Advertisement

The Monopoly of Violence in the Cyber Space: Challenges of Cyber Security

  • Roxana Georgiana Radu
Chapter
Part of the Global Power Shift book series (GLOBAL)

Abstract

The conceptualization of cyber security is currently in the making. In the last decade, the frequent concerns with power and control in the cyber space, coupled with attempts at diminishing the risks posed by ‘invisible actors’ to critical infrastructure while ensuring free access, have represented real challenges to the adoption of national cyber security frameworks. In spite of the wide acknowledgement of cyber threats as a global problem, limited efforts to adopt a common approach towards reducing risks were undertaken till now at the international level. With more than 26% of world’s population using the Internet as of 2009 (ITU 2010: ix), the cyber risks are growing. According to Libicki, only in the US, the “estimates of the damage from today’s cyber attacks range from hundreds of billions of dollars to just a few billion dollars per year” (2009: xv).

Keywords

Informational Power Invisible Actor Critical Infrastructure Protection Preemptive Action Virtual Realm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

“In the new politics, as in the new technology, the only constant is change.”

Ball 1968: 5

Introduction

The conceptualization of cyber security is currently in the making. In the last decade, the frequent concerns with power and control in the cyber space, coupled with attempts at diminishing the risks posed by ‘invisible actors’ to critical infrastructure while ensuring free access, have represented real challenges to the adoption of national cyber security frameworks. In spite of the wide acknowledgement of cyber threats as a global problem, limited efforts to adopt a common approach towards reducing risks were undertaken till now at the international level. With more than 26% of world’s population using the Internet as of 2009 (ITU 2010: ix), the cyber risks are growing. According to Libicki, only in the US, the “estimates of the damage from today’s cyber attacks range from hundreds of billions of dollars to just a few billion dollars per year” (2009: xv).

The development of ICTs brought about a “powershift” (Toffler 1990), determining a major transfer of power from the “legitimate monopoly of violence”1 to control over wealth and knowledge. The rise of the ‘informational state’2 challenges the status quo in international politics, allowing increased warfare capabilities for non-state actors in asymmetric conflictual settings. In particular, the Internet, as a borderless environment, became a space for distributed power (Sassen 2000), with a new and much broader range of stakeholders challenging the idea of the nation state (McMahon 2002). Brian Loader refers to this as a “paradigmatic change in the constellation of power relations between individuals, governments and social institutions” (1997: 1), pointing to the transnational character of this transformation.

Apart from requiring less resources and being, to a large extent, risk-free endeavors for their initiators, cyber threats have tremendously reshaped the military, economic, social and political environment. The present study aims at investigating the global power shifts through the lenses of cyber security approaches and their outcomes globally. What are the political logics and the security mechanisms that dominate today’s cyber space? Such exploration would be based on scrutinizing the theoretical understandings of cyber power and cyber security by identifying and analyzing the new risks, as well as the patterns of policy responses for three recent cyber attacks in Estonia, Georgia and South Korea. Different definitions and conceptualizations of power and threat give rise to opposed concepts. In the words of Myriam Dunn Cavelty, “the defining characteristic of the cyber-threats is their unsubstantiated nature: none of the worst-case scenarios have materialized, not even in part” (2010: 187). Nonetheless, these threats are currently placed at the top of the national security agendas around the world (Dunn Cavelty 2007). Recently, the United States has created its own Cyber Command, while the North Atlantic Treaty (NATO) became the first organization to implement a common cyber defense policy.

In the spring of 2007, Estonia was faced with a three-week denial of service attacks which disrupted the functioning of various governmental and bank websites, following the decision of the Estonian authorities to remove a Soviet monument for the Second World War. It represented the first case of cyber warfare (Traynor 2007; Tikk et al. 2008) and the responsibility for it was allegedly attributed to Russian authorities. The latter were also suspected of having launched the cyber attacks against Georgia in August 2008, prior to the start of the Russian–Georgian war over South Ossetia. Eleven months later, South Korea experienced a series of distributed denial of service attacks in July 2009 and this was believed to be an aggression coordinated by North Korea. Such politically motivated threats bring about the realization that the vulnerabilities of the Internet can no longer be controlled in a centralized manner, and as the risks are spread among end-users in different parts of the globe, more comprehensive strategies are required for addressing these.

This chapter is structured as follows. The first part deals with the changing conceptualizations of cyber security and power in a transnational environment, mediated by the use of information and communication technology (ICT) for protecting national assets. The second part draws on empirical cases of cyber attacks in Estonia, Georgia and South Korea to put into perspective the patterns of policy responses following major disruptions in the functioning of digital systems of state interest. The final section concludes and indicates directions for future research.

