QUESTION
Cybersecurity
In your answers, you should make references to support your answers by informal pinpoint citation to book and page number within parentheses. For example (Cyberwar at p.70) or (Computer Crime Law at p. 4). Law students do not need to use the “blue book” format, I am seeking informal pinpoint citations. Your answers should indicate both an understanding of the facts or issues in-volved (a brief description), and also contain your further observation or reflec-tion upon those facts or issues. Unit 1 Exercise 1. Consider each of: 1.1. the “classic CIA triad” (e.g., p. 70), 1.2. the claim that “attribution” is “perhaps the most difficult problem” when it comes to trying to secure cyberspace (p. 73) and 1.3. the differences between trying to convict in a court of law or in “a court of public opin-ion” (p. 76, and see generally, pp. 72-76). Comment concisely on those three problems in light of the casebook’s introductory organization in-cluding the following aspects—What substantive law might be needed to protect the CIA triad? How might procedural law impede the collection of evidence sufficient to prove attribution necessary to convict (or to justify war-like retaliation against another state or collective entity)? And what jurisdictional distinctions (and different legal responses) should be made when selecting whether to invoke criminal punishment instead of other sanctions? 2. Write a concise reflection/description in response to any one of the following ques-tions 2.1 through 2.9 based on the readings in this first unit and without outside research. Be sure clearly to indicate which one of the questions you are answering. All of the questions are based on the Cyberwar book and I have provided hints for many of the items. 2.6. Consider the question: What can you do? pp. 241-46. Suppose each of us understands that we should be more “careful”—what exactly does that mean? Can you trust your browser? (i.e., you may know enough not to open attachments sent to you by email, but what about simply clicking on a website? Is it dangerous simply to “be” on the Internet with your browsing history being recorded and indexed? Where would you learn how to protect yourself beyond the most trivial steps? If you are seeking to purchase “anti-virus” software how can you know whether it is legitimate anti-virus rather than malware that is being offered to you?) Cyber War”: P.W. SINGER & ALLAN FRIEDMAN, CYBERSECURITY AND CYBERWAR: WHAT EVERYONE NEEDS TO KNOW, Ox-ford University Press (2014) ISBN: 978-0-19-991811-9. |
Subject | Law and governance | Pages | 3 | Style | APA |
---|
Answer
Week 4 Cybersecurity
The Classic CIA Triad
The classic CIA triad describes the three anchor elements, principles, or goals that constitute information security. These three goals are Confidentiality, Integrity, and Availability. Attacks on availability are those attacks that try to implement a denial of service on a network, overwhelm it with visits, or even take it offline in order to prevent access to it or shut down virtual or physical processes that depend on it (Cybersecurity, p. 70). By comparison, confidentiality attacks are attempts to access computer networks with an aim to monitor users’ activities on the systems or extract their data and information whereas integrity attacks focus on manipulating, changing, or compromising information on computer systems rather than extracting (stealing) it. A substantive law to prevent both the confidentiality, integrity, and availability attacks is one that will require organizations, institutions, and other website owners to come with information security policies that encourage the setting of stronger passwords, data encryption, biometric verification, and two-factor authentication. Further, the law should require all network and information systems to have security controls such as version control, user access control, error detection application, off-site backups, failover, server clustering, and backup and recovery procedures among other controls.
The Problem of Attribution
The author’s claim that attribution is perhaps the most difficult problem in attempts to secure cyberspace is not far from true. First, holding an individual or another nation’s government responsible for a large-scale cyberattack so that legal or retaliatory actions can be taken can be a difficult, if not impossible, task given the intricate nature of cybercrime operations. For instance, it is not uncommon for cybercrime perpetrators to disguise themselves as citizens of a given country by compromising several computers in the country and launching their attacks remotely from a different country. The aim here is to divert the attention from the actual perpetrator and make another country be seen as the culprit, which again is difficult to ascertain considering that malware and other forms of cyberattacks do not point to a particular perpetrator and his/her motif or sponsor once uncovered. The other issue that makes attribution a major impediment in securing cyberspace revolves around the collection of evidence to prove the attribution. Indeed, as mentioned in Cybersecurity and Cyberwar, tracking down cybercrime culprits and obtaining sufficient evidence to convict them in a court of law or impose retaliatory measures is sometimes difficult as the operation requires lengthy legal procedures to ensure the protection of privacy of the suspected culprits and other network users when collecting the evidence.
Differences in Trying to Convict in a Court Of Law vs. in a Court Of Public Opinion.
Both the court of law and the court of public opinion seek to hold a suspected culprit accountable or responsible for a cyberattack activity so that appropriate actions can be taken. However, the two court systems differ in the sense that convicting in a court of law involves using evidence beyond a reasonable doubt to judge the culprit whereas the court of public opinion involves using the media influence and the beliefs, desires, thinking, and majority of the people to prosecute the culprit. Cases of cyberattacks, especially those perpetrated on a large scale and with larger impacts, are best resolved when handled in a court of public opinion because finding evidence “beyond a reasonable doubt”, which is a key requirement in the court of law, might be impossible in cybersecurity given its complexity and the attribution dilemma (Cybersecurity and Cyberwar, p. 76).
.
References
Singer, P. W., & Friedman, A. Cybersecurity and Cyberwar: what everyone.
Related Samples
The Role of Essay Writing Services in Online Education: A Comprehensive Analysis
Introduction The...
Write Like a Pro: Effective Strategies for Top-Notch Explication Essays
Introduction "A poem...
How to Conquer Your Exams: Effective Study Strategies for All Learners
Introduction Imagine...
Overcoming Writer’s Block: Strategies to Get Your Essays Flowing
Introduction The...
Optimizing Your Online Learning Experience: Tips and Tricks for Success
The world of education...