Cyber Conflict Research Articles

Defining the Rules of Engagement: Legal and Ethical Standards in Cyber Conflict

In an increasingly digitized world, cyber conflicts are emerging as a critical domain of modern warfare and international relations. This paper examines the legal and ethical standards that govern cyber conflict, aiming to define clear rules of engagement. Through a detailed analysis of current international laws, national legislation, and ethical theories relevant to cyber operations, this research identifies gaps and challenges in the existing frameworks. Case studies of notable cyber incidents illustrate the practical implications of these legal and ethical standards. The study proposes a set of refined rules of engagement designed to address these deficiencies, ensuring ma ore coherent and consistent application of legal and ethical principles in cyber conflict. The findings suggest that while international consensus and cooperation are crucial, there is also a need for dynamic and adaptable rules that can keep pace with rapid technological advancements. This paper contributes to the growing discourse on cyber conflict by providing a comprehensive understanding of the legal and ethical dimensions and offering actionable recommendations for policymakers, legal experts, and cybersecurity practitioners.

ISSUES OF DEVELOPMENT OF COOPERATION BETWEEN THE USA AND RUSSIA IN THE SPHERE OF INTERNATIONAL INFORMATION SECURITY

The article presents an analysis of cyber threats implemented against Russia and the United States, and also examines possible dangers in the field of international information security within the framework of the current global political situation. The author has explored the history of the development of approaches of the Russian Federation and the United States of America to ensuring state security in the cyber environment. An analysis of the problems of international information security is carried out using the example of bilateral relations between the United States and Russia, both in the historical context and in the current international political situation. US policy is aimed at independently identifying and holding accountable for cyberattacks the state from whose territory, in their opinion, the threat came. And due to the difficulties in detecting attackers in practice, this approach is prone to abuse. While Russia proposes to investigate each situation individually and hold the instigators and perpetrators accountable. And due to the fact that currently there is no mechanism for crisis resolution of conflict situations in the ICT environment and uniform international standards for resolving cyber conflicts, the option proposed by Russia seems to the author more promising.

The Offense-Defense Balance in Cyberspace

The study of cyber strategy and its implications for international security has become increasingly crucial, necessitating an examination of the unique challenges posed by the dynamic and stealthy nature of the cyber domain. This paper addresses whether offensive or defensive strategies prevail in cyberspace, especially in light of evolving technological landscapes and debates over cyber threats. By applying offense-defense theory from international relations, the research explores the nuanced relationship between offensive and defensive operations in cyberspace. Despite prevalent views favoring offense dominance, recent skepticism questions the severity of cyber threats and suggests a possible overemphasis on offensive operations. This paper systematically examines the core concepts, findings, and operational variables of offense-defense theory, providing clarity to the conceptual debates surrounding cyber conflict. Recognizing the unique characteristics of the cyber domain, it urges a careful consideration of biases that may distort judgments about offense dominance. The evolving nature of cyberspace and its potential for redesign introduces caution and underscores the need for a nuanced understanding of the offense-defense balance. The preliminary assessment concludes that the question of whether offense or defense "dominates" in cyberspace is overly simplistic. Given the intricate interactions of cyber capabilities, other coercive means available to states, and the dynamic evolution of cyber technology, this question can only be answered within specific contextual and chronological boundaries. Within such conditions, the state of the offense-defense balance is crucial to tactical and operational decision-making. At the strategic policymaking level, the more coherent question is how cyber technologies are shifting the balance of advantages between offense and defense in the overall military posture of states. In essence, this paper provides valuable insights into the ongoing discourse on cyber strategy, theoretical frameworks, and nuanced analyses to inform policy and strategic decision-making in the face of evolving cyber threats.

