STUDIA?UBB.?EUROPAEA,?LXII,?2,?2017,?5-15?
?

?

CYBERSPACE?AND?THE?NEW?WORLD?ORDER??
?

?

Melania-Gabriela?Ciot*?

?

DOI:10.24193/subbeuropaea.2017.2.01
Published Online: 2017-06-30

Published Print: 2017-06-30

?

Abstract?

The?present?article?is?trying?to?bring?into?attention?the?new?concept?of?cyberization?of?

IR,?by?argumenting?the?importance?of?cyberspace?and?the?instruments?that?it?provides?

for? the? scholars? and? practitioners? for? a? new? international? relations? typology.? The?

constructivist?approach?is?used?for?the?notion?of?state?responsibility,?for?underlying?the?

behavior?of?a?state?in?cyberspace.?The?necessity?of?an?international?cyberspace?policy?is?

evidenced,?as?well?as?the?proposed?international?norms?for?assuring?the?cybersecurity.?

The?open?international?cyberspace?will?challenged?national?sovereignty?and?the?state?

leaders?will?have? to? find?ways?of? responding? to? this? continuous?and? sophisticated?

threats?that?appeared?recently.?

Key?words:?cyberspace,?cybersecurity,?digital?world,? international?policy,?
world?order??
?
?
?

1. Introduction??

The? challenge? of? the? process? of? cyberization? of? the? International?
Relations? opens? a? sophisticated? debate? that? ask? for? an? interdisciplinary?
approach.?This?debate?will?invite?scholars?and?practitioners?from?different?
fields?of?activity?to?join?the?exploration?of?the?relation?between?cyberspace?
and?international?relations.??

? PhD,?Associated?Professor,?Department?of?European?Studies?and?Governance,?Faculty?of?
European?Studies,?Babe?-Bolyai?University,?Romania.?Contact:?[email?protected]?

Melania-Gabriela?Ciot??

6

The?idea?of?this?article?and?of?coordinating?this?number?of? journal?
Studia? Europae? under? the? topic? Cybersecurity? and? the? restructuring? of? the?
international?system? came? from? the?observation?of? the? lack?or? insufficient?
contributions?in?discussions?and/or?debates?(not?mentioning?the?research)?
from?scholars?and?experts?from?academic?community?on?the?topic?of?the?
influences? that? cyberspace? exerts? nowadays? on? the? world? order? and? the?
impact?that?it?will?have?on?restructuring?of?the?international?system?or?on?
the? approaches? of? various? subjects? from? the? IR? field,? such? as:? decision-
making,?international?policies,?international?politics,?international?security,?
peacemaking,?conflict,?cooperation,?negotiations,?diplomacy.?

Our?dynamic?society?brought?into?attention?new?challenges?for?our?
daily?life,?as?terrorism,?emotional?implications?of?decision-making?process,?
the? increasing? role? of? behavioral? international? relations,? the? threats? of?
cyber-attacks?and?their?increasing?occurrence.?We?can?say?that?we?are?living?
in? a? cyberworld? and? that? we? need? cyber? mechanisms? to? convert? to? this?
frame?and?tempo?and?to?develop?a?sort?of?resilience?to?new?threats?coming?
from? this? new? sort? of? non-state? actor? from? international? cyberspace? that?
changes?the?perceptions?of?reality,?our?attitudes,?and?knowledge?processes.??

The?present?article?will?present?the?implications?of?the?cyber?dimension?
in?the?restructuring?of?the?international?system,?the?research?opportunities?
for?the?scholars?from?academic?community?and?some?possible?developments?
of?the?international?relations??topology.?

?
2. The?cyberization?of?IR?

? Pablo?A.?Mazurier1?(2015)?proposes?a?division?of?the?social?world?in?
four?areas:?

a. international?arena???with?state?actors?searching?for?power.?
b. transnational?dimension?-?developed?after?the?last?wave?of?globalization,?

based?on?multinational?corporations? (MNCs)?searching? for? economic?
benefits.?

c. global?community???facilitated?by?the?work?of?international?organizations,?
NGOs?and?social?networks.?

d. cyberspace?-?all?the?actors?from?the?other?fields?behave?searching?for?
cyberpower.?