Changing Conceptualizations of Security and Power in the Cyber Space

Security and New Vulnerabilities in the Cyber Realm

Multiple definitions of cyber space3 point at its dynamic character. By one comprehensive understanding, cyber space represents a “time-dependent set of interconnected information systems and the human users that interact with these systems” (Ottis and Lorents 2010). In this arena with high stakes, cyber conflicts appear as unavoidable. Indeed, the cyber world has been singled out as the “fourth battlefield” (Stone 2001) or the “battlespace” (Geers 2010: 16) shortly after its creation. While ubiquitous and instant connectivity is what makes cyber space so valuable, the same characteristics represent the greatest source of risk related to the virtual world (IBM 2010: 8). The growing dependence of individuals, groups, institutions and organizations – from local to international level – on computer-mediated systems has transformed the types of security threats over the years; initially, till the late 1960s, the incertitude revolved around technical failures, after which the danger of unauthorized access and fraud became more alarming. The first computer viruses were developed in mid-1980s (Nye 2010: 3), whereas the so-called “recreational hackers” (Sommer and Brown 2011: 16) appeared in the early 1990s; with the expansion of the World Wide Web in the early 1990s, both the functioning of economy and that of governments worldwide started to rely extensively on the provision of services mediated by information and communication technologies (ICTs), potentially challenged by a series of deliberate acts meant to affect the availability, integrity, authentication or confidentiality of information systems.

As the virtual realm remains a construct of human-embodied knowledge, its sources of power lie with its creators and users rather than with the programs themselves (Libicki 2007). A multitude of concepts refer to this digital transformation, employing phrases ranging from data-processing system to “information operations” (Everard 2000: 103). Placing information at the heart of the social transformation we are faced with today, Castells (1998) asserts the rise of the “informational mode of development” in the “network society”. These differences in terminology have sector-specific origins and thus may differ in the day-to-day use of security analysts, military experts, policy-makers and academics (Billo and Chang 2004: 140). Following Galliers (2004), a distinction needs to be drawn between data, information and knowledge, in light of their context dependency and prerequisites for effective use. Though sometimes used as interchangeable concepts, “data” remain context-free and open to interpretation, whereas “information” is born in a particular setting and requires individuals’ contribution to its understanding4; on the other hand, knowledge is “tacit and embedded” (Galliers 2004: 253), providing for beliefs that can inform and determine action. Jeffrey Hart and Singbae Kim proposed the term ‘technoledge’ (Hart and Kim 2000), a composite word from “technology” and “knowledge” to better capture the dominance of technology in the contemporary environment.

In the post-9/11 era,5 the categorization of the different types of activities taking place in the cyberspace is often entrenched in the media hype depicting the constant threat posed by terrorists (Conway 2008). The perceived risks are often portrayed as threats, as imminent and direct actions rather than potential and indirect acts (Van Loon 2000). This does not only impart fear, but it furthers additional tensions over any kind of conflict in the virtual environment. Cyber attacks are now presented as the “high-tech Achilles heel” (Whitelaw 2007), having the potential for “catastrophic effects” (Technews 2011). One definition given to cyber attacks describes them as “deliberate disruption or corruption by one state of a system of interest to another state” (Libicki 2009: 23), emphasizing the strategic choice of the target. However, such a definition overlooks the intention driving cyber operations; a distinction introduced by Myriam Dunn between offensive activities (i.e., information warfare, cyber-crime, or cyber-terrorism) and defensive activities (such as information assurance or critical infrastructure protection6) helps in setting apart the attack and the deterrence sides. Yet, cyber deterrence represents just one part of the broader concept of cyber security as we know it today, since its scope is limited to “creating disincentives for starting or carrying out further hostile action” (Libicki 2009: 28). Evolving from the concept of ‘computer security’ in the late 1950s, and developing into a multi-dimensional concept employed frequently after 9/11, cyber security is still to be clearly defined (Cornish et al. 2009: 1). Recently, it is concerned not only with system integrity assurance, but also with “analyzing the risk to information networks of all sorts and then mitigating the identified risks by technical (and occasionally organizational) means” (Dunn Cavelty and Rolofs 2011).

As a priority for protecting against detrimental outcomes against citizens and against information systems, current security efforts require constant adaptation to a changing environment (British-North American Committee 2007). Cyber acts threatening state assets are transnational in their composition and effects (Hayashi 2007), which makes them more difficult to detect and contain. In the cyberspace, securing systems is of key importance, but it becomes extremely difficult to know what level of preparedness is needed, what types of preemptive actions should be pursued and against whom. What characterizes current debates on these issues is the use of terminology traditionally belonging to security studies and conventional warfare. In fact, the study of the cyber phenomena has not departed considerably from the classical understanding of security issues around major historical events (Sulek and Moran 2009), but has rather transposed the existent concepts to the virtual space by expanding their meaning. Thus, the monopoly over control of violence remains the crucial check on power balance. In Krause’s view, the “patterns of violence cannot be understood outside of the ways in which state power is mobilized and exercised as a part of the shifting balance between state and society, and between the state and military <technique>” (2009: 184). Yet, the post-Cold War era has seen the “privatization of intelligence capabilities” (Toffler 1990), which empowered non-governmental actors to a degree that no longer allows the state to be the single most authoritative source of power. The territorial sovereignty and physical control of borders, traditionally a primacy of state authorities, is now decreasing in importance. Simultaneously, a reverse movement can be identified: the “territorialisation of cyberspace”, based on state efforts to exercise power over allocation of domain names, protection of physical infrastructure for information transfer and software limitations (Herrera: 2007). Governments thus became important users of the telecommunications services and key players in determining cyber regulation (Shahin 2007: 22).

