stakeholders, and will be chaired by the Marina Kaljurand, former Foreign Minister of Estonia and the member of the UN Group of Governmental Experts on cybersecurity. It will also be supported by Microsoft and the Internet Society (ISOC), among others. GCSC will develop proposals for norms and policies to enhance the stability of cyberspace, and work on the exchange of knowledge and ideas between governments, the business community, academia and users. A GCSC commissioners and co-chair Michael Chertoff, a former Head of Homeland Security of the USA, compared the Internet to the high seas and called for global rules of cyberspace that would make it possible for everybody to use the cyberspace similarly to how international rules allow everybody to use the oceans.

14 Feb 2017

Microsoft president and CLO Brad Smith has called for a Digital Geneva Convention, outlining six rules to be included, calling the current situation 'a growing problem in need of new solutions'. He called on both governments and the private sector to do more in the area of cybersecurity, and suggested that a trusted and neutral 'Digital Switzerland' could assist in this endeavour. This came alongside his presentation at the RSA conference in San Francisco on 14 February. In a similar, but unrelated post, Scott Shackelford, Associate Professor of Business Law and Ethics, Indiana University, asks Should cybersecurity be a human right? Both posts emphasise the involvement of International and Digital Geneva as a centre for UN efforts to ensure global cybersecurity.

7 Feb 2017

UN Group of Governmental Experts (GGE) on ICT and international security should pause the development of new norms and confidence building measures related to state behavour in cyberspace, and should instead focus on ensuring that the states implement the already defined ones, the US delegate to the UN GGE and deputy coordinator for cyber issues in the Office of the Coordinator for Cyber Affairs at the US Department of State stated at the Carnegie Endowment for International Peace event. Markoff also evaluated the US-Russia cyber-relations as a bright spot, and commented that Russia has not breached the agreed GGE norms in case of alleged cyber-attack against power grid in Ukraine since the norms apply in peacetime, rather than during the conflicts.

Pages

Cyber-attacks can have a background in international relations, or bring about the consequences that can escalate to a political and diplomatic level. An increasing number of states appear to be developing their own cyber-tools for the defense, offence and intelligence related to cyberconflict.

The use of cyber-weapons by states - and, more generally, the behavior of states in cyberspace in relation to maintaining international peace and security - is moving to the top of the international agenda.

 

Dealing with cyberconflicts as policy issue is in an early stage, with some early agreements related to the implementation of the existing international law to cyberspace and drafts of the norms and confidence building measures.

The complex nature of cyberconflict

The traditional forms of war are well known. There is established international law that regulates the conduct of armed conflict and seeks to limit its effects, such as the Geneva Convention which protects those who are not a part of the fighting. The rules of war, however, are different from the possible event of interstate cyber-conflicts, which are still not well defined.

A major characteristics of the cyberconflict is an almost impossible attribution of the attack even to a certain users, let alone to sponsorship by any state, due to the very complex and sophisticated weapons used which are able to work through a number of proxy layers (including botnets). Another difference between a traditional war and a possible cyberwar, however, exists in the scale: cyber-incidents do not take place between two nations while other countries silently watch. The Internet is a global resource and the cyberweapons, such as botnets, will employ the computing resources of other nations, making cyberwarfare effectively global. It is, therefore, reasonable to understand that the issues of cyber-conflicts and cyberwarfare belong to the Internet governance area and should be debated along with other security threats.

In 2013, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), prepared the Tallinn Manual elaborating on the implementation of the existing international humanitarian law on entering and conducting a war (jus ad bellum and jus in bello) in cyberspace. One attempt by academics and non-state actors to draft an international agreement is that of the Stanford Draft Convention on Protection from Cyber Crime and Terrorism. This draft recommends the establishment of an international body, named the Agency for Information Infrastructure Protection (AIIP). The UN Governmental Group of Experts has confirmed, in 2013, that the existing international law applies to cyberspace, but is yet to discuss on how it applies in practice. The OSCE has developed the Confidence Building Measures to enhance cooperation and prevent cyber-conflicts.

Events

Instruments

Conventions

Resolutions & Declarations

Wuzhen World Internet Conference Declaration (2015)

Other Instruments

2013 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2013)
2015 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2015)

Resources

International Cybersecurity Norms (2016)

Publications

Internet Governance Acronym Glossary (2015)
An Introduction to Internet Governance (2014)

Papers

From Articulation to Implementation: Enabling Progress on Cybersecurity Norms (2016)
International Cybersecurity Norms. Reducing Conflict in an Internet-dependent World (2014)

Reports

Towards a secure cyberspace via regional co-operation (2017)
Hostile Drones: The Hostile Use of Drones by Non-State Actors against British Targets (2016)
National Security Implications of Virtual Currency. Examining the Potential for Non-state Actor Deployment (2015)

The GIP Digital Watch observatory is a service provided by

 

in partnership with

 

and members of the GIP Steering Committee

 




 

GIP Digital Watch is operated by