Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
DOI: 10.4018/IJCWT.2019010102
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
Copyright©2019,IGIGlobal.CopyingordistributinginprintorelectronicformswithoutwrittenpermissionofIGIGlobalisprohibited.
19
Cyberpeacekeeping:New Ways to Prevent and Manage CyberattacksA. Walter Dorn, Canadian Forces College, Toronto, Canada
Stewart Webb, DefenceReport, Salt Spring Island, Canada
ABSTRACT
Cybersecurityiscomingtotheforefrontoftheconcernsofnations,organizationsandindividuals.Governmentagencies,bankingsystemsandbusinesseshavebeencrippledbycriminalandmaliciouscyberattacks.Therearemanyexamplesofcyberattacksinregionsoftensionsandarmedconflict.Therearenoimpartialinternationalmeanstoinvestigatetheclaimsandcounter-claimsaboutcyberattacks.Theinternationalcommunitymorebroadlylacksawaytodealwithcyberattacksinaconcertedmanner.Anewapproachandcapabilityshouldbeconsideredforcertaincircumstances:cyberpeacekeeping.Peacekeepinghasproveneffectiveinphysicalspace,andmanyofthesameprinciplesandmethodscouldalsobeappliedincyberspace,withsomeadjustments.Itcouldhelppreventglobalattacks,andifanattackweretobesuccessful,itcouldassistwithrecoveryandconductimpartialinvestigationstouncovertheperpetrators.ThepossibilitiesofacyberpeacekeepingteamattheUnitedNationstomakecyberspacemoresecurearewellworthexploring.
KeyWoRdSCyber Operations, Cyberpeacekeeping, Cyberterrorism, Peacekeeping, Tallinn Manual
1. INTRodUCTIoN
1.1. The ChallengeTheworldiseverincreasinglyreliantoninternet-connectivetechnology.Computerspermeatealmosteveryfacetofhumanlifeinmostpartsoftheworld,connectingpeopleinwaysthatcouldnothavebeenimagined,withthedevelopingworldbecomingconnectedatthefastestrate.Theleveloftechnologyandglobalintegrationisstaggeringevencomparedtojust20yearsago.Thisinterconnectivityisacausenotonlyofcelebrationbutalsoofdeepconcernforsecurity,aswhatmakeshumanlifeeasierandmoreefficientalsogivesrisetosignificantvulnerabilitiesandthreats,eventhepotentialforamassivedownfall.
Attacksonglobalinterconnectivityhavebecomeareality.Deliberateattacksareconductedbystatesorstate-sponsoredentitiesorgroupsornon-stateandcriminalactorswhoseektoinfiltrateandbringdownsitesandaltertheinstructionsthatcomputersgivetoindustrialmachinery,suchascentrifuges,damsandevenelectricpowergrids(UnitedStatesComputerEmergencyReadinessTeam,
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
20
2018;IndustrialControlSystemsCyberEmergencyResponseTeam,2016).Alreadywehaveseentheinternet,includingthepartsofthedeep/darkweb,usedtoinciteriotsandeventoinfluencethecourseofnationalelections.Forinstance,newevidenceiscontinuallyemergingofRussianattemptsto interfere in numerous elections, including thoseof theUnitedStates andFrance (Greenburg,2017;Pope,2018).ShortlybeforeRussiainvadedGeorgiainAugust2008,itlaunchedabarrageofDistributedDenialofService(DDOS)attack,makingGeorgianmilitarymovementsandoperationssomuchmoredifficultanddangerous(Markoff,2008).TheUnitedStatesandIsraellikelyintroducedmalwaretocausebreakdowninIraniancentrifugesatNatanz.Theseexamplesshowhowcyberattackshavetranslatedintokineticdamage.Oneproblemisthat,despitetheeffects,attributionisdifficultandinternationalmeansforimpartialinvestigationarelacking.Examplesofattacksareplenty,buteffectiveresponsesarefewandmodest.
Atpresent,theworldreliesonnationalsecurityservicesandcommercialcompaniestohandlenational cybersecurity, and there is no internationalbody toprovide some formof internationalcybersecurity.While a fewcountries aredevelopingadvancedcybersecuritymeasures, they stillremainvulnerableandmostcountriesoftheworldhavelimitedcapacitytorespondtocyberthreats.Moreover,therehasnotbeenacoordinatedinternationalefforttoaddresscybersecurityorcreatemeasuresofcommonorcollectivesecurityinglobalcyberspace.Withmanycasesofinternationalandintranationalconflict,cyberattackshavethepotentialofunsettlinganalreadyfragilepeace.Thispaperseekstoexplorenewmeansofaddressingcybersecurity,buildingonthecharacteristicsandsuccessesofpeacekeepinginphysicalspace.ThepaperproposesthattheestablishmentandactivitiesofaUNcyberpeacekeepingunitcouldlessenthethreatofconflicts,helprecovery,maintainbalanceandimprovecyberrelationsinawiderangeofscenarios.Examplesfromthepastthreatscanhelpillustratethethreatsandthetypesofcaseswherecyberpeacekeepingcouldhelp.
2. eXAMPLeS ANd MULTILATeRAL ReSPoNSeS
In2007,theEstoniacasedemonstratedhowextensivelycyberattackscouldaffectanentirecountry.TheattackwaslikelyinresponsetotheremovalofaSoviet-ErastatueoftheBronzeSoldierofTallinn.Thisshowedhowactionsinphysicalspacecanhaveramificationsincyberspace.TheremovalofthestatuerepresentedtheshiftawayfromEstonia’srecentRussianhistoryanddomination.Russianotonlyprotestedbut,inalllikelihood,supportedamassivecyberattack.Animpartialdeterminationofresponsibilitywaslacking,andRussiacouldeasilydismissandignoretheallegations.ButitcouldincreaseitsthreateningpowerfromthesuspicionswhilealsopunishingEstoniaseverely.
Thewidespreadandlarge-scaleDDOSattackcampaignwasunleashed.Bankswereshutdown,governmentemployeeswereunabletosendemailstooneanotherandthemediafounditdifficulttopublishstories.RegularlifeinEstoniaturnedtoconfusion,probablywithafewfinalstrokesofakeyboardfaraway.Onlyaftermucheffortwerecomputerservicesrestored.
