A non-militarised approach to cyber-security

Andrew Adams, Pauline Reich, Stuart Weinstein

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

In 2011 cyberspace came under highly visible military threat. This threat was not cyber-attack by governments or terrorists, but the threat of a militaristic approach to cyber-security. The US and UK military establishments (among others) made strong arguments about the need to expand their online presence from use of the Internet for their own information transmission and into cyber-attack capabilities. Responding to claims of the Russian and Chinese governments sponsoring cracking attacks against Estonia, Georgia and Google, cyberspace in 2011 became the fifth arena of warfare (land, (under)sea, air, space and now cyberspace). Although development of the basic concept and protocols of the Internet was funded by DARPA, a military research agency, the military and civilian uses of Internet systems rapidly diverged in the early days. This separation allowed the development of a free, generative and borderless Internet whose base flexibility and civilian orientation made it one of the core technologies of modern life by 2011. Just as it has become an essential platform for legitimate activity, illegitimate activity has also flourished online. The very automation which makes computers and the Internet so valuable can also be utilised for negative purposes such as Denial of Service Attacks, malware distribution and fraud. There are claims that some governments are sponsoring attacks and cyber-espionage against their enemies (other states or large corporations), and claims about the rise and dangers of cyber-terrorism. Military forces, faced with a diminishing role in preparations for large scale physical conflicts, have begun claiming that civilian cyberspace needs to be (re-)militarised and that the armed forces should be given both the technical tools and the legal rights to conduct not just cyber-defence activities, but offensive cyber-attacks. In this paper we argue from both philosophical and practical standpoints that a pacifist approach to cyber-security is more appropriate. Based on the constitutional pacifism of Germany and Japan, we argue that investment in cyber-defence would be better targetted at improving the physical and electronic infrastructure of the Internet in general (for example, by funding the free distribution of malware signatures to all users or research and development of better technological security tools). This would provide better cybersecurity for the citizens of the world than an arms race to develop military cyber-attack capabilities. The borderless and non-geographic topology of the Internet provide little capacity for avoiding collateral damage which, we argue, is likely to prove more costly than the original dangers identified or forecast. Technological measures used within the parameter of laws protecting the privacy, civil rights and civil liberties of citizens and utilized for defensive purposes, along with further research on thwarting cyber-attacks on critical information infrastructures, would be more beneficial and are evaluated in this pacifist context.

Original languageEnglish
Title of host publication11th European Conference on Information Warfare and Security 2012, ECIW 2012
Pages1-8
Number of pages8
Publication statusPublished - 2012
Event11th European Conference on Information Warfare and Security 2012, ECIW 2012 - Laval
Duration: 2012 Jul 52012 Jul 6

Other

Other11th European Conference on Information Warfare and Security 2012, ECIW 2012
CityLaval
Period12/7/512/7/6

Fingerprint

Internet
Terrorism
Military operations
Automation
Topology
Network protocols
Air
Industry
Malware

Keywords

  • Cyberattack
  • Cyberdefence
  • Militarisation of cyberspace
  • Pacifism

ASJC Scopus subject areas

  • Information Systems
  • Safety, Risk, Reliability and Quality

Cite this

Adams, A., Reich, P., & Weinstein, S. (2012). A non-militarised approach to cyber-security. In 11th European Conference on Information Warfare and Security 2012, ECIW 2012 (pp. 1-8)

A non-militarised approach to cyber-security. / Adams, Andrew; Reich, Pauline; Weinstein, Stuart.