1 Pablo?A.?Mazurier,?Facebook?in?Cyber?Politics,?2015,?
[http://www.cyberpolitics.eu/cyberpolitics_art_04_facebook.html],?4?June?2017?

Cyberspace?and?the?New?World?Order?

7

The?author?believes?that?cyberpowers?are?managed?by?cyber-actors?
depending?on?the?knowledge?and?on?the?control?of?the?infrastructure?and?
of? networks.? Cyberspace? is? connected? with? the? other? three? areas.? The?
?cyber-actors?exercises?cyberpower?in?order?to?secure?their?own?interests,?
not?exclusively?related?with?the?cyberspace?2.?

?
?
?
?
?
?
?
?
?

?
Fig.?no.?1:?The?dimension?of?social?world?(after?Mazurier,?2015,?
http://www.cyberpolitics.eu/cyberpolitics_art_04_facebook.html)?
?
?
As? we? can? see? from? above? figure,? the? cyberspace? represents? one?

dimension? of? social? world,? characterized? by? multiplayers? which? exerts?
cybpowers?by?knowledge,?infrastructure?and?networks3.?

Bruner4?(2014)?refers?to?the?cyberspace?as?an? international,?special?
environment,?in?which?is?hard?to?attribute?some?actions?to?a?specific?actors???and?
this? brings? novelty? to? the? world? order,? because? we? cannot? establish? the?
responsibility.?In?his?article,?the?author?presents?different?models?of?state?
responsibility?and?applies?it?to?the?cyberspace?dimension,?focusing?on?the?
behavior?of?a?state?in?cyberspace.?

By?using?a?constructivist?perspective?for?approaching?the?notion?of?state?
responsibility?as?basis?for?prospecting? it? in?cyberspace,?Bruner5? identifies?
two?models:?vertical???communitarian?model?and?horizontal???bilateral?model:?

2 Ibidem
3 Ibidem
4 Tomᚠ Bruner,? 2014,?States? in? cyber-space:? perspectives? of? responsibility? beyond? attribution,?
[https://ecpr.eu/…/f1874dac-6e16-4d9c-b936-723754fcc869….],?23?June?2017
5 Ibidem, p.?3

Cyberspace?
dimension?

?
Multiplayer?
Cyberpower??

International?
dimension?

?
States?
Power??

Transnational?
dimension?

?
MNCs?
$$?

Global?dimension?
Global?civil?society,?

NGOs,?Global?
institutions,?
Individuals?
Social?Values?

Melania-Gabriela?Ciot??

8

?
?
?
?
?
?
?
?
?
?
?
?
?

Fig.?no.?2:?Models?of?state?responsibility?(after?Bruner,?2015,?p.?4).?
?
The? vertical? model? states? that? the? state? responsibility? toward? the?

international? community? and? to? its? citizens? and? demands? that? the? state?
responsibility?should?express?the? interest?of?people,?rather?that?the?states?
and?serves?to? their?protection6.?The?horizontal?model?underlines?that?the?
state?s? responsibility? is? understood? in? terms? of? bilateral? relationships? of?
states7.??

The? constructivist? approach? could? be? used? by? connecting? these?
models? with? the? constructed? levels? of? anarchy? proposed? by? Alexander?
Wendt8,? as? Bruner? proposed9.? He? mentioned? the? three? cultures? of? this?
anarchy? introduced? by? Wendt:? Hobbesian? (deep? enmity? of? states,?
continuous? war),? Lockean? (rivalry? of? states,? war? as? acceptable? optional?
behavior)?and?Kantian?(friendship?of?states,?war?is?prohibited)10.?According?
to? him,? the? vertical? (?communitarian?? model)? is? specific? to? the? Kantian?
anarchy?and?the?horizontal?(?bilateral??model)?could?be?correlated?with?the?
Lockean?anarchy.?

