SlideShare a Scribd company logo

Models of Escalation and De-escalation in Cyber Conflict

Download as PPTX, PDF
Zsolt Nemeth
Zsolt Nemeth

The cyber insecurity conundrum cuts across all things digital or networked. How can we prioritize defensive efforts across such a vast domain? This talk will describe a framework for engineering systems and policymaking based on the work factors for cyber attack and defense. After developing the work factor concept, it will be illustrated in several examples

TechnologyEducation
1 of 32
Models of Escalation and De- escalation in Cyber Conflict John C. Mallery Computer Science & Artificial Intelligence Laboratory Massachusetts Institute of Technology Presentation at the 2011 Workshop on Cyber Security and Global Affairs, Budapest, Hungary, May 31 – June 2, 2011. Version: 3/29/2012 11:04 AM
Escalation And De-escalation Models For State-state Cyber Conflict & Cooperation l A step towards a US-Russia-China workshop on escalatory models of cyber conflict l Intended to develop shared perspectives and analytical frameworks across countries l Appendices include a draft set of topics for consideration in a longer workshop l Dynamics of cyber-fueled conflict l Approaches to managing cyber-fueled conflict l Lessons from history or other conflictual domains l Today we will discuss a few selected topics l Background: Topic area selected as the top priority by MSU IISI team from 10 workshop topics presented last year John C. Mallery 2 MIT CSAIL
Possible International Workshops On Critical Cyber Policy Issues Workshop Topics MSU IISI prioritization 1. Cyber Definitions 1. Escalation Models 2. Cyber Crime 2. Civil infrastructures 3. Cyber Terrorism 3. Cyber Definitions 4. Escalatory Models 4. Cyber Law 5. Civilian 5. Codes of Conduct Infrastructures 6. Cyber Terrorism 6. Industrial Espionage 7. Cyber Crime 7. Technical 8. Technical Cooperation Cooperation 8. Codes of Conduct 9. Protection of the 9. Cyber Law Commons 10. Protection of the Termed “Protection of Commons World Community” 10. Industrial Espionage John C. Mallery 3 MIT CSAIL
Overview l Defining cyberspace l Threat actors and capabilities l Entropy-based model of conflict and cooperation l Global cyber conflict mess l Illustrative Conflictual Actions l Illustrative Cooperative Actions l Phase-structured Cyber Events Data l Utility of cyber actions l Managing Strategic Technology Competition l Cross Domain Responses l Proportionality Judgments l Institutions and Mechanisms for Cyber De-escalation l Cyber Conflict Characteristics John C. Mallery 4 MIT CSAIL
What is cyberspace? l Interdependent network of information technology infrastructures (NSPD54/HSPD23) l Internet l Telecommunications networks l Computer systems l Embedded processors l Controllers in critical industries l Also virtual environment of information and interactions between people (NSPD54/HSPD23) l Activities riding on cyberspace l US Military l Electro-magnetic spectrum l Information operations l C4ISR, space l Supply chains for IT l Computers, networks, software, sensors, crypto, identity management, etc. l Knowledge, information, data John C. Mallery 5 MIT CSAIL
Domains of Cyberspace Diplomacy Treaties Agreements Norms Alliances IGOs NGOs Industry Governance Technological Level Network, Computer, Crypto, ID Mgt. Standards Universal Principles Knowledge Formation Value System Dynamics Political Discourse Information Processes, Social Networking Cyberspace Economic & Business Activity International Dialogues Military And Intelligence Systems Physical Network Connectivity Critical Infrastructures Enterprise IT Consumer IT Network Infrastructure Administration Application Software and Administration Routers, Switches, Fiber, Wireless, Other PCs, Servers, Laptops, Cell Phones, PDAs Supply Chain IC Fabrication IC Design Operating Systems Information Assurance Cryptography Research Communities IA, Certification, Accreditation International Standards John C. Mallery 6 MIT CSAIL
Threat Actors And Capabilities Threat Actors Motive Targets Means Resources Military, intelligence, infrastructure, Nation States Intelligence, military, Fully mobilized, multi- Political espionage, reconnaissance, During War Time broad private sector spectrum influence operations, world orders Intelligence, military, High, multi-spectrum, Nation States Espionage, reconnaissance, leverages criminal variable skill sets Political During Peace Time influence operations, world orders enterprises or black below major cyber markets powers Terrorists, Political Infrastructure, extortion Leverage black markets? Limited, low expertise Insurgents Political Activists Political Political outcomes Outsourcing? Limited, low expertise or Parties Black Markets For Tools, exploits, platforms, Mobilizes cyber crime Financial Cyber Crime data, expertise, planning networks Professional, low end Hijacked resources, fraud, theft, IP Reconnaissance, Criminal multi-spectrum, Financial theft, illicit content, scams, crime planning, diverse Enterprises leverage of black for hire expertise markets Small Scale Low, mostly reliant on Financial Leverages black markets Criminals black markets IP theft, influence on sectoral Outsourcing to criminal Sectoral expertise, Rogue Enterprises Financial issues enterprises? funding, organization John C. Mallery 7 MIT CSAIL
Conflict and Cooperation within Living Social Systems Framework l Goal: Continuous function from conflict to cooperation l Countries are autopoetic systems l Prigogine, non-equilibrium thermodynamics l Self-recreating living systems l Network of component producing processes l Recreate the socio-economic and political system over time l Key functional areas: l Physical Security: Military, intelligence, terrorism l Economic Security: Business, technology, science, policy l Political Security: Ideation, legitimacy, diplomacy l State-state interactions l Conflictual action: Increases autopoetic entropy l Cooperative action: Decreases autopoetic entropy l Mesh of state-state interactions l Reciprocity dimensions: economic, political, military, cultural l Relationships: parasitic or mutualistic John C. Mallery 8 MIT CSAIL
Global Cyber Conflict Mess* Cyber Capability Levels Cyber Power No. IW Espionage Attack Integration Major 3? High High High High Important 10? Moderate? Significant Significant High Middle 20? Lower? Crime ware Crime ware Lower Lesser 70 Lower? Crime ware Crime ware Lower + l Over 100 states developing offensive cyber capabilities l Various USG 2008-2010 l What are their targets? l Economic l Political l Military/intelligence l Who are their targets? l G20? l Major industries? John C. Mallery 9 MIT CSAIL
