DOCSLIB.ORG

Cyber-Security Threat Characterisation a Rapid Comparative Analysis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber-Security Threat Characterisation a Rapid Comparative Analysis CHILDREN AND FAMILIES The RAND Corporation is a nonprofit institution that helps improve policy and EDUCATION AND THE ARTS decisionmaking through research and analysis. ENERGY AND ENVIRONMENT HEALTH AND HEALTH CARE This electronic document was made available from www.rand.org as a public INFRASTRUCTURE AND service of the RAND Corporation. TRANSPORTATION INTERNATIONAL AFFAIRS LAW AND BUSINESS NATIONAL SECURITY Skip all front matter: Jump to Page 16 POPULATION AND AGING PUBLIC SAFETY SCIENCE AND TECHNOLOGY Support RAND TERRORISM AND Browse Reports & Bookstore HOMELAND SECURITY Make a charitable contribution For More Information Visit RAND at www.rand.org Explore RAND Europe View document details Limited Electronic Distribution Rights This document and trademark(s) contained herein are protected by law as indicated in a notice appearing later in this work. This electronic representation of RAND intellectual property is provided for non-commercial use only. Unauthorized posting of RAND electronic documents to a non-RAND Web site is prohibited. RAND electronic documents are protected under copyright law. Permission is required from RAND to reproduce, or reuse in another form, any of our research documents for commercial use. For information on reprint and linking permissions, please see RAND Permissions. This report is part of the RAND Corporation research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity. EUROPE Cyber-security threat characterisation A rapid comparative analysis Neil Robinson, Luke Gribbon, Veronika Horvath, Kate Robertson Prepared for the Center for Asymmetric Threat Studies (CATS), Swedish National Defence College, Stockholm The research described in this document was prepared for the Center for Asymmetric Threat Studies (CATS), Swedish National Defence College, Stockholm. RAND Europe is an independent, not-for-profit research organisation whose mission is to improve policy and decision making for the public good. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. R® is a registered trademark. © Copyright 2013 RAND Corporation Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND documents to a non-RAND website is prohibited. RAND documents are protected under copyright law. For information on reprint and linking permissions, please visit the RAND permissions page (http://www.rand.org/publications/ permissions.html). Published 2013 by the RAND Corporation 1776 Main Street, P.O. Box 2138, Santa Monica, CA 90407-2138 1200 South Hayes Street, Arlington, VA 22202-5050 4570 Fifth Avenue, Suite 600, Pittsburgh, PA 15213-2665 Westbrook Centre, Milton Road, Cambridge CB4 1YG, United Kingdom RAND URL: http://www.rand.org RAND Europe URL: http://www.rand.org/randeurope To order RAND documents or to obtain additional information, contact Distribution Services: Telephone: (310) 451-7002; Fax: (310) 451-6915; Email: [email protected] Preface Based on an assignment from the Swedish Cabinet Office and Department of Defence, the National Defence College’s Center for Asymmetric Threat Studies (CATS) in Stockholm asked RAND Europe to undertake a rapid comparison of states’ characterisation of cyber- security threats. This involved investigating three lines of enquiry related to the integration of cyber-security within broader national and transnational defence and security frameworks. The project was limited both in size and scope and called primarily for desk research. This document is the final deliverable for this study, encompassing results and analysis from desk research, and insights gleaned from previous research on the issue. The first part of the document summarises the findings and provides an overview of the scope and methodology of the research. The second part of the document describes the cyber-security strategies and approaches in ten case studies: Canada, Denmark, Estonia, Finland, France, Germany, Netherlands, Russian Federation, the UK and the USA. At CATS’ request we also have profiled initiatives by NATO and the EU. Based on documentary analysis, stakeholder engagement and previous studies, we include a short chapter on potential policy concerns for Sweden going forward, supplementing the case study analysis. The report will be of interest to practitioners and policymakers in cyber- strategy and policy. RAND Europe is an independent, not-for-profit policy research organisation that aims to improve policy and decision making in the public interest, through research and analysis. RAND Europe’s clients include European governments, institutions, non-governmental organisations and firms with a need for rigorous, independent, multidisciplinary analysis. We would like to thank our Quality Assurance reviewers Charlie Edwards and Dr Emma Disley for their helpful and insightful comments in the preparation of this report. For more information about RAND Europe or this project, please contact: Neil Robinson Research Leader, Defence and Security RAND Europe Westbrook Centre, Milton Road Cambridge CB4 1YG, United Kingdom Tel. +44 (1223) 353 329 Email: [email protected] Web: www.randeurope.org/cyber iii Contents Preface iii Contents iv Executive summary .................................................................................................... vi Findings ..................................................................................................................... vii Going forward .............................................................................................................. x CHAPTER 1. Research outline ............................................................................... 