Conceptualising conflicts in cyberspace

Steiger, Stefan; Harnisch, Sebastian; Zettl, Kerstin; Lohmann, Johannes

doi:10.1080/23738871.2018.1453526

Cited by 25 publications

(8 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Quantitative observational studies increase external validity with incident-level event datasets from media reports. Authors use quantitative approaches to describe cyber conflict (Steiger et al, 2018;Valeriano and Maness, 2015), the impact of cybersecurity on battlefield operations (Kostyuk and Zhukov, 2019), conflict spillover (Maness and Valeriano, 2016), or show how states' economies shape industrial espionage (Akoto, 2024).…”

Section: Bias In Observational Researchmentioning

confidence: 99%

How the process of discovering cyberattacks biases our understanding of cybersecurity

Oppenheimer

2024

Journal of Peace Research

View full text Add to dashboard Cite

Social scientists do not directly study cyberattacks; they draw inferences from attack reports that are public and visible. Like human rights violations or war casualties, there are missing cyberattacks that researchers have not observed. The existing approach is to either ignore missing data and assume they do not exist or argue that reported attacks accurately represent the missing events. This article is the first to detail the steps between attack, discovery and public report to identify sources of bias in cyber data. Visibility bias presents significant inferential challenges for cybersecurity – some attacks are easy to observe or claimed by attackers, while others take a long time to surface or are carried out by actors seeking to hide their actions. The article argues that missing attacks in public reporting likely share features of reported attacks that take the longest to surface. It builds on datasets of cyberattacks by or against Five Eyes (an intelligence alliance composed of Australia, Canada, New Zealand, the United Kingdom and the United States) governments and adds new data on when attacks occurred, when the media first reported them, and the characteristics of attackers and techniques. Leveraging survival models, it demonstrates how the delay between attack and disclosure depends on both the attacker’s identity (state or non-state) and the technical characteristics of the attack (whether it targets information confidentiality, integrity, or availability). The article argues that missing cybersecurity events are least likely to be carried out by non-state actors or target information availability. Our understanding of ‘persistent engagement,’ relative capabilities, ‘intelligence contests’ and cyber coercion rely on accurately measuring restraint. This article’s findings cast significant doubt on whether researchers have accurately measured and observed restraint, and informs how others should consider external validity. This article has implications for our understanding of data bias, empirical cybersecurity research and secrecy in international relations.

show abstract

Section: Bias In Observational Researchmentioning

confidence: 99%

How the process of discovering cyberattacks biases our understanding of cybersecurity

Oppenheimer

2024

Journal of Peace Research

View full text Add to dashboard Cite

show abstract

“…Elements associated with data breaches can be considered as: organizational factors, business process exposure factors, and technological security factors; Understanding these factors, and using computer security industry frameworks and healthcare standards, may help predict healthcare data breach weaknesses. Steiger et al (2018) propose that it is crucial to discuss hypothetical scenarios and analyse actual events, to achieve better understanding of cyber conflicts, and also: 1) Besides Western sources, also work with e.g. Russian and Chinese speaking coders; 2) Recognise the attribution made by actual conflict actors; 3) Rely on structured inclusion criteria to establish a dataset to evaluate cyber incidents; and 4) Build assessments on transparent indicators and develop criteria to gauge the intensity of cyberattacks that represent the severity of cyber incidents.…”

Section: Critical Infrastructures and Servicesmentioning

confidence: 99%

Societal Impacts of Cyber Security in Academic Literature – Systematic Literature Review

Hytönen

Trent

Ruoslahti

2022

eccws

View full text Add to dashboard Cite

The 2020 Allianz Risk Barometer, with 39% of responses, ranked cyber incidents as the number one risk threatening business continuity. Any organisation may face a number of challenges e.g. costly data breaches, ransomware incidents, and even litigation after an event. The Internet has, in many ways, changed society, transformed businesses, organisational communication and learning. People can now interact through social networking platforms. Modern society has become very technology driven, as ICT is now an integral component in peoples’ lives. However, besides the many benefits that the Internet and other ICT technology bring, there are also threats, such as cyber-attacks looking to exploit vulnerabilities in ICT applications and systems. This study is a systematic literature review that explores how societal impacts of cyber security in modern society are discussed in academic literature. The Introduction discusses the overall importance of cyber security in today’s society. The body of this paper presents the method in which the literature review was conducted, and a concise summary of the findings that answer the research question: How are societal impacts of cyber security discussed in academic literature? Six categories of investigation of societal impacts of cyber security are identified: 1) Impacts on Social and Societal Levels, 2) Detection of cyber-crime and incidents, 3) Critical infrastructures and services, 4) Impacts of incidents and individual technology, 5) Cybersecurity awareness, and 6) Cybersecurity and collaboration. Lastly, the conclusions, based on the research findings, address the feasibility, impact, strengths, weaknesses and possible ethical concerns of cybersecurity. This paper contributes to the overall understanding of current societal impacts of cyber security, and this understanding benefits the development of methods that assess societal impacts, as well as provides focus for future training and development of cyber and e-skills needed for better awareness of cyber threats, and to better address possible cyber incidents.

show abstract

“…Vergleichende Studien, die verschiedene Fälle analysieren und dabei nicht nur die qualitativen Spitzen des Konfliktgeschehens abbilden, sind aber noch immer rar. Eine Folge dieser Kritik sind erste Projekte und Datensätze, die sich zum Ziel gemacht haben, politische Cyberangriffe strukturiert zu vermessen und so empirisch fundierte Analysen zu ermöglichen (Council on Foreign Relations, 2020;Steiger u. a., 2018;Valeriano und Maness, 2014).…”

Section: Forschungsstand Desiderate Und Fragestellungunclassified

Cybersicherheit in Innen- und Außenpolitik

Steiger

2022

Self Cite

View full text Add to dashboard Cite

show abstract

Conceptualising conflicts in cyberspace

Cited by 25 publications

References 37 publications

How the process of discovering cyberattacks biases our understanding of cybersecurity

How the process of discovering cyberattacks biases our understanding of cybersecurity

Societal Impacts of Cyber Security in Academic Literature – Systematic Literature Review

Cybersicherheit in Innen- und Außenpolitik

Contact Info

Product

Resources

About