Abstract
Background. Nation states unleash cyber attacks targeting other nation states (e.g. WannaCry, SolarWinds), termed “offensive cyber operations”. When such aggressions are deemed, according to the UN Charter, to constitute a threat to the peace, breach of the peace, or act of aggression towards a nation state, governments might choose to respond. Responses can range from silence all the way to retaliation, at the other end of the scale. The emergence of cyber diplomacy suggests a less militant and potentially powerful response option. Barrinha and Renard [5] explain that the rise of cyber diplomacy has coincided with “a growing contestation of the values, institutions and power dynamics of the liberal-created cyberspace”. (p. 3). The question is: how could cyber diplomacy fit into a strategic threat management plan?
Aim. To position cyber diplomacy within a strategic response to nation state offensive cyber operations.
Method. To help us to position cyber diplomacy’s role in this domain, we first examine historical cyber conflicts, and governments’ responses to these, as well as testing the factors that might explain response choice. We then review a number of proposed options for managing cyber conflicts.
Results. We propose a comprehensive “Five D’s” strategic framework to manage the threat of offensive cyber operations. Cyber diplomacy is included, acknowledging its emerging and potentially powerful role in managing cyber conflicts in the future.
Conclusions. Cyber diplomacy has recently emerged and it has not yet been widely deployed. We show how it can be positioned within a strategic framework for managing the threat of offensive cyber operations from other nation states.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
References
Attatfa, A., Renaud, K., De Paoli, S.: Cyber diplomacy: a systematic literature review. Procedia Comput. Sci. 176, 60–69 (2020)
Baldwin, D.A.: Power and International Relations: A Conceptual Approach. In: Walter Carlsnaes, T.R., Simmons, B.A. (eds.) Handbook of International Relations. Princeton University Press, Princeton (2016)
Baram, G., Sommer, U.: Covert or not covert: national strategies during cyber conflict. In: 11th International Conference on Cyber Conflict (CyCon), vol. 900, pp. 1–16. IEEE (2019)
Barker, I.: Nation state attacks increase 100 percent in three years (2021). https://betanews.com/2021/04/08/nation-state-attacks-increase/
Barrinha, A., Renard, T.: Power and diplomacy in the post-liberal cyberspace. Int. Aff. 96(3), 749–766 (2020)
Bayer, R.: Diplomatic Exchange Data set, v2006.1. (2006). https://correlatesofwar.org/data-sets/diplomatic-exchange
BBC: Cyber-attack: US and UK blame North Korea for WannaCry (2017). Accessed 1 May 2021. https://www.bbc.co.uk/news/world-us-canada-42407488
Brantly, A.F.: The cyber deterrence problem. In: 10th International Conference on Cyber Conflict (CyCon), pp. 31–54. IEEE (2018)
Brown, G.D.: Why Iran won’t admit Stuxnet was an attack. Joint Force Quart. 63(4), 70–73 (2011)
Carlin, J.P.: Detect, disrupt, deter: a whole-of-government approach to national security cyber threats. Harv. Nat’l Sec. J. 7, 391 (2015)
Carpenter, P.: Cybersecurity and nation-state threats: what businesses need to know (2021). https://www.forbes.com/sites/forbesbusinesscouncil/2021/04/16/cybersecurity-and-nation-state-threats-what-businesses-need-to-know/?sh=18d005817c21
Cavelty, M.D., Egloff, F.J.: Hyper-securitization, everyday security practice and technification: cyber-security logics in Switzerland. Swiss Polit. Sci. Rev. 27(1), 139–149 (2021)
cipher: Which Country is #1 in Cybersecurity? (2021). Accessed 10 July 2021. https://cipher.com/blog/which-country-is-1-in-cybersecurity/
