Skip to main content
main-content

Über dieses Buch

This book covers many aspects of cyberspace, emphasizing not only its possible ‘negative’ challenge as a threat to security, but also its positive influence as an efficient tool for defense as well as a welcome new factor for economic and industrial production. Cyberspace is analyzed from quite different and interdisciplinary perspectives, such as: conceptual and legal, military and socio-civil, psychological, commercial, cyber delinquency, cyber intelligence applied to public and private institutions, as well as the nuclear governance.

Inhaltsverzeichnis

Frontmatter

Erratum to: Cyberspace

Without Abstract
J. Martín Ramírez, Luis A. García-Segura

Cyberspace

Frontmatter

On How the Cyberspace Arose to Fulfill Theoretical Physicists’ Needs and Eventually Changed the World: Personal Recallings and a Practitioner’s Perspective

Abstract
The very humble origins of the Cyberspace, and all the related developments that smoothly conspired and converged towards this concept, making its emergence possible, as the personal computer, TEX and LATEX, the Fax, the internet, the cellphone, and the World Wide Web, are discussed, always from a personal perspective. A separate, comprehensive explanation of the reasons for the appearance and sub-sequent evolution of each of these different phenomena, with explicit assessments and a future prospective of the main subject, is presented.
Emilio Elizalde

Narrative Mapping of Cyberspace. Context and Consequences

Abstract
Cyberspace is barely two decades old. Yet it is already globally pervasive, powerfully disrupting perceptions and realities in the legacy spaces; on the land, at sea and in the air where human beings live, move and work. The pace at which its influence is spreading and intensifying is amazing; the number and reach of the consequences arguably even more so, and they continue to emerge, mash-up and surprise. For humanity and its planet, an acceptable future depends on ‘seeing’ and understanding Cyberspace well enough to do two things; manage and exploit it successfully in the present, and make timely, flexible preparations for a future that is uncertain, except in that it will be different to today, in no small part because it will be substantially shaped by the state of and actions in the Cyberspace. This chapter is a first attempt to explain why Cyberspace has become so important so quickly and describe briefly the most meaningful of its initial consequences, all with the aim to promote strengthening the good in Cyberspace while keeping the bad in check.
David Harries

A Conceptual and Legal Approach to the Cyberspace: The Dilemma Security Versus Freedom

Abstract
We should not assume that security and freedom are constantly at war with each other. When a person or a population is considered safe, do they consider themselves free? Usually, the opposite is true. If it is not so, what kind of freedom are we talking about? In fact, insecurity mainly has two key precursors; those with adverse natural, immediate or catastrophic effects, and those that arise from criminal or pre-criminal activities. The former naturally limit or condition us, as we try to limit or reduce their consequences, but we are not able to master them as such. But we cannot forget that there are other aspects which have complicated the picture. The use of computer tools in the Internet environment forces us to work from a much more technical point of view when we analyze crime materials and risk, as well as types of criminals and the use of tests and expert reports. Today, although the problems have not been solved, we have incorporated cyber intelligence activities, which allow us to access open sources via the Internet, or to enter private networks. These actions can be used both for good and for evil, but we have to consider and know them to have a slightly clearer idea of what we are really dealing with today when we are talking about cybercrime and cyber espionage. The current cyberspace world in which we live shows us the disadvantages we have in obtaining this freedom and, therefore, reaching equilibrium with safety, but they are not opposite concepts.
Bernardino Cortijo

The Digital Revolution in Developing Countries: Brief Analysis of the Dominican Republic

Abstract
Information and Communications Technologies for Development (ICT4D) can help people in developing countries pursue a wider variety of economic and social activities, which in the majority of the cases can reduce overall poverty significantly. As of this moment, there is an important “Digital divide” regarding broadband internet access between Developed and Developing countries, calling for immediate action plans around the world to build the digital infrastructure that can foster digital economies and thus the digital revolution. Applied to sustainable development, the data revolution calls for the integration of this new data with traditional data to produce high-quality information that is more detailed, timely and relevant for many purposes and users, especially to foster and monitor sustainable development. On the infrastructure side, broadband access must continue to be a priority in every digital revolution strategy, given the new Digital divide gaps that have emerged in the past ten years. On the social side, Big data for development can be one of the premier mechanisms that drives the data revolution within the bigger digital revolution picture.
Luis A. García-Segura, Juan Cayón Peña

