Cyber Shockwave

Total Page:16

File Type:pdf, Size:1020Kb

Cyber Shockwave yber ShockWave CyberC ShockWave Simulation Report and Findings Table of ConTenTs 2 What is Cyber ShockWave? 3 Key Findings 6 A Cyber Security Timeline 8 Cyber Security Today 10 Participant Roles 11 Simulation Development 12 Segment 1: March Madness 14 Segment 2: Lights Out 16 Conclusion abouT The biparTisan poliCy CenTer In 2007, former U.S. Senate Majority Leaders Howard Baker, Tom Daschle, Bob Dole, and George Mitchell formed the Bipartisan Policy Center (BPC) to develop and promote solutions that can attract the public support and political momentum to achieve real progress. Currently, the BPC focuses on health care, energy, national and homeland security, transportation, science and economic policy. For more information, please visit our website: www.bipartisanpolicy.org. Bipartisan Policy Center 1 What Is Cyber ShockWave? Key Findings On February 16, 2010, a bipartisan group of former senior administration Cyber ShockWave was designed to reflect the most current and realistic and national security officials participated in a simulated cyber attack on the challenges our nation faces in defending itself from a serious cyber event. Simulation participants concluded that the United States’ United States—Cyber ShockWave. The simulation, which was moderated by networks, critical infrastructure and citizens are vulnerable to cyber Wolf Blitzer and broadcast as a special on CNN, provided an unprecedented attacks and that there are several key issue areas that policymakers look at how the government would respond to a large-scale cyber crisis need to address to defend against and respond to such attacks. affecting much of the nation. A project of the Bipartisan Policy Center—with support and guidance from General Dynamics Advanced Information Systems, Georgetown University, PayPal, SMobile Systems, Southern Company and Symantec—Cyber ShockWave had participants play the roles of Cabinet members reacting in real time to an unfolding cyber attack and advising the President on an appropriate response. Cyber ShockWave highlighted how critical an issue cyber security has become for our nation. While protecting sensitive and personal data remains a priority, the proliferation of computers across ever-greater spheres of our personal lives and their growing role in running our critical infrastructure means a serious cyber event could have a debilitating effect on this country. Unfortunately, as Cyber ShockWave demonstrated, our current government policies are not adequate to responding to a large-scale cyber attack. Cyber security, both preventing attacks and preparing our government to respond to them, must be considered a national security priority. Michael Chertoff Former Secretary of Homeland Security Government Organization Legal Authority International Protocols Public Education & Awareness ++ Cyber security must consist of more than protecting mil- ++ The U.S. needs well-established legal authorities for ++ There are few international norms or regulations for ++ A national educational campaign is needed to inform itary, government or personal data and networks from dealing with a cyber crisis that dovetail with a broad na- what can and cannot be done in cyberspace. The citizens of their role in securing U.S. cyberspace. intrusion. It is a national security issue that must address tional understanding of what constitutes a “reasonable United States should consider whether an interna- We are all responsible for national cyber secu- defense and preparation, response and restoration as expectation of privacy” under such circumstances. tional legal regime governing cyberspace, parallel rity; irresponsible individual behavior imperils the the attack happens, and attribution afterwards. to those that exist for the maritime, air and land do- entire network. ++ Without statutory authorities for responding to and mains, would be useful. ++ The United States government—including the White preventing cyber attacks, including the seizure or ++ Requiring updated virus and malware protection for House Cyber Coordinator—currently lacks clearly quarantine of private data, devices or networks, the ++ A particular difficulty in formulating responses to any device attempting to connect to U.S. networks— defined roles and responsibilities for maintaining President may be left with only those authorities cyber attacks is the problem of attribution—iden- as is already required on government networks— common situational awareness of emerging critical derived from the Communications Act of 1934 (as tifying the responsible parties. The United States should be considered. operational developments in cyber space. amended by the Telecommunications Act of 1996) or needs mechanisms for holding entities respon- the Constitution, including war powers. sible for cyber events and a declaratory cyber de- ++ Our nation needs an effective decision-making frame- terrence policy, possibly invoking the potential of work below the cabinet level, especially between the ++ Up to 85 percent of U.S. networks are privately owned, kinetic retaliation. Department of Homeland Security and Department of but there is no mechanism for government cyber de- Defense, for