DOCSLIB.ORG

Cyber Warfare Conflict Analysis and Case Studies Mohan B

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Warfare Conflict Analysis and Case Studies Mohan B Cyber Warfare Conflict Analysis and Case Studies Mohan B. Gazula Working Paper CISL# 2017-10 May 2017 Cybersecurity Interdisciplinary Systems Laboratory (CISL) Sloan School of Management, Room E62-422 Massachusetts Institute of Technology Cambridge, MA 02142 Cyber Warfare Conflict Analysis and Case Studies By Mohan B. Gazula M.S., Computer Science Boston University Submitted to the Systems Design and Management Program in Partial Fulfillment of the Requirements for the Degree of Master of Science in Engineering and Management at the Massachusetts Institute of Technology June 2017 © 2017 Mohan B. Gazula. All rights reserved. The author hereby grants to MIT permission to reproduce and to distribute publicly paper and electronic copies of this thesis document in whole or in part in any medium now known or hereafter created. Signature of Author ............................................................................... MIT Sloan School of Management Department of Electrical Engineering and Computer Science May 12, 2017 Certified by ...................................................................................... Stuart Madnick John Norris Maguire Professor of Information Technologies, MIT Sloan School of Management & Professor of Engineering Systems, MIT School of Engineering Thesis Supervisor Certified by ...................................................................................... Allen Moulton Research Scientist, Sociotechnical Systems Research Center, MIT Thesis Supervisor Accepted by ...................................................................................... Joan S. Rubin Executive Director and senior lecturer, System Design & Management THIS PAGE INTENTIONALLY LEFT BLANK 2 Cyber Warfare Conflict Analysis and Case Studies By Mohan B. Gazula M.S., Computer Science Boston University Submitted to the Systems Design and Management Program in Partial Fulfillment of the Requirements for the Degree of Master of Science in Engineering and Management Abstract “The supreme art of war is to subdue the enemy without fighting.” - Sun Tsu from “The Art of War” Believed to have lived between 770 and 476 B.C In the age of code wars, have our lives changed for the better? Are we any safer than the bloody wars or the cold wars from the past? Is there any more guarantee now in a cyber age than in a kinetic age involving human forces? These are the types of questions that have little answers due to the secret nature of the operation. State-sponsored activities are commonplace. Whenever there is involvement by a state, the stakes are higher, and loss of life can never be ruled out. The objective of this thesis was to research historical cyber-warfare incidents from the past to current and map the relevant cyber-warfare data in a well-known framework called CASCON, which is a history-based conflict analysis and decision-support system. The CASCON-based analysis for cyber incidents revealed a larger picture of the world we live in and how easily that world could change. The information contained in this thesis is not meant to be conclusive, but a study of state- sponsored cyber cases using MIT’s CASCON to map and categorize information for future learning about conflicts involving states. It is the purpose of this thesis to (a) research historical cyber-warfare incidents and (b) map cyber-warfare incidents into a framework. Thesis Advisor: Stuart Madnick Title: John Norris Maguire Professor of Information Technology, MIT Sloan School of Management & Professor of Engineering Systems, MIT School of Engineering Thesis Advisor: Allen Moulton Title: Research Scientist, Sociotechnical Systems Research Center 3 THIS PAGE INTENTIONALLY LEFT BLANK 4 ACKNOWLEDGMENTS I was fortunate to have Professor. Stuart Madnick and Allen Moulton as my advisors, and I am profoundly grateful for their support and guidance during the process of writing my thesis. Professor Madnick believed in me and was always available whenever I ran into a trouble spot or had a question about my research or writing. He consistently allowed this paper to be my own work, but steered me in the right direction by motivating me to plan on my thesis early and deliver an excellent product. His expertise and feedback on cyber security has been a guiding light throughout my research work. Mr. Moulton brought life to my thesis with his expertise on international conflict management, kinetic and cyber warfare along with his experience on various research topics. He being one of the original authors of CASCON helped me tremendously. He also helped me gain momentum towards completing my thesis with a pragmatic approach. I enjoyed having discussions with Allen and benefited from his detailed views on many topics including kinetic warfare and CASCON. Thank you, Professor Madnick and Mr. Moulton in helping me create a robust and quality product. I truly appreciate your advice, time