Cyber Conflict

Cyber Militias and Political Hackers - Use of Irregular Forces in Cyber Warfare

by Scott Applegate

Published in IEEE Security and Privacy, vol. 9, no. 5, pp. 16-22, Sep./Oct. 2011, doi:10.1109/MSP.2011.46

Recent cyberattacks, such as those carried out against Estonia and Georgia, have grayed the line between political... more Recent cyberattacks, such as those carried out against Estonia and Georgia, have grayed the line between political hackers and legitimate combatants involved in cyberconflicts. There has been fierce debate as to whether these attacks are the independent acts of politically motivated individuals and groups or the strategic acts of states using covert methods to direct such actions to achieve larger political objectives. These attacks lead to many important questions but have yet to be answered in the international community. Under international agreements, can a computer attack truly be claimed as an armed attack? Are participants in these cyberattacks legitimate combatants, or are they merely politically motivated individuals who are breaking the law and should thus be treated as criminals under existing international agreements? This article explores these issues, the possible benefits and drawbacks of such actions, and the ramifications such cybermilitias might have on the current and future state of cyberconflicts.

Hamas, Hasbara and Hyperlinks: The Role of the Internet in the 2008-2009 Gaza Conflict

by Tim Stevens

Unpublished paper, March 2009

The 2008 Russian Cyber Campaign Against Georgia

by Paulo Shakarian

Paulo Shakarian, Military Review, Nov.-Dec. 2011

In August 2008, the Russian Army invaded georgia. numerous, coordinated cyber attacks accompanied the military... more In August 2008, the Russian Army invaded georgia. numerous, coordinated cyber attacks accompanied the military campaign. this represents the first instance of a large-scale computer network attack (CNA) conducted in tandem with major ground combat operations. The attack had no direct connection to the Russian government, but had a significant informational and psychological impact on Georgia: it effectively isolated the Caucasus state from the outside world.

Security Information and Event Management: Business Benefits and Security, Governance and Assurance Perspectives ISACA

by joey Hernandez

Security Information and Event Management:
Business Benefits and Security, Governance and Assurance Perspectives An ISACA review

In today’s information-driven business environment, enterprise systems and processes capture an ever-increasing amount... more In today’s information-driven business environment, enterprise systems and processes capture an ever-increasing amount of data. To derive meaningful and actionable information from this data, businesses are compelled to commit significant resources to perform the necessary analysis. While all business areas are impacted to varying degrees, few face a greater challenge than the information security department. To support its mission to protect critical information assets, the information security department must maintain an ongoing process to capture, analyze and subsequently act on log and alert information collected from a wide array of systems across the enterprise.
Typically, these data must be analyzed and actionable.... Joey Hernandez worked as a SME Reviewer for this ISACA effort

World Wide Warfare - Jus ad bellum and the Use of Cyber Force

by Marco Roscini

Published in Max Planck Yearbook of United Nations Law (2010), 85-130

The jus ad bellum rules contained in the UN Charter seem to be flexible enough to be extended to warfare that did not... more The jus ad bellum rules contained in the UN Charter seem to be flexible enough to be extended to warfare that did not exist when they were conceived, i.e. cyber warfare. The main question is whether a cyber attack is an action below the threshold of the use of force, or a use of force, or a use of force amounting to an armed attack. This article concludes that cyber force can be qualified as a use of ‘armed’ force in the sense of Article 2 (4). On the other hand, only large scale cyber attacks on critical infrastructures that result in significant physical damage or human losses comparable to those of an armed attack with conventional weapons would entitle the victim state to invoke self-defence under Article 51 of the UN Charter. Self-defence would also be possible against a cyber attack that does not reach the threshold of an armed attack but which prepares an imminent armed attack with conventional weapons (although only if the Caroline requirements are met). The absence of frontiers in cyberspace and the possibility for the perpetrators to hide behind botnets or IP spoofing, however, could hamper the identification of the origin of the cyber attack and the application of the law of state responsibility.
This article also suggests that customary international law could play a role in this area, as there is already some relevant state practice and opinio juris, in particular with regard to the right to self-defence against cyber attacks. Although this might lead to the formation of a customary rule in the upcoming years, the process is on-going and, considering the ambiguity of the positions of certain states and international organisations, it is still difficult to predict its outcome.

Hellénisme : Rhétorique d’une notion dans l’espace médiatique contemporain, entre fiction et histoire.

by Effie Amilitou

Communication, XXIIe Congrès des Néohellénistes des Universités Francophones, "Hellénisme : ruptures et continuité", Univ. Paul Valéry, Montpellier 3, 26-28 mai 2011