Rather, it is the manner (i.e., the methods) in which cyber espionage operations are conducted that may violate international law and, when considering how these rules apply to cyber operations, the Tallinn Manual 2.0 often uses cyber espionage as an example. Rule 32 of the Schmitt 2017 states that peacetime cyber espionage is not per se regulated by international law. Ziolkowski 2013 was the first publication to provide an intensive analysis of how international law applies to cyber espionage. Today, the tenor of the literature focuses on different issues and seeks to draw distinctions between different forms of cyber espionage based on the methods used or the type of information targeted (such as economic and industrial data). Other early studies focused on whether international law even applied to cyber espionage. In 1999, the Office of the General Counsel of the US Department of Defense likewise issued a memorandum on international legal issues in information operations, including unauthorized cyber intrusions (see US Department of Defense, Office of General Counsel 1999). Early academic authors focused on cyber espionage in the context of “information warfare” ( Kanuck 1996). Prior to the Snowden disclosures, only a handful of texts dealt with the topic. However, the a-territorial, interconnected, and instantaneous nature of cyberspace creates particular problems for the application of international law to cyber espionage and, since the 2013 Edward Snowden revelations, there has been a surge in scholarship examining these issues, thus requiring a separate entry for this topic. Oxford Bibliographies already contains an entry on espionage and international law (see the article “ Espionage in International Law”). Unlike peacetime espionage, cyber espionage committed during times of armed conflict is directly regulated by international humanitarian law. In fact, there is an array of general principles of international law as well as specialized regimes that are potentially applicable to cyber espionage. But this does not mean that cyber espionage exists in an international law vacuum. Peacetime espionage is not specifically regulated by international law, and thus there is no “international law of espionage” that can be applied to cyber-enabled espionage. The dawn of cyberspace has heralded an exponential increase in political, economic, and industrial espionage for several reasons: first, cyberspace is used to store huge amounts of confidential information, and is therefore a resource-rich environment for cyber spies to target second, the instantaneous nature of cyberspace means that cyber spies can access confidential information quickly, cheaply, and efficiently and third, cyberspace is a virtual and interconnected domain, meaning that espionage can be conducted remotely and anonymously, thus making it a relatively risk-free enterprise. “Industrial” cyber espionage entails the theft of confidential business information, but, unlike economic cyber espionage, it is carried out by companies against foreign rivals without the support or assistance of a state. “Economic” cyber espionage is also state-sponsored but instead involves the theft of confidential business information from foreign companies. “Political” cyber espionage is usually state-sponsored (although it can be undertaken by nonstate actors such as terrorist groups) and describes the appropriation of political and military information belonging to state and nonstate actors during times of peace or armed conflict. Cyber espionage takes different forms depending upon the type of confidential data targeted, the actor undertaking this activity, and the context in which it occurs.
In contrast, “remote access cyber espionage” is launched some distance from the targeted network, usually by exploiting pathways created by the Internet.
#Definition of espionage software#
“Close access cyber espionage” involves the collection of confidential data through the installation of hardware or software by malicious actors in close physical proximity to the targeted computer network or system. “Cyber espionage” describes the exploitation of cyberspace for the purpose of accessing and collecting confidential data. Because no internationally and legally recognized definition of cyber espionage exists, the following definitions of espionage will be used only to frame the subject under examination. Cyberspace gives rise to risks as well as opportunities, and a prominent threat emerging from this domain is cyber espionage.
0 kommentar(er)
