The 9th International Conference on Cyber Conflict (CyCon 2017), organised by the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE), once again brought together professionals from governments, the military, academia and the private sector with the aim of discussing and proposing solutions for issues related to cyber security and defence. CyCon serves the cyber security community’s technical experts, strategic thinkers, policymakers and lawyers as an interdisciplinary platform for networking and sharing knowledge.
The call for papers for CyCon 2017 invited submissions on the topic ‘Defending the Core’. Digitalisation has transformed, often disrupted, our way of life, bringing innumerable social and economic benefits, while at the same time technological dependencies have altered security mrisks. No future conflict is likely to be fought without a cyber element. However, establishing effective defensive measures is difficult. The cross-border and ever-expanding nature of digital technologies complicates our understanding of critical cyber dependencies, threats and vulnerabilities. The call for papers was thus looking to address questions such as: What are the ‘core’ elements of cyber security? How do they relate to essential assets and principles in the technical, legal and political spheres? How can critical (information) infrastructure be protected? How can critical vulnerabilities be mitigated and the most detrimental threats countered? How can legal frameworks be established and applied in the cyber security realm? What technologies can help nations to counter emerging cyber threats? How can effective cyber security strategies be developed and implemented? What should be the role of the armed forces? How can cyber operations against core (national) assets be deterred?
These questions provided inspiration for nearly 200 abstract proposals submitted in October 2016. After many rounds of peer review, 14 articles were accepted for this proceedings book, which formed the ‘backbone’ of the conference’s sessions and workshops. CyCon’s interdisciplinary nature is reflected in this collection of articles, which can be broadly categorised into three sections: strategy, law and technology.
The publication starts with a focus on strategic cyber security issues, as Martin Libicki provides his perspective on how states can establish effective international norms to limit cyber espionage. This is followed by Max Smeets, who analyses the possible benefits and risks of organisational integration of national offensive cyber capabilities. When discussing the challenges stemming from NATO’s decision to recognise cyberspace as an operational domain, Brad Bigelow highlights the importance of mission assurance and advocates for a clear role for the NATO Command Structure. The strategy section ends with Kenneth Geers, who emphasises the importance and often underestimated value of traffic analysis in cyberspace.
Articles devoted to legal issues start with Ido Sivan-Sevilla’s study of the dynamics of United States federal law with regard to the privacy and security debate. Privacy is also addressed by Eliza Watt, who writes about the role of international human rights law in the protection of online privacy, focusing on the extraterritorial application of human rights treaties. Jeffrey Biller’s contribution then looks at a topical issue in international humanitarian law: the misuse of protected indicators in cyberspace. International humanitarian law is also represented by the following article by Tassilo V. P. Singer, who examines the possible extension of the period of direct participation in hostilities due to autonomous cyber weapons. Emerging international law is discussed in the last two legal articles. Kubo Mačák provides his view of how general international law is influenced by the development of the cyber law of war; and finally, Peter Z. Stockburger observes that there may be arising a new lex specialis governing state responsibility for third party cyber incidents: a ‘control and capabilities’ test.
The third section of the book covers technical cyber security matters. Focussing on the defence of core infrastructure, Robert Koch and Teo Kühn begin by introducing their concept of building an effective intrusion detection system, based on voltage levels and current drain, to protect unsecure industrial control systems. Continuing with the subject of defending cyber-physical systems, Martin Strohmeier et al. propose the establishment of a separate verification layer for sensitive wireless data, powered by crowdsourced sensors connected to the Internet. Fabio Pierazzi et al. then tackle the detection of advanced cyber attacks as they introduce a novel online approach for identifying intrusions, providing an alternative to existing frameworks. Last but not least, Riccardo Longo et al. look at the resilience of certification authorities in a scenario of a large-scale cyber attack and propose a solution by analysing the security of a blockchain-based Public Key Infrastructure protocol.
All the articles in this book have been through a double-blind peer review by, at minimum, two members of CyCon’s Academic Review Committee.