InconsequenceEstonia,whichhadjoinedtheNorthAtlanticTreatyOrganization(NATO)in2004,offeredtohostanewNATOcyberdefencecentre.TheNATOCooperativeCyberDefenceCentreofExcellence(NATOCCDCOE)wasestablishedin2008asamultinationalandinterdisciplinaryhubofcyberdefenceexpertisebasedinEstonia’scapital,Tallinn.1AlthoughthecentrewascreatedtohelpmeetthecollectivedefenceneedsforitsNATOmembers,theNATOCCDCOEdevelopedtheworld’sfirst,andmostin-depth,analysisontheinternationallawapplicabletocyberattacksinanarmedconflictsituation.2DespitetheimportantcommentaryintheTallinn Manual on International Law Applicable to Cyberwarfare(henceforthTallinnManual,currentlyinversion2.0),thelegalitiesofwhatconstitutesacyberattackandappropriateresponseshavenotbeenfullyflushedoutyet.AndtheNATOCOEcannotbeconsideredanimpartialinvestigatororupholderofanyinternationalcyberlaw,especiallysinceitisbiasedinfavourofNATOandWesterncountries.
A small but more important legal step had been made earlier in Europe. The Council ofEurope drew up in 2001 the Budapest Convention on Cybercrime, the first international treaty
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
21
regardingcybercrime.TheBudapestConventionwasthefirstinternationalattemptofoutliningthelegaldefinitionsconcerningcybercrimes,whichincludedillegalaccess,interceptionofdata,datainterference,computer-relatedfraudandforgeryandotheroffences.AnAdditionalProtocoltotheConventionenteredintoforcein2003,addingthedisseminationofracistandxenophobicmaterialtothelistofcybercrimes(CouncilofEurope,2003).TheglaringcriticismwiththeBudapestConventionisthatithasnotbeencontinuallyupdatedtokeepupwithevolvingthreatsandtechnology(Celik,2017,p.106).InorderfortheConventiontobeeffective,thereneedstobeanevaluationschedulesonewthreatsandtechnologycanbeadded.
TheTallinn ManualdoesnothavethelegalstatureoftheBudapestConventionbutitdoesdealwithawiderrangeofcyberattacksandcyberwarfareissues.Itisanauthoritativebutnotaunanimouslegalinterpretationwhenitcomestothedefinitionsandlimitationsoncyberwarfare.WithinfiveyearsoftheTallinnManual1.0,asecondversionwaspublishedandaddressedsomeconcernsraisedafterthepublicationofthefirstManual(Jensen,2017,p.738).Eventuallymanyoftherulesexploredinthemanualwillneedtobetranslatedintopreciselegalinstruments.
Theconsequencesofcyberattackscanbedire,evencripplingforanattackedstate.Andtheyare happening against NATO member states. But because of the lack of an immediate physicalthreat,NATOiswaryoftriggeringtheorganization’sArticle5,whichcallsforNATOmemberstocometothecollectivedefenceofoneormorememberswhenareunderattack.So,cyberattacksonNATOcountriesandmoregenerallyhavebecomeamoresubtlewayofcausinghavocwithoutmuchchanceofretaliation(Mustonen,2015).This,ofcourse,isthechallengeofmaintaining,orbuilding,peaceandlawenforcementbetweentostates.Impartialinvestigationandprosecutionfollowedbyenforcementislacking.
Otherregionalorganizationsarewrestlingwithmeanstosecurethecyberdomain,andsmallstepshavebeentaken.In2004,theOrganizationofAmericanStates(OAS)adoptedaresolutiontitled“TheInter-AmericanIntegralStrategytoCombatThreatstoCyberSecurity,”whichplacedcybersecurityundertherealmoftheOAS’Inter-AmericanCommitteeagainstTerrorismandcalledforgreaterregionalcooperation(OrganizationofAmericanStates,2004).TheOAScreatedComputerSecurityIncidentResponseTeams(CSIRTs)thathandle“alert,watch,andwarning”responsibilitiesineachmemberstate(OAS,2018).Similarly,fortheShanghaiCooperationOrganization,whichiscomprisedofChina,Kazakhstan,Kyrgyzstan,Russia,Tajikistan,Uzbekistan,IndiaandPakistan,aimstoimprovethepolitical,economicandsecurityrelations,includingcybersecurity,amongstitsmembers.In2009,theSCOcametoan“AgreementonCooperationintheFieldofInternationalInformation Security” (Shanghai Cooperation Organization, 2008). This Agreement lays thefoundationsfortheSCOtocounterdestructivecyberattacksononeofitsmemberstates.Onceagain,itisnotanimpartialinternationalbodybutagroupingofstates,heavilyinfluencedbyregionalpoliticalagendasandseekingsomemeasuresforcyberdefence.
Thoughnotapproachingtheproblemgloballyorimpartially,theincorporationofcyberdefenceinsuchmultilateralallianceshighlightstheseriousnessofcyberthreats.Infact,smallcyberattacksmightevencausewidercyberwars,iftheattacksescalatetoalliance-levelresponses.Thereisalsothe realpossibility that amajor cyberattackcould incite a conventionalmilitary response in thephysicalworld,particularlyincaseswherecyber-kineticweaponslikeStuxnet(W32.Stuxnet,2017)aredeployed.Meansandmodelsforcyber-de-escalationneedtobeconsidered.Undoubtedly,someofthelessonsandpracticesfromconflictmanagementbetweennationsandbetweenarmedpartiescanapplyincyberspace.Oneproposaltoexploreispeaceoperationsincyberspaceorcyberpeacekeeping.
3. KeePING THe PeACe IN CyBeRSPACe
Cyberpeackeepers,possiblyworkingfortheUnitedNationsormandatedbyit,couldpatrolandactincyberspaceinasimilarfashionascurrentUNpeacekeeperspatrolandactinselectedconflictzonesoftheworld.Cyberpeacekeeperscouldinvestigatemajorattacksandhackingeventsinaccordancewith
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
22
theirspecificmandates––narroworbroad.Liketheircurrentphysicalcounterparts,theycouldbetaskedtoreducetensionsbetweenspecificnationsorotherconflictingparties,preventescalationofcyberwars,andhelpcatchglobalcybercriminals.Theycouldevenassistwithrebuildinggovernmentalcomputersystemsorcriticalinfrastructure,suchasfinancialandmediaservices,afteradamagingattack.Eventually,internationalactioncouldbetakentohelpenforcenewcyberrulesafterimpartialdeterminationsofthesourcesormodesofanattackaremade.Allthesemeansarecurrentlylackingintheweaklyprotectedcyberspace.