coordinating the government’s response fenders to effectively collaborate with the private sec- to and recovery from a devastating cyber event. tor to leverage their expertise, to share knowledge and situational awareness with them, or to bring their ca- We are at a point when we’re talking about “cyber attack”, “cyber capabilities”, and “cyber ++ Current policy, legal and organizational constraints pabilities to bear during a response to a cyber attack. threat”, in something roughly analogous to the position we faced in 1945 when we first drive the government to a limiting and insufficient bi- encountered nuclear weapons and we didn’t know much about them. We need to think nary response: (1) the traditional domestic-focused law enforcement approach or (2) the desire to neutralize very imaginatively, creatively, and unconventionally about how we deal with the threat. the attack under international laws of armed conflict. John McLaughlin, Cyber shoCkWave Director of naTional inTelligenCe 4 Cyber ShockWave Simulation Report Bipartisan Policy Center 5 A Cyber Security Timeline Though the first incidences of hacking and computer viruses occurred as early as 40 years ago, the number and severity of cyber attacks and threats has grown steadily over the last decade. 1963 1971 1983 1988 2000 2003 2007 2008 2009 2010 The first recorded ref- ARPANet experiences its The movie “WarGames,” Michael Calce (aka Mafi- Russian hackers launch Chinese hackers steal data from erence to hackers in first computer virus called featuring a computer aBoy) attacks and disables attacks against Estonian Google and 30 other major U.S. the computer sense is the Creeper virus, written by intrusion into NORAD, is Yahoo!, Amazon, CNN, Dell, websites including Parliament, and international companies. made in MIT’s student programmer Bob Thomas. The released. and E*TRADE. In response, government ministries, newspaper, the tech. program copied itself to the the President calls for an banks, newspapers and remote system where the mes- emergency Cyber Security broadcasters. U.S. and South Korean govern- sage, “I’m the creeper, catch me Summit. The estimated total ment, financial and media web- if you can!” was displayed. The loss due to the attacks was sites are attacked, apparently by The Robert Morris Worm is the first program Reaper was written to $1.2 billion. North Korea. delete the virus. malicious worm on the Internet costing between $10-100 million in As Russia initiated military opera- Attacks targeting Twitter and damage according to the GAO. tions in Georgia, Russian hackers Facebook succeed in taking both brought down almost all Georgian sites offline for several hours. The Slammer worm brings down government websites. 75,000 servers, shutting down Albert Gonzalez is arrested for Bank of America ATMs, Continental the theft of more than 170 million Airlines’ ticketing systems, and credit and debit card numbers over Seattle’s 911 network. the course of four years. 6 Cyber ShockWave Simulation Report Bipartisan Policy Center 7 Predicted Mobile Data Traffic Active Facebook Users Cyber Security Today (Terabytes per Month) 3.6 Million 1.5 Billion Internet connectivity has transformed how we do business, whether as individual 2 Million 800 Million consumers, national governments, or global companies. It has also expanded our 1 Million 400 Million vulnerability well beyond our physical reach, necessitating strong cooperation between connected organizations and individuals. Governments cannot secure public services without cooperation from private businesses and citizens. Businesses 2009 2010 2011 2012 2013 2014 Dec ‘04 Dec ‘06 Dec ‘08 Dec ‘10 Dec ‘11 cannot drive a robust economy without the legal and economic incentives to make Government Organization Federal government’s networks. This is a 24-hour, wise security investments and cooperate broadly on shared security efforts. DHS coordinated watch and warning center whose Currently, a variety of mechanisms are used to share mission is to improve national efforts to address The Internet And Cyber Crime ++ As a result, cyber crime has grown just as quickly. It is threat activity information. Several sources of this in- threats and incidents affecting the nation’s criti- estimated that identity theft and other forms of online formation are freely available on the Internet or through cal information
Recommended publications
  • 2016 8Th International Conference on Cyber Conflict: Cyber Power
    2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 31 MAY - 03 JUNE 2016, TALLINN, ESTONIA 2016 8TH International ConFerence on CYBER ConFlict: CYBER POWER Copyright © 2016 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1626N-PRT ISBN (print): 978-9949-9544-8-3 ISBN (pdf): 978-9949-9544-9-0 CopyriGHT AND Reprint Permissions No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 2016 © NATO CCD COE Publications PrinteD copies OF THIS PUBlication are availaBLE From: NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org Head of publishing: Jaanika Rannu Layout: Jaakko Matsalu LEGAL NOTICE: This publication contains opinions of the respective authors only. They do not necessarily reflect the policy or the opinion of NATO CCD COE, NATO, or any agency or any government.
