|
DOI: 10.25136/2644-5514.2022.1.37271
Received:
09-01-2022
Published:
02-02-2022
Abstract:
This article notes that cyber-attacks, i.e. disruption of the information systems of persons, companies or countries, are a new type of criminal activity. International law does not yet have does not have normative documents that regulate the procedure of countering cyber-attacks. It is complicated by the fact that in the international law the grounds for taking coercive measures against other country is aggression (armed attack), which confers the right to individual or collective self-defense of the country. It is indicated that the doctrine legitimizes drawing parallels between common operation that are classified as the resorting to force, and the corresponding cyber operations. As the criterion of aggression, it is offered to use the assessment of the scale of attack and severity of consequences. The difficulty in qualifying the cyber-attack also lies in open architecture of the Internet, which allows billions of users worldwide to interact with each other. The aforementioned aspect also allows the hackers to hide their identity or even use someone else's device without their knowledge. All these difficulties aggravate if cyber operations are conducted by or on behalf of the countries. In fact, the cyber-attack participants do not bear any consequences for their actions. It is claimed that modern international law suggests both, intraterritorial or extraterritorial jurisdiction.
Keywords:
cyberattack, information systems, Internet, National security, UN Charter, self-defense, territorial jurisdiction, critical infrastructures, international crime, international law
This article is automatically translated.
Introduction Information security is defined as the state of protection of the national interests of the Russian Federation in the information sphere, consisting of a set of balanced interests of the individual, society and the state, from internal and external threats [14, p. 91]. The National Security Strategy of the Russian Federation [8] (paragraph 22) indicates that new forms of illegal activity related to the use of information, communication and high technologies are emerging. One of the forms of such illegal activity is the so–called cyberattacks - hacker attacks on information systems [15, p. 11]. The first reports of cyber attacks appeared back in the late 1980s, and since then they have become more diverse and multidirectional: they are developing along with rapid technological changes, including the Internet itself. The first attack on NASA networks with the help of the WANK worm in 1989 was followed by cases much more extensive in their consequences. These are, for example, an attack on the websites of the French government using the "netstrike" of the Testranonetwork network in 1995; a number of attacks on government networks in Mexico and the United States aimed at supporting Mexican Zapatistas in 1998; "Black Tiger e-mail explosions on the Internet" directed against the Sri Lankan embassy [17, p. 13-15]. These incidents were limited in scope and intensity. None of these attacks were committed by any Government, did not constitute a conflict at the interstate level. The perpetrators were mostly individuals or small groups acting independently, presumably without anyone's guidance or control. Their goal was to attract attention to themselves in connection with their political, social or economic goals. The first cyber operations that should be considered as military operations were those that arose in the era of Kosovo [13, pp. 42-43], related to conflicts conducted by non-State actors, the so-called "patriotic hackers", who, however, acted, if not under cover, then, of course, under the control of the relevant national government agencies. This series of conflicts has been described as the first Internet war, in recognition not only of cyber attacks, but also of the role played by the Internet, especially in spreading information about the conflict that has arisen. The cyberdiversion regarding Iran's nuclear program in 2010, the attack against the New York Stock Exchange in 2012 [21], as well as against South Korea, when almost a third of the country's banking system was paralyzed [22], clearly demonstrate that cyber threats are becoming an increasingly alarming phenomenon. But should cyber operations of this kind be considered as something new that requires the development of new legal instruments at the international level, or can they be approached using existing traditional norms of international law [9, p. 144]? Russia, China and some other countries advocate an international treaty similar to the one adopted on the prohibition of chemical weapons, and insist on a similar approach to regulating cyberspace [12, p. 25]. However, the US and the EU have repeatedly rejected such proposals, arguing that it is necessary to update the norms of international law so that they can properly address these issues [20, p. 187-209]. The important role of information security is undoubtedly realized by the countries of the European Union [16, p. 9]. The EU's position on this issue is expressed in the Cybersecurity Strategy: "The legal obligations enshrined in the International Covenant on Civil and Political Rights, the European Convention on Human Rights and other fundamental documents must also be respected on the Internet, assuming that if armed conflicts spread to cyberspace, international humanitarian law and, accordingly, human rights norms human rights will be applied as before"[1]. Approximately the same position was taken by an international group of experts, convened at the initiative of the Center for Cooperation in the Field of Cybersecurity of NATO to create a fundamental work called the Tallinn Handbook, or Tallinn Manual (Tallinn Manual). The experts rejected the characterization of cyberspace as a separate sphere of regulation requiring a new institutional structure, and came to the unanimous conclusion that the general principles of international law should also apply to cyberspace. Modern international law in relation to cyberspace The first document regulating cyberspace was the Convention on Computer Information Crime [6]. This is a framework document, it could not be any other. The Convention was adopted in 2001, and its content was reduced to the obligation to exchange information. It is important for us that the threat arising from cyberspace in the Convention is called attempts on confidentiality, integrity and availability of computer data and systems. Private individuals acted as criminals here, but not states. The Convention has become the basis for the harmonization by Member States of their respective national laws. Some steps have been taken within the framework of the European Union [3]. A directive was adopted that created a framework for the identification of critical infrastructures in the energy, transport and communications sectors; this directive was the first step towards the adoption of a common protection strategy in the fight against terrorism. It is clear that the content of the directive was very narrow. The subsequent actions of the EU were caused by the fact that "cyber attacks have reached an unprecedented level of complexity. Simple experiments are now turning into sophisticated activities carried out for profit or for political reasons," as recognized in a 2009 Report [2]. This document emphasized the need for coordinated collective action.
