Cybercrime: Working Together to Mitigate Peace and Security Threats

Cybercrime is becoming a growing threat to international peace and security. Attacks against critical infrastructures such as hospitals and energy suppliers endanger basic public services. In some cases, states cover for cybercriminals or even use their activities for political purposes. This topic is therefore highly volatile internationally, and escalating interstate tensions in the wake of cyberattacks is a real threat. In view of the upcoming UN negotiations on a "Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes," three points are essential. First, existing best practices of cross-border cooperation should be strengthened. Second, new instruments that can help to curb escalation and close protection gaps need to be developed. Finally, repressive regimes must be prevented from committing human rights violations under the pretext of fighting crime

On the Peace and Security Implications of Cybercrime: A Call for an Integrated Perspective

Criminal cyberattacks have skyrocketed in the past decade, with ransomware attacks during the pandemic being a prime example. While private corporations remain the main targets and headlines are often dominated by the financial cost, public institutions and services are increasingly affected. Governments across the globe are working on combatting cybercrime. However, they often do not see eye-to-eye, with geopolitical tensions complicating the search for effective multilateral remedies further. In this research report, we focus on the threat that cybercrime poses to peace and security, which is rarely addressed. We examine the potential of cybercrime to exacerbate state-internal conflicts, for example by fuelling war economies or by weakening social coherence and stability. Various actors sharing similar, possibly even identical, approaches to compromising adversarial computer systems is another threat that we assess, as it has the potential to cause unintended escalation. Similarly, cyber vigilantism and hack-backs, whether conducted by private actors or corporate entities, can also endanger state agency and the rule of law. While an international treaty, as for example currently being discussed at the UN, could be a valuable step toward curbing cybercriminal behaviour, we also reflect on possible negative side effects - from increased domestic surveillance to repression of opposition. Lastly, we argue for an integrated perspective, combining various knowledge bases and research methodologies to counter direct and indirect limitations of research, particularly pertaining to data availability but also analytical concepts

Quantification of digital forensic hypotheses using probability theory

The issue of downloading illegal material from a website onto a personal digital device is considered from the perspective of conventional (Pascalian) probability theory. We present quantitative results for a simple model system by which we analyse and counter the putative defence case that the forensically recovered illegal material was downloaded accidentally by the defendant. The model is applied to two actual prosecutions involving possession of child pornography.published_or_final_versio

Cyberkriminalität: Gemeinsam Gefahren für den Frieden eindämmen

Cyberkriminalität wird zu einer wachsenden Gefahr für den internationalen Frieden. Attacken gegen kritische Infrastrukturen, wie Krankenhäuser oder die Energieversorgung, gefährden grundlegende Elemente der Daseinsvorsorge. Nicht selten decken Staaten Cyberkriminelle und nutzen deren Aktivitäten für ihre politischen Zwecke. Deshalb birgt das Thema international erheblichen Zündstoff und zwischenstaatliche Eskalationen nach kriminellen Attacken sind eine reale Gefahr. Mit Blick auf die anstehenden VN-Verhandlungen über eine "Globale Konvention zur Bekämpfung des kriminellen Missbrauchs von Kommunikations- und Informationstechnik" ist daher dreierlei vonnöten: Erstens sollten bestehende Best Practices der grenzüberschreitenden Kooperation gegen Cyberkriminalität gestärkt werden. Zweitens sind neue Instrumente nötig, die zur Eskalationskontrolle beitragen und Schutzlücken schließen können. Drittens gilt es zu vermeiden, dass repressive Regime unter dem Vorwand der Kriminalitätsbekämpfung Menschenrechtsverletzungen begehen

Sensitivity analysis of a Bayesian network for reasoning about digital forensic evidence

Bayesian network representing an actual prosecuted case of illegal file sharing over a peer-to-peer network has been subjected to a systematic and rigorous sensitivity analysis. Our results demonstrate that such networks are usefully insensitive both to the occurrence of missing evidential traces and to the choice of conditional evidential probabilities. The importance of this finding for the investigation of digital forensic hypotheses is highlighted. © 2010 IEEE.published_or_final_versio

Rüstungskontrolle für die nächste Bundesregierung: Ein Empfehlungsbericht

Die nächste Bundesregierung wird in den kommenden Jahren vor drei schwierigen rüstungskontrollpolitischen Aufgaben stehen. Erstens muss sie an neuen Initiativen und Vertragswerken für bisher nicht regulierte, technologisch neue Waffengattungen arbeiten. Zweitens muss sie dabei helfen, die von akuten Krisen bedrohten, noch bestehenden Rüstungskontrollregime vor dem endgültigen Scheitern zu bewahren. Drittens muss sie ihren Teil dazu beitragen, die bewährten Mechanismen internationaler Rüstungskontrolle im Hinblick auf neue Herausforderungen weiterzuentwickeln. Keine dieser drei Aufgaben kann von den jeweils anderen losgelöst bearbeitet werden. Vielmehr wird die nächste Bundesregierung für das Gelingen einer solch ambitionierten Rüstungskontrollpolitik über eine Reihe von Zielkonflikten entscheiden müssen. Der vorliegende Bericht gliedert sich in neun Kapitel, die, jedes für sich, ein übergeordnetes Thema der Rüstungskontrolle behandeln und dabei konkrete Handlungsempfehlungen für die künftige Bundesregierung geben. Die Kapitel behandeln: die nukleare Rüstungskontrolle in Europa, den Atomwaffenverbotsvertrag, das Atomabkommen mit dem Iran, die nukleare Abrüstungsverifikation, das Chemiewaffenübereinkommen, die Cybersicherheit, die Regulierung vollautonomer letaler Waffensysteme, die deutsche Debatte um die Beschaffung bewaffneter Drohnen und die konventionelle Rüstungskontrolle in Europa

