The Experts below are selected from a list of 1119 Experts worldwide ranked by ideXlab platform
William C Banks - One of the best experts on this subject based on the ideXlab platform.
-
Cyber Espionage and electronic surveillance beyond the media coverage
Emory law journal, 2017Co-Authors: William C BanksAbstract:IntroductionIn the twenty-first century it seems that everyone is eavesdropping on everyone else-governments and companies, militaries, law enforcement and intelligence agencies, hackers, criminals, and terrorists. State-sponsored and private Cyber Espionage and criminal and foreign-intelligence surveillance have ramped up in part because the national security threat environment is ever more complicated and multifaceted, and the ability to meet it is increasingly dependent on good intelligence, in real time. However, surveillance and Espionage have also increased because the Internet and Cyber technology so readily enable exploitation of intellectual property and other commercially valuable information. Among its many attributes, the Internet has introduced new dynamics to the age-old tensions between security and liberty. The Internet expands our freedom to communicate at the same time it makes us less secure. It expands our online vulnerabilities while it lowers the visibility of intrusions. The Internet provides new means for enabling privacy intrusions and causing national security and economic harm even as it provides governments with ever more sophisticated tools to keep tabs on bad actors. Yet in the cat and mouse game between the government agents and suspected terrorists and criminals, ever newer devices and encryption programs ratchet up privacy protections in ways that may prevent government access to those devices and their contents. These devices and programs, in turn, may enable Cyber theft or even destructive terrorist attacks.Espionage and intelligence collection are part of the national security apparatus of every state. Cyber Espionage involves deliberate activities to penetrate computer systems or networks used by an adversary for obtaining information resident on or transiting through these systems or networks. A pertinent subset is economic Espionage, where a state attempts to acquire secrets held by foreign companies. of course, states conducted economic Espionage before the Internet, but the availability of Cyber exploitation rapidly and significantly expanded the activity.1Electronic surveillance intercepts communications between two or more parties. The intercepts can give insight into what is said, planned, and anticipated by adversaries. Because such vast quantities of communications now travel through the Internet, more than humans can comprehend in their raw form, surveillance often leads to processing and exploitation through algorithms or other search methods that can query large amounts of collected data in pursuit of more specific intelligence objectives.2Traditional state-sponsored surveillance and Espionage have been transformed into high-tech and high-stakes enterprises. Some of the Cyber activity is electronic surveillance for foreign intelligence purposes, mimics traditional spying, and services a range of what most of us would concede are legitimate national security objectives-anticipating terrorist attacks, learning about the foreign policy plans of adversaries, and gaining advantage in foreign relations negotiations.3 However, a good deal of the Cyber sleuthing involves economic matters, sometimes extending to include intellectual property theft, and is undertaken by states or their proxies to secure comparative economic advantage in trade negotiations, other deals, or for particular companies.4I.ECONOMIC Cyber EspionageGovernments and their agents have been exploiting Internet connectivity by penetrating the electronic networks of foreign companies for nearly a quartercentury.5 Until 2010, companies chose to ignore the problem, more or less.6 Then Google publicly claimed that China had stolen source code and used it to spy and to penetrate other companies' networks.7 At about the same time, major economic Espionage was carried out against large western oil companies and traced to a site in China, and another theft lifted security key tokens, which in turn led to the penetration of other firms, including defense contractors in the United States. …
-
Cyber Espionage surveillance and international law finding common ground
Social Science Research Network, 2014Co-Authors: William C BanksAbstract:The confluence of interests between victims of overbroad surveillance and Cyber Espionage presents an opportunity to begin developing new norms and eventual international law that could bring more rationality, predictability, and privacy protections to the Cyber domain. The costs of Cyber Espionage are real and the threats and vulnerabilities will increase with the progression of technology. Companies and States are woefully underprepared for the level of Cyber Espionage they are facing. Solutions vary, but they all share the common foundation of increased international cooperation and the development of a customary international legal framework that everyone understands.