    [Show full text]
  • Asia-Europe Meeting
    Asia-Europe Meeting Topic A: Identifying, Sharing and Remediating Faults in Cybersecurity Topic B: Tackling Local, Regional and Global Hunger MUNUC 32 TABLE OF CONTENTS ______________________________________________________ Letter from the Chair………………………………………………………….. 3 Topic A ………………………………………………………………………..… 4 Statement of the Problem…………………………………………….. 4 History of the Problem……………………………………….…..…….. 9 Past Actions…………………………………………………………….. 14 Possible Solutions………………………………………………………. 18 Bloc Positions…………………………………………………………… 20 Glossary…………………………………………………………………. 22 Topic B ………………………………………………………………...………. 23 Statement of the Problem…………………………………………….23 History of the Problem………………………………………………… 28 Past Actions…………………………………………………………….. 31 Possible Solutions………………………………………………………. 33 Bloc Positions…………………………………………………………… 35 Glossary…………………………………………………………………. 37 Bibliography……………………………………….…………………………. 38 2 Asia-Europe Meeting | MUNUC 32 LETTER FROM THE CHAIR ______________________________________________________ Dear Delegates, Welcome to the Asia-Europe Meeting Forum, or ASEM, at MUNUC 32! My name is Randolph Ramirez, and I usually go by Randy. I am a third year here at The University of Chicago studying Statistics and Political Science. I was born and raised in Wilton, Connecticut, and coming out to attend UChicago was my first trip out to Illinois! All throughout high school I was heavily involved in Model Congress, and partaking in MUNUC my first year here helped transition me into the world of Model UN! I am certain that this conference and committee will be a success, and I cannot wait to experience it with you all! The Asia-Europe Meeting Forum will offer a multitude of experiences, problems, solutions, and overall will hopefully give a descriptive look into the affairs of the two regions. Throughout this experience, I hope delegates learn the various factors that make solving the issues of cybersecurity and huger instability a difficult endeavor, and how best to go about solving them.
    [Show full text]
  • A Bipartisan Blueprint
    COMMISSION ON POLITICAL REFORM Governing in a Polarized America: A Bipartisan Blueprint to Strengthen our Democracy This report is the product of the BPC Commission on Political Reform with participants of diverse expertise and affiliations, addressing many complex and contentious topics. It is inevitable that arriving at a consensus document in these circumstances entailed compromises. Accordingly, it should not be assumed that every member is entirely satisfied with every formulation in this document, or even that all participants would agree with any given recommendation if it were taken in isolation. Rather, this group reached consensus on these recommendations as a package. The findings and recommendations expressed herein are solely those of the commission and do not necessarily represent the views or opinions of the Bipartisan Policy Center, its founders, or its Board of Directors. Governing in a Polarized America: A Bipartisan Blueprint to Strengthen our Democracy 1 BPC Commission on Political Reform CO-CHAIRS Tom Daschle Dirk Kempthorne Olympia Snowe Former U.S. Senate Majority Leader Former Governor of Idaho, U.S. Former U.S. Senator (D-SD); Co-founder, BPC Secretary of the Interior, and U.S. (R-ME); Senior Fellow, BPC Senator (R-ID); President and CEO, Dan Glickman American Council of Life Insurers Former U.S. Secretary of Agriculture and U.S. Representative (D-KS); Trent Lott Senior Fellow, BPC Former U.S. Senate Majority Leader (R-MS); Senior Fellow, BPC COMMISSIONERS Hope Andrade Heather Gerken David McIntosh Former Texas Secretary of State (R) J. Skelly Wright Professor of Law, Yale Former U.S. Representative (R-IN); Law School Partner, Mayer Brown LLP Molly Barker Founder, Girls on the Run Michael Gerson Eric L.
