6 International Cyber Conflict 6 International Cyber Conflict
Week 9
Week 9 (Nov. 29, 2023): International Cyber Conflict
This week we’ll discuss what happens when countries hack each other, covering the basics of Computer Network Operations and the international law framework governing cyber conflict, which we'll apply to real-world examples such as Stuxnet, SolarWinds, and Russia's cyberattacks against Ukraine and other countries.
6.1. The danger in calling the SolarWinds breach an ‘act of war’ - Tarah Wheeler (Mar. 4, 2021)
6.2. International law and cyber ops: Q & A with Mike Schmitt about the status of Tallinn 3.0 – Lawfire (Oct. 3, 2021)
6.3. Examining 2 recent cyberattacks against NATO members - NPR (Sept. 13, 2022)
OPTIONAL: If you want to read more about the Albania cyberattacks, here's another pertinent news article that discusses the NATO collective self-defense aspect.
6.4. Russian hackers disrupted Ukrainian electrical grid last year - CyberScoop (Nov. 9, 2023)
6.5 Optional Reading 6.5 Optional Reading
6.5.1. Stuxnet, Schmitt Analysis, and the Cyber “Use-of-Force” Debate - Andrew C. Foltz, 67(4) Joint Force Quarterly 40–48 (2012)
6.5.2. US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit - Wired (Oct. 19, 2020)
6.5.3. FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government - The White House (Apr. 15, 2021)
This is a summary of Executive Order 14024. OPTIONAL: Read the full EO.
6.5.4. Is Russia regrouping for renewed cyberwar? - Microsoft (Mar. 15, 2023)
This blog post summarizes Microsoft Threat Intelligence's latest report on Russia's computer network operations (CNO) during the war in Ukraine, a topic Microsoft has been publishing heavily about since the war began. (The company provides ample digital defense resources to Ukraine.) The full report, linked in the blog post, is available here.
6.5.5. The 1985 KGB Hack - YouTube
This is a quick summary of a West German hacker's Computer Network Exploitation (CNE) of U.S. targets including the Lawrence Berkeley National Laboratory, right here in the Bay Area. The hacker was selling the information he exfiltrated to the Soviets. LBNL employee Cliff Stoll discovered the intrusion in the course of investigating an accounting discrepancy of 75 cents. Stoll documented the story in his book The Cuckoo's Egg. In 1990, public TV program "Nova" devoted an episode to Stoll & his book; that episode (~1 hour long) is also available on YouTube; it's a hoot to watch.
(Note to German-speaking students: I don't think Stoll intended to use the book's title as a double entendre to call the West German hacker something rude, but you never know.)