International Peace and Security

Vladimir RadunovićDirector, Cybersecurity and E-diplomacy

DiploFoundation @vradunovic

20 March 2015

WEBINAR

Contents

Cyber-armament: weapons and militarisation

Cyber-conflicts: cyberwar - hype or reality?

Conflict prevention: CBMs and norms, cooperation, IHL

Diplomacy: ongoing fora, actors and challenges

Cyber-armament

Weapons and tools

Malware (viruses, trojans, worms)

Bot-nets (DDoS, spam, infection, frauds)

Social engineering (phishing, scams)

Software flaws Protocol flaws

Mind flaws

Asymmetry

Speed

Policies and Law

Technology and services

MalwareCyber-attackers

Provided by Ed Gelbstein

CasesEstonia

Creeper Stuxnet „Aurora“

Sony-N.Korea

PRISM

Militarisation

Cyber as 5th battlefield domain:US: 4x Cyber-Command with PentagonUK: Cyber Defence Operations Group at the Ministry of DefenceRussia: FSB (Federal Security Service)China: Cyber-warfare unit within PLAIran: High council for cyber-space and cyber-defence commandNATO: CCDCoEEU: European Defence Agency (EDA) ...

Cyber-conflicts

Future in the past

Cyber-warfare v3.0

Cyber-war?

Conflict prevention

Negotiations

Legal frameworks and cooperation against cyber-crime Confidence building measures (CBM), cooperation on critical

infrastructure protection and response to cyber-incidents Defining cyber-conflicts and application of IHL to cyber-space Setting the norms of behavior in cyber-space Control of proliferation of cyber-weapons and dual-use

technologies Cyber-disarmament

CBMs Share views on emerging threats views on emerging threats Discuss terminologyterminology Set up nationalnational legal and operational frameworks legal and operational frameworks Cooperate among national bodies among national bodies to share information on threats Consult to avoid misperceptionavoid misperception, tension and conflicts Cooperate to protectprotect critical infrastructurecritical infrastructure Share measures taken to protect open and secure Internetprotect open and secure Internet Encourage capacity buildingcapacity building

Strengthen multistakeholder approach multistakeholder approach and PPP Enhance capacities on regional and sub-regional capacities on regional and sub-regional levels ...

IHL Challenges

Necessity: Defining armed attack and use of force in cyber-space? Response to cyber-attacks?

Distinction: Dual-use technology? Global (nus-)effects? Proportionality: Assessment of effects of cyber-attacks? Attribution: Proxies? Liability of intermediaries?

Diplomacy

International initiatives

UN: Group of Governmental Experts (GGE) on “International norms pertaining to state use of ICT” (2011-)

OSCE: Confidence Building Measures re. risks from ICT (2013)

NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE): “Tallin Manual” (2013)

OECD: Guidelines on Information Security

G8: Subgroup on High-Tech Crime on crime, terrorism and CIIP

ITU: Global Cybersecurity Agenda (2008)

WSIS, IGF, GCCS, ASEAN...

Bilateral agreements

Collective responsibility

Challenges

Challenges

Challenges

Provided by Ed Gelbstein

Chain effect

Human rights and cybersecurity

Questions

Thank you for your timewww.diplomacy.edu @igcbp @DiplomacyEdu @vradunovic