Illustrative Conflictual Actions Move Type Action Std. Cyber Intensity Duration Impact Displeasure x x 1 Protest x 1 Withdraw Support x 2 Political Snub x 1 Threaten x x 1 Support opposition x x 4 Subversion x 5 Industrial espionage x x 2 Sabotage x x 2 Economic Sanctions x ? 3 Quarantine x ? 4 Politico-military espionage x x ? Unconventional warfare, terrorism x x 1 Military Skirmishes x x 2 Limited warfare x x 4 General warfare x x 5 John C. Mallery 10 MIT CSAIL
Illustrative Cooperative Actions Move Type Action Std. Cyber Intensity Duration Impact Diplomatic recognition x 1 Praise, hail, applaud x x 2 Endorse or support policy or position x x 3 Political Promise material support x x 3 Negotiate x x 1 Make substantive agreement x x 2 Share data, intelligence x 4 Joint ventures, technical sharing x x 5 Economic Support capacity building x x 3 Suspend Sanctions x ? 1 Extend economic aid x ? 3 Extend military assistance x x 4 Coordinate counter-terrorism x x 4 Military Coordinate defense x x 5 Cease hostilities x x 3 John C. Mallery Settle dispute 11 x x 3 MIT CSAIL
Phase-structured Cyber Events Data l Define cyber action vocabulary l Party actions l Referrals to conflict managers l Conflict management actions l Code state-state interaction sequences l Include partial order for level of conflict or cooperation l Phase structure is given by the movement up or down hostility/altruism l Enables learning to: l Predict escalation or de-escalation as a function of event sequences l Efficacy of conflict management actions John C. Mallery 12 MIT CSAIL
Utility of Cyber Actions Modality Detection Complexity Reliability Consequences IW 3 2 2 1 Intelligence 1 3 2 1 Degradation 1 3 1 2 Disrupt 3 3 1 3 (precise) Denial 3 2 3 3 John C. Mallery 13 MIT CSAIL
Managing Strategic Technology Competition 1. Engineering networking standards and computational frameworks for national advantage 2. Developing universalizable norms for system engineering and design certification 3. Managing industrial espionage when integrated component of strategic economic competition 4. Sanctions (diplomatic, economic) against predatory behaviors in open multilateral trading systems 5. Standards for ICT intended to reduce opportunities for bad cyber behavior, enhance international stability and promote orderly international interactions John C. Mallery 14 MIT CSAIL
Cross Domain Responses l State need not respond to cyber in kind l Cross domain responses cloud anticipation of responses to cyber actions l Judgment of proportionality by initiator l Judgment of perception by recipient l Example: l Industrial espionage by China l Possible response aiming at regime legitimacy l Example: l Russia and US declare potential nuclear response against cyber attacks on C2 systems l Penetration of the wrong system could provoke major response l Cross domain responses Introduce potentially destabilizing feedback paths John C. Mallery 15 MIT CSAIL
Proportionality Judgments l Shared understandings of proportionality are necessary for meaningful calibration of action l Different perspectives, approaches, traditions and cultural contexts can produce misunderstandings and unintended escalations l Errors or accidents involving cyber weapons may produce l Unintended consequences via cascading effects l Unforeseen escalatory responses John C. Mallery 16 MIT CSAIL
Cyber Conflict Characteristics 1. Offense dominated 2. Strategic reach 3. Poor attribution (low frequency) 4. Poor warning with short detection times 5. No strategic depth -> pre-emption strategies 6. Readily usable techniques for espionage 7. Strong reciprocity among major actors 8. Low barriers to entry 9. Over 100 state players 10. Lack of shared perception of action seriousness l Limited history of cyber conflict l Cross cultural understanding challenges l Little guidance from international law l Many variations possible l Conclusion: Unstable, dangerous feedbacks John C. Mallery 17 MIT CSAIL
Institutions and Mechanisms for Cyber De-escalation Domain Activity Conflict Manager Hacktivism Political ?, UN Legitimacy IW Industrial espionage Economic Predatory Trade ?, IMF, G*, WTO, regional IGOs Supply chain subversion Prepositioning logic bombs Conventional mediators (e.g., UN, Military Critical infrastructure attacks regional IGOs) John C. Mallery 18 MIT CSAIL
Research Questions 1. What is the domain of cyber conflict and cooperation? 2. Does the rise of cyber operations, whether attack, espionage or influence operations, change inter-state conflict dynamics? 3. What are the stability characteristics of current and future international systems as cyber conflict capacity develops and diffuses? 4. How can levels of cyber conflict and cooperation be measured and compared across technical change? 5. How can strategic technical and economic competition be managed? 6. How can different perceptions of hostility or cooperation and escalation phases be managed? 7. Can legal or normative frameworks increase stability or protect non-combatants? John C. Mallery 19 MIT CSAIL
Appendix A Dynamics Of Cyber-fueled Conflict
Dynamics Of Politico-military Escalation And De-escalation In State-state Cyber Conflict 1. Analysis of factors contributing to instability or stability 2. Cyber as a means for strategic reach with low barriers to entry (over 100 countries with some cyber offensive capabilities) 3. Pre-emption strategies due to poor warning as a source of instability 4. Problems of n-way games, including (mis-)attribution, bad reputations, provocations 5. Clusters of state-level cyber conflict and cooperation 6. Dangerous feedbacks, good feedbacks 7. Unintended consequences (e.g., perceptions, cascading impact, spreading impact, collateral damage to civilians or 3rd parties) 8. Precision and controllability of cyber techniques across target domains, including impact on neutral countries or global commons 9. Usability of cyber techniques for attack or exploitation (low probability of attribution, low physical damage, low human causalities) 10. Cross-domain responses to cyber as amplifiers or attenuators conflict 11. Differential perception of threat (e.g., economic, legitimacy, systemic) 12. Special case of nuclear powers (cyber under cover of nuclear) 13. Asymmetric vulnerability of lower ICT capacity states to cyber attack by stronger military powers 14. Dynamics of collapse or rebuilding of trust across state-state transactions, with special attention to low-to-mid level cyber provocations 15. Mechanisms for de-escalation, including termination of conflict or war 16. Mechanisms for establishing ground truth (e.g., monitoring, data sharing, inspection, cross correlation) 17. Institutions for international mediation and conflict management John C. Mallery 21 MIT CSAIL
