FREE ELECTRONIC LIBRARY - Dissertations, online materials

Pages:   || 2 | 3 |

«KENNETH GEERS PANDEMONIUM: NATION STATES, NATIONAL SECURITY, AND THE INTERNET Tallinn Paper No. 1. 2014 Disclaimer This publication is a product of ...»

-- [ Page 1 ] --

Software Manufacturer Liability





Tallinn Paper No. 1.



This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre).

It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication.

Digital or hard copies of this publication may be produced for internal use within NATO and for personal or educational use when for non-profit and non-commercial purpose, provided that copies bear a full citation.

Please contact publications@ccdcoe.org with any further queries.

Roles and Responsibilities in Cyberspace The theme of the 2014 Tallinn Papers is ‘Roles and Responsibilities in Cyberspace’.

Strategic developments in cyber security have often been frustrated by role assignment, whether in a domestic or international setting. The difficulty extends well beyond the formal distribution of roles and responsibilities between organisations and agencies.

Ascertaining appropriate roles and responsibilities is also a matter of creating an architecture that is responsive to the peculiar challenges of cyberspace and that best effectuates strategies that have been devised to address them.

The 2014 Tallinn Papers address the issue from a variety of perspectives. Some of the articles tackle broad strategic questions like deliberating on the stance NATO should adopt in cyberspace matters, or exploring the role small states can play in this domain.

Others touch upon narrower topics, such as the right to privacy in the growingly intrusive national security context and whether software manufacturers should be compelled to bear their burden of cyber security by making them liable for faulty software. The thread running through all the papers, however, is their future-looking approach, one designed to inspire discussion and undergird strategic development.

Submissions The Tallinn Papers is a peer reviewed publication of the NATO Cooperative Cyber Defence Centre of Excellence. Although submissions are primarily commissioned by- invitation, proposals consistent with the annual theme and dealing with issues of strategic importance will be considered on an exceptional basis. Since the Tallinn Papers are meant for a wide audience, such proposals should assume no prior specialised knowledge on the part of the readership. Authors wishing to submit a proposal may contact the Editor-in-Chief at publications@ccdcoe.org.


Pandemonium: Nation States, National Security, and the Internet Kenneth Geers1 A long time ago, the author of Ecclesiastes wrote: “There is nothing new under the sun.” What about the internet? The network of networks should help us to have a more peaceful future, but too often it seems that the internet today is merely a reflection of what came before – including crime, espionage, and warfare – and that the international security environment is still closer to Pandemonium2 than Paradise. To make matters worse, all of our vices have seemingly been teleported into the realm of science fiction. Cyber security threats are both technological and philosophical wonders: a computer program that destroys nuclear centrifuges thousands of miles away, malware that secretly records everything we do, encrypted code that decrypts only on one target device, and so on.

The internet now plays an important role in national security affairs. Consider just a few recent examples from Europe. Cyber spies have targeted the European Union3 and member states such as France4 in a drive for competitive advantage in politics and diplomacy. In the business world, Norway’s National Security Authority (NSM) has confirmed at least ten separate network penetrations of Norwegian corporations, while noting that the true figure is undoubtedly much higher.5 In law enforcement, German police discovered that its servers were compromised.6 In the military domain, French Navy planes were grounded by 1 Senior Global Threat Analyst, FireEye; Ambassador, NATO Cooperative Cyber Defence Centre of Excellence.

2 Pandæmonium, which now means ‘wild and noisy disorder’, was the capital of Hell in John Milton’s epic poem Paradise Lost.

‘“Serious” cyber attack on EU bodies before summit,’ BBC (23 March 2011).

3 Robert Charette, ‘“Spectacular” Cyber Attack Gains Access to France's G20 Files,’ IEEE 4 Spectrum (8 March 2011).

Chloe Albanesius, ‘Norway Cyber Attack Targets Country's Oil, Gas Systems,’ PCMag (18 5 November 2011).

‘Hackers infiltrate German police and customs service computers,’ Infosecurity Magazine (18 July 6 2011).

1 Pandemonium

malicious code in the form of the Conficker worm.7 In the United Kingdom, hackers gained access to the Ministry of Defence’s classified networks.8 All of this takes place in an environment where cyber investigation, prosecution, and retaliation are difficult, and sometimes not even desirable.9 The purpose of this essay is modest. It spans the globe once, stopping long enough in numerous countries to record some of the most famous examples of international cyber attack and cyber conflict to date, and attempts to place them within a broader geopolitical context. Hopefully, this short composition will accomplish two things: remind the reader that traditional international conflicts have, as a rule, now drifted into cyberspace; and help set the stage for followon papers in this research series by the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE), which will examine the challenge of securing cyberspace from many new angles in the future.

