International Relations Cyber Security
by
Hannes Ebert, Tim Maurer
  • LAST MODIFIED: 11 January 2017
  • DOI: 10.1093/obo/9780199743292-0196

Introduction

The Internet has expanded rapidly since its commercialization in the mid-1990s. In the early 21st century, a third of the world’s population has access to the technology, with another 1.5 billion expected to gain access by 2020. Moreover, the “Internet of Things” will lead to an exponential number of devices being connected to the network. As a result, the economic and political incentives to exploit the network for malicious purposes have also increased, and cybersecurity has reached head-of-state-level attention. In parallel, publications on the topic by academic, policy, industry, and military institutions have multiplied. Scholars within the international relations (IR) discipline and its subfields of security studies and strategic studies increasingly focus on the technology’s implications on national and international security. This includes studying its effect on related concepts such as power, sovereignty, global governance, and securitization. Meanwhile, the meaning of cybersecurity and information security has been highly contested. Broad definitions of the concept incorporate a wide range of cyberthreats and cyberrisks, including cyberwarfare, cyberconflict, cyberterrorism, cybercrime, and cyberespionage as well as cybercontent, while narrower conceptualizations focus on the more technical aspects relating to network and computer security. This article focuses on cybersecurity in the IR context from the perspective of political conflict, including the scholarship on cyberwarfare, cyberconflict, and cyberterrorism. The literature on cybercrime deserves a stand-alone article, as does cyberespionage from the perspective of surveillance and intelligence activities. This article references only a few publications from the latter two categories as they relate to cyberconflict. While scholars take the technology’s implications for international security increasingly seriously, they continue to disagree about the level and nature of threat and the appropriate policy responses that governments and other stakeholders should adopt. States also have very different perspectives on cyberspace and its appropriate use, with an increasing number developing offensive cybercapabilities. Cybersecurity has become an integral part of governments’ national defense and foreign and security policies and doctrines, contributing to the construction of cybersecurity as a new domain of warfare. Efforts to develop rules of the road for cyberspace focus on the applicability of existing international law, potential gaps, the development of norms, confidence-building measures, and postulating deterrence postures. As a consequence, a cybersecurity regime complex has evolved, encompassing multiple regional and international institutions that play pivotal roles in shaping policy responses. This article offers a selective list of relevant literature. The coauthors would like to thank the experts in China, India, Russia, Switzerland, and the United States who responded to their request to share their top-ten most relevant cybersecurity publications. The coauthors incorporated this feedback in their process for developing this article to reduce bias and to include international perspectives on the most-relevant English-language literature.

General Overviews

Since 2007, a number of in-depth, book-length studies have been published that build on the largely conceptual and hypothetical literature of the 1990s on information security and its evolution and focus on cybersecurity. There had been a noteworthy gap and shift in the literature following the 9/11 terrorist attacks, until the high-profile cyberincidents toward the end of the first decade of the 21st century reignited interest and scholarship on cybersecurity. Singer and Friedman 2014 offers a highly accessible introduction to definitions, relevance, and policies of cybersecurity. Segal 2016 describes how the expansion of the Internet reshapes traditional forms and rules of international power struggles more broadly and ushers in a new era of geopolitics. The history of this development is the focus of a strategic dossier compiled by the London-based International Institute for Strategic Studies (Tikk-Ringas 2015), detailing the technology’s evolution and political implications starting with the 1950s. Healey 2013, a historical account of cyberconflict, argues that the first cyberincident occurred in 1986, and it deduces lessons from ten major incidents that followed thereafter for early-21st-century cybersecurity debates. The limitations and benefits of various historical analogies to other military domains for understanding and improving cybersecurity are discussed extensively in Goldman and Arquilla 2014. In-depth discussions of the implications of cybersecurity include Libicki 2007, with Kramer, et al. 2009 providing a strategic framework for US cybersecurity policymaking. Clark, et al. 2014 presents a comprehensive catalogue of relevant research and policy questions informed by the authors’ technical expertise.

  • Clark, David, Thomas Berson, and Herbert Lin, eds. At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues. Washington, DC: National Academic Press, 2014.

    Save Citation »Export Citation »E-mail Citation »

    Reviews key cybersecurity policy challenges from a technically informed perspective of three leading scholars at the nexus of information technology and policy. Fully readable and highly accessible online.

    Find this resource:

  • Goldman, Emily O., and John Arquilla, eds. Cyber Analogies. Monterey, CA: Naval Postgraduate School, 2014.

    Save Citation »Export Citation »E-mail Citation »

    Edited volume sponsored by the US Cyber Command assessing the value of historical and cross-domain analogies, ranging from military surprise attacks and nuclear planning to economic warfare, air defense, and offense-defense balances. Fascinating testimony of how analysts and practitioners seek to understand and solve problems in a nascent, understudied area perceived as vitally important.

    Find this resource:

  • Healey, Jason, ed. A Fierce Domain: Conflict in Cyberspace, 1986 to 2012. Vienna: Cyber Conflict Studies Association, 2013.

    Save Citation »Export Citation »E-mail Citation »

    One of the first comprehensive historical accounts of cyberconflict, written from the practitioner’s perspective of a former member of the US Air Force. The edited volume includes systematic analyses of ten case studies of important cyberconflicts between 1986 and 2012.

    Find this resource:

  • Kramer, Franklin D., Stuart H. Starr, and Larry Wentz, eds. Cyberpower and National Security. Washington, DC: Potomac, 2009.

    Save Citation »Export Citation »E-mail Citation »

    This comprehensive edited volume develops conceptual policy recommendations for how the US government should strategically use cyberpower to enhance its national and security interests. Key compendium of US military, scholarly, and industry voices on a broad range of policy issues.

    Find this resource:

  • Libicki, Martin C. Conquest in Cyberspace: National Security and Information Warfare. Cambridge, UK: Cambridge University Press, 2007.

    DOI: 10.1017/CBO9780511804250Save Citation »Export Citation »E-mail Citation »

    An early and important analysis of the prospects for information warfare. The author contends that threats to information systems, including in the areas of defense and command and control, are exaggerated, since control over these is difficult to sustain.

    Find this resource:

  • Segal, Adam. The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age. New York: PublicAffairs, 2016.

    Save Citation »Export Citation »E-mail Citation »

    A nonalarmist account of how cyberconflict and competition evolve internationally, written by a China expert. Argues that cyberattacks pose less of a threat of bodily harm but more to infrastructures such as financial institutions, power grids, and security networks and that the post-pax digital Americana order will once again be dominated by geopolitical maneuvers.

    Find this resource:

  • Singer, Peter W., and Allan Friedman. Cybersecurity and Cyberwar: What Everyone Needs to Know. What Everyone Needs to Know. Oxford: Oxford University Press, 2014.

    Save Citation »Export Citation »E-mail Citation »

    Highly readable, informative, and accessible entry point, with its own website providing a detailed table of contents and discussion questions. Explores “How It All Works,” “Why It Matters,” and “What Can We Do?” Contends that transnational cyberthreats increasingly undermine the prospects for effective international cooperation, which requires building more-resilient systems.

    Find this resource:

  • Tikk-Ringas, Eneken, ed. Evolution of the Cyber Domain: The Implications for National and Global Security. London: Routledge, 2015.

    Save Citation »Export Citation »E-mail Citation »

    This comprehensive historical analysis illustrates key developments and trends shaping cybersecurity since the inception of computer networking in the 1950s. Dedicates separate chapters to each decade as well as to the themes of Internet governance, normative approaches to cybersecurity, intelligence, and military affairs. Attaches appendixes on international instruments and standards.

    Find this resource:

Journals

While the general overviews are exclusively book-length studies, a number of scholarly journals have published important contributions and debates on issues related to cybersecurity. Because cybersecurity is inherently a multidisciplinary subject of study, it has been covered by journals in multiple fields, ranging from computer science and information technology to economics, law, social psychology, sociology, political science, and international relations. All these disciplines also address trans- or international aspects of cybersecurity. The journals selected here explicitly focus on interdisciplinary perspectives and questions related to international relations. Two peer-reviewed journals launched in 2015–2016, the Journal of Cybersecurity and the Journal of Cyber Policy, seek to promote a high-level scholarly dialogue between the relevant disciplines. The Journal of Strategic Studies and Survival: Global Politics and Strategy have provided venues for key debates in the broader social science camp of strategic studies. Journals sponsored by the US military, such as the Cyber Defense Review, the Journal of Information Warfare, and Strategic Studies Quarterly, also constitute crucial sources. Finally, the journals Security and Communication Networks, IEEE Security & Privacy, and Information Security Journal: A Global Perspective focus on technical aspects but also engage with policy and strategic debates.

