The Cyber Governance Blog
Assisting Local Governments in Responding to Ransomware Attacks
Ransomware attacks continue to target cities and other state and local government entities all over the United States. These attacks have been hitting municipalities as large as Baltimore and Atlanta; but they have also affected small cities like Borger, Texas (Broadwater, 2019; Allyn, 2019). These attacks are interrupting crucial services that citizens depend on, including trash collection, water treatment, policing, and firefighting and emergency responses. Currently, cities have little recourse in responding to ransomware attacks, resulting in huge monetary demands, and little knowledge about how to solve the persisting issues. It is imperative that federal guidelines and assistance be provided, in order to protect state and local government computer networks, to ensure the security of Americans’ personal information and to provide for resilient, reliable delivery of crucial public services. Especially under current pandemic conditions, in which Internet dependence is substantially heightened, this must be made a top legislative priority.
Cyber Governance and Policy Center Partners with Cyber Peace Institute
We are pleased to share the good news that the Cyber Governance and Policy Center at the University of Oklahoma is an inaugural university partner of the Cyber Peace Institute (CPI). The CPI is a non-governmental organization devoted to ensuring and enhancing the stability of cyberspace. Our center is one of only four university-based organizations in the world that are inaugural partners, alongside the Ostrom Workshop at Indiana University, the École Polytechnique Fédéral de Lausanne, and a research group on the Geopolitics of the Datasphere (GEODE) at University Paris 8. We are excited to see the University of Oklahoma gaining recognition as a global center of excellence on cyber governance and policy issues. In the remainder of this blog post, we want to share more about the CPI’s mission and values, and say a little more about how we plan to play a role in its work.
Blockchain Technology Receives Presidential Endorsement at Africa Blockchain Conference 2018
Kampala – Uganda: In May, the Africa Blockchain Conference 2018 drew over 700 delegates and 60 speakers and panelists from over 23 different countries, making the two-day (May 23rd – 24th) conference the largest Blockchain conference on the African continent. Organized to include a series of keynote addresses, panel discussions, breakout sessions, and networking opportunities, the inaugural Africa Blockchain Conference brought together both leading figures and blockchain experts and enthusiasts from a plethora of industries including finance and banking, business, government, development, technology, and academia.
Self-Defense and Reprisals in an Era of Cyber Conflict
The use of malicious cyber operations by state and non-state actors in international affairs has sparked a vigorous debate over how international law governs the use of so-called “cyber force” by states. A critical contribution to this debate is the 2017 Tallinn Manual 2.0, the follow-up to the original Tallinn Manual in 2013, both authored by the International Group of Experts and commissioned by the NATO Cooperative Cyber Defence Centre of Excellence (CCD COE). With a charge to “examine how international law governs the use of cyber-force by States and the employment of cyber-operations during armed conflict,” as well as cyber activities during peacetime, the Tallinn Manual, provides crucial insight into the current status, and possible future trajectory, of international law on the use of force. While the Manual generally offers a conservative interpretation of international law, it appears to leave room for certain uses of force broadly believed to have been outlawed by the UN Charter, which, in light of evolving state practice, may lead states to interpret more latitude concerning when they may resort to force to defend against hostile acts.
Can Cybersecurity Tech Accord Really Curb State Actions?
On 17 April 2018, 34 leading global technology firms announced a new private-sector agreement intended to curb the worst excesses of state behavior in the cyber domain, and to improve the general state of global computer network security.
This agreement is a worthwhile effort. It indicates that the private-sector is prepared to take some responsibility for actual and potential harms enabled by their business operations. However, it places firms in clear opposition to states, and commits these companies to taking steps that governments may interpret as inhibiting their legitimate prerogatives in the conduct of foreign policy.
Conceptualizing Cyber Deterrence by Entanglement
The evolution of cyberspace from ARPAnet to the Internet and now a domain of military interactions warranting its own combatant command has been rapid and extensive. The number of connected devices now exceeds 17 billion and will continue to grow in the coming years. For all the benefits afforded by the development of cyberspace it is also a domain rife with crime, espionage and conflict. Rarely does a day go by in which news stories do not discuss some new cyber-attack, theft or espionage activity. As cyberspace has developed and increased in importance to the economy and to national security, considerations on how to foster deterrence have increased. To date, with some notable exceptions, most conversations on deterrence have focused on activities that threaten punishment to or denial of adversaries. Analyses frequently make parallels back to cold war deterrence strategies that emphasize the logic surrounding nuclear weapons. A variety of scholars of international relations and technical specialists view strategies heavily focused on threatening retaliation or on denial as unsatisfactory when applied to cyberspace. These strategies remain unsatisfactory because cyberspace has unique characteristics which undermine key components of deterrence including credibility, signaling, specificity, attribution and decision-making.
The Power of Social Media Companies
Propaganda, the foreign meddling in elections, and “fake news” are extremely topical, but far from a new phenomenon unique to the Internet era. For quite some time, powerful state actors have leveraged communication technologies to distort political processes, influence media agendas, and shape the outcome of important political events. But the sheer ubiquity of the Internet, its global and immediate reach, as well as ongoing socio-technical innovations in machine learning, algorithms, and big data analytics, are making the subversion of political processes more effective than ever before. Democracy is under threat. There are critical concerns that regulators, technologists, and citizens need to address in order to build a more resilient digital public sphere.
The Cyber Governance blog is dedicated to bringing academic research on cyber governance and policy issues to a broader audience.
Our focus is on the global and transnational opportunities and challenges arising from information technology.
Crucial decisions about market concentration in the digital economy, the relationship between social media and democracy, encryption, lawful access and warrants, and the military/espionage uses of information technology are being made largely at the national level – and without adequate consideration of the broader global effects of these decisions.