Open Access Research Article

UNDERSTANDING CYBER ESPIONAGE AND STATE-SPONSORED ATTACKS

Author(s):
DEEPANSHI SRIVASTAVA
Journal IJLRA
ISSN 2582-6433
Published 2024/05/22
Access Open Access
Issue 7
Download PDF Open PDF Citation Search Scholar

Published Paper

PDF Preview
Download Open

Article Details

UNDERSTANDING CYBER ESPIONAGE AND STATE-SPONSORED ATTACKS
 
AUTHORED BY - DEEPANSHI SRIVASTAVA
 
 
Understanding Cyber Espionage and State-Sponsored Attacks
In today's interconnected world, cyber espionage and state-sponsored attacks have become prominent tools in the arsenal of nations seeking to advance their interests, gather intelligence, and gain strategic advantages. Nation-state cyberattacks target intellectual property and trade secrets stored on business networks, rather than snatch and grab data following a breach, the sophisticated hackers who carry out state-sponsored cyber attacks are more than willing to patiently hide in plain sight[1].
 
Understanding the dynamics and implications of these activities is crucial for comprehending contemporary security challenges and shaping effective responses.
 
Definition and Scope
Cyber espionage involves the clandestine acquisition of sensitive information or intelligence through unauthorized access to computer networks, systems, or data repositories. It encompasses a wide range of activities, including but not limited to:
-          Theft of classified government secrets, military plans, or diplomatic communications.
-          Theft of intellectual property, trade secrets, or proprietary information from corporations and research institutions.
-          Surveillance and monitoring of political opponents, dissidents, or foreign entities for strategic or intelligence-gathering purposes.
 
State-sponsored attacks, on the other hand, refer to offensive cyber operations orchestrated or supported by governments or their intelligence agencies. These attacks are typically aimed at achieving political, military, or economic objectives, and can target a variety of entities, including:
-          Critical infrastructure such as power grids, transportation networks, and financial systems.
-          Government agencies, political institutions, and electoral processes.
-          Private sector organizations, including multinational corporations and defense contractors.
The scope of cyber espionage and state-sponsored attacks is vast and continuously evolving, fueled by rapid advancements in technology and the increasing digitization of society.
 
History
Throughout history, numerous incidents of cyber espionage and state-sponsored attacks have underscored their prevalence and impact on national security and global stability. Some notable examples include:
1.      Stuxnet: Stuxnet was the name given to a highly complex digital malware that targeted, and physically damaged, Iran’s clandestine nuclear program from 2007 until its cover was blown in 2010 by computer security researchers. The malware targeted the computer systems controlling physical infrastructure such as centrifuges and gas valves[2].
2.      Russian Cyber Operations: Russia has been implicated in various cyber campaigns, including the hacking of the Democratic National Committee during the 2016 U.S. presidential election and the targeting of Ukrainian infrastructure and government networks.
3.      Chinese Economic Espionage: China has been accused of engaging in widespread economic espionage to steal intellectual property and trade secrets from Western companies, particularly in sectors such as technology, aerospace, and pharmaceuticals.
These examples illustrate the diverse motivations and tactics employed in cyber espionage and state-sponsored attacks, highlighting their disruptive potential and implications for national sovereignty, economic competitiveness, and global security.
 