Business Strategy in the Digital Age. Digital Transformation, Disruption and Cybersecurity

Abstract
We are at the beginning of a new industrial revolution, the fourth industrial revolution, which means the total connectivity with support of mobility and a revolution in resources. This allows real-time decision making, in the lines where the action is performed, to gain efficiency, speed and adjustment to local conditions and a centralized control with structures in which the power of approximation is centralized, forming ecosystems with a dynamic orientated to project actions in real time with a shared and accepted criteria. The new IT and telecommunication technologies have made possible the MANAGEMENT INFORMATION SYSTEM in REAL TIME, supporting the network of connections that identifies who are the participants and they do, decide and access the information only in an authorized manner thanks to Cybersecurity models. This concept has more obstacles than technological ones; those are the mindset of the participants and especially deciders, due to their lack of knowledge or experience to understand an interconnected globally with disruption. The speed will change the nature of the business when the velocity of change be enough, the nature of the business will be completely changed. These changes will happen due to a single factor: The digital information flow and its availability in real time. Digital transformation means disruption, not only to optimize process, but also to focus on new solutions, products and resources, giving a globally net with worldwide connectivity. But not all are good news, the digital transformation also means risks and dangers, (remembering Escila and Caribdis, being between two dangers, avoiding one could be in the grasp of the other). One wrong vision could change strengths into weaknesses and in our connected era the reversion works with such devastating velocity that a Company could be led from a quiet equilibrium to the chaos instantly. The attractive idea than connection means liberation is not only a mistake because it could mean also get trapped to a strong dynamic net with many difficulties to get liberated from. At the same time who is not connected has not value at all. In order to avoid digital risks it is necessary to take very complex measures due to the complexity of the systems, such as: Designing a Strategic Information System with control and firewalls under responsibility of a Chief Technical Officer (CTO), protecting Data Bases, blocking data security encrypted, fragmentation and other mechanisms to assure impossible to be robbed or manipulated, with “Web Doorkeepers” watching the net and the interconnectivity of all the ecosystems where the Company is and to implant Internet of Things (IoT) avoiding security leaks, with controls in process, input and output to avoid manipulations with the trust of all the people involved. But trust is what every company needs to be in a competitive environment, knowing that nobody can reject progress. Developing one trustworthy environment inside and outside the Company giving confidence to owners, employees, customers, suppliers, and financial and official institutions. At the same time act firmly (dare to know) and never interrupt the progress.
Manuel Gago-Areces

Impact of Cyberspace on Individual Safety and Group Security—A Human Developmental Psychology Approach

Abstract
This chapter focuses on the impact of cyberspace and cyber-activity on individual and small group security. The analyzed issues include problems such as losing social skills, cyber-violence and challenges or profits (multitasking, new way of thinking). The author describes cyberspace users according to developmental theories as a specific developmental context. Some psychological changes in the human mind caused by cyber-activity are presented, as well as their socio-psychological and cognitive-emotional consequences. Next, an analysis is carried out taking into consideration certain psychological conditions (attachment, temper, own experience) and motives for undertaking cyber-violence and cyber-bullying by young people. In the conclusion, programs for mental health protection and improvement for psychological safety for cyberspace users are presented. Two curricula aimed at increasing work effectiveness and lowering the costs borne by individuals who spend a lot of time in cyberspace are considered.
Marzanna Farnicka

