Deterrence by Norms to Stop Interstate Cyber Attacks

In April 2017, the foreign ministers of the G7 countries approved a ‘Declaration on Responsible States Behaviour in Cyberspace’ (G7 Declaration 2017). The Declaration addresses a mounting concern about international stability and the security of our societies after the fast-pace escalation of cyber attacks occurred during the past decade. In the opening statement, the G7 ministers stress their concern […] about the risk of escalation and retaliation in cyberspace […]. Such activities could have a destabilizing effect on international peace and security. We stress that the risk of interstate conflict as a result of ICT incidents has emerged as a pressing issue for consideration. […], (G7 Declaration 2017, 1). Paradoxically, state actors often play a central role in the escalation of cyber attacks. State-run cyber attacks have been launched for espionage and sabotage purposes since 2003. Well-known examples include Titan Rain (2003), the Russian attack against Estonia (2006) and Georgia (2008), Red October targeting mostly Russia and Eastern European Countries (2007), Stuxnet and Operation Olympic Game against Iran (2006–2012). In 2016, a new wave of state-run (or state-sponsored) cyber attacks ranged from the Russian cyber attack against Ukraine power plant,1 to the Chinese and Russian infiltrations US Federal Offices,2 to the Shamoon/Greenbag cyber-attacks on government infrastructures in Saudi Arabia.3 This trend will continue. The relatively low entry-cost and the high chances of success mean that states will keep developing, relying on, and deploying cyber attacks. At the same time, the ever more likely AI leap of cyber capabilities (Cath et al. 2017)—the use of AI and Machine Learning techniques for cyber offence and defence—indicates that cyber attacks will escalate in frequency, impact, and sophistication. Historically, escalation of interstate conflicts has been arrested using offensive or political strategies, sometimes in combination. Both have been deployed in cyberspace. The first failed; the second needs to be consolidated and enforced (Taddeo and Glorioso 2016a, b).</p

Nuclear Lessons for Cyber Security?

Identifying “revolutions in military affairs” is arbitrary, but some inflection points in technological change are larger than others: for example, the gunpowder revolution in early modern Europe, the industrial revolution of the nineteenth century, the second industrial revolution of the early twentieth century, and the nuclear revolution in the middle of the last century. In this century, we can add the information revolution that has produced today’s extremely rapid growth of cyberspace. Earlier revolutions in information technology, such as Gutenberg’s printing press, also had profound political effects, but the current revolution can be traced to Moore’s law and the thousand-fold decrease in the costs of computing power that occurred in the last quarter of the twentieth century. Political leaders and analysts are only beginning to come to terms with this transformative technology

The Military Strategic Effects of the Russian National Segment of the Internet

The aim of this thesis is to develop a theoretical and conceptual basis for studying structural cyber asymmetry and to examine the strategic effects of the Russian national segment of the internet. This topic is important because cyberspace is one of the domains through or into which force can be directed to achieve political ends. Methodologically this thesis is a theory-driven qualitative case study based on content analysis and abduction. This thesis demonstrates that cyber power can be studied as a means to shape cyberspace. This approach offers a new perspective on studying the effects of national cyber strategies and the asymmetric power relationships between states. Freedom of action, common situation picture, command and control, and resilience are useful concepts for studying the relationship between closed and open national networks. These four concepts can be combined with the model of a national information security and defence system of systems to examine and compare the management and control of national networks in a novel way which takes into account the way the governance of the internet is currently changing. This thesis argues that the structural cyber asymmetry caused by the creation of a national segment of the internet sets significant premises and frames of reference on the states’ use of force in cyberspace. Structural cyber asymmetry also shapes the effects of the use force. The construction of a national segment of the internet can be compared to strategic level preparation of a cyber battlefield. The Russian national segment of the internet can, if successfully completed, change the global balance of power in cyberspace. However, the national segment, as currently envisioned, has serious vulnerabilities. Moreover, its construction will increase the interdependencies between domains, great power competition, risks of escalation, and the risk of preventive or even pre-emptive cyber strikes. The national segment of the internet increases the fragmentation of cyberspace and strengthens the norm of cyber sovereignty

The weaponization of artificial intelligence (AI) and its implications on the security dilemma between states: could it create a situation similar to mutually assured destruction (MAD)