However, beyond state confines, cyber operations grow out of a diverse range of interests and rely on different capabilities of materializing systems’ disruption or corruption (data leakage, corporate espionage, etc.), causing breakdown of operations or inflicting panic on a global scale. For this reason, new players and new power centers need to be taken into account. A classification of those involved in cyber operations runs the risk of conceptual flaw, since the “users of the Internet do not fall into discrete camps, and least of all into a simple hierarchy of threats” (Cornish et al. 2009: 3). Focusing on the changing nature of conflicts, Kshetri’s (2005) analytical framework of cyber attackers and their motivations differentiates between two types of cyber incidents: (a) targeted, having specific objectives identified; and (b) opportunistic, operationalized through the spread of viruses and worms Internet-wide. While the latter category is usually of lower priority and has no predefined target, the former poses major threats to national security and to the defense mechanisms in place. Khshetri observes that the “proportion of cyber attacks that are targeted is increasing over time” (2005: 553), and that the character of the cyber attackers has changed in the past few years. Furthermore, these alterations occur as part of a much broader socio–political transformation, in which the digitalization of values7 plays an important role. Figure 8.1 provides an overview of the characteristics defining the profiles of particular cyber acts, with special emphasis on the way in which the underlying motivation of the attack defines its character.
Fig. 8.1

Kshetri’s framework for understanding the pattern of the global cyber attacks (Kshetri 2005: 545)

Power in the Cyber Space

The domain of power cannot be separated from the analysis of social structures and the manner in which different actors become powerful. In the cyber realm, power diffusion takes precedence over power transition. Drawing on analogies with seapower and airpower, the concept of cyber power has recently been used to capture the polymorphic character of force. Cyber power is “the ability to use cyber space to create advantage and influence events in other operational environments and across the instruments of power” (Kuehl 2009: 38). Among its specific features is the capacity to influence outcomes within the virtual realm and outside it (Nye 2010: 4), “intra” and “extra” cyber space power, affecting many connected domains. In this environment, both the physical (information infrastructure) and virtual (software, digital values, online assets) dimensions of power become critical for protection.

The fundamental challenges posed by the prominence of cyber space to the traditional functions the state are manifold: first, the contestation of the traditional state-organized force; second, the decrease in the importance of national territory and the cross-border character; and third, the reduced capacity of the state to control its citizens. Apart from that, every military conflict now comprises a virtual dimension (Geers 2010: 17), which considerably impacts international politics and power configurations.8 What characterizes recent wars is “a disruption or loss of the state monopoly of violence” (Wulf 2004: 2). Apart from changing the setting and the nature of conflicts, the emergence of a parallel virtual space entails a new positioning of state power. In the contemporary world, various forms of power are manifested simultaneously, remain interrelated and are often transnational. Braman (2007: 27) distinguishes between different phases: actual (as exercised), potential and virtual. The potential phase requires the possession of means for exercising power in the actual phase, whereas the virtual state refers to creating and using resources and techniques not yet in place. In these two phases, the role of technology cannot be separated. In the words of Hart and Kim, “power and technology are closely related to one another, so the assessment or measurement of power generally takes this interdependence into account” (2000: 35).

The instrumental definition of power comes from Weber, who understood it as “the chance of a man or of a number of men to realize their own will in a communal action even against the resistance of others who are participating in the action” (Weber 1952a: 180), thus manifesting itself only when resistance occurs. What is at stake is the “the probability that an actor in a social relationship can carry out his own will” (Nye 2010: 2). In Weber’s view, patterned relations of power create systems of domination, which represent a special case of power structures. The main critique to this approach is that it neglects the context of power manifestation and it does not hold valid in the absence of a collective structure, which constitutes its basic assumption (Jordan 1999: 11). In line with the realist conception, sovereignty, as the “power of a state (or other accumulation of power) to make and enforce laws and to seek to have a monopoly of the use of force” (Price 2002: 25), has been perceived as immutable. With it, the contest over the control of violence was understood as a direct threat posed to the state. In the cyber realm, in which the states are no longer homogenous actors (Sperling 2010: 1), the control is limited.