Navigating the Cyber Front: Belarus' State Control and Emerging Cyber Threats

This paper provides a comprehensive overview of the cyber landscape in Belarus, with a focus on the Belarus government's use of cyber activities from an offensive and defensive context, the emergence of opposition cyber activities, and the broader implications for cybersecurity and legal compliance. In the course of the research, researchers try to assess Belarus as a source of cyber-threats, both domestically and to neighbouring states (especially those supporting Ukraine). The first section of the paper outlines the Belarusian government's engagement in cybercrimes against its citizens, especially under President Lukashenko's regime, highlighting extensive online surveillance, repression, and the escalation of these activities following the 2020 presidential elections. In this political context, Belarus is also examined as a country initiating and/or contributing to Information Warfare activities, which are mainly directed at western countries. The second section of the paper delves into Belarus's cybersecurity legal framework, examining various national strategies and concepts, the absence of a formal cybersecurity strategy, and the focus on 'information security' as part of national security. The third section presents case studies of cyber activities in Belarus, contrasting government-backed hacking efforts with those of opposition groups like the Belarus Cyber Partisans. It explores the Partisans' attacks on state infrastructure and information leaks as a form of protest against the government, and the pro-government hackers' disinformation / information campaigns website defacements, and data breaches, particularly targeting Ukraine. This section highlights the evolving nature of cyber conflict in Belarus, where both government and opposition forces use cyber tools for political ends, reflecting broader geopolitical tensions in the region. This part of the report compares the Belarusian pro-government hacktivist and Cyber Partisans groups, their activities and manifestations within the country (inside), as well as the cyber threats they pose to foreign countries. The article attempts to answer the question of what kind of threat Belarus as a country poses in the context of cybersecurity, hybrid-cyber threats. This country is often included in Russian hybrid-cyber threats strategies, Belarus entities also work with Russian and sometimes Chinese groups in undertaking cyber activities against other countries.

Managing Professional-Ethical Negotiation for Cyber Conflict Prevention

This article aims to investigate the professional and ethical negotiation on managing cyber conflict prevention towards misuse and exploitation of massive social media adoption from the higher learners' perspective. The qualitative approach from forum discussion was made among sixty higher education learners with the selection criteria. The data gathered were analyzed using thematic basis and compared with the findings from literature analysis from relevant peer reviewed journals. All were investigated, analyzed, extracted, and proposed into the professional and ethical negotiation for cyber conflict prevention. The finding revealed the principal value of digital professional skills enhancement in online practice consisting of digital competence skills, digital practice adaptability and stability, and digital technical application skills. Moreover, the digital ethical responsibility in online practice consists of communication and information accuracy enhancement, digital manner adaptability and transparency, accountability and security. We propose a dynamic discussion that encompasses enhancing ethical commitment on information accuracy for cyber conflict management; considering ethical manner on digital manner adaptability for cyber conflict arrangement; strengthening professional skills on transparency and security information quality for cyber conflict arrangement; and empowering professional negotiation accountability for cyber conflict management.

Third-party countries in cyber conflict: Public opinion and conflict spillover in cyberspace

The transnational nature of cyberspace alters the role of third-party countries (TPCs) in international conflict. In the conventional environment, military operations are primarily confined to the boundaries of the combatants or a designated war zone. However, during cyber conflicts, operations may occur on the digital infrastructure of states not otherwise involved in the dispute. Nevertheless, within the cyber conflict literature, little is said about TPCs who, by virtue of interconnectivity, may find themselves involved in a conflict not of their own making. Consequently, we examine the political and diplomatic hazards of cyber operations involving these actors. Through survey experiments involving participants from the United Kingdom and Canada, we assess the public opinion impact of an offensive cyber operation’s revelation on a TPC population. We find that while these incidents are viewed negatively, prior authorization and the involvement of an ally reduces this tendency. Such conditions lead the public to perceive these operations as corresponding with their national interest while suppressing fears of the possible consequences following their indirect involvement.

