The Copenhagen School’s widening security theory in relation to cybersecurity. Applicability and Implications

Olteanu, Mihai

doi:10.35467/sdq/193049

Powiadomienia systemowe

Sesja wygasła!

Artykuł - szczegóły

Tytuł artykułu

The Copenhagen School’s widening security theory in relation to cybersecurity. Applicability and Implications

Autorzy

Olteanu Mihai

Treść / Zawartość

Pełne teksty:

Pobierz

Identyfikatory

DOI

10.35467/sdq/193049

Warianty tytułu

Języki publikacji

Abstrakty

This paper critically examines the relationship between cybersecurity and Copenhagen School’s widening security theory, with the aim of assessing the possibility of applying this theoretical framework to the cyber realm. As cybersecurity is a relatively recent addition to the security discourse, this research explores whether the Copenhagen School’s traditional framework, which was primarily focused on securitisation processes in the five main sectors (military, political, economic, environmental, and societal), adequately encompasses the unique aspects and dynamics of cyber domain. The research question is: Why the cybersecurity field can’t become a separate constructivist sector? The study begins with a detailed overview of both cybersecurity landscape and Copenhagen School’s fundamental principles to provide the context for a comparative analysis of the Copenhagen theory and contemporary cybersecurity literature. In doing so, the research delves into the features of cybersecurity, with a focus on the evolving nature of cyber threats and vulnerabilities. By performing a qualitative analysis of the existing literature, the paper assesses the limitations of integrating these two concepts, ultimately concluding that cybersecurity lacks the distinct characteristics required to be considered a separate sector under the Copenhagen School’s framework. The findings contribute to the ongoing discussions regarding the adaptation of traditional security theories to address contemporary security challenges in the digital age.

Słowa kluczowe

security studies Copenhagen school digital age technological advancement cyber threats

Wydawca

Akademia Sztuki Wojennej

Czasopismo

Security and Defence Quarterly

Rocznik

2024

Tom

Vol. 48, No. 4

Strony

40--58

Opis fizyczny

Bibliogr. 67 poz.

Twórcy

autor

Olteanu Mihai

mihaiolteanu48@yahoo.com

Intelligence and National Security, National Defence University “Carol I”, Șoseaua Panduri 68-72, 050662 Bucarest, Romania

