Cyber Security Publications
U.S. policymakers have compared the challenge of managing threats in the cyber domain to that of controlling nuclear weapons during the Cold War. The United States and China are currently negotiating what would be the first cyber arms control agreement to ban attacks on each other’s critical infrastructure in peacetime. The Obama administration believes such an agreement could lead to a broader “international framework” of norms, treaties, and institutions to govern cyberspace. Arms control and deterrence are longstanding U.S. policy instruments that are being revived and retooled to meet contemporary cyber challenges. But the utility of these Cold War strategies, which constitute necessary but not sufficient measures, will be inherently limited owing to fundamental differences between the nuclear and cyber domains.
The cyberthreat posed by terror groups today looks less like war than hacktivism—the use of online subversion or sabotage, often by loosely networked actors, to boost a political agenda. Within these opportunistic webs of affiliation, whether a hacker has an operational link to a terrorist organization is largely irrelevant. Any sympathizer can use digital tools to deface websites for propaganda value, encourage acts of violence, or cause economic disruption. In response, firms and governments can do more to improve defenses, educate users, and monitor hacktivist capabilities.
Now for the Hard Part: Renewing Regional Cooperation on Critical Infrastructure Security and ResilienceSep 22, 2014
Even before NAFTA and 9/11, the United States, Canada, and Mexico all recognized the need to secure critical infrastructure and to collaborate with their continental neighbors in doing so. This paper identifies challenges to critical infrastructure security and resilience (CISR) among the countries and provides recommendations for going forward.
The war on terrorism has not been won, Gabriel Weimann argues in Terrorism in Cyberspace, the successor to his seminal 2006 book, Terror on the Internet. Weimann’s book looks at terrorism’s online reach, recent trends, future threats, and ways to mitigate or counter Internet terrorism.
This report examines how Al-Qaeda, its affiliates and other terrorist organizations have moved their online presence to YouTube, Twitter, Facebook, Instagram and other social media outlets, posing challenges to counter-terrorism agencies.
The growing use of social media and other mass collaboration technologies is opening up new opportunities in disaster management efforts, but is also creating new challenges for policymakers looking to incorporate these tools into existing frameworks. The Commons Lab, part of the Science & Technology Innovation Program, hosted a September 2012 workshop bringing together emergency responders, crisis mappers, researchers, and software programmers to discuss issues surrounding the adoption of these new technologies. This report discusses the key findings, policy suggestions, and success stories that emerged during the workshop.
Individuals and organizations using social media and crowdsourcing need two key sets of information: a systematic assessment of the vulnerabilities in these technologies and a comprehensive set of best practices describing how to address these vulnerabilities. This report identifies certain vulnerabilities and provides a guideline to develop best practices necessary to address a growing number of incidents ranging from innocent mistakes to targeted attacks that have claimed lives and cost millions of dollars.
Social media is responsible for much positive change in the world. But these new tools can be used by bad actors to foment strife and undermine stability, as seen during violent incidents in the Assam state of northeast India in July 2012. Cybersecurity efforts must take into account the growing potential for cyber-attack using social media, where hoax messages are incorporated into a stream of otherwise legitimate messages, and understand how quickly mobile apps and text services can disseminate false information.