The Various Dimensions of Cyberthreats: (In)consistencies in the Global Regulation of Cybersecurity
Abstract
The main aim of the present paper is to revisit the different dimensions of cyberthreats and to classify them on the basis of definitions and descriptions used in international instruments with a view to establish (in)consistencies between the various norms. In the framework of a larger project on this topic, we have selected a number of key instruments with the aim of comparing the various norm-descriptions and definitions. Yet, cybersecurity threats are difficult to classify because of the overlapping categories, and the fact that the activities can originate from an individual actor or from non-state actors and groups. This paper finds that, despite the quite fragmented regulatory systems around the world, there is to a very large extent agreement on the basic notions and definitions.
Downloads
Riferimenti bibliografici
AFRICAN UNION. African Union Convention on Cyber Security and Personal Data Protection. 27 de June de 2014.
ARMY TRAINING AND DOCTRINE COMMAND FORTLEAVENWORTH KS DEPUTY CHIEF OF STAFF FOR INTELLIGENCE, DCSINT Handbook No 1.02, 2005.
EUROPEAN UNION AGENCY FOR CYBERSECURITY (ENISA), <https://www.enisa.europa.eu>.
BEIDLEMAN, SCOTT W., “Defining and deterring cyber war”, Army War Coll Carlisle Barracks Pa, 2009, p. 1-32.
BOTEK, ADAM, European Union establishes a sanction regime for cyber-attack, <https://ccdcoe.org/incyder-articles/european-union-establishes-a-sanction-regime-for-cyber-attacks/>.
BRENNER, SUSAN W., “Cybercrime, cyberterrorism and cyberwarfare”, Revue internationale de droit penal, v.77, n.3, 2006, p. 453-471.
BRUNHÖBER, BEATRICE, “Criminal Law of Global Digitality: Characteristics and Critique of Cybercrime Law”, The Law of Global Digitality. Routledge, 2022, p.223-249.
BUCHAN, RUSSELL, Cyber espionage and international law, Research handbook on international law and cyberspace, Edward Elgar Publishing, 2015.
BUSSOLATI, NICOLÒ, “Harmonisation of cybercrime law: Past solutions, present tensions, and future challenges”, 2020.
CHAWKI, MOHAMED, et al., “Cybercrime, digital forensics and jurisdiction”, vol. 593, Springer, 2015.
CLOUGH, JONATHAN, “A world of difference: The Budapest convention on cybercrime and the challenges of harmonization”, Monash University Law Review, 2014, p. 698-736.
CONWAY, MAURA, “Reality bytes: cyberterrorism and terrorist 'use' of the Internet”, First Monday, v. 7, n. 11, 2002, p. 1-17.
CORNISH, PAUL, “Cyber security and politically, socially and religiously motivated cyber attacks”, European Parliament, Brussels, 2009.
COUNCIL OF EUROPE, Convention on Cybercrime (ETS No. 185), 01 de 07 de 2004.
DELERUE, FRANÇOIS, “Reinterpretation or Contestation of International Law in Cyberspace?” Israel Law Review, 2019, p. 295-326.
DENNING, D., “A view of cyberterrorism 5 years later”, Internet security: Hacking, counterhacking, and society, p. 123, 2007.
DE SANTANNA, JOSÉ JAIR CARDOSO, DDoS-as-a-Service: investigating booter websites, Enschede, 2017.
DIPERT, RANDALL R, “The ethics of cyberwarfare”, Journal of Military Ethics, 2010, p. 384-410.
DUCHEINE, P. A. L., and PETER BMJ PIJPERS, “The Notion of Cyber Operations”, Amsterdam Law School Research Paper, 2020, p.2020-09.
EUROPEN UNION, Council Regulation (EU) 2019/796 concerning restrictive measures against cyber-attacks threatening the Union or its Member States, 17 May 2019.
EUROPEAN UNION, European Parliament resolution of 12 September 2013 on a Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace (2013/2606(RSP)), 12 September 2013.
FAGA, HEMEN PHILIP, “The implications of transnational cyber threats in international humanitarian law: analysing the distinction between cybercrime, cyber attack, and cyber warfare in the 21st century”, Baltic Journal of Law & Politics, vol. 10, 2017, p. 35-62.