Conflict Triggers Or Escalators 1. Misread of red lines 2. Denial of service or attack on C2 or space assets 3. Ambiguity of cyber actions between exploitation and attack 4. Penetration of critical infrastructure, or "preparation of the battlefield” 5. Accidental impact on 3rd parties via spread or cascading 6. Excessive espionage provoking hostile responses, possibly cross-domain 7. 3rd party provocations intended to incite major power conflict 8. Information operations targeting political legitimacy 9. Conventional conflict triggering cyber responses John C. Mallery 22 MIT CSAIL
Cross-modality Or Cross-domain Responses To Cyber Exploitation Or Attack 1. Signaling and problems of misperception in cyber conflict (or cyber cross-domain responses) 2. Mismatches of cross cultural or doctrinal models of cyber conflict 3. Hostility spirals due to volume of exploitation or development of bad reputation John C. Mallery 23 MIT CSAIL
Appendix B Approaches To Managing Cyber-fueled Conflict
Challenges 1. How can verification, monitoring and situational awareness be achieved and to what extent? 2. How is cyber defense possible without understanding and anticipating incoming cyber attacks? 3. How can proliferation of cyber weapons within or across countries be prevented or managed? John C. Mallery 25 MIT CSAIL
Shared International Frameworks For Designating Actions In Cyber Space As Criminal, Hostile, Or Negligent 1. Definitions of hostility levels 2. Definition of when counter-force becomes counter-value targeting along supply chains or supporting infrastructure for an opposing military 3. Red lines with the contexts of peace, crisis or war 4. Impact of red lines on dynamics of escalation control and stability 5. Instabilities arising from attacks on C5ISR systems, including nuclear systems, space assets and naval forces 6. Large-scale espionage: quantity exceeds conventional hostility calibrations 7. Ambiguity of cyber-physical systems (e.g., cyber attack on power grid causing physical damage) 8. Information operations: anti-terrorism, threats to government stability 9. How should international sharing of cyber data be organized and coordinated? 10. Rebuilding trust in a low verification environment John C. Mallery 26 MIT CSAIL
Responsibility Of National Leadership For Controlling Cyber Offense And Exploitation 1. Government actors 2. Surrogates, including state responsibility for cyber "patriots" or criminals operating within their territory under International law regardless of whether the state has direct, indirect or no control at the time 3. Non-state actors using computing platforms within their territories  Hackivists  Terrorists 4. Leakage of advanced cyber capabilities to criminals or terrorists 5. Managing different levels of conflict from strategic (e.g., nuclear weapons control and release) to theater or tactical 6. Responsibility for cleaning up botnets, or other platforms within their territories used by 3rd parties to attack or exploit 2nd parties John C. Mallery 27 MIT CSAIL
Managing Strategic Technology Competition 1. Engineering networking standards and computational frameworks for national advantage 2. Developing universalizable norms for system engineering and design certification 3. Managing industrial espionage when integrated component of strategic economic competition 4. Sanctions (diplomatic, economic) against predatory behaviors in open multilateral trading systems 5. Standards for ICT intended to reduce opportunities for bad cyber behavior, enhance international stability and promote orderly international interactions John C. Mallery 28 MIT CSAIL
Legal Or Normative Frameworks Codifying Shared Interests 1. How can cooperative activities in cyber defense or fighting cyber crime build reservoirs of trust that help prevent or attenuate cyber crises? 2. Can a "public health" approach to cyber help reduce risk of conflict and enhance trust through cooperative contributions to the cyber commons? 3. To what extent are states interpreting cyber with the framework of the Geneva Convention? 4. Where are current international legal frameworks adequate or inadequate? 5. How can they be extended to cover gaps? 6. How do they serve the range of state or non-state actors in the international system? 7. Can legal or normative frameworks actually help in a timely fashion with cyber capabilities are so widely diffused and technical change is rapid? 8. What is their domain of relevance across a hostility range from, peacetime to wartime? 9. How can adverse impacts on international cyber infrastructures be prevented or managed? 10. How can collateral damage to non-belligerents be managed? 11. How can 3rd party provocations intended to initiate conflicts between major powers be prevented beforehand or managed afterwards? John C. Mallery 29 MIT CSAIL
Legal Or Normative Frameworks Codifying Shared Interests 12. What is the legal or pragmatic liability of states for consequences of cyber operations, whether intentional, collateral, or accidental (including cyber proliferation)? 13. What should be the status of a cyber attack on one country that disrupts economic activity in 3rd countries? (e.g., shared infrastructure, outsourcing, linked industrial verticals) Rights of 3rd parties to respond? Non-state actor case? 14. What is the responsibility to states to prevent private actors or 3rd parties from launching attacks from with their territory by controlling bad network traffic, taking down botnets, or requiring higher assurance standards? 15. What legal recourses are available when cyber espionage exceeds standards of customary practice to reach extraordinarily high levels of hostility? 16. What should be the responsibility of Internet service providers to report bad behavior to states (e.g., tracing attacks via proxies, cyber pollution, IW)? 17. What should be the legal liability of ISPs if they act as agents of a state by providing the means to deliver cyber attacks, engage in cyber exploitation or weaponization? 18. To what extent are States and ISPs separate around the world? How does it effect the ability of states to act in cyberspace? John C. Mallery 30 MIT CSAIL
Appendix C Lessons From History Or Other Conflictual Domains
Lessons From History Or Other Conflictual Domains 1. How should the definition of "armed force" be extended to cyber attacks? (e.g., by consequences, by threat level) 2. How do we measure the consequences of cyber weapons? Must they have physical manifestation? 3. How can conventional counter proliferation approaches bear on cyber capabilities? 4. How can conventional protections of neutral parties, international infrastructures or global commons (e.g., sea, space) be extended to cyber? 1. How is cyber not like nuclear deterrence? (Over worked analogy with many analytical assumptions failing.) 2. How are cyber weapons like non-nuclear kinetic weapons? 3. How can biological weapons regimes inform cyber regimes? (Similarities and differences, for example in terms of proliferation, verification, usability) John C. Mallery 32 MIT CSAIL