CISCO: cyber diplomacy in the European union (2017). Accessed 2 May 2021. https://www.cisco.com/c/dam/m/en_ca/business-transformation/pdf/5-ways-to-detect-a-cyber-attack.pdf
Clare, J.: The deterrent value of democratic allies. Int. Stud. Quart. 57(3), 545–555 (2013)
Cluley, G.: Us offers \$10 million reward in hunt for state-sponsored ransomware attackers (2021). Accessed 17 Jul 2021. https://www.tripwire.com/state-of-security/security-data-protection/us-offers-10-million-reward-in-hunt-for-state-sponsored-ransomware-attackers/
Cohen, M., Freilich, C., Siboni, G.: Four Big “Ds’’ and a Little “r’’: a new model for cyber defense. Cyber Intell. Secur. 1(2), 21–36 (2017)
Cop**er, D.S.: Aggression in Cyberspace: Framing an Operational Response. Technical Report, Naval War Coll Newport RI Joint Military Operations Department (2010)
Cuthbertson, A.: Yahoo data breach is ‘Most Audacious Hack of All Time’ (2016). Accessed 30 Apr 2021. https://uk.news.yahoo.com/yahoo-data-breach-most-audacious-163029811.html
Department of Global Communications: 5 ways the UN is fighting ‘infodemic’ of misinformation (2020). Accessed 2 May 2021. https://www.un.org/en/department-global-communications/
Earle, P.C.: Lockdowns have killed what’s left of the united nations’ credibility (2020). Accessed 30 Apr 2021. https://www.aier.org/article/lockdowns-have-killed-whats-left-of-the-united-nations-credibility/
Fayi, S.Y.A.: What Petya/NotPetya ransomware is and what its remidiations are. In: Latifi, S. (ed.) Information Technology - New Generations. AISC, vol. 738, pp. 93–100. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-77028-4_15
Fitzpatrick, D.: Evolution and chaos in property right systems: the third world tragedy of contested access. Yale LJ 115, 996–1048 (2005)
GOV.UK: Implementing norms in cyberspace (2020). Accessed 30 Apr 2021. https://www.gov.uk/government/publications/implementing-norms-in-cyberspace
Hald, S.L., Pedersen, J.M.: An updated taxonomy for characterizing hackers according to their threat properties. In: 2012 14th International Conference on Advanced Communication Technology (ICACT), pp. 81–86. IEEE (2012)
Hanhimäki, J.M.: The United Nations: A very Short Introduction. Oxford University Press, Great Britain (2015)
Hollis, D.B.: Why states need an international law for information operations. Lewis Clark L. Rev. 11, 1023–1061 (2007)
Hunton privacy blog: white house to nominate first national cyber director (2021). Accessed 18 Jul 2021. https://www.huntonprivacyblog.com/2021/04/14/white-house-to-nominate-first-national-cyber-director/
ID agent: 10 facts about nation-state cyberattacks that will keep you up at night (2020). https://www.idagent.com/blog/10-facts-about-nation-state-cyberattacks-that-will-keep-you-up-at-night/
Jacobsen, J.T.: En “digital Genèvekonvention” er ikke i Danmarks interesse. Internasjonal Politikk 76(2), 73–88 (2018)
Jensen, L.: Maritime cyber security: it’s all about the money (2021). Accessed 1 May 2021. https://improsec.com/cyber-blog/maritime-cyber-security-its-all-about-the-money
Jervis, R.: The cuban missile crisis: what we know, how did it start, and how did it end. In: Scott, L., Hughes, R.G. (eds.) The Cuban Missile Crisis: A Critical Reappraisal (Cold War History). Taylor & Francis, Oxon (2018)
Kanuck, S.: Sovereign discourse on cyber conflict under international law. TEx. L. REv. 88, 1571–1597 (2009)
Kello, L.: The meaning of the cyber revolution: perils to theory and statecraft. Int. Secur. 38(2), 7–40 (2013)
Kostadinov, D.: The attribution problem in cyber attacks (2013). Accessed 30 Apr 2021. https://resources.infosecinstitute.com/topic/attribution-problem-in-cyber-attacks/
Lakshmanan, R.: Here’s how solarwinds hackers stayed undetected for long enough (2021). Accessed 30 Apr 2021. https://thehackernews.com/2021/01/heres-how-solarwinds-hackers-stayed.html
