13Th International Conference on Cyber Conflict: Going Viral 2021

13Th International Conference on Cyber Conflict: Going Viral 2021

2021 13th International Conference on Cyber Confict: Going Viral T. Jančárková, L. Lindström, G. Visky, P. Zotz (Eds.) 2021 13TH INTERNATIONAL CONFERENCE ON CYBER CONFLICT: GOING VIRAL Copyright © 2021 by NATO CCDCOE Publications. All rights reserved. IEEE Catalog Number: CFP2126N-PRT ISBN (print): 978-9916-9565-4-0 ISBN (pdf): 978-9916-9565-5-7 COPYRIGHT AND REPRINT PERMISSIONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, or for personal or educational use when for non-proft or non-commercial purposes, providing that copies bear this notice and a full citation on the frst page as follows: [Article author(s)], [full article title] 2021 13th International Conference on Cyber Confict: Going Viral T. Jančárková, L. Lindström, G. Visky, P. Zotz (Eds.) 2021 © NATO CCDCOE Publications NATO CCDCOE Publications LEGAL NOTICE: This publication contains the opinions of the respective authors only. They do not Filtri tee 12, 10132 Tallinn, Estonia necessarily refect the policy or the opinion of NATO Phone: +372 717 6800 CCDCOE, NATO, or any agency or any government. NATO CCDCOE may not be held responsible for Fax: +372 717 6308 any loss or harm arising from the use of information E-mail: [email protected] contained in this book and is not responsible for the Web: www.ccdcoe.org content of the external sources, including external websites referenced in this publication. Layout: JDF NATO COOPERATIVE CYBER DEFENCE CENTRE OF EXCELLENCE The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a NATO- accredited cyber defence hub focusing on research, training, and exercises. Experts from most NATO nations and many partners of the Alliance across the globe work at the Centre, which is based in Tallinn, Estonia. The Centre provides a comprehensive cyber defence capability, with expertise in the areas of technology, strategy, operations, and law. At the core of the CCDCOE is a diverse group of international experts including legal scholars, policy, and strategy experts, as well as technology researchers with military, government, and industry backgrounds. The Centre is staffed and fnanced by the following NATO nations and partners of the Alliance – Austria, Belgium, Bulgaria, Canada, Croatia, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Japan, Latvia, Lithuania, Luxembourg, Montenegro, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, South Korea, Spain, Sweden, Switzerland, Turkey, the United Kingdom and the United States. CYCON 2021 SPONSORS TABLE OF CONTENTS Introduction 1 Covid-19 and the Cyber Pandemic: A Plea for 9 International Law and the Rule of Sovereignty in Cyberspace François Delerue Impact of Good Corporate Practices for 25 Security of Digital Products on Global Cyber Stability Vladimir Radunović, Jonas Grätz-Hoffmann and Marilia Maciel The Role of Artifcial Intelligence in Kinetic Targeting 43 from the Perspective of International Humanitarian Law Anastasia Roberts and Adrian Venables Limiting Viral Spread: Automated Cyber Operations 59 and the Principles of Distinction and Discrimination in the Grey Zone Monica Kaminska, Dennis Broeders and Fabio Cristiano Epidemic? The Attack Surface of German 73 Hospitals during the COVID-19 Pandemic Johannes Klick, Robert Koch and Thomas Brandstetter The Vulnerability of the Financial System 95 to a Systemic Cyberattack Bobby Vedral Strategic Cyber Effects in Complex Systems: 111 Understanding the US Air Transportation Sector Charles Harry and Skanda Vivek Adversary Targeting of Civilian 133 Telecommunications Infrastructure Keir Giles and Kim Hartmann In the Same Boat: On Small Satellites, 151 Big Rockets, and Cyber Trust James Pavur, Martin Strohmeier, Vincent Lenders and Ivan Martinovic Possibilities and Limitations of Cyber 171 Threat Intelligence in Energy Systems Csaba Krasznay and Gergő Gyebnár Building a National Cyber Strategy: 189 The Process and Implications of the Cyberspace Solarium Commission Report Brandon Valeriano and Benjamin Jensen The Cyberspace ‘Great Game’. 