Cybersecurity

Frontmatter

Cyberspace: A Platform for Organized Crime

Abstract
Organized crime is a multi-billion dollar business and is growing in scale. Cyberspace has become a very powerful platform that facilitates the protection of the criminal economy and its activities by means of complex technological and financial schemes. New concepts such as cybercrime and cyber money laundering are socially destabilizing practices that constitute a challenge that must be combatted. Organized crime organizations act in a transnational context, increasingly moving in large groups that have proven in the 21st century to be perfectly capable of adapting their activities to the globalized context. The cyberspace platform has contributed to an expansion of organized crime that facilitates their activities and makes it more difficult to identify the wide scope of operations that fit all kinds of crimes. Criminals move in cyberspace with an impunity that was unthinkable a few years ago. This chapter will focus on the analysis of the following issues: 1. Cyberspace as a key instrument for the spreading of criminal activities, and legal mechanisms to combat them. 2. The complexities involved in both a sociological and a legal definition of organized crime. 3. Money laundering and criminal legal instruments to combat practices such as confiscation. 4. Illegal trafficking of dual-use materials with a specific focus on illicit trafficking of chemical, biological, radiological and nuclear (CBRN) materials and the risk posed in proliferation.
Natividad Carpintero-Santamaría, María Pilar Otero

Some Criminal Aspects of Cybersecurity

Abstract
These pages are meant to be a modest step in order to help the prevention and the combat of cybercrime, raising awareness that the birth of the ubiquitous “cyber spectrum” brings with it a parallel presence of plenty of ‘new’ crimes. The cybersecurity ecosystem, besides obvious benefits, also presents new potential specific cybercriminal threats, criminal opportunities, and vulnerabilities, as well as physical and psychological harm to individuals. After describing the cybercrime phenomenon and enumerating the spectrum of it; the importance of cyber-security awareness through public education stressing emerging threats and risks is highlighted in the hope that individual internet users will take basic security precautions. CYBERCRIME IS SILENT VIOLENCE, THEREFORE ME MUST PREVENT CYBERCRIMES!!!
J. Martín Ramírez

The Situation and Evolution of the Managed Services of Cybersecurity, Towards 3.0 and Beyond

Abstract
The evolution of the digital world and the entry of the Cloud, the Internet of Things (IoT), the mobile applications and the Big Data among others, demand upon the providers of programs and services of Security an urgent evolution. It is the new Cybersecurity 3.0, services without digital or geographical boundaries, with no perimeter to secure and with reach in all the technological and analog areas, an evolution that many users (CSO and CISOs) have not yet seen. From the evolution of services 1.0 to Cybersecurity 3.0, this article covers the types of services and the characteristics they must have in order to anticipate and provide effective solutions in the new environments.
Juan Miguel Velasco

Collaboration of Private Investigation with Public Institutions Within the Spanish Cybersecurity Strategy. How Private Investigation Gathers Proof on Cyber Delinquency

Abstract
There are several reasons to consider cybersecurity risks for companies and personal information. Companies can be attacked and are exposed to hacking and comments that affect their reputation, their brand and the security of their employees. The assets of the organization are the employees, connected computing devices, external users, services and applications, social networks, communications systems and all of the information transmitted and/or stored in the cyber environment. Personal and familiar information is also exposed as children use social networks, we share the computer and cloud at home and the profiles we use are not always secured, showing a lot of information that reveals aspects of our private life, without talking about the Wi-Fi penetration and information theft (pictures, bank accounts, documents, etc.). The Spanish National Cybersecurity Strategy is the framework of an integrated model based on involvement, coordination and harmonization of all stakeholders and state resources in public-private partnerships, along with the participation of citizens. In order to do this, a strong coordination of the various government agencies, as well as adequate public-private cooperation initiatives to be able to reconcile and promote the exchange of information are required. Private investigation professionals, working within the law, and using technology, forensic methodologies, and cyber intelligence procedures help in finding the offenders and getting the proofs for trials and lawsuits.
Francisco José Cesteros

Psychosociological Characteristics of Cybercrime

Abstract
This chapter analyses the most important concepts and characteristics about cybercrime, cyberterrorism and cyberwar. For the first two concepts, data are provided on profiles and on the different types of people who engage in this kind of criminal behaviour. In the case of cyberwar, we present the most relevant data, and we highlight the lack of studies that describe its actors from the psycho-sociological point of view.
Juan Carlos Fernández-Rodríguez, Fernando Miralles-Muñoz