Lee, E.: More dependence on internet leads to more cyberattacks worldwide (2017), vOA News. Accessed 8 May 2021. https://www.voanews.com/silicon-valley-technology/more-dependence-internet-leads-more-cyberattacks-worldwide
Levinson, M.: Why law enforcement can’t stop hackers (2011). Accessed 1 May 2021. https://www.cio.com/article/2402264/why-law-enforcement-can-t-stop-hackers.html
Lin, H.S.: Offensive cyber operations and the use of force. J. Nat’l Sec. L. Pol’y 4, 63–86 (2010)
Lustik, L.: Can the UN prevent cyber-attacks? (2018). Accessed 1 May 2021. https://thenewcontext.org/can-the-un-prevent-cyber-attacks/
Maness, R.C., Valeriano, B.: The impact of cyber conflict on international interactions. Armed Forces Soc. 42(2), 301–323 (2016)
Moret, E., Pawlak, P.: The EU cyber diplomacy toolbox: towards a cyber sanctions regime? (2017). European Union Institute for Security Studies (EUISS). Accessed 8 May 2021. https://www.iss.europa.eu/sites/default/files/EUISSFiles/Brief 24 Cyber sanctions.pdf
Murray, G.R., et al.: Toward creating a new research tool: Operationally defining cyberterrorism (2019), oSF Preprints
Newbill, C.M.: Defining critical infrastructure for a global application. Ind. J. Global Legal Stud. 26, 761–780 (2019)
Newman, L.H.: How an accidental ‘Kill Switch’ Slowed Friday’s massive ransomware attack (2017). Accessed 1 May 2021. https://www.wired.com/2017/05/accidental-kill-switch-slowed-fridays-massive-ransomware-attack/
Nye, J.S., Jr.: Deterrence and dissuasion in cyberspace. Int. Secur. 41(3), 44–71 (2016)
Office of the director of national intelligence: NCSC director warns of nation-state cyber threats to law firms in June 4 remarks at ILTA LegalSEC summit 2019 (2019). https://www.dni.gov/index.php/ncsc-newsroom/item/2002-ncsc-director-warns-of-nation-state-cyber-threats-to-law-firms-in-june-4-remarks-at-ilta-legalsec-summit-2019
Office of the director of national intelligence: cyber threat framework (undated). https://www.odni.gov/index.php/cyber-threat-framework
O’Flaherty, K.: U.S. government confirms plan to defend 2020 election against cyberattacks (2019). https://www.forbes.com/sites/kateoflahertyuk/2019/08/28/us-government-plan-to-halt-election-cyberattacks-misses-one-major-issue/?sh=7c1017de2041
Oved, M.C.: Journalist’s phone hacked by new ‘invisible’ technique: all he had to do was visit one website. Any website. (2021). https://www.thestar.com/news/canada/2020/06/21/journalists-phone-hacked-by-new-invisible-technique-all-he-had-to-do-was-visit-one-website-any-website.html
O’Connell, M.E.: Cyber security without cyber war. J. Confl. Secur. Law 17(2), 187–209 (2012)
Pomerleau, M.: State vs. non-state hackers: different tactics, equal threat? (2015). https://defensesystems.com/articles/2015/08/17/cyber-state-vs-non-state-haclers-tactics.aspx
Presidency: European union: cyber diplomacy in the European union (2019). Accessed 2 May 2021. https://eucyberdirect.eu/wp-content/uploads/2019/12/cd_booklet-final.pdf
Rankin, D.J., Bargum, K., Kokko, H.: The tragedy of the commons in evolutionary biology. Trends Ecol. Evol. 22(12), 643–651 (2007)
Renaud, K., Orgeron, C., Warkentin, M., French, P.E.: Cyber security responsibilization: an evaluation of the intervention approaches adopted by the five eyes countries and China. Public Adm. Rev. 80(4), 577–589 (2020)
Rid, T., Buchanan, B.: Attributing cyber attacks. J. Strat. Stud. 38(1–2), 4–37 (2015)
Rosenzweig, P.: Cyber warfare: how conflicts in cyberspace are challenging America and changing the world. ABC-CLIO (2013)
Schmitt, M.N. (ed.): Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. Cambridge University Press, Cambridge (2017)
Shackelford, S.J., Andres, R.B.: State responsibility for cyber attacks: competing standards for a growing problem. Geo. J. Int’l L. 42, 971 (2010)