Theproposal is relativelynew (Dorn, 2017)3 but therewas already somemovement in thisdirectionatUNheadquarters.In2013,theUNGeneralAssemblyexaminedtheincreasingsecurityriskofinformationandcommunicationtechnologies(ICT)affectingthesecurityenvironment(UnitedNationsGeneralAssembly,2013).Alsoin2013,theChiefExecutivesBoardforCoordinationadoptedsevenprinciplestohelpmemberstates“respondtocybercrimeandcybersecurityneedsintheMemberStates”and“focusonassistingtheMemberStatestotakeevidence-basedaction”(ChiefExecutivesBoardforCoordination,2014).4
TheUN’sOfficeofInformationandCommunicationsTechnology(OICT)createdin2016a“DigitalBlueHelmets”(DBH)unitto“enhancecybersecuritypreparedness,resilienceandresponse,”mostlyforprotectionof theUnitedNationsanditsagencies(UnitedNations,2017a).TheOICTconductedresearchintopossiblecyberthreatstotheUN’sSustainableDevelopmentGoals.Ithasenvisioned DBH centres to provide the necessary “interdisciplinary cyber-security support andteachingcentres[to]bringtogetherspecialistsfromaroundtheglobetoaddressavarietyofIT-relatedissues”(UnitedNations,2017b).WiththeDBHnameincorporatingtheterm“BlueHelmets”(i.e.,aninformalnameforpeacekeepers),itforetellsofpossibilitythattheunitcouldpossiblyprevent,mitigateanddealwithglobalcyberattacksinthefuture.
TheDBHhasnotyetassistedgovernmentstoinvestigatecyberattacksorhelppreventattacksbutithashelpedmakeUNpeacekeepingoperationsmoresecureandhelpedcertainUNagencies,suchasUNOfficeonDrugsandCrime.
Establishinganinternationalcyberforensicsteamisnecessaryforthecyberpeacekeepingconcept.ItcouldbebasedontheDBHteamthatisnowgraduallydevelopingmoreexpertise.ManyattacksaredonethroughhackerswhomayormaynothaveformalaffiliationswithgovernmentsandthosehackersoftenmaskorchangetheirIPaddress,whichmakesithardertoidentifythem.AsBrenner(2007,p.420)asserts,determiningwherecyberattacksoriginate“cantakemonthsorevenyearswhendigitalevidenceisfragileandcandisappearbythetimetheinvestigatorsobtaintheassistancetheyneed.”TheDBHteamcouldundertakearolethatwouldhelpwiththeinvestigationofacyberattackwhen requested.Thiscould follow theexampleofothergovernmentalorganizationssuchas theNationalCyberSecurityCentre(NCSG)intheUK,orEuropol’sEC3.ThenewlyformedCanadianCentreforCyberSecurity(CCCS)mayalsobeapotentialmodelwheretheCCCScollaboratesnotonlywiththeprivatesector,butalsothoseinacademia(CommunicationsSecurityEstablishment,2018).Thesegovernmentalorganizationsprovidesupportforcybercrimeinvestigations.
AsoutlinedbyRobinson,etal(2018,p.3),afutureDBHteamcouldbecomprisedofpersonnelassigned by Cyber-Contributing Countries (CCCs), Cyber-Contributing Organizations (CCOs),volunteerexpertsandUNcyberstaff.Thismixofcyberstaffloanedandvettedfromvariouscountries,internationalorganizations,theprivatesector,non-governmentalorganizationsandacademiacouldengage in selected projects according to their expertise and impartiality. Although the pool ofpotentialpersonnelmayappearlarge,findingwelltrained,andspecialisedstafffromcountriesandorganizationsmaybeachallenge.However,theUnitedNationshasovercomesuchproblemsinthepastwhenassemblingpeacekeepingoperations,fact-findingmissionsandinspectionbodies.
In the future, as cyberpeacekeepers gain experience and help from advanced cyber nations(includingexpertsonloan,asisdoneinphysicalpeacekeeping),theycouldhelpinreal-timetostopcyberattacks,mitigatetheimpactofsuchattacksandassistinre-establishingnormalcybyreversingtheeffectsoftheattacks.Cyberpeacekeeperscouldalsomonitortheircyberareaofresponsibilityto
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
23
theextentpossibletopromotealastingcyberpeacebetweentwocountries(Robinson,etal.,2018,p.6).TheUNcyberrescuecrewcouldhelpmembersoftheinternationalcommunityintimesofurgentneed.
TheUNwouldhave todefine theparameters of the cyberpeacekeeping force and its cyberareas of responsibility, which could change with demand. It would have to define the how thecyberpeacekeepingunit“couldoperateinconflictandnon-conflictareasincyberspace”(Akatyev&James,2017,p.33).TheUNcyberpeacekeepingforcecouldbeexpandedtoinvestigatemassbot-generatedpropaganda.Inanycase,theforcewouldneedthecooperationofkeyUNmemberstatesandnationalorganizations.
Therecouldalsobearesearchanddevelopmentdimension.Exploitsandmalwareseekweaknesseswithincodeandevenwithhumannature—forinstance,simplecasesofnotupdatingsoftwareandwebsiteplugins,orevenclickingonanattachmentinane-mailwithoutthinkingoftherisks.Onepossibilitywouldbetoassistinthedevelopmentofcyberprotocolsforgovernment,andothersectors.Thiscouldstartsimplywithseminarsonstraightforwardmeasuresinensuringthatapotentialoutbreakcanbecontained.ItwilltaketimefortheUNandtheinternationalcommunitytocreatebindingglobalstandardsandrules,startingthoughdeclarationsandresolutionsandmovingontotreaties,tomakecertaincyberattacksillegalglobally.5Inaddition,cybersecuritymeasurescouldbetakenbetweenstatesbilaterallyorinsmallgroups,withcyberpeacekeepersplayingaroleintheimplementation.