Russia Winston Churchill called Russia “a riddle wrapped in a mystery inside an enigma.” Today, cyber defence researchers often make a similar claim: Russia has the world’s best hackers, so they can operate quietly and without being caught.

There is likely some truth in that, but it seems equally true that Russia has been at least tangentially involved in some of the best-known cases of international cyber conflict to date.

Chechnya is an autonomous republic of the Russian Federation, but Moscow has nonetheless engaged in armed conflict with it since the dissolution of the Soviet Union. From the Chechen Wars, the primary lesson for future cyber war planners is that, in the age of the World Wide Web, the propaganda battle for hearts, minds, and wallets will be fought website by website.10 In 1998, when Russian ally Serbia was under attack by NATO, anonymous pro-Serbian hackers jumped into the fray, flooding NATO networks with denial-of-service (DoS) attacks and at least twenty-five strains of virus-infected email.11 In 2007, Russia Kim Willsher, ‘French fighter planes grounded by computer virus,’ The Telegraph (7 February 7 2009).

8 Nick Hopkins, ‘Hackers have breached top secret MoD systems, cyber-security chief admits,’ The Guardian (3 May 2012).

9 John Leyden, ‘Relax hackers! NATO has no cyber-attack plans—top brass,’ The Register (6 June 2012).

10 Kenneth Geers, ‘Cyberspace and the Changing Nature of Warfare,’ Hakin9 E-Book, 19(3) No.

6; SC Magazine (27 August 08) 1-12.

11 Ibid.


was the prime suspect in the most famous international cyber attack to date – the punitive digital assault on Estonia for having moved a Soviet-era statue.12 In 2008, there was evidence that computer network operations played a supporting role in Russian military advances during its invasion of Georgia,13 and Russia was the prime suspect in what U.S. Deputy Secretary of Defense William Lynn called the “most significant breach of U.S. military computers ever”, a USBvector attack on Central Command (CENTCOM).14 In 2009, Russian hackers were blamed in “Climategate”, a breach of university research intended to undermine international negotiations on climate change mitigation.15 In 2010, the FBI arrested and deported suspected Russian intelligence agent Alexey Karetnikov, who had been working as a software tester at Microsoft.16 In response to the spectre of future cyber wars, Russia, like the U.S., China, and Israel, is creating cyber warfare-specific military units17 and, in an effort to improve its digital defences, is buying old-fashioned typewriters.18 China China’s enormous population and rapidly expanding economy have combined to create a voracious appetite for information, which is sometimes most easily acquired through cyber espionage. Much of this espionage appears to have national security implications, which could, over time, alter the balance of power in the Pacific.

As early as 1999, the U.S. Department of Energy believed that Chinese cyber espionage posed an “acute” threat to U.S. nuclear security.19 In 2001, following 12 Joshua Davis, ‘Hackers Take Down the Most Wired Country in Europe,’ WIRED (21 August 07).

13 U.S. Cyber Consequences Unit, ‘Overview by the US-CCU of the Cyber Campaign against Georgia in August of 2008’ (August 2009).

14 William J. Lynn, ‘Defending a New Domain: The Pentagon’s Cyberstrategy,’ Foreign Affairs 89(5) 97-108 (2010).

15 Will Stewart, Martin Delgado, ‘Were Russian security services behind the leak of ‘Climategate’ emails?’ Daily Mail (6 December 2009) & RT (23 November 2011) ‘Global warning: New Climategate leaks,’ RT.

16 Anastasia Ustinova, ‘Microsoft Says 12th Alleged Russian Spy Was Employee,’ Bloomberg (14 Jul 2010).

17 Vadim Gorshenin, ‘Russia to create cyber-warfare units,’ Pravda (29 August 2013).

18 Geoffrey Ingersoll, ‘Russia Turns to Typewriters to Protect against Cyber Espionage,’ Business Insider (11 July 2013).

