These are the lecture notes from the slides and presentation of the lecturer of the 3 lectures that are relevant for the exam
I did not summarize the articles
I hope it helps everyone that was not able to attend the lectures
Espionage and War in Cyberspace
Meeting 7 - Cyber Conflict
Does the concept of cyber war help us understand what is going on in cyberspace?
If what we are seeing is not cyber war, then what is it?
What is war?
Carl von Clausewitz in On War
- War is continuation of politics by others means
- War is:
- Intrinsically violent
- Instrumental
- Fought by states
Small and Singer in Resort to Arms: International and Civil War
- War must be defined in terms of violence
→ Taking human life is the primary and dominant characteristic of war
→ War is sustained combat, involving organised armed forces, resulting in a
minimum of 1000 battle-related fatalities in a 12-month period
What do states compete over?
- The sources of national power, that could be material or non-material (Waltz, 1979)
- Sources of state power existed primarily in the physical control of the land, sea, air
↓
Until cyberspace existed
What is cyberspace?
Cyberspace = Domain characterised by the use of electronics and the electromagnetic
spectrum to store, modify and exchange data via networked systems and associated
physical infrastructures (US DoD)
Cyberspace = A global domain within the information environment consisting of the
interdependent network of information systems infrastructures including the Internet,
telecommunications networks, computer systems and embedded processors and controllers
(National Institute of Standards and Technology)
Cyberspace = The interdependent network of information and communications technology
infrastructures that includes the internet
→ How we interface with this network of networks is creating an evolving behavioural space
that is initiating social, economic and political dynamics
→ While much of this behaviour is benign and positive, there is a growing negative, even
malignant, use. Thus considerations of cybersecurity are becoming more prominent
Threat actors and vectors multiply across the same interconnected space
,→ Diversity of actors: Nation-states both for conflict and for intelligence-gathering,
business-corporate spying, organised crime, terrorists, hacktivists, black-hat hackers,
patriotic hackers, researchers and experts, individuals
New seam in international politics:
- Traditionally:
- Land, air, sea, space
- Need to move armies across borders, defeat the enemy, achieve political
objectives
- Clear distinction between the state of peace and the state of war
- Now:
- Cyberwar
- Grayzone: The space between war and peace is not an empty oe but a
landscape churning with political, economic and security competitions that
require constant attention (Schadlow, 2014)
What is cyber war?
Cyber war = War conducted in and from computers and the networks connecting them,
waged by states or their proxies against other states (Encyclopedia Britannica)
Because cyberweapons are not overtly violent, their use is unlikely to fit the traditional
criterion of interstate war: rather, the new capability is expanding the range of possible harm
and outcomes between the concepts of war and peace (Kello, The Meaning of the Cyber
Revolution)
Challenges of the digital domain
Cyberspace is a domain of persistent threat where achieving security an everyday challenge
Cyberspace possess distinct characteristics that make it insecure
- Cyberspace is a human construction
→ Highly malleable
- Underlying cyber infrastructure is always changing
- It can be manipulated, adapted and abused
- Cyberspace spans the physical and digital words
- Hardware (computers, servers, cables) exist in the ‘real world’, bu taction
occur online
- No international agreement on territoriality
- Fairly low cost of entry
- Attribution is challenging and time consuming
- Cyberspace is interconnected (cannot easily be segmented)
- The ‘frontline’ is everywhere
- There is no ‘safe’ zone in cybersecurity
- Everywhere that you operate can be attacked
- Vector for attack may even be outside of your control
- Allies are also potential vulnerabilities if your adversary can
compromise their networks
- States can also be compromised by vulnerabilities in their
supply chains
, - No distinction between civilians and combatants
→ Critical infrastructure, private companies, and individuals can all be
targeted by foreign actors
Endemic vulnerability
- Modern operating systems and applications are extremely complex programs
→ Certain flaws in the program, called exploits, can be used by hackers as entry
points
- Zero Day attacks
→ Zero Day = Vulnerability in a piece of software that is unknown by the software
developers
- Delayed Patching and Updating
→ Even when an exploit is known patches need to be created and computers need
to be updated
→ Installing updates are often delayed allowing known exploits to be continually used
How do states use cyberspace to compete in the international
system?
CNE = Computer Network Exploitation
→ Enabling operations and intelligence collection capabilities conducted through the use of
computer networks to gather data from target or adversary information systems or networks
CNA = Computer Network Attack
→ Operations to disrupt, deny, degrade or destroy information resident in computers and
computer networks, or the computers and networks themselves
Offensive cyber capabilities
Objectives:
- Deny = To prevent the adversary from accessing and using critical information,
systems and services
→ To degrade, disrupt, destroy access to a target by a specific level for a specified
time
- Destroy = To damage a system/entity so badly that it cannot perform any function or
be restored to a useable condition without being entirely rebuilt
- Disrupt = To break/interrupt the flow of information. To completely but temporarily
deny access to, or operation of, a target for a period of time
- Degrade = To deny access to, or operation of, a target to a level represented as a
percentage of capacity
- Deceive = Mislead adversary decision makers by manipulating their perception of
reality
→ To control or change adversary’s information, information systems, and/or
networks in a desired manner
To make the differences between these objectives more clear, I found this article which
elaborates on these 5Ds. It also gives an clear illustration:
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller studentCSM99. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.37. You're not tied to anything after your purchase.