Online Resources and Blogs

Cybersecurity is a young field of study that is evolving and changing quickly, in which research has proliferated dramatically across disciplines in the early 21st century. A set of academic, policy, and industry websites and blogs provide useful entry points to access sources and keep track of current debates. NATO’s public diplomacy division has established the most extensive multimedia online library available. Think tanks Council on Foreign Relations (CFR), Center for Strategic and International Studies, and New America offer a continually updated anthology of links to key sources (Research Links: Cybersecurity Policy, an interactive Cyber Incident Timeline, and a Global Cyber Definitions Database, respectively. The magazine Foreign Policy maintains a dynamic channel on technology and cyber (Tech & Cyber). Bruce Schneier’s blog (Schneier on Security) offers a critical voice on early-21st-century cybersecurity developments. The Congressional Research Service regularly publishes a compendium of authoritative reports and governmental documents (Tehan 2015). The International Organization for Standardization publishes standards on definitions and concepts (ISO/IEC 27000:2016).

International-Relations Perspectives on Cybersecurity

Despite a growing consensus that cyberspace has significant implications for international relations (IR) in general and security in particular, existing scholarship has generated relatively few IR theory-oriented analyses on the topic so far, apart from early pioneers such as Deibert 2003. Manjikian 2010 assesses the potential of realist and liberal approaches and illustrates how these two approaches reveal the variation in Chinese, Russian, and US perceptions of the likelihood of conflict in cyberspace. In 2011, the International Studies Association—the discipline’s most prominent institutional body—made “Power, Politics, Participation in the Global Information Age” the main theme of its annual convention, whose key publications appeared in a special issue of International Studies Review (Singh and Simmons 2013). This publication illustrates the nascent scholarly debate on cybersecurity within mainstream IR. The author of Choucri 2012 was among those encouraging the broader IR community to further explore cybersecurity, which as she argued had become an integral part of national security. Both Junio 2013 and Kello 2013 contribute approaches to IR theory building from the perspectives of principal agent and international security studies. Floridi and Taddeo 2014 links the IR debate on ethics with discussions on cybersecurity and assesses the utility of the Just War theory for tackling ethical problems in cyberwarfare doctrines. Finally, Stevens 2016 adopts an eclectic IR approach of security studies, political theory, and social theory to explore how cyberspace has changed the meaning of time and temporality in political processes related to security.

  • Choucri, Nazli. Cyberpolitics in International Relations: Context, Connectivity, and Content. Cambridge, MA: MIT, 2012.

    Save Citation »Export Citation »E-mail Citation »

    Among the early works on IR and cyberspace. Argues that cybersecurity has become the fourth dimension of state security next to external, internal, and environmental security. Chapter 6 focuses on cyberconflicts and threats to security. For more details, see the Harvard-MIT Explorations in Cyber International Relations project.

    Find this resource:

  • Deibert, Ronald J. “Black Code: Censorship, Surveillance, and the Militarisation of Cyberspace.” Millennium: Journal of International Studies 32.3 (2003): 501–530.

    DOI: 10.1177/03058298030320030801Save Citation »Export Citation »E-mail Citation »

    Deibert was one of the first political scientists examining how states begin to militarize cyberspace, what the consequences for global communication environment are, and which forms of resistance occur.

    Find this resource:

  • Floridi, Luciano, and Mariarosaria Taddeo, eds. The Ethics of Information Warfare. Law, Governance and Technology 14. Cham, Switzerland: Springer, 2014.

    Save Citation »Export Citation »E-mail Citation »

    Discusses the ethical problems posed by waging war through the use of new information-and-communications technologies. Includes stimulating contributions that reveal the benefits and limitations of the Just War theory and alternative approaches to solve these problems.

    Find this resource:

  • Junio, Timothy J. “How Probable Is Cyber War? Bringing IR Theory Back In to the Cyber Conflict Debate.” Journal of Strategic Studies 36.1 (2013): 125–133.

    DOI: 10.1080/01402390.2012.739561Save Citation »Export Citation »E-mail Citation »

    As a part of a roundtable on whether cyberwarfare is a significant threat, this article calls for a research program for the study of cyberwar and provides a theory-oriented approach from the principal-agent perspective.

    Find this resource:

  • Kello, Lucas. “The Meaning of the Cyber Revolution: Perils to Theory and Statecraft.” International Security 38.2 (2013): 7–40.

    DOI: 10.1162/ISEC_a_00138Save Citation »Export Citation »E-mail Citation »

    Another contribution to building a framework for understanding cyberthreats and their consequences for security, taking the perspective of international security studies. Argues that cyberweapons constitute a new threat marked by the use of nonmilitary means of nontraditional actors to inflict economic and social harm that further expands the scholarly conceptualization of security.

    Find this resource:

  • Manjikian, Mary McEvoy. “From Global Village to Virtual Battlespace: The Colonizing of the Internet and the Extension of Realpolitik.” International Studies Quarterly 54.2 (2010): 381–401.

    DOI: 10.1111/j.1468-2478.2010.00592.xSave Citation »Export Citation »E-mail Citation »

    Asks how realist and liberal IR theories can be applied to cyberspace, positing that these two schools arrive at strongly contrasting predictions about the likelihood of cyberconflict and cooperation.

    Find this resource:

  • Singh, J. P., and Beth A. Simmons, eds. Special Issue: International Relationships in the Information Age. International Studies Review 15.1 (2013).

    Save Citation »Export Citation »E-mail Citation »

    Provides what is arguably the most comprehensive overview of IR scholarship on cyberspace, including key publications on cybersecurity.

    Find this resource:

  • Stevens, Tim. Cyber Security and the Politics of Time. Cambridge, UK: Cambridge University Press, 2016.

    Save Citation »Export Citation »E-mail Citation »

    Combines insights from IR, security studies, political theory, and social theory to study the politics of cybersecurity, illustrating how cybersecurity communities’ understanding of time and temporality influences the political practice of cybersecurity and creates a sense of urgency for pervasive and robust countermeasures against threats.

    Find this resource:

Cybersecurity and Cyberpower

Related to the scholarship on cybersecurity is the literature on how cyberspace shapes power in international politics, and the impact these shifts have on the perception and meaning of national and international security. Defining cyberpower as an actor’s ability to obtain preferred outcomes within and outside cyberspace by employing electronically interconnected information resources, Nye 2011 highlights that the current information revolution changes the nature of power and increases its diffusion from powerful states to smaller states and nonstate actors. The author cautions that this aspect of power diffusion might be more threatening to international security than power shifts from established powers to states in the Global South. David Betz (Betz 2012) agrees but argues in contrast to Joseph Nye that greater connectivity has a perpetuating effect, if any, on the current global distribution of military power capabilities. His argument is built on a conceptual work (Betz and Stevens 2011), which constructs a multidimensional concept of cyberpower. Ebert and Maurer 2013 demonstrates that, in contrast to mainstream assumptions in IR neorealist theories, rising powers have not pursued concerted power-balancing policies against the US cyber hegemony, and that the outcome of cyber competitions among rising powers significantly shapes the conflict proneness of the future information-based order. Klimburg 2011 provides an insightful conceptualization of cyberpower, the relationship between the state and nongovernmental actors, and the use of proxy actors to project power.

  • Betz, David. “Cyberpower in Strategic Affairs: Neither Unthinkable nor Blessed.” Journal of Strategic Studies 35.5 (2012): 689–711.

    DOI: 10.1080/01402390.2012.706970Save Citation »Export Citation »E-mail Citation »

    Argues, in contrast to Nye, that the information revolution has a limited effect on the distribution of power among states and that greater connectivity, if anything, reinforces the existing distribution of military power, but agrees with him that nontraditional strategic actors benefit disproportionately and that states should focus doctrinal adaptations on this aspect.

    Find this resource:

  • Betz, David J., and Tim Stevens. Cyberspace and the State: Toward a Strategy for Cyber-Power. Adelphi 424. New York: Routledge, 2011.

    Save Citation »Export Citation »E-mail Citation »

    Balanced study of the effects of cyberspace on the ways in which states project power. Develops a multidimensional concept of “cyber-power” entailing compulsory, institutional, structural, and productive dimensions. Involves a discussion on sovereignty, war, and dominion in cyberspace, concepts that are closely linked to cybersecurity, arguing that cyberwar is unlikely.

    Find this resource:

  • Ebert, Hannes, and Tim Maurer. “Contested Cyberspace and Rising Powers.” Third World Quarterly 34.6 (2013): 1054–1074.

    DOI: 10.1080/01436597.2013.802502Save Citation »Export Citation »E-mail Citation »

    Examines the cybersecurity policies of the member states of the BRICS grouping (containing Brazil, Russia, India, China, and South Africa), which seem to defy traditional assumptions by balance-of-power theories.

    Find this resource:

  • Klimburg, Alexander. “Mobilising Cyber Power.” Survival 53.1 (2011): 41–60.

    DOI: 10.1080/00396338.2011.555595Save Citation »Export Citation »E-mail Citation »

    Provides a conceptualization of cyberpower and the role of the state and nongovernmental actors and discusses how states such as China and Russia project cyberpower by covertly or overtly using nonstate actors for deniable cyberattacks.

    Find this resource:

  • Nye, Joseph S., Jr. The Future of Power: Its Changing Nature and Use in the 21st Century. New York: PublicAffairs, 2011.

    Save Citation »Export Citation »E-mail Citation »

    Building on his previous, seminal scholarship on power, Nye offers pioneering work on how, in the global information age, the characteristics of cyberspace enhance the diffusion of power, which might well constitute a greater threat to international security than power transition (in chapter 6 of this book on power generally, which is based on an earlier report).