Recommended

The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaZsolt Nemeth
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Cyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasionalCyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasionalEdi Suryadi
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3NTT Innovation Institute Inc.
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber SecurityStephen Lahanas
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securitysiswarren
 
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS
 

Recommended

The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaZsolt Nemeth
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Cyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasionalCyber defence sebagai garda terdepan ketahanan nasional
Cyber defence sebagai garda terdepan ketahanan nasionalEdi Suryadi
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3NTT Innovation Institute Inc.
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber SecurityStephen Lahanas
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securitysiswarren
 
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceInderjeet Singh
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsDinesh O Bareja
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 
Cyber of things 2.0
Cyber of things 2.0Cyber of things 2.0
Cyber of things 2.0Deepak Kumar (D3)
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic ViewCisco Canada
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Securitykailash shaw
 
Introduction to the concept of it security
Introduction to the concept of it securityIntroduction to the concept of it security
Introduction to the concept of it securityRAVIKUMAR Digital Signal Processing
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 
Revolution Or Evolution Exec Summary
Revolution Or Evolution Exec SummaryRevolution Or Evolution Exec Summary
Revolution Or Evolution Exec SummaryWilliam Beer
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence OperationsPapadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOlivier Busolini
 
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Netpluz Asia Pte Ltd
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityDean Bonehill ♠Technology for Business♠
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 
Cyber security and Homeland security
Cyber security and Homeland securityCyber security and Homeland security
Cyber security and Homeland securityADGP, Public Grivences, Bangalore
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect usLuis Borges Gouveia
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...Pukhraj Singh
 

More Related Content

What's hot

Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceInderjeet Singh
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsDinesh O Bareja
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic ViewCisco Canada
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Securitykailash shaw
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 
Revolution Or Evolution Exec Summary
Revolution Or Evolution Exec SummaryRevolution Or Evolution Exec Summary
Revolution Or Evolution Exec SummaryWilliam Beer
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOlivier Busolini
 
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Netpluz Asia Pte Ltd
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 

What's hot (19)

Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial Intelligence
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chain
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber of things 2.0
Cyber of things 2.0Cyber of things 2.0
Cyber of things 2.0
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Cyber Security: The Strategic View
Cyber Security: The Strategic ViewCyber Security: The Strategic View
Cyber Security: The Strategic View
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Introduction to the concept of it security
Introduction to the concept of it securityIntroduction to the concept of it security
Introduction to the concept of it security
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 
Revolution Or Evolution Exec Summary
Revolution Or Evolution Exec SummaryRevolution Or Evolution Exec Summary
Revolution Or Evolution Exec Summary
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
 
