DOCSLIB.ORG

2015 7Th International Conference on Cyber Conflict: Architectures in Cyberspace

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace M.Maybaum, A.-M.Osula, L.Lindström (Eds.) 26-29 MAY 2015, TALLINN, ESTONIA 2015 7TH INTERNATIONAL CONFERENCE ON CYBER CONFLICT: ARCHITECTURES IN CYBERSPACE Copyright © 2015 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1526N-PRT ISBN (print): 978-9949-9544-2-1 ISBN (pdf): 978-9949-9544-3-8 CopyriGHT AND Reprint Permissions No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace M. Maybaum, A.M. Osula, L. Lindström (Eds.) 2015 © NATO CCD COE Publications PrinteD copies of THIS publication are AVAILABLE from: NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org Layout: Jaakko Matsalu LEGAL NOTICE: This publication contains opinions of the respective authors only. They do not necessarily reflect the policy or the opinion of NATO CCD COE, NATO, or any agency or any government. NATO CCD COE may not be held responsible for any loss or harm arising from the use of information contained in this book and is not responsible for the content of the external sources, including external websites referenced in this publication. NATO CooperatiVE CYBER Defence Centre of EXcellence The Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence is a NATO- accredited knowledge hub focused on interdisciplinary applied research and development as well as consultations, trainings and exercises in the field of cyber security. The Centre’s mission is to enhance capability, cooperation and information-sharing between NATO, Allies and partners in cyber defence. Membership of the Centre is open to all Allies. Currently, the Czech Republic, Estonia, France, Germany, Hungary, Italy, Latvia, Lithuania, the Netherlands, Poland, Slovakia, Spain, the United Kingdom and the USA have signed on as sponsoring nations. Greece and Turkey are working on finalising their accession process. Austria has become a contributing participant and Finland is well on its way to doing the same. The Centre is staffed and financed by sponsoring nations and contributing participants. The Centre is not part of NATO command or force structure, nor is it funded from the NATO budget. For more information, please visit the Centre’s website at http://www.ccdcoe.org. CYCON 2015 Sponsors ForeWorD This, the seventh annual International Conference on Cyber Conflict (CyCon 2015) organised by the NATO Cooperative Cyber Defence Centre of Excellence, has again been held in the historic city of Tallinn, the capital of Estonia. Over the years the CyCon conferences have proved to be world-recognised forums on advanced methods of modelling cyber conflicts and their strategic, legal and policy implications for society, business and world affairs. Every year, CyCon devotes its attention to a specific aspect of cyber conflict. In 2013, the conference discussed the roles and methods of automated cyber defence: it looked at automation, not only as an enabling technological field that allows for an increase in the effectiveness and sophistication of cyber defensive and offensive actions, but also as a social factor which touches on the political, legal, moral and ethical framework of modern society. In 2014, the conference concentrated on active cyber defence. The focus of CyCon 2015 is on the architectural aspects of cyberspace, from – as is true for all CyCon conferences – information technological, strategic, legal, and policy perspectives. As cyber attacks and countermeasures are becoming more complex and sophisticated, it is time to take our understanding of the very nature of these attacks to the next level regarding how they impact the overall framework of personal, business, national, and international security and what are the best approaches to counter the threat. The mission of CyCon conferences is to look at the issues, models, and solutions for cyber conflict from a multi-disciplinary perspective. We would like to thank both the members of the CyCon 2015 Programme Committee and the distinguished peer reviewers for their tireless work in identifying papers for presentation at the conference and for publication in this book. Last, but not least, we are delighted to congratulate the dedicated editors of this volume. Programme Committee Co-Chairs Dr Gabriel Jakobson Chief Scientist, Altusys Corp Dr Rain Ottis Associate Professor Tallinn University of Technology Brookline, Tallinn, April 2015 TABLE of Contents