1 1.1 Research question .............................................................................................. 1 1.2 Research aim ..................................................................................................... 1 1.3 Selection of case study countries ........................................................................ 2 1.4 Definition of cyber-security threats .................................................................... 3 1.5 Research methods .............................................................................................. 3 CHAPTER 2. Defining terms ................................................................................. 5 2.1 Definition of threats .......................................................................................... 5 2.2 Actors: national-level stakeholders in cyber-security ........................................... 6 CHAPTER 3. Comparators .................................................................................... 9 3.1 Canada .............................................................................................................. 9 3.2 Denmark ......................................................................................................... 11 3.3 Estonia ............................................................................................................ 13 3.4 Finland ............................................................................................................ 14 3.5 France ............................................................................................................. 16 3.6 Germany ......................................................................................................... 18 3.7 Netherlands ..................................................................................................... 20 3.8 Russian Federation .......................................................................................... 24 3.9 United Kingdom ............................................................................................. 26 3.10 United States of America ................................................................................. 28 3.11 Supranational initiatives .................................................................................. 32 3.12 North Atlantic Treaty Organization (NATO) ................................................. 33 3.13 The European Union ...................................................................................... 35 3.14 Synthesis ......................................................................................................... 40 iv RAND Europe CHAPTER 4. Themes from the roundtable .......................................................... 42 4.1 Themes from the findings ................................................................................ 42 4.2 Shifting models of what constitutes cyber-security ............................................ 43 4.3 Leveraging intelligence ..................................................................................... 44 4.4 Understanding the purpose of the threat assessment ......................................... 45 4.5 What are the strategic assumptions about the threat? ........................................ 45 4.6 Public attribution of adversaries ....................................................................... 45 4.7 A growing focus on public–private partnership ................................................ 45 CHAPTER 5. Conclusions ..................................................................................
Load more

Recommended publications
  • A Cross-Country Characterisation of the Patenting Behaviour of Firms Based on Matched Firm and Patent Data
    OECD Science, Technology and Industry Working Papers 2013/05 A Cross-Country Characterisation Mariagrazia Squicciarini, of the Patenting Behaviour Hélène Dernis of Firms based on Matched Firm and Patent Data https://dx.doi.org/10.1787/5k40gxd4vh41-en Unclassified DSTI/DOC(2013)5 Organisation de Coopération et de Développement Économiques Organisation for Economic Co-operation and Development 10-Sep-2013 ___________________________________________________________________________________________ English - Or. English DIRECTORATE FOR SCIENCE, TECHNOLOGY AND INDUSTRY Unclassified DSTI/DOC(2013)5 A CROSS-COUNTRY CHARACTERISATION OF THE PATENTING BEHAVIOUR OF FIRMS BASED ON MATCHED FIRM AND PATENT DATA STI Working Paper 2013/5 By Mariagrazia Squicciarini and Hélène Dernis (OECD) English - Or. English JT03344187 Complete document available on OLIS in its original format This document and any map included herein are without prejudice to the status of or sovereignty over any territory, to the delimitation of international frontiers and boundaries and to the name of any territory, city or area. DSTI/DOC(2013)5 STI WORKING PAPER SERIES The Working Paper series of the OECD Directorate for Science, Technology and Industry is designed to make available to a wider readership selected studies prepared by staff in the Directorate or by outside consultants working on OECD projects. The papers included in the series cover a broad range of issues, of both a technical and policy-analytical nature, in the areas of work of the DSTI. The Working Papers are generally available only in their original language – English or French – with a summary in the other. Comments on the papers are invited, and should be sent to the Directorate for Science, Technology and Industry, OECD, 2 rue André-Pascal, 75775 Paris Cedex 16, France.