19 Jeff Gerth, James Risen, ‘1998 Report Told of Lab Breaches and China Threat,’ The New York Times (2 May 1999).

3 Pandemonium

the mid-air collision between a U.S. Navy EP-3 signals intelligence (SIGINT) aircraft and a People’s Liberation Army Navy (PLAN) J-8II fighter, and the prolonged detention of the U.S. crew in China, pro-U.S. and pro-China “patriotic” hackers threatened to take the conflict into their own hands.20 More recently, China apparently stole the plans for the most advanced U.S. fighter jet, the F-35,21 and hacked Google, Intel, Adobe, RSA, Lockheed Martin, Northrop Grumman,22 the New York Times, the Wall Street Journal, and the Washington Post.23 In a turn toward critical infrastructure, U.S. intelligence agencies believe that Chinese hackers targeted two dozen gas pipeline companies, possibly for sabotage,24 as well as the U.S. Army Corps of Engineers’ National Inventory of Dams.25 Outside the U.S., the story is little different. Chinese hackers are believed to have compromised the British House of Commons in 2006,26 the German Chancellery in 2007,27 Japanese classified documents in 2011,28 an air-gapped Indian Navy headquarters in 2012,29 and in 2013 both the South Korean government30 and the Australian Security Intelligence Organization.31 In response, Chinese officials contend that their country is also a victim of cyber 20 Jeremy Wagstaff, ‘The Internet Could Be the Site of the Next China-U.S. Standoff,’ The Wall Street Journal (30 April 2001).

21 Siobhan Gorman, August Cole, Yochi Dreazen, ‘Computer Spies Breach Fighter-Jet Project,’ The Wall Street Journal (21 April 2009).

22 Michael Joseph Gross, ‘Enter the Cyber-dragon,’ Vanity Fair (1 September 2011).

23 Nicole Perlroth, ‘Washington Post Joins List of News Media Hacked by the Chinese,’ New York Times (1 February 2013) and Nicole Perlroth, ‘Wall Street Journal Announces That It, Too, Was Hacked by the Chinese,’ The New York Times (31 January 2013).

24 Mark Clayton, ‘Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage,’ The Christian Science Monitor (27 February 2013).

25 Bill Gertz, ‘Dam! Sensitive Army database of U.S. dams compromised; Chinese hackers suspected,’ The Washington Times (1 May 2013).

26 Peter Warren, ‘Smash and grab, the hi-tech way,’ The Guardian (18 January 2006).

27 ‘Espionage Report: Merkel’s China Visit Marred by Hacking Allegations,’ Spiegel (27 August 2007).

28 Justin McCurry, ‘Japan anxious over defence data as China denies hacking weapons maker,’ The Guardian (20 September 2011) and The Indian Express, ‘China-based servers in Japan cyber attacks,’ The Indian Express (28 October 2011).

29 Manu Pubby, ‘China hackers enter Navy computers, plant bug to extract sensitive data,’ The Indian Express (01 July 2012).

30 Neal Ungerleider, ‘South Korea’s Power Structure Hacked, Digital Trail Leads to China.’ Fast Company (19 October 2010).

31 Associated Press, ‘Report: Plans for Australia spy HQ hacked by China,’ USA Today (28 May 2013).


attacks. In 2006, the China Aerospace Science & Industry Corporation (CASIC) found spyware on its classified network.32 In 2007, the Chinese Ministry of State Security stated that foreign hackers were stealing Chinese information, “42%” by Taiwan and “25%” by the United States.33 In 2009, Chinese Prime Minister Wen Jiabao announced that a hacker from Taiwan had stolen his upcoming report to the National People’s Congress.34 In 2013, Edward Snowden, a former system administrator at the National Security Agency (NSA), published documents suggesting that the U.S. conducted cyber espionage against China;35 and the Chinese computer emergency response team (CERT) stated that it possessed “mountains of data” on cyber attacks by the U.S.36 United States Ralph Langner, the most experienced researcher of Stuxnet, contends that there is “only one” cyber superpower in the world: the U.S.37 In fact, if we narrow our definition of cyber attack to the digital destruction of physical infrastructure, Stuxnet may be the only true cyber attack the world has ever seen.

Pages:   || 2 | 3 |

Similar works:

«Retrospectives | 3 Spring 2014 Journey’s End: An Account of the Changing Responses Towards the First World War’s Representation Amanda Phipps* This article examines newspaper reviews which highlight changing responses to R. C. Sherriff’s Journey’s End in three of the play’s major runs in 1928-1930, 1972 and 2011. These three productions followed Sherriff’s original script surprisingly closely, observing an officers’ dugout in the days before a major German attack in 1918. The...»

«CURRICULUM VITAE BENJAMIN N. SCHIFF Oberlin College Residence: 213 Rice Hall 276 N. Professor St. Oberlin, OH 44074 Oberlin, OH 44074 Phone: 440 775-8535 cell (440) 506 5663 email: ben.schiff@oberlin.edu William G. and Jeanette Williams Smith Professor of Politics; Fellow, Human Rights Center, University of California, Berkeley School of Law Chair, Department of Politics 1998-2005 Professor, 1994 Associate Professor, 1986 Assistant Professor, 1982 Instructor, 1979 PREVIOUS EMPLOYMENT Visiting...»

