2020 12th International Conference on Cyber Conflict 20/20 Vision: The Next Decade T. Jančárková, L. Lindström, M. Signoretti, I. Tolga, G. Visky (Eds.) 2020 12TH INTERNATIONAL CONFERENCE ON CYBER CONFLicT 20/20 VISION: THE NEXT DECADE Copyright © 2020 by NATO CCDCOE Publications. All rights reserved. IEEE Catalog Number: CFP2026N-PRT ISBN (print): 978-9949-9904-6-7 ISBN (pdf): 978-9949-9904-7-4 COPYRIGHT AND REPRINT PERMissiONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, or for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2020 12th International Conference on Cyber Conflict 20/20 Vision: The Next Decade T. Jančárková, L. Lindström, M. Signoretti, I. Tolga, G. Visky (Eds.) 2020 © NATO CCDCOE Publications NATO CCDCOE Publications LEGAL NOTICE: This publication contains the opinions of the respective authors only. They do not Filtri tee 12, 10132 Tallinn, Estonia necessarily reflect the policy or the opinion of NATO Phone: +372 717 6800 CCDCOE, NATO, or any agency or any government. NATO CCDCOE may not be held responsible for Fax: +372 717 6308 any loss or harm arising from the use of information E-mail: [email protected] contained in this book and is not responsible for the Web: www.ccdcoe.org content of the external sources, including external websites referenced in this publication. Head of publishing: Jaanika Rannu Layout: JDF NATO COOPERATivE CYBER DEFENCE CENTRE OF ExcELLENCE NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is an international military organisation, similar to other 24 NATO´s Centres of Excellence (COE). Although accredited by NATO, all COEs are independent research, training and exercise centres initiated by a Framework Nation (in the case of CCDCOE – Estonia) and belong to their member nations. COEs are not part of NATO command structure. This Tallinn-based cyber defence facility conducts research, trainings and exercises in four core areas: technology, strategy, operations and law. The heart of the Centre is a diverse staff of international experts from military, government, academia and industry, currently representing 25 member nations from NATO Allies and like- minded partners beyond the Alliance, with many more on the path to joining. In short, CCDCOE is a NATO-accredited cyber defence hub that supports its member nations and NATO with cyber defence expertise, enabling a unique 360-degree approach to some of the most relevant cyber defence issues. The Centre’s training courses are based on the latest research and cyber defence exercises. The continuously updated selection of training courses addresses the emerging demands in the cyber defence. To best meet the training requirements of our Allies, Partners and NATO as a whole, The Centre provides courses in different formats and locations, including e-learning or training by a mobile team, covering a broad range of topics in the technical, legal, strategic and operational cyber security domains. Appointed by NATO as the Department Head for Cyberspace Operations Discipline, CCDCOE is responsible for identifying cyberspace operations training needs and matching them with education and training solutions for all NATO bodies across the Alliance. Every spring the Centre hosts the annual conference on cyber conflict, CyCon, which unites decision-makers and experts from government, academia and industry from all over the world. In May 2019, CyCon brought to Tallinn around 600 cyber experts from more than 40 nations, the conference theme was ‘Silent Battle’. CCDCOE organises the largest and most complex international live-fire cyber defence exercise in the world – Locked Shields. The annual exercise enables cyber security experts to enhance their skills in defending national IT systems and critical infrastructure under real-time attacks. More than 1400 cyber experts from 30 nations took part in Locked Shields 2019. The Centre is also home to the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, the most comprehensive analysis on how existing international law applies to operations in cyber space. It further hosts the Cyber Law Toolkit, an interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. A regularly updated database of national cyber security documents, the International Cyber Developments Review (INCYDER) and comprehensive overviews of national cyber security organisations, together with other Centre’s publications and research papers are available on the Centre’s website. TABLE OF CONTENTS Introduction 1 Retorsion as a Response