Cyberthreats and the Decline of the Nation-State
eBook - ePub

Cyberthreats and the Decline of the Nation-State

  1. 176 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Cyberthreats and the Decline of the Nation-State

About this book

This book explores the extraordinary difficulties a nation-state's law enforcement and military face in attempting to prevent cyber-attacks. In the wake of recent assaults including the denial of service attack on Estonia in 2007 and the widespread use of the Zeus Trojan Horse software, Susan W. Brenner explores how traditional categories and procedures inherent in law enforcement and military agencies can obstruct efforts to respond to cyberthreats. Brenner argues that the use of a territorially-based system of sovereignty to combat cyberthreats is ineffective, as cyberspace erodes the import of territory. This problem is compounded by the nature of cybercrime as a continually evolving phenomenon driven by rapid and complex technological change.

Following an evaluation of the efficacy of the nation-state, the book goes on to explore how individuals and corporations could be integrated into a more decentralized, distributed system of cyberthreat control. Looking at initiatives in Estonia and Sweden which have attempted to incorporate civilians into their cyber-response efforts, Brenner suggests that civilian involvement may mediate the rigid hierarchies that exist among formal agencies and increase the flexibility of any response. This book will be of great interest to students and researchers of information technological law and security studies.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Cyberthreats and the Decline of the Nation-State by Susan W. Brenner in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Routledge
Year
2014
Print ISBN
9781138204492
eBook ISBN
9781134443895
Edition
1
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