Moscow and the World: From Soviet Active Measures to Russian Information Warfare

Russia under Vladimir Putin has expanded and moved rapidly to improve its ability to employ “disinformation,” or “information warfare,” as an effective instrument to help it to accomplish its specific foreign policy objectives. Although it has only been since direct Russian involvement in the U.S. presidential election of 2016 that this has been an issue of major public political concern in the United States, a flood of research on this topic has now begun to appear. Despite many years of preparation for cyber conflict against critical U.S. infrastructure and military forces, the U.S. government and cybersecurity industry were unprepared for Russian information operations targeting the 2016 U.S. presidential election. It is clear, however, that the Russian propaganda/disinformation activities in the U.S. are but one part of a policy targeted virtually everywhere across the entire world and that this policy builds upon the earlier propaganda and disinformation activities of Russia’s predecessor state, the USSR. In the present essay, we intend to track the reemergence and development of the information warfare and disinformation component of Russian policy under President Putin, including its largely successful attempt to reintegrate the components of the former Soviet Union and its deep roots in Soviet “active measures,” up until the invasion of Ukraine, when it expanded exponentially. We shall also track the areas of the world targeted, and the increasing breadth of its target audiences and the issues covered.

Deter, Disrupt, or Deceive: Assessing Cyber Conflict as an Intelligence Contest, Robert Chesney and Max Smeets, Eds. Georgetown University Press, 2023

Deter, Disrupt, or Deceive: Assessing Cyber Conflict as an Intelligence Contest, Robert Chesney and Max Smeets, Eds. Georgetown University Press, 2023

The Legal Status of ‘Civilian Hackers’ under International Humanitarian Law

In response to the rising trend of civilian hackers participating in cyber conflicts, the International Committee of the Red Cross has recently issued guidelines regulating their conduct. This article navigates the intricate legal landscape surrounding civilians who actively participate in cyber hostilities, exploring the concept of direct participation in hostilities (DPH) in the context of cyber warfare. Given the unique nature of cyber warfare, the article highlights the need for a nuanced and context-specific approach in determining the legal status of civilians involved in cyber hostilities. It underscores the importance of distinguishing between actions linked to an ongoing armed conflict and those that occur independently. The piece discusses the challenges in defining civilians in cyber warfare, the principles of distinction and proportionality, the criteria for qualifying a civilian as a “direct participant of hostilities” and the concept of continuous combat function (CCF), which distinguishes civilians continuously involved in cyber hostilities from those sporadically or ad hoc engaged. The article also delves into the temporal challenges in cyber operations and the “revolving door” concept, which complicates the application of DPH status in cyber warfare.

The Legal Status and Targeting of Hacker Groups in the Russia-Ukraine Cyber Conflict

Abstract The armed conflict between Russia and Ukraine has been characterized by a considerable number of cyber operations by States and non-State actors in support to either party to the conflict. One year since the Russian invasion of Ukraine, the ‘Russia-Ukraine cyber conflict’ offers valuable insights for estimating the effectiveness of International Humanitarian Law in regulating the status and the conduct of individuals engaging in cyberspace operations during wartime. By discussing the status of hackers groups and individuals who have conducted cyber operations in support of Ukraine, this Article claims that the relevance of the concept of combatancy is diminished in the cyber domain, and that the notion of direct participation in hostilities must be adapted to the specific features of cyberspace. Furthermore, the article focuses on the issues relating to the targeting of individual who directly participate in hostilities by conducting cyber operations in support of Ukraine. By doing so, the Article argues that cyber direct participants place themselves at an increased risk of being attacked, even though the Russian armed forces are limited in their targeting decisions by the principles of proportionality and precaution.

Features of the settlement of international cyber disputes through ADR in the context of the legislation of the BRICS countries

This paper examines the comparative effectiveness of various alternative dispute resolution (ADR) methods in resolving international cyber disputes. Drawing on a review of academic literature, analysis of practical case studies and statistical data, it identifies key procedural strengths and limitations of arbitration, mediation, ombudsmen, and online dispute resolution for common cyber conflict scenarios. It concludes on the optimal tailoring of different ADR techniques for cybercrime, hacking attacks, data breaches, and e-commerce disputes. The paper proposes multiple innovations to enhance cyber ADR efficacy, including hybrid models, specialized procedural standards, and enforcement mechanisms. It discusses integrating ADR into national cybersecurity strategies using the BRICS platform as an example. The research aims to inform optimization of flexible, confidential, and technically expert out-of-court approaches to manage the proliferation of cross-border cyber disputes. Key findings show mediation’s utility for cybercrime across jurisdictions but need for law enforcement coordination. International arbitration is appropriate for cyber B2B disputes while ombuds aid consumer recourse. Early neutral evaluation assists cybersecurity breach diagnosis but requires enforcement. Tailored arbitration rules, substantively flexible guidelines, and incentivizing voluntary ADR adoption are advised.