Christopher S Yoo - One of the best experts on this subject based on the ideXlab platform.
-
Cyber Espionage or Cyber war international law domestic law and self protective measures
Social Science Research Network, 2015Co-Authors: Christopher S YooAbstract:Scholars have spent considerable effort determining how the law of war (particularly jus ad bellum and jus in bello) applies to Cyber conflicts, epitomized by the Tallinn Manual on the International Law Applicable to Cyber Warfare. Many prominent Cyber operations fall outside the law of war, including the surveillance programs that Edward Snowden has alleged were conducted by the National Security Agency, the distributed denial of service attacks launched against Estonia and Georgia in 2007 and 2008, the 2008 Stuxnet virus designed to hinder the Iranian nuclear program, and the unrestricted Cyber warfare described in the 1999 book by two Chinese army colonels. Such conduct is instead relegated to the law of Espionage and is thus governed almost entirely by domestic law. The absence of an overarching international law solution to this problem heightens the importance of technological self-protective measures.
Ahmed Ghappour - One of the best experts on this subject based on the ideXlab platform.
-
hacking by law enforcement towards a public international law of Cyber Espionage
Social Science Research Network, 2014Co-Authors: Ahmed GhappourAbstract:This article looks at the issues raised by the international aspect of law enforcement hacking in pursuit of anonymous actors on the Internet. It asks whether the competing sovereignty issues discussed above result (or should result) in regulatory regime for Cyber Espionage under public international law. Broadly, law enforcement hacking describes a method of surveillance that entails the remote access of a computer to install malicious software without the knowledge or permission of the owner/operator. Once installed, malware controls the target computer. Law enforcement hacking is especially handy in the pursuit of targets on the anonymous Internet — defined for the purposes of this paper as those using Tor, a popular and robust privacy software, in order to obscure their location (and other identifying information), and to utilize so-called “hidden” websites on servers whose physical locations are theoretically untraceable. The use of hacking techniques in the pursuit of anonymuzed targets will result in extraterritorial Cyber-operations. For instance, over 85% of computers directly connecting to the Tor network are located outside the United States. And since (at least in the context of Tor) each computer’s “unknown location” is virtually indistinguishable from the next, any “anonymized” law enforcement target pursued under this method may be located overseas. The Cyber attacks that result will be unilateral. Without knowing the target location before the fact, there is no way to provide notice (or obtain consent from) a host country until after its sovereignty has been encroached. When the host state’s sovereignty is encroached upon, its response depends on the nature and intensity of the encroachment. On the other hand (and as a corollary), states assert jurisdiction over criminal conduct that is initiated overseas, but has a detrimental effect on its territory. This article asks whether the competing sovereignty issues discussed above result (or should result) in a public international law of Espionage. Part One discusses (1) the problems posed by anonymizing technologies for law enforcement, (2) the “anonymous” target in its various forms (e.g. the use of unsophisticated “proxy” technologies, and more robust onion-routing technologies), (3) threat model of each anonymizing technology. Part Two describes, in detail, the hacking technologies used by law enforcement to identify, access and control an anonymous target’s computer, highlighting (1) that they are effective in pursuing anonymous actors, (2) that the nature of the technology means that overseas hacking will result and (3) that the extra-territorial activity will be unilateral. Part Three discusses the competing sovereignty issues that international crimes (and extraterritorial law enforcement activity in Cyberspace) pose, under the existing lex lata.Part Four discusses how extraterritorial law enforcement activities described in Part Two (1) cannot be regulated using the current institutional devices of public international law (e.g. MLAT) and (2) should not be dealt with using the “private” international law used to regulate traditional Espionage (because law enforcement is public). Part Five asks whether the competing sovereignty interests, coupled with the “public” nature of law enforcement, provide a basis for regulating “public” Espionage activities (such as law enforcement hacking) in a manner that distinguishes them from traditional (Cyber) Espionage activities, and what that regulation might look like under the existing lex lata. Part Six raises a number of concerns — e.g. that States will “game” the aforementioned framework by performing “traditional” Cyber Espionage activities under the auspices of law enforcement, that or third parties will lay out “Cyber tripwire” to sabotage other “lawful” Cyber operations initiated by law enforcement.