Legal Frameworks
The proliferation of cyber espionage and state-sponsored attacks has prompted international efforts to establish legal frameworks aimed at deterring, preventing, and mitigating these threats to global security.
1.      United Nations Charter: The UN Charter reaffirms the principles of state sovereignty, non-intervention, and peaceful settlement of disputes, which are relevant to cyberspace activities. However, it does not explicitly address cyber espionage or state-sponsored attacks. Governmental experts from the five permanent members of the UN Security Council and 10 leading cyberpowers from all regions of the world have recognized that international law, including the principles of the law of state responsibility, fully apply to state behavior in cyberspace[3].
2.      International Telecommunication Union (ITU): The ITU, a specialized UN agency, coordinates international telecommunications standards and regulations. While it does not have specific mandates for cyber espionage, it promotes cooperation among member states to enhance cybersecurity and combat cyber threats.
3.      Council of Europe Convention on Cybercrime (Budapest Convention): The Budapest Convention is the first international treaty addressing cybercrime, including offenses related to unauthorized access, data interference, and computer-related fraud. While it does not explicitly mention cyber espionage, its provisions on criminalizing unauthorized access to computer systems can be relevant in prosecuting cyber espionage activities. The Budapest Convention is more than a legal document; it is a framework that permits hundreds of practitioners from Parties to share experience and create relationships that facilitate cooperation in specific cases, including in emergency situations, beyond the specific provisions foreseen in this Convention.[4]
4.      Tallinn Manual: Although not a legally binding instrument, the Tallinn Manual is a comprehensive study on the application of international law to cyber conflicts. It provides interpretations and guidelines on issues such as sovereignty, jurisdiction, and the use of force in cyberspace, which are relevant to cyber espionage and state-sponsored attacks.
5.      National Laws and Jurisdictional Challenges: Many countries have enacted domestic legislation to address cybercrime, including provisions related to cyber espionage. However, jurisdictional challenges arise when prosecuting cyber offenses that cross international borders, requiring cooperation and coordination among law enforcement agencies and legal systems.
While several laws, treaties, and conventions address aspects of cyber activities, challenges persist in effectively regulating and prosecuting cyber espionage due to the transnational nature of cyberspace and the evolving tactics of malicious actors.
Challenges
1.      Attribution: One of the primary challenges in prosecuting cyber espionage is attributing attacks to specific state actors. The anonymity and sophistication of cyber operations make it difficult to identify perpetrators with certainty, leading to challenges in gathering evidence and holding responsible parties accountable.
2.      Jurisdictional Ambiguity: Cyberspace blurs traditional concepts of jurisdiction, making it challenging to determine which laws apply to cyber activities conducted across multiple jurisdictions. This ambiguity complicates legal proceedings and extradition processes for prosecuting cyber criminals.
3.      State Sovereignty and National Security: States often prioritize national security interests over international cooperation in addressing cyber threats, leading to reluctance in sharing information or cooperating with other countries on cyber investigations and prosecutions. This hinders the effectiveness of legal frameworks in combating cyber espionage.
4.      Lack of Enforcement Mechanisms: While international laws and treaties provide guidelines for addressing cyber espionage, they lack robust enforcement mechanisms to ensure compliance and accountability. Without effective mechanisms for sanctions or penalties, malicious actors may exploit loopholes and continue engaging in cyber espionage with impunity.
In conclusion, while international legal frameworks provide a foundation for addressing cyber espionage and state-sponsored attacks, significant challenges and limitations persist in effectively regulating and prosecuting these activities. Addressing these challenges requires enhanced international cooperation, capacity-building efforts, and the development of innovative legal mechanisms tailored to the unique nature of cyberspace threats.
 
Diplomatic Responses to Cyber Threats
In the face of escalating cyber threats and state-sponsored attacks, diplomatic efforts play a critical role in fostering cooperation, building trust, and establishing norms of responsible behavior in cyberspace. This section examines various diplomatic strategies and initiatives aimed at addressing cyber threats in the international arena, along with case studies highlighting successful efforts to deter and mitigate state-sponsored cyber attacks through bilateral and multilateral cooperation.
 