    [Show full text]
  • Web Warriors – CBC Documentary
    Cyber Crime Unit The federal government has suffered a nearly 680 percent increase in cyber security breaches in the past six years. 1 Computer Security Risks • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability • A cybercrime is an online or Internet-based illegal act Hackers Crackers Script Kiddies Corporate Spies Unethical Cyberextortionists Cyberterrorists Employees Pages 556 - 557 Discovering Computers 2011: Living in a Digital World 2 Chapter 11 3 HACKER Someone who gets into another persons computer or network ILLEGALLY. Say their intent is to improve SECURITY. Have advanced COMPUTER and NETWORK skills. CRACKER 4 Someone who gets into another persons computer or network ILLEGALLY. Their intent is to: 1. GET RID OF data 2. STEAL information 3.Other SPITEFUL acts. Have advanced COMPUTER and NETWORK skills. 5 SCRIPT KIDDIE Not as knowledgeable as a cracker but has the SAME intent. Often use PREWRITTEN hacking and cracking software packages to crack into computers. 6 CYBEREXTORTIONIST Uses EMAIL as a channel for BLACKMAIL. If they are not paid a sum of money, they threaten to: 1. REVEAL confidential material 2. TAKE ADVANTAGE OF a safety flaw 3. BEGIN an attack that will compromise a organization’s network 7 CYBERTERRORIST They use the INTERNET or NETWORK to destroy or damage computers for GOVERNMENTAL motives. Targets may be: 1. Nation’s AIR TRAFFIC system 2. ELECTRICITY-generating companies 3. TELECOMMUNICATION infrastructure 8 CORPORATE SPYS Have OUTSTANDING computer and networking skills and are hired to break into a specific computer and ROB its exclusive FILES and information or to help identify SAFETY risks in their own ORGANIZATION.
    [Show full text]
  • ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL Facultad De
    ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL Facultad de Ingeniería en Electricidad y Computación Maestría en Seguridad Informática Aplicada “DISEÑO E IMPLEMENTACIÓN DE UN SISTEMA DE DEFENSA CONTRA ATAQUES DE DENEGACIÓN DE SERVICIO DISTRIBUIDO EN LA RED PARA UNA EMPRESA DE SERVICIOS.” TESIS DE GRADO PREVIA A LA OBTENCIÓN DEL TÍTULO DE: MAGISTER EN SEGURIDAD INFORMÁTICA APLICADA KAROL PAMELA BRIONES FUENTES OMAR ANTONIO CÓRDOVA BALÓN GUAYAQUIL – ECUADOR 2015 ii AGRADECIMIENTO A Dios, A nuestras familias. iii DEDICATORIA A nuestras familias. iv TRIBUNAL DE SUSTENTACIÓN MSIG. LENIN FREIRE COBO DIRECTOR DEL MSIA MSIG. ROKY BARBOSA DIRECTOR DE TESIS MSIG. ALBERT ESPINAL SANTANA MIEMBRO PRINCIPAL v DECLARACIÓN EXPRESA “La responsabilidad del contenido de esta Tesis de Grado, me corresponde exclusivamente; y, el patrimonio intelectual de la misma, a la ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL” ING. KAROL BRIONES FUENTES CI 0921279162 vi DECLARACIÓN EXPRESA “La responsabilidad del contenido de esta Tesis de Grado, me corresponde exclusivamente; y, el patrimonio intelectual de la misma, a la ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL” ING. OMAR CORDOVA CI 0922892161 vii RESUMEN Internet ha revolucionado la forma en que operan los negocios en la actualidad. Gran cantidad de datos son transmitidos a nivel mundial en tiempo real, como es el caso de las compañías en línea, las cuales dependen de la disponibilidad de sus servicios las veinticuatro horas del día, los trescientos sesenta y cinco días del año para que sus clientes se mantengan conectados de diversas maneras y sin interrupciones. Pero, este nuevo mundo de mayores velocidades, grandes volúmenes de datos y alta disponibilidad de los servicios, trae consigo oportunidades para los criminales cibernéticos, cuyo objetivo es aprovechar el mínimo fallo en los sistemas que operan dentro de la gran red mundial.