    Find this resource:

Cybersecurity through the Lens of Securitization Theory

An increasing number of studies on cybersecurity have adopted the perspective of securitization theory, a diverse IR approach associated with the Copenhagen school that draws on constructivist, realist, and post-structuralist assumptions and methods. In general, the theory analyzes why, how, and with what consequences particular issues are constructed as distinct national or international security concerns legitimizing extraordinary measures such as the use of force, large-scale intelligence gathering, and invasion of privacy. Cyber issues have been framed as security concerns since the 1980s but became constructed as existential threats to national security only in the post–Cold War era and in particular in the first decade of the 21st century, when uncertainty related to technological innovation, rising powers in the Global South, and transnational terrorism increased. In this context, risks became framed in terms such as “weapons of mass disruption” and “electronic Pearl Harbors” (compare Munro 1995, cited under Cyberconflict). Eriksson and Giacomello 2006 builds on the senior author’s earlier work on securitization of information technology in Sweden to highlight the relative advantages of the securitization perspective compared to liberal and realist accounts. Hansen and Nissenbaum 2009, the senior author among the leading scholars of securitization theory, argues that cyberspace has become an additional sector next to the traditional military, political, economic, societal, and environmental sectors in which securitization can take place. Cavelty 2013 broadens this perspective at the theoretical level by combining securitization theory with discourse theory, as well as at the empirical level, by exploring how a selection of cybersecurity policies rely on competing threat representations. Deibert and Rohozinski 2010 and Morozov 2011 identify a wave of securitization efforts in the first decade of the 21st century and discuss its implications for Internet freedom.

  • Cavelty, Myriam Dunn. “From Cyber-bombs to Political Fallout: Threat Representations with an Impact in the Cyber-security Discourse.” In Special Issue: International Relationships in the Information Age. International Studies Review 15.1 (2013): 105–122.

    DOI: 10.1111/misr.12023Save Citation »Export Citation »E-mail Citation »

    On the basis of the author’s earlier work on cybersecurity and cyberthreat politics in the United States, the article combines securitization theory with discourse theory to explore the language used to turn political issues related to cyberspace into security matters. Cavelty identifies three main threat representations and links these to selected cybersecurity policies and practices.

    Find this resource:

  • Deibert, Ronald J., and Rafal Rohozinski. “Risking Security: Policies and Paradoxes of Cyberspace Security.” International Political Sociology 4.1 (2010): 15–32.

    DOI: 10.1111/j.1749-5687.2009.00088.xSave Citation »Export Citation »E-mail Citation »

    Detailed explanation of why governments shifted from a laissez-faire approach in the 1990s to a focus on managing risks, and what implications this securitization process has on Internet freedom.

    Find this resource:

  • Eriksson, Johan, and Giampiero Giacomello. “The Information Revolution, Security, and International Relations: (IR)relevant Theory?” International Political Science Review 27.3 (2006): 221–244.

    DOI: 10.1177/0192512106064462Save Citation »Export Citation »E-mail Citation »

    Early attempt to review IR’s value to understand cybersecurity, contending that the constructivist focus on social images and language emphasized in securitization theory and the liberal emphasis on interdependence promise a relatively greater potential than do realist accounts to understand the impact of the information revolution on security.

    Find this resource:

  • Hansen, Lene, and Helen Nissenbaum. “Digital Disaster, Cyber Security, and the Copenhagen School.” International Studies Quarterly 53.4 (2009): 1155–1175.

    DOI: 10.1111/j.1468-2478.2009.00572.xSave Citation »Export Citation »E-mail Citation »

    Adopts securitization theory to analyze the securitization process in the case of cyberattacks against Estonian institutions in 2007, which illustrates that the distinct constellation of threats and referent objects makes cybersecurity a distinct sector.

    Find this resource:

  • Morozov, Evgeny. The Net Delusion: The Dark Side of Internet Freedom. New York: PublicAffairs, 2011.

    Save Citation »Export Citation »E-mail Citation »

    Highly readable and provocative account of the political ramifications of the spread of the Internet, highlighting how the latter constricts and abolishes freedoms both in democratic and authoritarian states when security actors dominate the discourse.

    Find this resource:

Cyberthreats and Cyberrisks

The scholarship on cybersecurity threats to international security covers a range of different actors. It also includes foundational debates about the nature of the threat and the technology’s impact on conventional conflict and war. For example, the debate over whether cyberwar will or will not take place consumed scholarly attention for several years. Similarly, cyberterrorism has been a persistent theme in the literature, eventually shifting toward studies on how terrorists use the Internet. Both have been partly a discussion about definitions, and the growing scholarship conceptualizing cyberweapons and cyberconflict has shed a more nuanced light on the distinctions between various cybersecurity threats, ranging from espionage to sabotage, warfare, and terrorism. The literature on cyberconflict has been expanding to include more-formal models on the timing of cyberconflict, to discuss the relationship between cyberwarfare and conventional conflict, and to analyze the type of effects that are unique to cyberoperations. With regard to actors, more state-centric perspectives have been complemented by a growing body of articles examining proxy actors, independent hacktivist groups, and private-sector-active cyberdefense.

The Cyberwar Debate

Clarke and Knake 2010, titled Cyber War, sparked a revival of scholarly attention in cyberwar and an international debate about whether cyberwar will or will not take place. Unlike previous scholarly discussions of this topic, this time it occurred against the backdrop of the news coverage of the Stuxnet malware, the first cyberattack to have arguably crossed the use-of-force threshold, causing physical damage to an Iranian nuclear facility. Zetter 2014 remains the most comprehensive account of Stuxnet to date. While Clarke and Knake 2010 warns of the dangers of cyberwar, Rid and Arquilla 2012 and Rid 2013 constitute a rebuttal offering a skeptical assessment of its occurrence. Thomas Rid applies classic political-science concepts such as number of deaths in a conflict to discuss its qualification as war. His publication in turn prompted a series of responses, including by early cyberwar theorist John Arquilla (Arquilla 2012) and by John Stone (Stone 2013), and increasingly nuanced discussions of the potential effects of cyberoperations illustrated by Gartzke 2013 and Lindsay 2013, the latter a detailed discussion of Stuxnet and its implications in 2013.

Cyberconflict

The debate about whether cyberwar will or will not take place ultimately focused on questions of thresholds—namely, the number of fatalities and the scale of physical damage. While important, it also distracted scholarly attention from investigating the effect and implications of the vast majority of cyberincidents occurring to date that remain below such thresholds and the legal threshold of use of force and armed attack. The cyberwar debate informed the linguistic shift away from Neil Munro’s description of the fear of an electronic Pearl Harbor (Munro 1995) toward notions of cyberconflict rather than war and toward the notion of cybered conflict rather than cyberconflict. Rattray 2001, a discussion of strategic warfare in cyberspace, outlines many of the themes and arguments still present in the cybersecurity literature today. After the hiatus and shift following the 9/11 terrorist attacks, scholarly attention started to focus on cyberspace again several years later. For example, the publication of Cornish, et al. 2010 followed cyberincidents making front-page news, such as the 2007 distributed-denial-of-service attack disrupting many online services in Estonia. Lin 2012 discusses escalation dynamics and conflict termination, illustrating the growing depth of the scholarly cybersecurity discussion and the combination of political with technical analysis. This includes Dombrowski and Demchak 2014, which advances the notion of cybered conflict instead of cyberconflict to highlight that actions in cyberspace are usually coupled with broader political tensions and conventional actions. And the authors of Axelrod and Iliev 2014 are among the first scholars to apply formal, mathematical modeling to cyberconflict.

  • Axelrod, Robert, and Rumen Iliev. “Timing of Cyber Conflict.” Proceedings of the National Academy of Sciences of the United States of America 111.4 (2014): 1298–1303.

    DOI: 10.1073/pnas.1322638111Save Citation »Export Citation »E-mail Citation »

    Analyzes and provides a mathematical model for the optimal timing for the use of cyber resources, applying it to the following case studies: Stuxnet malware targeting an Iranian nuclear facility, cyberattack wiping hard drives of the Saudi company Saudi Aramco, cyberespionage by the Chinese government, and China exercising economic coercion against Japan.

    Find this resource:

  • Cornish, Paul, David Livingstone, Dave Clemente, and Claire Yorke. On Cyber Warfare. London: Chatham House, 2010.

    Save Citation »Export Citation »E-mail Citation »

    Argues for a review and adaptation of the UK national strategy to take into account cyberwarfare, viewing it as a new domain for military engagement particularly benefiting smaller actors.

    Find this resource:

  • Dombrowski, Peter, and Chris C. Demchak. “Cyber War, Cybered Conflict, and the Maritime Domain.” Naval War College Review 67.2 (2014): 71–96.

    Save Citation »Export Citation »E-mail Citation »

    Examines cyberoperations primarily from the perspective of its implications for US national security, particularly the US Navy and maritime space, preferring to use the term “cybered conflict” instead of “cyber war.”

