Mon. May 23rd, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    es flag
    uk flag

    Content Assessment: Cyber Vigilantism? A Legal Analysis of Ukraine Support (CCDCOE)

    Information - 96%
    Insight - 98%
    Relevance - 92%
    Objectivity - 94%
    Authority - 95%

    95%

    A short percentage-based assessment of the qualitative benefit of the paper by the NATO CCDCOE on the topic of cyber vigilantism.

    Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

    To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


    Background Note: Shared for the non-commercial educational benefit of cybersecurity, information governance, and eDiscovery professionals, this recently published working paper from the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) explores from a legal perspective the considerations, challenges, and consequences of cyber vigilantism in support of Ukraine. 

    Paper from CCDCOE*

    Cyber Vigilantism in Support of Ukraine: A Legal Analysis

    Ann Väljataga

    Paper Overview

    Hacktivist initiatives in support of Ukraine have been met with both praise and reprimand. As much as they are clever and innovative in taking a bottom-up grassroots approach to countering injustice and violence, they are also legally ambiguous and disposed to more serious consequences than initially planned.  This ad hoc working paper seeks to explain what is at stake from the international law perspective and analyses three specific factors that have a particular effect on the legal evaluation of hacktivist cyber operations in times of armed conflict. First, the position of the hacktivist is looked into, following that the importance of the structure, organization, and state affiliations of the different hacktivist groups is analyzed and last, the paper proceeds to explain the breach of due diligence obligation as a potential avenue for evoking state responsibility.

    Read the original post.

    Paper Introduction

    Reportedly, around 40,000 people from 52 countries have taken President Volodymyr Zelensky up on his offer to ‘join the defense of Ukraine, Europe, and the world,’ and enrolled in the International Legion of Territorial Defence of Ukraine. An additional 300,000 (and counting) have responded to the Tweet from Ukraine’s Minister of Digital Transformation, Mykhailo Fedorov, which called for IT professionals from around the world to join Ukraine’s IT army. There are also independent cyber vigilantes organizing themselves in a more nebulous fashion and thus escaping any association with state agencies. Shortly before the invasion, a Belarusian-based hacktivist group called the Belarusian Cyber Partisans encrypted ‘the bulk of the servers, databases and workstations’ of Belarusian Railway to ‘slow down the transfer’ of Russian troops and succeeded in stopping railway traffic in Minsk, Orsha and Osipovichi. Should Russia not pull back, Anonymous has threatened to take industrial control systems hostage. AgainstTheWest’s (ATW) Russian-oriented prong announced on Twitter that it had breached the systems of the Russian Space Forces, the Ministry of Transport of Russia, and Russia Air. Initiatives of active cyber resistance have been met with both praise and reprimand. As much as they are clever and innovative in taking a bottom-up grassroots approach to countering injustice and violence, they are also legally ambiguous and disposed to more serious consequences than initially planned. Robert M. Lee, CEO of an industrial cyber security company Dragos, who led the investigation of the cyber attacks against Ukrainian power grids in 2015, put it bluntly by saying that, ‘[a]nyone not working on behalf of a government having serious conversations about ‘hacking back’ or launching cyber attacks against Russia please understand – respectfully – you’re an idiot and only going to make matters worse’. Such assessments aside, this paper seeks to explain what is at stake from the international law perspective and analyses three specific factors that have a particular effect on the legal evaluation of hacktivist cyber operations in times of armed conflict.


    Complete Paper: Cyber Vigilantism in Support of Ukraine: A Legal Analysis (PDF) – Mouseover to Scroll

    Cyber-Vigilantism-in-Support-of-Ukraine - CCDCOE

    Read the original paper.

    NATO Cooperative Cyber Defence Center of Excellence – Cyber Defence Library


    Additional Reading

    Source: ComplexDiscovery

     

    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Challenged by Leaky Forms? A Study of Email and Password Exfiltration

    The report "Leaky Forms: A Study of Email and Password Exfiltration...

    Automating Incident Response? Considering Artificial Intelligence in Cyberspace

    According to the recent research report from the CCDCOE on Automated/Autonomous...

    Russian Cyberattack Activity in Ukraine: A Special Report from Microsoft

    According to an April 27, 2022 report from Microsoft's Digital Security...

    Informing Business Decisions? Cybersecurity Market Analysis Framework from ENISA

    The ENISA Cybersecurity Market Analysis Framework is designed to improve market...

    Smarsh to Acquire TeleMessage

    “As in many other service industries, mobile communication is ubiquitous in...

    A Milestone Quarter? DISCO Announces First Quarter 2022 Financial Results

    According to Kiwi Camara, Co-Founder and CEO of DISCO, “This quarter...

    New from Nuix? Macquarie Australia Conference 2022 Presentation and Trading Update

    From a rebalanced leadership team to three concurrent horizons to drive...

    Strong Growth? KLDiscovery Inc. Announces First Quarter 2022 Financial Results

    According to Christopher Weiler, CEO of KLDiscovery Inc, “The first quarter...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for May 2022

    From eDiscovery pricing and buyers to cyberattacks and incident response, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for April 2022

    From cyber attack statistics and frameworks to eDiscovery investments and providers,...

    Five Great Reads on Cyber, Data, and Legal Discovery for March 2022

    From new privacy frameworks and disinformation to business confidence and the...

    Five Great Reads on Cyber, Data, and Legal Discovery for February 2022

    From biometric recognition and artificial intelligence to data embassies and processing...

    Feeding the Frenzy? Summer 2022 eDiscovery Pricing Survey Results

    Initiated in the winter of 2019 and conducted eight times with...

    Surge or Splurge? Eighteen Observations on eDiscovery Business Confidence in the Spring of 2022

    In the spring of 2022, 63.5% of survey respondents felt that...

    Types and Shadows? Issues Impacting eDiscovery Business Performance: A Spring 2022 Overview

    In the spring of 2022, 36.5% of respondents viewed increasing types...

    The Tide is In? eDiscovery Operational Metrics in the Spring of 2022

    In the spring of 2022, 46 eDiscovery Business Confidence Survey participants...