Category Archives: Cybersecurity

“I have found Vol. 4:1 of the Journal of National Security Law & Policy, the Cybersecurity Symposium, to be an invaluable resource. I use many of these articles in my research and clinic preparation, and am glad to have a bound, hard copy that I can grab from my shelf and mark up as I like.” -Eric J. Lobsinger, Teaching Fellow, Georgetown University Law Center

Cybersecurity, Online Supplement, Religious Extremism, Terrorism and Counterterrorism

Social Media—A Tool for Terror?

September 16, 2022 Leave a comment

By Ruhi Kumar

The prevalence of terrorist organizations using social media generates a host of new challenges for online platforms, policymakers, and governments. Specifically, the global, highly accessible, and fast-evolving nature of social media provides a particularly lucrative platform for terrorist organizations to promote their ideologies. While there is a growing demand for responsible and accountable online governance, the lack of effective content moderation policies, transparency, and cultural understanding continues to facilitate harmful content on social media platforms. To meaningfully tackle these issues, it is crucial that national governments and lawmakers consider a combination of policy and legislative solutions.

Although the terms of service of many leading social media companies stipulate that terrorist content is forbidden, the lack of effective content moderation processes fails to effectively turn policy into practice. For instance, Facebook’s Community Standards state that organizations that are engaged in terrorist activity are not allowed on the platform; however, what is classified as ‘terrorist content’ under Facebook’s policy is a highly subjective question under which the platform is given complete discretion. Additionally, “by its own admission, Facebook continues to find it challenging to detect and respond to hate speech content across dynamic speech environments, multiple languages, and differing social and cultural contexts.”

For instance, in Myanmar, the lack of content moderators who speak local languages and understand the relevant cultural contexts has allowed for terrorist content to proliferate. According to a United Nations investigation, Facebook’s platform was utilized to “incite violence and hatred against” ethnic minorities in Myanmar, leading to over 700,000 members of the Rohingya community fleeing the country due to a military crackdown.

Despite being aware of these repercussions, Facebook neglected to deploy the necessary resources to combat hate speech as at the time there were only two Burmese speakers employed at Facebook who were tasked with reviewing problematic posts. Hence it can be argued that in some of the world’s most volatile regions, terrorist content and hate speech escalate because social media platforms fail to employ the necessary resources to moderate content written in local languages.

In Myanmar, this lack of policy oversight caused inflammatory content to flourish and harm local minority populations. To address this issue, social media platforms should not only hire local content moderators but also consider developing a partnership program with local individuals and NGOs. Developing a local partnership program would create an effective communication channel wherein members of the local population could report hate and terrorist speech directly, thereby enabling social media content moderators to address harmful content and mitigate potential damage more quickly.

Continue reading →

Cybercrime, Cyberespionage, Cybersecurity, Foreign Policy, Issue Archive, Vol. 12 No. 3

Bubbles Over Barriers: Amending the Foreign Sovereign Immunities Act for Cyber Accountability

June 24, 2022 Leave a comment

More and more often, the Foreign Sovereign Immunities Act (FSIA) has protected cyberattack-conducting state actors and their cybersecurity contractors from legal liability and suits brought by victims seeking redress in US courts.

Adam Silow argues that it is time for foreign sovereign immunity to receive an update for the digital era. State-sponsored cyberattacks and their use of cybersecurity contractors are increasing, particularly affecting human rights activists and large companies with key data and trade secrets. The US government’s responses, namely, diplomacy, sanctions, or issuing “speaking indictments” by prosecutors have been inadequate, and statutory language of the FSIA does not clearly allow liability for cyberattacks, even under the new terrorism amendments.

Some experts propose merely amending the language to include liability for all cyberattacks, which Silow argues may inadvertently allow liability for legitimate state action. Instead, Silow concludes that more targeted legislation should protect specific victims of cyberattacks, namely human rights activists and targets of trade secrets, and allow those victims to legally overcome foreign sovereign immunity in US courts.

Bubbles Over Barriers: Amending the Foreign Sovereign Immunities Act for Cyber Accountability Download

Cybercrime, Cyberespionage, Cybersecurity, Defense Policy, Emerging Technology, Issue Archive, Vol. 12 No. 3

Outsourcing the Cyber Kill Chain: Reinforcing the Cyber Mission Force and Allowing Increased Contractor Support of Cyber Operations

June 24, 2022 Leave a comment

The United States is under a growing and constant threat of cyberattack. US cybersecurity strategy has evolved in response, adapting to the new threat climate by committing US Cyber Command to more aggressive and persistent peacetime cyber operations. However, the Department of Defense Cyber Mission Force (CMF) has been stretched thin attempting to carry out its new mission, requiring additional commitments to resourcing, force size, and capabilities.

Homer A. La Rue argues that increased participation of private contractors in US cyber operations is the best way to bolster the CMF’s capabilities, at least in the short term. Contractors may be particularly useful in “gray-zone” operations, that is, operation in the area that exists beyond the threshold of conventional diplomacy but falls short of conventional war.

Although there are challenges and risks to increased contractor participation in cyber operations—particularly related to command and control—La Rue argues that methods of managing these risks already exist and that the benefits of outsourcing cyber operations outweighs the risks.

Outsourcing the Cyber Kill Chain: Reinforcing the Cyber Mission Force and Allowing Increased Contractor Support of Cyber Operations Download

The world's only peer-reviewed journal devoted exclusively to national security law and policy.