    [Show full text]
  • The Most Common Blunder People Make When the Topic of a Computer Virus Arises Is to Refer to a Worm Or Trojan Horse As a Virus
    Trojan And Email Forging 1) Introduction To Trojan&viruses: A Trojan horse, or Trojan, in computing is a generally non-self-replicating type of malware program containing malicious code that, when executed, carries out actions determined by the nature of the Trojan, typically causing loss or theft of data, and possible system harm. The term is derived from the story of the wooden horse used to trick defenders of Troy into taking concealed warriors into their city in ancient Anatolia, because computer Trojans often employ a form of social engineering, presenting themselves as routine, useful, or interesting in order to persuade victims to install them on their computers.[1][2][3][4][5] A Trojan often acts as a backdoor, contacting a controller which can then have unauthorized access to the affected computer.[6] While Trojans and backdoors are not easily detectable by themselves, computers may appear to run slower due to heavy processor or network usage. Malicious programs are classified as Trojans if they do not attempt to inject themselves into other files (computer virus) or otherwise propagate themselves (worm).[7] A computer may host a Trojan via a malicious program a user is duped into executing (often an e-mail attachment disguised to be unsuspicious, e.g., a routine form to be filled in) or by drive-by download. The Difference Between a Computer Virus, Worm and Trojan Horse The most common blunder people make when the topic of a computer virus arises is to refer to a worm or Trojan horse as a virus. One common mistake that people make when the topic of a computer virus arises is to refer to a worm or Trojan horse as a virus.
    [Show full text]
  • Article Full-Text
    [Vol. 11 2008] TOURO INTERNATIONAL LAW REVIEW 23 OPTIMAL RULE -SELECTION PRINCIPLES IN ANGLO -AMERICAN CONTRACTUAL JURISDICTION Alan Reed* I. INTRODUCTION Dyspeptic individuals and corporate entities are frequently engaged in multistate litigation as a concomitant of the growing body of activity at an international and interstate level. Litigants, like moths to a flame, are increasingly drawn towards the adventitious benefits of suit before a U.S. Court, and have sought to invoke jurisdiction over non-forum residents. As a consequence the court system has striven manfully, but arguably in vain, to propagate effective substantive principles, which are distilled casuistically in a commercial arena to identify sufficient nexus between a forum state and defendant, satisfying the constitutional standards of due process. 1 A legitimate blue litmus paper template for this important venue resolution conundrum has been difficult to achieve. Interpretative problems are evident in the assimilation of relevant methodological principles. In this context it is substantive principles relating to personal jurisdiction that operate as the fulcrum for a court entering a binding judgment against an impacted party. 2 A defendant will be haled before an alien court to defend an action as a consequence of state level empowerment, through adoption of long-arm statutes. It is vital, however, that the seized court’s exercise of jurisdiction comports with the due process clause of the Fourteenth Amendment to *M.A. (Cantab.), LL.M. (University of Virginia), Solicitor and Professor of Criminal and Private International Law at Sunderland University. 1 See U.S. CONST . art. 1, § 10; Lakeside Bridge & Steel Co. v. Mountain State Constr.