Of course, oneof the limitationsof the international order, and an avenue that needs tobedevelopedfurther,isenforcement.Adefensivecyberforcewouldrequirerulesofengagementthatmayormaynotbelimitedtothedigitalrealm.AdefensiveactioncouldbetosimplyblockattackscomingfromacertainIPaddressorgroupsofIPaddresses,butitcouldalsomeandealingwiththeattackersincyberspaceoreventhephysicalseizureoftheircomputerequipmentthroughnationallawenforcementagenciesafterdeterminingtheattack’spointoforigin.AnoverviewofthepotentialrangeofcyberpeacekeepingtasksisgiveninFigure1.
AcyberpeacekeepingoperationcouldbeapprovedbytheSecurityCouncil,justastheCouncilapprovesapeacekeepingoperationinthephysicaldomain.Inaddition,acyberoperationcanbeapprovedalongsideaphysicaloperationorbeapartofit,particularlyifthephysicalconflictincludescyberattacks.Iftheconflictisentirelyinthecyberrealm,apurelycybermissioncouldbeinstituted.WhileUNactionagainstmajorpowersisunlikely,duetotheirveto,therehavebeenimportantcaseswheretheyhavecalledforUNassistancetoresolvedisputesbetweenthem,e.g.,theCubanMissileCrisisof1962(DornandPauk,2009).Moreover,therearecasesinconflictregionsandevencurrentpeacekeepingoperationswhereacyberpeacekeepinginitiativeisneeded.Theprevalenceofthese
Figure 1. Possible UN cyberpeacekeeping activities
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
24
cyberattacksinthepresent-dayworldalsoprovidesincentivefortheaffectedcountriestoseekoutassistancefromacyberpeacekeepingthirdparty.
4. CyBeRATTACKS IN CoNFLICT ReGIoNS
Ifwelookattheattacksofthepast,wecanseecaseswhereacyberpeacekeepingcapabilitywouldhavebeenuseful.Forinstance,NorthKoreaisbelievedtobebehindcyberattacksdirectedatbanksinatleast18countries,accordingtotheRussianfirmKaspersky(Pagliery,2017),whichitselfissuspectedofbeingundertheinfluence,ifnotcontrol,ofanauthoritarianstate(Robertson&Riley,2017).So,onceagain,animpartialmeansofinvestigationwouldbehelpfultoexaminethepreliminarydataandinvestigatefurther.Justasphysicalpeacekeepingusessoldiersborrowedfromnations,thecyberpeacekeeperteamscouldconsistofcyber-warriorsandexpertsdrawtogetherfromnationstatesforaparticularmissionortimeperiod.
AUNcyberpeacekeepingforcecanassistintrackingdownthevectorsofattackandevenpointoforiginandcreatetheframeworkforlegalordiplomaticaction.Thethreat,andrealityof,cyberattacksare a global threat and reality. States should bear a degree of responsibility if an internationalcyberattack, like any attack, originates from their state (Couzigou, 2018).But great expertise isneededtopinpointthecourseofattacks.
Israelwastargetedinacyberattackin2009duringitsoffensiveintheGazaStrip.Itisbelievedthatitwascarriedout“byacriminalorganizationfromtheformerSovietUnion,andpaidforbyHamasorHezbollah”(Pfeffer,2009).Butthesearesimplyallegations,onesthatneedtobeinvestigatedandverified.Particularly,iftheallegationsareusedtolaunchmilitaryattacks,itisimportanttohavesomeinternationalverificationprocess.Suchaverificationprocessneedstobeindependentlyrunbyanimpartialbody,suchastheUnitedNations,evenifitreliesofinputsfrommembernations.
Cyber incidentscanalsoaffectcountries thathostUNpeacekeepingmissions.For instance,cyberattacks started in the late1990sbetween IndiaandPakistan,whichhost inKashmiraUNobservermission(Vatis,2001),whichitselfmustbeprotected.Theattacksbetweenthenationsinthe1990smaybesimpleandcrudecomparedtowhatishappeningnowglobally,butIndianandPakistanihackershavecontinuedtohonetheirskills.InJanuary2017,IndianhackersarebelievedtohaveattackedMultanInternationalandKarachiairportwebsitesandeveninstalledransomware,amalwarethatencryptsacomputer’sharddriveuntilaransomispaid,usuallyinbitcoinsorotherdigital currency (Shekhar, 2017).This should cause concern, because if an international airportweretobelockedoutoftheircomputerserversitwouldcausehavocandincreasesignificantlythechanceofcasualties.Thenboththephysicalandthecyberpeacekeepingforcewouldneedtoactinaconcertedfashion.Inaddition,apeacekeepingmissioncouldalsofinditselfsubjecttoattack,soastaunchcyberdefencewillbeneeded.
Oneofthemainconcernsofpoliticiansandsecurityofficialsisamajorcyberattackthatcripplesthe country’s power grid, causing many additional catastrophes. A glimpse of this was seen inDecember2015,whenacyberattackonUkrainianutilitiesresultedinapoweroutagethataffectedmorethan225,000customers.TheUSgovernmentlaterconcludedthatthepowergridshutdownwasacyberattack.iSightpartners,nowFireEye,concludedthatitwascarriedoutbyaRussiangroup,AdvancedPersistentThreat,referredtobythecybersecuritycommunityas“Sandworm”(Volz,2016).AstudydonebytheElectricityInformationSharingandAnalysisCenter(2016,p.5)concludedthattheperpetrators“perform[ed]long-termreconnaissanceoperationsrequiredtolearntheenvironmentandexecuteahighlysynchronized,multistage,multisiteattack.”Thisattackwasplannedforsometimebeforeitwasexecuted.Regardless,theverificationprocessofwhichactorcarriesoutthese,orfuture,cyberattacksisessential.
Asmentioned,theverificationoftheattack’spointoforigincanbeastartingpointforthelocalandinternationalauthoritiestoactagainstsuchperpetrators—provideditwasnotsanctionedbyaveto-wieldingmemberoftheUNSecurityCouncil.Buteventhatstate’svetoofacyberinvestigation
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
25
couldpointtoitsinvolvementorpatronage.Andifthecyberattackwassanctionedbyanotherstateoranon-stateactor,suchasaterroristgroup,additionalactionscanbetakentomitigateorpunishthisactivity.
