Possible International Workshops On Critical Cyber Policy Issues

1
Possible International WorkshopsOn Critical
Cyber Policy Issues

• John C. Mallery (jcma_at_mit.edu)
• Computer Science Artificial Intelligence
  Laboratory
• Massachusetts Institute of Technology

Presentation at the Fourth International Forum
Partnership between State Authorities, Civil
Society, and Business Community in Ensuring
Information Security and Combating Terrorism
Garmisch-Partenkirchen, Germany, April 12-15,
2010 .
Version 12/9/2020 113412 PM
2
Contents

• Background
• Proposed Approach
• Principles
• Workshop Topics
• Cyber Definitions
• Cyber Crime
• Cyber Terrorism
• Escalatory Models
• Civilian Infrastructures
• Industrial Espionage
• Technical Cooperation
• Codes of Conduct
• Cyber Law
• Protection of the Commons
• Building Confidence Through A Sequence Of Cyber
  Workshops
• Russian Reaction
• Mallery Assessment
• Conclusions

3
Background

• Discussions during 2009 with Alexey Salnikov
  (LMSU) and Chuck Barry (NDU) about possible
  workshop topics addressing
• Key aspects of cyber policy
• Building mutual understanding
• Reducing risk of accidental conflict escalation
• Promoting orderly international cyber relations
• Mallery was asked to generate a set of possible
  workshop topics for international dialogues
• The list builds from an earlier set Russian
  topics and adds more

4
Proposed Approach

• Assumptions
• Ubiquitous low-cost computing and networking is
  increasingly woven into the fabric of social,
  economic and political systems
• These historic cyber-cognitive transformations
  pose significant learning challenges for
  inter-state systems
• Governments are constrained in their ability to
  openly think through sensitive or difficult
  issues
• Supplement G2G dialogues with largely
  non-governmental workshops that discuss and
  analyze
• Critical cyber issues
• Cyber challenges to international relations

5
Managing Interstate Competition In Cyberspace by
Movement Towards Transparent Cooperation
More Stable
Transparency Legal / Overt
Strategic Communication
International Treaties, Law
Codes of Conduct
Internet Governance
Protection of Commons
Information Control Filtering
Anti-Crime Coordination
Globalization
Deterrence
Technical Cooperation
Cultural Interchange
Compellence
Political Activism
Competition
Cooperation
PSYOPS
Terrorism
Industrial Espionage
Arms Races
Secret Coordination
Information Warfare
Less Stable
Espionage
Opacity Extra-legal / Covert
6
Attacker Resources Required for Cyber Impacts
Dangerous
Destabilizing
Hostility Perception Cumulative?
Narrow Focus?
Increasing Sophistication
7
Building Confidence and UnderstandingThrough a
Sequence of Cyber Dialogues

• Mutual understanding is enhanced by knowledge of
  each others perspectives
• Cyber Definitions
• Near-term workshops address immediate concerns of
  states
• Cyber Crime
• Cyber Terrorism
• Medium-term workshops lay intellectual
  foundations for mutually beneficial cooperation
  and international stability
• Civilian Infrastructures
• Escalatory Models
• Industrial Espionage
• Technical Cooperation
• Long-term workshops develop universalizable
  principles necessary for international law
• Codes of Conduct
• Cyber Law
• Protection of the Commons

8
Principles

• Originality Workshops should make original
  scientific contributions to systematic thinking
  about cyber policy and cyber international
  relations
• Technical Grounding Approaches must be realistic
  with respect to current or future technologies
• Multidisciplinary Experts should bring to the
  discussions deep knowledge across relevant
  technical or social science disciplines
• Impartial Funding Prefer independent or joint
  sources of funding to reduce any perception of
  bias
• Non-governmental Participation should emphasize
  non-government experts
• Well-informed Experts should be familiar with
  official positions and interpretations of their
  governments
• Coherence Workshop participation should be
  relevant to the topic and dialogues focused
  (20-30 participants)

