数据灾难——对主权的新威胁

IF 4.2 1区地球科学 Q1 GEOSCIENCES, MULTIDISCIPLINARY

International journal of disaster risk reduction Pub Date : 2025-05-04 DOI:10.1016/j.ijdrr.2025.105538

Tomer Simon , Ben Haklai

{"title":"数据灾难——对主权的新威胁","authors":"Tomer Simon , Ben Haklai","doi":"10.1016/j.ijdrr.2025.105538","DOIUrl":null,"url":null,"abstract":"<div><div>The 2022 ransomware attacks on Costa Rica had a profound impact on the functioning of its government. From compromised ministries and economic setbacks to a healthcare crisis and the declaration of a state of emergency, the government faced multifaceted challenges. During the last 20 years governments around the world have started to deliver more and more services digitally using the internet and various digital platforms. When considered in tandem with the frequent occurrence of destructive cyber incidents that have caused crippling affect to various public sector organizations, and which increasingly target critical infrastructures and key state resources, an unsettling reality is revealed, one in which nations are becoming extremely vulnerable to hostile cyber incidents and attacks. In this article we introduce and coin a new type of disaster definition, a “data disaster”. A data disaster is the result of a cyber-attack affecting national-level data that can lead to a market failure, the ruling government inability to rule or govern, compromised national sovereignty, and even to social or civil unrest. In this paper we refer to such a situation as ‘Denial-of-Governance’. Given the potential impact of a Data Disaster on a nation's security, stability, and sovereignty, we argue that such a potential event requires a specific and comprehensive legal and institutional framework that would enable and empower the state and its relevant actors to deal with such events effectively and efficiently. We also suggest some possible elements of such a framework, such as clear definitions, criteria, and processes for declaring, managing, and terminating a Data Disaster.</div></div>","PeriodicalId":13915,"journal":{"name":"International journal of disaster risk reduction","volume":"125 ","pages":"Article 105538"},"PeriodicalIF":4.2000,"publicationDate":"2025-05-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Data Disaster – A new threat for sovereignty\",\"authors\":\"Tomer Simon , Ben Haklai\",\"doi\":\"10.1016/j.ijdrr.2025.105538\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The 2022 ransomware attacks on Costa Rica had a profound impact on the functioning of its government. From compromised ministries and economic setbacks to a healthcare crisis and the declaration of a state of emergency, the government faced multifaceted challenges. During the last 20 years governments around the world have started to deliver more and more services digitally using the internet and various digital platforms. When considered in tandem with the frequent occurrence of destructive cyber incidents that have caused crippling affect to various public sector organizations, and which increasingly target critical infrastructures and key state resources, an unsettling reality is revealed, one in which nations are becoming extremely vulnerable to hostile cyber incidents and attacks. In this article we introduce and coin a new type of disaster definition, a “data disaster”. A data disaster is the result of a cyber-attack affecting national-level data that can lead to a market failure, the ruling government inability to rule or govern, compromised national sovereignty, and even to social or civil unrest. In this paper we refer to such a situation as ‘Denial-of-Governance’. Given the potential impact of a Data Disaster on a nation's security, stability, and sovereignty, we argue that such a potential event requires a specific and comprehensive legal and institutional framework that would enable and empower the state and its relevant actors to deal with such events effectively and efficiently. We also suggest some possible elements of such a framework, such as clear definitions, criteria, and processes for declaring, managing, and terminating a Data Disaster.</div></div>\",\"PeriodicalId\":13915,\"journal\":{\"name\":\"International journal of disaster risk reduction\",\"volume\":\"125 \",\"pages\":\"Article 105538\"},\"PeriodicalIF\":4.2000,\"publicationDate\":\"2025-05-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International journal of disaster risk reduction\",\"FirstCategoryId\":\"89\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2212420925003620\",\"RegionNum\":1,\"RegionCategory\":\"地球科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"GEOSCIENCES, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International journal of disaster risk reduction","FirstCategoryId":"89","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2212420925003620","RegionNum":1,"RegionCategory":"地球科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"GEOSCIENCES, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

摘要

2022年哥斯达黎加遭受的勒索软件攻击对其政府的运作产生了深远的影响。从各部委的妥协和经济挫折，到医疗危机和宣布进入紧急状态，政府面临着多方面的挑战。在过去的20年里，世界各地的政府已经开始使用互联网和各种数字平台提供越来越多的数字服务。考虑到频繁发生的破坏性网络事件对各种公共部门组织造成了严重影响，并越来越多地针对关键基础设施和关键国家资源，一个令人不安的现实是，各国正变得非常容易受到敌对网络事件和攻击。在本文中，我们引入并创造了一种新的灾难定义，即“数据灾难”。数据灾难是网络攻击影响国家层面数据的结果，可能导致市场失灵、执政政府无法统治或治理、国家主权受损，甚至社会或内乱。在本文中，我们将这种情况称为“治理拒绝”。鉴于数据灾难对国家安全、稳定和主权的潜在影响，我们认为这种潜在事件需要一个具体而全面的法律和制度框架，使国家及其相关行为者能够有效和高效地处理此类事件。我们还建议了这种框架的一些可能的元素，例如用于声明、管理和终止数据灾难的明确定义、标准和流程。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Data Disaster – A new threat for sovereignty

The 2022 ransomware attacks on Costa Rica had a profound impact on the functioning of its government. From compromised ministries and economic setbacks to a healthcare crisis and the declaration of a state of emergency, the government faced multifaceted challenges. During the last 20 years governments around the world have started to deliver more and more services digitally using the internet and various digital platforms. When considered in tandem with the frequent occurrence of destructive cyber incidents that have caused crippling affect to various public sector organizations, and which increasingly target critical infrastructures and key state resources, an unsettling reality is revealed, one in which nations are becoming extremely vulnerable to hostile cyber incidents and attacks. In this article we introduce and coin a new type of disaster definition, a “data disaster”. A data disaster is the result of a cyber-attack affecting national-level data that can lead to a market failure, the ruling government inability to rule or govern, compromised national sovereignty, and even to social or civil unrest. In this paper we refer to such a situation as ‘Denial-of-Governance’. Given the potential impact of a Data Disaster on a nation's security, stability, and sovereignty, we argue that such a potential event requires a specific and comprehensive legal and institutional framework that would enable and empower the state and its relevant actors to deal with such events effectively and efficiently. We also suggest some possible elements of such a framework, such as clear definitions, criteria, and processes for declaring, managing, and terminating a Data Disaster.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International journal of disaster risk reduction GEOSCIENCES, MULTIDISCIPLINARYMETEOROLOGY-METEOROLOGY & ATMOSPHERIC SCIENCES

CiteScore

8.70

自引率

18.00%

发文量

688

审稿时长

79 days

期刊介绍： The International Journal of Disaster Risk Reduction (IJDRR) is the journal for researchers, policymakers and practitioners across diverse disciplines: earth sciences and their implications; environmental sciences; engineering; urban studies; geography; and the social sciences. IJDRR publishes fundamental and applied research, critical reviews, policy papers and case studies with a particular focus on multi-disciplinary research that aims to reduce the impact of natural, technological, social and intentional disasters. IJDRR stimulates exchange of ideas and knowledge transfer on disaster research, mitigation, adaptation, prevention and risk reduction at all geographical scales: local, national and international. Key topics:- -multifaceted disaster and cascading disasters -the development of disaster risk reduction strategies and techniques -discussion and development of effective warning and educational systems for risk management at all levels -disasters associated with climate change -vulnerability analysis and vulnerability trends -emerging risks -resilience against disasters. The journal particularly encourages papers that approach risk from a multi-disciplinary perspective.