6 Ibidem,?p.?4
7 Ibidem,?p.?5
8 Alexander?Wendt,?Social?Theory?of?International?Politics,?Cambridge:?Cambridge?University?
Press,?1999,?p.?246-311
9 TomᚠBruner,?op.cit.,?p.?6
10 Ibidem

Vertical?(?communitarian??model)?

?
International?community

?
?
?

State?A?

?
?

?People?:?Residents?on?state?s?territory?

Horizontal?(?bilateral??model)?

?

?
?
State?A ?State?B

Cyberspace?and?the?New?World?Order?

9

The?cyberspace?could?be?connected?with?the?second?Lockean?culture?
of?anarchy?of?Alexander?Wendt11.?But?this?construction?is?a?process,?not?an?
outcome,? without? a? guarantee? that? the? state? responsibility? in? cyberspace?
may? forever? work12.? The? limitations? of? this? model? is? that? it? relies? on?
territorialization?and?monopoly?of?state?on?coercive?use?of?force,?and?in?case?
on?cyberspace?cannot?be?applied.??

But? when? we? are? speaking? about? the? cyberspace,? we? haven?t?
established?the?reference?points.?One?could?be?the?violation?of?international?
law?norms,?namely?cyber-attacks.?Without?going?on?the?legislative?arguments,?
we?could? just?mention?the?ten?categories?of?state?responsibility?for?cyber-
attacks,?relevant?for?policy-making?13:?

-?state?prohibited?cyber-attacks;?
-?state?prohibited?but?inadequate;?
-?state?ignored;?
-?state?encouraged;?
-?state?shaped;?
-?state?coordinated;?
-?state?ordered;?
-?state?rogue?conducted;?
-?state?executed;?
-?state?integrated.?

In?cyberspace,? the?great?powers?will?have?no? other?choice?but? to?
cooperate?and?create?rules,?norms,?and?standards?of?new?behavior?and?a?
new?international?order14.?The?international?order?in?cyberspace?implies?the?
structural?change,?and?a?permanent?negotiation?of?power?and?competition.?
The?multipolarity?structure?of?international?system?is?the?result?of?power?
distribution?and?power?is?important?in?international?politics.?And?international?
politics?are?anarchic.?Rules?are?important?for?international?life,?representing?
represent?the?fundamental?normative?principle?of?international?politics15.??

11 Ibidem,?p.?11
12 Ibidem
13 Ibidem,?p.?8
14 James?Wood?Forsyth?Jr.,?Maj?Billy?E.?Pope,??Structural?Causes?and?Cyber?Effects?Why?
International?Order?is?Inevitable?in?Cyberspace?,?in?Strategic?Studies?Quarterly,?Winter?2014,?
p.?113???
15 Ibidem,?p.?116

Melania-Gabriela?Ciot??

10

The?global?players?have? to?cooperate? to?create?rules? to?shape? the?
international?order,?but?it?is?difficult?to?do?so?in?cyberspace.?Why?is?that?so?
difficult??Because?it?concerns?sovereignty,?freedom?of?speech,?and?democracy?
and?it?is?almost?impossible?to?govern?cyberspace.?No?state?alone?could?do?
all,?only?by?cooperation.?A?good?example?are?the?USA?which?proposed?an?
International?Strategy?for?Cyberspace.?

In?May,?2011,?former?President?Obama?has?launched?the?International?
Strategy?for?Cyberspace,?with?three?important?keywords:?prosperity,?security?
and?openness?in?a?networked?world16.?That?was?the?signaled?for?international?
actors?that?a?new?dimension?of?international?system?was?framed?and?that?a?new?
international?policy?-?cyberspace?policy???will?designed?the?global?governance.?

The?prosperity?is?visible?by?using?the?means?of?new?technologies,?which?
brought?advantages?in?different?spheres?of?daily?lives,?as:??