https://orcid.org/0009-0008-8263-0925

Bibliografia

1. Albahar, M. (2019) ‘Cyber attacks and terrorism: A twenty-first century conundrum’, Science and Engineering Ethics, 25(25), pp. 993–1006. doi: 10.1007/s11948-016-9864-0.
2. Antoniuk, D. (2023) Suspected Hamas-linked hackers target Israel with new version of SysJoker malware. Available at: https://therecord.media/updated-sysjoker-backdoor-malware-targets-israel (Accessed: 2 December 2023).
3. AP News. (2023) China calls hacking report ‘far-fetched’ and accuses the US of targeting the cybersecurity industry. Available at: https://apnews.com/article/china-us-hacking-report-cyberattack-c08a9f52926c8524 cf86131324c69fe6 (Accessed: 3 December 2023).
4. Aydindag, D. (2021) ‘Copenhagen school and securitization of cyberspace in Turkey’, La Revista Psicología Educativa, 9(1), pp. 1–19. doi: 10.20511/pyr2021.v9nSPE1.850.
5. Azure Network Security Team. (2023) KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks. Available at: https://www.microsoft.com/en-us/security/blog/2023/03/17/killnet-and-affiliatehacktivist-groups-targeting-healthcare-with-ddos-attacks/ (Accessed: 13 January 2024).
6. Breda, F., Barbosa, H. and Morais, T. (2017) ‘Social engineering and cyber security’, in INTED 2017 proceedings, Valencia, Spain pp. 4204–4211. doi: 10.21125/inted.2017.1008.
7. Burton, J. and Lain, C. (2020) ‘Desecuritising cybersecurity: Towards a societal approach’, Journal of Cyber Policy, 5, pp. 449–470. doi: 10.1080/23738871.2020.1856903.
8. Buzan, B. (2019) ‘Technology: From the background to opportunity (interview)’, in Kaltofen, C., Carr, M. and Acuto, M. (eds.) Technologies of international relations continuity and change. Cham: Palgrave Pivot, pp. 115–122. Buzan, B., Wæver, O. and Wilde, J.D. (1998) Security: A new framework for analysis. Colorado: Lynne Rienner Publishers, pp. 168–170.
9. Cavelty, M.D. (2020) ‘Cybersecurity between hypersecuritization and technological routine’, in Tikk, E. and Kerttunen, M. (eds.) Routledge handbook of international cybersecurity. London: Routledge, pp. 11–22. doi: 10.4324/9781351038904-3.
10. Cavelty, M.D. and Egloff, F.J. (2021) ‘Hyper-securitization, everyday security practice and technification: Cyber-security logics in Switzerland’, Swiss Political Science Review, 21(1), pp. 139–149. doi: 10.1111/spsr.12433.
11. Creemers, R. (2017) ‘Cyber China: Upgrading propaganda, public opinion work and social management for the twenty-first century’, Journal of Contemporary China, 26(103), pp. 85–100.
12. Crowdstrike (2022) Hacktivism: Types and examples. Available at: https://www.crowdstrike.com/cybersecurity101/hacktivism/ (Accessed: 13 January 2024).
13. Csernatoni, R. and Mavrona, K. (2022, September) ‘The artificial intelligence and cybersecurity nexus: Taking stock of the European Union’s approach’, EU Cyber Direct. Available at: https://carnegieendowment. org/research/2022/09/the-artificial-intelligence-and-cybersecurity-nexus-taking-stock-of-the-european-unionsapproach?lang=en&center=europe (Accessed: 3 October 2024).
14. Cybersecurity and Infrastructure Security Agency (CISA) (2021) What is Cybersecurity? Available at: https:// www.cisa.gov/news-events/news/what-cybersecurity (Accessed: 30 November 2023).
15. Czosseck, C., Ottis, R. and Talihärm, A.-M. (2011) ‘Estonia after the 2007 cyber attacks: Legal, strategic and organisational changes in cyber security’, International Journal of Cyber Warfare and Terrorism, 1(1), pp. 24–34. doi: 10.4018/ijcwt.2011010103.
16. Dolinec, V. (2011) ‘The role of mass media in the securitization process of international terrorism’, Politické Vedy, 13(2), pp. 8–32.