GENERAL ASSEMBLY OF THE UNITED NATIONS, Resolutions 74/28 - Advancing responsible State behaviour in cyberspace in the context of international security, 18 December 2019.
GENERAL ASSEMBLY OF THE UNITED NATIONS, Resolution 75/282- Countering the use of information and communications technologies for criminal purposes, 26 May 2021.
GENERAL ASSEMBLY OF THE UNITED NATIONS, Resolution 73/27 - Developments in the field of information and telecommunications in the context of international security, 05 December 2018.
GENERAL ASSEMBLY OF THE UNITED NATIONS, Resolution nº 58/199 - Creation of a global culture of cybersecurity and the protection of critical information infrastructures, 30 January 2004.
GREATHOUSE, CRAIG B., “Cyber war and strategic thought: Do the classic theorists still matter?”, Cyberspace and International Relations. Springer, Berlin, Heidelberg, 2014, p.21 - 40.
GORDON, SARAH, and RICHARD FORD, “On the definition and classification of cybercrime”, Journal in Computer Virology, 13-202, 2006
HANSMAN, SIMON, and HUNT, RAY, “A taxonomy of network and computer attacks”, Computers & Security, 2005, p. 31-43.
HATHAWAY, OONA A., et al., “The law of cyber-attack”, Calif. L. Rev., 2012, p. 817.
INTERNATIONAL TELECOMMUNICATION UNION, Resolution 50, 25 October – 3 November 2016.
INTERNATION TELECOMMUNICATION UNION, Resolution 45 – Effective coordination of standardization work across study groups in ITU-T and the role of TSAG, Dubai, 20-29.
JAMIL, ZAHID, “Comparative analysis of the Malabo Convention of the African Union and the Budapest Convention on Cybercrime”, Council of Europe, 2016.
JAHN, JESSICA, "Canada´s Position at the UN Cybercrime Treaty Negotiations", <https://icclr.org/2022/03/02/canadas-position-at-the-un-cybercrime-treaty-negotiations/>.
KASTNER, PHILIPP, and FRÉDÉRIC MÉGRET, “International legal dimensions of cybercrime”, Research Handbook on International Law and Cyberspace, Edward Elgar Publishing, 2021.
KENNEY, MICHAEL, “Cyber-terrorism in a post-stuxnet world”, Orbis, vol. 59, n.1, 2015, p. 111-128.
LIN, HERBERT, “Lifting the veil on cyber offense”, IEEE Security & Privacy, 2009, p.15-21.
LUIJF, ERIC, “Understanding cyber threats and vulnerabilities”, Critical infrastructure protection, 2012, p. 52-67.
MCQUADE III, SAMUEL C., “Encyclopedia of cybercrime”, ABC-CLIO, 2008.
MEHAN, JULIE. “CyberWar, CyberTerror, CyberCrime and CyberActivism: An i-depth guide to the role of standards in the cybersecurity environment”, IT Governance Publishing, 2014.
MIADZVETSKAYA, YULIYA, “Challenges of the Cyber Sanctions Regime Under Common Foreign and Security Policy (CFSP)”, Anton Vedder, Jessica Schroers, Charlotte Ducuing, Peggy Valcke, KU Leuven Centre for IT & IP Law Series, 2019.
NYE JR, JOSEPH S., Cyber power. Harvard Univ Cambridge Ma Belfer Center for Science and International Affairs, 2010.
ORGANIZATION FOR SECURITY AND CO-OPERATION IN EUROPE, Decision 1106 - Initial Set of
OSCE Confidence-Building Measures To Reduce The Risks Of Conflict Stemming From The Use Of Information And Communication Technologies, 3 December 2016.
ORGANIZATION OF AMERICAN STATES, Declaration strengthening cyber-security in the americas, 7 March 2012.
ORGANISATION OF AMERICAN STATES (OECD), Digital Security Risk Management for Economic and Social Prosperity: OECD Recommendation and Companion Document, Paris, 2015.
PATTISON, JAMES, “From defence to offence: The ethics of private cybersecurity”, European Journal of International Security, vol. 5, 2020, p. 233-254.