– e-business,?which?supports?jobs?creations?and?economic?development?
opportunities?for?companies;?

– learning?(with?videoconferences?facilities)?and?field-changing?research;?
– e-administration,?by?empowering?people?by?using?of?new?technologies,?

and?by?making?public?administrations?more?open,?transparent?and?
responsive.?
The?international?security?is?challenged?for?a?few?years?to?re-design?its?

priorities,?strategies,?mechanisms?and?means?(technological,?laws,?diplomacy)?
in?order?to?response?to?this?new?forms?of?crime?and?aggression?-?cyberattacks,?
in?order? to?protect?our? innovations,? that? intend? improve? lives?and?drive?
markets.?Cybersecurity?is?a?new?field?of?international?security,?without?which?
we?cannot?conceive?any? initiative?of?security?policy?and? international?or?
national?level.?

Nevertheless,? the? digital? world? is? not? a? privileged? space,? but? a?
dimension?of? international?environment?with?specific? laws,?conduct?for?state?
and?non-state?actors,?for?individuals?and?public?or?private?entities,?as?well?as?one?
of? the? best? examples? for? an? interconnected? community,? where? public?
administrations,?academia,?private?sector?and?other?non-state?actors?work?
together?for?a?common?goal.17?

16 International?Strategy?for?Cyberspace.?Prosperity,?Security?and?Openness?in?a?networked?world,?2011,?
[https://obamawhitehouse.archives.gov/sites/default/files/rss_viewer/international_strategy_for_

cyber],?1?June?2017?
17 Ibidem.

Cyberspace?and?the?New?World?Order?

11

The?proposed?international?cyberspace?policy?is?based?on?three?principles:?
fundamental?freedoms,?privacy,?and?the?free?flow?of?information18.?Besides?
the?freedom?of?expression?and?association,?is?relevant?for?this?policy,?for?the?
first?principle?to?mention?ability??to?seek,?receive?and?impart?information?
and? ideas?through?any?medium?and?regardless?of?frontiers?19.?It? is?about?
the?freedom?of?speech?in?cyberspace,?but?taking?into?account?the?laws?that?
the?use?of?Internet?implies?(referring?here?also?to?the?inciting?to?the?acts?of?
violence?and?terrorism,?etc).?The?protection?of?citizens?and?of?our?interests?
comes?with?the?commitment?to?the?privacy,?in?terms?of?using?the?personal?data.?
Regarding?the?free?flow?of?information,?cybersecurity?should?be?the?instrument?
that?assure?the?adaptability,?without?affecting?the?network?performance.?

The?information?and?communications?technologies?brought?benefits?
for?states?and?their?citizens,?but?they?are?also?used?by?a?variety?of?actors?with?
differing?motivations?and?means.?That?is?why?the?cybersecurity?community?
has?consistently?warned?about?the?increasing?number?of?cyber?-attacks.?So,?
the?cyberspace?is?operationalized?by?nation?states?as?a?domain?for?conflict,?
and?permanent?threats20.??

The?Internet?dependence?and?the?increasing?interdependence?within?
the?online?environment?will?become?a?fact?of?life?and?will?continue?to?challenge?
our ability? to? manage? the? consequences? of? cyber-attacks,? at? national? and?
international?levels.21?A?strong?supports?for?the?development?of?cybersecurity?
norms? should? be? seen? from? actors? from? state? and? private? entities.? The?
cybersecurity?norms?will?have?to? increase?the?security?of?cyberspace?and?
also?the?preservation?of?a?globally?connected?society.??

The?above?mentioned?authors?believe?that?these?norms?should?take?
into?account?acceptable?and?unacceptable?state?behaviors,?fostering?greater?
predictability,?and?limiting?the?potential?for?the?most?problematic?impacts.?
They?conceptualize?two?types?of?norms:??

– norms?for?improving?defenses,?which?reduce?the?risk?by?providing?a?
foundation? for? national? cybersecurity? capacity? and? for? domestic,?
regional,? and? international? organizational? structures? and? approaches?
that?increase?understanding?between?states;??