9
Workshop Topics
10
1. Cyber Definitions

• Review national definitions of information
  security, information warfare and cyber defense
• Definitions of national cyber security
• Doctrines of information warfare
• Legitimate postures for cyber defense
• Compare national legal frameworks governing cyber
  crime, information warfare exploitation, and
  cyber cooperation
• Compare interpretations and measures of intensity
  for cyber actions or interactions by states,
  whether conflictual or cooperative

11
2. Cyber Crime

• Examine legal and technical coordination against
  cyber crime
• Enhance cooperation on investigations of
  cross-boarder crime, including preservation of
  evidence, forensic standards
• Share data on cyber crime in support of warning
  about and policing of criminal activity
• Coordinate medium-term policy to raise barriers
  to entry for criminals into cyber crime and
  terrorists into cyber terrorism
• Suppression of international black markets for
  cyber crime (e.g., tools, data, expertise,
  platforms).
• Develop technical solutions for prevention, early
  detection, attribution and prosecution of
  criminal acts

12
3. Cyber Terrorism

• Consider international agreements to counter
  non-state actors seeking to launch cyber attacks
  on states or provoke conflicts among countries
  using cyber means
• Deny access to cyber weapons or black market
  resources
• Prevent proliferation of state-level cyber
  capabilities by renouncing use of proxies and
  managing former personnel trained in cyber
  offense
• Share intelligence on cyber terrorism, including
  recruiting, coordination and financing
• Work jointly to prevent terrorist groups from
  acquiring or deploying technical means for major
  cyber attacks on countries

13
4. Escalatory Models

• Develop shared models of escalation and
  de-escalation in cyber conflict, including
  definitions of hostility levels
• Identification of red lines for war
• Frameworks for addressing the military
  instability arising from cyber attacks on C5ISR
  systems, including nuclear systems, naval forces
• Status of military satellites
• Dynamics in cyber space that may amplify
  relatively low level attacks to produce highly
  negative unintended consequences or escalations
• Responsibility of national command authorities
  for monitoring and controlling activities by
  cyber offense or exploitation divisions,
  especially in times of crisis
• Framework for designating actions in cyber space
  as criminal, hostile or belligerent, and
  assigning corresponding interpretations of intent
  by state actors

14
5. Civilian Infrastructures

• Consider the international legal status of
  civilian cyber infrastructures in the context of
  peace or war
• Identification of civilian infrastructures for
  protection under international law
• Responsibility by states for private offensive
  actions (botnets, criminal organizations)
  emanating from within their borders
• Status of national and international civilian
  Internet infrastructures
• Status of kinetic or electro-magnetic pulse
  weapons in attacks against civilian cyber
  infrastructures

15
6. Industrial Espionage

• Explore international legal frameworks for
  industrial espionage
• Classes of industrial espionage
• Sponsored directly by states
• Supported indirectly by states when they purchase
  stolen information from proxies or criminal black
  markets
• Non-state actors pursuing their own goals
• Develop WTO rules for redress of grievances
  against states
• Differentiate isolated cases from large-scale
  campaigns sustained over years
• Assign implied hostile intent levels to
  extraordinary espionage activities

16
7. Technical Cooperation

• Develop concepts for international mutual
  assistance across public and private spheres to
• Respond to significant cyber failures or attacks
• Enhance protection of critical infrastructures
• Improve cyber situational awareness
• Specifically
• Review or extension of mutual assistance treaties
  or agreements to provide rapid support to
  countries under cyber attack or suffering cyber
  outages
• Develop international standards for cyber
  forensics and accountable chains of custody
• Propose data sharing to improve situational
  awareness on cyber crime and cyber terrorism
• International long-term cooperation to increase
  assurance levels to raise the resource
  requirements to undertake cyber attacks or engage
  in cyber crime