Diplomatic Strategies and Initiatives
1.      Bilateral Engagement: Diplomatic channels provide a platform for countries to engage in dialogue and cooperation on cybersecurity issues bilaterally. Through diplomatic exchanges, states can share threat intelligence, discuss mutual concerns, and build trust to enhance cybersecurity cooperation and coordination.
2.      Multilateral Forums and Treaties: Multilateral forums such as the United Nations (UN), the Group of Seven (G7), and regional organizations facilitate discussions and negotiations on cybersecurity norms, principles, and confidence-building measures. Treaties and agreements, such as the Budapest Convention on Cybercrime, provide frameworks for international cooperation in combating cyber threats through legal and law enforcement mechanisms.
3.      Cyber Diplomacy and Confidence-Building Measures: Cyber diplomacy involves diplomatic efforts aimed at promoting stability, reducing tensions, and preventing conflicts in cyberspace. Confidence-building measures (CBMs), such as information-sharing mechanisms, incident response coordination, and cybersecurity dialogues, promote transparency and trust among states to mitigate the risk of cyber escalation and miscalculation.
4.      Norms Development and Advocacy: Diplomatic efforts focus on developing and promoting norms of responsible behavior in cyberspace, such as the protection of critical infrastructure, respect for human rights, and non-interference in the internal affairs of other states. Diplomats advocate for adherence to these norms through public statements, diplomatic démarches, and diplomatic engagements with other states.
 
Case Studies
1.      United States-China Cyber Agreement: In 2015, the United States and China reached a bilateral agreement to curb economic cyber espionage and establish norms of behavior in cyberspace. The agreement covers several areas of Cybersecurity policy, including on information sharing mechanisms and establishing that neither country will support cyber-enabled Intellectual property theft[5]. It also included commitments to refrain from conducting cyber-enabled theft of intellectual property for commercial gain, marking a significant diplomatic milestone in addressing cyber threats between the two countries[6].
2.      EU Cyber Diplomacy Toolbox: The EU Cyber Diplomacy Toolbox is a joint EU diplomatic response to malicious cyber activities.[7] This is part of the EU’s approach to cyber diplomacy within the Common Foreign and Security Policy, and it contributes to conflict prevention, the mitigation of cybersecurity threats, and greater stability in international relations. The toolbox includes a range of diplomatic measures, such as public attribution statements, sanctions, and diplomatic expulsions, to deter and respond to malicious cyber activities targeting EU member states and institutions[8].
3.      NATO Cyber Defense Policy: The North Atlantic Treaty Organization (NATO) has adopted a cyber defense policy that emphasizes collective defense, resilience, and cooperation among member states to address cyber threats. NATO engages in diplomatic efforts to enhance cyber defense capabilities, share best practices, and coordinate responses to cyber incidents through its Cyber Defense Pledge and Cyber Defense Committee[9].
4.      Australia-Singapore Cyber Agreemen[10]t: Australia and Singapore have signed a bilateral agreement to enhance cybersecurity cooperation and information-sharing to combat cyber threats. The agreement includes joint exercises, capacity-building initiatives, and regular dialogues to strengthen cybersecurity resilience and response capabilities in both countries.
 
Attribution and Accountability
Attributing cyber attacks to specific state actors poses significant challenges and complexities due to the anonymity, sophistication, and evolving tactics employed by malicious actors in cyberspace. Despite advances in forensic techniques and attribution capabilities, the process of identifying perpetrators with certainty remains elusive, often hindered by technical limitations, legal constraints, and political considerations. This section explores the challenges of attribution and the legal and diplomatic mechanisms for holding states accountable for cyber espionage and state-sponsored attacks.
 
Challenges
1.      Attribution Dilemma: Cyber attacks can be easily disguised or routed through multiple proxies, making it difficult to trace their origins back to specific state actors. Attackers often employ tactics such as false flag operations, malware obfuscation, and hijacked infrastructure to conceal their identities and mislead investigators.
2.      Technical Limitations: Forensic analysis of cyber attacks relies on digital evidence such as malware signatures, command-and-control infrastructure, and network traffic patterns. However, sophisticated attackers employ advanced techniques to manipulate or destroy evidence, making it challenging to conclusively attribute attacks to specific actors.
3.      False Positives and Uncertainty: The complexity of cyberspace and the abundance of threat actors increase the risk of false attribution, where innocent parties or non-state actors are wrongly implicated in cyber attacks. Moreover, even when attribution is possible, uncertainties may remain regarding the motivations, intentions, and level of state involvement behind the attacks.
4.      Geopolitical Considerations: Attribution of cyber attacks often intersects with geopolitical tensions and strategic interests, leading to politicization and selective attribution by states. Political considerations, such as the desire to avoid escalation or preserve diplomatic relations, may influence the willingness of states to publicly attribute cyber attacks to specific adversaries.
 