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in CybersecurityOverview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
 
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things Security
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
 
Cyber security and Homeland security
Cyber security and Homeland securityCyber security and Homeland security
Cyber security and Homeland security
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber Security
 

Similar to Models of Escalation and De-escalation in Cyber Conflict

The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect usLuis Borges Gouveia
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...Pukhraj Singh
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)Takeshi Takahashi
 
How Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecurityHow Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecuritySaqib Chaudhry
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityOlivier Busolini
 
2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_secSara-Jayne Terp
 
Road map for actionable threat intelligence
Road map for actionable threat intelligenceRoad map for actionable threat intelligence
Road map for actionable threat intelligenceabhisheksinghcs
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceJarno Limnéll
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesblogzilla
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity riskblogzilla
 
Cybercrime and data sharing
Cybercrime and data sharingCybercrime and data sharing
Cybercrime and data sharingblogzilla
 
Cyber Attacks: How to Ninja-Proof Your Data - Centre Technologies
Cyber Attacks: How to Ninja-Proof Your Data - Centre TechnologiesCyber Attacks: How to Ninja-Proof Your Data - Centre Technologies
Cyber Attacks: How to Ninja-Proof Your Data - Centre TechnologiesCentre Technologies
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
 

Similar to Models of Escalation and De-escalation in Cyber Conflict (20)

The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
 
Ieee itmsb20
Ieee itmsb20Ieee itmsb20
Ieee itmsb20
 
Cyber and influence
Cyber and influenceCyber and influence
Cyber and influence
 
How Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecurityHow Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber Security
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
 
2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec
 
Road map for actionable threat intelligence
Road map for actionable threat intelligenceRoad map for actionable threat intelligence
Road map for actionable threat intelligence
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in Cyberspace
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responses
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity risk
 
Cybercrime and data sharing
Cybercrime and data sharingCybercrime and data sharing
Cybercrime and data sharing
 
Cyber Attacks: How to Ninja-Proof Your Data - Centre Technologies
Cyber Attacks: How to Ninja-Proof Your Data - Centre TechnologiesCyber Attacks: How to Ninja-Proof Your Data - Centre Technologies
Cyber Attacks: How to Ninja-Proof Your Data - Centre Technologies
 
Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Cybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatCybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global Threat
 

Recently uploaded

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Recently uploaded (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