18 Ibidem,?p.?5
19 Ibidem
20?Angela?McKay,?Jan?Neutze,?Paul?Nicholas,?Kevin?Sullivan?(eds.),?International?Cybersecurity?
Norms,?Reducing?conflicts?in?an?Internet-depending?world,?2015,?Microsoft,?p.?2?
21?Ibidem?

Melania-Gabriela?Ciot??

12

– norms?for?limiting?conflict?or?offensive?operations,?which?will?serve?to?
reduce?conflict,?avoid?escalations,?and?limit?the?potential?for?catastrophic?
impacts?in,?through,?or?even?to?cyberspace22.?

They?proposed?six?cybersecurity?norms?to?limit?conflicts:?

– states? should? not? target? ICT? companies? to? insert? vulnerabilities?
(backdoors)?or?take?actions?that?would?otherwise?undermine?public?
trust?in?products?and?services.?

– states?should?have?a?clear?principle-based?policy?for?handling?product?
and?service?vulnerabilities?that?reflects?a?strong?mandate?to?report?
them?to?vendors?rather?than?to?stockpile,?buy,?sell,?or?exploit?them.?

– states? should? exercise? restraint? in?developing? cyber? weapons? and?
should?ensure? that?any?which?are?developed?are? limited,?precise,?
and?not?reusable.?

– states?should?commit?to?nonproliferation?activities?related?to?cyber?
weapons.?

– states?should?limit?their?engagement?in?cyber?offensive?operations?to?
avoid?creating?a?mass?event.?

– states?should?assist?private?sector?efforts?to?detect,?contain,?respond?
to,?and?recover?from?events?in?cyberspace23.?

In?order?to?be?effective,?these?norms?should?meet?four?key?criteria:?

– they?must?be?practicable.??
– they?also?need?to?reduce?risks?of?complex?cyber?events?and?disruptions?

that?could?lead?to?conflict.??
– they?need?to?drive?behavioral?change?that?is?observable?and?that?makes?a?

demonstrable? difference? in? the? security? of? cyberspace? for? states,?
enterprises,?civil?society,?and?individual?stakeholders?and?users.??

– effective?norms?should?leverage?existing?risk-management?concepts?
to?help?mitigate?against?escalation,?and,?if?escalation?is?unavoidable,?
they? should? provide? useful? insight? into? the? potential? actions? of?
involved?parties24.?

22 Ibidem
23 Ibidem,?p.?11-13
24 Ibidem,?p.?11

Cyberspace?and?the?New?World?Order?

13

The? cybersecurity? norms? are? needed? by? different? actors? from?
international?arena,?such?as?states,?the?private?sector,?and?citizens.?Without?
them,? there? is?a?genuine?risk? that? threats? in?cyberspace?could?grow?and?
undermine?economic?growth?and?technical?innovation25.?

We?are?living?in?a?world?of?cybered?conflicts?and?we?will?need?cyber?
mechanisms? to? limit? the? negative? actions? of? different? actors.? The? open?
international?cyberspace?will?challenged?national?sovereignty?and?the?state?
leaders? will? have? to? find? ways? of? responding? to? this? continuous? and?
sophisticated?threats.?

There?is?an?evolution?of?conflicts?and?competitive?relations?among?states?
in?a?changing?international?system.?That?is?why?policymakers,?representative?of?
military,?academic?and?business?communities?have? to?react? to? the?global?
spread?of?a?cyberspace?and?its?changes?to?the?international?environment26.?
The? Policymakers? in? have? issued? or? are? writing? national? cyber? security?
policies?and?laws.?The?scholars?of?international?relations?seem?to?be?bound?
to?their?theories.?But?they?will?have?to?capture?the?emerging?world?and?to?
explain?major?events?such?as?the?unprecedented?rise?of?China?in?a?single?
decade?given?the?enormous?scale?of?its?poverty27.?