11th European Conference on Information Warfare and Security 2012, ECIW 2012. 2012. p. 1-8.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Adams, A, Reich, P & Weinstein, S 2012, A non-militarised approach to cyber-security. in 11th European Conference on Information Warfare and Security 2012, ECIW 2012. pp. 1-8, 11th European Conference on Information Warfare and Security 2012, ECIW 2012, Laval, 12/7/5.
Adams A, Reich P, Weinstein S. A non-militarised approach to cyber-security. In 11th European Conference on Information Warfare and Security 2012, ECIW 2012. 2012. p. 1-8
Adams, Andrew ; Reich, Pauline ; Weinstein, Stuart. / A non-militarised approach to cyber-security. 11th European Conference on Information Warfare and Security 2012, ECIW 2012. 2012. pp. 1-8
@inproceedings{bc9e185d7ffc4794aad4fe9dea3c8894,
title = "A non-militarised approach to cyber-security",
abstract = "In 2011 cyberspace came under highly visible military threat. This threat was not cyber-attack by governments or terrorists, but the threat of a militaristic approach to cyber-security. The US and UK military establishments (among others) made strong arguments about the need to expand their online presence from use of the Internet for their own information transmission and into cyber-attack capabilities. Responding to claims of the Russian and Chinese governments sponsoring cracking attacks against Estonia, Georgia and Google, cyberspace in 2011 became the fifth arena of warfare (land, (under)sea, air, space and now cyberspace). Although development of the basic concept and protocols of the Internet was funded by DARPA, a military research agency, the military and civilian uses of Internet systems rapidly diverged in the early days. This separation allowed the development of a free, generative and borderless Internet whose base flexibility and civilian orientation made it one of the core technologies of modern life by 2011. Just as it has become an essential platform for legitimate activity, illegitimate activity has also flourished online. The very automation which makes computers and the Internet so valuable can also be utilised for negative purposes such as Denial of Service Attacks, malware distribution and fraud. There are claims that some governments are sponsoring attacks and cyber-espionage against their enemies (other states or large corporations), and claims about the rise and dangers of cyber-terrorism. Military forces, faced with a diminishing role in preparations for large scale physical conflicts, have begun claiming that civilian cyberspace needs to be (re-)militarised and that the armed forces should be given both the technical tools and the legal rights to conduct not just cyber-defence activities, but offensive cyber-attacks. In this paper we argue from both philosophical and practical standpoints that a pacifist approach to cyber-security is more appropriate. Based on the constitutional pacifism of Germany and Japan, we argue that investment in cyber-defence would be better targetted at improving the physical and electronic infrastructure of the Internet in general (for example, by funding the free distribution of malware signatures to all users or research and development of better technological security tools). This would provide better cybersecurity for the citizens of the world than an arms race to develop military cyber-attack capabilities. The borderless and non-geographic topology of the Internet provide little capacity for avoiding collateral damage which, we argue, is likely to prove more costly than the original dangers identified or forecast. Technological measures used within the parameter of laws protecting the privacy, civil rights and civil liberties of citizens and utilized for defensive purposes, along with further research on thwarting cyber-attacks on critical information infrastructures, would be more beneficial and are evaluated in this pacifist context.",
keywords = "Cyberattack, Cyberdefence, Militarisation of cyberspace, Pacifism",
author = "Andrew Adams and Pauline Reich and Stuart Weinstein",
year = "2012",
language = "English",
isbn = "9781622765379",
pages = "1--8",
booktitle = "11th European Conference on Information Warfare and Security 2012, ECIW 2012",