1 Cyberchaos: law and disorder in cyberspace

DOI: 10.4324/9780203709207-1
The cyberworld is so new that the old structures, you know – state, non-state, public, private – they all break down.1
1 Michael Joseph Gross, Enter the Cyber-Dragon, Vanity Fair (September 2011), http://www.vanityfair.com/culture/features/2011/09/chinese-hacking-201109 (quoting Michael Hayden, former Director of the National Security Agency and the Central Intelligence Agency).
My goal in writing this book to call attention to a shift in the balance between order and disorder – between what some might style as good and evil – that began toward the end of the last century and has been accelerating ever since. As I explain in this chapter and in those that follow, the shift – which advantages the forces of disorder – is the product of technological developments that, quite adventitiously, combine to erode the efficacy of the laws and institutions modern nation-states use to control activity that threatens their existence and prosperity.
As we will see, the shift began in the 1990s, when those who were so inclined realized they could use cyberspace to commit certain types of crime and, in so doing, make it difficult or even impossible for law enforcement to apprehend them and thereby end (or suspend) their criminal careers. I began studying cybercrime in 1997, and soon taught my first seminar in cybercrime law. I became immersed in the topic and, before long, was devoting most of my time to speaking about, writing about and consulting on cybercrime and the legal issues it raises. After all these years, I still find it fascinating because, unlike more traditional crime, cybercrime is inclined to resist routine, i.e., to manifest itself in new and different ways. Cybercrime resists routine because it is driven by technology the speed and complexity of which evolve at an accelerating pace and by the illicit ingenuity of clever, and often greedy, perpetrators. As a result, cybercrime has been, and continues to be, an evolving criminal phenomenon.
As we will see in Chapters 2 and 3, it also differs from traditional crime in one particularly notable respect: Crime has always been local. If I am to steal your wallet and/or assault you, we must be physically proximate, i.e., must simultaneously occupy the same physical “space.” This is not true of cybercrime: 2 Cyberspace gives me the ability to victimize you remotely. I can steal from you, defraud you, attack your computer and/or wreak havoc on your privacy and personal life without being in the same “space” as you. I can invade your bank account and transfer your funds to an account I control from halfway around the world, which, as we will see in Chapter 4, makes it exceedingly difficult for law enforcement to find, apprehend, prosecute and punish me for my theft.
2 See Chapters 2 and 3, infra.
Because nation-states rely on the threat of being apprehended and punished to deter people from committing crimes, this aspect of cybercrime has had, continues to have and will continue to have an erosive effect on “law-abiding” states’ ability to protect their citizens from online crime.3 As we will see in Chapters 2 and 4, this effect is exacerbated by the fact that certain nation-states have emerged as de facto cybercrime havens,4 just as certain places were once havens for seagoing pirates.5 Some predict that it will only be further exacerbated as new cybercrime havens emerge.6
3 I use the phrase “law abiding” to distinguish states that neither host nor tolerate cybercrime from the “haven” states that do both. See infra note 4 and accompanying text. 4 See, e.g., Yuriy Onyshkiv, Ukraine Thrives as Cybercrime Haven, Kyiv Post (March 8, 2012), http://www.kyivpost.com/content/ukraine/ukraine-thrives-as-cybercrime-haven-123965.html. See also Chapter 4, infra. 5 See, e.g., Lieutenant Commander Matthew M. Frick, Feral Cities – Pirate Havens, 134 Proceedings Magazine 12 (December 2008), http://www.usni.org/magazines/proceedings/2008-12/feral-cities-pirate-havens. 6 See, e.g., Fahmida Y. Rashid, Africa as Safe Havens for Cyber-Criminals, Security Watch (January 12, 2013), http://securitywatch.pcmag.com/none/306957-africa-as-safe-havensfor-cyber-criminals.
Unfortunately, the fact that criminals operating from within one state can use cyberspace to victimize the citizens of another state with relative impunity is not the only phenomenon that is eroding nation-states’ ability to protect their citizens and preserve social order. For some years, cybercrime was the sole threat the commission of which was being vectored through cyberspace, but that began to change in the early part of the twenty-first century. A new online threat emerged which, in retrospect, should not have been all that surprising.
When I refer to “threats” to citizens and social order, I am referring to the three threat categories with which governments have historically dealt, i.e., crime, terrorism and war.7 As I explain in Chapter 2, every human social system has to maintain a baseline of “order” if it is to survive and prosper. And, as I also explain in Chapter 2, modern societies divide the activities that can threaten their ability to maintain order into these three categories.8
7 For more on these threat categories, see Chapter 3. 8 Chapter 2 defines each of these terms.
It is not surprising that crime was the first threat to manifest itself in cyberspace because it is the most common of the three and because cyberspace not only makes it easy for criminals to avoid apprehension and prosecution, it also gives them access to a pool of affluent, often naĂŻve, victims who would otherwise be beyond their reach.9 And in cyberspace, as elsewhere, crime is primarily about profit and opportunities for profit abound online.
That leaves terrorism and war. For a time, primarily in the aftermath of the 9/11 attacks, many believed cyberterrorism – the use of cyberspace to carry out terrorist acts – would emerge as a new and serious threat to states’ ability to protect their citizens and maintain social order. So far, that has not happened: We have, as I note in Chapter 2, only one documented case of what can at least arguably be characterized as cyberterrorism. This may seem odd, given the advantages cyberspace seems to offer terrorists,10 but I believe it is a predictable (and temporary) state of affairs, a product of the ethos to which contemporary terrorists subscribe.
9 For more on these threats, see Chapter 3. 10 For more on this, see Chapters 2 and 3.
I believe the present generation of terrorists – many of whom are followers of and/or influenced by Al Qaeda – subscribe to what I call the “theater of blood” approach to terrorism, i.e., they rely on carnage and property destruction to demoralize people in an effort to undermine their faith in their government’s ability to protect them and maintain order.11 If I am correct in that assessment, it means that we will eventually see the rise of true cyberterrorism, which will rely on the use of computer technology to undermine our faith in our government’s ability to keep us safe and keep the systems on which we rely for our survival operating. We will return to this issue in Chapters 2 and 3.
11 As I explain elsewhere:
death, injury and destruction become at once an object lesson and a threat. They are … an object lesson in the government’s inability to keep its populace safe, and … a concomitant threat of more death and destruction to come. As one author noted, the violence ‘is intended to produce effects beyond any immediate physical damage.’
Susan W. Brenner, Cyberthreats: The Emerging Fault Lines of the Nation-State 41–42 (New York: Oxford University Press 2009) (quoting Steven Livingston, The Terrorism Spectacle 3 (Boulder, CO, Westview Press, 1994)). For more on this, see Chapter 2.
And that, finally, leaves war. While the term “cyberwar” is often bandied about by reporters and commentators,12 we apparently have yet to see an event that qualifies as an act of cyberwar. As we will see in Chapters 2 and 3, “war” refers to an armed conflict between nation-states, and the law of war “emphasizes death or physical injury to people and destruction of physical property as criteria for the definitions of ‘use of force’ and ‘armed attack’.”13 World War II is an obvious example of warfare because it involved the use of physical, or kinetic, force, e.g., guns and bombs.
12 See, e.g., Amid Cyberwar, U.S. Turns to Private Firms, Japan Times (February 23, 2013), http://www.japantimes.co.jp/news/2013/02/23/business/amid-cyberwar-u-s-turnsto-private-firms/#.USfc8-usYSg; Steven P. Bucci, China’s Cyberwar Targets U.S. Biz, Boston Herald (February 22, 2013), http://bostonherald.com/news_opinion/opinion/op_ed/2013/02/china_s_cyberwar_targets_us_biz. 13 Committee on Offensive Information Warfare, National Research Council, Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities 253 (Washington, DC: National Academies Press 2009).
As I write this in 2013, cyber-attacks do not qualify as “armed attacks” under the law of war because they do not involve the use of kinetic force.14 This means that if Nation-State A has its military hackers use cyberspace to attack Nation-State B, the attack cannot constitute “war” and must therefore either constitute another type of threat (crime or terrorism) or not constitute any legally cognizable threat.15
14 See, e.g., Cassandra M. Kirsch, Science Fiction No More: Cyber Warfare and the United States, 40 Denver Journal of International Law and Policy 620, 622–626 (2012). See also Committee on Offensive Information Warfare, National Research Council, Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyber-attack Capabilities, supra note 13. For more on this, see Chapters 2–4. 15 See infra Chapters 2–4.
Such an attack – or, more properly, such a series of attacks – came to light in 2013, when a security firm revealed that Chinese “cyberwarriors” – People’s Liberation Army Unit 61398 – had for years been hacking into the networks of American companies and stealing data containing “technology blueprints, manufacturing processes, clinical trial results, pricing documents, negotiation strategies...

Table of contents

  1. Cover Page
  2. Half Title Page
  3. Title Page
  4. Copyright Page
  5. Table of Contents
  6. 1 Cyberchaos: law and disorder in cyberspace
  7. 2 Threat morphing in cyberspace
  8. 3 Threats and the evolution of threat control strategies
  9. 4 Cyberspace and eroding threat control
  10. 5 Proposed – and possible – solutions
  11. 6 Lessons from history
  12. 7 Distributed security
  13. 8 Medieval cyberspace?
  14. Index