In February 2013, the European Commission, together with the High Representative of the Union for Foreign Affairs and Security Policy, presented a proposal on a cybersecurity strategy [4]. The Strategy sets out a common vision of the problem, and, in addition to ensuring cybersecurity, it is the basis for the adoption of a common legal framework regarding cyber attacks, their overall impact and potential ways to eliminate them. The joint document of the European Parliament and the European Council [5] provides a direction to create a common institutional framework for maximum consideration of the constituent elements of criminal offenses related to attacks on information systems, and is aimed at improving cooperation between competent authorities and institutions to effectively combat cybercrime. To this end, Member States should take appropriate measures to improve the reliability of their information systems so that they are more effectively protected from cybercrime. Directive 2013/40/EC [5] is aimed at harmonizing the criminalization of specific activities (such as illegal access to information systems, illegal system and data interference) and does not concern the prevention of risks and incidents related to NIS, response actions and elimination of their consequences. Its ultimate goal is to offer a wide range of States measures to create a secure information society and a zone of freedom, security and justice. Later, during the NATO summit in Wales on September 5, 2014, the heads of state and government of the North Atlantic Alliance member states approved a cyber defense program, which recognized that international law (including humanitarian law and the UN Charter [7]) it also applies to cyberspace. Recognizing the complex and potentially threatening nature of cyberattacks for Euro-Atlantic prosperity, security and stability, as well as the fact that their consequences can be as harmful to modern society as attacks using conventional weapons, the North Atlantic Alliance decided to include cyberattacks in NATO's main task of collective defense. In other words, taking into account the right of the Alliance to take all necessary measures (including the use of armed force) to restore international peace and security, it was decided that the Security Council would be able to decide on a case-by-case basis whether a cyberattack would lead to the application of Article 5 [7], so that appropriate measures would be taken measures. In addition, it was stated that the Alliance is committed to further developing national cyber defense capabilities by strengthening national cybersecurity networks, which are the basis for fulfilling NATO's tasks and increasing the stability and protection of the Alliance. Assessment of cyber attacks from a legal point of view First of all, there is the question of classifying a cyberattack as a case of the use of force or as an armed attack. The complexity of applying traditional norms of international humanitarian law to classify cyber attacks is due to a number of factors. The most important of them is the almost complete inability to properly assess the consequences of a cyberattack and establish the identity or political motives of the harm-doer. Let us turn to the result of the work of an international group of experts – the book "Handbook on the Application of International Law to Cyber Warfare" [18]. This is not a legal document, but an important advisory, the most comprehensive publication on the use of international law (jus ad bellum and jus in bello) to interpret the problems of cyber warfare. Unfortunately, we will not find clear answers in this publication, so it is not yet clear in which cases cyber attacks are an act of "threat or use of force" so that the prohibition contained in Paragraph 4 of Article 2 of the UN Charter can be lawfully applied [7]. Paragraph 4 of Article 2 of the Charter states: "All Members of the United Nations refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any State, or in any other way incompatible with the Purposes of the United Nations"[7]; it is also not clear in which cases these acts can be considered aggression or armed attack, giving a UN member state a legitimate right to self-defense in accordance with Article 51 of the UN Charter, which clearly states: "This Charter in no way affects the inalienable right to individual or collective self-defense if an armed attack occurs on a Member of the Organization, until the Security Council takes action. Necessary for the maintenance of international peace and security" [7]. By themselves, the terms "use of force" or "armed attack" do not have a precise definition in international law, and the Tallinn Handbook also offers the following definition: "cyber operation involves the use of force when its scale and consequences are comparable to non-cyber operations reaching the level of force" (Rule 10), which is quite does not clarify the situation. In the literature, this rule is interpreted in the sense that it refers to cyber attacks that can lead to death or harm to people or material property [19]. This means that the Tallinn Directory focuses on the evaluation of the results of cyber attacks, and not the action itself. However, this calls into question the qualification of such attacks, which do not lead to death, injury or physical damage directly, but rather indirectly. How should these actions be characterized? Most experts in the field of international law believe that Article 2 (4) [7] can be used to cover almost any kind of "use of force" that is not approved by the Charter, since the phrase "in any other way" can denote any measures, including cyber attacks. Based, obviously, on the same logic and in accordance with Article 51 of the UN Charter [7], Rule 13 of the Tallinn Handbook states that: "As a measure aimed at preventing an operation that could lead to an armed attack, his inalienable right to self-defense may be exercised. Whether a cyber operation is an armed attack depends on its scale and consequences." However, in this case, it is also not clear in which cases cyberattacks "correspond to the scale" so that they can be classified and considered as an "armed attack", allowing one state to react by exercising its legitimate right to self-defense in accordance with Article 51 of the UN Charter [7].
