Tag Archive for: Geneva

The Case for Establishing a Digital Geneva Convention


Let’s start with a question: What do all of these activities have in common?

  • Stopping ransomware from devastating consequences.
  • Protecting critical infrastructure from cyber attacks.
  • Policing illegal cyberspace activities.
  • Bringing global cyber criminals to justice.
  • Holding nation-states accountable for online criminal activities.
  • International rules for war in the 2020s and beyond.

While there are many potential answers to this question, a growing number of international experts believe that these issues call for a new “Digital Geneva Convention” to address a growing global mess in cyberspace that is having very real impacts in the daily lives of individuals, companies and governments around the world.

DEFINITIONS, PLEASE

But before we dig deeper into this topic, here are a few important definitions.According to the International Committee of the Red Cross:

“The Geneva Conventions and their Additional Protocols are international treaties that contain the most important rules limiting the barbarity of war. They protect people who do not take part in the fighting (civilians, medics, aid workers) and those who can no longer fight (wounded, sick and shipwrecked troops, prisoners of war). …

“Article 3, common to the four Geneva Conventions, marked a breakthrough, as it covered, for the first time, situations of non-international armed conflicts. These types of conflicts vary greatly. They include traditional civil wars, internal armed conflicts that spill over into other states or internal conflicts in which third states or a multinational force intervenes alongside the government. Common Article 3 establishes fundamental rules from which no derogation is permitted. It is like a mini-Convention within the Conventions as it contains the essential rules of the Geneva Conventions in a condensed format and makes them applicable to conflicts not of an international character:

“It requires humane treatment for all persons in enemy hands, without any adverse distinction. It specifically prohibits murder, mutilation, torture, cruel, humiliating and degrading treatment, the taking of hostages and unfair trial. It requires that…

Source…

Cybercrime and hacking by hostile states demands a ‘Digital Geneva Convention’ – Stewart McDonald MP and Alyn Smith MP


The first iPhone was released less than 15 years ago, boasting 2G internet and the ability to download a four-minute music video in just a few short hours.



Emmanuel Macron wearing a suit and tie standing in front of a crowd


© France’s President Emmanuel Macron changed his phone and number after he was reportedly targeted wit…


At that time, the internet was little more than a collection of blogs and chatrooms and the word ‘ransomware’ was unheard of by all but a small handful of people.

In the few short years since then, human society has undergone one of the most profound and rapid transformations in its history.

Our social existence – from working, shopping and socialising to dating and learning – has increasingly moved online, with each activity leaving a Hansel and Gretel-style trail of data in its wake.

News headlines today feature stories about ‘hack and leak’ operations or ransomware attacks, where hackers paralyse a computer system and hold its information at ransom.

Despite the ubiquity of this digital technology – the sheer volume of the data that we unthinkingly, and often unknowingly, share online and the speed at which it has become ingrained in every aspect of our daily lives, from arranging for food deliveries to organising patient records – international rules and norms governing cyberspace remain too patchy, to the point of rendering them effectively non-existent.

While the anarchy of the early internet was a large part of its appeal, today it represents a significant threat to our security and the global economy.

Indeed, just as we have moved our activities online, so too have hostile states and other malicious actors. Journalists and human rights activists can now be tracked without the need for someone sitting outside their home for hours on end and critical national infrastructure can be brought to its knees without the need for bombs or missiles.

READ MORE: SEPA: 4,000 files stolen in cyber attack on Scotland’s environmental regulator published

This month alone has seen the news dominated by cybercrime – attacks on Microsoft orchestrated by the Chinese state; the hacking and surveillance of the mobile phones of journalists, human rights activists and world leaders; and a series of ransomware attacks…

Source…

AIG, Geneva Association, IFTRIP and more highlight the sensitive subject of cyber incidents attribut


Read more: Cyberattacks by nation states evolving to become more aggressive

Christian Wells, special counsel, Pool Re and secretariat, IFTRIP, highlighted that, while government involvement undoubtedly helps with attribution in the sense of providing an answer, it doesn’t necessarily provide a wholly accurate answer, even where there is an agreed process. A lot of national pools around the world don’t actually have formal processes, he said, they merely have contact with their governments.

“In the case of Pool Re,” he said, “we have a formal process for the certification of an event but it’s a bit like a black box – we submit a request for certification to the government who will then issue a certification that something is or isn’t, in the case of Pool Re, an act of terrorism. So, there may be a number of factors at play on whether a government certifies something as terrorism or as hostile cyber activity or otherwise. It’s an easier approach, not necessarily a failsafe one.”

Offering his perspective, Chuck Jainchill, cyber product development leader at AIG noted that the best-case scenario is having some form of governmental or international way of certifying or determining attribution. But, as with all things relating to insurance policies, he said, attribution may have to be determined legally in court. And the standard in the US, and most places, for civil litigation hinges on factors such as a preponderance of the evidence.

Even though a state may not be willing to take the position that an adversary or a friend was the perpetrator of an event, he said, the court has the standard of expert testimony and a variety of sources. Public-private partnerships and government buy-in is the ideal – but in the absence of that, the insurance industry must establish how to determine where these events fall on the spectrum.

Offering a non-insurance view Kaja Ciglic, senior director for digital diplomacy at Microsoft, who has previously been involved with governments on this subject, stated that public attribution tends to be a political process. When governments call out other governments for malicious…

Source…

Viewpoint: Geneva Conventions for Cyber Warriors Long Overdue – National Defense Magazine

Viewpoint: Geneva Conventions for Cyber Warriors Long Overdue  National Defense Magazine
“cyber warfare news” – read more