Introduction 1 Jason Rivera Achieving Cyberdeterrence and the Ability of Small States 7 to Hold Large States at Risk Robert Brose Cyberwar, Netwar, and the Future of Cyberdefense 25 Margarita Jaitner and Peter A. Mattsson 39 Russian Information Warfare of 2014 Tim Maurer, Robert Morgus, Isabel Skierka and Mirko Hohmann 53 Technological Sovereignty: Missing the Point? Sergei Boeke, Caitriona Heinl and Matthijs Veenendaal 69 Civil-Military Relations and International Military Cooperation in Cyber Security: Common Challenges & State Practices across Asia and Europe Geoffrey Deweese 81 Anticipatory and Preemptive Self-Defense in Cyberspace: The Challenge of Imminence Paul Walker 93 Law of the Horse to Law of the Submarine: The Future of State Behavior in Cyberspace Uchenna Jerome Orji 105 Multilateral Legal Responses to Cybersecurity in Africa: Any Hope for Effective International Cooperation? Richard Hill 119 Dealing with Cyber Security Threats: International Cooperation, ITU, and WCIT Jennifer Stoll and Rainhard Bengez 135 Visual Structures for Seeing Cyber Policy Strategies Alison Lawlor Russell 153 Anti-Access/Area Denial @ the Physical Layer of Cyberspace Robert Koch and Mario Golling 169 Blackout and Now? - Network Centric Warfare in an Anti-Access Area-Denial Theatre ii Andrea Balboni, Michele Colajanni, Mirco Marchetti and Andrea Melegari 185 Supporting Sense-Making and Decision-Making Through Time Evolution Analysis of Open Sources Alexis Le Compte, Tim Watson and David Elizondo 203 A Renewed Approach to Serious Games for Cyber Security Matteo Casenove 217 Exfiltrations Using Polymorphic Blending Techniques: Analysis and Countermeasures Christos Xenakis and Christoforos Ntantogian 231 Attacking the Baseband Modem of Mobile Phones to Breach the Users’ Privacy and Network Security Biographies 245 iii INTRODUCTION For the seventh year in a row, the International Conference on Cyber Conflict (CyCon) has brought together national security thinkers, strategists, political scientists, policy-makers, lawyers, and technology experts interested in cyber defence, and has served as a hub for knowledge and networking on an international level. CyCon 2015 – themed ‘Architectures in Cyberspace’ – focused on the construction of the internet and its potential future development. The main principles and foundations for the internet were laid four decades ago, and they have been used ever since. The ‘net’ has been a tremendous success story and today it is much more than just a commodity. However, can the structures that we rely on support the increasing demand and the different ways in which we want to use it, and what are the effects of this revolution on norms, international politics and security? Building on these questions, this book contains selected articles that were presented during CyCon 2015. The articles dedicated to the strategy and policy dimensions cover a wide array of topics. Deterrence in cyberspace has been one of the key issues at the strategic level for quite some time; Jason Rivera challenges the often-repeated claim that cyber deterrence is difficult or near impossible. His article aims to explain how even small and less powerful states can hold larger and more powerful states at risk in cyberspace. Robert Brose invites us to reflect on the concept of information warfare and its direct implications for cyber defence organisations today. Following up on the theoretical aspects of information warfare, Margarita Jaitner and Peter A. Mattson provide a case study of Russian information operations during the Ukraine crisis; they specifically explain the role of cyberspace in the broader Russian strategy for information warfare. Tim Maurer et al. take a closer look at the European proposals for technological sovereignty. Their article provides a comprehensive mapping and impact assessment of these proposals, covering both the technical and the non-technical, and evaluates how these proposals may protect against foreign surveillance. Finally, Sergei Boeke et al. take a look at how militaries in their own national contexts contribute to defensive cyber security across Asia and Europe. Common national challenges are identified, along with approaches to improve cyber security through better civil-military cooperation, specifically betweenAsia and Europe. The articles that focus on the developments of international
Recommended publications
  • Data Localization the Unintended Consequences of Privacy Litigation