Unfortunately,theglobalcyberthreatisunlikelytodiminish,butwillincreasewithtimeinboththequantityandcomplexityofattacks,unlesssomemeansarefoundtopreventit.ThisisespeciallytrueforthevolatileMiddleEastandfortheongoing(anddeepening)conflictwithIran.
5. SToPPING eSCALATIoN To A FULL CyBeRWAR
ManybecameawareofthecyberthreatsagainstnationsaftertheattackonEstoniain2007.Theworld’sattentionwasrefocusedin2010ontargetedattacksbywhatwouldotherwiseseemtobeaninertvirus–StuxnetthattargetedIran’snuclearprogrammeattheNatanzfacility.Thisvirusspreaditselftoseveralcountries,butifaninfectedcomputerwasnotthetarget,itwoulddonothing.
StuxnettargetedProgrammableLogicControllers(PLC)whichareusuallyusedforindustrialpurposes(W32.Stuxnet,2017).TheprevalenceoftheconcentrationofthemalwareinIranandhowthemalwaretargetedPLCsbuiltbytheGermancompanySiemensdemonstratedthatthismalwarewasasurgicalweapontocrippleIran’snuclearprogrambygoingafterthecentrifugesatoneofthecountry’snuclearfacilities.Stuxnetcanbeseenasanimprovementorcomplementtoconventionalattacksduetotheprecisionandreductionofhumancasualties.AfterhundredsofUraniumcentrifugesweredamaged,suspicionsarosethattheUnitedStatesandIsraelwerebehindtheStuxnetattack(Katz,2010).Inanycase,forcesfromwithinIraninitiatedattacksoftheirown.
In2012and2013, twomajor attacks seem tohaveoriginated from Iran, signalling that thecountrydevelopeditsowncyberwarfarecapabilityinthewakeoftheStuxnetattacks.In2012,over35,000computersofSaudiArabia’sArmacocompanyhadtheirdatapartiallywipedordestroyed(Mount,2012).Theninaseparateattackin2012,halfadozenAmericanbanksweretargeted,andtheircustomerswereunabletologintotheiraccountsonline(Perlroth,2012).In2013,hackerswereable togainaccess tocommandandcontrolsystemofa20-footflood-controldamontheBlindBrookinRyeBrook,NewYork(Thompson,2016).Thehackingofthisdamwouldnothavecausedsizeabledamageifthedamwatersweretohavebeenreleased,butitdidraiseconcernsintheUnitedStatesgovernmentaboutthepotentialramificationsifahackerweretoseizecontrolofalarger,morecriticalinfrastructure–somethingsimilartowhatoccurredinUkrainetwoyearslater,whenasizeableportionofUkraine’spowergridwasshutdownbecauseofsuccessfulhacking.
Althoughnationsrarelyadmittocarryingoutcyberattacks,theabovegivesaglimpseofwhatafullcyberwarcouldentail.Whenthesourcesofattackscanbeidentified,oratleastevidencegathered,byanimpartialactor,thechancesofanattackandofescalationwouldbeless.Andthepossibilitiesforinternationalinterventionwouldbegreater.Theremaybesituationswhereinterventionisessential,suchasafull-scalecyberattackonacountry’scyber-linkedinfrastructure,e.g.,powerplants,airandroadtrafficcontrols,flooddefencecontrolsandthefinancialsector.
CyberattackscarriedoutintheMiddleEastcouldpossiblyescalatetoapossiblepointofnoreturn.TheUnitedStatesandIsrael,withIraninopposition,couldhavetargetedsensitiveandcriticalinfrastructureinaseriesofadditionalcyberattackexchanges.Themitigatingforceinthiswastherestraintdemonstratedbythethreecountries.However,whathappensifthestatesinvolvedinthenextexchangeofcyberattacksdonotdemonstratethesamelevelofrestraint?AfutureexchangecouldbecomethecyberequivalentoftheCubanMissileCrisis.Inthatcrisis,theinterventionoftheUnitedNationsprovedcrucialtonon-violentconflictresolution(Dorn&Pauk,2009).
Unfortunately,itisnotjuststateactorsthatcandragtwoormorestatesintoacyberconflict;hackergroupscandestabilizetheinternationalcyberorderbycarryingoutattacksoninfrastructureduringtimesofheightenedtensionsbetweentwostates.
This might be mitigated by a cyberpeacekeeping force as it will provide assurances to theinternationalsystemthatthereisacheckandbalancetotheseattacksandanavenuetopursue,and
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
26
helpforvictimsofcyberattacks.Itcanprovidemechanismsthatcanidentifyathreatandpossiblymitigate,andrepair,damagethatwasdone.
6. WHAT WoULd SUCH A FoRCe LooK LIKe?
TheUNcyberpeacekeepingforcemustbemalleableandbeabletosolveavarietyoftheworld’scyberdefenceissues,notmerelyonemalwareorvirusatatime.EspeciallywhenUNmemberstatesfurthercodifyalegalsetofrulesthatclearlydefinewhatacyberattacklookslike,cyberpeacekeepingcouldhelpenforcethoserules.Forexample,thecyberpeacekeeperscouldhelpverifythat,intimesofpeace,nostateattackstheinfrastructureofanotherandthatnationalenforcementmeasuresaretakenbyastateifacitizenwithinthestateisfoundtobetheculprithacker.Tofurtherthepoint:ifaRussianhackerisfoundtobeattackingtheUSgovernment,theRussiangovernmentcouldprovideverifiableassurancestotheUnitedNationsthattheculpritwouldbearrestedanddulyprocessedthroughthelegalsystem.TheUnitedNationscouldthenverifyifthishasoccurred.Thiswill,atleast,putmorepressureongovernmentstoholdhackersaccountable.Ofcourse,itwillneedthesupportofmanyothergovernmentstoapplypressure,astheUnitedNationsseekstodoinmanyareas,suchashumanrights,democracyandsupportofpeaceprocesses.
Cyberpeacekeepingcanbedoneinconjunctionwithregionalgroupsthathavecyberdefenceinitiatives.Through thecooperationof these regional initiatives, suchas thosedoneby regionalorganizations,theUnitedNationscanoutlinewhatanaggressivecyberattackinpeacetimeisonagloballevel.Thiswouldassisttheinternationallegalframeworktodefineacyberattackandthenhelpimplementinternationalresponses.