There is no a consensus in the IR literature on the possible implications of AI for cyber or nuclear capabilities, and whether AI would exacerbate, or potentially mitigate, the security dilemma between actors with varying capabilities. This capstone project explores these questions, using experts\u27 interviews and secondary data. It has tackled the issue under study by using the most-similar method in which most of the variables are similar. The paper argues the weaponization of AI exacerbates the security dilemma between states since it increases uncertainty. What is actually problematic about the military AI applications, as opposed to other military capabilities, is the declining role of humans. AI could be productive and counterproductive when it comes to policy making, implying the necessity of keeping humans over-the-loop. Neutralization makes AI deterrence reasonable for avoiding destructive, disruptive and manipulative outcomes. Like nuclear capabilities, establishing an AI-MAD structure, regulating the uses of AI and establishing a governing regime for AI arms race are the best possible policies. Keywords: Artificial Intelligence, Deterrence, Mutually Assured Destruction, Arms Contro

ETERNAL HOBBES: INTERNATIONAL RELATIONS AND CYBERWAR

Is the Hobbesian state of nature a valid paradigm for international relations between states? Starting from the territory of ICT ((Information and Communication Technologies), this paper explores some issues related to cyberwar and cyberspace and their implications for international relations. My conclusion is that there are good reasons to be sceptical about the very existence of international law, just because this explanatory paradigm should also apply to this area

Foreign Policy Revisionism in the Post-WWII Era

It is now almost an empirical law that territory is the most important and fatal issue states fight over. Study after study finds that territorial as opposed to maritime and river claims are more likely to lead to interstate conflict (Hensel et al. 2008, Vasquez 2009). When states choose to engage in conflict by revising the status quo, scholars find that territorial as opposed to policy, regime, and other revisions are the most fatal (Ghosen, Palmer, and Bremer 2004, Senese and Vasquez 2008). However, while territorial conflict is the most fatal, the average number of claims is down significantly since the increases around WWI and the post-WWII, decolonization period (Frederick, Hensel, and Macaulay 2017). There is also evidence that territorial revisionism declined in the post-WWII era (Zacher 2001, Holsti 1991) and is declining even more in the post-Cold War. In contrast, according to the Corrleates of War, foreign policy disputes are the most common revision type overall and the most common fatal revision type in the post-Cold War era (Palmer et al. 2015). This dissertation explores interstate conflict based on another state’s foreign policy, an important, yet understudied phenomenon. Jones, Bremer, and Singer (1996, 178) define policy revisions as: “Policy denotes an effort by the revisionist state to change the foreign policy behavior of another state.” The first chapter introduces the topic of foreign policy disputes and outlines the dissertation. The second chapter examines the big picture, what foreign policy disputes are and what causes them. In chapter three, I investigate the largest subcategory, interstate conflict over nonstate actors. Chapter four investigates how this new issues type leads to conflict by examining interstate conflict when it occurs through nonstate actors after external support is given. My dissertation contributes to the literature in two ways. First, it explores a new issue space. Interstate conflict increasingly occurs because of secondary, often less fatal issues called foreign policy disputes. Second, it speaks to an increasing way interstate conflict occurs, through third parties. States often engage each other at a low cost using nonstate actors instead of having to face them directly

Cyber Law and Espionage Law as Communicating Vessels

Professor Lubin\u27s contribution is Cyber Law and Espionage Law as Communicating Vessels, pp. 203-225. Existing legal literature would have us assume that espionage operations and “below-the-threshold” cyber operations are doctrinally distinct. Whereas one is subject to the scant, amorphous, and under-developed legal framework of espionage law, the other is subject to an emerging, ever-evolving body of legal rules, known cumulatively as cyber law. This dichotomy, however, is erroneous and misleading. In practice, espionage and cyber law function as communicating vessels, and so are better conceived as two elements of a complex system, Information Warfare (IW). This paper therefore first draws attention to the similarities between the practices – the fact that the actors, technologies, and targets are interchangeable, as are the knee-jerk legal reactions of the international community. In light of the convergence between peacetime Low-Intensity Cyber Operations (LICOs) and peacetime Espionage Operations (EOs) the two should be subjected to a single regulatory framework, one which recognizes the role intelligence plays in our public world order and which adopts a contextual and consequential method of inquiry. The paper proceeds in the following order: Part 2 provides a descriptive account of the unique symbiotic relationship between espionage and cyber law, and further explains the reasons for this dynamic. Part 3 places the discussion surrounding this relationship within the broader discourse on IW, making the claim that the convergence between EOs and LICOs, as described in Part 2, could further be explained by an even larger convergence across all the various elements of the informational environment. Parts 2 and 3 then serve as the backdrop for Part 4, which details the attempt of the drafters of the Tallinn Manual 2.0 to compartmentalize espionage law and cyber law, and the deficits of their approach. The paper concludes by proposing an alternative holistic understanding of espionage law, grounded in general principles of law, which is more practically transferable to the cyber realmhttps://www.repository.law.indiana.edu/facbooks/1220/thumbnail.jp

