Master thesis | Crisis and Security Management (MSc)
open access
Freshwater is an essential yet scarce good, that is predicted to only become scarcer because of climate change and growing populations. In addition, freshwater in rivers is often shared between...Show moreFreshwater is an essential yet scarce good, that is predicted to only become scarcer because of climate change and growing populations. In addition, freshwater in rivers is often shared between multiple countries. Despite multiple predictions by scholars and experts, states often do not go to war over freshwater. Instead, most disputes end in the signing of a treaty. However, these treaties are not always fair and do not, actually, always end conflict. In the view of this research, treaties are merely a way in which states fight, without using violence, and should thus be seen as a part of ongoing conflict, rather than the end of it. In addition, despite theoretical predictions, international organisations do not play a large role in the creation of River Basin Organisations and neither do hydrohegemons.Show less
Master thesis | Crisis and Security Management (MSc)
open access
The duration, intensity, and diversity of Distributed-Denial-of-Service (DDoS) attacks are on the rise and due to the advent of the Internet of Things (IoT) will only increase this trend. As the...Show moreThe duration, intensity, and diversity of Distributed-Denial-of-Service (DDoS) attacks are on the rise and due to the advent of the Internet of Things (IoT) will only increase this trend. As the DDoS attacks on the Belastingdienst, the Bunq bank, internet site Tweakers, and internet provider Tweak show, even Dutch teenagers can perform DDoS attacks on vital organisations such as financial and governmental institutions. Therefore, DDoS attacks pose a real treat to Dutch society. Presented in the report of the NCSC (2019), the main issue with DDoS attacks is the lack of resilience measurements. This research approaches the defence against DDoS attacks from a new perspective. It substantiates the choice to start with resilience instead of security and explains the differences between the two notions. The research extends the resilience matrix of Linkov et al. (2013-b) to offer organisations an holistic view to DDoS mitigation. The matrix did not provide measurable elements and was not designed for DDoS attacks. For this reason, this research consists of expert interviews and a literature study to redesign the matrix. The research finds elements in the different domains and phases and suggests new aspects and adjustments to the resilience matrix. By rethinking the resilience matrix, this research suggests measurable aspects, interrelations between the aspects, and outcomes for resilience. It becomes evident that measuring resilience requires more emphasis on the planning and preparation phase, a new legal domain, and on splitting the social domain into an internal and external domain. It also lays out the steps to an overall system resilience and finds that this requires the metrics to involve the interrelationships between the aspects and cells of the matrix, something previous scholars overlooked. In addition, resilience will only be shown during a test or attack. It is up to the organisation to determine in which of the two situations they would prefer to find out. Finally, a resilience measurement will become less valid over time. Therefore, organisations would need to re-evaluate their systems regularly. This study paves the way for future research. Based on the findings, it is evident that scholars should aim to adjust the selection of interviewees, involve scholars with different backgrounds, take interrelationships into account, add measurements on individual aspects, include weights, and append aspects in the legal, internal, and external domains.Show less
Content moderation is about optimizing the equilibrium between two important values: freedom of speech and a safe and secure digital space. The main tasks are defining what is admissible content...Show moreContent moderation is about optimizing the equilibrium between two important values: freedom of speech and a safe and secure digital space. The main tasks are defining what is admissible content and assuring that inadmissible content is not allowed into the digital public space. Commercial digital platforms cannot be expected to carry this responsibility on their own without any incentives or obligations. They have their own commercial goals to serve. Tightened and more precise regulation is necessary. Overfitting the regulation will compromise freedom of speech. Underfitting the regulation will compromise the security of the digital space. An important aspect of assessing this balance is transparency. In this thesis we looked at the historical timeline of drafted regulation and the rise of social media. The three layer-model of cyberspace was used to analyse AI facilitated content moderation. Transparency requirements on each level have been identified and existing and upcoming regulation on content moderation and AI has been assessed to identify gaps. Current regulation on transparency in content moderation lacks clarity, enforcement, and consistency, partly because the E-commerce Directive was drafted before the explosive rise of social media and AI. It is remarkable, however, that the basic requirement for notice and takedown still serves a very relevant purpose. An increased focus of regulation of the technical layer is required with the introduction of artificial intelligence tools in content moderation. Although regulation on artificial intelligence is fragmented and still in an early stage of development, the Digital Services Act and the EU White Paper on Artificial Intelligence include promising measures, such as record keeping and auditing. The overlap and mutual synergy between both regulations should be closely monitored. The last conclusion is on transparency of terminology. Terminology regarding transparency in the world of AI technology, often relates to insight into the technical functioning of algorithms and to the ability to predict the outcome of an artificial intelligence model. In the governance world, transparency is linked to accountability and clarity. This gap between the world of artificial intelligence technology and the world of governance will need extra attention when drafting further regulation on AI. There is a need for common terminology.Show less
Many have expressed their concerns of the increase and severity of ransomware attacks targeting the healthcare sector, in particular hospitals, during the corona-era. A combination of the...Show moreMany have expressed their concerns of the increase and severity of ransomware attacks targeting the healthcare sector, in particular hospitals, during the corona-era. A combination of the healthcare sector's reliance on its systems and the often urgent need to access (medical) data means that some cybercriminals have identified the healthcare sector as a suitable target. Some even claimed that the pandemic has cause a change in the modus operandi of offenders deploying ransomware. This qualitative research examines to what extent the COVID-19 pandemic truly changed the modus operandi of offenders who committed a ransomware attack targeting the healthcare sector. More specifically, it investigates how a ransomware attack was carried out at the healthcare sector during the pandemic through conducting a crime script analysis. Subsequently, it investigates whether this differs from the situation before the COVID-19 pandemic. The results of this study indicate that the modus operandi changed just a slightly bit from the situation before the COVID-19 pandemic, but no significant changes were identified. This indicates that we must be critical about most of the claims stating that COVID-19 has caused a serious change in ransomware attacks on the healthcare sector opening up new opportunities to avoid moral panic.Show less