Alongside state and non-state actor repositioning, multiple conceptions of power co-exist (Barnett and Duvall: 2005). A distinctive understanding comes from Foucault, who conceptualized power as “domination” and stressed the different positions of the powerful and the powerless.9 Barnes interpreted it as social order,10 based on the distribution of knowledge across society. Accordingly, this would be the “result of knowledge we all have of each other’s knowledge” (Jordan 1999: 13), thus enhancing or restricting actors’ capacity of action by the acknowledgement of sanctions. Observing the exercise of authority empirically, Hart (1976) distinguished between three different types of power: (a) as control over a resource11; (b) as control over actors, the result of coercion or persuasion that can be measured in terms of interactions between social actors; and (c) as control over events and outcomes, taking into account the interdependence among actors and the outcomes of collective action. However, these definitions are limited to analyzing power by the capacity of doing something or preventing others from doing a particular activity and do not go beyond taking actors’ preferences and identities as given. For Singh, the concept of the concept of “meta-power” would capture better the type of power that is specific to the digital space, related to the role of interactive technologies in reshaping the preferences and identities, since “information networks change the very context – understood here as identities of issues and actors – within which interactions take place” (Singh 2007).

Investigating the balance of power and its foundations in cyberspace, Braman (2007) identified a new type of power – informational – complementing the other forms of power (instrumental, structural and symbolic) discussed in the literature. In her understanding, informational power “dominates power in other forms, changes how they are exercised, and alters the nature of their effects” (2007: 26) through the manipulation of their knowledge bases. Braman examines the transformation from bureaucratic to ‘informational state’, which uses control over information in three ways: (a) by making similar use of informational power as non-state actors and learning from them; (b) by extending the use of informational power in the interest of the state (private actors as regulatory bodies); and (c) by diversifying and multiplying the relations with other governments, expanding their own network. The aim of these strategies is to “produce and reproduce loci of power and to carve out areas of autonomous influence within the network environment” (2007: 36).

Politically-Motivated Cyber Attacks in Estonia, Georgia and South Korea

As ICT exponentially increases the planning capacity of individuals and organizations (Lenk 1997), attacks in the cyber space are less likely to be preceded by long deliberation periods or preparatory phases. On the contrary, with very low costs for their initiation, cyber strikes occur unexpectedly and are very difficult to identify, as they come from computers located in different countries and continents. The most utilized technique employed employed in recent cyber conflicts is the distributed denial-of-service attack (DDoS), which “overwhelms Internet-connected systems and their networks by sending large quantities of network traffic to a specific machine from multiple compromised machines” (Sommer and Brown 2011: 25–26). As such, DDoS attacks represent an exercise of hard power (Nye 2010), with the capacities of the physical infrastructure as the target.

Such phenomena are not new. Chinese hackers have reportedly been involved in a number of cyber conflicts going back to August 1999, against Taiwanese, Indonesian, Japanese authorities (Denning 2000; de Kloet 2002), as well as against US targets (Bridis 2001). Very recently, attacks against two key Canadian government agencies have been attributed to Chinese hackers (Sabourin 2011). Figure 8.2 above offers an overview offers an overview of the main characteristics of the recent cyber attacks in Estonia, Georgia and South Korea. In all these cases, the cyber operations were coordinated and globally sourced. The damages remain unestimated in official reports. In the case of Estonia and Georgia, spamming through emails and defacement of websites also occurred, but these did not exceed the harm inflicted by the denial of service attacks. While the attackers remain unknown,12 all these incidents have been linked to political motivations. The attacks on Estonia are believed to have been state-sponsored allegedly by Russia (Myers 2007; BBC News 2007) in the aftermath of the relocation of the statue of the Bronze Soldier of Tallinn, of symbolic importance both to the Russian minority in the country and to Russia itself.
Fig. 8.2

Overview of major recent cyber attacks (2007–2009)

Estonia and South Korea are almost entirely dependent on ICT. By 2007, 98% of all bank transactions in Estonia were done via electronic means and more than 80% of tax declarations were filed online. South Korea has one of the highest rates of Internet use in the world, and most of its governmental services are performed online. The state-level aggression in both countries targeted governmental websites, financial operations and media outlets portals, thus not only obstructing access to information, but also restricting or suspending the functioning of banking services. In South Korea, more than 20,000 computers were taken over and employed in the operation (Mills 2009). Even if the damage was smaller than in Estonia in 2007, the attacks against South Korean assets inflicted panic and emphasized new vulnerabilities. Though not attributed directly, these attacks have been publicly linked to North Korea’s telecommunications ministry (Yonhap 2009).