Thus, it can be understood that in both Rule 11 and Rule 13 of the Tallinn Handbook, the term "scale and consequences" is an abbreviated term that refers to quantitative and qualitative criteria that must be analyzed in order to determine whether cyber operation qualifies as "use of force" or "armed attack". From a legal point of view, in our opinion, it is unclear how to characterize and evaluate cyber attacks, especially in the case of such use of force, the consequences of which are not immediately obvious. Apparently, it is necessary to develop a whole system of assessments that make it possible to draw a parallel between conventional operations, which can be characterized as the use of force, and the corresponding cyber operations, which correspond to conventional operations in their scale and consequences. The following criteria can be proposed: severity (severity of attacks), direct impact (that is, immediate manifestation of consequences), the presence of a causal relationship between a cyberattack and its consequences, aggressiveness (the degree of interference of a cyberattack in the operation of the corresponding computer system), the military nature of cyber operations, the degree of state involvement and the absence of a direct prohibition of the corresponding attack by international law. However, it should be borne in mind that these factors cannot be considered as formal legal criteria. Recognizing the lack of a regulatory framework for assessing the concept of "use of force" in cyberspace, these factors could be used in areas where there is uncertainty or inconsistency in legal regulation. Some specific difficulties in combating cyber attacks The application of the norms of international law to cyberspace is complicated by some other important factors, first of all, uncertainty in jurisdiction.The open architecture of the Internet, which allows billions of users around the world to interact with each other and with a large number of services offered on a global basis (servers/Internet providers that may be located on the other side of the planet), complicates the problem of jurisdiction over crimes committed in cyberspace [10; 11]. The main and most common principle of determining jurisdiction is the territorial principle, which means that the State has the right to protection from criminal acts that are committed within its borders. However, the Internet environment differs in that evidence must be collected online, that is, in computer systems located on foreign territory. In principle, international law does not allow extraterritorial jurisdiction for the collection of evidentiary materials. In such cases, it is necessary to contact the interested State with a request to provide mutual assistance in providing the necessary materials. The next complicating factor is the likelihood that cyber operations are carried out by state agents, so that states themselves can be held accountable. So far, there is no official document (agreement or contract) indicating a judicial mechanism that will be used in cases where the state is behind a cyberattack. In fact, the participant of the cyberattack does not bear any consequences for his actions. In this regard, we will give an example of Rule 2 of the Tallinn Handbook, which states: "Without prejudice to applicable international obligations, a State may exercise its jurisdiction: with respect to persons engaged in cyber activities on its territory; with respect to cyber infrastructure located on its territory; and extraterritorially, in accordance with international law." However, the use of ICT allows an attacker, using the advantages of many Internet services or existing cloud services, to hide his territorial (as well as physical) identity by creating repetitions and dynamic data movement, as well as by substituting geographical coordinates of computing devices. Moreover, there is always the possibility that an IT device and/or system will become a cyberattack tool without the knowledge of the user/owner. In this case, the device can turn into a zombie device (by installing special software on it) and participate in cyber attacks, while its user is completely unaware of this fact. Thus, while the leading actors are usually State actors, the activities of non-State actors, including cybercriminals and terrorist groups, create confusion and misconception about the real "players" of cyber warfare. In fact, conflicts in cyberspace allow for a combination of crimes, espionage and military actions in a way that is often quite difficult – if not impossible – to distinguish between them. Probably the most important problem that arises in connection with cyber operations and the way they are developed is the technical complexity of identifying attackers and positively identifying a key participant in cyber operations, which thus leads to serious difficulties in solving the attribution problem. This is due to the fact that the process of decoding and identifying the location of the system that led to the attack is lengthy and expensive. Determining the identity and motivation of the perpetrator becomes even more difficult in cases of attacks in which intermediaries are involved, perhaps even unwittingly. In such cases, determining motivation seems difficult, mainly due to the complex architecture and geography of cyberspace. Conclusion
Thus, the scientific community of Russia has yet to develop norms that will prevent, suppress and punish criminal activity in the form of cyber attacks on information systems. But it is already quite clear that such norms will be based on the generally recognized foundations of international law. The research was carried out with the financial support of the RFBR in the framework of scientific project No. 18-29-16012.