Legal and Diplomatic Mechanisms
1.      Diplomatic Protests: States may lodge diplomatic protests or official complaints against other states suspected of engaging in cyber espionage or state-sponsored attacks. Diplomatic channels provide a platform for conveying concerns, seeking clarification, and urging responsible behavior in cyberspace.
2.      Sanctions and Diplomatic Measures: In response to malicious cyber activities, states may impose diplomatic or economic sanctions against offending states to deter future attacks and signal disapproval. Diplomatic measures such as diplomatic expulsions, travel bans, and asset freezes can exert diplomatic pressure and impose costs on perpetrators.
3.      International Law and Norms: International law, including principles of state responsibility, due diligence, and non-intervention, provides a legal framework for holding states accountable for cyber aggression. Adherence to established norms of behavior in cyberspace, such as those outlined in the Tallinn Manual and UN Group of Governmental Experts reports, reinforces expectations of responsible state conduct and facilitates diplomatic efforts to address cyber threats.
4.      Countermeasures and Retaliation: States have the right to take countermeasures in response to cyber attacks that violate their sovereignty or threaten their national security. These measures may include defensive actions to mitigate ongoing attacks, as well as offensive operations to disrupt or deter future threats. However, careful consideration of the proportionality and legality of such responses is essential to avoid escalation and maintain stability in cyberspace.
Legal and diplomatic mechanisms provide avenues for holding states accountable for cyber aggression, but effective responses require a careful balance of legal, diplomatic, and strategic considerations to promote stability, deterrence, and responsible behavior in cyberspace.
 
Cybersecurity Norms and Confidence-Building Measures
In response to escalating cyber threats and growing concerns over the stability and security of cyberspace, international efforts have been underway to develop cybersecurity norms and confidence-building measures (CBMs) aimed at reducing the risk of cyber conflicts and enhancing trust among states.
 
Analysis of International Efforts
1.      Development of Cybersecurity Norms: International organizations, including the United Nations (UN) and the Organization for Security and Cooperation in Europe (OSCE), have facilitated discussions and negotiations on cybersecurity norms to establish guidelines for responsible behavior in cyberspace. These norms address various aspects of cybersecurity, such as the protection of critical infrastructure, respect for human rights, and the peaceful resolution of cyber disputes.
2.      Tallinn Manual and Group of Governmental Experts Reports: The Tallinn Manual, an academic study commissioned by NATO, provides interpretations and guidelines on the application of international law to cyber conflicts. Similarly, UN Group of Governmental Experts (GGE) reports offer recommendations on cybersecurity norms, confidence-building measures, and capacity-building initiatives. These documents serve as valuable resources for policymakers and practitioners in shaping international cyber policy.[11]
3.      Regional and Bilateral Initiatives: Regional organizations and bilateral agreements play a crucial role in promoting cybersecurity norms and confidence-building measures tailored to specific regional contexts. For example, the European Union (EU) has developed a cybersecurity strategy and action plan to enhance cooperation among member states, while the ASEAN Regional Forum (ARF) has established guidelines for cybersecurity cooperation and capacity-building in the Asia-Pacific region.
4.      Public-Private Partnerships: Collaboration between governments, industry stakeholders, and civil society organizations is essential for developing and implementing effective cybersecurity norms and measures. Public-private partnerships foster information-sharing, capacity-building, and the development of best practices to enhance cybersecurity resilience and response capabilities across sectors.
 