In Georgia, the attacks were more intensive, but their time span was much shorter. Their effects, however, were long–lasting, as the cyber attacks preceded the start of the Russian–Georgian war over the independence status of South Ossetia and were blocking the channels of communication at a strategic moment. An average cyber attack lasted 2 hours and 15 minutes, and the longest one went on for 6 hours (Nazario 2008). Altogether, the functioning of 36 main websites was disrupted or suspended few days before the start of the war, but continued throughout the physical conflict as well. The temporary harm affected primarily the information flow before the war, limiting the ability of the state to communicate with its citizens. Employing cyber threats to supplement the means used in territorial conflicts does not represent a new practice. In September 2000, Israeli hackers targeted websites owned by Hezbollah and the Palestinian National Authority, triggering a series of responses from the Palestinian side in the so-called ‘cyber holy war’ (Cornish et al. 2009: 4).

Learning from these security challenges, different policy responses have been initiated all around the world. Estonia’s cyber security strategy dates back to 2008 and UK launched its national cyber strategy in June 2009. The central influence of technology on defense planning, as a trend emerging in the aftermath of World War II (Granger 1978: 75), is now prominent in the adoption of action plans that refer to cyber war as one of the main threats. However, apart from the importance of national security cultures (Sperling 2010: 1), state-level strategies are influenced by many other factors, including the availability of new technology, power realignments, enforcement of international norms etc. The diffusion of technology transnationally creates additional difficulties for policy-making. As technology becomes more crucial in determining national warfare capabilities, there is a built-in risk of non-attribution and reduced or no accountability mechanisms. In the words of Sassen, “the greatest challenge comes from the lack of accountability built into many of the capabilities that can be deployed by powerful actors, be they private or governmental, in the pursuit of their interests” (2000: 29).

Conclusions

This chapter investigated the major transformation in the meaning of security and power in the virtual environment, by focusing on the risks posed by cyber attacks in a world dominated by technological advancements. The cyber operations targeted against state-level assets and their disruptive effects on the functioning of governmental and financial systems, as in the case of Estonia, Georgia and South Korea, demonstrate vulnerabilities that can no longer be tackled within the confines of the state. Back in 2004, Wulf observed that, in particular with regards to security challenges, “international policy remains decidedly state–centric” (2004: 12). For the power structures to properly address the transnational cyber security threats, a broad range of stakeholders needs to be empowered (IBM 2010: 9).

While the logic of competition and conflict still structures the monopoly over violence at all levels, there seems to be a “shift away from the singularly inward forms of state control to outward-looking, regional, or multilateral approaches, and away from law and regulation toward negotiation and agreement” (Price 2002: 3). This fundamental change results in initiatives for controlling against large-scale risks at different levels and outside the governmental sphere only. For global detrimental outcomes to be prevented, the implications of new security and power vulnerabilities need to be assessed. A paradigm shift towards multilateral agreements in cyberspace (Hughes 2010), while affecting the current status quo, might provide for alternatives modes of protecting basic social needs and values.

Footnotes

  1. 1.

    In “Economy and Society”, Max Weber provides the definition of the state as a political organization “upholding the claim to the monopoly on the legitimate use of physical violence in the enforcement of its orders” (1952b: 29).

  2. 2.

    See Braman 2007.

  3. 3.

    Cyberspace is a term coined by William Gibson, who described it as “a consensual hallucination… A graphic representation of data abstracted from the back of every computer in the human system. Unthinkable complexity. Lines of light ranged in the nonspace of the mind, clusters and constellations of data. Like city lights receding” (Gibson 1985: 51).

  4. 4.

    For a full overview of the taxonomy of definitions of information, see Braman (2007).

  5. 5.

    /11 refers to the terrorist attacks on the World Trade Center in New York on 11 September 2001.

  6. 6.

    Critical infrastructure protection does not refer only to preemptive actions, being “also about technology of control, constituting both a threat and a means of protection” (Dunn Cavelty and Kristensen 2008: 5).

  7. 7.

    Digitalization of values refers to the sources of value existent in the online realm; high dependence on ICT for business profits or large digital networks increases the risk of targeted attacks (Kshetri 2005).

  8. 8.

    Back in 1990, in his book entitled Powershift: knowledge, wealth and violence at the edge of the 21 st century, Toffler asserted that, in the age of new technology, “power, which to a large extent defines us as individuals and as nations, is itself being redefined” (Toffler 1990: 7).

  9. 9.

    Accordingly, “power applies to immediate everyday life which categorises the individual, marks him by his own individuality, attaches him to his own identity, imposes a law of truth on his which he must recognize and which others have to recognize in him. It is a form of power, which makes individuals subjects. There are two meanings of the word subject: subject to someone else by control and dependence, and ties to his own identity by a conscience or self-knowledge. Both meanings suggest a form of power which subjugates and makes subject to” (Foucault 1983: 212).

  10. 10.

