Reports & Papers

34 Items

Paper

The Coming AI Hackers

| April 2021

Hacking is generally thought of as something done to computer systems, but this conceptualization can be extended to any system of rules. The tax code, financial markets, and any system of laws can be hacked. This essay considers a world where AIs can be hackers. This is a generalization of specification gaming, where vulnerabilities and exploits of our social, economic, and political systems are discovered and exploited at computer speeds and scale.

Donald Trump and Anthony Fauci

AP/Alex Brandon

Paper - Centre for International Governance Innovation

US Intelligence, the Coronavirus and the Age of Globalized Challenges

| Aug. 24, 2020

This essay makes three arguments. First, the US government will need to establish a coronavirus commission, similar to the 9/11 commission, to determine why, since April 2020, the United States has suffered more coronavirus fatalities than any other country in the world. Second, the COVID-19 pandemic represents a watershed for what will be a major national security theme this century: biological threats, both from naturally occurring pathogens and from synthesized biology. Third, intelligence about globalized challenges, such as pandemics, needs to be dramatically reconceptualized, stripping away outmoded levels of secrecy.

Travelers from China’s Wuhan and other cities go through body temperature scanners at Narita international airport in Narita, near Tokyo, Thursday, Jan. 23, 2020.

AP Photo/Eugene Hoshiko

Paper - Belfer Center for Science and International Affairs, Harvard Kennedy School

Weaponizing Digital Health Intelligence

| January 2020

This paper argues that these potential vulnerabilities deserve rigorous, urgent, and thorough investigation. First, it draws from cybersecurity literature, and reviews general sources of vulnerability in digital systems. Next, with these sources of vulnerability in mind, it reviews the health intelligence systems used in the US as well as in a current Public Health Emergency of International Concern (PHEIC), the Ebola outbreak in the Democratic Republic of the Congo (DRC). It then It then reviews the possible motives state actors have to attack health intelligence systems, drawing on recent examples of state-led efforts to manipulate, conceal, or undermine health information. It then speculates about what an attack on a health intelligence system might look like. It concludes by proposing a research and education agenda to thoroughly interrogate these issues and generate policy recommendations needed to address them.

PRC flag with digital overlay

Adobe Stock

Paper - Belfer Center for Science and International Affairs, Harvard Kennedy School

Governing Cyberspace: State Control vs. The Multistakeholder Model

| August 2019

This paper is part of a Track-II dialogue between the Belfer Center’s China Cyber Policy Initiative and the China Institute for International Strategic Studies (CIISS) to manage the risk of cyber conflict between the two countries through dialogue and concrete policy recommendations. The paper includes two parts: a cyber governance theory written by Chinese People’s Liberation Army Major General (ret.) Hao Yeli, a senior adviser to CIISS, and a response prepared by Belfer Center Co-Director Eric Rosenbach and Research Assistant Shu Min Chong.

Paper - Cyber Security Project, Belfer Center

Countering the Proliferation of Malware

| June 27, 2017

Malicious software is adapted, stolen, bought, and used everyday on a global scale. There are better ways to counter this proliferation than export controls. Policymakers should strengthen incentives for researchers and the private sector to rapidly identify software vulnerabilities, disclose them to developers, patch those vulnerabilities, and adopt those patches. Building on previous debates, this paper makes specific recommendations to shorten the lifecycle of vulnerabilities and improve the short term health of the software security ecosystem.

Paper - Cyber Security Project, Belfer Center

Too Connected to Fail

| May 2017

This paper argues that threats to core internet infrastructure and services can, in fact, rise to the level of a serious national security threat to the United States and will explore scenarios where this may be the case. The paper will discuss several kinds of core internet services and infrastructure and explore the challenges with understanding interdependencies between the internet and critical infrastructure; review recent attack techniques that can cause systemic risk to the internet; discuss various nation state capabilities, intentions and recent activities in this area; and describe how these attacks could be used against the United States to deter the U.S., control escalation, or potentially degrade U.S. warfighting capabilities in a conflict. Finally, the paper concludes with recommendations for what the United States and other governments can do to build defenses and resiliency against systemic threats to the internet.

Paper - Centre for International Governance Innovation

Getting beyond Norms: When Violating the Agreement Becomes Customary Practice

| Apr. 20, 2017

This paper offers five standards of care that can be used to test individual states' true commitment to the international norms of behaviour. Only with a concerted and coordinated effort across the global community will it be possible to change the new normal of "anything goes" and move forward to ensure the future safety and security of the Internet and Internet-based infrastructures.