    Data Localization the Unintended Consequences of Privacy Litigation

    American University Law Review Volume 67 | Issue 3 Article 6 2018 Data Localization The ninU tended Consequences Of Privacy Litigation H Jacqueline Brehmer American University Washington College of Law Follow this and additional works at: http://digitalcommons.wcl.american.edu/aulr Part of the Computer Law Commons, and the Privacy Law Commons Recommended Citation Brehmer, H Jacqueline (2018) "Data Localization The ninU tended Consequences Of Privacy Litigation," American University Law Review: Vol. 67 : Iss. 3 , Article 6. Available at: http://digitalcommons.wcl.american.edu/aulr/vol67/iss3/6 This Comment is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Law Review by an authorized editor of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. Data Localization The ninU tended Consequences Of Privacy Litigation Keywords cybersecurity threats, data localization, data privacy, Electronic Communications Privacy Act, Microsoft Ireland This comment is available in American University Law Review: http://digitalcommons.wcl.american.edu/aulr/vol67/iss3/6 NOTE DATA LOCALIZATION: THE UNINTENDED CONSEQUENCES OF PRIVACY LITIGATION H JACQUELINE BREHMER* This Note addresses a key unintended consequence of recent data privacy litigation before the European Court of Justice and the U.S. Supreme Court. Two cases—Data Protection Commissioner v. Schrems and United States v. Microsoft Corp.—contravene the principles upon which the internet was founded by removing legal and scalable mechanisms for cross-border data transfers. While these cases do not directly create data localization regimes, they highlight the irreconcilably different approaches to data privacy held by the United States and the European Union and eliminate valid options for transfer such that localization is the only remaining scalable solution.
  • Cost of a Cyber Incident)

    Cost of a Cyber Incident)

    CO ST OF A CYBER INCIDENT: S YSTEMATIC REVIEW AND C ROSS-VALIDATION OCTOBER 26, 2020 1 Acknowledgements We are grateful to Dr. Allan Friedman, Dr. Lawrence Gordon, Jay Jacobs, Dr. Sasha Romanosky, Matthew Shabat, Kelly Shortridge, Steven Surdu, David Tobar, Brett Tucker and Sounil Yu for the review comments and helpful feedback on the earlier draft of the report. The authors would like to thank CISA staff for support and advice on this project. 2 Table of Contents 1. Objectives .................................................................................................................................................................... 7 2. Results in Brief .......................................................................................................................................................... 8 3. Analysis ...................................................................................................................................................................... 16 3.1. Per-Incident Cost and Loss Estimates .............................................................................................. 18 3.1.1. Cross-Validation: Primary Loss Data for Large and Small Incidents .................................. 20 3.1.2. Reconciliation of Per-Incident Cost Studies .................................................................................. 26 3.1.3. Per-Record Estimates ............................................................................................................................. 29 3.2. Aggregate
  • North Korean Cyber Capabilities: in Brief

    North Korean Cyber Capabilities: in Brief

    North Korean Cyber Capabilities: In Brief Emma Chanlett-Avery Specialist in Asian Affairs Liana W. Rosen Specialist in International Crime and Narcotics John W. Rollins Specialist in Terrorism and National Security Catherine A. Theohary Specialist in National Security Policy, Cyber and Information Operations August 3, 2017 Congressional Research Service 7-5700 www.crs.gov R44912 North Korean Cyber Capabilities: In Brief Overview As North Korea has accelerated its missile and nuclear programs in spite of international sanctions, Congress and the Trump Administration have elevated North Korea to a top U.S. foreign policy priority. Legislation such as the North Korea Sanctions and Policy Enhancement Act of 2016 (P.L. 114-122) and international sanctions imposed by the United Nations Security Council have focused on North Korea’s WMD and ballistic missile programs and human rights abuses. According to some experts, another threat is emerging from North Korea: an ambitious and well-resourced cyber program. North Korea’s cyberattacks have the potential not only to disrupt international commerce, but to direct resources to its clandestine weapons and delivery system programs, potentially enhancing its ability to evade international sanctions. As Congress addresses the multitude of threats emanating from North Korea, it may need to consider responses to the cyber aspect of North Korea’s repertoire. This would likely involve multiple committees, some of which operate in a classified setting. This report will provide a brief summary of what unclassified open-source reporting has revealed about the secretive program, introduce four case studies in which North Korean operators are suspected of having perpetrated malicious operations, and provide an overview of the international finance messaging service that these hackers may be exploiting.
  • 2016 8Th International Conference on Cyber Conflict: Cyber Power

