Skip to main content

Über dieses Buch

This book offers an introduction to Information Technology with regard to peace, conflict, and security research, a topic that it approaches from natural science, technical and computer science perspectives. Following an initial review of the fundamental roles of IT in connection with peace, conflict and security, the contributing authors address the rise of cyber conflicts via information warfare, cyber espionage, cyber defence and Darknets. The book subsequently explores recent examples of cyber warfare, including:

• The Stuxnet attack on Iran’s uranium refining capability

• The hacking of the German Federal Parliament’s internal communication system

• The Wannacry malware campaign, which used software stolen from a US security agency to launch ransomware attacks worldwide

The book then introduces readers to the concept of cyber peace, including a discussion of confidence and security-building measures. A section on Cyber Arms Control draws comparisons to global efforts to control chemical warfare, to reduce the risk of nuclear war, and to prevent the militarization of space. Additional topics include the security of critical information infrastructures, and cultural violence and peace in social media. The book concludes with an outlook on the future role of IT in peace and security.

Information Technology for Peace and Security breaks new ground in a largely unexplored field of study, and offers a valuable asset for a broad readership including students, educators and working professionals in computer science, IT security, peace and conflict studies, and political science.



Introduction and Fundamentals


Chapter 1. Information Technology for Peace and Security – Introduction and Overview

Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and security. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspectives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, naturalscience/ technical peace research), cyber conflicts and war (e.g. information warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.
Christian Reuter

Chapter 2. IT in Peace, Conflict, and Security Research

Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the interdisciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.
Christian Reuter, Larissa Aldehoff, Thea Riebe, Marc-André Kaufhold

Chapter 3. Natural-Science/Technical Peace Research

The current international system is based on the sovereignty of nation states. Most of them defend their sovereignty with military power. Because technological superiority provides advantages in war, they make great efforts in military research and development. The consequence is an arms race with reduced warning and decision time, and thus, increased instability. As a way out of this security dilemma, states can reduce military threats through arms control and disarmament with verification of compliance, confidence and security building measures, non-proliferation and export control. Since this is a complex issue requiring (technological) expertise, they need to be supported by natural-science/technical peace research. This strand of research analyses dangers resulting from new military technologies, develops concepts for limitation as well as methods and technical means of verification, and investigates proliferation risks. IT peace research is particularly needed to contain the dangers of a cyber arms race as well as to provide better tools for disarmament and verification.
Jürgen Altmann

Cyber Conflicts and War


Chapter 4. Information Warfare – From Doctrine to Permanent Conflict

In the final phase of the Cold War the relevance of information technology for the military had gained momentum, resulting in the formulation of the concept and soon thereafter also the doctrine of Information Warfare in NATO, Warsaw Pact and Asian countries. In all pioneering countries, Information Warfare was meant to use any technological and appropriate non-technological means to disrupt the ability of an adversary to purposefully pursue its goals in times of crisis and war. Information Warfare tactics employ means to influence public opinion and the media just as well as to disrupt computer systems, or physically destroy communication lines or military headquarters. Information War is waged by organisations in the fluid continuum between intelligence agencies and military intelligence units, thus complementing the tasks they have been executing continuously since the end of World War II. Today we see how these concepts of Information Warfare have evolved into an element of everyday life.
Ingo Ruhmann, Ute Bernhardt

Chapter 5. Cyber Espionage and Cyber Defence

Nation states engage in cyber espionage because they hope to gain an advantage. Cyber espionage is attractive because it is less risky than traditional espionage; there are no spies that have to enter foreign territory. After introducing the basic protection goals of information security (confidentiality, integrity, and availability) as well as fundamental security design principles, we describe typical attack vectors. As state-sponsored hacking is well funded, defensive measures are inconvenient and costly. We also present the attack-defence tree technique which helps defenders to consider all relevant attacks and countermeasures. Finally, we show that security vulnerabilities play an essential role in many attacks. Intelligence services state that their goal is to defend their homeland. However, citizens and business owners may be at the losing end: practices of stockpiling zero-day exploits and inserting backdoors on purpose make everybody less secure.
Dominik Herrmann

Chapter 6. Darknets as Tools for Cyber Warfare

Darknets serve as licit privacy networks to enable activists, journalists, and others to communicate anonymously and avoid censorship. Yet Darknets also allow for illicit file sharing and trafficking. Besides much-discussed narcotics and child abuse material, goods and services offered on Darknet markets include counterfeit currency, forged documents, weaponry, malicious software, zero-day exploits, and hacking services. Hence, Darknets are a major concern, not only for civilian security institutions like law enforcement, but also for national and international security. In the context of cyber warfare, Darknets enable or support several practices: impeding attribution of attacks by fostering anonymity, trading of cyber-arms and their building blocks like zero-day exploits, providing simple and sophisticated hacking services, and dissemination of information from secrets to fake news. In this chapter, we explain the technology behind Tor, a widely used Darknet client, provide an overview of common Darknet phenomena and discuss them in context of cyber warfare. Finally, we analyse these discourses within the framework of critical securitisation studies.
Kai Denker, Marcel Schäfer, Martin Steinebach