A Complexity Based Model for Quantifying Forensic Evidential Probabilities

An operational complexity model (OCM) is proposed to enable the complexity of both the cognitive and the computational components of a process to be determined. From the complexity of formation of a set of traces via a specified route a measure of the probability of that route can be determined. By determining the complexities of alternative routes leading to the formation of the same set of traces, the odds indicating the relative plausibility of the alternative routes can be found. An illustrative application to a BitTorrent piracy case is presented, and the results obtained suggest that the OCM is capable of providing a realistic estimate of the odds for two competing hypotheses. It is also demonstrated that the OCM can be straightforwardly refined to encompass a variety of circumstances. © 2010 IEEE.published_or_final_versionThe 3rd International Workshop on Digital Forensics (WSDF 2010) to be held in conjunction with the 5th International Conference on Availability, Reliability and Security (ARES 2010), Krakow, Poland, 15-18 February 2010. In Proceedings of the International Conference on Availability, Reliability and Security, 2010, p. 671-67

Software as a weapon: concepts, perceptions, and motivations in pursuit of a new technology of conflict

This thesis addresses the topic of ‘Software as a Weapon’ (SaaW) using a mixed-methods approach, bringing together elements of Computer Science, International Relations, and Strategic Studies. The thesis therefore first addresses the nature of software, malware, and weaponised software via questionnaire-based public solicitation, with three groups of respondents: military officers, academics, and others. The results show that there is consensus among participants regarding the importance of defensive software capabilities for state security. However, depending on the training and background of respondents, questions pertaining to the nature of software exhibit statistically significant differences. For example, when deciding whether software should be treated like a physical object, or whether malware is a weapon. Yet, there is also consensus, such as that defensive software capabilities are vital to a state’s security. The second part of the thesis investigates the factors that contribute to an actor pursuing SaaW. It explores the proliferation debate and examines similarities and differences to traditional weapon groups, including nuclear, biological, and chemical weapons, as well as small arms and light weapons. These factors are then used to create a Bayesian Network model representing an actor’s source of impetus. From such a model, it is possible to reason about the interplay of complementary and competing forces. By accounting for restraining and motivating elements, the model introduces objectivity to the debate on actor motivation in the cyber domain, giving a variety of stakeholders a tool to evaluate actors’ software weaponisation probabilities. To showcase and evaluate this model, three different actors are used, representing terrorists, state powers, and generic attackers. Quantitative data is combined with qualitative interviews, populating network nodes with prior probabilities and relative weightings of observed dependencies. An approach of weighting relative parent-nodes’ influence strength is implemented, creating a linearly growing set of probability distributions. The results show that the probability of the generic actor pursuing SaaW is uncertain, which captures the nature of this scenario well. The state actor also shows ambivalence, but in this case high restraints are being countered by almost equally high capabilities, whilst motivating forces are low. The terrorist actor on the other hand has a medium to low probability, driven by a lack of capabilities and limited motivations despite very low retraining factors. Overall, this thesis emphasises the interdisciplinary nature of cyber security, and provides novel tools and concepts from Computer Science, International Relations, and Strategic Studies to understand SaaW.</p

Administration of the Entrepreneurial City: (No) Topic for geographical urban research?!

In der geographischen Stadtforschung finden sich allgemeine Verweise darauf, dass zum Kanon neoliberaler Reskalierung und urbaner Transformation auch die Einführung von New Public Management in den Städten westlicher Industriestaaten zählt. Daran anschließend argumentiere ich, dass das, was ich als die Verwaltung der unternehmerischen Stadt zusammenfasse, nicht lediglich das Ergebnis abstrakter Neoliberalisierungsprozesse oder technokratischer Modernisierung eines mechanischen Exekutivapparats darstellt. In dem Beitrag zeige ich auf, dass die betriebswirtschaftlich reformierte Verwaltung Effekt und wichtiges Terrain der Ausarbeitung, Artikulation und Durchsetzung einer unternehmerischen Stadtpolitik ist.In geographical urban research there are general references to the fact that the canon of neoliberal rescaling and urban transformation also includes the introduction of New Public Management in the cities of western industrial nations. Subsequently, I argue that what I summarize as the administration of the entrepreneurial city is not merely the result of abstract neoliberalization processes or technocratic modernization of a mechanical executive apparatus. In this article I show that the economically reformed administration is both effect of and important terrain for the development, articulation and implementation of an entrepreneurial urban policy