Index
Abbott, Andrew, 14
Abraham, Kavi Joseph, 16
Acquaviva, Guido,
Advanced Persistent Threat Groups (APTs)
cyber hybrid warfare by,
accountability mechanisms for,
effective control strategies, 241
as grey-zone tactic, 240
under international law, 241
state responsibilities in, role of,
Cyber Tech Accord and, 242
espionage by,
information system attacks, 239
theoretical approach to,
adversarial artificial intelligence, 122
Alker, Hayward, 5
Alliance for Peacebuilding, 98
ambiguous signals, in cyber off-ramps, 67
Ankersen, Christopher,
Arab Spring, 94
Argentina, feminist movements in, 94
ARPANET, 31
artificial general intelligence (AGI), 117
artificial intelligence advanced towards, 124
cybersingularity and, implications for,
defensive capabilities of, 123
definition of, 123
development of, 123
offensive capabilities of, 123
artificial intelligence (AI)
adversarial, 122
artificial general intelligence and, 124
background of,
cyber attack methods, 121
definition of, 118
global service corps, shared governance of,
information anonymity and,
in information attacks,
information attribution and,
information security measures and,
defensive, 120
as deterrence, 120
linkages to artificial intelligence,
offensive,
as proactive, 120
theoretical approach to,
aviation model, for cyber peace,
under Convention on International Civil Aviation, 156
under International Civil Aviation Organization, 156
threat intelligence in, 157
Aviation Safety Information Analysis and Sharing (ASIAS) System,
Cavelty, Myriam Dunn, 12
Chesney, Bobby, 85
civil liberties, digital repression and, 26
civilians, information sharing with military,
Clinton, Hillary, 225
coercive habituation, digital repression and, 28
coercive potential, in wargames, 80
Colombia
cyber peacebuilding processes in,
digital spoilers in, 105
in Inter-American Human Rights System, 100
Internet access in,
multistakeholder governance in,
policy implications for,
promotion of human rights,
stability in, 104
Digital Security policy in, 107
Comey, James, 135
Communist Party of China, 22
Comoros case, ICC, 139
Computers at Risk (National Research Council), 160
confidence-building measures (CBMs)
advantages of, 55
definition of, 55
through information sharing,
non-military, 54
origins of, 54
Convention on International Civil Aviation, 156
Council of Advisers on the Application of the Rome Statute to Cyberwarfare,
Craig, Amanda, 10
crimes against humanity, 136
crimes of aggression, cyber attacks as,
crises escalation, in cyber war, 66
conflict processes, 66
cyber operations and,
over territorial disputes, 66
crowdsourcing
for cyber peace, as theoretical concept, 230
for cybersecurity,
through bounty programs, 233
calls to action,
through collaboration, 233
CyberPeace Corps, 232
Defence League Cyber Unit, 231
in Estonia, 231
through intelligence sharing, 233
as theoretical concept, 230
volunteer journey, phases of, 234
definitions and scope of,
cyber 9/11, ,
cyber attacks, . See also International Criminal Court
with artificial intelligence, 121
as crime of aggression,
cyber 9/11 scenario, ,
for data-theft, 132
deterrence measures against,
Domain Name System as resource,
Domain-based Message Authentication, Reporting, and Conformance resource,
against essential services,
extortion and, 132
as genocide,
of information technology systems, 132
under international human rights law,
under international humanitarian law,
multi-factor authentication against, 226
phishing, 224
scope of, 132
for theft of state secrets, 132
under UN Charter,
in U.S.