Cyber Peace


Chapter 7. From Cyber War to Cyber Peace

The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are establishing offensive military capabilities for this domain. Looking at historical developments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have contributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be successful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.
Thomas Reinhold, Christian Reuter

Chapter 8. Dual-Use and Dilemmas for Cybersecurity, Peace and Technology Assessment

Dual-use in information technology is a pressing issue: how can we prevent, control or manage the risk of a harmful application of IT? How can dual-use awareness and regulation help to mitigate the risks to peace and security on the national and international level? As the cyberspace has been declared a military domain, IT is of increasing importance for civil and military infrastructures. How can researchers, developers and decision makers make sure that IT is not misused to cause harm? For nuclear, biological and chemical technologies this has been discussed as the dual-use problem. This chapter illustrates the approaches towards different dual-use concepts, how to conduct a technology assessment and provides insight into the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.
Thea Riebe, Christian Reuter

Chapter 9. Confidence and Security Building Measures for Cyber Forces

Many governments are preparing cyber armed forces with an arms race well underway. Offensive preparations increase threats and create uncertainty, leading to military instability and escalation risks. Arms control of cyber forces would contain such dangers but is very difficult to attain. As in other military areas, confidence (and security) building measures (C(S)BMs) can act as first steps toward this goal, creating transparency and reducing misperceptions and suspicions. Concepts for voluntary CBMs have been developed in the United Nations and are being implemented in the Organisation for Security and Cooperation in Europe (OSCE). Such activities should be improved by explicitly including the armed forces and making agreements politically binding, as with the OSCE CSBMs for conventional forces. Transfer of these measures to the cyber realm would be very intrusive in some cases, especially when it comes to information exchange about cyber weapons and observation of military exercises. Acceptable procedures may be exchange of information about force structures, policy, and doctrines as well as keeping contact and conducting visits.
Jürgen Altmann

Cyber Arms Control


Chapter 10. Arms Control and its Applicability to Cyberspace

Arms control aims at preventing conflicts and fostering stability in inter-state relations by either reducing the probability of usage of a specific weapon or regulating its use and thus, reducing the costs of armament. Several approaches to arms control exist: limiting or reducing numbers of weapons and armed forces, disarmament (“down to zero”) or prohibiting certain weapons. To illustrate these further, this chapter elaborates on the necessity of arms control and presents some historical examples, including an overview of existing measures of arms control. Extrapolating from these, the general architecture of arms control regimes and the complex issue of establishing and verifying compliance with agreements will be discussed, not least with respect to cyberspace. Building on these theoretical considerations, the chapter presents important treaties and first approaches, including the Wassenaar Arrangement, the recommendations of the OSCE, and the UN GGE 2015.
Thomas Reinhold, Christian Reuter

Chapter 11. Unmanned Systems: The Robotic Revolution as a Challenge for Arms Control

There is an IT revolution going on in the military: Of almost every military hardware currently in use (including tanks, fighter jets, patrol boats or submarines) an unmanned variant has been developed or is in development. Automation and autonomy are key-words when it comes to procurement. This revolution is based on the vast increase in computing power and communication bandwidth, political will and the fact that most of the relevant technology is dual-use. This chapter looks at the nexus of armament and technology in general and autonomous weapons and the increasing reliance on information technology (IT) in the military in particular. We argue that while many recent developments in the realm of IT and automation and autonomy offer military advantages at first glance, a more detailed analysis reveals severe problems and that they will most likely have a destabilising effect on the international realm. This problem is amplified by the fact that traditional means of arms control have fallen behind, when it comes to controlling IT. The text concludes that new methods and techniques of arms control have to be developed to hedge against destabilising effects of certain military IT.
Niklas Schörnig

Chapter 12. Verification in Cyberspace

Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or monitoring specific actions and their accordance with the respective rules. In contrast to historical examples of former military technologies, cyberspace features some unique characteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potentially useful verification approaches.
Thomas Reinhold, Christian Reuter

Cyber Attribution and Infrastructures


Chapter 13. Attribution of Cyber Attacks

We define cyber attribution as the allocation of a cyber attack to a certain attacker or a group of attackers in a first step and the unveiling of the real-world identity of the attacker in a second step. While the methods of attacker allocation have made significant progress in recent years, digital technologies often still do not provide sufficient evidence for the real-world identity of an attacker. The situation is different if attribution is handled as cyber-physical process, i.e. as combination of digital forensics with evidence from the physical world. Bits and bytes are not really virtual, but still bound to a physical infrastructure which opens different ways to detect adversaries. Gaps can also be filled by conventional espionage. The chapter gives an overview of the current methods and practices of cyber attribution with real-world examples.
Klaus-Peter Saalbach