Assessment of Effectiveness
1.      Norms Adoption and Compliance: While progress has been made in developing cybersecurity norms, challenges remain in achieving widespread adoption and compliance among states. Divergent interpretations of norms, differing threat perceptions, and geopolitical tensions may hinder consensus-building and implementation efforts.
2.      Transparency and Confidence-Building Measures: Confidence-building measures, such as information-sharing mechanisms, incident response coordination, and joint cybersecurity exercises, promote transparency and trust among states in cyberspace. However, their effectiveness depends on the willingness of states to participate and cooperate in good faith, as well as the adequacy of mechanisms for verification and accountability.
3.      Norms Enforcement and Accountability: The enforcement of cybersecurity norms faces challenges due to the absence of binding legal mechanisms and enforcement mechanisms. While norms serve as guiding principles for responsible state behavior, their effectiveness ultimately depends on states' adherence and willingness to uphold their commitments.
4.      Emerging Challenges and Opportunities: The rapid evolution of technology and the changing nature of cyber threats pose new challenges to existing cybersecurity norms and confidence-building measures. Emerging issues such as artificial intelligence, quantum computing, and the Internet of Things (IoT) require continuous adaptation and innovation in international cyber governance frameworks.
 
Few Notable Cyber Espionage Incidents
Recent years have witnessed a proliferation of cyber espionage incidents involving state-sponsored actors, highlighting the evolving tactics, targets, and implications for international security. This section presents in-depth analyses of several notable cyber espionage incidents, examining their modus operandi, strategic objectives, and broader implications.
 
1.      SolarWinds Supply Chain Attack
In December 2020, the discovery of a sophisticated supply chain attack targeting SolarWinds, a leading IT management software provider, sent shockwaves through the cybersecurity community[12]. The attackers compromised SolarWinds' software updates to distribute malicious code, subsequently infiltrating the networks of numerous government agencies, corporations, and think tanks worldwide. Suspected to be the work of Russian state-sponsored actors, the attack exposed critical vulnerabilities in global supply chains and underscored the need for enhanced supply chain security measures[13].
 
2.      NotPetya Ransomware Attack
In June 2017, the NotPetya ransomware attack crippled computer systems worldwide, causing widespread disruption and financial losses estimated in the billions of dollars. While initially disguised as ransomware, NotPetya's destructive capabilities and targeting of Ukrainian infrastructure suggested a state-sponsored cyber operation, with Russia widely believed to be responsible. The incident highlighted the potential for cyber attacks to escalate into geopolitical crises and underscored the importance of attribution, deterrence, and resilience in countering state-sponsored cyber threats[14].
 
3.      Chinese Economic Espionage Campaigns
China has been implicated in numerous cyber espionage campaigns targeting intellectual property, trade secrets, and proprietary information from Western companies and research institutions. These campaigns, conducted by state-sponsored hacking groups such as APT10 and APT41, aim to steal technology, research, and innovation to advance China's economic and strategic interests. The persistent and widespread nature of Chinese economic espionage poses significant challenges for global cybersecurity and intellectual property protection, necessitating robust defenses and international cooperation to mitigate the threat.
 
Lessons Learned
1.      Enhanced Supply Chain Security: The SolarWinds incident highlighted the critical need for enhanced supply chain security measures to detect and prevent supply chain attacks. Governments and organizations should implement rigorous supply chain risk management practices, including vendor vetting, software integrity verification, and continuous monitoring of supply chain dependencies.
2.      Attribution and Deterrence: Attribution remains a significant challenge in cyber espionage incidents, hindering effective deterrence and response efforts. Investments in attribution capabilities, information sharing, and international cooperation are essential for holding perpetrators accountable and deterring future attacks.
3.      Resilience and Contingency Planning: Given the inevitability of cyber attacks, organizations must prioritize resilience and contingency planning to mitigate the impact of incidents and ensure business continuity. This includes regular risk assessments, incident response drills, and the adoption of cyber insurance policies to manage financial risks associated with cyber incidents.
4.      Norms Development and Diplomatic Engagement: Diplomatic efforts to develop norms of responsible behavior in cyberspace are essential for mitigating state-sponsored cyber threats. Continued engagement in multilateral forums, such as the UN Group of Governmental Experts and the Open-Ended Working Group, can facilitate consensus-building on norms, promote transparency, and reduce the risk of conflict escalation in cyberspace.
 