and confidence in me. Patrick Hale (Former Executive Director of SDM) was always available and provided me with advice and support to work through challenges and believed in me. Thank you, Pat for being available and providing guidance. Thanks to Joan S. Rubin (Executive director and senior lecturer of the Massachusetts Institute of Technology’s System Design & Management program) for her tremendous guidance and approachability. Thanks to Triet Nguyen, Bill Foley and Amal Elalam for all their financial, curriculum and administrative advice throughout the duration of the program. I am grateful to General Dynamics Mission Systems for their support in helping me complete my master’s degree program. Inspiration provided by my parents has enabled me to achieve goals throughout my life. My father, an entrepreneur and visionary, taught me to dream big and think ahead in everything I do. My mother was an exemplary to hard work and patience. My wife, Kavitha, whose inspiration, support and approach to life is second to none. My son, Pratik, and daughter, Kimaya, have been the source of my energy. My two sisters, Kala and Leka, have shown unconditional support for anything I have set out to do in my life. “The true goal of action is knowledge of the Self.” ― The Bhagavad Gita 5 THIS PAGE INTENTIONALLY LEFT BLANK 6 Dedicated To my Dear Wife - a Noble Family Physician, a Professor and an Entrepreneur Dr. Kavitha Gazula M.D., ABIHM to my Dear Son Pratik and Dear Daughter Kimaya 7 THIS PAGE INTENTIONALLY LEFT BLANK 8 TABLE OF CONTENTS 1. MOTIVATION ................................................................................................................................ 13 1.1 USE OF CYBERSPACE ............................................................................................................................................. 13 1.2 THE CYBER-BATTLEFIELD ............................................................................................................................................ 15 1.2.1 Operational Boundaries of Cyber-warfare .................................................................................................... 17 1.3 THE DATA WEAPON ...................................................................................................................................................... 18 1.4 EVOLUTION OF CYBER-WARFARE AND CYBER-CONFLICT .............................................................................. 19 1.5 COST AND SCALE OF CYBER-WARFARE ...................................................................................................................... 21 1.6 A HISTORICAL GLIMPSE OF CYBER-WARFARE .......................................................................................................... 23 2. A FRAMEWORK FOR CYBER-WARFARE .............................................................................. 23 3.1 TYPICAL PHASES IN CYBER-WARFARE .............................................................................................................. 24 3.2 CYBER WARFARE: FACTOR CODING ................................................................................................................... 25 4. CYBER WARFARE: CASE STUDIES .............................................................................................. 28 4.1 OLYMPIC GAMES (A.K.A STUXNET) .................................................................................................................... 28 4.2 UKRANIAN POWER GRID...................................................................................................................................... 32 4.3 KOSOVO WAR ......................................................................................................................................................... 35 4.4 RUSSIA-GEORGIA WAR ....................................................................................................................................... 38 4.5 OPERATION CAST LEAD ...................................................................................................................................... 40 4.6 THE TULIP REVOLUTION ..................................................................................................................................... 43 4.7 THE JASMINE REVOLUTION ................................................................................................................................ 45 4.8 DUQU (1.0 & 2.0) ............................................................................................................................................... 47 4.9 THE EASTERN RAILWAY WEBSITE DEFACEMENT
Load more

Recommended publications
  • Report Criminal Law in the Face of Cyberattacks
