The new strategic concept “persistent engagement” is here, and it doesn’t mean what you think it means. Notionally, this strategy suggests that the United States will consistently confront its adversaries in cyberspace rather than wait for them to attack US networks. The 2018 Cyber Strategy employs the concept of “defending...
Georgia Institute of Technology’s School of Public Policy teamed up with the Aspen Institute in Washington to organize an informative discussion of cyber attack deterrence and attribution. The panel included Milton Mueller, the director of the Internet Governance Project, and the current and former directors of the U.S. government’s Cyber...
In December 2018, a bill on the "stable operation" of the Russian segment of the Internet was introduced and got the title “Sovereign Runet" in mass media and among the public. It was adopted after 5 months later, despite doubts about the technical feasibility of its implementation. The law is very ambitious in its intent to simultaneously control...
Not a day goes by without hearing that Russia wants to nationalize the Internet, fragment the Internet or block its citizens' access to the global Internet. Just yesterday, media sources announced that Russia will be testing its Internet shut down capabilities, which is a rather inaccurate account of Russia’s move...
A recent paper in the journal Military Cyber Affairs, co-authored by researchers at U.S. Naval War College and Tel Aviv University, details how four BGP hijacks occurring between 2016-2017 took place, re-routing potentially sensitive Internet traffic through China. It made the rounds, promoted by some threat intelligence company and cybersecurity...
I’ve recently returned from the Cybersecurity and Cyberconflict: State of the Art Research Conference, organized by Dr. Myriam Dunn Cavelty and her colleagues at the Center for Security Studies, ETH, in Zürich, Switzerland. The conference brought together a mix of scholars researching “the strategic (mis)use of cyberspace by state and...
The Ostrom Workshop at the University of Indiana carries on the work of the late Elinor and Vincent Ostrom on governance and institutions. I was honored to be invited by the Ostrom Workshop to give the 3rd annual Ostrom Memorial lecture Wednesday, October 3. The lecture challenged the idea of...
“Keep right on lying to me. That's what I want you to do.” ― Ernest Hemingway, A Farewell to Arms Most liberal internationalists, particularly in the United States, are thoroughly committed to the idea that the development of cyber norms is the key to resolving inter-state conflicts in cyberspace. This is the...
Ever since ICANN’s creation, there has been a clash between the protection of personal data and its contractually-required Whois service. Under ICANN contracts, registrars were required to publish sensitive information about domain name registrants. The email addresses, names and other contact information of domain holders was available to anyone in...
Public attribution of cyber incidents to nation-state actors is increasing. It is a challenging and important accountability function that is often performed by a combination of threat intelligence firms or other private actors and less frequently by states. But is it time to institutionalize cyber attribution? The cybersecurity community has...
“In characteristically rigorous fashion, Mueller’s outstanding book punctures the alarmist myth of Internet fragmentation and helps us to understand what is really at stake as nations and other groups vie for power over the Internet.”