Introduction: Cyber-conflict – Moving from speculation to investigation

Investigating cyber conflict is enormously difficult. The domain is complex, quality data are sparse, international affairs are shrouded in secrecy, and despite its seeming ubiquity, cyber power has only recently entered the battlefield. In the face of these challenges, we must rise to meet the challenges of cybersecurity research by deploying creative methods that collect verifiable and probatory data, and which allow for predictive models of cyber behavior. Against this backdrop, our special issue offers a vision of cybersecurity research that embraces a culture of rigorous inquiry based on theoretically robust, and policy relevant investigation. We highlight two key features. First, research at the intersection of cybersecurity and political science must incorporate the human dimension of cyber conflict. A human security approach to cybersecurity places people as the primary objects of security and recognizes that individual-level analyses can shed light on macro-level trends. Second, cyber research must adopt rigorous, empirical methods. We embrace a broad tent of empirical data collection techniques – spanning qualitative and quantitative, experimental, and observational research. What is integral is that all scholarship abides by the highest standards of replicability and falsifiability. The articles contained in this special issue collectively form a proof of concept that expands the horizons of cybersecurity research from a substantive viewpoint (adding a human dimension to the prevalent military/strategic analyses), and from a methodological perspective (propounding the importance of empirical scrutiny). Together, these 10 pieces of scholarship collectively affirm that there is now a critical mass of substantively diverse and empirically rigorous research in the field of cybersecurity, and that we as a community are capable of making bold, theoretically grounded, and empirically tested claims that verify how cyber power is or is not altering the nature of peace, conflict and international relations.

Еволюція форм і методів ведення військових та збройних конфліктів у 20-21 століттях

The article is devoted to the study of the forms and methods of conducting military and armed conflicts during the 20th - 21st centuries. The main approaches to the study of wars and military conflicts and the role of international organizations in their settlement are analysed. New challenges in warfare are explored, including cyber-attacks, hybrid threats, and information warfare. Based on the analysis of historical events and modern trends, the prospects for the development of wars and conflicts in the future are predicted, in particular regarding the situation in Ukraine and other hot spots of the world. The article emphasizes the importance of understanding the evolution of military conflicts in order to develop effective strategies for ensuring international security and preventing future conflicts. The goal of the article is to study the forms and methods of conducting military and armed conflicts in the 20th-21st centuries. The methodology of the study is based on the principles of scientificity, systematicity and objectivity with the use of general scientific methods: analysis and synthesis, systematic analysis and generalization, comparison. The scientific novelty of the article lies in the fact that on the basis of state reports, materials of international mass media and resolutions of world organizations, monographs and scientific articles, the authors analysed the forms and methods of conducting military and armed conflicts in the 20th - 21st centuries and identified a number of key trends and characteristics that have important for understanding the current geopolitical situation and predicting future challenges in the field of international security. Conclusions. The study revealed key trends in the evolution of military conflicts: increasing complexity and multidimensionality, impact of technological progress, emergence of new forms of confrontation (hybrid wars, cyber conflicts). Further hybridization of conflicts, growing role of technologies and information warfare are predicted. An integrated approach considering military, technological, social and economic factors is necessary for effective prevention and resolution of future conflicts.