17. Eclectic IQ Threat Research Team (2022) Killnet effectively amplifies Russian narratives but has limited DDoS capabilities. Available at: https://blog.eclecticiq.com/killnet-effectively-amplifies-russian-narratives-but-haslimited-ddos-capabilities (Accessed: 2 December 2023).
18. European Parliament (2023) EU–China trade relations. Available at: https://www.europarl.europa.eu/RegData/ etudes/ATAG/2023/753952/EPRS_ATA(2023)753952_EN.pdf (Accessed: 3 December 2023).
19. European Union Agency for Cybersecurity (ENISA), CERT-EU (2023) JP-23-01—Sustained activity by specific threat actors. Available at: https://cert.europa.eu/static/files/TLP-CLEAR-JointPublication-23-01.pdf (Accessed: 3 December 2023).
20. Fadziso, T., Thaduri, U.R., Dekkati, S. and Ballamudi, V.K.R. (2023) ‘Evolution of the cyber security threat: An overview of the scale of cyber threat’, Digitalisation and Sustainability Review, 3(1), pp. 1–12.
21. Federal Bureau of Investigation (FBI) (n.d.) Famous cases & criminals. Available at: https://www.fbi.gov/ history/famous-cases/morris-worm (Accessed: 30 November 2023).
22. Flashpoint Intel Team (2022) Conti ransomware: Inside one of the world’s most aggressive ransomware groups. Available at: https://flashpoint.io/blog/history-of-conti-ransomware/ (Accessed: 13 January 2024).
23. Fouad, N. (2019) The peculiarities of securitising cyberspace: A multi-actor analysis of the construction of cyber threats in the US (2003–2016). Coimbra: Academic Conferences and Publishing International.
24. Fraser, J. (2021) Response when minutes matter: When good tools are used for (r)evil. Available at: https://www. crowdstrike.com/blog/how-falcon-complete-thwarted-a-revil-ransomware-attack/ (Accessed: 13 January 2024).
25. Ghafur, S., Kristensen, S., Honeyford, K., Martin, G., Darzi, A. and Aylin, P. (2019) ‘A retrospective impact analysis of the WannaCry cyberattack on the NHS’, Digital Medicine, 98, pp. 98–105. doi: 10.1038/ s41746-019-0161-6.
26. Górka, M. (2023) ‘Conceptualising securitisation in the field of cyber security policy’, Journal of Modern Science, 53(4), 263–290. doi: 10.13166/jms/176103.
27. Han, E. (2013) ‘The securitisation of nuclear energy post-September 11 and its impact on ASEAN’s nuclear aspirations’, Communication Politics & Culture, 46(1), pp. 22–38.
28. Hansen, L. and Nissenbaum, H. (2009) ‘Digital disaster, cyber security, and the Copenhagen School’, International Studies Quarterly, 53(4), pp. 1155–1175. doi: 10.1111/j.1468-2478.2009.00572.x. Helbling, M. and Meierrieks, D. (2022) ‘Terrorism and migration: An overview’, British Journal of Political Science, 52(2), pp. 977–996. doi: 10.1017/S0007123420000587.
29. Henley, J. (2021) Denmark helped US spy on Angela Merkel and European allies—Report. Available at: https:// www.theguardian.com/world/2021/may/31/denmark-helped-us-spy-on-angela-merkel-and-european-alliesreport (Accessed: 6 December 2023).
30. Herzog, S. (2011, Summer) ‘Revisiting the Estonian cyber attacks: Digital threats and multinational responses’, Journal of Strategic Security, 4(2), pp. 49–60. doi: 10.5038/1944-0472.4.2.3.
31. Hultquist, J. (2016) Sandworm team and the Ukrainian power authority attacks. Available at: https://www. mandiant.com/resources/blog/ukraine-and-sandworm-team (Accessed: 13 January 2024).
32. Jajoo, A. (2021) A study on the Morris Worm. arXiv preprint arXiv:2112.07647. doi: 10.48550/ arXiv.2112.07647.
33. Jantunen, S. and Huhtinen, A.-M. (2011) ‘American perspectives on cyber and security’, Journal of Information Warfare, 10(3), pp. 1–15.
34. Jenkins, L., Atkins, J. and Black, D. (2023) Backchannel diplomacy: APT29’s rapidly evolving diplomatic phishing operations. Available at: https://www.mandiant.com/resources/blog/apt29-evolving-diplomatic-phishing (Accessed: 24 January 2024).