215 The Five Eyes, the Sino-Russian Bloc and the Growing Competition to Shape Global Cyberspace Norms Nikola Pijović The Global Spread of Cyber Forces, 2000–2018 233 Jason Blessing Windmills of the Mind: Higher-Order Forms 257 of Disinformation in International Politics James Shires Cyber Personhood 275 Neal Kushwaha, Keir Giles, Tassilo Singer and Bruce Watson Explainable AI for Classifying 291 Devices on the Internet Artūrs Lavrenovs and Roman Graf Towards an AI-powered Player 309 in Cyber Defence Exercises Roland Meier, Artūrs Lavrenovs, Kimmo Heinäaro, Luca Gambazzi and Vincent Lenders Threat Actor Type Inference and Characterization 327 within Cyber Threat Intelligence Vasileios Mavroeidis, Ryan Hohimer, Tim Casey and Audun Jøsang Self-Aware Effective Identifcation and 353 Response to Viral Cyber Threats Pietro Baroni, Federico Cerutti, Daniela Fogli, Massimiliano Giacomin, Francesco Gringoli, Giovanni Guida and Paul Sullivan Quantum Communication for 371 Post-Pandemic Cybersecurity Martin C. Libicki and David C. Gompert Biographies 387 INTRODUCTION hen preparing the CyCon 2020 proceedings last year, the editors were confdent that by the time of CyCon 2021, the COVID-19 pandemic would be over and Estonia’s capital Tallinn would again welcome cyber enthusiasts from the four corners of the world to discuss cyber defence and security through the lens of policy, strategy, law and technology. Developments have proven us wrong, however, and we continue learning how to work and meaningfully exchange ideas in the virtual world. In that vein, CyCon 2021 – Going Viral – has also gone virtual. This year’s central theme alludes not only to the immediate implications of human crises for cyberspace; it also sets out to encourage discussion on the impact of the rapid proliferation and high unpredictability that processes in cyberspace are prone to, and the real-life implications these phenomena have. We need to acknowledge these, study them and strive to use them for our common beneft. To our satisfaction, CyCon authors were not intimidated by the circumstances and have responded richly to the call for papers. It would also seem that the extraordinary times have inspired a good deal of unconventional thinking about cyberspace. Some papers even look boldly into the distant cyber future. We all know, however, that what may sound far-fetched today, may become a reality within a generation. As usual, articles in this book refect the three tracks of CyCon. Of a total of 20 articles, there are four legal, six technical and ten strategy papers. On the legal track, the discussion revolves around norms of behaviour in cyberspace and innovative applications of principles of international humanitarian law to cyber operations. François Delerue opens with the queen of international law rules and principles and calls upon States to be bolder on sovereignty in cyberspace. Vladimir Radunović, Jonas Grätz-Hoffmann and Marilia Maciel add a private sector perspective to the implementation of norms in cyberspace. Anastasia Roberts and Adrian Venables then attempt to alleviate legal concerns stemming from the use of artifcial intelligence in the targeting process. Monica Kaminska, Dennis Broeders and Fabio Cristiano take more of a policy approach and conclude the legal bloc by examining whether principles of distinction, precaution and discrimination could inspire a new norm regulating under-the-threshold cyber operations. This year, policy considerations are not foreign to technical papers either, and vice versa, technical aspects serve as a springboard for conclusions on the strategy track. 1 Several papers explore cyber threats in the context of a specifc industry or category of services. Johannes Klick, Robert Koch and Thomas Brandstetter provide a topical and practical study of the attack surface of the German healthcare sector. Bobby Vedral examines the vulnerability of the fnancial system to a systemic cyber attack. Charles Harry and Skanda Vivek, in their turn, look into cyber threat implications for the US commercial air sector, while Keir Giles and Kim Hartmann focus on and explore the critical dependencies in the communications sector. James Pavur, Martin Strohmeier, Vincent Lenders and Ivan Martinovic sound the alarm with regard to technologies used to launch space missions and the policy implications of their vulnerabilities. Csaba Krasznay and Gergő Gyebnár offer a case study illustrating the challenges of cyber threat intelligence sharing in the energy sector. Of course, pure policy papers cannot be absent from this year’s selection. Brandon Valeriano and Benjamin Jensen present a unique insight into the work of the US Cyberspace Solarium Commission and identify the lessons learned. Nikola Pijović evokes the 19th-century Great Game and examines how modern powers compete to shape global cyberspace norms. Jason Blessing documents the growth in institutionalised cyber capabilities across the globe, thus helping us realise the evolving paradigm in states’ cyber defence policies in and beyond NATO. James Shires takes an innovative look at disinformation operations

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    406 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us