Use of Cyberspace for Terrorist Purposes

Abstract
New technologies have created a new battlefield, with new targets to fight. In cyberspace, the answers of local and international authorities, have been different, being specially important the counterterrorist policies, as well as the scanning and infiltration of intelligence services, of activities and communications, in order to prevent terrorist acts and get physical evidence to be used in front of a court, by creating special units, like the Spanish Command of Cyberdefense. In light of this, different policies have been implemented focused on cybersecurity, like the creation of specialized centers like the European Cybercrime Center or the US Threat Intelligence Integration Center. This chapter offers some analytics about the use that ISIS is giving to cyberspace, from recruitment purposes, to propaganda, financial support or even psycho-war. We will also analyze the tools used for these purposes, like the Deep Web, Social networking, including Facebook, Instagram or Twitter, as well as other social networks created by themselves or their own media group.
Claudio Augusto Payá-Santos, Juan José Delgado-Morán

Mythology of Cyber-Crime—Insecurity & Governance in Cyberspace: Some Critical Perspectives

Abstract
There was a time within even this author’s memory, when there was no cyberspace, no cybercrime of note, no viruses and no anti-virus software, no hacking and no hackers. Cyber-delinquency was unknown, criminals had to do their criminality in the physical world and academic research was done in libraries not ‘on-line’. The speed of banking in that far off time was pedestrian. During the Fifties, letters took weeks to arrive overseas, with anything more urgent being sent by costly telegram, over phone wires. In the intelligence world, the success of decoding Enigma and the entire field of de-encryption remained a secret, Alan Turing continued to be an unsung hero, and machine intelligence had very little acknowledged role, it was mainly human centred. In the Sixties, protest was on the streets and no-one, apart from traffic engineers, knew what networking meant. In just one lifetime, all that has changed and the pace of that change has rapidly accelerated too. The evolution of cyberspace has brought many advantages to societies once separated by distances but now able to communicate, bank, educate and socialize online and in real time. It has also brought many unanticipated dangers. Some, including radicalization, grooming, phishing, banking fraud, stalking, identity theft and denial of service attacks, are the stuff of daily news. Others, including the security and defence revolutions in military affairs, are much less discussed, despite the fact that the cyber-world originated and is firmly rooted in a military architecture of space based satellites and associated communications infrastructure. This chapter critically assesses some of the mythology of just who are the cyber bad guys, the extent to which these constructions are open to wider processes of perceptions management and the need to identify the rather more hidden agendas facilitated by emerging new capability sets in cyberspace and the so called ‘internet of things.’ That world is still tremendously Anglo-centric, notions of just whose security is being protected remain contested, and we are only at the beginning of a more global debate on big data and the challenge of meaningful governance.
Steve Wright

Cyberwarfare

Frontmatter

The Tallinn Manual and Jus ad bellum: Some Critical Notes

Abstract
This essay critically analyzes certain aspects of “The Tallinn Manual on the International Law Applicable to Cyber Warfare”. It addresses specifically the Manual’s rules on the applicability of Jus ad bellum to cyber-attacks. The essay focuses on two particular aspects of this inquiry: the test or formula for classifying a cyber-attack as an “armed attack”, and the applicability of the right to self-defence to cyber-attacks by non-State actors. While drafters of the Manual present it as a humble lex lata project, the essay suggests that the Manual’s occasional deviation from the jurisprudence of the ICJ coupled with a possible lowering of the “armed attack” threshold, could lead to profound alterations of the landscape of future conflicts contrary to the declaration of its drafters.
Sonia Boulos

War-Like Activities in the Cyberspace: Applicability of the Law of Armed Conflicts

Abstract
The security of cyberspace high strategic interest has been particularly intensified since the States have become aware of the possibility of extending their military operations to that virtual space, which has thus become a “fifth domain of warfare”, adding to the terrestrial, maritime, air and space domains. This raises the question of whether current conventional and customary International Humanitarian Law applies to cyber-hostilities, that is, the military operations that the parties to an armed conflict conduct against the adversaries in and through cyberspace. Although the analysis of the application of the current jus in bello to the cyber operations obviously includes many other aspects, the present chapter addresses only two basic issues. The first one focuses on the requirements that, in the absence of conventional hostilities, should concur for the applicability of International Humanitarian Law to operations conducted by cyber means. This makes it necessary to differentiate between international and non-international armed conflicts. The second one is about when cyber operations would be equivalent to “attacks” in the sense of the jus in bello: acts of violence against the adversary, whether in offence or in defence, paying particular attention to the “violence” element of the definition.
Jerónimo Domínguez-Bascoy, Bartolomé Bauzá-Abril