Models of Escalation and De-escalation in Cyber Conflict

  • 1. Models of Escalation and De- escalation in Cyber Conflict John C. Mallery Computer Science & Artificial Intelligence Laboratory Massachusetts Institute of Technology Presentation at the 2011 Workshop on Cyber Security and Global Affairs, Budapest, Hungary, May 31 – June 2, 2011. Version: 3/29/2012 11:04 AM
  • 2. Escalation And De-escalation Models For State-state Cyber Conflict & Cooperation l A step towards a US-Russia-China workshop on escalatory models of cyber conflict l Intended to develop shared perspectives and analytical frameworks across countries l Appendices include a draft set of topics for consideration in a longer workshop l Dynamics of cyber-fueled conflict l Approaches to managing cyber-fueled conflict l Lessons from history or other conflictual domains l Today we will discuss a few selected topics l Background: Topic area selected as the top priority by MSU IISI team from 10 workshop topics presented last year John C. Mallery 2 MIT CSAIL
  • 3. Possible International Workshops On Critical Cyber Policy Issues Workshop Topics MSU IISI prioritization 1. Cyber Definitions 1. Escalation Models 2. Cyber Crime 2. Civil infrastructures 3. Cyber Terrorism 3. Cyber Definitions 4. Escalatory Models 4. Cyber Law 5. Civilian 5. Codes of Conduct Infrastructures 6. Cyber Terrorism 6. Industrial Espionage 7. Cyber Crime 7. Technical 8. Technical Cooperation Cooperation 8. Codes of Conduct 9. Protection of the 9. Cyber Law Commons 10. Protection of the Termed “Protection of Commons World Community” 10. Industrial Espionage John C. Mallery 3 MIT CSAIL
  • 4. Overview l Defining cyberspace l Threat actors and capabilities l Entropy-based model of conflict and cooperation l Global cyber conflict mess l Illustrative Conflictual Actions l Illustrative Cooperative Actions l Phase-structured Cyber Events Data l Utility of cyber actions l Managing Strategic Technology Competition l Cross Domain Responses l Proportionality Judgments l Institutions and Mechanisms for Cyber De-escalation l Cyber Conflict Characteristics John C. Mallery 4 MIT CSAIL
  • 5. What is cyberspace? l Interdependent network of information technology infrastructures (NSPD54/HSPD23) l Internet l Telecommunications networks l Computer systems l Embedded processors l Controllers in critical industries l Also virtual environment of information and interactions between people (NSPD54/HSPD23) l Activities riding on cyberspace l US Military l Electro-magnetic spectrum l Information operations l C4ISR, space l Supply chains for IT l Computers, networks, software, sensors, crypto, identity management, etc. l Knowledge, information, data John C. Mallery 5 MIT CSAIL
  • 6. Domains of Cyberspace Diplomacy Treaties Agreements Norms Alliances IGOs NGOs Industry Governance Technological Level Network, Computer, Crypto, ID Mgt. Standards Universal Principles Knowledge Formation Value System Dynamics Political Discourse Information Processes, Social Networking Cyberspace Economic & Business Activity International Dialogues Military And Intelligence Systems Physical Network Connectivity Critical Infrastructures Enterprise IT Consumer IT Network Infrastructure Administration Application Software and Administration Routers, Switches, Fiber, Wireless, Other PCs, Servers, Laptops, Cell Phones, PDAs Supply Chain IC Fabrication IC Design Operating Systems Information Assurance Cryptography Research Communities IA, Certification, Accreditation International Standards John C. Mallery 6 MIT CSAIL
  • 7. Threat Actors And Capabilities Threat Actors Motive Targets Means Resources Military, intelligence, infrastructure, Nation States Intelligence, military, Fully mobilized, multi- Political espionage, reconnaissance, During War Time broad private sector spectrum influence operations, world orders Intelligence, military, High, multi-spectrum, Nation States Espionage, reconnaissance, leverages criminal variable skill sets Political During Peace Time influence operations, world orders enterprises or black below major cyber markets powers Terrorists, Political Infrastructure, extortion Leverage black markets? Limited, low expertise Insurgents Political Activists Political Political outcomes Outsourcing? Limited, low expertise or Parties Black Markets For Tools, exploits, platforms, Mobilizes cyber crime Financial Cyber Crime data, expertise, planning networks Professional, low end Hijacked resources, fraud, theft, IP Reconnaissance, Criminal multi-spectrum, Financial theft, illicit content, scams, crime planning, diverse Enterprises leverage of black for hire expertise markets Small Scale Low, mostly reliant on Financial Leverages black markets Criminals black markets IP theft, influence on sectoral Outsourcing to criminal Sectoral expertise, Rogue Enterprises Financial issues enterprises? funding, organization John C. Mallery 7 MIT CSAIL
  • 8. Conflict and Cooperation within Living Social Systems Framework l Goal: Continuous function from conflict to cooperation l Countries are autopoetic systems l Prigogine, non-equilibrium thermodynamics l Self-recreating living systems l Network of component producing processes l Recreate the socio-economic and political system over time l Key functional areas: l Physical Security: Military, intelligence, terrorism l Economic Security: Business, technology, science, policy l Political Security: Ideation, legitimacy, diplomacy l State-state interactions l Conflictual action: Increases autopoetic entropy l Cooperative action: Decreases autopoetic entropy l Mesh of state-state interactions l Reciprocity dimensions: economic, political, military, cultural l Relationships: parasitic or mutualistic John C. Mallery 8 MIT CSAIL
  • 9. Global Cyber Conflict Mess* Cyber Capability Levels Cyber Power No. IW Espionage Attack Integration Major 3? High High High High Important 10? Moderate? Significant Significant High Middle 20? Lower? Crime ware Crime ware Lower Lesser 70 Lower? Crime ware Crime ware Lower + l Over 100 states developing offensive cyber capabilities l Various USG 2008-2010 l What are their targets? l Economic l Political l Military/intelligence l Who are their targets? l G20? l Major industries? John C. Mallery 9 MIT CSAIL
  • 10. Illustrative Conflictual Actions Move Type Action Std. Cyber Intensity Duration Impact Displeasure x x 1 Protest x 1 Withdraw Support x 2 Political Snub x 1 Threaten x x 1 Support opposition x x 4 Subversion x 5 Industrial espionage x x 2 Sabotage x x 2 Economic Sanctions x ? 3 Quarantine x ? 4 Politico-military espionage x x ? Unconventional warfare, terrorism x x 1 Military Skirmishes x x 2 Limited warfare x x 4 General warfare x x 5 John C. Mallery 10 MIT CSAIL
