Non-proliferation Regime for Cyber Weapons. A Tentative Study

International Review of Law, Computers & Technology, 2018

The paper argues that the obligation of States to prevent harmful international activities perpetrated within their territory, or any other area under their exclusive control, applies to activities conducted in cyber space. Thus, a State is bound by an obligation to prevent detrimental cyber conduct committed from its territory or transiting through its territory, or any other area under its exclusive control, when it knows or should have known of the conduct, when the conduct contradicts the rights of another State, and when it may cause or is causing serious harm. Where a State is aware or should have been aware of the misuse of its territorial cyber infrastructure, the State must attempt to prevent or to react to the harmful transboundary operation, applying all reasonable measures. The content of the obligation of due diligence to prevent damaging crossborder cyber activities depends on the economic, financial and human resources of the State. The paper concludes that the obligation to preclude harmful international cyber operations constitutes only a first step in securing information and communication technology and should be sustained and improved by the introduction of a treaty on cyber security.

2015

s the Department of Defense (DOD) formulates strategy and doctrine for operating in cyberspace, it is vital to understand the domain and how it relates to the traditional domains of land, sea, air, and space. While cyberspace has distinct technologies and methods, it shares many characteristics with the traditional domains, and some of the conventional wisdom about how cyberspace differs from them does not hold up under examination. These similarities are especially relevant when it comes to strategies for deterrence. Just as any attempt to develop a single deterrence strategy for all undesirable activity across the traditional domains would be fraught with difficulty, so too for cyberspace. Yet this is how many authors have approached the topic of deterrence in cyberspace. Instead, by focusing on particular cyber weapons that are amenable to deterrence or drawing

The law of war is part of who we are, it is part of our military heritage. Warfare may have changed shape, methods, and technologies – but the concept of one group of people battling another group of people defensively, due to religious conflict, balance of power, economy, or otherwise, remains constant to this day. The primary issues surrounding the Law of Armed Conflict (LOAC) international security can be separated into three main concerns. First, establishment of internationally agreed-upon legal definitions of the terms surrounding cyberspace and, cyberspace, and international security must be created. Second, to be addressed in a later paper, escalation scales must be produced by which each of those infractions can be judged and options for defensive retaliatory measures can be considered. Third, also to be addressed by a later paper, the methods by which assessment, attribution, and accountability are to be conducted11 must be applied to suit each of the legal definitions. Based upon category and placement on the new escalation scale, LOAC can be applied to new rules of engagement. The goal is to identify a cyber event, then properly categorize it based on internationally agreed upon parameters, assess the severity against an escalation scale in order to determine a proper response, attribute the incident to a state or non-state actor, find the parties who perpetrated the incident, and strive to achieve justice.

IEEE Technology and Society Magazine, 2014

2017

Jonah Feldman Ming Chow COMP-116 6 December 2017 The Internet’s Security Dilemma: Why Cyber-Weapons Beget Instability Abstract This paper analyzes interstate cyberwarfare through the lens of Robert Jervis’s offense/defense paradigm. In this paradigm, two factors are important in determining technology’s impact on global stability: whether a technology favors offensive or defensive strategy, and whether offensive technology can be distinguished from defensive technology. This paper argues that cybersecurity exemplifies Jervis’s “third world,” where offense has the advantage while offensive and defensive technologies are easily distinguishable. The case for offense/defense distinguishability is straightforward: defensive tactics like encryption, firewalls, and air gapping have little offensive utility. Thus, this paper will focus primarily on cybersecurity’s offensive advantages and its implications for the international system.

The present paper reviews the main strategic trends in cyber policy and security for 2017, pointing out the emergence of a new "Cyber Escalation Cycle:" while states are investing significant resources to improve their offensive cyber capabilities, these capabilities are subsequently being stolen, publicized and used by hostile countries to launch devastating cyber-attacks. This has led governments to pursue legislation that controls incoming technology and changes the technological relations between countries. Given the development of enhanced capabilities and the effectiveness of the attacks, we believe that leakage followed by immediate use of the leaked offensive cyber weapons against rival countries will only increase, making this issue even more contentious.

Science For All Publications, 2023

The rise of technology has revolutionized warfare, giving birth to a new form of conflict known as cyber warfare. This article examines the use of cyber warfare and its profound implications for international security. Cyber warfare encompasses various activities, including cyber espionage, terrorism, and state-sponsored cyber attacks. These tactics pose significant challenges to governments, economies, critical infrastructures, and individuals. Additionally, attributing cyber attacks remains a complex issue, impacting international norms and regulations. Therefore, fostering international cooperation, strengthening defense mechanisms, and establishing comprehensive cybersecurity frameworks to mitigate the risks and ensure global security is crucial.

2001

This paper addresses obstacles and options for implementing a cyber arms control treaty. It is concerned mainly with computer network attacks and the cyber weapons (“hacking” tools and methods) deployed in those attacks. The main conclusion is that a treaty that pertains to criminal law and law enforcement is preferable to one that pertains to the conduct of nation states under international law, in particular the law of war. A secondary conclusion is that controls should apply mainly to the use of cyber weapons to commit illegal acts. The production, distribution, and possession of cyber weapons should not be controlled except when the intent is to use the weapons to commit crimes.