The?international?system?is?now?shaped?by?international?state?and?
non-state?actors?and?the?new?world?order?has?assume?the??systemic?effects?
of?the?depth?and?rapidity?of?the?global?and?largely?unmonitored?spread?of?
the?cyberspace?28,?which?will?modernize?the?nations.?This?could?be?a?call?for?
more?research?among?scholars?in?this?field?of?study.?Cyberizing?the?thinking?
of? international?relations?scholars?requires??published?works? that?challenge?
them? to? think? beyond? state?state? conflicts? of? the? past,? beyond? game? or?
power?theories?that?rest?largely?on?isolating?events?from?the?new?reality?of?a?
host?of?interrelated?and?ever?more?deeply?integrated?substate?systems?29.?

?

25 Ibidem,?p.?19
26 Jan-Federick?Kremer, Bendict?M?ller,??Preface?,?in?J.-F.?Kremer, B.?M?ller?(eds.)?Cyberspace?and?
International?Relations.?Theories,?Prospects?and?Challenges,?Berlin?Heidelberg:?Springer-?Verlag,?
2014,?p.?vi
27 Ibidem
28 Ibidem
29 Ibidem

Melania-Gabriela?Ciot??

14

Now? it? is? the? moment? to? pay? attention? to? the? cyberization? of? IR,?
which?refers?to??the?ongoing?penetration?of?all?different?fields?of?activity?of?
international?relations?by?different?mediums?of?the?cyberspace?on?the?one?
hand,? and? the? growing? dependence? of? actors? in? IR? on? infrastructure,?
instruments,?and?means?offered?by?the?cyberspace?on?the?other?hand30?.?

The?new?world?order?is?now?created!?
?
?

3. Conclusion?
?

The?cyberspace?represent?a?challenge,?which?not?new?in?international?
politics.?The?international?system?is?a?continuing?reconfiguration?of?a?world?
order.?

We?can?build?now?a?future?in?which?universities?and?companies?are?
free? to? research? and? develop? new? concepts? and? products? because? they?
know?their?intellectual?property?and?valuable?data?are?safe?and?shared?by?
networks.?Also,?individuals?are?aware?and?know?the?threats?to?their?personal?
computers,?and?they?can?take?easy-to-use?measures?to?protect?their?systems.?
Private?companies?can?take?a?responsibility?for?their?network?hygiene,?and?
protect?their?investments.?

The? technological? means? of? cybersecurity? can? detect? threats? early?
and?share?data in?real-time?to?mitigate?the?spread?of?malware?or?minimize?
the?impact?of?a?major?disruption.?The?laws?that?we?created,?limit?the?actions?
of?cyberterrorists?and?try?to?create?a?protected?space.?

We? have? to? create? and? develop? instruments? that? will? assure? the?
international?security?and?a?more?sustainable?peace.?The?state?actors?will?act?as?
responsible?parties?in?cyberspace?and?collaborate?at?bilateral,?multilateral,?and?
international?level?to?negotiate?and?bring?consensus?in?seeking?to?preserve?
the?Internet,?our?innovations?and?the?continuing?configuration?of?the?world?
order.?

?

30 Ibidem,?p.xi?

Cyberspace?and?the?New?World?Order?

15

?
Bibliography?

?

Bruner,?Tomᚠ(2014),?States?in?cyber-space:?perspectives?of?responsibility?beyond?
attribution,??
[https://ecpr.eu/…/f1874dac-6e16-4d9c-b936-723754fcc869….],??
23?June?2017.?

Forsyth?Jr.,?James?Wood;?Pope,?Maj?Billy?E.?(2014),??Structural?Causes?and?
Cyber?Effects?Why?International?Order?is?Inevitable?in?Cyberspace?,?
in?Strategic?Studies?Quarterly,?Winter?2014,?113???130.???

Kremer,? Jan-Federick;? M?ller,? Bendict? (eds.)? ? (2014),? Cyberspace? and?
International?Relations.?Theories,?Prospects?and?Challenges,?Berlin?
Heidelberg:?Springer-?Verlag,?2014.?