  • 11. Illustrative Cooperative Actions Move Type Action Std. Cyber Intensity Duration Impact Diplomatic recognition x 1 Praise, hail, applaud x x 2 Endorse or support policy or position x x 3 Political Promise material support x x 3 Negotiate x x 1 Make substantive agreement x x 2 Share data, intelligence x 4 Joint ventures, technical sharing x x 5 Economic Support capacity building x x 3 Suspend Sanctions x ? 1 Extend economic aid x ? 3 Extend military assistance x x 4 Coordinate counter-terrorism x x 4 Military Coordinate defense x x 5 Cease hostilities x x 3 John C. Mallery Settle dispute 11 x x 3 MIT CSAIL
  • 12. Phase-structured Cyber Events Data l Define cyber action vocabulary l Party actions l Referrals to conflict managers l Conflict management actions l Code state-state interaction sequences l Include partial order for level of conflict or cooperation l Phase structure is given by the movement up or down hostility/altruism l Enables learning to: l Predict escalation or de-escalation as a function of event sequences l Efficacy of conflict management actions John C. Mallery 12 MIT CSAIL
  • 13. Utility of Cyber Actions Modality Detection Complexity Reliability Consequences IW 3 2 2 1 Intelligence 1 3 2 1 Degradation 1 3 1 2 Disrupt 3 3 1 3 (precise) Denial 3 2 3 3 John C. Mallery 13 MIT CSAIL
  • 14. Managing Strategic Technology Competition 1. Engineering networking standards and computational frameworks for national advantage 2. Developing universalizable norms for system engineering and design certification 3. Managing industrial espionage when integrated component of strategic economic competition 4. Sanctions (diplomatic, economic) against predatory behaviors in open multilateral trading systems 5. Standards for ICT intended to reduce opportunities for bad cyber behavior, enhance international stability and promote orderly international interactions John C. Mallery 14 MIT CSAIL
  • 15. Cross Domain Responses l State need not respond to cyber in kind l Cross domain responses cloud anticipation of responses to cyber actions l Judgment of proportionality by initiator l Judgment of perception by recipient l Example: l Industrial espionage by China l Possible response aiming at regime legitimacy l Example: l Russia and US declare potential nuclear response against cyber attacks on C2 systems l Penetration of the wrong system could provoke major response l Cross domain responses Introduce potentially destabilizing feedback paths John C. Mallery 15 MIT CSAIL
  • 16. Proportionality Judgments l Shared understandings of proportionality are necessary for meaningful calibration of action l Different perspectives, approaches, traditions and cultural contexts can produce misunderstandings and unintended escalations l Errors or accidents involving cyber weapons may produce l Unintended consequences via cascading effects l Unforeseen escalatory responses John C. Mallery 16 MIT CSAIL
  • 17. Cyber Conflict Characteristics 1. Offense dominated 2. Strategic reach 3. Poor attribution (low frequency) 4. Poor warning with short detection times 5. No strategic depth -> pre-emption strategies 6. Readily usable techniques for espionage 7. Strong reciprocity among major actors 8. Low barriers to entry 9. Over 100 state players 10. Lack of shared perception of action seriousness l Limited history of cyber conflict l Cross cultural understanding challenges l Little guidance from international law l Many variations possible l Conclusion: Unstable, dangerous feedbacks John C. Mallery 17 MIT CSAIL
  • 18. Institutions and Mechanisms for Cyber De-escalation Domain Activity Conflict Manager Hacktivism Political ?, UN Legitimacy IW Industrial espionage Economic Predatory Trade ?, IMF, G*, WTO, regional IGOs Supply chain subversion Prepositioning logic bombs Conventional mediators (e.g., UN, Military Critical infrastructure attacks regional IGOs) John C. Mallery 18 MIT CSAIL
  • 19. Research Questions 1. What is the domain of cyber conflict and cooperation? 2. Does the rise of cyber operations, whether attack, espionage or influence operations, change inter-state conflict dynamics? 3. What are the stability characteristics of current and future international systems as cyber conflict capacity develops and diffuses? 4. How can levels of cyber conflict and cooperation be measured and compared across technical change? 5. How can strategic technical and economic competition be managed? 6. How can different perceptions of hostility or cooperation and escalation phases be managed? 7. Can legal or normative frameworks increase stability or protect non-combatants? John C. Mallery 19 MIT CSAIL
  • 20. Appendix A Dynamics Of Cyber-fueled Conflict
  • 21. Dynamics Of Politico-military Escalation And De-escalation In State-state Cyber Conflict 1. Analysis of factors contributing to instability or stability 2. Cyber as a means for strategic reach with low barriers to entry (over 100 countries with some cyber offensive capabilities) 3. Pre-emption strategies due to poor warning as a source of instability 4. Problems of n-way games, including (mis-)attribution, bad reputations, provocations 5. Clusters of state-level cyber conflict and cooperation 6. Dangerous feedbacks, good feedbacks 7. Unintended consequences (e.g., perceptions, cascading impact, spreading impact, collateral damage to civilians or 3rd parties) 8. Precision and controllability of cyber techniques across target domains, including impact on neutral countries or global commons 9. Usability of cyber techniques for attack or exploitation (low probability of attribution, low physical damage, low human causalities) 10. Cross-domain responses to cyber as amplifiers or attenuators conflict 11. Differential perception of threat (e.g., economic, legitimacy, systemic) 12. Special case of nuclear powers (cyber under cover of nuclear) 13. Asymmetric vulnerability of lower ICT capacity states to cyber attack by stronger military powers 14. Dynamics of collapse or rebuilding of trust across state-state transactions, with special attention to low-to-mid level cyber provocations 15. Mechanisms for de-escalation, including termination of conflict or war 16. Mechanisms for establishing ground truth (e.g., monitoring, data sharing, inspection, cross correlation) 17. Institutions for international mediation and conflict management John C. Mallery 21 MIT CSAIL
  • 22. Conflict Triggers Or Escalators 1. Misread of red lines 2. Denial of service or attack on C2 or space assets 3. Ambiguity of cyber actions between exploitation and attack 4. Penetration of critical infrastructure, or "preparation of the battlefield” 5. Accidental impact on 3rd parties via spread or cascading 6. Excessive espionage provoking hostile responses, possibly cross-domain 7. 3rd party provocations intended to incite major power conflict 8. Information operations targeting political legitimacy 9. Conventional conflict triggering cyber responses John C. Mallery 22 MIT CSAIL
