Categories
Cyber

Bundestag Hack Redux: More Smoke Than Mirrors

This article was originally published by the Council on Foreign Relations on 8 June 2020.

In early May, it was reported that Germany’s federal prosecutor issued an arrest warrant for Dmitriy Badin, the Russian hacker behind the 2015 cyberattacks targeting the Bundestag. Despite this, it is unclear what steps the German government has taken to pursue Badin internationally and how Germany and the United States will manage their separate efforts to arrest him.

Categories
Cyber

Wrong Turn or Right Lane? Defending Forward against Cybercriminals Abroad

Image courtesy of TheDigitalArtist/Pixabay.

This article was originally published by RealClearDefense on 9 May 2020.

On April 7, the Australian Minister of Defense acknowledged – for the first time ever – that the Australian Signals Directorate (ASD) used its offensive cyber capabilities to disrupt foreign cybercriminal infrastructure responsible for malicious cyber activities exploiting the COVID-19 pandemic.1 While details on the operation are sparse, what we do know is that ASD “stopped the criminals from accessing their own systems and prevented them from accessing information they stole.”2 What we do not know is the how, the where, the when, and what exactly triggered ASD into action.

Categories
Cyber

Cyber Terrorism: Why It Exists, Why It Doesn’t, and Why It Will

Image courtesy of Markus Spiske/Unsplash.

This article was originally published by the Elcano Royal Institute on 17 April 2020.

Theme

While the discussion on cyber terrorism research and related government policies have hit a wall in recent years, adversarial tactics to create terror in and through cyberspace are only at their beginning.

Categories
Technology Internet

The UN GGE is Dead: Time to Fall Forward

Image courtesy of lost placees/Flickr. (CC BY 2.0)

This article was originally published by the European Council on Foreign Relations (ECFR).

The top down UN GGE process appears dead in the water. International norms and laws for responding to cyber attacks must now be built from the bottom up.

Rules must be binding, violations must be punished, and words must mean something. The UN GGE failed on all three accounts.

In 2004, the United Nations established a Group of Governmental Experts with the aim of strengthening the security of global information and telecommunications systems (UN GGE). To date the UN GGE has held five sessions, which are widely credited for successfully outlining the global cybersecurity agenda and introducing the applicability of international law to state behaviour in cyberspace.

However, during the UN GGE’s fifth session in June 2017, fundamental disagreements emerged between the Group’s 25 members, particularly on the right to self-defence and the applicability of international humanitarian law to cyber conflicts. In the end, the fifth and possibly last session concluded without the release of a consensus report. With no plans to pick up the pieces, the question now is, where do we go from here?