    [Show full text]
  • Bipartisan Rx for America's Health Care
    IDEAS ACTION RESULTS Bipartisan Rx for America’s Health Care A PRACTICAL PATH TO REFORM February 2020 FUTURE Tom Daschle Bill Frist, M.D. O F H E A LT H CO-CHAIR CO-CHAIR Former Senate Majority Leader Former Senate Majority Leader CA R E Co-Founder, BPC Senior Fellow, BPC LEADERS Andy Slavitt Gail Wilensky, Ph.D. CO-CHAIR CO-CHAIR Senior Advisor, BPC Senior Fellow, Project Hope Former Acting Administrator, Former Administrator, Health Care Centers for Medicare and Financing Administration (Now CMS) Medicaid Services (CMS) Chris Jennings Sheila Burke Fellow, BPC Fellow, BPC Founder and President, Strategic Advisor, Baker Donelson Jennings Policy Strategies James Capretta Cindy Mann Resident Fellow, Milton Partner, Manatt, Phelps & Phillips, LLP Friedman Chair, Former Director, Center for American Enterprise Institute Medicaid and CHIP Services Avik Roy Senior Advisor, BPC Co-Founder and President, The Foundation for Research on Equal Opportunity I N Alice M. Rivlin As a member of the Future of Health Former Senior Fellow, Center for Health Care initiative, Alice was a passionate M E M O R I A M Policy, The Brookings Institution health care policy leader who advocated Former Director, Congressional for moving America’s health care Budget Office delivery system toward high-quality, Former Director, White House Office more cost-effective delivery of care. She of Management and Budget strongly supported BPC’s belief that Former Vice-Chair, Federal Reserve nothing can be accomplished without negotiation and compromise—between both houses of Congress, across party lines, and with the president. BPC is very grateful for her contributions to this report before her death.
    [Show full text]
  • Analisis Y Diagnostico De La Seguridad Informatica De Indeportes Boyaca
    ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA “UNAD” ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 Trabajo de grado como requisito para optar el título de Especialista En Seguridad informática Ingeniero SERGIO CONTRERAS Director de Proyecto UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA UNAD ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ Firma del presidente del jurado _____________________________________ Firma del jurado _____________________________________ Firma del jurado Tunja, 06 de Octubre de 2014. DEDICATORIA El presente trabajo es dedicado en primera instancia a Dios quien día a día bendice mi profesión y me ayuda con cada uno de los retos que se me presentan a lo largo del camino de mi vida. A mi fiel compañero, amigo, cómplice y esposo, quien es la ayuda idónea diaria y mi fortaleza constante para seguir en el camino del conocimiento, quien no deja que me rinda y me apoya incondicionalmente para que día a día logre ser mejor persona. A mis familiares y compañeros de trabajo, por todo su amor, confianza y apoyo incondicional, a nuestros compañeros y profesores gracias por la amistad, la comprensión, los conocimientos y dedicación a lo largo de todo este camino recorrido que empieza a dar indudablemente los primeros frutos que celebramos. AGRADECIMIENTOS La vida está llena de metas y retos, que por lo general van de la mano con grandes sacrificios, por eso hoy podemos decir que gracias a Dios y nuestras familias esta meta se ha cumplido y seguramente vendrá muchas metas que harán parte de nuestro gran triunfo personal como familiar.