to Ongoing 9 Malign Cyber Operations Jeff Kosseff Collective Countermeasures in Cyberspace – 25 Lex Lata, Progressive Development or a Bad Idea? Przemysław Roguski Up in the Air: Ensuring Government 43 Data Sovereignty in the Cloud Neal Kushwaha, Przemysław Roguski and Bruce W. Watson Legal Issues Related to Cyber Threat 63 Information Sharing Among Private Entities for Critical Infrastructure Protection Livinus Nweke and Stephen Wolthusen Making the Cyber Mercenary – Autonomous 79 Weapons Systems and Common Article 1 of the Geneva Conventions Aleksi Kajander, Agnes Kasper and Evhen Tsybulenko Cyber Weapons Review in Situations 97 Below the Threshold of Armed Conflict Ivana Kudláčková, David Wallace and Jakub Harašta R2P & Cyberspace: Sovereignty as a Responsibility 113 Tina J. Park and Michael Switzer The Past, Present, and Future of 129 Russia’s Cyber Strategy and Forces Bilyana Lilly and Joe Cheravitch Measuring the Fragmentation of the Internet: 157 The Case of the Border Gateway Protocol (BGP) During the Ukrainian Crisis Frédérick Douzet, Louis Pétiniaud, Loqman Salamatian, Kevin Limonier, Kavé Salamatian and Thibaut Alchus Cyber in War: Assessing the Strategic, Tactical, 183 and Operational Utility of Military Cyber Operations Matthias Schulze Correlations Between Cyberspace 199 Attacks and Kinetic Attacks Martin C. Libicki Problems of Poison: New Paradigms and “Agreed” 215 Competition in the Era of AI-Enabled Cyber Operations Christopher Whyte The Next Generation of Cyber-Enabled 233 Information Warfare Kim Hartmann and Keir Giles Defenders Disrupting Adversaries: 251 Framework, Dataset, and Case Studies of Disruptive Counter-Cyber Operations Jason Healey, Neil Jenkins and JD Work Using Global Honeypot Networks 275 to Detect Targeted ICS Attacks Michael Dodson, Alastair R. Beresford and Mikael Vingaard Addressing the Cybersecurity Challenges 293 of Electrical Power Systems of the Future Gilberto Pires de Azevedo, Maxli Barroso Campos and Paulo César Pellanda Towards Classifying Devices on the 309 Internet Using Artificial Intelligence Artūrs Lavrenovs, Roman Graf and Kimmo Heinäaro Hacking the AI – The Next Generation of Hijacked Systems 327 Kim Hartmann and Christoph Steup Recent Developments in Cryptography 351 Lubjana Beshaj and Andrew O. Hall Biographies 369 INTRODUCTION Every edition of the CyCon proceedings is special. The book that you have just opened is particularly so: for the first time in CyCon’s history, it stands alone with no physical conference accompanying it. The event that has, over the twelve years of its existence, become a staple item on the agenda of many a cyber enthusiast in public administration, military and academia, drawing over 600 participants each May to the Estonian capital, had to cede to SARS-CoV-2 and public health concerns. True to the cyber ethos of thinking in categories of abstract and invisible threats, and in order to celebrate the work of our authors, CCDCOE has decided to carry on with the publication of the CyCon proceedings nonetheless. Moreover, at a time when a substantial part of professional and personal activities are moving online and the whole world struggles to maintain normality under unprecedented circumstances, the CyCon theme, 20/20 Vision: The Next Decade, could not be more relevant. More than ever we need to be aware of the new technologies, policies and legal frameworks that will shape the future at societal and personal levels, and we must ask how to best protect our values while ensuring that cyberspace becomes more transparent, predictable and safe. As usual, the papers gathered in this book reflect the three CyCon tracks: technical, strategic and legal. Of the total of 19 papers appearing in the book, five cover technical topics, seven touch upon strategic and seven upon legal issues. There is a variety of topics but a trend of shifting paradigms in their respective disciplines can be discerned. With the development of cyberspace as a domain of operations, new ideas appear, but old concepts are also being revamped and their application to cyberspace tested. Papers discussing artificial intelligence, autonomous weapons or cloud services stand shoulder to shoulder with papers dealing with energy distribution networks, security of industrial control systems (ICS) or responses available to states under international law. Jeff Kosseff thus explores retorsion as a possible response to malign
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages388 Page
-
File Size-