States are stuck in a “cybersecurity dilemma”. They can’t reliably distinguish between other states’ offensive and defensive activities. E.g., surveillance or probing being used by a state for defense might look like offensive measures to those states being surveilled or probed. As a result, cyber powers engage in a never...
Background The international trade in hardware, software, and content complicates many cybersecurity challenges. Domestic regulations and enforcement may fall short of their intended aims when foreign criminals and governments are out of their jurisdiction, and cheap insecure technologies proliferate worldwide. In response, some security experts have looked to restricting trade...
There is a constant drumbeat of Russian threat stories these days, but none is more important to Internet governance than the legal battle between Kaspersky Labs and the United States. It highlights the dangers of nation-states inserting themselves into cybersecurity governance, and shows why the alignment of cybersecurity with nation...
A profoundly important development in digital trade took place this week – and it was not a very good one. But it attracted much less notice and protest than it should have. We are referring to the decision by the Committee on Foreign Investment in the U.S. to erect a...
In case you missed it (you probably didn't), the Internet was hit with the Monday blues this week. As operator-focused lists and blogs identified, At 17:47:05 UTC yesterday (6 November 2017), Level 3 (AS3356) began globally announcing thousands of BGP routes that had been learned from customers and peers and...
The FBI’s attack on Kaspersky Labs reached a new level last week when the Wall Street Journal published an article claiming that Kaspersky anti-virus software was exploited by Russian intelligence to exfiltrate information from an NSA contractor or employee. The person in question took sensitive information home on an unsecured...
From left to right: Ishan Mehta, Karl Grindal and Karim Farhat We all know that allaying security and privacy concerns is decisive if the IoT is ever to deliver on all its hype. Georgia Tech’s Institute for Information Security & Privacy (IISP) is the collaborative focal point behind 11 separate...
The cyber norm panel that took place in early February at the Carnegie Endowment for International Peace sheds light on how “cyber norms” came about. States’ negotiations over international cybersecurity strategy evolved from focusing on 'control of weaponization of information technology' to 'managing states’ behavior through cyber norms'. Moreover, it...
Guest Blog By Holly Dragoo In November 2016, the National People’s Congress (NPC) of China passed the Chinese Cybersecurity Law (CSL), governing a broad range of issues from securing personal information to data leaks and governance, to hacking. International technology firms are especially concerned, however, as the law uses ambiguous...
As part of its effort to improve the security of inter-domain routing traffic exchange, NIST has issued a request for comments on a proposed project to test RPKI and Route Origin Validation (ROV), a process by which route advertisements can be authenticated as originating from an expected Autonomous System (AS)....
“In characteristically rigorous fashion, Mueller’s outstanding book punctures the alarmist myth of Internet fragmentation and helps us to understand what is really at stake as nations and other groups vie for power over the Internet.”
