|
|
|
Sort Order |
|
|
|
Items / Page
|
|
|
|
|
|
|
| Srl | Item |
| 1 |
ID:
122244
|
|
|
|
|
| Publication |
2013.
|
| Summary/Abstract |
When news of Stuxnet first emerged, many thought that it had caused a major setback to Iran's uranium-enrichment programme. Ivanka Barzashka argues instead that while Stuxnet may have had the potential to seriously damage Iranian centrifuges, evidence of the worm's impact is circumstantial and inconclusive. Her analysis of the related data shows that the 2009 version of Stuxnet was neither very effective nor well-timed and, in hindsight, may have been of net benefit to Tehran.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2 |
ID:
171965
|
|
|
|
|
| Summary/Abstract |
This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical, and material alliances. Secondly, a materialist-minded examination of Symantec’s Stuxnet reports will demonstrate the politically situated nature of how cybersecurity expertise emerges. The article finds that Symantec’s work was not a-political or neutrally-technical: Their experts made profoundly political choices in their analyses. By showing the processes that go into making cybersecurity, the article contributes to a widening and deepening of debates about what is at stake in cybersecurity knowledge and practices.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3 |
ID:
147380
|
|
|
|
|
| Summary/Abstract |
Many scholars suggest that the difficulty of attaining cyber deterrence is due to the intrinsic characteristics of cyberspace. While this article does not aim to entirely refute this assertion, it suggests that the failure to successfully employ cyber deterrence is not determined by the technical challenges of cyberspace, but rather that the effects of these challenges are mediated through social context(s) and norms. To present this, I elaborate on the meaning of cyber deterrence and suggest that a rethinking of this term allows us to better address the various actors involved in the practices of cyber deterrence, as well as to better describe the intersections between the cyber and kinetic means affecting these practices. Building on the concept of cyber deterrence and borrowing from the constructivist approach to International Relations, I focus on how anonymity and “violence” are affected by social constructions and norms and in turn influence the success or failure of cyber deterrence. I briefly illustrate these assertions and their importance with regard to the case of Stuxnet.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
ID:
160360
|
|
|
|
|
| Summary/Abstract |
The convergence of telecommunication and computer technologies that has evolved in the field of information and communication technologies (ICT) in the last two decades has had very important effects on new war technologies and the ongoing process of battlefield digitisation. The Stuxnet worm, uncovered in 2010 and responsible for the sabotaging of a uranium enrichment infrastructure in Iran, is a clear example of a digital weapon. The incident shows what is meant by cyber war and what the particular features of this new warfare dimension are compared to the conventional domains of land, sea, air and space, with relevance both at the operational and strategic levels. But cyberspace also extends to the semantic level, within the complimentary field of information warfare involving the content of messages flowing through the Internet for the purposes of propaganda, information, disinformation, consensus building, etc. The overall cyber warfare domain needs to be put into perspective internationally as many countries are developing strong cyber capabilities and an ‘arms race’ is already taking place, showing that these technologies can potentially be used to undermine international stability and security. What is needed is a public debate on the topic and its impact on global stability, and some kind of regulation or international agreement on this new warfare domain, including an approach involving confidence building measures (CBMs).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 5 |
ID:
111149
|
|
|
|
|
| Publication |
2012.
|
| Summary/Abstract |
For almost two decades, experts and defense establishments the world over have been predicting that cyber war is coming. But is it? This article argues in three steps that cyber war has never happened in the past, that cyber war does not take place in the present, and that it is unlikely that cyber war will occur in the future. It first outlines what would constitute cyber war: a potentially lethal, instrumental, and political act of force conducted through malicious code. The second part shows what cyber war is not, case-by-case. Not one single cyber offense on record constitutes an act of war on its own. The final part offers a more nuanced terminology to come to terms with cyber attacks. All politically motivated cyber attacks are merely sophisticated versions of three activities that are as old as warfare itself: sabotage, espionage, and subversion.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 6 |
ID:
173168
|
|
|
|
|
| Summary/Abstract |
Under what conditions are cyber-weapons effective in nuclear counter-proliferation? With continued interest in nuclear proliferation professed by Iran, North Korea, and Saudi Arabia, a discussion of the effectiveness of counter-proliferation measures remains relevant. Cyber-attacks as military option in a state-on-state conflict still requires additional corroborating evidence to make conclusions about its long-term effectiveness. This work analyses the general applicability of cyber-weapons and their usefulness in nuclear counter-proliferation. Through a comparative case study of Operation Orchard, Stuxnet, and recent “Left-of-Launch” operations against North Korea, the essay finds that cyber-operations are not particularly effective against nuclear programmes that are in the later stages of their development. They can disrupt and delay a nuclear programme temporarily, if the attack remains clandestine, but cannot halt nuclear proliferation all together. However, effectiveness increases if they are used in combination with conventional weapons. The article addresses a topic of interest to national-level decision-makers: whether cyber-operations can and should play a role in nuclear counter-proliferation.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 7 |
ID:
154923
|
|
|
|
|
| Summary/Abstract |
Hegemonic stability theory holds that a dominant power can produce international cooperation by providing public goods and resolving collective action dilemmas. Successful hegemons also resist the temptation to exploit their advantages in order to reduce other states’ fear of domination. This article asks whether or not the internet needs the United States to play a similar role. If so, Washington should pursue policies designed to strengthen internet security while eschewing espionage and cyberattacks that rely on some degree of internet insecurity. If not, it can go on the offensive without fear of undermining the system as a whole. We examine the technical and political fallout from revealed offensive cyberoperations to assess the relative fragility of the internet. Our findings suggest that it is relatively resilient.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 8 |
ID:
125328
|
|
|
|
|
| Publication |
2013.