35. Kamiya, S., Kang, J.-K., Kim, J., Andreas, M., and Stulz René M. (2021) ‘Risk management, firm reputation, and the impact of successful cyberattacks on target firms’, Journal of Financial Economics, 139(3), pp. 719–741. doi: 10.2139/ssrn.3135514.
36. Karyotis, G. (2007) ‘Securitization of Greek terrorism and arrest of the Revolutionary Organization November 17,’ Cooperation and Conflict, 42(3), pp. 271–293. doi: 10.1177/0010836707079932.
37. Khan, S. and Madnick, S. (2021) ‘Cybersafety: A system-theoretic approach to identify cyber-vulnerabilities & mitigation requirements in industrial control systems’, IEEE Transactions on Dependable and Secure Computing, 19(5), 3312–3328. doi: 10.1109/TDSC.2021.3093214.
38. Kim, S. and Lee, H. (2018) ‘Software systems at risk: An empirical study of cloned vulnerabilities in practice’, Computers & Security, pp. 720–736. doi: 10.1016/j.cose.2018.02.007.
39. Kumar, R., Kela, R., Singh, S. and Trujillo-Rasua, R. (2022) ‘APT attacks on industrial control systems: A tale of three incidents’, International Journal of Critical Infrastructure Protection, 37(C). doi: 10.1016/j.ijcip.2022.100521.
40. Kyška, R. (2014) ‘Hacktivists or cyberterrorists?: Webactivists as political actors’, CIVIS, pp. 23–38.
41. Lallie, H.S., Shepherd, L.A., Nurse, Jason R.C., Erola, A., Epiphaniou, G., Maple, C. and Bellekens, X. (2021) ‘Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic’, Science Direct, 105(1). doi: 10.1016/j.cose.2021.102248.
42. Lété, B. and Pernik, P. (2017) ‘EU–NATO cybersecurity and cefense cooperation: from common threats to common solutions,’ German Marshall Fund of the United States. Security and Defense Policy, 38, pp. 1–9.
43. Li, Y. and Liu, Q. (2021) ‘A comprehensive review study of cyber-attacks and cyber security; emerging trends and recent developments’, Energy Reports, 7, pp. 8176–8186. doi: 10.1016/j.egyr.2021.08.126.
44. Lobato, L. and Kenkel, K. (2015) ‘Discourses of cyberspace securitization in Brazil and in the United States’, Revista Brasileira de Política Internacional, 58(2), pp. 61–76. doi: 10.1590/0034-7329201500202.
45. Meeuwisse, R. (2017) Cybersecurity for beginners. Hythe, Kent: Cyber Simplicity.
46. MITRE (2017) Sandworm team. Available at: https://attack.mitre.org/groups/G0034/ (Accessed: 13 January 2024).
47. Necsutu, M. (2023) Moldova to create ‘anti-propaganda centre’ to counter Russian disinformation. Available at: https://balkaninsight.com/2023/05/29/moldova-to-create-anti-propaganda-centre-to-counter-russiandisinformation/ (Accessed: 2 December 2023).
48. Olszewski, B. (2018) ‘Advanced persistent threats as a manifestation of states’ military activity in cyber space’, Scientific Journal of the Military University of Land Forces, 50(3), pp. 57–71. doi: 10.5604/01.3001.0012.6227.
49. Oshewolo, S. and Nwozor, A. (2020) ‘COVID-19: Projecting the national security dimensions of pandemics’, Strategic Analysis, 44(3), pp. 269–275. doi: 10.1080/09700161.2020.1767911.
50. Phillips, L. (2010) Hackers shut down EU carbon-trading website. Available at: https://www.theguardian.com/ environment/2010/jul/26/eu-carbon-trading-website-hacked (Accessed: 2 December 2023).
51. Plan, F., Fraser, N., O’leary, J., Cannon, V., Read, B. (2019) APT40: Examining a China-nexus espionage actor. Available at: https://www.mandiant.com/resources/blog/apt40-examining-a-china-nexus-espionage-actor (Accessed: 13 January 2024).
52. Plėta, T., Tvaronavičienė, M., Casa, S.D. and Agafonov, K. (2020) ‘Cyber-attacks to critical energy infrastructure and management issues: Overview of selected cases’, Insights into Regional Development, 2(3), pp. 703–715. doi: 10.9770/IRD.2020.2.3(7).