    APRIL 2021 REPORT CRIMINAL LAW IN THE FACE OF CYBERATTACKS Working group chaired by Bernard Spitz, President of the International and Europe Division of MEDEF, former President of the French Insurance Federation (FFA) General secretary: Valérie Lafarge-Sarkozy, Lawyer, Partner with the law firm Altana ON I SS I AD HOC COMM CRIMINAL LAW IN THE FACE OF CYBERATTACKS CRIMINAL LAW IN THE FACE OF CYBERATTACKS CLUB DES JURISTES REPORT Ad hoc commission APRIL 2021 4, rue de la Planche 75007 Paris Phone : 01 53 63 40 04 www.leclubdesjuristes.com FIND US ON 2 PREFACE n the shadow of the global health crisis that has held the world in its grip since 2020, episodes of cyberattacks have multiplied. We should be careful not to see this as mere coincidence, an unexpected combination of calamities that unleash themselves in Ia relentless series bearing no relation to one another. On the contrary, the major disruptions or transitions caused in our societies by the Covid-19 pandemic have been conducive to the growth of offences which, though to varying degrees rooted in digital, are also symptoms of contemporary vulnerabilities. The vulnerability of some will have been the psychological breeding ground for digital offences committed during the health crisis. In August 2020, the Secretary-General of Interpol warned of the increase in cyberattacks that had occurred a few months before, attacks “exploiting the fear and uncertainty caused by the unstable economic and social situation brought about by Covid-19”. People anxious about the disease, undermined by loneliness, made vulnerable by their distress – victims of a particular vulnerability, those recurrent figures in contemporary criminal law – are the chosen victims of those who excel at taking advantage of the credulity of others.
    [Show full text]
  • Counter-Insurgency, Human Rights, and the Law of Armed Conflict Federico Sperotto
    Human Rights Brief Volume 17 | Issue 1 Article 3 2009 Counter-Insurgency, Human Rights, and the Law of Armed Conflict Federico Sperotto Follow this and additional works at: http://digitalcommons.wcl.american.edu/hrbrief Part of the Human Rights Law Commons, and the International Law Commons Recommended Citation Sperotto, Federico. "Counter-Insurgency, Human Rights, and the Law of Armed Conflict." Human Rights Brief 17, no. 1 (2009): 19-23. This Article is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in Human Rights Brief by an authorized administrator of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. Sperotto: Counter-Insurgency, Human Rights, and the Law of Armed Conflict Counter-Insurgency, Human Rights, and the Law of Armed Conflict by Federico Sperotto* introduCtion ounter-insurgency is the dominant aspect in the United States-led Operation Enduring Freedom (OEF) in CAfghanistan, and, since the NATO-led International Security Assistance Force (ISAF) has assumed growing respon- sibility throughout insurgents’ sanctuaries, also a mission for Europeans. According to the U.S. military, insurgency represents an intermediate step in the spectrum of conflict, which ranges from stable peace to general war.1 The frame in which military opera- tions are conducted is known as irregular warfare, a violent struggle among state and non-state actors for legitimacy and influence over a population.2 This form of conflict is charac- terized by three principle activities: insurgency, counter-insur- gency, and unconventional warfare, referring to the avoidance of Association of the Courtesy of the Revolutionary Afghanistan.
    [Show full text]
  • Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches
    Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches OVERVIEW Over the past several years, the Cybersecurity and Infrastructure Security Ransomware is a serious and increasing threat to all government and Agency (CISA) and our partners have responded to a significant number of private sector organizations, including ransomware incidents, including recent attacks against a U.S. pipeline critical infrastructure organizations. In company and a U.S. software company, which affected managed service response, the U.S. government providers (MSPs) and their downstream customers. launched StopRansomware.gov, a centralized, whole-of-government Ransomware is malware designed to encrypt files on a device, rendering webpage providing ransomware files and the systems that rely on them unusable. Traditionally, malicious resources, guidance, and alerts. actors demand ransom in exchange for decryption. Over time, malicious actors have adjusted their ransomware tactics to be more destructive and impactful. Malicious actors increasingly exfiltrate data and then threaten to sell or leak it—including sensitive or personal information—if the ransom is not paid. These data breaches can cause financial loss to the victim organization and erode customer trust. All organizations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems. This fact sheet provides information for all government and private sector organizations, including critical infrastructure organizations, on preventing and responding to ransomware-caused data breaches. CISA encourages organizations to adopt a heightened state of awareness and implement the recommendations below. PREVENTING RANSOMWARE ATTACKS 1. Maintain offline, encrypted backups of data and regularly test your backups.