7. oBSTACLeS
TheprospectforaUNcyberdefenceinitiativedependsonUNmemberstates.Theymustaskforit.Butnationalcyberdefenceandoffencearecloselyguardeddomainsofintelligenceandmilitaryagencies.Bysharingcyberdefensivestrategiesandcodeswithothermembersoftheinternationalcommunity,theUnitedNationsmightmakeperpetratorsmoreawareofthosemeasures.Thesamegoesforidentifyingattacks:therewillbeadaptation.SomememberstatesmightnotwanttheUnitedNationstohavethepowertolaunchinvestigationsintocyberattacksandespionageactivitiesastheywouldbeatriskofbeinguncovered.
Oneofthefundamentalproblemsisthattherearemillionsofcyberattacksamonthanditwouldbedifficulttopreventmanyofthoseattacksbecauseofthesheernumber.However,theUNcyberdefenceinitiativewouldonlybeoneactortoserveasawatchfulguardianincyberspace.Therecouldbepartnershipswithothercyberdefenders,thoughthismightfaceobstacles.Forone,apartnershipwithcertainstatesmaynotbefruitfulsinceforinstance,China,RussiaandtheUnitedStateswouldbehesitanttosharecybersecretsorevenalerttheUNofcyberattacksthattheycarryoutinmostcircumstances.However,theUNcyberdefenceinitiativecouldseekoutpartnershipswithmultilateralorganizationssuchastheShanghaiCooperationOrganizationortheresponseteamscreatedbytheOAS.Whenitcomestopartnershipswithindustry,thisalsomaybefraughtwithconcernsoverstate-influenceaswehaveseenwithKasperskyLabs(Robertson&Riley,2017).Still,therewouldbeplentyofopportunitiestoexplorepartnershipswiththewiderangeofactorsandnations,graduallybuildinganetworkoftrustedexpertise.
TheUnitedNationshasattemptedtodefinewhatcybernormsshouldbefortheworldstage,butthoseeffortshavenotbeenentirelyfruitful.Foryears,theUnitedStateshopedthattheeffortsthatithadputinplacewouldbesufficientasasetofnormsforthegovernanceofthecyberdomain(Grigsby2017,pp.111-112).Russiaarguedthatnewtechnology,suchastheinternet,shouldrequireanewtreaty,buttheUnitedStatesopposedthatposition(p.112).Neithercountrytruststheotherwiththeircyberintentions.In2013,theUNGroupofGovernmentalExpertsonDevelopmentsintheFieldof
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
27
InformationandTelecommunicationsintheContextofInternationalSecurity(GGE)putforwardanumberofcybernorms,forexamplethatinpeacetimenocountryshouldcarryoutcyberattacksonanotherandthatsuchactivityshouldbereported(GGE,2015,p.2).Itisobviousthatabodyneedstobecreatedtowhomsuchreportscanatleastbesent.
ThecreationofacyberpeacekeepingunitattheUnitedNationswouldmeanthatcountriesseekingwaystode-escalateacyberconflictwouldhaveameanstoverifyanagreementor internationalstandards.TheGGE,afterseverallandmarkreports,wasunabletoreachconsensusinJune2017but,in2018,theHigh-levelPanelonDigitalCooperationwasestablished(UnitedNations,2018).Thispanelalsoaimstoimprovedigitalcooperationamongstcountries,privateenterpriseandotherstakeholders.Cyberattackswillundoubtedlybeanissueforthispanelandcyberpeaceoperationscouldserveaspartofthesolution.
Moregenerally,nationshavecededpartoftheirsovereigntytotheUnitedNationswhentheysignedtheUNCharter.TheSecurityCouncilhasbeengiventhelegalrightandresponsibilitytomaintaininternationalpeaceandsecurity.TheSecurityCouncil,andtoalesserextenttheUNGeneralAssembly,hasoften responded toworldcriseswithvarious typesofpeaceoperations.The firstpeacekeepingforce,theUnitedNationsEmergencyForce,wascreatedtorespondtothe1956SuezCrisis,whichithelpedresolve.Alreadyformanyyearspreviously,theinternationalcommunityandtheproposersofUNEFhadwrestledwithhowtoapplymilitaryforceunderinternationalcontrol.Similarly,deliberationsforacyberpeacekeepingrolecanallowtheavenuestobeexploredbeforethecrisisorconflictcriesoutforaUNrole.Acyberpeaceoperation(cyberpeacekeeping)mayserveasthetoolinaworldincreasinglydefinedbycyberinteractions.
Aswehaveseenwiththecreationofregionalcybersecurityinitiativesinregionalorganizations,cybersecurityisrecognized.Buttheyareregionalattempts,notglobalones.HavingaUNcybersecuritypeacekeepingforcemayseemtobeahugeleap,butcaneasilybeasimplesteptowardensuringinternationalpeaceandcybersecurity.
8. CoNCLUSIoN
Therearenumerousavenuesforthenationsoftheworldtocollectivelyengageincyberdefence.TheUnitedNations,astheworldorganizationresponsibleforinternationalpeaceandsecurity,couldbepivotal.Eventhoughtheconceptofdigitalpeacekeepingisnewandnotfullydeveloped,theUnitedNationscanhavearoletomotivatememberstatestolookatcollectivecyberactionthroughtheworldorganization.Cyberattacksarenotgoingaway,buttheywillcontinueandevolveinsophisticationanddamage.TheseattackshavealreadycrippledEstoniain2007andalitanyofwidelyrangingattackshaveoccurredinIndia,Israel,andPakistan,tonameonlyafew.Similarly,theUnitedNationswillneedtoevolve itsapproachtocurrentandnear-futurecyberattacks.NolongercanpeacekeepingoperationsinthephysicalspaceignorecyberthreatsagainstthemissionsoragainsttheconflictingpartiesonthegroundwhomtheUnitedNationsseekstomoderate.Thesafetyoftheinternationalpersonnelinforeignlandscouldbeatstakeasthesecyberattacksbecomemoresophisticated.Similarly,thenationsoftheworldwouldbewisetoexploreUNactionincyberspacetoprotectthemselvescollectivelyandthusmakethepeoplesoftheworldsafer.
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
28
ReFeReNCeS
Akatyev, N., & James, J. I. (2017). Legislative Requirements for Cyber Peacekeeping. Journal of Digital Forensics.Security and Law,12(3),23–38.