53. Proska, K., Wolfram, J., Wilson, J., Black, D., Lunden, K., Zafra, D.K., Brubaker, N., Mclellan, T. and Sistrunk, C. (2023) Sandworm disrupts power in Ukraine using a novel attack against operational technology. Available at: https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operationaltechnology (Accessed: 13 January 2024).
54. Santaniello, M. (2022) ‘Towards a democratic model of cybersecurity’, in Granata, P. and Sidoti, F. (eds.) Financial intelligence and economic security. Padova: Linea Edizioni, pp. 117–128.
55. Satter, R. (2023) North Korea hackers going after Russian targets, Microsoft says. Available at: https://www.reuters.com/ technology/north-korea-hackers-going-after-russian-targets-microsoft-says-2023-09-07/ (Accessed: 6 December 2023).
56. Shea, J. (2017) ‘How is NATO meeting the challenge of cyberspace?’, Journal of Information Warfare, 7(2), pp. 18–29 .
57. Shults, I. (2021) Information warfare in the digital age—Propaganda, cyberattacks and the protection of democratic institutions. Quantico, VI: Peace and Prosperity Institute. Steinbrecher, D. (2022) Viasat KA-SAT attack. Available at: https://cyberlaw.ccdcoe.org/wiki/Viasat_KA-SAT_ attack_(2022) (Accessed: 6 December 2023).
58. The Cyber Express. (2023) KillNet hackers group strikes Ukrainian gas stations in cyber attack. Available at: https:// thecyberexpress.com/gas-station-cyber-attacks/ (Accessed: 2 December 2023).
59. Thomas, R.J., Chothia, T. (2020). Learning from Vulnerabilities - Categorising, Understanding and Detecting Weaknesses in Industrial Control Systems. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE ADIoT 2020 2020 2020. Lecture Notes in Computer Science(), vol 12501. Springer, Cham. doi: 10.1007/978-3-030-64330-0_7.
60. Thumfart, J. (2022) ‘The (il)legitimacy of cybersecurity’. Applied Cybersecurity & Internet Governance, 1(1), pp. 97–120. doi: 10.5604/01.3001.0016.1093.
61. Trend Micro Research (2021) What we know about the darkside ransomware and the us pipeline attack. Available at: https://www.trendmicro.com/en_us/research/21/e/what-we-know-about-darkside-ransomware-and-the-uspipeline-attac.html (Accessed: 13 January 2024).
62. US Trade Representative (2023) The People’s Republic of China—China trade & investment summary. Available at: https://ustr.gov/countries-regions/china-mongolia-taiwan/peoples-republic-china (Accessed: 3 December 2023).
63. Vicens, A. (2022) Hacking group focused on Central America dumps 10 terabytes of military emails, files. Available at: https://cyberscoop.com/central-american-hacking-group-releases-emails/ (Accessed: 2 December 2023).
64. Wang, X., Xiong, M., Luo, Y., Li, N., Jiang, Z. and Xiong, Z. (2021) ‘Joint learning for document-level threat intelligence relation extraction and coreference resolution based on GCN’, in 2020 IEEE 19th international conference on trust, security and privacy in computing and communications (TrustCom), Guangzhou, China. New York, NY: IEEE, pp. 584–591. doi: 10.1109/TrustCom50675.2020.00083.
65. Warren, M., Štitilis, D. and Laurinaitis, M. (2023) ‘The impact of Russian cyber attackers within the Ukraine situation’. Journal of Information Warfare, 22(1), pp. 88–106.
66. Whelan, C., Bright, D. and Martin, J. (2023) ‘Reconceptualising organised (cyber)crime: The case of ransomware’. Journal of Criminology, 57(1), pp. 45–61. doi: 10.1177/26338076231199793.
67. Yunos, Z., Mohd, N., Ariffin, A. and Ahmad, R. (2017) ‘Understanding cyber terrorism from motivational perspectives: A qualitative data analysis’, Journal of Information Warfare, 16(4), pp. 550–557.

Uwagi

Opracowanie rekordu ze środków MNiSW, umowa nr POPUL/SP/0154/2024/02 w ramach programu "Społeczna odpowiedzialność nauki II" - moduł: Popularyzacja nauki i promocja sportu (2025).

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-8b568604-c71e-4f3d-9065-325d3b732319