IGF Berlin // Open Work Meeting on Cyber-Accountability: Building Attribution Capability

In a little under two weeks, at the upcoming Internet Governance Forum-Berlin, the Internet Governance Project (IGP) and ICT4Peace Foundation will be holding an open work meeting about the ongoing effort to form a global network of cybersecurity researchers who want to cooperate to develop attribution capabilities and perform cyber-attributions...

Show me the market: Technical data helps, but isn’t enough to understand the DoH debate

A presentation at the recent RIPE79 gives us some initial insight into the recursive resolution of Domain Name System (DNS) queries. Who performs recursive resolution and therefore has access to DNS query data is at the center the DNS over HTTPS (DoH) debate. But as we’ll explain below, the data...
Labrona, Untitled (2016)

Just the facts? Building an independent attribution institution

The Swiss-based advocacy organization ICT4Peace held a workshop late last month to discuss ongoing efforts to build an independent network of organizations engaged in attribution activities. There were approximately two dozen attendees, from US and European universities (including Georgia Tech’s IGP), industry, a handful of European government agencies, and a...

The Summer of routing leaks, and good MANRS

The routing of Internet packets is one of the most important Internet governance issues you have probably never heard of. Yet Internet routing security made the popular press this summer. Two events in particular were noteworthy: Swiss-based operator Safe Host improperly updated its routers and advertised BGP routes to its...

Is there hope for IPv6?

Last year Georgia Tech's Internet Governance Project teamed up with ICANN's Office of the Chief Technology Officer to research the economic factors affecting the decisions of network operators to deploy Internet Protocol version 6 (IPv6). The study was commissioned because we both believe that the Internet community needs a better...

The folly of treating routing hijacks as a national security problem

A recent paper in the journal Military Cyber Affairs, co-authored by researchers at U.S. Naval War College and Tel Aviv University, details how four BGP hijacks occurring between 2016-2017 took place, re-routing potentially sensitive Internet traffic through China. It made the rounds, promoted by some threat intelligence company and cybersecurity...
Labrona, Untitled (2016)

Research on public attribution of state-sponsored attacks

I’ve recently returned from the Cybersecurity and Cyberconflict: State of the Art Research Conference, organized by Dr. Myriam Dunn Cavelty and her colleagues at the Center for Security Studies, ETH, in Zürich, Switzerland. The conference brought together a mix of scholars researching “the strategic (mis)use of cyberspace by state and...

Defusing the cybersecurity dilemma game through attribution and network monitoring

States are stuck in a “cybersecurity dilemma”. They can’t reliably distinguish between other states’ offensive and defensive activities. E.g., surveillance or probing being used by a state for defense might look like offensive measures to those states being surveilled or probed. As a result, cyber powers engage in a never...

The flaws and risk in the Kaspersky case

There is a constant drumbeat of Russian threat stories these days, but none is more important to Internet governance than the legal battle between Kaspersky Labs and the United States. It highlights the dangers of nation-states inserting themselves into cybersecurity governance, and shows why the alignment of cybersecurity with nation...