Malicious cyber activities by foreign states present major challenges to the US government. Foreign governments steal intellectual property, attack election systems, wage influence campaigns, and cripple American companies. One tool brought to bear most recently against these state actors is the criminal indictment.
This article reviews the use of criminal charges as a response to nation-state hacking and proposes a conceptual framework for understanding the utility of those charges as a tool to effectively combat malicious cyber activity.
Finally, the article applies this framework to case studies involving China, Russia, Iran, Syria, and North Korea and evaluates the use of criminal charges as a component of broader U.S. cyber policy.
The US government has always been keen on its ability to protect sensitive and classified information from its enemies, yet the majority of resources have focused on military and national security information, which has left other categories of information exposed.
Capt. Christopher Dearing focuses the reader on the national security implications of personal information and the detrimental impact it possesses. This article provides an analysis of current privacy law and the information landscape, while highlighting areas where the US government has failed to keep pace to protect personal information, providing a valuable target for adversaries.
In an expansive call for action, Capt. Dearing recommends eight concrete steps that the government can take to better protect and manage personal information while developing stronger procedures to identify threats and respond to them.
How and why do states use cyber proxies to project power? Why do some states lean closer to these proxies than others, and what does this distance reveal about how a state views them? In this article, Syed Hamza Mannan answers these questions in a review of Tim Maurer’s book, Cyber Mercenaries: The State, Hackers, and Power.
Mannan explores the demand for cyber proxies, the mechanisms states use to control them, and the implications of cyber state-proxy relationships. Perhaps Maurer’s most prevalent contribution to the research, articulated in Mannan’s review, is in constructing a framework for characterizing different relationships states maintain with cyber proxies: those of delegation, orchestration, and sanctioning. By applying the framework to contemporary examples of cyber proxy proliferation, Mannan’s review illuminates Maurer’s important work.
While an important part of US innovation and culture, bankruptcy proceedings have nonetheless become a unique avenue through which foreign adversaries are able to acquire sensitive US national security technologies and intellectual property. Through a detailed analysis of the current gaps in federal regulations governing foreign investment and bankruptcy proceedings in the US, Camille Stewart provides the reader an in-depth look into exactly how foreign companies have been able to circumvent these US foreign investment regulations.
In raising awareness to an issue that could ultimately leave the United States vulnerable to destructive cyberattacks, Stewart argues that training and equipping bankruptcy judges to identify potential national security concerns in bankruptcy cases will help mitigate the exfiltration of national security-related information and technology.
In light of recent foreign cyber-assaults that have jeopardized personal privacy in the United States, it is time for individuals to explore opportunities for private suits against foreign governments. In the first attempt to do this, Doe v. Federal Democratic Republic of Ethiopia, the courts found that the Foreign Sovereign Immunities Act barred suit under the Wiretap Act’s private cause of action and the common law tort of intrusion upon seclusion. Kurland posits that either a new exception should be added to the FSIA to ameliorate this legal lacuna.