Cybersecurity: mapping the ethical terrain

This edited collection examines the ethical trade-offs involved in cybersecurity: between security and privacy; individual rights and the good of a society; and between the types of burdens placed on particular groups in order to protect others. Foreword Governments and society are increasingly reliant on cyber systems. Yet the more reliant we are upon cyber systems, the more vulnerable we are to serious harm should these systems be attacked or used in an attack. This problem of reliance and vulnerability is driving a concern with securing cyberspace. For example, a ‘cybersecurity’ team now forms part of the US Secret Service. Its job is to respond to cyber-attacks in specific environments such as elevators in a building that hosts politically vulnerable individuals, for example, state representatives. Cybersecurity aims to protect cyberinfrastructure from cyber-attacks; the concerning aspect of the threat from cyber-attack is the potential for serious harm that damage to cyber-infrastructure presents to resources and people. These types of threats to cybersecurity might simply target information and communication systems: a distributed denial of service (DDoS) attack on a government website does not harm a website in any direct way, but prevents its normal use by stifling the ability of users to connect to the site. Alternatively, cyber-attacks might disrupt physical devices or resources, such as the Stuxnet virus, which caused the malfunction and destruction of Iranian nuclear centrifuges. Cyber-attacks might also enhance activities that are enabled through cyberspace, such as the use of online media by extremists to recruit members and promote radicalisation. Cyber-attacks are diverse: as a result, cybersecurity requires a comparable diversity of approaches. Cyber-attacks can have powerful impacts on people’s lives, and so—in liberal democratic societies at least—governments have a duty to ensure cybersecurity in order to protect the inhabitants within their own jurisdiction and, arguably, the people of other nations. But, as recent events following the revelations of Edward Snowden have demonstrated, there is a risk that the governmental pursuit of cybersecurity might overstep the mark and subvert fundamental privacy rights. Popular comment on these episodes advocates transparency of government processes, yet given that cybersecurity risks represent major challenges to national security, it is unlikely that simple transparency will suffice. Managing the risks of cybersecurity involves trade-offs: between security and privacy; individual rights and the good of a society; and types of burdens placed on particular groups in order to protect others. These trade-offs are often ethical trade-offs, involving questions of how we act, what values we should aim to promote, and what means of anticipating and responding to the risks are reasonably—and publicly—justifiable. This Occasional Paper (prepared for the National Security College) provides a brief conceptual analysis of cybersecurity, demonstrates the relevance of ethics to cybersecurity and outlines various ways in which to approach ethical decision-making when responding to cyber-attacks

Towards the Legal Protection of Critical Infrastructure in Africa Against Cyberwar and Cyberterrorism

This article reviews the legal framework governing the protection of critical infrastructure in Africa with an emphasis on threats like cyberwar and cyberterrorism. As African governments and businesses increasingly depend on the internet and information systems, there is a need to enact appropriate laws to protect critical infrastructure from cyberattacks that could jeopardize the economic and national security postures of African countries. The article outlines the need for appropriate legal instruments to protect critical infrastructure as African businesses increasingly rely on the internet and information systems. The lack of adequate laws regulating critical infrastructure does not translate to the absence of critical infrastructure in African countries. Ghana, for instance, has a legal framework governing critical infrastructure. These infrastructures are common in most African countries but lack the required legal framework to protect them. It is important to note that despite the Budapest Convention and African Convention on Cybersecurity and Personal Data Protection, there is no international legal framework regulating cyberwar and cyberterrorism. Considering these factors, this article reviews Ghana's Cybersecurity Act and the Directive on Critical Information Infrastructure and uses the United States framework for comparative analysis. In addition to reviewing the types of attacks critical infrastructure could face, the article looks at the legal framework for managing incidents that could arise from cyberattacks targeting critical infrastructure

Towards a cyberterrorism life-cycle (CLC) model

Cyberterrorism has emerged as a new threat in the Information and Communication Technology (ICT) landscape. The ease of use, affordability, remote capabilities and access to critical targets makes cyberterrorism a potential threat to cause wide-scale damage. Cyberterrorism is often incorrectly perceived as encompassing all cybercrimes. However, cyberterrorism differs from cybercrime in various ways including motivation, attack goals, techniques and effects. Motivations for cyberterrorism, which is similar to terrorism in general, stem from religious, social and political views. Cyberterrorists generally would seek to have high impact in order to gain publicity for their cause, whereas cybercriminals often prefer to have their acts undetected in order to hide their financial theft, fraud or espionage. Therefore, there are various factors that drive the development of a cyberterrorist. This paper proposes a model for the development of cyberterrorism in order to show the various influential forces. The Cyberterrorism Life-Cycle (CLC) model presented in this paper is composed of five phases: Prepare, Acquaint, Choose, Execute, and Deter (PACED). In addition the paper looks at various factors, including social, practices, objectives, targets and countermeasures, which are mapped onto the PACED phases in order to show the interaction and dynamic nature during the life-cycle development

Cyberterrorism as hybrid Threat: a comparison between the Iranian and Estonian case

Este trabalho de dissertação de mestrado pretende estudar o terrorismo cibernético no campo dos estudos de segurança e como se apresenta como uma ameaça híbrida na sociedade de hoje, no sistema internacional, e os seus impactos dentro destas fronteiras. Pretende abordar através de uma perspectiva institucionalista como os Estados entendem esta ameaça, que definições têm sobre este assunto, que efeitos este tipo de ameaça causa nas suas sociedades, e que meios de contra-resposta estes actores têm à sua disposição para garantir contra o ciber-terrorismo. Visa, também, expor as várias opiniões que o conceito carrega, como as suas definições e interpretações, e apresentar a conjuntura em que está inserido. A partir daí, os casos da Estónia e do Irão serão apresentados para desenvolver uma análise para compreender se existe uma diferença na resposta de dois Estados com contextos diferentes - um que é membro da OTAN e outro que não é - e como isto se apresenta na forma como abordam a questão, como reagem e como se protegem da mesma. No final, as diferenças e as razões que foram interpretadas serão apresentadas, assim como os possíveis resultados da questão da investigação.This thesis project intends to study cyber-terrorism within the field of security studies and how it presents itself as a hybrid threat in today's society, in the international system, and its impacts within these boundaries. It is intended to approach through an institutionalist perspective how states understand this threat, what definitions they hold on this subject, what effects this type of threat causes within their societies, and what means of counter-response these actors have at their disposal to ensure against cyber-terrorism. It aims, as well, to expose the various opinions that the concept carries, as its definitions and interpretations, and present the conjuncture that it is inserted. From there, the cases of Estonia and Iran will be presented to develop an analysis to understand if there is a difference in the response of two states with different contexts - one that is a NATO member and one that is not - and how this presents itself in how they approach the issue, how they react and how they protect themselves from it. In the end, the differences and the reasons that have been interpreted will be presented, as well as possible results of the research question

Terrorism and the Internet: new media - new threat?

The Internet is a powerful political instrument, which is increasingly employed by terrorists to forward their goals. The five most prominent contemporary terrorist uses of the Net are information provision, financing, networking, recruitment, and information gathering. This article describes and explains each of these uses and follows up with examples. The final section of the paper describes the responses of government, law enforcement, intelligence agencies, and others to the terrorism-Internet nexus. There is a particular emphasis within the text on the UK experience, although examples from other jurisdictions are also employed