Brenner,S.(2007).AtLightSpeed:AttributionandResponsetoCybercrime/Terrorism/Warfare.The Journal of Criminal Law & Criminology,97(2),379–475.Retrievedfromhttps://scholarlycommons.law.northwestern.edu/jclc/vol97/iss2/2
Celik,M.2017.CyberWar:AnExpectedApocalypseoraHypedThreat?InU.Tatar,Y.Gokce&A.V.Gheorghe(Eds.),StrategicCyberDefense:AMultidisciplinaryPerspective(pp.101-110).Amsterdam,IOSPress.
ChiefExecutivesBoardforCoordinationforCoordination.(2014,January13).SummaryofConclusions,SecondRegular Session of 2013. UN Doc. CEB/2013/2. Retrieved from https://www.unsceb.org/CEBPublicFiles/Chief%20Executives%20Board%20for%20Coordination/Document/REP_CEB_201311_CEB2013-2.pdf
CommunicationsSecurityEstablishment.CanadianCentreforCyberSecurity.(2018).Government of Canada.Retrievedfromhttps://www.cse-cst.gc.ca/en/backgrounder-fiche-information
CouncilofEurope.(2003,January28).AdditionalProtocoltotheConventiononCybercrime,concerningthecriminalisationof theactsofracistandxenophobicnaturecommittedthroughcomputersystems.EuropeanTreatySeries.
CouncilofEurope.(2017).DetailsofTreatyNo.185–ConventiononCybercrime.Retrievedfromhttp://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185
Couzigou, I. (2018).Securingcyber space:TheobligationofStates topreventharmful internationalcyberoperations.International Review of Law Computers & Technology,32(1),37–57.doi:10.1080/13600869.2018.1417763
Cybersecurity.(2018).Retrievedfromhttps://www.sites.oas.org/cyber/en/pages/default.aspx
Dorn, A. W. (2017). Cyberpeacekeeping: A New Role for the United Nations? Georgetown Journal of International Affairs,18(3),138–146.doi:10.1353/gia.2017.0046
Dorn,A.W.,&Pauk,R.(2009).UnsungMediator:UThantandtheCubanMissileCrisis.Diplomatic History,33(2),261–292.doi:10.1111/j.1467-7709.2008.00762.x
ElectricityInformationSharingandAnalysisCenter.(2016,March18).AnalysisoftheCyberAttackontheUkrainian Power Grid. Retrieved from https://www.nerc.com/pa/CI/ESISAC/Documents/E-ISAC_SANS_Ukraine_DUC_18Mar2016.pdf
Greenburg, A. (2017, May 9). The NSA Confirms It: Russia Hacked French Election “Infrastructure.”Wired. Retrieved from https://www.wired.com/2017/05/nsa-director-confirms-russia-hacked-french-election-infrastructure/
Grigsby,A.(2017).TheEndofCyberNorms.Survival,59(6),109–122.doi:10.1080/00396338.2017.1399730
GroupofGovernmentalExpertsonDevelopmentsintheFieldofInformationandTelecommunicationsintheContextofInternationalSecurity.(2015,July22).ReportoftheGroupofGovernmentalExpertsonDevelopmentsintheFieldofInformationandTelecommunicationsintheContextofInternationalSecurityA/70/174Retrievedfromhttp://www.un.org/ga/search/view_doc.asp?symbol=A/70/174
IndustrialControlSystemsCyberEmergencyResponseTeam.(2016).Year inReviewFY2016PieChart.Retrieved from https://ics-cert.us-cert.gov/sites/default/files/Annual_Reports/Year_in_Review_FY2016_IR_Pie_Chart_S508C.pdf
Jensen,E.T.(2017).TheTallinnManual2.0:HighlightsandInsights.Georgetown Journal of International Law, 48(3), 735-778. Retrieved from https://www.law.georgetown.edu/international-law-journal/wp-content/uploads/sites/21/2018/05/48-3-The-Tallinn-Manual-2.0.pdf
Katz,Y.(2010,December24).Stuxnetmayhavedestroyed1,000centrifugesatNatanz.Jerusalem Post.Retrievedfromhttps://www.jpost.com/Defense/Stuxnet-may-have-destroyed-1000-centrifuges-at-Natanz
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
29
Markoff,J.(2008,August12).BeforetheGunfire,Cyberattacks.NewYorkTimes.Retrievedfromhttp://www.nytimes.com/2008/08/13/technology/13cyber.html
Mount,M.(2012,October16).U.S.officialsbelieveIranbehindrecentcyberattacks.CNN.Retrievedfromhttp://edition.cnn.com/2012/10/15/world/iran-cyber/?iid=EL
Mustonen,T.(2015,January6).DefRepAnalysis:NATO’scybershiftmaynotlinktoArticle5.DefenceReport.Retrievedfromhttp://defencereport.com/defrep-analysis-natos-cyber-shift-may-not-link-to-article-5/
NATOCOECCD.2017.TallinnManualProcess.Retrievedfromhttps://ccdcoe.org/tallinn-manual.html
Organization of American States. (2004, June 8). Adoption of a Comprehensive Inter-American Strategyto Combat the Threats to Cybersecurity: A Multidimensional and Multidisciplinary Approach to Creatinga Culture of Cybersecurity. Retrieved from http://www.oas.org/xxxivga/english/docs/approved_documents/adoption_strategy_combat_threats_cybersecurity.htm
Pagliery,J.(2017,April4).NorthKorea-linkedhackersareattackingbanksworldwide.CNN.Retrievedfromhttp://www.cnn.com/2017/04/03/world/north-korea-hackers-banks/index.html
Perlroth,N.(2012,September30).Attackson6BanksFrustrateCustomers.New York Times.Retrievedfromhttp://www.nytimes.com/2012/10/01/business/cyberattacks-on-6-american-banks-frustrate-customers.html
Pfeffer,A.(2009,June15).IsraelSufferedMassiveCyberAttackDuringGazaOffensive.Haaretz.Retrievedfromhttp://www.haaretz.com/israel-suffered-massive-cyber-attack-during-gaza-offensive-1.278094
Pope,A.E.(2018).Cyber-securingourelections.Journal of Cyber Policy,3(1),24–38.doi:10.1080/23738871.2018.1473887
Robertson,J.,&Riley,M.(2017,July11).KasperskyLabhasbeenworkingwithRussianIntelligence.Bloomberg.Retrievedfromhttps://www.bloomberg.com/news/articles/2017-07-11/kaspersky-lab-has-been-working-with-russian-intelligence