Cyber resilience of e-government: comparative case analysis of Estonia and South Korea

E-government has evolved throughout modern times and shaped the new norm of governance. While global society pays more attention to this next-generation platform than before, it is also true that state actors should build up a robust security strategy to protect e-government and their extended territory in cyberspace. At the same time, a high level of digitalization does not always mean their e-government framework is also strong enough to endure external threats. This thesis examines the difference in security preparedness of e-government by comparing a set of countries that have similarly well-developed online government but are lagging in the cyber defense aspect. In order to examine this, the research used cyber resilience as a conceptual framework to analyze several factors that cause differences. This concept overcomes the blind spot of the traditional cyber security approach and points out the relation with conventional hard security study. To uncover the differences in cyber security of e-government, this study picks up Estonia as a successful model and South Korea as the opposite. Based on cyber resilience, the thesis identifies external and internal factors including regional security, nature of neighbors, and internal factors triggering variance within these countries.https://www.ester.ee/record=b5439277*es

EFFECTS OF DEFEND FORWARD ON SECURITY, STABILITY, AND U.S. INTERESTS IN THE CYBERSPACE DOMAIN

The defend forward cyber defense strategy is predicated on the notion of persistent engagement with adversaries in gray and red network space, to cause friction for adversaries before they can carry out malicious activity in U.S. network space. The U.S. Cyber Defense Strategy seeks to overmatch adversaries and cause friction by actively engaging adversaries outside of U.S. network space, albeit below the threshold of armed conflict. This strategy is designed to advance the security of U.S. national interests in the cyberspace domain. U.S. security strategies may have varying effects on stability in specific domains and in overall international relations. Defend forward is often criticized for being destabilizing in the cyberspace domain, and as such, security gains from defend forward are potentially outweighed by negative effects of a further destabilized domain. This thesis answers the following questions: What is the impact of defend forward on the security of U.S. interests and overall stability in the cyberspace domain? The thesis seeks to separate the effects that defend forward has on security and stability in order to understand how, and to what extent, the strategy impacts both. This ultimately enables a determination of the immediate and long-term efficacy of defend forward and the role stability has in relation to the security of U.S. interests in the cyberspace domain.Lieutenant, United States NavyApproved for public release. Distribution is unlimited

Public Cyberinstitutions: Signaling State Cybercapacity

Even though there has been a rapid increase in state cybercapacity over the last two decades, researchers have paid little attention to this phenomenon. In my dissertation Public Cyberinstitutions: Signaling State Cybercapacity, I employ a combination of formal theory, event history analysis, and interviews to shed light on what drives a state’s decision to develop this capacity in the form of public cyberinstitutions (PCIs)—publicly observable efforts meant to signal the state offensive and defensive cybercapacity—and the effects these PCIs have on its adversaries’ decision-making. Unlike existing scholarship which emphasizes the cyberthreat environment as the main driver of PCIs, I empirically model the international proliferation of PCIs as a diffusion process and argue that it happens through different types of networks. The distinct pathways behind different types of PCIs reflect the different types of signals each is intended to send. National cybersecurity strategies diffuse through networks of “like-minded” states, with similar preferences on cybersovereignty. The development of a military cyberapparatus diffuses through military alliance networks, following the logic of complementarity. National strategies are among the less costly PCIs a country could adopt, but—because their purpose is to articulate a country’s main goals, threats and priorities in the cyber domain—governments cannot adopt them without first considering the role the Internet plays within their polity and how heavily they wish to regulate it. Military cybersecurity units, meanwhile, have higher startup and maintenance costs, and the willingness to pay these costs sends a potentially informative signal to a country’s allies and adversaries. Rather than “free ride” off the cybercapabilities of one’s allies, however, countries tend to complement the activities of their allies (e.g., invest more if their allies invest less). I test these theoretical explanations with newly collected data sets on national cybersecurity strategies and on state cybersecurity organizations between 1999 and 2018, and find robust empirical support. Using an incomplete-information model I also demonstrate that PCIs meant to demonstrate an increase in cybercapacity only deter adversaries that are susceptible to the costs created by this increased cybercapacity. Despite this, states tend to over-invest in PCIs. In particular, weak cyber states tend to over-invest to convince adversaries that they are strong, whereas strong cyber states over-invest so that adversaries do not believe that they are weak states pretending to be strong. In doing so, these states reduce their overall cybercapacity. Through my interviews with cybersecurity experts, intelligence reports, and examples of attempted election interference campaigns, I establish the empirical plausibility of this theoretical result. These findings, which focus on a fundamentally new domain of warfare and statecraft, have important implications for national security policy.PHDPublic Policy & Political ScienceUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/163168/1/nadiya_1.pd