References
1. Cyber security Strategy of the European Union: an open safe and secure cyberspace. Joint Communication to the European Parliament, the Council, The European Economic and Social Committee and the Committee of the Regions. 2013 [Elektronnyi resurs]. – URL: https://eeas.europa.eu/archives/docs/policies/eu-cyber-security/cybsec_comm_en.pdf/ (data obrashcheniya 21.11.2021).
2. Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience. Communication from the Commission to the European Parliament, the Council and the Committee of the Regions on Critical Information Infrastructure Protection. 2009 [Elektronnyi resurs]. – URL: https://ifap.ru/pr/2009/n090331a.pdf/ (data obrashcheniya: 21.11.2021).
3. Direktiva Soveta Evropeiskogo Soyuza 2008/114/ES ob identifikatsii i oboznachenii kriticheskikh infrastruktur Evropy i otsenke neobkhodimosti uluchsheniya ikh zashchity [Elektronnyi resurs].– URL: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32008L0114&from=FR/ (data obrashcheniya 21.11.2021).
4. Direktiva Soveta Evropeiskogo Soyuza. 2013 [Elektronnyi resurs].– URL: https://trumpwhitehouse.archives.gov/sites/whitehouse.gov/files/omb/IPEC/2013-us-ipec-joint-strategic-plan.pdf/ (data obrashcheniya: 21.11.2021).
5. Direktiva Soveta Evropeiskogo Soyuza. 2013/40/ES ob atakakh na informatsionnye sistemy i zamene Ramochnogo resheniya Soveta 2005/222/JHA [Elektronnyi resurs]. – URL: https://base.garant.ru/70557982/ (data obrashcheniya: 21.11.2021).
6. Konventsiya o prestupnosti v sfere komp'yuternoi informatsii (ETS ¹ 185)[Elektronnyi resurs]. – URL: https://base.garant.ru/4089723/ (data obrashcheniya: 21.11.2021).
7. Ustav OON [Elektronnyi resurs]. – URL:https://www.un.org/ru/about-us/un-charter/full-text (data obrashcheniya: 21.11.2021).
8. Strategiya natsional'noi bezopasnosti Rossiiskoi Federatsii. Utverzhdena Ukazom Prezidenta RF ot 15.12.2015 g. ¹ 683 // SZ RF. 2016. ¹ 1 (Ch. II). – St. 212.
9. Bachilo I.L. Ob istokakh neustoichivosti i protivorechivosti ponyatii v sfere massovoi informatsii // Ponyatiinyi apparat v informatsionnom prave / Otv. red. Bachilo I.L., Polyakova T.A., Naumov V.B. – M.: Kanon +, 2017. – 264 s.
10. Informatsionnoe pravo: Uchebnoe posobie / Lapin V.I., Lapina M.A., Revin A.G.; Pod red.: Kilyaskhanov I.Sh. – M.: Zakon i pravo, YuNITI-DANA, 2004. – 335 c.
11. Kostenko N.I. Mezhdunarodnaya informatsionnaya bezopasnost' v ramkakh mezhdunarodnogo prava (metodologiya, teoriya) // Ros. zhurnal pravovykh issledovanii. 2018. T. 5. ¹ 4 (17). – S. 9–16.
12. Kulazhnikov V.V. Normativno-pravovoe i tekhnologicheskoe obespechenie informatsionnoi bezopasnosti KNR // Obrazovanie i pravo. 2019. ¹ 7. S. 24–30.