    2016 8Th International Conference on Cyber Conflict: Cyber Power

    2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 31 MAY - 03 JUNE 2016, TALLINN, ESTONIA 2016 8TH International ConFerence on CYBER ConFlict: CYBER POWER Copyright © 2016 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1626N-PRT ISBN (print): 978-9949-9544-8-3 ISBN (pdf): 978-9949-9544-9-0 CopyriGHT AND Reprint Permissions No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 2016 © NATO CCD COE Publications PrinteD copies OF THIS PUBlication are availaBLE From: NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org Head of publishing: Jaanika Rannu Layout: Jaakko Matsalu LEGAL NOTICE: This publication contains opinions of the respective authors only. They do not necessarily reflect the policy or the opinion of NATO CCD COE, NATO, or any agency or any government.
  • View/Open (13.5MB)

    View/Open (13.5MB)

    Open-Access-Publikation im Sinne der CC-Lizenz BY-NC-ND 4.0 © 2017, V&R unipress GmbH, Göttingen ISBN Print: 9783847107620 – ISBN E-Lib: 9783737007627 ContemporaryIssues in International Security and Strategic Studies Volume 1 Edited by James Bindenagel, Matthias Herdegen and Karl Kaiser Open-Access-Publikation im Sinne der CC-Lizenz BY-NC-ND 4.0 © 2017, V&R unipress GmbH, Göttingen ISBN Print: 9783847107620 – ISBN E-Lib: 9783737007627 James Bindenagel /Matthias Herdegen / Karl Kaiser (eds.) International Securityinthe 21st Century Germany’s International Responsibility With 2figures V&Runipress Bonn UniversityPress Open-Access-Publikation im Sinne der CC-Lizenz BY-NC-ND 4.0 © 2017, V&R unipress GmbH, Göttingen ISBN Print: 9783847107620 – ISBN E-Lib: 9783737007627 Bibliographic information published by the Deutsche Nationalbibliothek The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografie; detailed bibliographic data are available online: http://dnb.d-nb.de. ISSN 2513-1591 ISBN 978-3-7370-0762-7 You can find alternative editions of this book and additional material on our website: www.v-r.de Publications of Bonn University Press are published by V& R unipress GmbH. 2017, V&R unipress GmbH, Robert-Bosch-Breite 6, 37079 Gçttingen, Germany / www.v-r.de This publication is licensed under a Creative Commons Attribution-Non Commercial- No Derivatives 4.0 International license, at DOI 10.14220/9783737007627. For a copy of this license go to http://creativecommons.org/licenses/by-nc-nd/4.0/. Any use in cases
  • Making the Cut? | SPECIAL REPORT | Sept