|
| Summary/Abstract |
There have been various cases like that of alleged attacks on South Korean cyber interests (banks) by North Korea, joint targeting of the speculated Iran's nuclear programme by USA and Israel (Stuxnet), Chinese targeting of the networks of India (DRDO computers), USA (as revealed by Mediant Inc.), other European nations and businesses to serve its interests, and Russian targeting of the Estonian computer networks, among others, which indicate to the fact that various nation-states on this arena consider their interests similar to those of the real world.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 9 |
ID:
158002
|
|
|
|
|
| Summary/Abstract |
This article examines the transitory nature of cyberweapons. Shedding light on this highly understudied facet is important both for grasping how cyberspace affects international security and policymakers’ efforts to make accurate decisions regarding the deployment of cyberweapons. First, laying out the life cycle of a cyberweapon, I argue that these offensive capabilities are both different in ‘degree’ and in ‘kind’ compared with other regarding their temporary ability to cause harm or damage. Second, I develop six propositions which indicate that not only technical features, inherent to the different types of cyber capabilities – that is, the type of exploited vulnerability, access and payload – but also offender and defender characteristics explain differences in transitoriness between cyberweapons. Finally, drawing out the implications, I reveal that the transitory nature of cyberweapons benefits great powers, changes the incentive structure for offensive cyber cooperation and induces a different funding structure for (military) cyber programs compared with conventional weapon programs. I also note that the time-dependent dynamic underlying cyberweapons potentially explains the limited deployment of cyberweapons compared to espionage capabilities.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 10 |
ID:
122268
|
|
|
|
|
| Publication |
2013.
|
| Summary/Abstract |
In the wake of Stuxnet, there has been an increasing tendency on the part of politicians and analysts to see the sophistication of a cyber-attack as an indication of its perpetrator. Indeed, the more sophisticated the attack, the more sophisticated the attacker, thereby pointing to a state actor as the culprit - or so it is argued. However, Clement Guitton and Elaine Korzak note the lack of clarity and inconsistency around the term 'sophistication', contending that it is context-dependent and therefore that it cannot be used unquestioningly in identifying the perpetrator of a cyber-attack.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
ID:
121971
|
|
|
| 12 |
ID:
123391
|
|
|
|
|
| Publication |
2013.
|
| Summary/Abstract |
Stuxnet, the computer worm which disrupted Iranian nuclear enrichment in 2010, is the first instance of a computer network attack known to cause physical damage across international boundaries. Some have described Stuxnet as the harbinger of a new form of warfare that threatens even the strongest military powers. The influential but largely untested Cyber Revolution thesis holds that the internet gives militarily weaker actors asymmetric advantages, that offense is becoming easier while defense is growing harder, and that the attacker's anonymity undermines deterrence. However, the empirical facts of Stuxnet support an opposite interpretation; cyber capabilities can marginally enhance the power of stronger over weaker actors, the complexity of weaponization makes cyber offense less easy and defense more feasible than generally appreciated, and cyber options are most attractive when deterrence is intact. Stuxnet suggests that considerable social and technical uncertainties associated with cyber operations may significantly blunt their revolutionary potential.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 13 |
ID:
145672
|
|
|
|
|
| Summary/Abstract |
This article argues that some core tenets of Actor-Network Theory (ANT) can serve as heuristics for a better understanding of what the stakes of cyber-security are, how it operates, and how it fails. Despite the centrality of cyber-incidents in the cyber-security discourse, researchers have yet to understand their link to, and affects on politics. We close this gap by combining ANT insights with an empirical examination of a prominent cyber-incident (Stuxnet). We demonstrate that the disruptive practices of cyber-security caused by malicious software (malware), lie in their ability to actively perform three kinds of space (regions, networks, and fluids), each activating different types of political interventions. The article posits that the fluidity of malware challenges the consistency of networks and the sovereign boundaries set by regions, and paradoxically, leads to a forceful re-enactment of them. In this respect, the conceptualisation of fluidity as an overarching threat accounts for multiple policy responses and practices in cyber-security as well as attempts to (re-)establish territoriality and borders in the virtual realm. While this article concentrates on cyber-security, its underlying ambition is to indicate concretely how scholars can profitably engage ANT’s concepts and methodologies.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 14 |
ID:
121972
|
|
|
|
|
|
|
|