13. Pliev S.M. Rol' informatsionnoi bor'by na primere kosovskogo pretsedenta // Predstavitel'naya vlast' – KhKhI vek. 2020. ¹ 3 (178). – S. 41–43.
14. Polyakova T.A. Pravovoe obespechenie informatsionnoi bezopasnosti pri postroenii informatsionnogo obshchestva v Rossii: dis. ... d-ra yurid. nauk. – M., 2008. – 424 s.
15. Polyakova T.A. Strategiya natsional'noi bezopasnosti. Aktual'nye pravovye problemy teorii i praktiki obespecheniya informatsionnoi bezopasnosti // Novye vyzovy i ugrozy informatsionnoi bezopasnosti: pravovye problemy / Otv. red. T.A. Polyakova, I.L. Bachilo, V.B. Naumov. Sb. nauch. rabot. – M: Kanon +, ROOI «Reabilitatsiya», 2016 – 320 s.
16. Ryzhov V.B. Informatsionnaya bezopasnost' v gosudarstvakh Evropeiskogo soyuza: k postanovke problemy // Predstavitel'naya vlast' – KhKhI vek. 2018 ¹ 4 (163). – S. 8–12.
17. Berson T., Denning D. Cyber warfare // Taylon & Francis Online Journal. 2011. ¹ 9 (5). – P. 13–15.
18. Manual on the International Law Applicable to Cyber Warfare (2019). Prepared by the International Group of Experts at the Invitation of the NATO Cooperative Cyber Defense Centre of Excellence [Elektronnyi resurs]. – URL: http://csef.ru/media/articles/3990/3990.pdf/ (data obrashcheniya: 21.11.2021).
19. Nicholas T. Cyber Attacks, Self-Defence and the Problem of Attribution // Journal of Conflict and Security Law. 2012. Vol. 17.¹ 2. – R. 12.
20. O’Connell M. Cyber security without cyber war. Journal of Conflict & Security Law. 2012. ¹ 17(2). – P. 187–209.
21. Roberts P. (2012). Leading US banks targeted in DDoS attacks [Elektronnyi resurs]. –URL: http://nakedsecurity.sophos.com/2012/09/27/banks-targeted-ddos-attacks/ (data obrashcheniya: 21.11.2021).
22. Sang-Hun Ch. (2013). Computer networks in South Korea are paralyzed in cyber attacks [Elektronnyi resurs]. –URL: www.nytimes.com/2013/03/21/world/asia/south-korea-computer-network-crashes.html?pagewanted/ (data obrashcheniya 21.11.2021).
Peer Review
Peer reviewers' evaluations remain confidential and are not disclosed to the public. Only external reviews, authorized for publication by the article's author(s), are made public. Typically, these final reviews are conducted after the manuscript's revision. Adhering to our double-blind review policy, the reviewer's identity is kept confidential.
The list of publisher reviewers can be found here.
A review of an article on the topic "Cyber attacks - the illegal use of digital technologies" is the subject of the study. The topic of the peer–reviewed study defines its subject - cyber attacks as the illegal use of digital technologies. The author in his work gives a detailed analysis of information security, which is defined as the state of protection of the national interests of the Russian Federation in the information sphere, consisting of a set of balanced interests of the individual, society and the state, from internal and external threats. The need to write articles on this issue is caused by the current state of cybersecurity in Russian society. The article covers in detail such issues as: modern international law in relation to cyberspace, the assessment of cyber attacks from a legal point of view, certain specific difficulties in combating cyber attacks. • Research methodology. The purpose of the work performed is determined by the subject of the study, while it is not clearly highlighted, although the article is structured and highlights such structural elements as an introduction, modern international law in relation to cyberspace, assessment of cyber attacks from a legal point of view, certain specific difficulties in combating cyber attacks, conclusion. The purpose of the work should be spelled out in the introduction, and the voluminous material presented in the specified structural element should be allocated to a separate research item (for example, the history of cyber attacks as the illegal use of digital technologies). It is also recommended to increase the volume of the conclusion (this can be done by transferring some conclusions from other structural parts to the conclusion). Based on the set goals and objectives, the author has chosen the methodological basis of the study. In particular, the author uses a set of general scientific methods of cognition: analysis, synthesis, analogy, deduction, induction, and others. Thus, the methods of analysis and synthesis made it possible to summarize and share the conclusions of various scientific approaches to the proposed topic, as well as to draw specific conclusions from the materials of law enforcement practice. The most important role was played by special legal methods. In particular, the author actively applied the formal legal method, which made it possible to analyze and interpret the norms of current legislation. The comparative historical method is a research method that allowed us to identify by comparison the general and special in historical phenomena, the stages and trends of their development. The comparative legal method made it possible to compare single-order legal concepts, phenomena, processes and clarify similarities and differences between them. The material of the article is based on a detailed classification of a cyberattack as a case of the use of force or as an armed attack. The complexity of applying traditional norms of international humanitarian law to classify cyber attacks is due to a number of factors. The most important of them is