    Barnes (1988: 57) explains that “any specific distribution of knowledge confers a generalized capacity for action upon those individuals who carry and constitute it, and that capacity for action is their social power, the power of the society they constitute by bearing and sharing the knowledge in question. Social power is the added capacity for action that accrues to individuals through their constituting a distribution of knowledge and thereby a society”.

  11. 11.

    This understanding is similar to that of capabilities (Hart 1989).

  12. 12.

    Though attacks were sometimes claimed by individual hackers, a dominant state interest is not excluded.

References

  1. Ball, G. (1968). The discipline of power: Essentials of a modern world structure. Boston: Little, Brown and Company.Google Scholar
  2. Barnes, B. (1988). The nature of power. Cambridge: Polity.Google Scholar
  3. Barnett, M., & Duvall, R. (2005). Power in international politics. International Organization, 59, 39–75.CrossRefGoogle Scholar
  4. BBC News. (2007). Estonia hit by <Moscow cyber war>, 17 May 2007. http://news.bbc.co.uk/2/hi/europe/6665145.stm.
  5. Billo, C., & Chang, W. (2004). Cyber warfare: an analysis of the means and motivations of selected nation states. Institute for Security Technology Study, Dartmouth College, report available at http://www.ists.dartmouth.edu/docs/cyberwarfare.pdf.
  6. Braman, S. (2007). Change of state: Information, policy, and power. Cambridge: MIT Press.Google Scholar
  7. Bridis, T. (2001). Net Espionage rekindles cold-war tensions – U.S. tries to identify hackers. Wall Street Journal, 27 June 2001. http://netwarfare.com/newcoldwar.htm.
  8. British- North American Committee. (2007). Cyber attack: A risk management primer for CEOs and directors. http://www.acus.org/docs/071212_Cyber_Attack_Report.pdf.
  9. Castells, M. (1998). End of millennium, the information age: Economy, society and culture (Vol. III). Oxford: Blackwell.Google Scholar
  10. Conway, M. (2008). Media, fear and the Hyperreal: The construction of cyberterrorism as the ultimate threat to critical infrastructures. In M. Dunn Cavelty & K. S. Kristensen (Eds.), Securing ‘The Homeland’: Critical infrastructure, risk and (In)security (pp. 109–129). London: Ashgate.Google Scholar
  11. Cornish, P., Hughes, R., & Livingstone, D. (2009). Cyberspace and the national security of the United Kingdom Chatham House Report. http://www.chathamhouse.org.uk/files/13679_r0309cyberspace.pdf.
  12. De Kloet, J. (2002). Digitisation and its Asian discontents: The Internet, politics and hacking in China and Indonesia. First Monday, 7(9). http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/1789/1669.
  13. Denning, D. (2000). Hacktivism: An emerging threat to diplomacy, American Foreign Service Association. http://www.fsjournal.org/sept00/Denning.cfm.
  14. Dunn Cavelty, M. (2007). Critical information infrastructure: Vulnerabilities, threats and responses. UNIDIR Disarmament Forum, 2007(3), 15–22.Google Scholar
  15. Dunn Cavelty, M. (2010). Cyber-threats. In M. Dunn Cavelty & V. Mauer (Eds.), The Routledge handbook of security studies. London/New York: Routledge.Google Scholar
  16. Dunn Cavelty, M., & Kristensen, K. S. (2008). Securing the homeland: Critical infrastructure, risk and (in)security. In M. Dunn Cavelty & K. S. Kristensen (Eds.), Securing ‘the Homeland’: Critical infrastructure, risk and (in)security. London: Routledge.Google Scholar
  17. Dunn Cavelty, M., & Rolofs, O. (2011). From cyberwar to cybersecurity: Proportionality of fear and countermeasures. Munich Security Conference, Munich, 3–4 Feb 2011. Paper available at http://www.securityconference.de/Article-Details.94.0.html?&no_cache=1&L=1&tx_ttnews[tt_news]=560&tx_ttnews[backPid]=92&cHash=55e618dc7b.Google Scholar
  18. Everard, J. (2000). Virtual states: The Internet and the boundaries of the nation–state. London: Routledge.Google Scholar
  19. Foucault, M. (1983). The subject and power. In H. Dreyfus & P. Rabinow (Eds.), Michel Foucault: Beyond structuralism and hermeneutics (2nd ed., pp. 208–226). Chicago: Chicago University Press.Google Scholar
  20. Galliers, R. (2004). Reflections on information systems strategizing. In C. Avgerou, C. Ciborra, & F. Land (Eds.), The social study of information and communication technology (pp. 231–262). Oxford: Oxford University Press.Google Scholar
