Reports & Papers

10 Items

A computer code is seen on displays in the office of Global Cyber Security Company Group-IB in Moscow, Russia, Wednesday, Oct. 25, 2017. A new strain of malicious software has paralyzed computers at a Ukrainian airport, the Ukrainian capital's subway and at some independent Russian media. Moscow-based Global Cyber Security Company Group-IB said in a statement Wednesday the ransomware called BadRabbit also tried to penetrate the computers of major Russian banks but failed.

AP Photo/Pavel Golovkin

Paper - Belfer Center for Science and International Affairs, Harvard Kennedy School

Addressing Russian and Chinese Cyber Threats: A Transatlantic Perspective on Threats to Ukraine and Beyond

| May 2023

In an interconnected world, cyberattacks are becoming more frequent and sophisticated. Building resilience against this asymmetric threat is critical for countries to protect their economies, critical infrastructure, and democratic institutions. However, cyberattacks do not respect borders, and no country can address this threat alone. The strength and longevity of the transatlantic partnership between the EU and the U.S. presents a unique opportunity to address this strategic threat through international cooperation. Through an analysis of cyberwarfare in the ongoing war in Ukraine, this paper proposes policy recommendations to enhance transatlantic coordination and cooperation against current and future adversaries in a new era of strategic competition. Ultimately, a stronger transatlantic partnership is critical for protecting international democratic norms, building resilience against cyber threats, and strengthening global security and stability.

Paper

US-Russian Contention in Cyberspace

| June 2021

The overarching question imparting urgency to this exploration is: Can U.S.-Russian contention in cyberspace cause the two nuclear superpowers to stumble into war? In considering this question we were constantly reminded of recent comments by a prominent U.S. arms control expert: At least as dangerous as the risk of an actual cyberattack, he observed, is cyber operations’ “blurring of the line between peace and war.” Or, as Nye wrote, “in the cyber realm, the difference between a weapon and a non-weapon may come down to a single line of code, or simply the intent of a computer program’s user.”

A MEP walks in the mostly-vacant Plenary chamber of the European Parliament in Brussels, Tuesday, March 10, 2020.

AP Photo/Virginia Mayo

Paper

Transatlantic Dialogue: The Missing Link in Europe’s Post-Covid-19 Green Deal?

| April 2020

This policy brief emphasizes that the European Green Deal's effectiveness in a post Covid-19 world will require the involvement of strategic partners, especially the US. In the context of a potential US withdrawal from the Paris Agreement and the consequential vacuum, it will be even more important to engage the US in implementing the GD. In light of divergence between the US and the EU during past climate negotiations (e.g. Kyoto, Copenhagen, and Paris), we suggest a gradual approach to US engagement with GD initiatives and objectives.

Report - Potomac Institute for Policy Studies

The Netherlands Cyber Readiness at a Glance

| May 2017

The Potomac Institute for Policy Studies (PIPS) and the Dutch Government are pleased to announce the release of The Netherlands Cyber Readiness at a Glance, the latest study in a series of country reports assessing national-level preparedness for cyber risks based on the Cyber Readiness Index (CRI) 2.0 methodology. This report provides the most in-depth analysis to date of the Netherlands' current cyber security posture and its efforts to strengthen the country's security and resilience in the face of emerging ICT threats.

Paper - Carnegie Endowment for International Peace

Russia and Cyber Operations: Challenges and Opportunities for the Next U.S. Administration

| December 13, 2016

Russian cyber operations against the United States aim to both collect information and develop offensive capabilities against future targets. Washington must strengthen its defenses in response.

Planning for Cyber in the North Atlantic Treaty Organization

US Department of State

Report Chapter - Kosciuszko Institute

Planning for Cyber in the North Atlantic Treaty Organization

| July 08, 2016

While the issue of cyber operations beyond NATO’s own networks is a politically difficult one given the complex mosaic of national, transnational (EU), and international law; the role of national intelligence efforts in certain types of operations; and ever-present disputes over burden-sharing, the Alliance already has invaluable experience in developing policies and procedures for contentious and sensitive tools in the form of the Nuclear Planning Group (NPG). This article begins with a brief overview of actions NATO has already taken to address cyberthreats. It will then explore why these, while important, are insufficient for the present and any imaginable future geopolitical threat environment. Next, it will address the history of the NPG, highlighting some parallels with the present situation regarding cyber and drawing out the challenges faced by, and activities and mechanisms of, the NPG. Finally, it will make the case that a group modeled on the NPG can not only significantly enhance the Alliance’s posture in cyberspace, but can serve as an invaluable space for fostering entente and reconciling differences on key aspects of cyber policy. It concludes that the Alliance needs to consider offensive cyber capabilities and planning, and it needs a Cyber Planning Group to do it.

A Pakistani Internet user surfs the YouTube Web site at a local Internet cafe in Islamabad, Pakistan, Feb. 26, 2008. Pakistan defended its clampdown on the YouTube Web site which accidentally interrupted access for Internet users around the globe.

AP Photo

Paper - Munk School of Global Affairs, University of Toronto

Duties for Internet Service Providers

| March 2012

In today's interconnected world, the Internet is no longer a tool. Rather, it is a service that helps generate income and employment, provides access to business and information, enables e-learning, and facilitates government activities. It is an essential service that has been integrated into every part of our society. Our experience begins when an Internet Service Provider (ISP) uses fixed telephony (plain old telephone service), mobile-cellular telephony, or fixed fiber-optic or broadband service to connect us to the global network. From that moment on, the ISP shoulders the responsibility for the instantaneous, reliable, and secure movement of our data over the Internet.

Discussion Paper - Science, Technology, and Public Policy Program, Belfer Center

Cyber Norm Emergence at the United Nations—An Analysis of the UN's Activities Regarding Cyber-security

    Author:
  • Tim Maurer
| September 2011

Cyber-warfare is no longer science fiction and the debate among policy-makers on what norms will guide behavior in cyber-space is in full swing. The United Nations (UN) is one of the fora where this debate is taking place exhibiting an astonishing rate of norm emergence in cyber-space. Most recently, Russia together with China proposed an “International code of conduct for information security” in September 2011 after the U.S. reversed its long-standing policy position in 2010.

Discussion Paper - Science, Technology, and Public Policy Program, Belfer Center

WikiLeaks 2010: A Glimpse of the Future?

    Author:
  • Tim Maurer
| August 2011

The recent publications on WikiLeaks reveal a story about money, fame, sex, underground hackers, and betrayal. But it also involves fundamental questions regarding cyber-security and foreign policy. This paper argues WikiLeaks is only the symptom of a new, larger problem which is the result of technological advances that allow a large quantity of data to be 'stolen' at low or no cost by one or more individuals and to be potentially made public and to go 'viral', spreading exponentially online.