    Making the Cut? | SPECIAL REPORT | Sept

    DATA PRIVACY & SECURITY SPECIAL REPORT SEPT. 24, 2020 After EU judges struck down the Privacy Shield data-transfer agreement, what’s next for US tech Making giants, thousands of other companies and regulatory the Cut? regimes around the world? INSIGHT | COMMENTARY | ANALYSIS Editor’s Letter Lewis Crofts MLex Editor-in-Chief We have arranged it in three thematic sections to reflect the multiple moving parts of the topic: 1) the EU court’s decision and immediate effects on Facebook and other companies; 2) the scramble by the US and EU to work out what to do about replacing the binned agreement and making SCCs more robust; and headache. A bombshell. A seismic shift. 3) the concerns and responses by other affected However dramatic you might like your countries around the world — including the UK, A metaphors, there is little doubt that EU Japan and Australia. judges delivered an extraordinarily significant We trust you enjoy reading this report and ruling on July 16. In striking down Privacy Shield, find it a useful guide to a complex, evolving issue. the EU-US data-transfer framework, they instantly The reporting here is a brief example of the threw into doubt the operations of more than insight and predictive analysis that MLex brings 5,000 US companies that relied on it. subscribers to our data privacy and security The ruling — essentially based on the failure service every day. of the mechanism to protect EU citizens’ data The stories included were all published from US government snooping — doesn’t as events unfolded, bringing our subscribers prevent companies transferring data between unrivalled insight into the significance of the EU and other foreign countries under developments and the likely next steps in an issue “standard contractual clauses.” But these can’t that will affect the operations of many thousands protect data in countries, including the US, that of businesses around the world.
  • Vp01 16¢63뼉 Olor

    Vp01 16¢63뼉 Olor

    Discontinuance of Publication To our readers, First and foremost, I, as the president of Yonhap News Agency, would like to give our readers many thanks for the deep interest shown in our Vantage Point magazine for many years. With your great interest and encouragement, Yonhap has done its utmost to make Vantage Point, South Korea's sole North Korea-only monthly in English, a quality magazine over the years. However, Yonhap has very regrettably decided to discontinue the publication of the maga- zine, making the January issue in 2016 its last. This discontinuance, however, will never mean weakening Yonhap’s North Korea news ser- vice. On the contrary, Yonhap, as a leading news agency in South Korea, has the grave obligation to play a part in helping materialize the Korean people’s ardent wish for the reunification of the Korean Peninsula by providing our readers at home and abroad with accurate news on the reality of the communist North and the South Korean government’s North Korea policy. Hence, Yonhap promises to continuously meet our Vantage Point readers’ keen interest in and high demand for stories on Korean Peninsula issues by providing you with a quicker, fairer, more accurate and stronger North Korean news service via its Web page (www.yonhapnews.co.kr). I would like to express my deep appreciation to our faithful readers once again, and hope you will continuously maintain interest in Korean issues down the road. Best regards, Park No-hwang President-publisher Yonhap News Agency 폐간사 독자여러분들에게, 우선 그동안 연합뉴스 Vantage Point를 애독해주신 독자 여러분들에게 깊은 감사의 말씀을 드립니다 그동안 연합뉴스는 독자 여러분들의 높은 관심과 격려 속에서 한국의 유일한 북한 전문 영문월간지인 Vantage Point를 품격있는 잡지로 만들기 위해 최선 을 다해왔습니다.
  • List of Targets of Arrested Computer Hackers 6 March 2012

    List of Targets of Arrested Computer Hackers 6 March 2012

    List of targets of arrested computer hackers 6 March 2012 The five computer hackers charged in New York Tribune and Los Angeles Times, using on Tuesday and a sixth who pleaded guilty are misappropriated login credentials. accused of involvement in some of the most notorious hacking incidents of the past 18 months. -- February 2011: A cyberattack on private computer security firm HBGary that involved the The following are some of the cyberattacks in theft of 60,000 emails from HBGary employees and which the two Britons, two Irishmen and two the HBGary chief executive, as well as defacing his Americans allegedly played a role as members of Twitter account. Anonymous, Lulz Security or associated groups: -- April-May 2011: A cyberattack on a Fox -- December 2010: Operation Payback. Distributed Broadcasting Company website that involved the denial of service (DDoS) attacks by members of theft of names, dates of birth, telephone numbers, Anonymous on the websites of MasterCard, email and residential addresses for more than PayPal and Visa in retaliation for their refusal to 70,000 potential contestants on the Fox television accept donations for WikiLeaks. In a DDoS attack, show the "X-Factor." a website is bombarded with traffic, slowing it down or knocking it offline completely. -- May 2011: A cyberattack on Sony Pictures Entertainment that revealed the passwords, email -- January 2011: Defacing a website of the Irish addresses, home addresses and dates of birth of political party Fine Gael after accessing computer 100,000 users of the www.sonypictures.com servers in Arizona used to maintain the website, website and a subsequent online attack against www.finegael2011.com.
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.
  • Cyber Law and Espionage Law As Communicating Vessels