Mark W Frazier - One of the best experts on this subject based on the ideXlab platform.
-
taming the paper tiger deterring chinese economic Cyber Espionage and remediating damage to u s interests caused by such attacks
Social Science Research Network, 2020Co-Authors: Grant Frazier, Mark W FrazierAbstract:The U.S. faces an increasingly complicated set of national security and economic threats. Chief among these are: (1) increasingly sophisticated and damaging Cyber-attacks that threaten national security; harm government institutions, for-profit enterprises (including defense contractors), and institutions of higher learning; and undermine the country’s system of property rights; and (2) rising levels of national debt held by foreign competitors. China poses the greatest threat in both regards. China’s government carries out, organizes, and/or facilitates Cyber-attacks to misappropriate intellectual property with serious consequences to the U.S.’s national security and economy. China also has acquired significant holdings in U.S. government issued debt instruments. Mounting U.S. government debt restricts annual federal government budgetary decisions, negatively affects the U.S.’s international standing as a borrower, and threatens national security by giving foreign debt holders, such as China, potential leverage in foreign relations negotiations. No policy prescription to date has achieved meaningful and lasting success in addressing these threats, and there are indications the threats are only worsening. The National Trade Secret Protection and Remedy Strategy (“NTSPS”) policy prescription proposed by this Article addresses the Cyber attack and federal debt threats in a way that links and transforms them from vulnerabilities into leverage to protect the U.S.’s national security, system of property rights, and future economic well-being. Specifically, the U.S. government should pursue trade secret theft-related litigation and remedies against the Chinese government and its surrogates in U.S. federal courts. The proposed NTSPS would: (a) create a specific, limited government property interest in intellectual property developed under government defense contracts; (b) create extra-territorial jurisdiction for the U.S. government and personal jurisdiction over foreign nations that engage in trade secret misappropriation either directly, or indirectly through state-supported or enabled entities or persons; and (c) provide for ready availability of pre-judgment remedies, such as attachment and liens to secure the government’s remedy, and satisfaction of judgement through execution on U.S. debt held instruments held by the mis-appropriator — in this case, China. Successful implementation of the NTSPS would require amendments to several existing federal statutes and defense contracting regulations and procedures. Implementing the NTSPS strategy will allow the U.S. federal government to: (1) compensate itself and U.S.-based companies for the damages each has suffered as the result of Chinese-led or sponsored Cyber-attacks; (2) deter future Chinese Cyber-attacks by conveying a strong message that the U.S. will take meaningful action in response to said attacks; (3) slow the advancement of Chinese military technology by forcing China to internalize the significant research and development expenses incurred by the U.S. to develop the technological capabilities often targeted by Cyber Espionage initiatives; (4) significantly reduce U.S. debt and consequently the restrictions and burdens it places on the U.S. economy and national defense capability; and (5) pare down the financial leverage China holds over the U.S. in foreign relations.
Aaron Shull - One of the best experts on this subject based on the ideXlab platform.
-
Cyber Espionage and international law
Social Science Research Network, 2013Co-Authors: Aaron ShullAbstract:The place of Espionage under international law is an uneasy one. Many look to state practice, and conclude that acts of Espionage must surely be legal because so many states spy on one another.1 Others say that sending spies in to the territory of another state breaches the norm of territorial and sovereign integrity, and therefore acts of Espionage should rightly be considered illegal pursuant to the relevant legal rules.2 The difficulty in assessing legality is amplified when analyzing Cyber intrusions, because they do not offend the principle of territorial integrity in the same way that sending an actual state agent to gather human intelligence (colloquially referred to as “HUMINT”) would. This paper is an attempt to address these legal ambiguities.