against Democratic National Committee, 225
against Office of Personnel Management, 224
prosecution of, 135
WannaCry, 227,
as war crimes,
cyber conflict, 12
cyber crime, , 54
cyber hybrid warfare, by APTs,
accountability mechanisms for,
effective control strategies, 241
as grey-zone tactic, 240
under international law, 241
state responsibilities in, role of,
Cyber Information Sharing and Collaboration Program (CISCP),
cyber threat information in, 47
as non-polycentric, 57
real-time information in, 47
scope of platform,
cyber lawlessness,
cyber off-ramps, ,
ambiguous signals in, 67
in de-escalation strategies,
information costs of, 69
public response to, 67
substitutability dynamics,
cyber peace. See also boundaries; cyber war; cybersecurity; digital peace; peacebuilding processes; specific topics
accountability theories for, 220
as concept,
linguistic elements in,
crowdsourcing for, as theoretical concept, 230
Erice Declaration on Principle for Cyber Stability and Cyber Peace, xxi
information and communication technologies and, 8
four pillars of, ,
in International Relations and Global Studies theories,
under International Telecommunication Union, xxi
as multidimensional concept,
origins of,
in polycentric governance systems, , xxiv,
positive peace perspective for, xxiii
stakeholders in,
theoretical approach to,
word cloud for, xxiii
Cyber Tech Accord, 242
cyber war, 12. See also cyber hybrid warfare; wargames
cyber off-ramps, ,
ambiguous signals in, 67
in de-escalation strategies,
information costs of, 69
public response to, 67
substitutability dynamics,
cyber operations
as complements, in crisis escalation, 70
as escalation-prone,
as substitutes for other power measures, 70
de-escalation strategies, cyber off-ramps and,
evidence for,
through case studies, 71
through experimental studies, 71
research design,
through wargames,
as negative peace, 65
stability strategies,
theoretical approach to,
cybernetics,
cybersecurity. See also crowdsourcing; cyber war; information security measures
access to,
ecosystem of international law and norms,
information sharing and, 42
best practices for,
cross-sector cooperation for, 42
under Cybersecurity Information Sharing Act,
definition and scope of, 43
in peacebuilding processes, through cybersecurity governance,
as human-centered,
phishing attacks, 224
in South Africa, with National Cybersecurity Policy Framework,
Cybersecurity Information Sharing Act, U.S. (2016),
cybersingularity, AGI and,
cyberspace. See also cybersecurity; specific topics
access issues in,
during Covid-19 pandemic, 217
infrastructure issues, 216
layered deterrence in, xxii
origins of,
in polycentric governance systems, xx
stability of,
Cyberspace Solarium Commission, xxii
Daniel, Michael, 135
data destruction,
data-theft, 132
Declaration of Independence of Cyberspace, 39
Defence League Cyber Unit (CDL), 231
defend forward approach, to cyber aggression, 15
defensive information security, 120
denial of service, 121
Diehl, Paul,
Digital Blue Helmets initiative, xxv,
digital peace, xxiv
digital repression,
as civil liberties violation, 26
coercive habituation and, 28
cost–benefit analysis of, , 32
information and communication technologies involved in, 24,
autonomous structures,
Internet networks,
kill switches, 29
state control over, 30
tactical expertise of and,
threat identification through,
infrastructure of,
in literature, 33
origins of, 26
as physical integrity violation, 26
in Poland,
repressive agents,
with smartphones, 24
targets of, 28
Digital Security policy, in Colombia, 107
Domain Name System (DNS),
Domain-based Message Authentication, Reporting, and Conformance (DMARC) resource, 225
drive-by exploits, 121
Eichensehr, Kristen, 135
election manipulation
empirical studies, for cyber research
barriers to,
data collection issues,
expertise from multiple domains, limitations on, 207
narrow range of contexts,
cyber-related data publishing,
incentives for interdisciplinary research teams, 208
theoretical approach to, 205
Erice Declaration on Principle for Cyber Stability and Cyber Peace, 241
information and communication technologies and, 8
exploit kits, 121
extortion, cyber attacks and, 132
Federal Aviation Administration (FAA), 165
feminist movements, in Argentina, 94
Financial Services Information Sharing and Analysis Center (FS-ISAC), 43,
financial sector role in, 49
as non-polycentric, 57
operational elements of, 48
private sector role in,
François, Camille, ,
Galtung, Johan, xxiv,