If it bleeps it leads? Media coverage on cyber conflict and misperception

What determines media coverage on cyber conflict (CC)? Media bias fostering misperception is a well-established problem in conflict reporting. Because of the secrecy and complexity surrounding cyber operations (COs), where most data moreover come from marketing publications by private sector firms, this problem is likely to be especially pronounced in reporting on cyber threats. Because media reporting shapes public perception, such bias can shape conflict dynamics and outcomes with potentially destabilizing consequences. Yet little research has examined media bias systematically. This study connects existing literature on media reporting bias with the CC literature to formulate four theoretical explanations for variation in reporting on COs based on four corresponding characteristics of a CO. We introduce a new dataset of COs reporting by the private sector, which we call the Cyber Conflict Media Coverage Dataset, and media reporting on each of these operations. Consequently, we conduct a statistical analysis to identify which of these characteristics correlate with reporting quantity. This analysis shows that the use of novel techniques, specifically zero-day exploits, is a highly significant predictor of coverage quantity. Operations targeting the military or financial sector generate less coverage. We also find that cyber effect operations tend to receive more coverage compared to espionage, but this result is not statistically significant. Nonetheless, the predictive models explain limited variation in news coverage. These findings indicate that COs are treated differently in the media than other forms of conflict, and help explain persistent threat perception among the public despite the absence of catastrophic cyberattacks.

Cyber-enabled influence operations as a ‘center of gravity’ in cyberconflict: The example of Russian foreign interference in the 2016 US federal election

Russia’s cyber-enabled influence operations (CEIO) have garnered significant public, academic and policy interest. 126 million Americans were reportedly exposed to Russia’s efforts to influence the 2016 US election on Facebook. Indeed, to the extent that such efforts shape political outcomes, they may prove far more consequential than other, more flamboyant forms of cyber conflict. Importantly, CEIOs highlight the human dimension of cyber conflict. Focused on ‘hacking human minds’ and affecting individuals behind keyboards, as opposed to hacking networked systems, CEIOs represent an emergent form of state cyber activity. Importantly, data for studying CEIOs are often publicly available. We employ semantic network analysis (SNA) to assess data seldom analyzed in cybersecurity research – the text of actual advertisements from a prominent CEIO. We examine the content, as well as the scope and scale of the Russian-orchestrated social media campaign. While often described as ‘disinformation,’ our analysis shows that the information utilized in the Russian CEIO was generally factually correct. Further, it appears that African Americans, not white conservatives, were the target demographic that Russia sought to influence. We conclude with speculation, based on our findings, about the likely motives for the CEIO.

Until consensus: Introducing the International Cyber Expression dataset

Extant scholarship has until now relied on informal-theoretic, case study, and interpretative methods to assess patterns of norm development in cyberspace. Ideally, these accounts would be complemented with more systematic cross-national and longitudinal empirical evidence. To address this gap, this article introduces the International Cyber Expression Dataset. The dataset includes a corpus of more than 34,000 official expressions of view by states and their authorized representatives regarding the international politics of cyberspace. The article describes the sources of these data and demonstrates the dataset’s usefulness, with an Online appendix containing an exploratory analysis of norm convergence. Future research can leverage the dataset to empirically test questions of theory and policy. For example, the dataset can be used to study how foundational theories of norm diffusion apply to cyberspace. It can also be paired with existing cyber conflict datasets to study the conditions under which state practice influences cyber discourse, and vice versa.

Cyber and contentious politics: Evidence from the US radical environmental movement

Much of the focus of cyber conflict has been on interstate conflict. This article focuses on two interrelated questions in the important but neglected area of cyber contentious politics. First, how does the public feel about the use of different eco tactics including cyber-based tactics carried out by activists involved in the radical environmental movement, a movement that uses protest and sabotage in service of environmental causes? Second, how do anti-technology sentiment and concerns about climate change influence support for different eco tactics? To answer these questions, we conduct a survey and survey experiment on a nationally diverse sample of Americans. We find that Americans are less supportive of certain eco tactics, particularly those that involve property destruction or physical sabotage compared to cyber-based tactics. We further show that anti-technology sentiment and perceived threat from climate change are correlated with increased support for eco direct actions. Using a survey experiment we show that cyber direct actions that result in sabotage are viewed as more acceptable than kinetic actions even though they both result in the same level of destruction. Finally, we include qualitative data from interviews with activists to better understand the strategy and role that new technology and tactics play in the broader radical environmental movement.