PERNICE, INGOLF, “Cybersecurity governance: Making cyberspace a safer place”, HIIG Discussion Paper Series, vol. 3, 2017, p. 1-28.
ROBINSON, MICHAEL, KEVIN JONES, and HELGE JANICKE, “Cyber warfare: Issues and challenges”, Computers & security, 2015, p.70-94.
SABILLON, REGNER, et al., “Cybercriminals, cyberattacks and cybercrime”, 2016 IEEE
International Conference on Cybercrime and Computer Forensic (ICCCF), 2016.
SPEER, DAVID L., “Redefining borders: The challenges of cybercrime”, Crime, law and social change, 2000, p. 259-273.
SHACKELFORD, SCOTT J., “Toward cyberpeace: Managing cyberattacks through polycentric governance” Am. UL Rev., vol. 62, 2012, p. 1273.
SHANGHAI COOPERATION ORGANIZATION, Agreement on Cooperation in Ensuring International Information Security between the Member States of the Shanghai Cooperation Organization, 2009.
SAMARASEKERA, UDANI, Cyber risks to Ukrainian and other health systems, 30 March 2022, <https://www.thelancet.com/journals/landig/article/PIIS2589-7500(22)00064-4/fulltext>.
SPEER, DAVID L., “Redefining borders: The challenges of cybercrime”, Crime, law and social change, 2000, p. 259-273.
STRUNK, DANIEL, et al., “American Cyber Insecurity: The growing danger of cyber attacks”, Duke University, Durham, 2014.
TECH ACCORD, Cybersecurity Tech Accord. Protecting Users and Customers Everywhere, 2018.
TECHOPEDIA, <https://www.techopedia.com/definition/24748/cyberattack>.
THE LEAGUE OF ARAB STATES, Arab Convention on Combating Information Technology, 15 Feb 2012.
TROPINA, TATIANA, Cybercrime: Setting international standards, Routledge Handbook of International Cybersecurity, Routledge, p.148-160, 2020.
UMA, M., AND GANAPATHI PADMAVATHI, “A Survey on Various Cyber Attacks and their Classification”, Int. J. Netw. Secur., 2013, p. 390-396.
VASIU, LUCIAN, and VASIU, IOANA, “Dissecting computer fraud: from definitional issues to a taxonomy”, 37th Annual Hawaii International Conference on System Sciences, 2004.
VELASCO, CRISTOS, HÖRNLE, JULIA, and OSULA, ANNA-MARIA, “Global Views on Internet Jurisdiction and Trans-border Access”, Data Protection on the Move. Springer, 465-476, Dordrecht, 2016.
WARREN, M. J., “Terrorism and the Internet”, Cyber warfare and cyber terrorism. IGI Global, 2007, p.42-49.
WILSON, CLAY, Botnets, cybercrime, and cyberterrorism: Vulnerabilities and policy issues for congress, Library of congress Washington DC Congressional Research Service, 2008.
Las obras que se publican en esta revista están sujetas a los siguientes términos:
1. El Servicio de Publicaciones de la Universidad de Murcia (la editorial) conserva los derechos patrimoniales (copyright) de las obras publicadas, y favorece y permite la reutilización de las mismas bajo la licencia de uso indicada en el punto 2.
2. Las obras se publican en la edición electrónica de la revista bajo una licencia Creative Commons Reconocimiento-NoComercial-SinObraDerivada 3.0 España (texto legal). Se pueden copiar, usar, difundir, transmitir y exponer públicamente, siempre que: i) se cite la autoría y la fuente original de su publicación (revista, editorial y URL de la obra); ii) no se usen para fines comerciales; iii) se mencione la existencia y especificaciones de esta licencia de uso.
3. Condiciones de auto-archivo. Se permite y se anima a los autores a difundir electrónicamente las versiones pre-print (versión antes de ser evaluada) y/o post-print (versión evaluada y aceptada para su publicación) de sus obras antes de su publicación, ya que favorece su circulación y difusión más temprana y con ello un posible aumento en su citación y alcance entre la comunidad académica. Color RoMEO: verde.