  21. Geers, K. (2010). A brief introduction to cyber warfare, Common Defense Quarterly (Spring), 16–17Google Scholar
  22. Gibson, W. (1985). Neuromancer. New York: Ace Books.Google Scholar
  23. Granger, J. (1978). Technology and international relations. San Francisco: Freeman.Google Scholar
  24. Hart, J. A. (1976). Three approaches to the measurement of power in international relations. International Organization, 30(2), 289–305.CrossRefGoogle Scholar
  25. Hart, J.A. (1989), ISDN and power, Discussion Paper 7, Center for Global Business, the Business School of Indiana UniversityGoogle Scholar
  26. Hart, J. A. & Kim, S. (2000). Power in the information age. In J. Ciprut (Ed.), Of fears and foes: Security and insecurity in an evolving global political economy (pp. 35–58). Westport: Praeger.Google Scholar
  27. Hayashi, M. (2007). The information revolution and the rules of jurisdiction in public international law. In M. Dunn, S. F. Krishna-Hensel, & V. Mauer (Eds.), The resurgence of the state: Trends and processes in cyberspace governance (pp. 59–83). Aldershot/Hampshire: Ashgate.Google Scholar
  28. Herrera, G. L. (2007). Cyberspace and Sovereignty: Thoughts on physical space and digital space. In M. Dunn Cavelty, V. Mauer, & S. F. Krishna-Hensel (Eds.), Power and security in the information age: Investigating the role of the state in cyberspace (pp. 67–94). Aldershot/Hampshire: Ashgate.Google Scholar
  29. Hughes, R. (2010). A treaty for cyberspace. International Affairs, 86(2), 523–541.CrossRefGoogle Scholar
  30. IBM. (2010). Meeting the cybersecurity challenge: Empowering Stakeholders and. Ensuring Coordination. IBM U.S. Federal. White Paper. http://www-304.ibm.com/easyaccess3/fileserve?contentid=192188.
  31. International Telecommunication Union. (2010). Measuring the Information Society. http://www.itu.int/ITU-D/ict/publications/idi/2010/Material/MIS_2010_without_annex_4-e.pdf.
  32. Jordan, T. (1999). Cyberpower: The culture and politics of cyberspace and the internet. London: Routledge.CrossRefGoogle Scholar
  33. Kirk, D. (2009). What’s behind cyber attacks on South Korea, US?. CSMonitor, 8 July 2009. http://www.csmonitor.com/World/Asia-Pacific/2009/0708/p06s24-woap.html.
  34. Krause, K. (2009). War, violence and the state. In M. Brzoska & A. Krohn (Eds.), Securing peace in a globalized world (pp. 183–202). London: Palgrave Macmillan.Google Scholar
  35. Kshetri, N. (2005). Pattern of global cyber war and crime: A conceptual framework. Journal of International Management, 11, 541–562.CrossRefGoogle Scholar
  36. Kuehl, D. (2009). From cyberspace to cyberpower: Defining the problem. In F. Kramer, S. Starr, & L. K. Wentz (Eds.), Cyberpower and national security (pp. 24–42). Washington, DC: National Defense University Press.Google Scholar
  37. Lenk, K. (1997). The challenge of cyberspacial forms of human interaction to territorial governance and policing. In B. D. Loader (Ed.), The governance of cyberspace: Politics, technology and global restructuring. London: Routledge.Google Scholar
  38. Libicki, M. (2007). Conquest in cyberspace. Cambridge: Cambridge University Press.CrossRefGoogle Scholar
  39. Libicki, M. (2009). Cyberdeterrance and cyberwar. Santa Monica: RAND.Google Scholar
  40. Loader, B. D. (1997). The governance of cyberspace: Politics, technology and global restructuring. In B. D. Loader (Ed.), The governance of cyberspace: Politics, technology and global restructuring. London: Routledge.CrossRefGoogle Scholar
  41. McMahon, P. (2002). Global control: Information technology and globalization since 1846. Cheltenham: Northampton.Google Scholar
  42. Mills, E. (2009). Botnet worm in DOS attacks could wipe data out on infected PCs, CNet News, 10 July 2009. http://news.cnet.com/8301-1009_3-10284281-83.html.
  43. Moses, A. (2008). Georgian websites forces offline in <cyber war>, Sunday Morning Herald, 12 Aug 2008. http://www.smh.com.au/news/technology/georgian-websites-forced-offline-in-cyber-war/2008/08/12/1218306848654.html.
  44. Myers, S. L. (2007). Cyberattack on Estonia stirs fear of <virtual war>. New York Times, 18 May 2007. http://www.nytimes.com/2007/05/18/world/europe/18iht-estonia.4.5774234.html.
  45. Nazario, J. (2008). Georgia DDoS attacks - a quick summary of observations, Arbor Networks, 12 Aug 2008. http://asert.arbornetworks.com/2008/08/georgia-ddos-attacks-a-quick-summary-of-observations/.