Gibson, William,
Global Commission on the Stability of Cyberspace,
Global Cyber Alliance (GCA),
global public goods, 3
Global South, peacebuilding processes in, 96
gravity threshold, in Rome Statute,
Greenberg, William, 5
Group of Governmental Experts (Sixth Group) (GGE), 171, , 190, 219
goals and purpose of,
mandates for,
multilateral negotiations by,
norm implementation by,
Open-Ended Working Group compared to,
political context for,
Guide to Cyber Threat Information Sharing (National Institute of Standards and Technology) (NIST), 40,
Guterres, António, 242
hacktivism, 54
Healey, Jason, , 15
Hofweber, Thomas, 4
human rights. See also international human rights law
in Colombia,
in cyber peacebuilding processes,
in South Africa, 101
human rights law, peacebuilding processes under, 100
human-centered approach, to peacebuilding processes, 98
human-centered cybersecurity governance,
Hurwitz, Roger,
identity theft, 121
“infodemic,” cyberspace access and,
information and communication technologies (ICT)
cyber peace and,
CyberPeace Institute and,
development changes in, 22
digital repression and, 24, 69
autonomous structures,
Internet network infrastructure,
kill switches, 29
state control over, 30
tactical expertise of and, 28
threat identification through,
Erice Declaration on Principle for Cyber Stability and Cyber Peace and, 8
peacebuilding processes with,
in South Africa,
World Federation of Scientists and, 8
youth empowerment through, 7
information anonymity,
information attribution,
information costs, of cyber off-ramps, 69
information security measures, with artificial intelligence,
defensive information security, 120
as deterrence measure, 120
linkages within,
offensive measures,
as proactive measure, 120
information sharing. See also Cyber Information Sharing and Collaboration Program
best practices for,
between civilians and military,
clarification of “rules of the road,” 40
as confidence-building measure, 40
through crowdsourcing, for cybersecurity, 233
cyber peace through, 53
as best practice,
as confidence-building measure,
informational symmetries for, 53
risk assessment for, 53
thresholds of non-permissible online behavior, 53
cybersecurity and, 42
best practices for,
cross-sector cooperation for, 42
under Cybersecurity Information Sharing Act, 44
definition and scope of, 43
definition of,
Financial Services Information Sharing and Analysis Center and,
financial sector role in, 49
as non-polycentric, 57
operational elements of, 48
private sector role in,
Guide to Cyber Threat Information Sharing, 40,
between military and civilians, 45
mitigation of cyberthreats through,
national platforms for, 50
non-polycentric,
open-source sharing communities, 45
operational aspects of,
agreed rules for thresholds of shared threats, 44
as best practice for cybersecurity,
normative-substantive disincentives, 53
operative disincentives, 52
regulatory issues, 44
sharing entities, 45
overview of,
under polycentric governance, ,
parameters of, 56
purpose of, 43
in regulatory contexts, 52
risk assessment and, 40
by stakeholders, 41
tactics, techniques, and procedures (TTPs) in, 41
theoretical approach to,
trans-national platforms for, 50
trust building through, 40
types of information shared, 44
for vulnerabilities to cyber threats, reduction strategies for, 40
information system attacks, 239
information technology (IT). See also information and communication technologies
cyber attacks of, 132
informational symmetries, for information sharing, 53
instrument of power responses, in wargames, 78
Inter-American Human Rights System, 100
International Atomic Energy Agency (IAEA), 156
International Civil Aviation Organization (ICAO), 156
International Criminal Court (ICC)
ad hoc tribunals, 134
Comoros case, 139
crimes against humanity and, 136
criminalization and prosecution of cyber attacks and,
considerations for, 137
as crime of aggression,
for data destruction,
as genocide,
Prosecutor v. Al Hassan, 138
under Rome Statute,
Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, 138
as war crimes,
International Law Commission and, 147
in Iraq, 132
Islamic State, 132
Lubanga appeal judgment, 137
in Myanmar, , 145
Rome Statute,
attribution through admissible evidence under,
Council of Advisers on the Application of the Rome Statute to Cyberwarfare, 135
cyber attacks as crime of aggression,
cyber attacks as genocide under, 145
cyber attacks as war crimes under, 143
gravity threshold in, 141
principle of distinction in, 142