    Cyber Law and Espionage Law As Communicating Vessels

    Maurer School of Law: Indiana University Digital Repository @ Maurer Law Books & Book Chapters by Maurer Faculty Faculty Scholarship 2018 Cyber Law and Espionage Law as Communicating Vessels Asaf Lubin Maurer School of Law - Indiana University, [email protected] Follow this and additional works at: https://www.repository.law.indiana.edu/facbooks Part of the Information Security Commons, International Law Commons, Internet Law Commons, and the Science and Technology Law Commons Recommended Citation Lubin, Asaf, "Cyber Law and Espionage Law as Communicating Vessels" (2018). Books & Book Chapters by Maurer Faculty. 220. https://www.repository.law.indiana.edu/facbooks/220 This Book is brought to you for free and open access by the Faculty Scholarship at Digital Repository @ Maurer Law. It has been accepted for inclusion in Books & Book Chapters by Maurer Faculty by an authorized administrator of Digital Repository @ Maurer Law. For more information, please contact [email protected]. 2018 10th International Conference on Cyber Conflict CyCon X: Maximising Effects T. Minárik, R. Jakschis, L. Lindström (Eds.) 30 May - 01 June 2018, Tallinn, Estonia 2018 10TH INTERNATIONAL CONFERENCE ON CYBER CONFLicT CYCON X: MAXIMISING EFFECTS Copyright © 2018 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1826N-PRT ISBN (print): 978-9949-9904-2-9 ISBN (pdf): 978-9949-9904-3-6 COPYRigHT AND REPRINT PERmissiONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]).
  • Canadian Cross-Border Data: Your Data May Be Heading South Even When You Are Not

    Canadian Cross-Border Data: Your Data May Be Heading South Even When You Are Not

    Canada Institute | May 2019 Canadian Cross-Border Data: Your Data May Be Heading South Even When You Are Not By Jacqueline Orr Canadian data: what goes where? Canada is fast becoming a technology powerhouse with cities across the country such as Waterloo, Calgary, Toronto, Montreal, and Edmonton transforming into tech hubs. They promise that their research centers and internet companies are going to light the way for Canada’s innovation economy. But the state of Canada’s internet is increasingly becoming an oxymoron. While Canada’s internet economy might be self-sustaining, the Canadian internet itself is not. Issues of territoriality are fluid and unbound. This is because Canada’s network infrastructure relies on American networks to transfer and store data. But, when Canadian data enters the United States, it becomes foreign data and is not protected by the same privacy rights as those accorded to U.S. domestic data and its owners. CIRA, the Canadian Internet Registration Authority, states that three-quarters of the Canadian population spends three to four hours a day online.1 CIRA also reports 64 percent of Canadians are concerned about the security of their personal information when it is routed through the United States. Are these concerns justified? This Canada Institute briefing explores key questions about cross-border data travel to better understand the risks and opportunities facing Canadians in an increasingly inter-connected world. There is a glossary at the end of the document. Is it legal for the U.S. government to collect data from Canadians? Yes. U.S. government agencies may collect any foreign data that crosses into U.S.
  • Reporting, and General Mentions Seem to Be in Decline

    Reporting, and General Mentions Seem to Be in Decline

    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.