Negotiation on Cyber Warfare

Abstract
In spite of the growing the risk that cyber capacities could be used as military tools no international agreement has been finalized so far to prevent a cyberwarfare involving sovereign states as well as non-state actors. States have different conceptual approaches and priorities when approaching this subject and discussing definitions. There are additional peculiarities. The possession and use of cyber weapons capacities are not visible. The author of an attack cannot be clearly identified, and non-state actors can play at the same level as national states. The operators of such weapons can hardly be included in the classical legal category of “combatant”. Most countries have already established cyber structures integrated into their military chains of command and fully dedicated them to cyber defense and cyber offense. The cases of the US, Nato, European Union and the United Nations. Cyberwarfare has not yet acquired a legal status of its own in spite of the fact that after land, sea, air and outer space, cyberspace has become the fifth domain in which states can confront each other militarily. States have not even started to negotiate any sort international regulation. The Tallinn Manual on the International Law applicable to cyber warfare has no international legal value but has the merit of having established some fundamental principles. It indicates that the norms applicable to cyber are the same as those applicable to the other types of weapons and in particular the International humanitarian law. Nothing prevents the international community from considering cyberwarfare also in a preventive mode, and to craft cyber-specific rules prohibiting cyber instruments capable of provoking catastrophic consequences. A general prohibition of possession and use of cyber offensive capabilities would ideally be the preferable solution but we are nowhere close to such a solution. An uncontrolled cyber incident could act as a shock absorber to prevent a conflict from escalating; it could also become a trigger for a wider confrontation that the international community cannot risk. The problem of how to address the security implications of a cyber world will be with us for the years to come. Better to address the issue in a preventive mode rather than subsequently to a possible cyber confrontation.
Carlo Trezza

Security of Cyber-Space in Nuclear Facilities

Abstract
Fast efficient promotion of “Information Technology” (IT), expansion of visual space, vast application of internet all over the world have contributed a lot to the “man to man relation” contributing to sustainable development in the 21st century. However, the instrumental malicious use of such an advanced technology has created a serious global concern. Serious cyber-attacks occurred in all over world have given warnings to public and decision maker. It seems no one is immune. Thus it needs collective mobilized efforts to combat such threat. Among the cyber-attacks, the most serious and worrisome is the attacks against nuclear facilities since it shall have radiological consequences for the mankind and the environment. It is no more speculation but a bitter reality. Iranian nuclear facilities were attacked, by so called “Stuxnet”, by those who could not tolerate sustainable development through peaceful uses of nuclear energy in Iran. Though the top eminent IT expert of Iran were able to neutralize the attack and prevent the planned impacts, and the fact that they are all alarmed and prepare to defend, for the sake of all people of the world, the peace loving experts have to work together at this time juncture before it is too late. Convening such important conferences, facilitating exchange of information and experiences would surely contribute to the common goal. The Cyber security fits in the domain of nuclear security, which has got more attention nowadays. The International Atomic Energy Agency (IAEA) has taken some steps, such as technical meetings on promotion of industrial security, SCADA, but has to further promote its activities on the protection of nuclear facilities by armed attacks as well as cyber-attacks.
Ali Asghar Soltanieh, Hamid Esmailbagi

Can Cyber Attacks Prevent Wars?

Abstract
Cyber attacks have in many instances interrupted production facilities, banking, management of public and private enterprises and also interfered with military planning and military exercises. I propose here that cyber attacks can promote conflict resolution and prevent war. The possibilities and limits of this form of “asymmetric warfare to promote peace” are analyzed. Will the method work best to avert an attack by a large state on a small country, or can conflicts between large powers also be delayed and maybe solved by the use of cyber threats? Is secrecy needed and is it possible? Today, when the risk of nuclear war is said to be increasing, it is increasingly important to find non-military ways to defuse and avoid conflicts.
Gunnar Westberg

Backmatter

Weitere Informationen

Premium Partner