International?Strategy?for?Cyberspace.?Prosperity,?Security?and?Openness?in?
a?networked?world,?(2011),??

? [https://obamawhitehouse.archives.gov/sites/default/files/rss_viewer/?
international_strategy_for_cyber],?1?June?2017.?

Mazurier,?Pablo?A.,?(2015),?Facebook?in?Cyber?Politics,?2015,??
? [http://www.cyberpolitics.eu/cyberpolitics_art_04_facebook.html],??

4?June?2017.?
McKay,?Angela;?Neutze,?Jan;?Nicholas,?Paul;?Sullivan,?Kevin?(eds.),?(2015)?

International? Cybersecurity? Norms,? Reducing? conflicts? in? an? Internet-

depending?world,?Microsoft.?
Wendt,?Alexander?(1999),?Social?Theory?of?International?Politics,?Cambridge:?

Cambridge?University?Press.?
?

?
?
?
?
?
?
?
?
?
?

Reproduced with permission of copyright owner. Further reproduction
prohibited without permission.

11
Vytautas Butrimas*
The Ministry of National Defense of the Republic of Lithuania**

National Security and International Policy
Challenges in a Post Stuxnet World

The international community has focused too much on addressing cybercrime and cyber hacktivist
questions. The list of usual suspects responsible for cyber incidents associated with attacks involving
the theft of intellectual property, sensitive private data, money and disruption of web services
unfortunately has grown beyond the attention seeking student hacker, cybercriminal or social
hacktivist. The public appearance of the Stuxnet family of malware designed to destroy specifically
targeted critical infrastructure components in June of 2010 gave perhaps the first indication that
States have entered cyberspace as one of the perpetrators of malicious cyber activity. The problem
of States actively preparing and executing cyber-attacks against the critical infrastructures of other
States has been largely ignored by the international community. These attacks raise national security
issues concerning threats to the economic and social well-being of States. However the pervasive
presence of cyber space as the common environment where all modern industrial processes take place
and the interrelations developed among the critical infrastructure of other States raise cross-border
security issues as well. The international community must act in order to insure that the use of this
new weapon by States will not get out of hand and be the cause of new and more serious international
conflicts. Three solutions and a possible model are proposed to manage this disruptive activity of
States in cyberspace at the international level.

Introduction

Closely interwoven within the domains where human action take place
is the invisible yet pervasive domain of electromagnetic activity supported
by information and communications technologies called cyber-space. In this
environment systems and processes comprising the modern systems of finance,
energy, transportation, and telecommunications have developed based upon
the capabilities of these new dynamic technologies. These systems have grown
into complex and interrelated infrastructures and processes that are critical to
the functioning of modern societies and economies.
* Vytautas Butrimas is a Chief Advisor for Cyber Security of the Ministry of National Defence of the
Republic of Lithuania. Address for correspondence: Totoriu 25/3, LT-01121 Vilnius, Lithuania,
tel. +370-5-2735775, e-mail: [email?protected]
** Evaluations and ideas presented in this article exclusively belong to the author and can never be consid-
ered an official position of the Ministry of National Defense of the Republic of Lithuania or its depart-
ments.

L I T H U A N I A N A N N U A L S T R A T E G I C R E V I E W
2013-2014, Volume 12

DOI: 10.2478/lasr-2014-0001
? Vytautas Butrimas, 2014
? Military Academy of Lithuania, 2014

Together with these new capabilities there are also new vulnerabilities.
Hostile actors with knowledge of these vulnerabilities can execute cyber-
attacks that can not only disrupt a critical service or industrial process but even
result in loss of life. To the extent that cyber-attacks disrupt the processes and
services of these critical infrastructures is the extent to which they are national
and international security issues. A cyber-attack on the telecommunications
information infrastructure used by the financial system could impose severe
stress on society and cause a serious crisis for any government. Imagine that
for a week people were denied the use of their credit cards or the ability to
make other electronic transactions. How long could we live from our wallets
if supermarkets and gas stations suddenly took payment in cash only (as
happened in Cyprus when its Government ordered bank closures in the spring
of 2013)?1 Think about what would happen if power station, gas pipeline and/
or railroad control center operators suddenly lost their view of and ability to
control a critical process? Such events have happened and have caused loss of
life.