    [Show full text]
  • The Dimensions of Public Policy in Private International Law
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by UCL Discovery The Dimensions of Public Policy in Private International Law Alex Mills* Accepted version: Published in (2008) 4 Journal of Private International Law 201 1 The problem of public policy in private international law National courts always retain the power to refuse to apply a foreign law or recognise or enforce a foreign judgment on the grounds of inconsistency with public policy. The law which would ordinarily be applicable under choice of law rules may, for example, be denied application where it is “manifestly incompatible with the public policy (‘ordre public’) of the forum”1, and a foreign judgment may be refused recognition on the grounds that, for example, “such recognition is manifestly contrary to public policy in the [state] in which recognition is sought”2. The existence of such a discretion is recognised in common law rules, embodied in statutory codifications of private international law3, including those operating between European states otherwise bound by principles of mutual trust, and is a standard feature of international conventions on private international law4. It has even been suggested that it is a general principle of law which can thus be implied in private international law treaties which are silent on the issue5. The public policy exception is not only ubiquitous6, but also a fundamentally important element of modern private international law. As a ‘safety net’ to choice of law rules and rules governing the recognition and enforcement of foreign judgments, it is a doctrine which crucially defines the outer limits of the ‘tolerance of difference’ implicit in those rules7.
    [Show full text]
  • THE CHINESE PRACTICE of PRIVATE INTERNATIONAL LAW the Chinese Practice of Private International Law QINGJIANG KONG* and HU MINFEI†
    THE CHINESE PRACTICE OF PRIVATE INTERNATIONAL LAW The Chinese Practice of Private International Law QINGJIANG KONG* AND HU MINFEI† CONTENTS I Introduction II Jurisdiction A General Rule of Territorial Jurisdiction B Exceptions to the General Rule of Territorial Jurisdiction 1 Exclusive Jurisdiction 2 Jurisdiction of the People’s Court of the Place in Which the Plaintiff is Domiciled 3 Jurisdiction over Actions Concerning Contractual Disputes or Other Disputes over Property Rights and Interests 4 Jurisdiction over Actions in Tort C Choice of Forum 1 Recognition of Jurisdictional Agreement 2 Construed Jurisdiction D Lis Alibi Pendens E Effect of an Arbitration Agreement on the Jurisdiction of People’s Courts 1 Independence of Arbitration Clause 2 Approach of People’s Courts to Disputes Covered by Arbitration Agreements III Choice of Law A Choice of Law in General 1 Characterisation 2 Renvoi 3 Proof of Foreign Law 4 The Time Factor in Applying Laws 5 Cases Where There is No Provision in Applicable Chinese Law B Contracts 1 Choice of Law for Contracts 2 Applicable Law for Contracts in Cases Where No Law Has Been Chosen C Torts Involving Foreign Elements D Marriage, Family and Succession 1 Marriage 2 Husband-Wife Relationships, Guardianship and Maintenance Relationships 3 Application of Law Concerning Succession IV Recognition and Enforcement of Foreign Judgments and Awards A Recognition and Enforcement of Foreign Judgments B Recognition and Enforcement of Foreign Arbitral Awards * BSc (Nanjing), LLM (East China Institute of Politics and Law), PhD (Wuhan); Associate Professor, Law Faculty, Hangzhou Institute of Commerce. † LLB, LLM (Northwest Institute of Politics and Law); Lecturer, Law Faculty, Hangzhou Institute of Commerce.
    [Show full text]
  • Surveying a World of Advanced Threats
    Chapter 1 Surveying a World of Advanced Threats In This Chapter ▶ Distinguishing between basic and advanced threats ▶ Recognizing three types of cyberenemies ▶ Counting the cost of data breaches It’s getting rough out there. I’m not kidding. In more than two decades of observing the effects of enterprise and government data breaches, I’ve never seen anything like today’s threat landscape. The sheer number of recent high-profile cyberattacks is staggering. The bad guys clearly have the upper hand, and it seems like there’s nothing that any of us can do about it. Given the efficacy of modern-day threats, today’s informa- tion security professionals are judged not only on how well they can block known threats but also on how quickly they can uncover, identify, and mitigate unknown threats. Unfortunately, too many security professionals lack the tools andCOPYRIGHTED training needed to stay ahead MATERIAL in this cyberarms race. In this chapter, I distinguish between basic and advanced cyberthreats while exploring common variations of advanced threats along the way. I also cite recent data-breach statistics, describe three types of cyberenemies, and review high-profile commercial and government cyberattacks that recently made international headlines. But first, allow me to clarify the differences between basic and advanced threats. 004_9781118658765-ch01.indd4_9781118658765-ch01.indd 3 77/1/13/1/13 112:452:45 PMPM 4 Advanced Threat Detection For Dummies Contrasting Basic and Advanced Threats The following are key characteristics of basic and advanced cyberthreats: ✓ Basic threats are known threats against known operat- ing system (OS) or application-level vulnerabilities.