Examination of Challenges
1.      Sovereignty Concerns: States are protective of their sovereignty and often reluctant to cooperate with foreign entities in investigating and prosecuting cyber espionage cases. Concerns about national security, data privacy, and economic interests may impede information sharing and hinder collaborative efforts to counter cyber threats.
2.      Jurisdictional Issues: Cyberspace transcends traditional borders, posing challenges for determining jurisdiction and legal authority in cybercrime investigations. Jurisdictional conflicts arise when cyber attacks originate from one country but target entities in another, leading to uncertainty and delays in legal proceedings.
3.      Attribution and Evidence Collection: Attribution of cyber attacks to specific state actors is notoriously difficult due to the anonymity and sophistication of cyber operations. Gathering digital evidence and proving state involvement in cyber espionage cases require advanced forensic techniques and international cooperation, which may be hindered by legal and technical barriers.
4.      Diplomatic Tensions: Cyber incidents can strain diplomatic relations between states, particularly when attributed to state-sponsored actors. Accusations of cyber espionage or cyber attacks can escalate into diplomatic disputes, triggering retaliatory measures and exacerbating geopolitical tensions.
 
Recommendations
1.      Strengthening Legal Frameworks: Enhancing international legal frameworks for addressing cyber espionage requires greater harmonization of laws, treaties, and conventions governing cyber activities. States should ratify and implement relevant cybercrime conventions, such as the Budapest Convention, and cooperate in extraditing cyber criminals to face prosecution.
2.      Improving Attribution Capabilities: Investing in attribution capabilities and information-sharing mechanisms is crucial for holding perpetrators of cyber espionage accountable. States should enhance their technical capabilities for cyber attribution, collaborate with cybersecurity researchers and industry partners, and share threat intelligence to identify and attribute cyber attacks more effectively.
3.      Promoting Diplomatic Dialogue: Diplomatic engagement is essential for de-escalating tensions and resolving disputes arising from cyber incidents. States should engage in constructive dialogue, diplomatic consultations, and confidence-building measures to address concerns, build trust, and promote responsible behavior in cyberspace.
4.      Enhancing Cyber Resilience: Building cyber resilience at the national and international levels is essential for mitigating the impact of cyber espionage and state-sponsored attacks. States should invest in cybersecurity capacity-building, incident response capabilities, and critical infrastructure protection to minimize vulnerabilities and disruptions caused by cyber incidents.
5.      Facilitating Multilateral Cooperation: Multilateral cooperation is key to combating cyber espionage and state-sponsored attacks effectively. States should engage in multilateral forums, such as the UN Group of Governmental Experts and regional cybersecurity initiatives, to develop norms, share best practices, and coordinate responses to cyber threats.
 
Conclusion:
Thus this paper concludes the following:
 Cyber espionage and state-sponsored attacks pose significant risks to international peace and security, with state actors increasingly leveraging cyberspace to advance their strategic objectives.
 Attribution of cyber attacks remains a daunting challenge, hindered by technical limitations, legal constraints, and geopolitical considerations.
 Legal frameworks and diplomatic mechanisms play critical roles in holding perpetrators of cyber espionage accountable and promoting responsible state behavior in cyberspace.
The rapid evolution of technology and the proliferation of cyber capabilities have transformed the landscape of warfare and espionage, blurring traditional boundaries and raising new challenges for international governance.The interconnected nature of cyberspace underscores the interconnectedness of security, economic prosperity, and human rights, necessitating holistic and multidimensional approaches to cybersecurity.
 
While progress has been made in developing cybersecurity norms and confidence-building measures, ongoing challenges persist in adoption, compliance, and enforcement. Addressing these challenges requires sustained multilateral engagement, capacity-building efforts, and innovation in international cyber governance frameworks. Several opportunities exist for enhancing international cooperation and coordination in combating cyber espionage and state-sponsored attacks through strengthened legal frameworks, improved attribution capabilities, and diplomatic dialogue.
 