    Find this resource:

  • Lin, Herbert. “Escalation Dynamics and Conflict Termination in Cyberspace.” Strategic Studies Quarterly 6.3 (2012): 46–70.

    Save Citation »Export Citation »E-mail Citation »

    Systematically discusses key terminology and basic concepts relating to offensive cyberoperations before outlining escalation dynamics in cyberspace, including a discussion of crisis stability, catalytic cyberconflict, signaling, impact assessment, deescalation, and termination of conflict.

    Find this resource:

  • Munro, Neil. “Fear of an Electronic Pearl Harbor.” Washington Post, 16 July 1995.

    Save Citation »Export Citation »E-mail Citation »

    Offers one of earliest quotes drawing analogy to Pearl Harbor, by citing Robert Ayers, head of the Defense Information Systems Agency’s information warfare unit, saying that “We are not prepared for an electronic version of Pearl Harbor. . . . Our [electronic] infrastructure is not safe and not secure.”

    Find this resource:

  • Rattray, Gregory J. Strategic Warfare in Cyberspace. Cambridge, MA: MIT, 2001.

    Save Citation »Export Citation »E-mail Citation »

    Written at the turn of the 21st century, this systematic analysis discusses strategic information warfare, delineating it from economic competition. It focuses on the strategic effects that political actors might achieve, comparing it to the concept of strategic air power developed after World War I and strategic information warfare developed in the 1990s.

    Find this resource:

Cyberoperations and Cyberweapons

The functioning and potential effects of cyberoperations and cyberweapons closely relate to the debate over whether cyberwar will or will not take place and are integral parts of the scholarship on cyberconflict. These are also at the center of what differentiates information operations from cyberoperations. Libicki 1995, a discussion and conceptualization of information warfare, is an early attempt to distinguish among information warfare, electronic warfare, and cyberwarfare. Belk and Noyes 2012, on the use of the offensive cybercapabilities, reflects the evolution in conceptual thinking in the interim years, with Liff 2012, Peterson 2013, and Herr 2014 offering increasingly detailed analysis of the composition and functioning of cyberweapons. Brown and Metcalf 2014, in turn, provides a legal perspective on the concept of cyberweapons and related challenges.

  • Belk, Robert, and Matthew Noyes. On the Use of Offensive Cyber Capabilities: A Policy Analysis for the Department of Defense Office of Cyber Policy. Policy Analysis Exercise. Cambridge, MA: John F. Kennedy School of Government, 2012.

    Save Citation »Export Citation »E-mail Citation »

    A detailed ontology of cyberoperations and the development of a framework to assess implications of various cyberoperations in the context of the US Department of Defense’s cyber policy.

    Find this resource:

  • Brown, Gary D., and Andrew O. Metcalf. “Easier Said Than Done: Legal Reviews of Cyber Weapons.” Journal of National Security Law & Policy 7.1 (2014): 115–138.

    Save Citation »Export Citation »E-mail Citation »

    Argues that academic approaches to cyberweapons are difficult to translate into practical legal concepts for military advisers. Instead proposes to focus on the context of how a capability will be used, describing different techniques before discussing application of existing law to cyberweapons and subsequently proposing a definition of “cyber weapon.”

    Find this resource:

  • Herr, Trey. “PrEP: A Framework for Malware & Cyber Weapons.” Journal of Information Warfare 13.1 (2014): 87–106.

    Save Citation »Export Citation »E-mail Citation »

    Offers a framework for conceptualizing malware and cyberweapons, arguing that all malware consists of three components: propagation method, exploits, and payload.

    Find this resource:

  • Libicki, Martin C. What Is Information Warfare? Washington, DC: National Defense University Press, 1995.

    Save Citation »Export Citation »E-mail Citation »

    A comprehensive analysis of the increasingly popular concept of “information warfare” at the time, arguing that information warfare does not exist as a distinct warfare technique and distinguishing among seven different forms of information warfare.

    Find this resource:

  • Liff, Adam P. “Cyberwar: A New ‘Absolute Weapon’? The Proliferation of Cyberwarfare Capabilities and Interstate War.” Journal of Strategic Studies 35.3 (2012): 401–428.

    DOI: 10.1080/01402390.2012.663252Save Citation »Export Citation »E-mail Citation »

    Related to the cyberwar debate, this article discusses cyberweapons and the paucity of publications relying on classic international relations (IR) theories to analyze cybersecurity.

    Find this resource:

  • Peterson, Dale. “Offensive Cyber Weapons: Construction, Development, and Employment.” Journal of Strategic Studies 36.1 (2013): 120–124.

    DOI: 10.1080/01402390.2012.742014Save Citation »Export Citation »E-mail Citation »

    Excellent primer into the concept of a cyberweapon, specifically focusing on industrial control systems and highlighting that they are relatively cheap to develop but difficult yet possible to deploy, and that maintaining a link to and persistent access to the deployed weapon is the most challenging aspect.

    Find this resource:

Nongovernmental Actors and Cybersecurity

In addition to the scholarship on interstate warfare in and through cyberspace, there has been a growing number of publications analyzing the role of nongovernmental actors in the context of cyberconflict. Applegate 2011, a discussion of cybermilitias and political hackers, represents a growing interest in the role of nongovernmental actors. Schmitt and Vihul 2014, for example, provides an in-depth examination, from an international-law perspective, of proxy actors and how they are used by states, whereas Coleman 2014 offers a detailed anthropological account of the Anonymous hacktivist group. Meanwhile, Lachow 2013 and Brangetto, et al. 2014 (the latter published following the sixth international CyCon conference, in Tallinn, Estonia) focus on active cyberdefense by private companies.

  • Applegate, Scott D. “Cybermilitias and Political Hackers—Use of Irregular Forces in Cyberwarfare.” IEEE Security & Privacy 9.5 (2011): 16–22.

    DOI: 10.1109/MSP.2011.46Save Citation »Export Citation »E-mail Citation »

    Following the cyberincidents in Estonia and Georgia, this article examines the role and status of nongovernmental actors carrying out malicious cyberactivity, discussing if they should be treated as combatants or criminals.

    Find this resource:

  • Brangetto, Pascal, Markus Maybaum, and Jan Stinissen, eds. 6th International Conference on Cyber Conflict: Proceedings; 3–6 June 2014, Tallinn, Estonia. Tallinn, Estonia: NATO Cooperative Cyber Defence Centre of Excellence, 2014.

    Save Citation »Export Citation »E-mail Citation »

    Collection of articles focusing on active cyberdefense, on the basis of presentations at the 2014 CyCon, an annual cybersecurity conference hosted in Tallinn, Estonia.

    Find this resource:

  • Coleman, Gabriella. Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous. New York: Verso, 2014.

    Save Citation »Export Citation »E-mail Citation »

    This book provides an anthropological study of the hacktivist network Anonymous from its evolution to the date of the book’s publication. It is one of the most comprehensive analyses of Anonymous, tracing its evolution and interactions with governments and other actors and providing a unique insight based on the author’s access.

    Find this resource:

  • Lachow, Irving. Active Cyber Defense: A Framework for Policymakers. Washington, DC: Center for a New American Security, 2013.

    Save Citation »Export Citation »E-mail Citation »

    Provides a nuanced, technically informed overview of active cyberdefense and argues for its broader adoption by the private sector to counter increasingly sophisticated threats.

    Find this resource:

  • Schmitt, Michael N., and Liis Vihul. “Proxy Wars in Cyberspace: The Evolving International Law of Attribution.” Fletcher Security Review 1.2 (2014): 54–73.

    Save Citation »Export Citation »E-mail Citation »

    Provides in-depth analysis of existing thresholds in international law applying to proxy actors, arguing that these thresholds are very high, predict states’ continuous use of nonstate actors, and observe little appetite of the international community to establish a treaty regime.

    Find this resource:

Cyberterrorism

Cyberterrorism is a special category relating to nongovernmental actors and is worthy of a stand-alone section. To date, there has been no terrorist attack resulting from hacking. The cyberterrorism literature can be divided into publications studying the terrorist use of the Internet, such as the use of social media for recruitment and communications purposes, and publications discussing terrorists launching an actual cyberattack, which remains a hypothetical to date. Conway 2002 sheds light on the sometimes confusing and sometimes sensationalist cyberterrorism terminology and how it’s been used in the literature; the author’s insights are valid to this day. Weimann 2004 assesses the cyberterrorism threat three years after 9/11, and Chen, et al. 2014 presents an updated assessment ten years later. The International Law Association created a study group on cybersecurity, terrorism, and international law in late 2013, which provided an overview of relevant international legal issues relating to cyberterrorism (Fidler 2015). In a latest development, a drone strike killed a hacker affiliated with a terrorist group for the first time in 2015, as described in a Wall Street Journal article (Coker, et al. 2015).