    [Show full text]
  • About the Sony Hack
    All About the Sony Hack Sony Pictures Entertainment was hacked in late November by a group called the Guardians of Peace. The hackers stole a significant amount of data off of Sony’s servers, including employee conversations through email and other documents, executive salaries, and copies of unreleased January/February 2015 Sony movies. Sony’s network was down for a few days as administrators worked to assess the damage. According to the FBI, the hackers are believed have ties with the North Korean government, which has denied any involvement with the hack and has even offered to help the United States discover the identities of the hackers. Various analysts and security experts have stated that it is unlikely All About the Sony Hack that the North Korean government is involved, claiming that the government likely doesn’t have the Learn how Sony was attacked and infrastructure to succeed in a hack of this magnitude. what the potential ramifications are. The hackers quickly turned their focus to an upcoming Sony film, “The Interview,” a comedy about Securing Your Files in Cloud two Americans who assassinate North Korean leader Kim Jong-un. The hackers contacted Storage reporters on Dec. 16, threatening to commit acts of terrorism towards people going to see the Storing files in the cloud is easy movie, which was scheduled to be released on Dec. 25. Despite the lack of credible evidence that and convenient—but definitely not attacks would take place, Sony decided to postpone the movie’s release. On Dec. 19, President risk-free. Obama went on record calling the movie’s cancelation a mistake.
    [Show full text]
  • Terrence Andrew Davis Message
    Friend Request Sent Suggest Friends Terrence Andrew Davis Message Timeline About Friends Photos More Intro Terrence Andrew Davis updated his profile picture. March 10 · Studied at Arizona State University Went to Agua Fria High School Lives in Las Vegas, Nevada Share 1 BibleStreamer Israel TempleBot (God) Says... trust rendezvous silicosis affiliating Hiss's screechier phoning ravelled populist's slingshot's Deanna callings left's anonymity's respelled fabrication's exemplifying casters friendliness's quiescence refusal russet filigreeing southwest paramedic's townhouse's debilities taproots flunked gauzy Moldavia Minnesota's May 24 at 11:46pm · Edited Featured Albums Terrence Andrew Davis updated his cover photo. March 10 · English (US) · Español · Português (Brasil) · Français (France) · Deutsch Privacy · Terms · Advertising · Ad Choices · Cookies · More Facebook © 2017 Share 1 Share Terrence Andrew Davis December 30, 2015 · What's a good tombstone, God? God says... Isidro's brigantine's prediction's Quinton's guile musician Coppola's leukocyte's whippoorwill's stokes finished ibexes Earlene's marrows magnetically Krishnamurti yahoos futz George's staccato's platypuses eloquence's finery's wiggly gouges engages Leningrad's Shackleton Mon mistaken Amoco alcoholic Share Terrence Andrew Davis December 30, 2015 · God says... swelter's legibly streptococcal lobster's deleting cowlick's schoolmistress itemization snowsuit's sawdust goings scanners ancestor crystals whined Pele noise's Royal exhausting nationalized trotted hollowing symbolizes impecunious stutters Chukchi territorial snug wiped candlesticks faeces oligarchic Share Terrence Andrew Davis December 30, 2015 · CIA agents will sandpaper their SS tatoos. Share Terrence Andrew Davis December 30, 2015 · http://science.slashdot.org/…/exploding-munitions-caught-on… God says..