Hence, cyber espionage and state-sponsored attacks represent complex and multifaceted threats to global security, requiring concerted efforts from governments, international organizations, and civil society to address effectively. By leveraging legal and diplomatic responses, the international community can mitigate the risks posed by cyber aggression and safeguard international peace and security in the digital age.

[1] Galati, L. (2023, September 27). What Is Cyber Espionage? Understanding State Sponsored Cyber Attacks. Cyberteam. https://www.cyberteam.us/blog/what-is-cyber-espionage-understanding-state-sponsored-cyber-attacks
[2] Alvarez, J. (2015, February 3). Stuxnet: The world's first cyber weapon. Stanford.edu. https://cisac.fsi.stanford.edu/news/stuxnet
[3] Wolter, D. (n.d.). The UN Takes a Big Step Forward on Cybersecurity. Arms Control Association. https://www.armscontrol.org/act/2013-09/un-takes-big-step-forward-cybersecurity
[4] (n.d.). The Budapest Convention (ETS No. 185) and its Protocols. Www.coe.int. https://www.coe.int/en/web/cybercrime/the-budapest-convention
[5] (n.d.). 2015 United States–China Cybersecurity Agreement. Wikipedia. https://en.wikipedia.org/wiki/2015_United_States%E2%80%93China_Cybersecurity_Agreement
[6] Rollins, J. W. (2015, October 16). U.S.–China Cyber Agreement. CRS INSIGHT. https://sgp.fas.org/crs/row/IN10376.pdf
[7] (2020, May 28). Understanding the EU's approach to cyber diplomacy and cyber defence. Think Tank. https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI%282020%29651937
[8] Miadzvetskaya, Yuliya and Wessel, Ramses A., The Externalisation of the EU’s Cybersecurity Regime: The Cyber Diplomacy Toolbox (July 21, 2022). 7(1) European Papers 2022, University of Groningen Faculty of Law Research Paper No. 27/2022, Available at SSRN: https://ssrn.com/abstract=4199627
[9] (n.d.). Defending the networks The NATO Policy on Cyber Defence. NATO OTAN. https://ccdcoe.org/uploads/2018/10/NATO-110608-CyberdefencePolicyExecSummary.pdf
[11] (n.d.). TALLINN Manual on the international law applicable to cyber warfare. Www.Penncerl.org. https://www.penncerl.org/wp-content/uploads/2021/12/6481-tallinn-manual-on-the-international-law-applicable.pdf
[12] Williams, J. (2020, December 15). What You Need to Know About the SolarWinds Supply-Chain Attack. Sans.org. https://www.sans.org/blog/what-you-need-to-know-about-the-solarwinds-supply-chain-attack/
[13] (n.d.). The SolarWinds Cyber-Attack: What You Need to Know. Centre for Internet Security. https://www.cisecurity.org/solarwinds
[14] V. (2023, November 27). Email breach chronicles: The NotPetya catastrophe - global havoc in 2017. Zoho.com. https://www.zoho.com/workplace/articles/workplace/articles/notpetya-cyberattack.html

Article Information

UNDERSTANDING CYBER ESPIONAGE AND STATE-SPONSORED ATTACKS

Authors: DEEPANSHI SRIVASTAVA

  • Journal IJLRA
  • ISSN 2582-6433
  • Published 2024/05/22
  • Issue 7
Citation Download Paper Full Details Search on Google Search on Google Scholar

About Journal

International Journal for Legal Research and Analysis

  • Abbreviation IJLRA
  • ISSN 2582-6433
  • Access Open Access
  • License CC 4.0

All research articles published in International Journal for Legal Research and Analysis are open access and available to read, download and share, subject to proper citation of the original work.

Creative Commons

Disclaimer: The opinions expressed in this publication are those of the authors and do not necessarily reflect the views of International Journal for Legal Research and Analysis.

Current Issue

Ethics and Policy

For Authors