Journal of Cyber Security Technology, 2020

This article is designed to outline the lack of international rules of engagement in cyberspace, and how traditional practices and laws of war are applicable to cyberwarfare and how it is not. If there are any legal implications for cyberwarfare, there are very few. Any reasonable anticipation of reprisal after an initial cyberattack by a nation-state upon another is minimum. The problem of attributing a cyberattack to a source remains an enormous challenge for cyberdiplomacy, leading to critics who do not see cyberwarfare as a standalone danger to national security. Regardless of the critics, the Department of Defense (DoD) has established cyber operations as weaponized entities in its Law of War Manual, and there are historical examples that prove cyberwarfare can act as a dangerous weapon against critical infrastructure and exposed populations. If there continues to be a deficiency of understanding on the part of essential decisionmakers regarding the nature of cyberspace in policy, and a sustained escalation of nation-state on nation-state cyberattacks, without proper rules of engagement in this space with universal axioms of proportionality, the international community could end up in error with an unwanted conventional or nuclear war.

In 2014 cyberspace has become a distorted mirror for the global security agenda and what this mirror reflects now is a situation which could be described by Leo Trotsky’s formula ‘‘No peace no war’’ which was used almost a century ago to wreck the negotiations on the separate peace between the German Reich and the Bolshevists government in Russia. What this formula implies is a shift away from elaborated longer-term strategies and institutionalized decision-making procedures to the domain of situational judgments and frenemy type relationships. This has always been quite a typical pattern for cyberspace, but 2015 might be its crescendo. No war no peace between Russia and the USA, signing agreements on CBMs in cyberspace, but fighting desperately over the internet governance in cyberspace. No war no peace between Beijing and Washington engaged in strategic cybersecurity talks but stabbing each other in the cyberespionage arena. USA-Brazil, the NSA  the EU, ICANN-Russia in cyber affairs . . . and no peace no war beyond the distorted mirror of cyber domain  e.g., in the Russia- Ukraine relations. This is the world of 2014, and likely to even more extent of 2015.

Історико-політичні проблеми сучасного світу, 2019

The work deals with the topic of cyberwar as a phenomenon of asymmetric threat and cyber-nuclear security threats in modern world politics, potential threats to international politics and global security issues, counter-terrorism policies are discussed. The paper discusses the challenges facing cyber security worldwide and the phenomenon of cyber security against the backdrop of asymmetric threats. Cyberspace has already become a weapon of infinite capacity for the whole world. It has generated positive effect as well as has become the area of evil for terrorists, which are actively using modern technologies, computer systems. The facts are many and we are often in the center of events. With the development of technology in the 21st century, global changes are taking place in international security, the geopolitical transition and new threats and challenges, and international security issues are becoming increasingly important. The international security system is vulnerable to chal...

Cherian Samuel & Munish Sharma (eds.), Securing cyberspace. International and Asian perspectives (Pentagon Press, New Delhi 2016) pp. 95-105., 2016

Predicting the future is hardly possible, but stating that cyber aggression – be it espionage, sabotage or even warfare – will be a continuing threat to international security and stability in the coming years seems a safe forecast. This chapter deals with the question of how states can cope with this forecast from a foreign policy perspective, focussing on cyber aggression conducted or sponsored by state actors. Defence and deterrence, which could be labelled passive deterrence and active deterrence as well, are probably the most ‘obvious’ counter-measures to international cyber aggression that a state could implement. This chapter especially analyses why defence and deterrence look like promising policies, but in practice face some difficulties in the cyber realm. Diplomatic efforts to create Confidence Building Measures (CBMs) and international accepted norms regarding cyberthreats could be more effective in actively addressing the core problems of international cyber aggression, but are little successful so far. The chapter argues that such multilateral diplomatic efforts are crucial for long-term cybersecurity and stability. Instead of an on-going ‘cyber arms race’, efforts could better be focussed on building mutual confidence and respect as well.

Environment Systems and Decisions, 2014

Solutions, a non-profit organisation, founded by distinguished thinkers, academics and renowned professionals from civil and military institutions, with the aim of enhancing knowledge, awareness and perspective in cyber security / deterrence strategies, including legal framework, national strategies, policies, processes and technology required to regulate cyber-security-related phenomena.

Cyber aggression is an increasing threat to international security and stability. While national policies intended to deter cyber aggression may offer some solution in the short term, their effects in the long term are doubtful. National cyber-deterrence policies entail the risk of an ongoing cyber arms race and a cycle of escalation between potential cyber opponents. Diplomacy may offer fewer results in the short term, but it is more promising in the long term. Confidence-building measures and international norms and values may not be easy to reach, but in the end they could be more effective (and cheaper) than a single focus on national cyber-deterrence strategies. In the long term, cooperation between states to establish confidence and commonly accepted norms of behaviour in cyber space are the most promising ways available to achieve enduring cyber security and stability. Enhancing interstate cooperation , transparency and predictability of behaviour in cyberspace will reduce the risks of misperception, escalation and conflict.