substantive crimes under,
UN Charter and, 146
weapons use under, 142
in Rwanda, 145
in Syria, 133
theoretical approach to,
International Criminal Tribunal for Rwanda (ICTR), 134
International Criminal Tribunal for the Former Yugoslavia (ICTY), 134
international human rights law
cyber attacks under,
ecosystem of norms for,
International Law Commission (ILC), 147
International Relations and Global Studies, 3
International Telecommunication Union (ITU), xxi,
Internet. See also digital divide
access to,
in Colombia,
in peacebuilding processes,
in South Africa,
ARPANET, 31
Iran. See also Islamic Republic of Iran
cyber war with U.S.,
assessment of,
covert operations in, 83
cyber operations in, 83
escalation of,
origins of, , 85
sanctions against Iran, 86
Summer 2019 crisis,
Iran–Iraq War, 82
nuclear weapons development by,
under Joint Comprehensive Plan of Action,
Operational Nimble Archer, 82
Operational Praying Mantis, 82
Saudi Arabia as cyber target of, 83
Iranian Revolution, 82
Iran-Iraq War, 82
Iraq, International Criminal Court in, 133
Islamic State (ISIL),
Macron, Emmanuel,
malware, 121
Marlin-Bennett, Renée,
metaphors,
inadvertent complicity in,
Microsoft Corporation, peacebuilding processes and, 175
military
cyber elements in,
information sharing with civilians,
money laundering, 54
Mubarak, Suzanne, 7
multi-factor authentication (MFA), 226
multistakeholder collaborations,
under polycentric governance, 16
Muslims, in China, detention of, 2
Mustang Panda cyber attack,
Myanmar, , 145
National Aeronautics and Space Administration (NASA), 165
National Cybersecurity Board (Cyber-NTSB),
applications of,
Computers at Risk, 160
development of,
goals and purpose of,
National Cybersecurity Policy Framework, in South Africa, 107
National Institute of Standards and Technology (NIST), 40,
National Research Council, 160
National Transportation Safety Board (NTSB),
near-miss reporting systems,
negative peace, cyber war as, 65
Net Mundial conference, 174
Neuromancer (Gibson), 11
Nguyen Xuan Phuc, 225
non-military confidence-building measures, 54
non-polycentric information sharing, 57
normative-substantive disincentives, for information sharing, 53
North Korea, WannaCry cyber attack by, 227,
offensive information security measures,
Office of Personnel Management (OPM), in U.S.,
cyber attacks against, by China, 224
Open-Ended Working Group (OEWG), 171, , 190
China and,
cyber stability strategies by,
goals and purpose of, 180
Group of Governmental Experts compared to,
mandates for,
norm implementation by,
origins of,
political context for,
Russia and, ,
UN Member States in,
open-source sharing communities, 45
Operation Earnest Will, 82
Operation Praying Mantis, 82
operative disincentives, of information sharing, 52
Ostrom, Elinor, 156
Ostrom, Vincent,
Pact of Paris,
Paris Climate Accord, xx
Peace Studies, xxiv,
peacebuilding processes, through cyber applications. See also Colombia; Open-Ended Working Group; South Africa
Alliance for Peacebuilding, 98
comprehensive approach to,
potential applications in, 97
cybersecurity governance,
human-centered,
definition of,
Digital Blue Helmets initiative, 97
digital divide and,
digital spoilers in,
four pillars of,
Internet access, inclusivity for,
multistakeholder governance,
promotion of human rights,
stability in cyberspace,
in Global South, 96
Group of Governmental Experts (Sixth Group) and, 171, , 190
goals and purpose of,
mandates for,
multilateral negotiations by,
norm implementation by,
Open-Ended Working Group compared to,
political context for,
history of,
CyberPeace Institute, 175
Global Commission on the Stability of Cyberspace,
through multilateral negotiations,
multistakeholder roles in,
Net Mundial conference, 174
under human rights law, 100
human-centered approach to, 98
with information and communication technologies,
in South Africa,
under international humanitarian law, 100
intrastate armed processes and, de-escalation of, 96
Microsoft Corporation and, 175
origins of,
Program of Action and,
through social media, 97
state-centric approach to,
theoretical approach to, ,
UN Draft Resolutions,
Russia sponsored resolution, 188
State Sponsorship resolution,
U.S. sponsored resolution,
by UN General Assembly,
UN Draft Resolution votes,
phishing attacks, 224
physical integrity, violations of, 26
Podesta, John, 225
Poland,
polycentric governance, , xx
information sharing under, ,
parameters of, 57
monocentric governance and, 10
multistakeholder forms of, 16