    [Show full text]
  • Download Thesis
    This electronic thesis or dissertation has been downloaded from the King’s Research Portal at https://kclpure.kcl.ac.uk/portal/ Cyber security and the politics of time Stevens, Timothy Charles Awarding institution: King's College London The copyright of this thesis rests with the author and no quotation from it or information derived from it may be published without proper acknowledgement. END USER LICENCE AGREEMENT Unless another licence is stated on the immediately following page this work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International licence. https://creativecommons.org/licenses/by-nc-nd/4.0/ You are free to copy, distribute and transmit the work Under the following conditions: Attribution: You must attribute the work in the manner specified by the author (but not in any way that suggests that they endorse you or your use of the work). Non Commercial: You may not use this work for commercial purposes. No Derivative Works - You may not alter, transform, or build upon this work. Any of these conditions can be waived if you receive permission from the author. Your fair dealings and other rights are in no way affected by the above. Take down policy If you believe that this document breaches copyright please contact [email protected] providing details, and we will remove access to the work immediately and investigate your claim. Download date: 25. Sep. 2021 1 ] Cyber Security and the Politics of Time Timothy Charles Stevens Thesis submitted in accordance with the requirements for the degree of Doctor of Philosophy King’s College London Department of War Studies November 2013 2 Abstract Time is an under-represented topic in security studies and International Relations (IR).
    [Show full text]
  • Housing America's Future: New Directions for National Policy
    Housing America’s Future: New Directions for National Policy Report of the Bipartisan Policy Center Housing Commission About the Housing Commission • Created by the Bipartisan Policy Center, a non-profit organization founded in 2007 by former Senate Majority Leaders Howard Baker, Tom Daschle, Bob Dole and George Mitchell • Launched in October 2011 with four co-chairs: - Christopher S. “Kit Bond – Former U.S. Senator; Former Governor of Missouri - Henry Cisneros – Former Secretary, U.S. Department of Housing & Urban Development - Mel Martinez – Former U.S. Senator; Former Secretary, U.S. Department of Housing & Urban Development - George J. Mitchell – Former U.S. Senate Majority Leader • Composed of 21 members drawn from diverse political and professional backgrounds • Report, Housing America’s Future: New Directions for National Policy, issued February 25, 2013 - 2 - Housing Commission Principles • A healthy, stable housing market is essential for a strong economy and a competitive America. • The nation’s housing finance system should promote the uninterrupted availability of affordable housing credit and investment capital while protecting American taxpayers. • The United States should reaffirm a commitment to providing a decent home and a suitable living environment for every American family. • The primary focus of federal housing policy should be to help those most in need. • Federal policy should strike an appropriate balance between homeownership and rental subsidies. - 3 - Principal Areas of Recommendations • The Continuing Value
    [Show full text]
  • Beyond Cyber Doom
    No. 11-01 January 2011 WORKING PAPER BEYOND CYBER-DOOM: Cyberattack Scenarios and the Evidence of History By Sean Lawson The ideas presented in this research are the author’s and do not represent official positions of the Mercatus Center at George Mason University. 1 Beyond Cyber-Doom: Cyberattack Scenarios and the Evidence of History Sean Lawson, Ph.D. Department of Communication University of Utah “[T]hese war games are about the real effects of a cyberwar . about causing chaos in our streets at home due to sudden crashes in our critical infrastructure through manipulation of our banking, transportation, utilities, communications, and other critical infrastructure industries. These are all real scenarios.” (Patterson, 2010b) “In seeking a prudent policy, the difficulty for decision-makers is to navigate the rocky shoals between hysterical doomsday scenarios and uninformed complacency.” (Cavelty, 2007: 144) Introduction Recently, news media and policy makers in the United States have turned their attention to prospective threats to and through an ethereal and ubiquitous technological domain referred to as “cyberspace.” “Cybersecurity” threats include attacks on critical infrastructures like power, water, transportation, and communication systems launched via cyberspace, but also terrorist use of the Internet, mobile phones, and other information and communication technologies (ICTs) for fundraising, recruiting, organizing, and carrying out attacks (Deibert & Rohozinski, 2010). Frustration over a perceived lack of public and policy maker attention to these threats, combined with a belief that “exaggeration” and “appeals to emotions like fear can be more compelling than a rational discussion of strategy” (Lewis, 2010: 4), a number of cybersecurity proponents have deployed what one scholar has called “cyber-doom scenarios” (Cavelty, 2007: 2).
