International Peace and Security Vladimir Radunović Director, Cybersecurity and E-diplomacy 20 March 2015 WEBINAR
Contents Cyber-armament: weapons and militarisation Cyber-conflicts: cyberwar - hype or reality? Conflict prevention: CBMs and norms, cooperation, IHL Diplomacy: ongoing fora, actors and challenges
Cyber-armament
Weapons and tools Malware (viruses, trojans, worms) Bot-nets (DDoS, spam, infection, frauds) Social engineering (phishing, scams) Software flaws Protocol flaws Mind flaws
Asymmetry
Speed Policies and Law Technology and services Malware Cyber-attackers Provided by Ed Gelbstein
Cases Estonia Creeper Stuxnet „Aurora“ Sony-N.Korea PRISM
Militarisation Cyber as 5 th battlefield domain: US: 4x Cyber-Command with Pentagon UK: Cyber Defence Operations Group at the Ministry of Defence Russia: FSB (Federal Security Service) China: Cyber-warfare unit within PLA Iran: High council for cyber-space and cyber-defence command NATO: CCDCoE EU: European Defence Agency (EDA) ...
Cyber-conflicts
Future in the past
Cyber-warfare v3.0
Cyber-war?
Conflict prevention
Negotiations Legal frameworks and cooperation against cyber-crime Confidence building measures (CBM), cooperation on critical infrastructure protection and response to cyber-incidents Defining cyber-conflicts and application of IHL to cyber-space Setting the norms of behavior in cyber-space Control of proliferation of cyber-weapons and dual-use technologies Cyber-disarmament
CBMs views on emerging threats Share views on emerging threats terminology Discuss terminology nationallegal and operational frameworks Set up national legal and operational frameworks among national bodies Cooperate among national bodies to share information on threats avoid misperception Consult to avoid misperception, tension and conflicts protectcritical infrastructure Cooperate to protect critical infrastructure protect open and secure Internet Share measures taken to protect open and secure Internet capacity building Encourage capacity building multistakeholder approach Strengthen multistakeholder approach and PPP capacities on regional and sub-regional Enhance capacities on regional and sub-regional levels ...
IHL Challenges Necessity: Defining armed attack and use of force in cyber- space? Response to cyber-attacks? Distinction: Dual-use technology? Global (nus-)effects? Proportionality: Assessment of effects of cyber-attacks? Attribution: Proxies? Liability of intermediaries?
Diplomacy
International initiatives UN: Group of Governmental Experts (GGE) on “International norms pertaining to state use of ICT” (2011-) OSCE: Confidence Building Measures re. risks from ICT (2013) NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE): “Tallin Manual” (2013) OECD: Guidelines on Information Security G8: Subgroup on High-Tech Crime on crime, terrorism and CIIP ITU: Global Cybersecurity Agenda (2008) WSIS, IGF, GCCS, ASEAN... Bilateral agreements
Collective responsibility
Challenges
Provided by Ed Gelbstein
Chain effect
Human rights and cybersecurity
Questions Thank you for your @vradunovic