principle of distinction, in Rome Statute, 142
proactive information security measures, 120
Program of Action (PoA),
Prosecutor v. Al Hassan,
Putin, Vladimir, 239
The Quest for Cyber Peace,
Reagan, Ronald, 154
Reid, Herbert, 13
repressive agents,
Reynolds, Linda, 240
risk assessment, with information sharing, 40
Robinson, Michael, xxii
Roff, Heather, ,
Ruzicka, Jan, 12
Sánchez, Óscar Arias, 5
Saudi Arabia, as cyber target of Iran, 83
Schaake, Marietje,
Schneider, Jacqueline, 67
Scott, James, 30
Searle, John, 5
Shackleford, Scott,
side channel attacks, 121
simulation diagrams, in wargames, 73
Sluzba Bezpieczenstwa (Poland),
smartphones, digital repression with, 239
Smith, Brad, 175
social engineering, 121
social movements, 94
Solarwinds attack, 237
Solemani, Qasem, 86
South Africa
cyber peacebuilding processes in, 94, 99
cyberspace stability in,
digital spoilers in,
information and communication technologies in,
Internet access in, 107
multistakeholder governance in,
policy implications for,
promotion of human rights, 101
South African Human Rights Commission, 101
through transitional justice, 108
National Cybersecurity Policy Framework, 107
South African Human Rights Commission (SAHRC), 101
spam, 121
Special Tribunal for Lebanon, 134
stakeholders
in cyber peace,
in empirical research, private/public partnerships in, 209
information sharing by, 41
state-centric approach, to peacebuilding processes, 104
Strange, Susan, 18
substitutability dynamics, with cyber off-ramps,
Syria, 133
tactical expertise, in digital repression,
tactics, techniques, and procedures (TTPs)
in Cyber Security Reporting System, 166
in information sharing, 41
terrorism, 54
Thornton, E. Nicole,
threat identification, in digital repression, in China,
threat intelligence, in aviation model, 157
Touré, Hamadoun, 5
transitional justice, in South Africa, 108
treatment groups, in wargames, , 78
Trump, Donald,
United Nations (UN). See also Open-Ended Working Group
Draft Resolutions, for cyber peace,
Russia sponsored resolution,
State Sponsorship resolution, 185
U.S. sponsored resolution,
General Assembly,
UN Draft Resolution votes, on cyber peace resolutions,
United States (U.S.). See also verifiers; specific topics
cyber attacks in
against Democratic National Committee, 225
against Office of Personnel Management, 224
prosecution of, 135
cyber war with Iran, 85,
assessment of,
covert operations in, 83
cyber operations in, 83
escalation of,
origins of, , 85
sanctions as result of, 86
Summer 2019 crisis,
election manipulation in, Advanced Persistent Threat Groups and, 239
Federal Aviation Administration, 165
Joint Comprehensive Plan of Action and,
National Aeronautics and Space Administration, 165
National Transportation Safety Board,
Office of Personnel Management in,
cyber attacks against, by China, 224
Operation Earnest Will, 82
Operation Nimble Archer, 82
Operation Praying Mantis, 82
UN Draft Resolutions by, for cyber peace,
World Health Organization and, withdrawal from,
Valeriano, Brandon, 15
verifiers, of cyber peace
aviation model for, 156
under Convention on International Civil Aviation, 156
under International Civil Aviation Organization, 156
threat intelligence in, 157
Aviation Safety Information Analysis and Sharing System,
Aviation Safety Reporting System,
Federal Aviation Administration, 165
National Aeronautics and Space Administration and, 165
in domestic incident investigations,
International Atomic Energy Agency and, 156
international investigation mechanisms,
CyberPeace Corps, 167
National Cybersecurity Board (Cyber-NTSB),
applications of,
Computers at Risk, 160
development of,
goals and purpose of,
National Transportation Safety Board,
near-miss reporting systems,
purpose of,
violence, universal definitions of, xxiv
WannaCry cyber attack, 227,
wargames
coercive potential in, 80
conventional escalation in, 79
cyber escalation in, 79
cyber substitution in, 80
evidence through,
instrument of power responses, 79
participant behaviors,
response preferences in, 77
scenarios in, 78
simulation diagrams, 73
treatment groups, , 79
WeChat, 22
Wegener, Henning, , 6
Wiener, Norbert, 11
WikiLeaks, 225
Woman’s International Peace Movement,
word cloud, for cyber peace, xxiii
World Federation of Scientists,
Erice Declaration on Principle for Cyber Stability and Cyber Peace, xxi
information and communication technologies and, 8
information and communication technologies and, 8
World Health Organization (WHO),
Yanarella, Ernest, 13
Open access