In the last ten years the main sources of malicious cyber activities
and threats in cyberspace have been cyber criminals and computer hacker-
hacktivists. For the most part dealing with these malicious cyberspace actors
has been left to law enforcement. Recent high profile arrests of these individuals
and small criminal groups have been made thanks to coordinated domestic
and international law enforcement efforts.2 The international community for
the most part tends to understand cyber security in terms of cybercrime or
?cyber terrorism?. One good example is the Council of Europe?s Cybercrime or
?Budapest? Convention3. Another example is the recently published Guide on
protecting critical energy infrastructure from terrorist threats emanating from
cyberspace.4 The OSCE recognized that the ?disruption or destruction of this
infrastructure [by terrorists] would have serious impact on the security, safety,
economic well-being and health of individuals and the world as a whole.?5
However, the question remains of whether terrorists are the only threat actors

1 Steininger M., ?What?s behind the bailout crisis in Cyprus??, Christian Science Monitor, http://www.
csmonitor.com/World/Europe/2013/0329/What-s-behind-the-bailout-crisis-in-Cyprus , 29 03 2013
2 Gilbert D., ?Dutch Suspect Sven Olaf Kamphuis Arrested for Biggest Cyber Attack in Internet History?,
International Business Times, http://www.ibtimes.co.uk/articles/461848/20130426/spamhaus-suspect-
arrests-spain-kamphuis.htm, 26 04 2013.
3 Council of Europe, Convention on Cybercrime, 23 11 2001, http://conventions.coe.int/Treaty/en/Treaties/
Html/185.htm,
4 Organisation for Security and Cooperation in Europe, Good Practices Guide on Non-Nuclear Critical
Energy Infrastructure Protection (NNCEIP) from Terrorist Attacks Focusing on Threats Emanating from
Cyberspace, 2013, http://www.osce.org/atu/103500.
5 Ibidem, p. 7.

12

13
that can use cyber weapons of mass destruction (WMD) to disrupt or destroy
critical infrastructure. There is little evidence that ?al-Qaeda? style terrorists
are sitting down and planning a cyber-attack from a computer. They lack (so
far) the skill sets, interest and capability to prepare and deploy complex cyber-
weapons on their own. There is a third but less appreciated source of cyber
threat to critical infrastructure.

In the past ten years the malicious cyber activities of states in cyberspace
has become an issue that needs to be placed on the international security
policy agenda. Cyber-attacks have evolved beyond the patriotic or politically
motivated cyber riots that resulted in the temporary and non-destructive
(in terms of data lost or damaged IT equipment) denial of services attacks
on Estonian Government, banking and news portals in 2007. They have
progressed since then to the use of cyber weapons that can destroy critical
infrastructure. Examples include cyber-attacks directed at Iranian nuclear
facilities starting in 2009, Saudi Arabia?s oil industry in 2012, and against
United States financial institutions in late 2012 and early 2013.

Reaction to these attacks by victim states in the absence of international
action has led to the start of a cyber-arms race and even bellicose threats
of retaliatory action.6 International institutions tasked with promoting
peace and international order have not arrived at a consensus on what to
do. The problem will not go away because cyber-attacks directed at critical
infrastructure are likely to have significant cross-border effects that could
destabilize the international order. The difficulties in identifying the attacker
and the relatively low cost in executing successful deniable attacks are now
appreciated by nations. What new challenges does this malicious activity of
states in cyberspace pose for international security policy making? What does
the international community risk in not acting to address this problem? What
can be done to manage this problem and reduce the potential for a cyber-
attack escalating into a larger conflict? This