  • 23. Cross-modality Or Cross-domain Responses To Cyber Exploitation Or Attack 1. Signaling and problems of misperception in cyber conflict (or cyber cross-domain responses) 2. Mismatches of cross cultural or doctrinal models of cyber conflict 3. Hostility spirals due to volume of exploitation or development of bad reputation John C. Mallery 23 MIT CSAIL
  • 24. Appendix B Approaches To Managing Cyber-fueled Conflict
  • 25. Challenges 1. How can verification, monitoring and situational awareness be achieved and to what extent? 2. How is cyber defense possible without understanding and anticipating incoming cyber attacks? 3. How can proliferation of cyber weapons within or across countries be prevented or managed? John C. Mallery 25 MIT CSAIL
  • 26. Shared International Frameworks For Designating Actions In Cyber Space As Criminal, Hostile, Or Negligent 1. Definitions of hostility levels 2. Definition of when counter-force becomes counter-value targeting along supply chains or supporting infrastructure for an opposing military 3. Red lines with the contexts of peace, crisis or war 4. Impact of red lines on dynamics of escalation control and stability 5. Instabilities arising from attacks on C5ISR systems, including nuclear systems, space assets and naval forces 6. Large-scale espionage: quantity exceeds conventional hostility calibrations 7. Ambiguity of cyber-physical systems (e.g., cyber attack on power grid causing physical damage) 8. Information operations: anti-terrorism, threats to government stability 9. How should international sharing of cyber data be organized and coordinated? 10. Rebuilding trust in a low verification environment John C. Mallery 26 MIT CSAIL
  • 27. Responsibility Of National Leadership For Controlling Cyber Offense And Exploitation 1. Government actors 2. Surrogates, including state responsibility for cyber "patriots" or criminals operating within their territory under International law regardless of whether the state has direct, indirect or no control at the time 3. Non-state actors using computing platforms within their territories  Hackivists  Terrorists 4. Leakage of advanced cyber capabilities to criminals or terrorists 5. Managing different levels of conflict from strategic (e.g., nuclear weapons control and release) to theater or tactical 6. Responsibility for cleaning up botnets, or other platforms within their territories used by 3rd parties to attack or exploit 2nd parties John C. Mallery 27 MIT CSAIL
  • 28. Managing Strategic Technology Competition 1. Engineering networking standards and computational frameworks for national advantage 2. Developing universalizable norms for system engineering and design certification 3. Managing industrial espionage when integrated component of strategic economic competition 4. Sanctions (diplomatic, economic) against predatory behaviors in open multilateral trading systems 5. Standards for ICT intended to reduce opportunities for bad cyber behavior, enhance international stability and promote orderly international interactions John C. Mallery 28 MIT CSAIL
  • 29. Legal Or Normative Frameworks Codifying Shared Interests 1. How can cooperative activities in cyber defense or fighting cyber crime build reservoirs of trust that help prevent or attenuate cyber crises? 2. Can a "public health" approach to cyber help reduce risk of conflict and enhance trust through cooperative contributions to the cyber commons? 3. To what extent are states interpreting cyber with the framework of the Geneva Convention? 4. Where are current international legal frameworks adequate or inadequate? 5. How can they be extended to cover gaps? 6. How do they serve the range of state or non-state actors in the international system? 7. Can legal or normative frameworks actually help in a timely fashion with cyber capabilities are so widely diffused and technical change is rapid? 8. What is their domain of relevance across a hostility range from, peacetime to wartime? 9. How can adverse impacts on international cyber infrastructures be prevented or managed? 10. How can collateral damage to non-belligerents be managed? 11. How can 3rd party provocations intended to initiate conflicts between major powers be prevented beforehand or managed afterwards? John C. Mallery 29 MIT CSAIL
  • 30. Legal Or Normative Frameworks Codifying Shared Interests 12. What is the legal or pragmatic liability of states for consequences of cyber operations, whether intentional, collateral, or accidental (including cyber proliferation)? 13. What should be the status of a cyber attack on one country that disrupts economic activity in 3rd countries? (e.g., shared infrastructure, outsourcing, linked industrial verticals) Rights of 3rd parties to respond? Non-state actor case? 14. What is the responsibility to states to prevent private actors or 3rd parties from launching attacks from with their territory by controlling bad network traffic, taking down botnets, or requiring higher assurance standards? 15. What legal recourses are available when cyber espionage exceeds standards of customary practice to reach extraordinarily high levels of hostility? 16. What should be the responsibility of Internet service providers to report bad behavior to states (e.g., tracing attacks via proxies, cyber pollution, IW)? 17. What should be the legal liability of ISPs if they act as agents of a state by providing the means to deliver cyber attacks, engage in cyber exploitation or weaponization? 18. To what extent are States and ISPs separate around the world? How does it effect the ability of states to act in cyberspace? John C. Mallery 30 MIT CSAIL
  • 31. Appendix C Lessons From History Or Other Conflictual Domains
  • 32. Lessons From History Or Other Conflictual Domains 1. How should the definition of "armed force" be extended to cyber attacks? (e.g., by consequences, by threat level) 2. How do we measure the consequences of cyber weapons? Must they have physical manifestation? 3. How can conventional counter proliferation approaches bear on cyber capabilities? 4. How can conventional protections of neutral parties, international infrastructures or global commons (e.g., sea, space) be extended to cyber? 1. How is cyber not like nuclear deterrence? (Over worked analogy with many analytical assumptions failing.) 2. How are cyber weapons like non-nuclear kinetic weapons? 3. How can biological weapons regimes inform cyber regimes? (Similarities and differences, for example in terms of proliferation, verification, usability) John C. Mallery 32 MIT CSAIL