}

TY - GEN

T1 - A non-militarised approach to cyber-security

AU - Adams, Andrew

AU - Reich, Pauline

AU - Weinstein, Stuart

PY - 2012

Y1 - 2012

N2 - In 2011 cyberspace came under highly visible military threat. This threat was not cyber-attack by governments or terrorists, but the threat of a militaristic approach to cyber-security. The US and UK military establishments (among others) made strong arguments about the need to expand their online presence from use of the Internet for their own information transmission and into cyber-attack capabilities. Responding to claims of the Russian and Chinese governments sponsoring cracking attacks against Estonia, Georgia and Google, cyberspace in 2011 became the fifth arena of warfare (land, (under)sea, air, space and now cyberspace). Although development of the basic concept and protocols of the Internet was funded by DARPA, a military research agency, the military and civilian uses of Internet systems rapidly diverged in the early days. This separation allowed the development of a free, generative and borderless Internet whose base flexibility and civilian orientation made it one of the core technologies of modern life by 2011. Just as it has become an essential platform for legitimate activity, illegitimate activity has also flourished online. The very automation which makes computers and the Internet so valuable can also be utilised for negative purposes such as Denial of Service Attacks, malware distribution and fraud. There are claims that some governments are sponsoring attacks and cyber-espionage against their enemies (other states or large corporations), and claims about the rise and dangers of cyber-terrorism. Military forces, faced with a diminishing role in preparations for large scale physical conflicts, have begun claiming that civilian cyberspace needs to be (re-)militarised and that the armed forces should be given both the technical tools and the legal rights to conduct not just cyber-defence activities, but offensive cyber-attacks. In this paper we argue from both philosophical and practical standpoints that a pacifist approach to cyber-security is more appropriate. Based on the constitutional pacifism of Germany and Japan, we argue that investment in cyber-defence would be better targetted at improving the physical and electronic infrastructure of the Internet in general (for example, by funding the free distribution of malware signatures to all users or research and development of better technological security tools). This would provide better cybersecurity for the citizens of the world than an arms race to develop military cyber-attack capabilities. The borderless and non-geographic topology of the Internet provide little capacity for avoiding collateral damage which, we argue, is likely to prove more costly than the original dangers identified or forecast. Technological measures used within the parameter of laws protecting the privacy, civil rights and civil liberties of citizens and utilized for defensive purposes, along with further research on thwarting cyber-attacks on critical information infrastructures, would be more beneficial and are evaluated in this pacifist context.

AB - In 2011 cyberspace came under highly visible military threat. This threat was not cyber-attack by governments or terrorists, but the threat of a militaristic approach to cyber-security. The US and UK military establishments (among others) made strong arguments about the need to expand their online presence from use of the Internet for their own information transmission and into cyber-attack capabilities. Responding to claims of the Russian and Chinese governments sponsoring cracking attacks against Estonia, Georgia and Google, cyberspace in 2011 became the fifth arena of warfare (land, (under)sea, air, space and now cyberspace). Although development of the basic concept and protocols of the Internet was funded by DARPA, a military research agency, the military and civilian uses of Internet systems rapidly diverged in the early days. This separation allowed the development of a free, generative and borderless Internet whose base flexibility and civilian orientation made it one of the core technologies of modern life by 2011. Just as it has become an essential platform for legitimate activity, illegitimate activity has also flourished online. The very automation which makes computers and the Internet so valuable can also be utilised for negative purposes such as Denial of Service Attacks, malware distribution and fraud. There are claims that some governments are sponsoring attacks and cyber-espionage against their enemies (other states or large corporations), and claims about the rise and dangers of cyber-terrorism. Military forces, faced with a diminishing role in preparations for large scale physical conflicts, have begun claiming that civilian cyberspace needs to be (re-)militarised and that the armed forces should be given both the technical tools and the legal rights to conduct not just cyber-defence activities, but offensive cyber-attacks. In this paper we argue from both philosophical and practical standpoints that a pacifist approach to cyber-security is more appropriate. Based on the constitutional pacifism of Germany and Japan, we argue that investment in cyber-defence would be better targetted at improving the physical and electronic infrastructure of the Internet in general (for example, by funding the free distribution of malware signatures to all users or research and development of better technological security tools). This would provide better cybersecurity for the citizens of the world than an arms race to develop military cyber-attack capabilities. The borderless and non-geographic topology of the Internet provide little capacity for avoiding collateral damage which, we argue, is likely to prove more costly than the original dangers identified or forecast. Technological measures used within the parameter of laws protecting the privacy, civil rights and civil liberties of citizens and utilized for defensive purposes, along with further research on thwarting cyber-attacks on critical information infrastructures, would be more beneficial and are evaluated in this pacifist context.

KW - Cyberattack

KW - Cyberdefence

KW - Militarisation of cyberspace

KW - Pacifism

UR - http://www.scopus.com/inward/record.url?scp=84873126052&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84873126052&partnerID=8YFLogxK

M3 - Conference contribution

SN - 9781622765379

SP - 1

EP - 8

BT - 11th European Conference on Information Warfare and Security 2012, ECIW 2012

ER -