    [Show full text]
  • Post-Critical Private International Law: from Politics to Technique a Sketch
    Post-critical Private International Law: From Politics to Technique A Sketch Ralf Michaels, Duke University Loccum, October 18, 2011 SciencesPo, December 9, 2011 I. FOUNDATIONS ................................................................................................................................... 4 A) CONFLICTS AS PROBLEM ............................................................................................................................... 4 B) CONFLICTS AS NON-LAW ............................................................................................................................... 5 C) CONFLICTS AS SUBSTANTIVE LAW ............................................................................................................... 6 D) THE ALTERNATIVE: CONFLICTS AS LEGAL TECHNIQUE .......................................................................... 7 II. POLITICS, APPROACHES, AND THEORY: CURRIE, AGAIN ................................................... 8 A) CURRIE AS POLITICS ....................................................................................................................................... 9 B) CURRIE AS ANTI-RULES .............................................................................................................................. 10 III. FROM POLITICS TO TECHNIQUE .............................................................................................. 12 A) THE IRREPRESSIBLE NEED FOR RULES ...................................................................................................
    [Show full text]
  • Chapter 3: Viruses, Worms, and Blended Threats
    Chapter 3 Chapter 3: Viruses, Worms, and Blended Threats.........................................................................46 Evolution of Viruses and Countermeasures...................................................................................46 The Early Days of Viruses.................................................................................................47 Beyond Annoyance: The Proliferation of Destructive Viruses .........................................48 Wiping Out Hard Drives—CIH Virus ...................................................................48 Virus Programming for the Masses 1: Macro Viruses...........................................48 Virus Programming for the Masses 2: Virus Generators.......................................50 Evolving Threats, Evolving Countermeasures ..................................................................51 Detecting Viruses...................................................................................................51 Radical Evolution—Polymorphic and Metamorphic Viruses ...............................53 Detecting Complex Viruses ...................................................................................55 State of Virus Detection.........................................................................................55 Trends in Virus Evolution..................................................................................................56 Worms and Vulnerabilities ............................................................................................................57
    [Show full text]
  • Cyber-Crime, Securities Markets and Systemic Risk, Joint Staff
    Staff Working Paper: [SWP2/2013] Cyber-crime, securities markets and systemic risk 16 July, 2013 Joint Staff Working Paper of the IOSCO Research Department and World Federation of Exchanges Author: Rohini Tendulkar (IOSCO Research Department) Survey: Grégoire Naacke (World Federation of Exchanges Office) and Rohini Tendulkar This Staff Working Paper should not be reported as representing the views of IOSCO or the WFE. The views and opinions expressed in this Staff Working Paper are those of the author and do not necessarily reflect the views of the International Organisation of Securities Commissions or the World Federation of Exchanges, or its members. For further information please contact: [email protected] IOSCO Staff Working Paper July 2013 Contents About this Document ................................................................................................................ 2 Executive Summary ................................................................................................................... 3 Introduction .............................................................................................................................. 6 Understanding the Cyber-Crime Risk ...................................................................................... 11 Systemic risk scenarios ........................................................................................................ 22 A Focus on The World’s Exchanges ......................................................................................... 23
    [Show full text]
  • The Renvoi Debate
    Id-Dritt2006 Volume XIX The Renvoi Debate Dr. Patricia Cassar-Torregiani B.A., LL.D., B.C.L. (Oxon) Introduction 'Much of the discussion of the renvoi doctrine has proceeded on the basis that the choice lies in all cases between its absolute acceptance and its absolute rejection. The truth would appear to be that in some situations the doctrine is convenient and promotes justice, and that in other situations the doctrine is inconvenient and 469 ought to be rejected' . Conflicting views and different approaches seem synonymous with the doctrine of renvoi. It has been regarded by some as a distortion of choice of law principles, while others praise its merits and advocate its 'absolute acceptance'. The ambivalent attitudes that surround renvoi reflect the ambiguity of the subject which the doctrine strives to address - how one is to understand the reference to a foreign lex causae. As Dicey and Morris point out,_ the term 'law of a country' can mean, in its narrower and more usual sense, the domestic law of any country; alternatively, it can refer in its wider sense to all the rules, including the rules of the conflict of laws, which the courts of a country apply to a particular case. This ambiguity of expression 470 gives rise to the very problem of renvoi. This attitude is mirrored in the development of the concept, which has neither been steady nor principled.471 469 Collins L. et al., Dicey and Morris: The Conflict of Laws, 13 ed., London::Sweet and Maxwell, 2000 470 As above 471 Bremer v Freeman (1857) IO against the doctrine.