    [Show full text]
  • Hacking the Web
    Hacking the Web (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa 1 Table of Contents } General Introduction } Authentication Attacks } Client-Side Attacks } Injection Attacks } Recent Attacks } Privacy Tools 2 (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa Why secure the Web? } The Web has evolved into an ubiquitous entity providing a rich and common platform for connecting people and doing business. } BUT, the Web also offers a cheap, effective, convenient and anonymous platform for crime. } To get an idea, the Web has been used for the following types of criminal activities (source: The Web Hacking Incidents Database (WHID) http://projects.webappsec.org/w/page/13246995/Web-Hacking-Incident-Database) } Chaos (Attack on Russian nuclear power websites amid accident rumors (5Jan09) } Deceit (SAMY XSS Worm – Nov 2005) } Extortion (David Aireys domain hijacked due to a CSRF (cross site request forgery) flaw in Gmail – 30Dec2007) } Identity Theft (XSS on Yahoo! Hot jobs – Oct 2008) } Information Warfare (Israeli Gaza War - Jan 2009 / Balkan Wars – Apr 2008 ) } Monetary Loss (eBay fraud using XSS) } Physical Pain (Hackers post on epilepsy forum causes migraines and seizures – May 2008) } Political Defacements (Hacker changes news release on Sheriffs website – Jul 2008) (Obama, Oreilly and Britneys Twitter accounts hacked and malicious comments posted – Jan 09) } Chinese Gaming sites hacked (Dec. 2011) 3 Copyright(C) 2009 (c) -20092020- 2019Arun Arun Viswanathan Viswanathan Ellis HorowitzEllis Horowitz Marco Marco Papa Papa
    [Show full text]
  • Metahunt: Towards Taming Malware Mutation Via Studying the Evolution of Metamorphic Virus
    MetaHunt: Towards Taming Malware Mutation via Studying the Evolution of Metamorphic Virus Li Wang Dongpeng Xu Jiang Ming [email protected] [email protected] [email protected] The Pennsylvania State University University of New Hampshire University of Texas at Arlington University Park, PA 16802, USA Durham, NH 03824, USA Arlington, TX 76019, USA Yu Fu Dinghao Wu [email protected] [email protected] The Pennsylvania State University The Pennsylvania State University University Park, PA 16802, USA University Park, PA 16802, USA ABSTRACT KEYWORDS As the underground industry of malware prospers, malware de- Malware detection, metamorphic virus, binary diffing, binary code velopers consistently attempt to camouflage malicious code and semantics analysis undermine malware detection with various obfuscation schemes. ACM Reference Format: Among them, metamorphism is known to have the potential to Li Wang, Dongpeng Xu, Jiang Ming, Yu Fu, and Dinghao Wu. 2019. Meta- defeat the popular signature-based malware detection. A meta- Hunt: Towards Taming Malware Mutation via Studying the Evolution of morphic malware sample mutates its code during propagations so Metamorphic Virus. In 3rd Software Protection Workshop (SPRO’19), Novem- that each instance of the same family exhibits little resemblance to ber 15, 2019, London, United Kingdom. ACM, New York, NY, USA, 12 pages. another variant. Especially with the development of compiler and https://doi.org/10.1145/3338503.3357720 binary rewriting techniques, metamorphic malware will become much easier to develop and outbreak eventually. To fully under- stand the metamorphic engine, the core part of the metamorphic 1 INTRODUCTION malware, we attempt to systematically study the evolution of me- The malicious software (malware) underground market has evolved tamorphic malware over time.
