Understanding cybersecurity principles includes measures that promote the confidentiality, availability and integrity of information that is processed, stored and transmitted electronically. And it is very important to base this understanding on generally accepted approaches, principles and concepts used in international practice. The principle of shared responsibility must also be respected. Everyone who takes advantage of modern technology should take appropriate measures to ensure the security of their own computer systems, to use secure means of communication and to store important information. One of the most common protection concepts is the triad of information security:
Confidentiality. Measures to protect sensitive information resources from unauthorized access in accordance with a security policy.
Accessibility. Provision of unhindered confidential access to the information system and information on an ongoing basis.
Integrity. Ensuring protection of information resources from unauthorized modification and proper functioning of the information system.
Next we will classify the goals of cyberattacks:
Sabotage. A cyberattack, which is aimed at disrupting the normal operation of information and communication systems (Denial Of Service Attack).
Espionage. A cyber attack that aims to allow an unauthorized third party to enter a system to read, change and delete information. This type of attack can also be used to use the victim system to attack other systems.
According to international practice, cyber security is based on three main components: cyber defense, cyber intelligence and cyber counterattack.
Cybersecurity includes the application of special protective measures necessary to guarantee the operation and functionality of systems. And these measures must reduce possible risks to an acceptable level. Cyber defense in turn includes the following steps: shielding, detection, response, and recovery.
Cyber reconnaissance is a combination of processes of collection, processing, production and distribution of information in cyberspace in order to detect and prevent possible cyber attacks and cyber crimes. At the same time, it is very important to include experts in big data analysis in the process in order to increase the effectiveness of this task.
A cyber counterattack consists of neutralizing an active attack, identifying the perpetrators, and executing, if possible, a retaliatory cyberattack to damage the perpetrator’s infrastructure.
Challenges to the application of the inevitability of punishment principle:
Attempts are being made internationally today to recognize cyber attacks as armed attacks. But it is still not clear that this will be a solution to the problem, and that such recognition and subsequent developments will not lead to more problems. By the way, according to NATO’s strategic concept, a cyber attack can be qualified as a military attack on a member of the Alliance, and after the appropriate decision, actions can be taken under Article 5 of the Alliance, which states that an attack on one NATO member will be considered an attack on the entire alliance.
The role of international organizations in addressing cybersecurity issues remains very limited, and many states (mostly developed ones) are not prepared to cooperate more closely and in a meaningful way on this topic.
The perpetrators of cyber attacks can easily dismiss charges because it is virtually impossible to prove the direct involvement of individuals, groups or organizations in a cyber attack.
Due to the difficulty of detecting an attack at the time of its commission, it becomes difficult or impossible to implement countermeasures and use international law.