Geopolitics of Cybersecurity

The theoretical scholarship on cyberwar and cyberconflict and the type of actors involved has been complemented by a growing body of literature on the geopolitics of cybersecurity as well as government strategies and policies relating to cyberspace. The United States, China, and Russia are among the most sophisticated state actors in cyberspace and are heavily involved in international discussions about cyberconflict, and therefore they merit stand-alone sections. In addition, North Korea deserves special attention in light of its use of offensive cyberoperations, as do countries in the Middle East (namely, Israel and Iran). The cyberattack against Saudi Aramco is included to shed light on the developing threat landscape and escalatory development in the early 21st century. Meanwhile, a New York Times article about hackers in Argentina and a BBC article about the arrest of Chinese hackers in Kenya illustrate the global dimension of the cybersecurity ecosystem.

The United States and Cybersecurity

The United States remains the only superpower in the world, often setting precedents and standards emulated by other countries, including regarding cyberspace and cyberconflict. In 2010, William Lynn, US deputy secretary of defense at the time, declares cyberspace to be a new operational domain for the US military (Lynn 2010). Meanwhile, the Obama administration expressed a specific desire for rules of the road for cyberspace in its 2011 international strategy for cyberspace (Obama 2011), influenced by a growing sense of vulnerability and an increasing number of states developing military doctrines for cyberspace. A unique insight into some of these vulnerabilities is provided by former senior counsel at the US National Security Agency, Joel Brenner (Brenner 2011). The complexity of cybersecurity is detailed in the President’s Review Group on Intelligence and Communications Technologies (US Government, the White House 2013), established in response to the disclosures by Edward Snowden in 2013, which produced one of the most detailed discussions of cybersecurity, including the implications for security and liberty. One particularly crucial aspect was further discussed in an unprecedented White House blog post describing the US government’s process for deciding when to disclose a vulnerability (Daniel 2014). The US government’s international vision gained further contour with the 2014 report of the US Department of State’s International Security Advisory Board, outlining the vision for international cyberstability (US Department of State, International Security Advisory Board 2014). Five years after Lynn 2010, the Pentagon released its new cyberstrategy, acknowledging offensive capabilities (US Department of Defense 2015), and Secretary of State John Kerry outlined five specific norms to govern behavior in cyberspace in his 2015 speech in South Korea in furtherance of the goal of international cyberstability (Kerry 2015).

China and Cybersecurity

Mirroring US military discussions about cyberwarfare, Qiao Liang and Chiangsui Wang, two PLA officers, argue in Liang and Wang 1999 that China should use such means to exploit its asymmetric advantages. Zhang 2012 offers more insight into the Chinese perspective on cybersecurity, demonstrating that beyond the military use of the Internet, China’s view on cybersecurity is broader than that of the US government and many others to also include content under the broader concept of information security. Meanwhile, the threat perception of Chinese espionage increased significantly over the years, leading to in-depth studies of Chinese intelligence activities such as Inkster 2013 as well as Krekel, et al. 2012. Lindsay 2014–2015 offers an additional analysis of China’s cybersecurity strategy and is particularly noteworthy for trying to view the issue from China’s perspective. Lieberthal and Singer 2012 in turn explores the increasing tensions around cybersecurity in the broader context of US-China relations. Against the backdrop of increasingly alarmist media coverage, Lindsay, et al. 2015 provides a detailed analysis of the issues, tensions, and complexity involved. Meanwhile, Marczak, et al. 2015 documents the early-21st-century escalatory development related to China’s broader conception of cybersecurity tied to its domestic concerns.

Russia and Cybersecurity

Russia is one of the most advanced cyberpowers. A detailed and historical overview of the government’s approach to cyberspace is provided in Soldatov and Borogan 2015. In 1998, Russia proposed an international cybersecurity treaty and initiated the process at the UN, focusing on the use of information-and-communications technologies in the context of international security, which has become the center of the international community’s discussion about cybersecurity norms today. Meanwhile, Russia’s perspective and approach to cybersecurity differ significantly from that of the United States, which is the focus of three articles written by Russian experts, focusing on the military use of the Internet (Bazylev, et al. 2012), international law and norms (Streltsov 2007), and the application of arms control (Dylevsky, et al. 2014). Russia attracted particular scholarly attention following the cyberincidents in Estonia in 2007 and in Georgia in 2008 and the conflict in Ukraine, which Geers 2015 and Tikk, et al. 2010 investigate in detail.

  • Bazylev, S. I., Igor N. Dylevsky, Sergei A. Komov, and Aleksandr N. Petrunin. “The Russian Armed Forces in the Information Environment: Principles, Rules, and Confidence-Building Measures.” Military Thought 21.2 (2012): 10–15.

    Save Citation »Export Citation »E-mail Citation »

    Offers a Russian perspective on information security and the military use of cyberspace. Also summarizes the Russian military’s conceptual views on activities in the information environment.

    Find this resource:

  • Dylevsky, Igor, Sergei Komov, Sergei Korotkov, Aleksandr N. Petrunin, and V. O. Zapivakhin. “An International Nonproliferation Regime for Information Weapons: Utopia or Reality?” Military Thought 23.4 (2014): 1–11.

    Save Citation »Export Citation »E-mail Citation »

    Discusses the concept of information weapons from a Russian perspective and explores and argues in favor of applying arms control to cybersecurity, using the nuclear nonproliferation regime as a case study.

    Find this resource:

  • Geers, Kenneth, ed. Cyber War in Perspective: Russian Aggression against Ukraine. Tallinn, Estonia: NATO Cooperative Cyber Defence Centre of Excellence, 2015.

    Save Citation »Export Citation »E-mail Citation »

    An edited volume of eighteen chapters written by experts in Ukraine and abroad, assessing the role of cyberoperations during the conflict in Ukraine (covering the period until fall 2015).

    Find this resource:

  • Soldatov, Andrei, and Irina Borogan. The Red Web: The Struggle between Russia’s Digital Dictators and the New Online Revolutionaries. New York: PublicAffairs, 2015.

    Save Citation »Export Citation »E-mail Citation »

    A unique piece of investigative journalism tracing the history of Russia’s surveillance system and intelligence agencies, providing insight into the Russian government’s perspective on information security.

    Find this resource:

  • Streltsov, A. A. “International Information Security: Description and Legal Aspects.” Disarmament Forum 3 (2007): 5–13.

    Save Citation »Export Citation »E-mail Citation »

    Provides a historical review of the international community’s efforts to develop norms as well as insight into the Russian perspective on the application of international law, including discussing the issue of territory, attribution problem, and critical infrastructure.

    Find this resource:

  • Tikk, Eneken, Kadri Kaska, and Liis Vihul. International Cyber Incidents: Legal Considerations. Vol. 112. Tallinn, Estonia: NATO Cooperative Cyber Defence Centre of Excellence, 2010.

    Save Citation »Export Citation »E-mail Citation »

    Comprehensive review and legal analysis of the cyberincidents occurring in Estonia, Belarus, Lithuania, and Georgia between 2007 and 2010.

    Find this resource:

Other Selected Countries and Regions Noteworthy in Cybersecurity Geopolitics

Several other countries must be highlighted in the context of geopolitical trends relating to cybersecurity, given their sophisticated and increasingly sophisticated capabilities such as Israel, North Korea, and Iran, in addition to the world’s great powers. Jun, et al. 2015 focuses on North Korea, which deserves special attention in light of its use of offensive cyberoperations. Feakin, et al. 2015 provides an overview of cybersecurity developments in twenty countries in the Asia-Pacific region. Lewis 2014 discusses cybersecurity from the perspective of the Gulf region, while Bronk and Tikk-Ringas 2013, an analysis of the cyberattack against the oil company Saudi Aramco, is included to shed light on the developing threat landscape and escalatory development in the early 21st century. Tabansky and Ben Israel 2015 offers a comprehensive analysis of cybersecurity in Israel. Meanwhile, a New York Times article about hackers in Argentina (Perlroth 2015) and a BBC article about the arrest of Chinese hackers in Kenya (BBC 2014) illustrate the global dimension of the cybersecurity ecosystem. Abdenur and Pereira da Silva Gama 2015 is included to provide a reference and analysis of Brazil’s diplomatic efforts to curb cyberespionage following the Snowden disclosures.

Laws, Norms, and Response Mechanisms in Cybersecurity

Whereas the debate around 2010 still focused on assessing whether cyberthreats are real or not, the growing number of cyberincidents from Stuxnet to the Great Cannon and the Bangladeshi Central Bank cyberheist has since given way to a more nuanced and detailed discussion of how to address the threats and how they relate to existing concepts and frameworks. Kanuck 2010 discusses how sovereignty and public international law apply to cyberspace, a topic that is also the focus of Demchak and Dombrowski 2011, which argues that states are increasingly imposing Westphalian notions of sovereignty to the Internet. Healey 2011 offers a spectrum for assessing state responsibility for cyberattacks, while Clemente 2013 evaluates what infrastructure should be considered critical. Skierka, et al. 2015 provides a general overview of response teams to computer security incidents, and the nascent global-assistance regime. Barrett 2013 illustrates the growing number of publications assessing the use of cyberoperations from an ethical perspective, with Arquilla and Ronfeldt 1993 being among the first studies advancing the argument that cyberwarfare could potentially lead to a less violent form of warfare. Hughes 2010 explores the feasibility of a new cybersecurity treaty, whereas Lin 2012 highlights the challenges of applying traditional arms controls to cyberspace.