    [Show full text]
  • Meserole Brookings CV 2021
    CHRISTOPHER O. MESEROLE 1775 Massachusetts Ave NW, Washington DC 20036 (202) 797-6180 | [email protected] POSITIONS Director of Research and Policy, Brookings AI & Emerging Tech Initiative (2020-) Deputy Director, Brookings AI & Emerging Tech Initiative (2019-2020) Fellow, Foreign Policy, Brookings Institution (2017-) Post-Doctoral Fellow in Foreign Policy, Brookings Institution (2016-2017) Pre-Doctoral Fellow in Foreign Policy, Brookings Institution (2015-2016) AFFILIATIONS Co-Facilitator, GIFCT CAPPI Working Group (2020-) Co-PI, Brookings High-Level Working Group on Disinformation (2019-2020) Member, Christchurch Call Advisory Network (2019-) Adjunct Professor, Georgetown University (2019-) Member, Research Advisory Council, RESOLVE Network (2019-) Member, Digital Freedom Forum, CNAS (2019-) EDUCATION A.B., highest honors in field, Harvard University, Cambridge, MA, 2002 M.Div., S.T.M, Yale University, NeW Haven, CT, 2009, 2010 Ph.D., University of Maryland, College Park, MD, 2017 RESEARCH Artificial intelligence, emerging technology, international security; digital INTERESTS authoritarianism; counterterrorism and countering violent extremism; nonparametric machine learning, interpretable machine learning, differential privacy and homomorphic encryption, decentralized ledger technology WRITING “Exporting Digital Authoritarianism,” Brookings Institution, September 2019. (With Alina Polyakova.) “HoW Big Tech Can Fight White Supremacist Terrorism,” Foreign Affairs, August 2019. (With Daniel Byman.) “Terrorist Definitions and Designation
    [Show full text]
  • Speaker Bios
    Quad9 public domain name service moves to Switzerland for maximum internet privacy protection Press conference, February17 2021 Short bios of speakers Bill Woodcock Chairman of the Quad9 Foundation Council Bill is the executive director of Packet Clearing House, the international non- governmental organization that builds and supports critical Internet infrastructure, including Internet exchange points and the core of the domain name system. Since entering the Internet industry in 1985, Bill has helped establish more than three hundred Internet exchange points. In 1989, Bill developed the anycast routing technique that now protects the domain name system. Bill serves on the board of directors of the M3AA Foundation, and was on the board of the American Registry for Internet Numbers for fifteen years. Now, Bill’s work focuses principally on the security and economic stability of critical Internet infrastructure. [email protected] John Todd General Manager, Quad9 John Todd has been involved with the Quad9 project since inception in 2016, and has been working with DNS since 1989. His background in ISP, server hosting, satellite- based data systems, VoIP, and other large-scale network infrastructure have constantly incorporated the DNS as an underlying technology that forms the basis of his experience. [email protected] Version: February 17, 2021 1/2 Tom Kleiber Managing Director, SWITCH Tom Kleiber has been Managing Director of SWITCH since 1 January 2021. Previously, he held various leadership positions in large and medium-sized corporations. For example, as CEO of the ICT services provider connectis AG with 350 employees, at Siemens, Alcatel and as a member of the Management Board of Microsoft Switzerland.
    [Show full text]
  • Towards Next-Generation Intrusion Detection
    rd 2011 3 International Conference on Cyber Conflict Permission to make digital or hard copies of this publication for internal use within C. Czosseck, E. Tyugu, T. Wingfield (Eds.) NATO, and for personal or educational use done for non-profit or non-commercial purpose is granted providing that copies bear this notice and a full citation on the first Tallinn, Estonia, 2011 © CCD COE Publications page. Any other reproduction or transmission requires prior written permission. Towards Next-Generation Intrusion Detection Robert Koch Institut für Technische Informatik (ITI) Universität der Bundeswehr Munich, Germany [email protected] Abstract- Today, Intrusion Detection Systems (IDS) are integral components of larger networks. Even so, security incidents are on a day-to-day basis: Numerous data leakage scandals arouse public interest in the recent past and also other attacks like Stuxnet are discussed in the general public. On the one side, the commercial success of the Internet and the possibilities to carry out attacks from a relatively safe distance attracts criminals and made e-Crime to a multi-billion dollar market over the past years. On the other side, more and more services and systems migrate to the Internet, for example Voice over IP (VoIP) or Video on Demand (VoD). This enables new and potential attack vectors. With the steadily increasing use of encryption technology, State-of-the-Art Intrusion- as well as Extrusion Detection technologies can hardly safeguard current networks to the full extend. Furthermore, they are not able to cope with the arising challenges of the fast growing network environments. The paper gives an overview of up-to-date security systems and investigates their shortcomings.
