Reducing the Threat of State-to-State Cyber Attack against Critical Infrastructure through International Norms and Agreements

Abstract

The global proliferation of networked computer systems within the public and private sectors presents an increased opportunity for malicious cyber attacks to disrupt the daily functions of governments, national emergency systems, the global economy, and our modern way of life. The potentially pandemic nature of network failures presents opportunities for states to work together to identify key infrastructure sectors of shared interest and formulate international norms and strategies to protect them from cyber attacks and prevent cascading failures within modern society. Nation-states that share information infrastructure critical to modern social functions will have a vested interest in protecting these systems from cyber attacks while mitigating their own inclination to attack these same networks.

This paper outlines the state-to-state cyber threat to critical-system infrastructures and the role international agreements can play in limiting this threat. The paper has been structured as follows. It begins by defining a critical system and discussing the actors who pose threats to these systems and the motivations behind their decisions. This is followed by a detailed description of a hypothetical scenario that depicts the methods by which one state could attack another state’s critical infrastructure, to include the motivations behind the attack. In conclusion, it makes recommendations regarding the development of an international agreement designed to limit this specific type of attack.