8 Mar 2017

WikiLeaks released over 8000 pages of confidential documents of the US government dating from 2013 to 2016, that provide detailed description of the CIA ability to hack the phones, computers and smart devices. The leaks, dubbed "Vault 7", reveal that the CIA was able to compromise the software of all the major vendors, including Apple, Microsoft and Android, as well as those of producers of Internet of Things devices such as Samsung, which confirms the agency is collecting and exploiting vulnerabilities in these systems instead of reporting them to vendors to patch them. CIA was also able to trick the major anti-virus programmes, such as those of Kasersky, BitDifender, AVG and F-Secure, to avoid detection of the intrusion into a system. While the hacking arsenal disclosed could not break the encryption of the most popular communication applications like WhatsApp, Telegram or Signal, the ability to penetrate into the operating system of the users' phone and access the messages before being encrypted made the encryption irrelevant. The source code of the hacking tools was, however, not publicly disclosed by WikiLeaks but was instead saved until vendors and security companies do further analysis. The documents also reveal that the hacking tools have been exchanged beetween various intelligence services within the US as well as with the partners from Five Eyes (Australia, Canada, New Zealand and the United Kingdom). While the CIA did not comment on the authenticity or content, some sources confirmed to The New York Times that the code names of CIA programmes mentioned in the documents appear to be genuine.

7 Mar 2017

French government has decided to abandon plans that would allow its expats to vote online at the forthcoming national elections. According to the French Ministry of Foreign Affairs, the national agency for information security ANSSI has evaluated that there is "extremely high risk" of cyberattacks and other ways of influencing the elections in case of online voting. Even though France has established a successful model for online voting in 2012, the agency has estimated that the risks are too high amid allegations of Russian hacking of the US presidential elections and claims by one of the candidates at the French Presidential elections Emmanuel Macron that his camp has been targeted by Russian hackers, which Russia denied.

28 Feb 2017

Ministry of Defence of Singapore reported that the cyber-attack resulted with compromising the personal data of 850 employees of the public service. It has, however, underlined that only the Internet kiosks connected to its public network (I-net) allowing public servants to access the online world were penetrated, while its internal network containing sensitive data was not breached. Only some personal data of employees were stolen, such as national identification numbers, telephone numbers, and dates of birth, ZDNet reported.


Cyber-attacks can have a background in international relations, or bring about the consequences that can escalate to a political and diplomatic level. An increasing number of states appear to be developing their own cyber-tools for the defense, offence and intelligence related to cyberconflict.

The use of cyber-weapons by states - and, more generally, the behavior of states in cyberspace in relation to maintaining international peace and security - is moving to the top of the international agenda.


Dealing with cyberconflicts as policy issue is in an early stage, with some early agreements related to the implementation of the existing international law to cyberspace and drafts of the norms and confidence building measures.

The complex nature of cyberconflict

The traditional forms of war are well known. There is established international law that regulates the conduct of armed conflict and seeks to limit its effects, such as the Geneva Convention which protects those who are not a part of the fighting. The rules of war, however, are different from the possible event of interstate cyber-conflicts, which are still not well defined.

A major characteristics of the cyberconflict is an almost impossible attribution of the attack even to a certain users, let alone to sponsorship by any state, due to the very complex and sophisticated weapons used which are able to work through a number of proxy layers (including botnets). Another difference between a traditional war and a possible cyberwar, however, exists in the scale: cyber-incidents do not take place between two nations while other countries silently watch. The Internet is a global resource and the cyberweapons, such as botnets, will employ the computing resources of other nations, making cyberwarfare effectively global. It is, therefore, reasonable to understand that the issues of cyber-conflicts and cyberwarfare belong to the Internet governance area and should be debated along with other security threats.

In 2013, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), prepared the Tallinn Manual elaborating on the implementation of the existing international humanitarian law on entering and conducting a war (jus ad bellum and jus in bello) in cyberspace. One attempt by academics and non-state actors to draft an international agreement is that of the Stanford Draft Convention on Protection from Cyber Crime and Terrorism. This draft recommends the establishment of an international body, named the Agency for Information Infrastructure Protection (AIIP). The UN Governmental Group of Experts has confirmed, in 2013, that the existing international law applies to cyberspace, but is yet to discuss on how it applies in practice. The OSCE has developed the Confidence Building Measures to enhance cooperation and prevent cyber-conflicts.




Resolutions & Declarations

Wuzhen World Internet Conference Declaration (2015)

Other Instruments

2015 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2015)
2013 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (2013)


International Cybersecurity Norms (2016)


Internet Governance Acronym Glossary (2015)
An Introduction to Internet Governance (2014)


From Articulation to Implementation: Enabling Progress on Cybersecurity Norms (2016)
International Cybersecurity Norms. Reducing Conflict in an Internet-dependent World (2014)


Towards a secure cyberspace via regional co-operation (2017)
Hostile Drones: The Hostile Use of Drones by Non-State Actors against British Targets (2016)
National Security Implications of Virtual Currency. Examining the Potential for Non-state Actor Deployment (2015)

The GIP Digital Watch observatory is a service provided by


in partnership with


and members of the GIP Steering Committee



GIP Digital Watch is operated by