    [Show full text]
  • Countering the Proliferation of Offensive Cyber Capabilities
    COUNTERING THE PROLIFERATION OF OFFENSIVE CYBER CAPABILITIES Mr. Robert Morgus, Cybersecurity Initiative & International Security Program, New America Mr. Max Smeets, Centre for International Security and Cooperation (CISAC), Stanford University Mr. Trey Herr, Harvard Kennedy School MEMO №2 GCSC ISSUE BRIEF 161 TABLE OF CONTENTS SECTION 1: INTRODUCTION 163 SECTION 2: SCOPE OF ANALYSIS 165 SECTION 3: THE PILLARS AND OBJECTIVES OF COUNTERPROLIFERATION 167 SECTION 4: THE TRACE FRAMEWORK 169 SECTION 5: MAKING PROGRESS ON PROLIFERATION: APPLYING THE TRACE MODEL 177 Potential International Agreements 177 Arms Control Agreement 178 Export Control Arrangement 180 Tools for States or Like-minded Actors 181 Enhance Offensive and Defensive Capability 182 Diplomatic Toolbox 183 SECTION 6: RECOMMENDATIONS 184 1. Patience. 184 2. Increase the cost of developing offensive cyber capabilities 185 3. Further explore ways to increase barriers to spreading offensive cyber capability 186 CONCLUSIONS 187 GCSC ISSUE BRIEF 162 SECTION 1: INTRODUCTION The tenor of the cyber stability debate, often moribund and moving more sideways than forward, changed with the 2010 United Nations Governmental Group of Experts (UN GGE) Consensus Report that international law applied to cyberspace.164 It followed a position paper by the Obama administration published in January of that year to bring the various sides closer together. Though it wasn’t a steep trend line which followed, the slow process towards cyber norms was considered to be meaningful and positive.165 Despite this and subsequent progress, however, the events of 2017 have shed doubt on this progressive dynamic. The collapse of the UN GGE process in June sent an alarming message that we are moving away from establishing a meaningful cyber stability regime, rather than towards it.
    [Show full text]
  • Cyber Threats to National Security
    DEALING WITH TODAY’S ASYMMETRIC THREAT Cyber Threats to National Security S YMPOSIUM F IVE Keeping the Nation’s Industrial Base Safe From Cyber Threats The Asymmetric Threat website (asymmetricthreat.net) includes downloadable reports from all symposia in both series and serves as a knowledge network to advance the dialogue on national and global security, presenting resources and original research, and providing a forum for review and discussion of pertinent themes and events. S ERIES O NE S ERIES T WO UNCLASSIFIED Cyber Threats to National Security Symposium Five: Keeping the Nation’s Industrial Base Safe From Cyber Threats This document is intended only as a summary of the personal remarks made by participants at the March 1, 2011 symposium, “Keeping the Nation’s Industrial Base Safe From Cyber Threats,” held at the Carnegie Institution for Science, Washington, D.C., and co-sponsored by CACI International Inc (CACI), the U.S. Naval Institute (USNI), and the Center for Security Policy (CSP). It is published as a public service. It does not necessarily reflect the views of CACI, USNI, CSP, the U.S. government, or their officers and employees. The pro bono Asymmetric Threat symposia series was started in 2008 to contribute to the national discourse on the topic of asymmetric threats facing the United States. CACI and the National Defense University sponsored Symposium One in the series, and CACI and USNI sponsored Symposia Two and Three. With Symposium Four, also sponsored by CACI and USNI, a new Asymmetric Threat series was initiated focusing on Cyber Threats. With new sponsor CSP,“Keeping the Nation’s Industrial Base Safe From Cyber Threats” is the fifth symposium in the Asymmetric Threat series and the second in the Cyber Threat series.
    [Show full text]