    [Show full text]
  • EU-PIL European Union Private International Law in Contract and Tort
    EU-PIL European Union Private International Law in Contract and Tort EU-PIL European Union Private International Law in Contract and Tort Joseph Lookofsky & Ketilbjørn Hertz JP JurisNet, LLC DJØF Publishing Copenhagen EU-PIL European Union Private International Law in Contract and Tort First Edition 2009 Copyright 2009 © JurisNet, LLC Copyright 2009 © DJØF Publishing DJØF Publishing is a company of the Association of Danish Lawyers and Economists All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means – electronic, mechanical, photocopying, recording or otherwise – without the prior written permission of the publisher. ISBN 978-1-933833-25-5 (JurisNet, LLC) ISBN 978-87-574-2037-1 (DJØF Publishing) Sold worldwide, except Denmark, Finland, Norway and Sweden, by: JurisNet, LLC 71 New Street Huntington, New York 11743 USA www.jurispub.com Sold and distributed in Denmark, Finland, Norway and Sweden by: DJØF Publishing Copenhagen 17 Lyngbyvej – P.O. Box 2702 2100 Copenhagen Denmark www.djoef-forlag.dk Table of Contents Preface to the First Edition (2009) ........................................................................ IX Chapter 1. Introduction and Overview 1.1. General Introduction ........................................................................................ 1 1.2. Sources of Private and of Private International Law ....................................... 4 1.3. Overview: Jurisdiction, Choice of Law, Enforcement ...................................
    [Show full text]
  • International Investment Law: Understanding Concepts and Tracking Innovations © OECD 2008
    ISBN 978-92-64-04202-5 International Investment Law: Understanding Concepts and Tracking Innovations © OECD 2008 Chapter 1 Definition of Investor and Investment in International Investment Agreements* The definition of investor and investment is key to the scope of application of rights and obligations of investment agreements and to the establishment of the jurisdiction of investment treaty-based arbitral tribunals. This factual survey of state practice and jurisprudence aims to clarify the requirements to be met by individuals and corporations in order to be entitled to the treatment and protection provided for under investment treaties. It further analyses the specific rules on the nationality of claims under the ICSID Convention. As far as the definition of investment is concerned, most investment agreements adopt an open- ended approach which favours a broad definition of investment. Nevertheless recent developments in bilateral model treaties provide explanatory notes with further qualifications and clarifications of the term investment. The survey further reviews the definition of investment under ICSID as well as non-ICSID case-law for jurisdictional purposes. ∗ This survey was prepared by Catherine Yannaca-Small, Investment Division, OECD Directorate for Financial and Enterprise Affairs. Lahra Liberti, Investment Division, OECD Directorate for Financial and Enterprise Affairs prepared Section II of Part II and revised the document in light of the discussions in the OECD Investment Committee. This paper is a factual survey which does not necessarily reflect the views of the OECD or those of its member governments. It cannot be construed as prejudging ongoing or future negotiations or disputes arising under international investment agreements.
    [Show full text]