Robinson,M., Jones,K., Janicke,H.,&Maglaras,L.2018.DevelopingCyberPeacekeeping:Observation,MonitoringandReporting.arXiv:1806.02608
Shanghai Cooperation Organization. 2018. Agreement between the Government of the Member States ofthe Shanghai Cooperation Organization on Cooperation in the Field of International Information Security(Unofficial English Translation). Retrieved from http://www.ccdcoe.org/sites/default/files/documents/SCO-090616-IISAgreement.pdf
Shekhar,S.(2017,January2).TheIndia-PakistancyberwarintensifiesasretaliatoryransomwareattackcrippleswebsitesofIslamabad,MultanandKarachiairports.Daily Mail.Retrievedfromhttps://www.dailymail.co.uk/indiahome/indianews/article-4082644/The-India-Pakistan-cyber-war-intensifies-retaliatory-ransomware-attack-cripples-websites-Islamabad-Multan-Karachi-airports.html
Thompson,M.(2016,March24).IranianCyberAttackonNewYorkDamShowsFutureofWar.Time Magazine.Retrievedfromhttp://time.com/4270728/iran-cyber-attack-dam-fbi/
UnitedNations.(2017a).CyberRisk.Retrievedfromhttps://unite.un.org/digitalbluehelmets/cyberrisk
UnitedNations.(2017b).DigitalBlueHelmets:Research.Retrievedfromhttps://unite.un.org/digitalbluehelmets/research
UnitedNations.(2018).Secretary-General’sHigh-levelPanelonDigitalCooperation.Retrievedfromhttp://www.un.org/en/digital-cooperation-panel/
UnitedNationsGeneralAssembly.(2013,June24).GroupofGovernmentalExpertsonDevelopmentsintheFieldofInformationandTelecommunicationsintheContextofInternationalSecurity.68thSession.Retrievedfromhttps://ccdcoe.org/sites/default/files/documents/UN-130624-GGEReport2013_0.pdf
UnitedStatesComputerEmergencyReadinessTeam.(2018,March16).Alert(TA18-074A):RussianGovernmentCyberActivityTargetingEnergyandOtherCriticalInfrastructureSectors.DepartmentofHomelandSecurity.Retrievedfromhttps://www.us-cert.gov/ncas/alerts/TA18-074A
International Journal of Cyber Warfare and TerrorismVolume 9 • Issue 1 • January-March 2019
30
Vatis, M. A. (2001). Cyber Attacks During the War on Terrorism: A Predictive Analysis. Hanover, NewHampshire:Institute for Security Technology Studies at Dartmouth College.Retrievedfromwww.dtic.mil/cgi-bin/GetTRDoc?AD=ADA395300&Locat
Volz,D.(2016,February25).U.S.governmentconcludescyberattackcausedUkrainepoweroutage.Reuters.Retrieved from https://www.reuters.com/article/us-ukraine-cybersecurity/u-s-government-concludes-cyber-attack-caused-ukraine-power-outage-idUSKCN0VY30K
W32.Stuxnet.(2017,September26),Symantec.Retrievedfromhttps://www.symantec.com/security_response/writeup.jsp?docid=2010-071400-3123-99
eNdNoTeS
1 Estoniawasawillinghostafter itsufferedamassivecyberattack in2007onitswebsitesandcyberinfrastructure.TheNATOCOEwassetupto“provideacapabilitytoassistalliednations,uponrequest,tocounteracyberattack”(NATOsummitcommunique,Bucharest,April2008).TheCOEroleisto:improve cyber defence interoperability; develop policies, concepts, doctrine, and standards; enhanceinformationsecurityandcyberdefenceeducation;providecyberdefencesupportforexperimentation.Italsoprovidescyberdefencesubjectmatterexperts(SMEs)toNATO,especiallyforcyberdefencetestingandvalidating.
2 TheCOEledandfacilitatedthedraftingoftheinfluentialTallinn Manual on the International Law Applicable to Cyber Operations(version2.0,CambridgeUniversityPress,2017).Formoreinformation,see:NATOCOECCD.“TallinnManualProcess.”AccessedFebruary8,2017.https://ccdcoe.org/tallinn-manual.html
3 See:NikolayAkatyevandJoshuaI.James,“CyberPeacekeeping,”inDigital Forensics and Cyber Crime,ed.JoshuaL.JamesandFrankBreitinger(Cham:Springer,2015),126-39.MichaelRobinson,HelgeJanicke,andKevinJones,“AnIntroductiontoCyberPeacekeeping,”Computers and Society,October2017.Accessedathttps://arxiv.org/pdf/1710.09616v1.pdf.Dorn,A.W.2017.Cyberpeacekeeping:ANewRolefortheUnitedNations?.Georgetown Journal of International Affairs,18(3),138-146.doi:10.1353/gia.2017.0046
4 Thesevenprinciplescanbeparaphrasedasfollows:(1)Cyberincidentsshouldbedealtwithinaholisticmannerthroughcriminaljusticeandinternationalcooperation;(2)UNentitiesshouldaimtorespondtocybercrimeandcybersecurityneedsinMemberStateswithintheirrespectivemandates.(3).AllUNprogrammingshouldrespecttheprinciplesoftheruleoflawandhumanrights;(4)UNprogrammingshouldfocusonassistingMemberStatestotakeevidence-basedaction;(5)Programmingshouldfostera“whole-of-government”response.(6).SupporttoMemberStatesshouldaimtostrengtheninternationalcooperation; (7)Programming should include efforts to strengthen cooperation between governmentinstitutionsandprivate-sectorenterprises.
5 The2001BudapestConventiononCybercrimeisthefirstinternationaltreatyoncrimescommittedviatheInternetandothercomputernetworks.Itdealswiththingslike“infringementsofcopyright,computer-relatedfraud,childpornographyandviolationsofnetworksecurity.”Ithassomeearlyindicationsofenforcementpowerthroughandsearchproceduresofcomputernetworksandinterception.See:CouncilofEurope.“DetailsofTreatyNo.185–ConventiononCybercrime.”accessedJune12,2017http://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185.