  • Arquilla, John, and David Ronfeldt. “Cyberwar Is Coming!” Comparative Strategy 12.2 (1993): 141–165.

    DOI: 10.1080/01495939308402915Save Citation »Export Citation »E-mail Citation »

    One of the earliest if not the earliest publication arguing that cyberwarfare could potentially be a less cruel and bodily harmful way of warfare.

    Find this resource:

  • Barrett, Edward T. “Warfare in a New Domain: The Ethics of Military Cyber-operations.” Journal of Military Ethics 12.1 (2013): 4–17.

    DOI: 10.1080/15027570.2013.782633Save Citation »Export Citation »E-mail Citation »

    One of a growing number of contributions by scholars of philosophy and ethics to the discussion about rules of the road for cyberspace and potential restraints for the offensive use of the Internet for military purposes. The author discusses the ethical implications of offensive cyberoperations from a perspective of jus ad bellum and jus in bello.

    Find this resource:

  • Clemente, Dave. Cyber Security and Global Interdependence: What Is Critical? London: Chatham House, 2013.

    Save Citation »Export Citation »E-mail Citation »

    Evaluates critical infrastructures from the perspective of global interdependence. This report includes a set of recommendations based on the assessment that significant global interdependence exists among critical infrastructures with growing challenges.

    Find this resource:

  • Demchak, Chris C., and Peter Dombrowski. “Rise of a Cybered Westphalian Age.” Strategic Studies Quarterly 5.1 (2011): 32–61.

    Save Citation »Export Citation »E-mail Citation »

    Argue that states are taking steps to replicate borders and to impose Westphalian sovereignty onto cyberspace, viewing Stuxnet as a turning point. The authors encourage this process partly for practical reasons, to make harm through offensive cyberoperations more difficult.

    Find this resource:

  • Healey, Jason. “The Spectrum of National Responsibility for Cyberattacks.” Brown Journal of World Affairs 18.1 (2011): 57–69.

    Save Citation »Export Citation »E-mail Citation »

    This article discusses states’ use of nongovernmental actors as proxies and how they can be held responsible. It provides an outline of the various relationships, mapping it onto a spectrum of state responsibility.

    Find this resource:

  • Hughes, Rex. “A Treaty for Cyberspace.” International Affairs 86.2 (2010): 523–541.

    DOI: 10.1111/j.1468-2346.2010.00894.xSave Citation »Export Citation »E-mail Citation »

    Traces the evolution from “geekspace” to “battlespace” and discusses the feasibility and principles for a cybersecurity treaty.

    Find this resource:

  • Kanuck, Sean. “Sovereign Discourse on Cyber Conflict under International Law.” Texas Law Review 88.7 (2010): 1571–1597.

    Save Citation »Export Citation »E-mail Citation »

    This article, written by the US national intelligence officer for cyber issues, discusses sovereignty in the context of cyberspace, the application of public international law, and norms and strategic considerations.

    Find this resource:

  • Lin, Herbert S. “Arms Control in Cyberspace: Challenges and Opportunities.” World Politics Review (6 March 2012): 14–19.

    Save Citation »Export Citation »E-mail Citation »

    Highlights the challenges for an international cybersecurity agreement and the differences to traditional arms control. Discusses challenges around verification and enforcement as well as the role of transparency and confidence-building measures.

    Find this resource:

  • Skierka, Isabel, Robert Morgus, Mirko Hohmann, and Tim Maurer. CSIRT Basics for Policy-Makers: The History, Types & Culture of Computer Security Incident Response Teams. Berlin: Global Public Policy Institute, 2015.

    Save Citation »Export Citation »E-mail Citation »

    Provides a general overview into the history, evolution, roles, and functions of response teams to computer security incidents, as well as the global governance structure of these teams.

    Find this resource:

International Law and Cyberspace

The international community has been actively discussing the role and application of international law to cyberspace. Until 2013, there was active contestation by some states such as China of applying existing law, proposing to develop new law instead. Meanwhile, international lawyers have been studying how to interpret specific international-law provisions in their application to cyberspace, primarily focusing on jus ad bellum and jus in bello. Sharp 1999 provides an early analysis of how the law governing the use of force applies to cyberspace, as does Dörmann 2004, a discussion focusing on the Additional Protocols five years later. Hathaway, et al. 2012 provides an in-depth analysis of the law applying to cyberattacks. Similarly, Roscini 2014 focuses on how international humanitarian law can be applied to cyberoperations. The Tallinn Manual on the International Law Applicable to Cyber Warfare (Schmitt 2013), developed by Michael Schmitt and a group of international lawyers, is the most comprehensive analysis of how international humanitarian law applies to cyberspace. Harold Hongju Koh (Koh 2012), in his role as the legal adviser of the US Department of State, outlines the US government’s perspective on the application of international law. Lin 2011 pushes the envelope of how international law applies, by focusing on cyberincidents whose effects remain below the threshold of use of force and armed attack, which includes the vast majority of incidents to date. Similarly, Schmitt 2015 offers an in-depth assessment and argument in favor of applying the legal concept of due diligence to cyberspace.

  • Dörmann, Knut. Applicability of the Additional Protocols to Computer Network Attacks. International Committee of the Red Cross, 19 November 2004.

    Save Citation »Export Citation »E-mail Citation »

    Deputy head of the International Committee of the Red Cross’s legal division analyzes the application of international humanitarian law to computer network attacks, arguing that given Article 36, the Additional Protocols were likely intended to cover such new means of warfare, largely sharing Schmitt’s views outlined in the latter’s article in the same volume.

    Find this resource:

  • Hathaway, Oona A., Rebecca Crootof, Philip Levitz, et al. “The Law of Cyber-attack.” California Law Review 100.4 (2012): 817–885.

    Save Citation »Export Citation »E-mail Citation »

    Published a year prior to the release of the Tallinn Manual (Schmitt 2013), this article coauthored by Yale Law School professor Hathaway analyzes the application of international law to cyberattacks.

    Find this resource:

  • Koh, Harold Hongju. “International Law in Cyberspace.” Harvard International Law Journal Online 54 (2012): 1–12.

    Save Citation »Export Citation »E-mail Citation »

    Outlining his views in his role as legal adviser of the US Department of State while on leave from Yale Law School, Koh wrote this article as the footnoted version of a speech he gave at the US Cyber Command in September 2012.

    Find this resource:

  • Lin, Herbert. “Responding to Sub-threshold Cyber Intrusions: A Fertile Topic for Research and Discussion.” In Special Issue: International Engagement on Cyber: Establishing International Norms and Improved Cybersecurity. Georgetown Journal of International Affairs 11 (2011): 127–135.

    Save Citation »Export Citation »E-mail Citation »

    Focuses specifically on cyberintrusions below the threshold of use of force and armed attack, highlighting that while nearly all incidents to date fall into this category, scholars have spent significantly more attention discussing potential incidents above the threshold.

    Find this resource:

  • Roscini, Marco. Cyber Operations and the Use of Force in International Law. New York: Oxford University Press, 2014.

    DOI: 10.1093/acprof:oso/9780199655014.001.0001Save Citation »Export Citation »E-mail Citation »

    Consisting of five chapters, this book analyzes the application of international humanitarian law to cyberspace, with a chapter each on cyber operations in the context of jus ad bellum and jus in bello followed by chapters focusing on the conduct of hostilities and on the law of neutrality specifically.

    Find this resource:

  • Schmitt, Michael N., ed. Tallinn Manual on the International Law Applicable to Cyber Warfare. New York: Cambridge University Press, 2013.

    Save Citation »Export Citation »E-mail Citation »

    Detailing the consensus view of an independent group of twenty international-law experts and written under the auspices of NATO’s Cooperative Cyber Defence Centre of Excellence, the Tallinn Manual represents the most comprehensive analysis at the time of its publication of the application of international law relating to cyberwarfare and has since become an important reference document for this legal discussion.

    Find this resource:

  • Schmitt, Michael N. “In Defense of Due Diligence in Cyberspace.” Yale Law Journal Forum 125 (22 June 2015): 68–81.

    Save Citation »Export Citation »E-mail Citation »

    In-depth discussion of how the principle of due diligence in international law could apply to cyberspace, including its preventive dimension, exploring pros and cons of its application and ultimately arguing in favor of its application.

    Find this resource:

  • Sharp, Walter G., Sr. Cyberspace and the Use of Force. Falls Church, VA: Aegis Research, 1999.

    Save Citation »Export Citation »E-mail Citation »

    Comprehensive analysis by former deputy legal counsel to the chairman of the US Joint Chiefs of Staff on how existing international law applies to the use of force in cyberspace, arguing that existing international law applies and that potential further attempts to regulate such activities first require an understanding of the application of existing law and identification of potential gaps.