17
8. Cyber Law

• Envision international legal frameworks to
  increase stability of state-state relations and
  promote orderly international economic processes
• Consider cyber-specific interpretations of the
  United Nations Charter to help clarify
• Jus ad bello
• When cyber disruptions rise to the level of an
  armed attack
• Proportionate responses to cyber attacks
• Proscribed activities related to cyber attack
  from a states territory by non-state actors (or
  states) against other states
• Jus in bello
• Application of the principle of distinction to
  limit attacks to military targets and protect
  civilians
• Prohibition on indiscriminate attacks with
  impacts beyond parties to the conflict

18
9. Codes of Conduct

• Develop shared international norms for behavior
  in cyber space for individuals, countries and
  non-state actors
• States should
• Assure cybersecurity
• Modernize national laws to prosecute cyber crime
  and facilitate timely transnational
  investigations
• Participate in international organizations
  combating cyber crime
• Develop a culture of cyber security
• Renounce use of proxies
• Combat terrorism
• Pursue cooperative measures
• Improve transparency
• Reduce risk
• Enhance stability
• Render assistance to states suffering outage or
  attack
• Share data and coordinate cyber threat reduction
• Support capacity building for less developed
  countries

19
10. Protection of the Commons

• Devise frameworks to insulate the technical
  architectures and the operation of cyberspace
  from political competition
• Provide separate mechanisms for resolving
  differences or marshalling international
  cooperation
• Technical plane
• Economic plane
• Political plane

20
Epilogue
21
Russian Reaction to Workshop Topics 1

• Based on evaluation by their leading experts,
  Russians completely support the topic set
  (24/12/2009)
• Russian prioritization of topics for discussion
• Escalation Models
• Civil infrastructures
• Cyber Definitions
• Cyber Law
• Codes of Conduct
• Cyber Terrorism
• Cyber Crime
• Technical Cooperation
• Protection of the Commons (termed Protection of
  World Community by Russians)
• Industrial Espionage
• Russian reaction based on draft (2/12/2009)

22
Russian Reaction to Workshop Topics 2

• Russians believe the cyber definition topic is
  particularly important and merits a joint
  research project entitled
• Comparative Analysis of Conceptual National
  Documents (Strategies, Doctrines, etc.) and
  National Approaches to the Definitions of
  Information Warfare and Cyber Security.
• Russians point out that the topic list is a
  comprehensive 2-3 year program for scientific
  research
• They consider this research program worthy of
  funding as a large common research project under
  the NATO Scientific Committees Science for
  Peace and Security
• Russians propose establishment of an
  International Cyber Space Security Consortium
  and suggest a potential list of co-founding
  institutions
• Lomonosov Moscow State University
• Harvard University -- MIT NDU
• Chinese Defense Technology University
• Karlsruhe University (Germany)
• ICANN

23
Mallery Assessment (speaking for only myself)

• Step by step is probably the best approach
• Demonstrate value and build towards more
  difficult topics
• Identify the first topic and hold the workshop
• Obtain institutional buy-in
• Follow on with other workshops every 6-12 months
• Maintain momentum
• Consider specific research to follow up on topics
  in greater detail
• Build on the research cases developed by the
  workshops
• Identify relevant participants based on expertise
• Work out a plausible plan for coordination of
  research and integration of results
• Caveats
• No formal institutional commitment at this time
  from MIT or Harvard
• Any formal activities must be proposed by
  researchers and approved by the institutions
• Expectations
• Some MIT or Harvard researchers may choose to
  participate as individuals in intellectually
  exciting workshops that are aligned with their
  interests
• More extensive commitments, for example to joint
  research projects or a research consortium might
  be possible in the future if scientific benefits
  are clear

24
Conclusions

• Dialogue between the major cyber powers is
  important to
• Reduce risk of international conflict
• Assure orderly international economic processes
• Dialogues among thought leaders from different
  countries can
• Build common understandings
• Explore practical means to reduce cyber risks