Chapter 14. Resilient Critical Infrastructures

Critical infrastructures, such as the electric grid or transportation systems, empower our modern society. Their disruption can seriously impair the daily lives of millions of people. Due to this fact, they are attractive targets in cyber war or in large-scale sophisticated attacks. Moreover, in disasters or crises, critical infrastructures might face severe perturbations or even a breakdown, thus affecting the population at large. This chapter begins by summarising the different critical infrastructure sectors and gives examples of previous incidents affecting the service offered by these infrastructures. It then goes on to introduce the concept of resiliency: resilient critical infrastructures are designed to withstand disasters, crises, and adversarial influence. They are able to maintain their core functionalities even under attack. The chapter subsequently discusses how critical infrastructures can be made resilient. This requires adopting a “defence in depth” concept, i.e., deploying multiple layers of security controls, but we also provide further recommendations to this end.
Matthias Hollick, Stefan Katzenbeisser

Chapter 15. Security of Critical Information Infrastructures

The rapid evolution of information technologies in the past decades gave information systems an increasingly central role in society. Some of these information systems are now so critical that their disruption or unintended consequences can have detrimental effects on vital societal functions. This chapter clarifies the concept of critical information infrastructures. After a brief introduction to salient characteristics and main functions of critical information infrastructures, the chapter discusses threats and risks critical information infrastructures are confronted with and presents approaches to master these challenges. Recent attacks and disruptions of critical information infrastructures, such as Cambridge Analytica, WannaCry, the Mirai Botnet, and Microsoft Tay, are presented for illustrative purposes. Critical information infrastructures often linger unnoticed and their vital role in society remains unheeded. This chapter provides the foundations required to understand and protect critical information infrastructures so that they can be appropriately managed before adverse consequences manifest.
Tobias Dehling, Sebastian Lins, Ali Sunyaev

Culture and Interaction


Chapter 16. Safety and Security – Their Relation and Transformation

In this chapter, we offer a historical and philosophical survey on safety and security concepts, their development and their interrelatedness. Securitisation theory, for instance, tells us about how something becomes a matter of security in the first place, and how this involves politics and technology. Recent years have seen a shift towards safety cultures, and this shift places a considerable burden of responsibility on the technical and administrative maintenance of reliability at the human-technology interface. Moreover, the growing dependency on information technology with its pervasive and vulnerable digital infrastructures requires further reflection on the role and responsibility of engineers in safety cultures. Since the technological sphere is expanding steadily with a tendency to absorb the sphere of politics, this reflection has to concern itself with the underlying relationship of technology and politics, safety and security. Put empathically, engineers may be regarded as the new ‘guardians of peace.’
Alfred Nordmann, Annette Ripper

Chapter 17. Cultural Violence and Peace in Social Media

Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and manmade crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural interventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Secondly, it discusses automatic cultural interventions realised via social bots (e.g. astroturfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural interventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.
Marc-André Kaufhold, Christian Reuter

Chapter 18. Social Media and ICT Usage in Conflicts Areas

Social media as well as information and communication technology (ICT) play a major role in different conflicts all over the world. They have been crucial tools in the beginning of the so-called ‘Arab Spring’ in Tunisia, the ongoing war in Syria, the struggle of Palestinian activists but also the Ukraine-Russia conflict. In this work, we provide the readers with an overview of current state of affairs regarding the use of ICTs in general and social media in particular in conflicts. Afterwards, we discuss how and what kind of tools and methods different actors use in their struggle. We especially focus on how actors appropriate the available tools to suit the specific conditions they find themselves in, such as risks of online surveillance, danger of prosecution of themselves or close others and varying levels of connectivity. We finally discuss the importance of an embedded perspective on the use of ICTs in conflict to understand these practices of appropriation.
Konstantin Aal, Maximilian Krüger, Markus Rohde, Borislav Tadic, Volker Wulf



Chapter 19. The Future of IT in Peace and Security

Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict future developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fundamentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.
Christian Reuter, Konstantin Aal, Larissa Aldehoff, Jürgen Altmann, Ute Bernhardt, Johannes Buchmann, Kai Denker, Dominik Herrmann, Matthias Hollick, Stefan Katzenbeisser, Marc-André Kaufhold, Alfred Nordmann, Thomas Reinhold, Thea Riebe, Annette Ripper, Ingo Ruhmann, Klaus-Peter Saalbach, Niklas Schörnig, Ali Sunyaev, Volker Wulf


Weitere Informationen

Premium Partner