Combating International Cyber Conflict: A Healthy Just War and International Law Analysis of NATO and Indonesian Policies

This study explores the policies of the North Atlantic Treaty Organization (NATO) and Indonesia in the context of international cyber conflict, analyzing their alignment with just war theory principles and international legal norms. By applying just war theory principles and international law, this study aims to analyze the responsible conduct of states in the realm of cyber warfare, fostering a more secure and stable international environment. This study employs a qualitative analytical method, examining the policies of NATO and Indonesia through the ethical lens of just war theory and the legal perspective of international law. The principles of jus ad bellum (righteous reasons for conflict), jus in bello (ethical conduct during conflict), and international cooperation guide the analysis, providing a comprehensive framework for evaluating the policies of these entities. Adherence to righteous reasons for cyber response, ethical conduct during cyber conflict, and international legal norms are paramount in resolving conflicts arising from cyber threats. By incorporating just war theory principles into their policies, entities can demonstrate ethical responsibility, minimize unnecessary harm, and foster an environment conducive to conflict resolution. Through this approach, NATO and Indonesia, alongside the global community, can contribute to the development of a secure and stable digital landscape. This paper's novelty lies in its integrated analysis of NATO and Indonesia's policies, considering both ethical and legal dimensions through the lens of just war theory and international law.

CYBER CONFLICTS AND NEW PATTERNS OF POLITICAL PROPAGANDA ON THE EXAMPLE OF THE CONFLICT IN UKRAINE

The traditional concept of state sovereignty is shifting towards virtual reality as a result of the development of digitalization and the expansion of cyber warfare techniques and skills, particularly towards the contents of the so-called soft power that are used to attract public support. The case study of the conflict between Ukraine and Russia confirmed to us that, in the current geopolitical landscape, cyberattacks are used as a legal, low-cost strategy to debilitate the opposing side’s material and spiritual well-being. Also, this is how a new form of an asymmetric conflict emerges, which enables actors to inflict significant damage on political opponents and technologically and militarily superior enemies, with the potential for widespread impacts on the members of civil society. Fake news, misinformation, rumors, spins and various forms of unverified content are prevalent in the propaganda war between Ukraine and Russia. This paper also demonstrates how the digital revolution, with its sophisticated seduction techniques, is drawing us further into the world of algorithms, encrypted messages and social media with personalized accesses, along with the trends highlighting the growing power of smart filters controlled by artificial intelligence which determine the accuracy of information even before it is visible. Key words: national sovereignty, cyber conflict, political propaganda, Russia-Ukraine war, algorithms, artificial intelligence, new reality.

Responding To Cyber Risk With Restorative Practices: Perceptions And Experiences Of Canadian Educators

ABSTRACT Restorative practices are gaining traction as alternative approaches to student conflict and harm in schools, potentially surpassing disciplinary methods in effectiveness. In the current article, we contribute to the evolving understanding of restorative practices in schools by examining qualitative responses from educators regarding restorative interventions for online-mediated conflict and harm, including cyberbullying and sexting. Participants include pre-service educators, as well as junior and senior teachers with varying levels of familiarity with restorative practices. Our findings highlight how educators who have implemented these practices largely hold positive perspectives of their effectiveness for resolving cyber conflicts and restoring a positive classroom environment. Educators emphasize the value of meaningful changes in student behaviour and acknowledge the potential of face-to-face mediation in mitigating online harm and promoting digital citizenship, though some educators raise questions about the appropriateness of restorative responses to serious incidents of online-mediated harm. This research offers fresh insights into the challenges and potential of restorative practices in schools, particularly in addressing cyber-based conflicts. We emphasize implementation challenges related to the distinct contexts in which schools operate and the influence of broader societal and systemic factors on the success of restorative practice initiatives.