the almost complete inability to properly assess the consequences of a cyberattack and establish the identity or political motives of the harmer. The research of various scientists in this field is presented. The author demonstrates a high level of knowledge in the field under study. Thus, the methodology chosen by the author is fully adequate to the purpose of the study, allows you to study all aspects of the topic in its entirety. Relevance. The relevance of the reviewed study lies in the fact that a comparative analysis of cyberattacks as illegal use of digital technologies has been carried out. The article identifies and reveals the main problems of cybersecurity, and suggests ways to solve emerging problems. The author suggests the development of a whole system of assessments that make it possible to draw a parallel between conventional operations, which can be characterized as the use of force, and the corresponding cyber operations, which correspond to conventional operations in their scale and consequences. The following criteria are proposed: severity (severity of attacks), direct impact (that is, immediate manifestation of consequences), the presence of a causal relationship between a cyberattack and its consequences, aggressiveness (the degree of interference of a cyberattack in the operation of the relevant computer system), the military nature of cyber operations, the degree of state involvement and the absence of a direct prohibition of the relevant attack by international law. However, it should be borne in mind that these factors cannot be considered as formal legal criteria. Recognizing the lack of a regulatory framework for evaluating the concept of "use of force" in cyberspace, these factors could be used in areas where there is uncertainty or inconsistency in legal regulation. Thus, the author's scientific research is interesting for scientific analysis. Scientific novelty. It should be noted that this scientific article reveals a number of interesting aspects, characterized by novelty and originality of ideas. The most important problem that arises in connection with cyber operations and the way they are developed is the technical complexity of identifying intruders and positively identifying a key participant in cyber operations, which thus leads to serious difficulties in solving the attribution problem. This is due to the fact that the process of decoding and identifying the location of the system that led to the attack is lengthy and expensive. Determining the identity and motivation of the perpetrator becomes even more difficult in cases of attacks in which intermediaries are involved, perhaps even unwittingly. In such cases, determining motivation seems difficult, mainly because of the complex architecture and geography of cyberspace. The author believes that the Russian scientific community has yet to develop norms that will prevent, suppress and punish criminal activity in the form of cyber attacks on information systems. But it is already quite clear that such norms will be based on the generally recognized foundations of international law. The article is executed at a high scientific level, contains a number of conclusions of practical interest. Style, structure, content. The subject of the article corresponds to the specialization of the journal "International Law", as it is devoted to the issues of cyber attacks as the illegal use of digital technologies in the international aspect. The entire content of the article is logically interconnected and confirmed by quotations from reputable sources. The quality of the presentation of the study and its results should be recognized as fully positive.. The design of the work generally meets the requirements for this kind of work. No significant violations of these requirements were found. I would especially like to note the correct design of the bibliographic list. Bibliography. The quality of the literature and regulatory sources used is beyond doubt. The author actively used a large amount of literature (Bachilo I.L., Kilyaskhanov I.Sh., Kostenko N.I., Kulazhnikov V.V., Pliev S.M. and others). A large amount of literature in a foreign language has been used, which is an undoubted advantage of the peer-reviewed study. I would like to note the author's use of a large amount of normative material. Thus, the works of the above authors correspond to the research topic, have a sign of sufficiency, and contribute to the disclosure of various aspects of the topic. Appeal to opponents. The author conducted a serious analysis of the current state of the problem under study. All quotations of scientists are accompanied by links and author's comments. That is, the author shows different points of view on the problem and tries to argue for a more correct one in his opinion, as well as formulates his own vision of solving existing problems in the field under study. Conclusions, the interest of the readership. The article is executed at a high scientific level, contains a number of conclusions of practical interest. The conclusions of the work have been consistently proven and are logical, since they were obtained using a generally recognized methodology. The article may be of interest to the readership in terms of the systematic positions of the author regarding cyber attacks as illegal use of digital technologies.
|
© 1998 – 2024 Nota Bene. Publishing Technologies. NB-Media Ltd.