    [Show full text]
  • Nber Working Paper Series the Impact of the General
    NBER WORKING PAPER SERIES THE IMPACT OF THE GENERAL DATA PROTECTION REGULATION ON INTERNET INTERCONNECTION Ran Zhuo Bradley Huffaker kc claffy Shane Greenstein Working Paper 26481 http://www.nber.org/papers/w26481 NATIONAL BUREAU OF ECONOMIC RESEARCH 1050 Massachusetts Avenue Cambridge, MA 02138 November 2019 The authors are grateful to the Doctoral Office at Harvard Business School for financial support for field work. This research is partially supported by NSF OAC-1724853, NSF C-ACCEL OIA-1937165, U.S. AFRL FA8750-18-2-0049. The views and conclusions do not necessarily represent those of the Air Force Research Laboratory, the U.S. Government, or the National Bureau of Economic Research. NBER working papers are circulated for discussion and comment purposes. They have not been peer-reviewed or been subject to the review by the NBER Board of Directors that accompanies official NBER publications. © 2019 by Ran Zhuo, Bradley Huffaker, kc claffy, and Shane Greenstein. All rights reserved. Short sections of text, not to exceed two paragraphs, may be quoted without explicit permission provided that full credit, including © notice, is given to the source. The Impact of the General Data Protection Regulation on Internet Interconnection Ran Zhuo, Bradley Huffaker, kc claffy, and Shane Greenstein NBER Working Paper No. 26481 November 2019 JEL No. L00,L51,L86 ABSTRACT The Internet comprises thousands of independently operated networks, where bilaterally negotiated interconnection agreements determine the flow of data between networks. The European Union’s General Data Protection Regulation (GDPR) imposes strict restrictions on processing and sharing of personal data of EU residents. Both contemporary news reports and simple bilateral bargaining theory predict reduction in data usage at the application layer would negatively impact incentives for negotiating interconnection agreements at the internet layer due to reduced bargaining power of European networks and increased bargaining frictions.
    [Show full text]
  • Cyber-Conflict Between the United States of America and Russia CSS
    CSS CYBER DEFENSE PROJECT Hotspot Analysis: Cyber-conflict between the United States of America and Russia Zürich, June 2017 Version 1 Risk and Resilience Team Center for Security Studies (CSS), ETH Zürich Cyber-conflict between the United States of America and Russia Authors: Marie Baezner, Patrice Robin © 2017 Center for Security Studies (CSS), ETH Zürich Contact: Center for Security Studies Haldeneggsteig 4 ETH Zürich CH-8092 Zurich Switzerland Tel.: +41-44-632 40 25 [email protected] www.css.ethz.ch Analysis prepared by: Center for Security Studies (CSS), ETH Zürich ETH-CSS project management: Tim Prior, Head of the Risk and Resilience Research Group; Myriam Dunn Cavelty, Deputy Head for Research and Teaching; Andreas Wenger, Director of the CSS Disclaimer: The opinions presented in this study exclusively reflect the authors’ views. Please cite as: Baezner, Marie; Robin, Patrice (2017): Hotspot Analysis: Cyber-conflict between the United States of America and Russia, June 2017, Center for Security Studies (CSS), ETH Zürich. 2 Cyber-conflict between the United States of America and Russia Table of Contents 1 Introduction 5 2 Background and chronology 6 3 Description 9 3.1 Tools and techniques 9 3.2 Targets 10 3.3 Attribution and actors 10 4 Effects 11 4.1 Social and internal political effects 11 4.2 Economic effects 13 4.3 Technological effects 13 4.4 International effects 13 5 Consequences 14 5.1 Improvement of cybersecurity 14 5.2 Raising awareness of propaganda and misinformation 15 5.3 Observation of the evolution of relations between the USA and Russia 15 5.4 Promotion of Confidence Building Measures 16 6 Annex 1 17 7 Glossary 18 8 Abbreviations 19 9 Bibliography 19 3 Cyber-conflict between the United States of America and Russia Executive Summary Effects Targets: US State institutions and a political The analysis found that the tensions between the party.
    [Show full text]