«Utbildning & Demokrati 2008, vol 17, no 2, 73–96 Theme: Educating towards civic and professional responsibility Educating for professional responsibility A normative dimension of higher education1 Tone Dyrdal Solbrekke This paper has the politically defined mandate of higher education as its starting point to highlight and discuss contemporary challenges in relation to its normative dimension that are illustrated by examples from Norwegian higher education. A central question in the first...»

«KELLY M. BROWN, RONALD CUMMINGS, JANUSZ R. MROZEK, & PETER TERREBONNE* Scrap Tire Disposal: Three Principles for Policy Choice ABSTRACT Scrap tire disposal presents a challenging regulatoryproblem for many states. Properdisposalof scraptires,either through recycling or legal landfill disposal, is difficult and costly. In an effort to address this issue, many states have chosen to develop scrap tire policies, often funded by specialfees on the sale of new tires. These fees typically are used to...»

«8/20/2014 4:59 PM Sexually Transmitted Diseases Treatment Guidelines, 2014 This information is distributed solely for the purpose of pre-dissemination peer review under applicable information quality guidelines. It has not been formally disseminated by the Centers for Disease Control and Prevention. It does not represent and should not be construed to represent any agency determination or policy. Contents Introduction Methods Clinical Prevention Guidance STD/HIV Prevention Counseling Prevention...»

«1 The Politician and the Judge: Accountability in Government Jean Tirole∗ Eric Maskin First version, April 2001 Revised, March 2004 Abstract We build a simple model to capture the major virtues and drawbacks of making public officials accountable (i.e., subjecting them to reelection): On the one hand, accountablity allows the public to screen and discipline their officials; on the other, it may induce those officials to pander to public opinion and put too little weight on minority welfare....»

«Brubaker vita, p. 1 of 6 Rogers Brubaker Dept. of Sociology Tel 310-825-1129 UCLA Fax 310-206-9838 264 Haines Hall e-mail: brubaker@soc.ucla.edu 375 Portola Plaza http://www.sscnet.ucla.edu/soc/faculty/brubaker/ Los Angeles, CA 90095-1551 Present Position Professor of Sociology and UCLA Foundation Chair, University of California, Los Angeles Previous position Junior Fellow, Society of Fellows, Harvard University (1988-1991) Education 1990 Columbia University. Ph.D. in Sociology 1980 University...»

«Politicization of Intelligence Reporting: Evidence from the Cold War Oliver Latham∗ University of Cambridge Abstract We examine whether there is systematic evidence that the US intelligence services pandered to their political masters when constructing intelligence estimates during the Cold War. We construct a model which shows how career concerns on the part of intelligence analysts could lead them to distort reports towards their President’s prior beliefs. We then take the model’s...»

«Individuals and the Significance of Affect: Foreign Policy Variation in the Middle East Brent E. Sasley Department of Political Science McGill University, Montreal November 2006 A thesis submitted to McGill University in partial fulfillment ofthe requirements of the degree of Doctor ofPhilosophy (Ph.D.) © Copyright Brent E. Sasley, 2006 Library and Bibliothèque et 1+1 Archives Canada Archives Canada Published Heritage Direction du Branch Patrimoine de l'édition 395 Wellington Street 395, rue...»

«Revisiting the Classical View of Bene.ts-Based Taxation Matthew Weinzierl February 11, 2014 Abstract Commentary and political rhetoric on taxes in the United States have long included appeals to Smith’ (1776) classical logic of bene.t based taxation in which an individual’ bene.t from s s the state is tied to his or her income-earning ability. Modern optimal tax theory, in contrast, largely ignores the principle of bene.t based taxation. This paper shows that the classical logic of bene.t...»

«Table of Contents Table of Contents 1 Announcement 17 Articles 88 Polish court rejects Polanski extradition to US: official (7) 88 Greece says twenty-two migrants drown off Aegean islands, 144 rescued (5) 88 China’s new baby policy lifts kid stocks, sinks condom maker (3) 89 Germany migrant boy murder: Suspect admits to earlier killing (3) 90 North Korea's Workers' Party to hold first congress for 35 years (3) 90 Bill De Blasio Endorses Hillary Clinton For President (3) 91 Police arrest...»

«Thank you for downloading this docum ment from the RMIT Research R R Repository Citatio on: Lewis, T 2012, ''There grows the neighbourhood': Green citizenship, creativity and life politics on eco-TV', International Journal of Cultural Studies, vol. 15, no. 3, pp. 315-326.See this record i the RMI Researc Repository at: in IT ch http://researchbank.rmit.edu.au/view/rmit:15322 Version Accepted Manuscript n: Copyright Statem ment: © The Author(s) 2012 Link to Published Version: o d...»

<<  HOME   |    CONTACTS
2016 www.dissertation.xlibx.info - Dissertations, online materials

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.