    Find this resource:

Norms and Cybersecurity

Complementing the consultations over the applicability of existing international law to cyberspace, much of the international community’s discussion for rules of the road for cyberspace has centered on the concept of norms. Finnemore 2011 discusses norms for cyberspace in the context of the broader related international relations (IR) literature, while Hollis 2011 is an example of a specific norm proposed for cyberspace, using an analogy to existing norms. Kavanagh, et al. 2014 describes the various international fora where the norms discussion is taking place, and Hurwitz 2015 and Farrell 2015 offer substantive input for which norms to apply and develop for cyberspace. The reports by the groups of governmental experts developed under the auspices of the UN (UN General Assembly 2013, UN General Assembly 2015) and the 2015 G20 communiqué (G20 Leaders’ Communiqué) outline the international community’s views, to date, on how international law and norms apply to cyberspace. Osula and Rõigas 2016 provides current expert perspectives on international cybersecurity norms.

  • Farrell, Henry. Promoting Norms for Cyberspace. New York: Council on Foreign Relations, 2015.

    Save Citation »Export Citation »E-mail Citation »

    Argues that the US government’s efforts to promote norms for cyberspace suffered a setback following the Edward Snowden disclosures in 2013, and therefore recommends reforming US intelligence activities, providing more evidence when shaming actors, and assigning a leadership role for other states and private actors in promoting such norms.

    Find this resource:

  • Finnemore, Martha. “Cultivating International Cyber Norms.” In America’s Cyber Future: Security and Prosperity in the Information Age. Edited by Kristin M. Lord and Travis Sharp, 89–101. Washington, DC: Center for a New American Security, 2011.

    Save Citation »Export Citation »E-mail Citation »

    Applies IR theory on norms to the political effort of developing international norms for cyberspace.

    Find this resource:

  • Group of 20. “G20 Leaders’ Communiqué: Antalya Summit, 15–16 November 2015.”

    Save Citation »Export Citation »E-mail Citation »

    First multilateral, head-of-state-level agreement that “no country should conduct or support ICT-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”

    Find this resource:

  • Hollis, Duncan B. “An e-SOS for Cyberspace.” Harvard International Law Journal 52.2 (2011): 374–432.

    Save Citation »Export Citation »E-mail Citation »

    Analyzes the applicability of international law to cyberspace and proposes to develop a norm similar to the SOS in the maritime domain for cyberspace.

    Find this resource:

  • Hurwitz, Roger, ed. A Call to Cyber Norms: Discussions at the Harvard–MIT–University of Toronto Cyber Norms Workshops, 2011 and 2012. Cambridge, MA: Belfer Center for Science and International Affairs, April 2015.

    Save Citation »Export Citation »E-mail Citation »

    On the basis of discussions at the MIT / Harvard University / University of Toronto cyber norms workshops in 2011 and 2012, this report discusses in eight chapters the evolution of the West’s cyber norms and alternative models, the applicability of international law, norms, technological foundations, and roles of various actors.

    Find this resource:

  • Kavanagh, Camino, Tim Maurer, and Eneken Tikk-Ringas. Baseline Review of ICT-Related Processes and Events: Implications for International and Regional Security (2011–2013). Cyber Policy Process Brief. Geneva, Switzerland: ICT4Peace Foundation, 2014.

    Save Citation »Export Citation »E-mail Citation »

    Provides comprehensive overview of international processes at regional and global levels from 2011 to 2013, focusing not just on cybersecurity but on other related information and communications technology (ICT) issues from a broader diplomatic lens.

    Find this resource:

  • Osula, Anna-Maria, and Henry Rõigas, eds. International Cyber Norms: Legal, Policy & Industry Perspectives. Tallinn, Estonia: NATO Cooperative Cyber Defence Centre of Excellence, 2016.

    Save Citation »Export Citation »E-mail Citation »

    This publication consists of eleven chapters discussing cyber norms from the perspectives of international law the and US Department of Defense Law of War Manual; the process at the UN; and confidence-building measures, in comparison to space, with regard to China; as well as from the perspective of the private sector.

    Find this resource:

  • UN General Assembly. “UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.” A/68/98 (24 June 2013).

    Save Citation »Export Citation »E-mail Citation »

    Following the first consensus report adopted by the preceding group of governmental experts under the auspices of the UN in 2010, this report is particularly noteworthy for its affirmation that existing international law and the UN Charter apply online as well as offline, after years of resistance by some states.

    Find this resource:

  • UN General Assembly. “Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.” A/70/174 (22 July 2015).

    Save Citation »Export Citation »E-mail Citation »

    Building on UN General Assembly 2013, this document is the first detailed report adopted by the group of governmental experts under the auspices of the UN, with specific details regarding the application of international law and outlining specific norms for cyberspace.

    Find this resource:

Confidence-Building Measures and Cybersecurity

Emulating the concept of confidence-building measures (CBMs) developed during the Cold War, states in the early 21st century have started to focus on enhancing transparency and cooperation in the context of cybersecurity to reduce misperceptions and mistrust. Lewis 2011 argues for this approach, and the UN Institute for Disarmament Research Cyber Index (UN Institute for Disarmament Research 2013) discusses CBMs in depth, including their history and application to cyberspace. Healey, et al. 2014 proposes to advance CBMs for collaboration, crisis management, restraint, and engagement by not only relying on states but including nongovernmental actors, too. The 2016 agreement of the Organization for Security and Co-operation in Europe (OSCE) member states provides the most comprehensive list of CBMs for cyberspace to date, building on the initial agreement in 2013 (Organization for Security and Co-operation in Europe 2016).

Deterrence and Cyberspace

Much of the strategic literature developed after World War II focused on the concept of deterrence. Comprehensive frameworks of deterrence were soon adapted specifically for the context of the Cold War and nuclear deterrence. Nye 2011 compares nuclear deterrence to deterrence in cyberspace, providing a nuanced assessment of its limitations and insights. Libicki 2009 offers an in-depth analysis of how to apply deterrence for cyberspace, while Goodman 2010 discusses a series of cyberincidents from the perspective of deterrence failures. Denning 2015 argues that cyberspace is not that different from other domains and that deterrence ought to be discussed not in the context of cyberspace writ large but with respect to specific cyberweapons. A central theme of the scholarship on deterrence and cyberspace focuses on attribution, with Lupovici 2016 applying constructivist theory to the attribution problem and Rid and Buchanan 2015 providing a comprehensive review of the literature and synthesizing it in a new model. Stevens 2012 explores deterrence in relationship to norms, and Tang, et al. 2010 provides perspectives on deterrence from China, Russia, India, Norway, and the United States.

  • Denning, Dorothy E. “Rethinking the Cyber Domain and Deterrence.” Joint Forces Quarterly 77.2 (2015): 8–15.

    Save Citation »Export Citation »E-mail Citation »

    Argues that other domains of warfare except land are as much man-made as cyberspace and that cyberspace has many similarities to other domains, including significant constraints vis-à-vis its malleability. Moreover, the author suggests discussing deterrence in the context of specific cyberweapons rather than the domain as a whole.

    Find this resource:

  • Goodman, Will. “Cyber Deterrence: Tougher in Theory Than in Practice?” Strategic Studies Quarterly 4.3 (2010): 102–135.

    Save Citation »Export Citation »E-mail Citation »

    Uses the distributed-denial-of-service attack against Estonia in 2007 and the conflict in Georgia in 2008 in addition to three espionage incidents as case studies for deterrence failures and discussing the implications for broader deterrence theory.

    Find this resource:

  • Libicki, Martin C. Cyberdeterrence and Cyberwar. Santa Monica, CA: RAND, 2009.

    Save Citation »Export Citation »E-mail Citation »

    In-depth analysis of deterrence in the context of cyberspace, discussing asymmetric advantages and incentives for states to use offensive cyberoperations. Includes sections on strategic cyberwar and operational cyberwar, and a discussion of why intent of the attacker matters.

    Find this resource:

  • Lupovici, Amir. “The ‘Attribution Problem’ and the Social Construction of ‘Violence’: Taking Cyber Deterrence Literature a Step Forward.” International Studies Perspectives (2 February 2016).

    Save Citation »Export Citation »E-mail Citation »

    Applies constructivist theory to discuss the attribution problem and deterrence in the context of cybersecurity. The author uses Stuxnet as a case study to examine social factors and the social construction of violence influencing actors’ behavior.

    Find this resource:

  • Nye, Joseph S., Jr. “Nuclear Lessons for Cyber Security?” Strategic Studies Quarterly 5.4 (2011): 18–38.

    Save Citation »Export Citation »E-mail Citation »

    Key article on the evolving debate about analogies between nuclear threats and cyberthreats and concomitant deterrence and strategies. Argues that despite numerous differences, comparing the initial uncertainty about nuclear threats, strategies, and cooperation in the Cold War helps put into perspective current challenges in designing cybersecurity policies.

    Find this resource:

  • Rid, Thomas, and Ben Buchanan. “Attributing Cyber Attacks.” Journal of Strategic Studies 38.1–2 (2015): 4–37.

    DOI: 10.1080/01402390.2014.977382Save Citation »Export Citation »E-mail Citation »

    Reviews state of the art of the literature on the attribution problem in cyberspace, concluding that attribution is not as difficult as it was perceived to be and offering a model to guide the process to determine attribution.

    Find this resource:

  • Stevens, Tim. “A Cyberwar of Ideas? Deterrence and Norms in Cyberspace.” Contemporary Security Policy 33.1 (2012): 148–170.