Sharma, U., Sharma, S.K.: Principles And Theory In Political Science Vol# 1. Atlantic Publishers & Dist, New Delhi (2000)
Sigholm, J., Larsson, E.: Determining the utility of cyber vulnerability implantation: The heartbleed bug as a cyber operation. In: 2014 IEEE Military Communications Conference, pp. 110–116. IEEE (2014)
Silver, L.: U.S. is seen as a top ally in many countries - but others view it as a threat (2019). Accessed 30 April 2021. https://www.pewresearch.org/fact-tank/2019/12/05/u-s-is-seen-as-a-top-ally-in-many-countries-but-others-view-it-as-a-threat/
Singer, E.O.: From reproductive rights to responsibilization: fashioning liberal subjects in Mexico City’s new public sector abortion program. Med. Anthropol. Quart. 31(4), 445–463 (2017)
Smith, B.: Keynote address at the RSA conference: the need for a digital Geneva convention (2017), president and Chief Legal Officer, Microsoft
Starks, T.: US blames China for Microsoft hacking, ransomware attacks as part of global condemnation (2021). Accessed 19 Jul 2021. https://www.cyberscoop.com/china-microsoft-exchange-server-indictments-us-allies/
Terry, P.C.: Don’t do as I do-The US response to Russian and Chinese cyber espionage and public international law. German Law J. 19(3), 613–626 (2018)
The associated press: US, Estonia partnered to search out cyber threat from Russia (2020). Accessed 2 May 2021. https://www.usnews.com/news/politics/articles/2020-12-03/us-estonia-partnered-to-search-out-cyber-threat-from-russia
Tidy, J.: Solarwinds: Why the sunburst hack is so serious (2020). Accessed 31 Dec 2020. https://www.bbc.com/news/technology-55321643
Torres, M., Riordan, S.: Policy brief: the cyber diplomacy of constructing norms in cyberspace (2020). Accessed 30 Apr 2021. https://www.ieeiweb.eu/wp-content/uploads/2020/10/T20_TF5_PB4_ok.pdf
Tsagourias, N.: Cyber attacks, self-defence and the problem of attribution. J. Conflict Secur. Law 17(2), 229–244 (2012)
United nations: telling the UN story in many languages, powered across platforms. (undated). Accessed 30 April 2021. https://www.un.org/en/department-global-communications/
Valeriano, B., Jensen, B.M., Maness, R.C.: Cyber strategy: The Evolving Character of Power and Coercion. Oxford University Press, New York (2018)
Valeriano, B., Maness, R.C.: The dynamics of cyber conflict between rival antagonists, 2001–11. J. Peace Res. 51(3), 347–360 (2014)
Vavra, S.: NSA warns defense contractors to double check connections in light of Russian hacking (2021). Accessed 30 April 2021. https://www.cyberscoop.com/nsa-warns-defense-contractors-operational-technology-connections-russia-solarwinds/
Vercellone, C.: Ukraine is getting more help to build cyber capabilities (2020). Accessed 3 May 2021. https://www.fifthdomain.com/international/2020/03/04/ukraine-is-getting-more-help-to-build-cyber-capabilities/
Walljasper, J.: Elinor Ostrom’s 8 principles for managing a commons (2011). Accessed 22 Apr 2021. http://www.onthecommons.org/magazine/elinor-ostroms-8-principles-managing-commmons
Waltz, K.N.: Theory of International Politics. Reading, Mass.: Addison-Wesley Pub. Co., Boston (1979)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Renaud, K., Attatfa, A., Craig, T. (2022). Positioning Diplomacy Within a Strategic Response to the Cyber Conflict Threat. In: Parkin, S., Viganò, L. (eds) Socio-Technical Aspects in Security. STAST 2021. Lecture Notes in Computer Science, vol 13176. Springer, Cham. https://doi.org/10.1007/978-3-031-10183-0_7
Download citation
DOI: https://doi.org/10.1007/978-3-031-10183-0_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-10182-3
Online ISBN: 978-3-031-10183-0
eBook Packages: Computer ScienceComputer Science (R0)