  46. Nye, J. (2010). Cyber power. Harvard Kennedy School, Belfer Center for Science and International Affairs. http://belfercenter.ksg.harvard.edu/files/cyber-power.pdf.
  47. Ottis, R., & Lorents, P. (2010). Cyberspace: Definition and implications. Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia. http://www.ccdcoe.org/articles/2010/Ottis_Lorents_CyberspaceDefinition.pdf.
  48. Price, M. (2002). Media and sovereignty: The global information revolution and its challenge to state power. Cambridge/London: MIT Press.Google Scholar
  49. Sabourin, C. (2011). Chinese hackers behind cyber attack on Canada: Report, Psysorg.com (February 17). http://www.physorg.com/news/2011-02-china-hackers-cyber-canada.html.
  50. Sassen, S. (2000). Digital networks and the state: Some governance questions. Theory Culture & Society, 17(4), 19–33.CrossRefGoogle Scholar
  51. Shahin, H. (2007). The reassersion of the state: Governance and the information revolution. In M. Dunn, S. F. Krishna-Hensel, & V. Mauer (Eds.), The resurgence of the state: Trends and processes in cyberspace governance. Aldershot/Hampshire: Ashgate.Google Scholar
  52. Singh, J. P. (2007). Meta-power, networks, security and commerce. In M. Dunn Cavelty, V. Mauer, & S. F. Krishna-Hensel (Eds.), Power and security in the information age: Investigating the role of the state in cyberspace (pp. 45–66). Aldershot/Hampshire: Ashgate.Google Scholar
  53. Sommer, P., & Brown, I. (2011). Reducing systemic cybersecurity risk. OECD report for Future Global Shocks Project. http://www.oecd.org/dataoecd/3/42/46894657.pdf.
  54. Sperling, J. (2010). The post-Westphalian state, national security cultures, and the global security governance, EU-GRASP Working Paper no. 15. http://www.eugrasp.eu/uploads/media/WP15_final.pdf.
  55. Stone, A. (2001). Cyberspace: The next battlefield. USA Today, 19 June 2001. http://www.usatoday.com/tech/news/2001-06-19-cyberwar-full.htm.
  56. Sulek, D., & Moran, N. (2009). What analogies can tell us about the future of cybersecurity. In C. Czosseck & K. Geers (Eds.), The virtual battlefield: Perspectives on cyber warfare (pp. 118–131). Amsterdam: Ios Press.Google Scholar
  57. Technews. (2011). Catastrophic effects that cyber-attacks may have. 28 Jan 2011. http://techweek.org/25041catastrophic-effects-that-cyber-attacks-may-have.html.
  58. Tikk, E., Kaska, K., Rünnimeri, K., Kert, M., Talihärm, A.-M., & Vihul, L. (2008). Cyber attacks against Georgia: Legal lessons identified. Analysis document by the Cooperative Cyber Defense Center of Excellence (Tallinn, Estonia). http://www.carlisle.army.mil/DIME/documents/Georgia%201%200.pdf.
  59. Toffler, A. (1990). PowerShift: Knowledge, wealth, and violence at the edge of the 21 st century. New York: Bantam Books.Google Scholar
  60. Traynor, I. (2007). Russia accused of unleashing cyberwar to disable Estonia. The Guardian, 17 May 2007.Google Scholar
  61. van Loon, J. (2000). Virtual risks in an age of cybernetic reproduction. In B. Adam, U. Beck, & J. van Loon (Eds.), The risk society and beyond: Critical issues for social theory (pp. 165–182). London: Sage.Google Scholar
  62. Weber, M. (1952a). Class, status, party. In H. Gerth & C. Wright Mills (Eds.), From Max Weber (pp. 180–195). London: Routledge.Google Scholar
  63. Weber, M. (1952b). In G. Roth & W. Claus (Eds.), Economy and society: An outline of interpretive sociology. Berkeley: University of California Press.Google Scholar
  64. Whitelaw, K. (2007). A high-tech Achilles heel: Washington plans stepped up defenses against cyberattacks. U.S. News and World Report, 26 Oct 2007. http://www.usnews.com/news/national/articles/2007/10/26/washington-plans-stepped-up-defenses-against-cyberattacks.
  65. Wulf, H. (2004). The bumpy road to re-establish a monopoly of violence. Paper prepared for Study Group on Europe’s Security Challenges, London School of Economics. http://www.lse.ac.uk/Depts/global/Publications/HumanSecurityReport/Wulfdraft.pdf.
  66. Yonhap (2009). North Korean ministry behind July cyber attacks: Spy chief, 30 Oct 2009. http://english.yonhapnews.co.kr/northkorea/2009/10/30/0401000000AEN20091030002200315.HTML.

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  1. 1.Center for Media and Communication StudiesCentral European UniversityBudapestHungary

Personalised recommendations