    DOI: 10.1080/13523260.2012.659597Save Citation »Export Citation »E-mail Citation »

    Analyzes deterrence in cyberspace by reviewing the evolution of US cyberdeterrence theory, discussing the relationship between deterrence and norms, and studying the US approach and the role of deterrence and norms, as well as other norm entrepreneurs (namely, Russia).

    Find this resource:

  • Tang, Lan, Xin Zhang, Harry D. Raduege Jr., Dmitry I. Grigoriev, Pavan Duggal, and Stein Schjølberg. Global Cyber Deterrence: Views from China, the U.S., Russia, India, and Norway. Edited by Andrew Nagorski. New York: EastWest Institute, April 2010.

    Save Citation »Export Citation »E-mail Citation »

    A collection of five articles whose authors offer perspectives on cyberdeterrence from their respective countries.

    Find this resource:

International Institutions

Governments have engaged in regional and global institutions to enhance cooperation on reducing cybersecurity threats. Nye 2014 analyzes the evolution of a cybergovernance regime complex through the lens of regime theory. Choucri, et al. 2014 adopts institutional theory to depict the institutional landscape of national and international responses to cybersecurity threats more specifically. The authors find that the level and scope of organization and cooperation is steadily increasing, but they argue that the cybersecurity “institutional ecosystem” as a whole is still under construction and that its multiple components are often disconnected. An early and comprehensive analysis of international institutional responses to cyberthreats is provided in Portnoy and Goodman 2009. These overviews reveal that the evolving cybersecurity regime complex consists not only of regional and international governmental organizations and groupings, but also of nonprofit and for-profit international nongovernmental organizations. In addition to these analyses, the NATO Cooperative Cyber Defence Centre of Excellence maintains an interactive database (INCYDER) that provides a periodically updated overview of the multiple multilateral organizations active in cybersecurity, as well as access to the relevant legal and policy documents these organizations adopted.

  • Choucri, Nazli, Stuart Madnick, and Jeremy Ferwerda. “Institutions for Cyber Security: International Responses and Global Imperatives.” Information Technology for Development 20.2 (2014): 96–121.

    DOI: 10.1080/02681102.2013.836699Save Citation »Export Citation »E-mail Citation »

    Provides an empirical catalogue of national and international institutions responding to cyberthreats and cybercrime, selected via criteria defined by institutional theory, arguing that the institutional architecture has significantly developed but is still evolving as it needs to design new pertinent mechanisms.

    Find this resource:

  • INCYDER. NATO Cooperative Cyber Defence Centre of Excellence.

    Save Citation »Export Citation »E-mail Citation »

    INCYDER is the acronym for International Cyber Development Review. Catalogues the major regional and international organizations, outlines the evolution of their activities and the main bodies in the cybersecurity area, and provides regularly updated access to the key documents.

    Find this resource:

  • Nye, Joseph S., Jr. The Regime Complex for Managing Global Cyber Activities. Global Commission on Internet Governance 1. Waterloo, ON: CIGI, 2014.

    Save Citation »Export Citation »E-mail Citation »

    Takes the perspective of regime theory to map cybergovernance activities more broadly and finds that while there is no single regime for the governance of cyberspace, a regime complex—a loosely coupled set of institutions and norms—has emerged. It finds the issue of cyberwar to be highly state controlled and to involve many actors that contest the existing norms.

    Find this resource:

  • Portnoy, Michael, and Seymour Goodman, eds. Global Initiatives to Secure Cyberspace: An Emerging Landscape. Advances in Information Security 42. New York: Springer, 2009.

    Save Citation »Export Citation »E-mail Citation »

    Early and comprehensive mapping of evolving cybersecurity institutions across regions worldwide, also including a brief and concise history of international responses to cyberthreats.

    Find this resource:

Global Institutions and Cybersecurity

International institutions operating at the global level have been focusing on cybersecurity particularly since the late 1990s. The Group of Eight (G8), an intergovernmental grouping of eight nations representing the majority of the world’s economy at the time, established the G8 24/7 High Tech Contact Points network in 1997 to facilitate communication between governments and help them share information on evolving threats. Almost two decades later, the heads of member states of an enlarged grouping representing the world’s leading economies, the G20, issued a statement outlining a norm against theft by states that is information and communications technology (ICT) enabled (G20 Leaders’ Communiqué, cited under Norms and Cybersecurity). Among the treaty-based, decision-making global international organizations, the UN has been the most active in discussing cybersecurity. Maurer 2011 traces the complex involvement of multiple UN bodies in cybersecurity, including the First Committee of the UN General Assembly to the International Telecommunications Union (ITU) as a specialized agency and their roles in the discussion on international norms. Importantly, the UN established the group of governmental experts (GGE), which first convened in 2004 and since then has produced influential reports detailing states’ perspectives on international norms for cybersecurity. UN General Assembly 2013 (cited under Norms and Cybersecurity) contains the group’s second consensus report, including the agreement that existing international law applies online as well as offline. The provisions in UN General Assembly 2013 are further consolidated and specified by a successor report (UN General Assembly 2015, cited under Norms and Cybersecurity), which also details a list of voluntary norms. Meanwhile, the Organisation for Economic Co-operation and Development (OECD) issued a new set of guidelines in 2015, replacing those of 2002 and highlighting the importance of digital security for economic stability (Organisation for Economic Co-operation and Development 2015).

  • G8 24/7 High Tech Contact Points. Cyber Security Cooperation.

    Save Citation »Export Citation »E-mail Citation »

    A governmental informal network created by the G8 in cooperation with the International Criminal Police Organization (INTERPOL) in 1997 to facilitate around-the-clock communication between the attending governments’ law enforcement agencies.

    Find this resource:

  • Maurer, Tim. Cyber Norm Emergence at the United Nations: An Analysis of the Activities at the UN Regarding Cyber-security. Discussion Paper 2011-11. Cambridge, MA: Harvard Kennedy School, 2011.

    Save Citation »Export Citation »E-mail Citation »

    Among the first comprehensive studies of the UN’s activities relating to cybersecurity, conceptualizing two strands of discussion—politico-military and economic—and applying the international relations (IR) literature on norms in the analysis of the activities across UN bodies.

    Find this resource:

  • Organisation for Economic Co-operation and Development. Digital Security Risk Management for Economic and Social Prosperity. OECD Recommendation and Companion Document. Paris: Organisation for Economic Co-operation and Development, 2015.

    Save Citation »Export Citation »E-mail Citation »

    The latest of a number of influential guidelines by the OECD Working Party for Security and Privacy in the Digital Economy, which also maintains a useful archive on the institution’s instruments, reports, and events.

    Find this resource:

  • UN Institute for Disarmament Research. Preliminary Assessment of National Doctrine and Organization. Geneva, Switzerland: UN, 2011.

    Save Citation »Export Citation »E-mail Citation »

    Provides a comprehensive overview of the UN member states’ cybersecurity doctrines and policies, including highlighting states’ efforts to develop military and offensive cybercapabilities.

    Find this resource:

Regional Institutions and Cybersecurity

Regional institutions have become increasingly active in discussing the security of increasingly connected regional information infrastructures, combating cybercrime, and projecting regional positions globally. The North Atlantic Treaty Organization (NATO), in response to the distributed-denial-of-service attack against its member state Estonia in 2007, established the Cooperative Cyber Defence Centre of Excellence and subsequently declared that cyberattacks might lead to the activation of collective defense (NATO 2014). Fidler, et al. 2013 elaborates on this development. In the Asia-Pacific, the Association of Southeast Asian Nations (ASEAN) and the ASEAN Regional Forum, the Asia-Pacific Economic Cooperation forum, and the Shanghai Cooperation Organization (SCO) all have started cybersecurity initiatives to enhance intra- and cross-regional cooperation. Among these, the latter has been among the most prominent in the global debate on cybersecurity norms. Following an agreement to enhance cooperation on cybersecurity regionally (Shanghai Cooperation Organization 2009), SCO members subsequently submitted drafts for an international code of conduct for information security to the UN General Assembly in 2011 and 2015, reviewed in detail in McKune 2015. The Organization of American States (OAS) adopted an integral strategy to improve its member states’ cybersecurity policies and enhance regional cooperation already in 2004 (Organization of American States 2004), whose effectiveness is evaluated in a collaborative report with the Inter-American Development Bank (Organization of American States and Inter-American Development Bank 2016). The African Union (AU) also acknowledged the increasing cybersecurity risks in its member states and adopted a convention on cybersecurity in 2014 (African Union 2014). The European Union (EU) published a cyber security strategy (European Union 2013), the first comprehensive document outlining the institution’s vision and responsibilities of national and EU-level entities across the three pillars of information-and-network security, law enforcement, and defense. Importantly, it underlines that the member states remain primarily responsible for security cyberspace, and declares that member states could invoke the EU Solidarity Clause in case of a particularly severe cyberattack. Christou 2016 describes the negotiations that led to the strategy and explores future prospects. The Council of Europe has adopted the first international treaty on cybercrime (Council of Europe 2001).

back to top

Article

Up

Down