Journal article
Deterrence by norms to stop interstate cyber attacks
- Abstract:
-
In April 2017, the foreign ministers of the G7 countries approved a ‘Declaration on Responsible States Behaviour in Cyberspace’ (G7 Declaration 2017). The Declaration addresses a mounting concern about international stability and the security of our societies after the fast-pace escalation of cyber attacks occurred during the past decade. In the opening statement, the G7 ministers stress their concern
[…] about the risk of escalation and retaliation in cyberspace […]. Such activities could have a destabilizing effect on international peace and security. We stress that the risk of interstate conflict as a result of ICT incidents has emerged as a pressing issue for consideration. […], (G7 Declaration 2017, 1).
Paradoxically, state actors often play a central role in the escalation of cyber attacks. State-run cyber attacks have been launched for espionage and sabotage purposes since 2003. Well-known examples include Titan Rain (2003), the Russian attack against Estonia (2006) and Georgia (2008), Red October targeting mostly Russia and Eastern European Countries (2007), Stuxnet and Operation Olympic Game against Iran (2006–2012). In 2016, a new wave of state-run (or state-sponsored) cyber attacks ranged from the Russian cyber attack against Ukraine power plant,1 to the Chinese and Russian infiltrations US Federal Offices,2 to the Shamoon/Greenbag cyber-attacks on government infrastructures in Saudi Arabia.3
This trend will continue. The relatively low entry-cost and the high chances of success mean that states will keep developing, relying on, and deploying cyber attacks. At the same time, the ever more likely AI leap of cyber capabilities (Cath et al. 2017)—the use of AI and Machine Learning techniques for cyber offence and defence—indicates that cyber attacks will escalate in frequency, impact, and sophistication.
Historically, escalation of interstate conflicts has been arrested using offensive or political strategies, sometimes in combination. Both have been deployed in cyberspace. The first failed; the second needs to be consolidated and enforced (Taddeo and Glorioso 2016a, b).
- Publication status:
- Published
- Peer review status:
- Peer reviewed
Actions
Access Document
- Files:
-
-
(Preview, Version of record, pdf, 336.3KB, Terms of use)
-
- Publisher copy:
- 10.1007/s11023-017-9446-1
Authors
- Publisher:
- Springer
- Journal:
- Minds and Machines More from this journal
- Volume:
- 27
- Issue:
- 3
- Pages:
- 387–392
- Publication date:
- 2017-09-01
- Acceptance date:
- 2017-09-09
- DOI:
- EISSN:
-
1572-8641
- ISSN:
-
0924-6495
- Pubs id:
-
pubs:731409
- UUID:
-
uuid:a58db80f-8661-4911-beb9-adf45f650c19
- Local pid:
-
pubs:731409
- Source identifiers:
-
731409
- Deposit date:
-
2017-10-02
- ARK identifier:
Terms of use
- Copyright holder:
- Taddeo, M
- Copyright date:
- 2017
- Notes:
- © The Author(s) 2017. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.
- Licence:
- CC Attribution (CC BY)
If you are the owner of this record, you can report an update to it here: Report update to this record