To illustrate how each of the Institute’s three functions would come into play once the organization is fully operational, this case study is built around a fictional global ransomware attack called “WreckWeb.” Based on several real world precedents, this fictional account walks the reader through each of the Institute’s functions from the perspectives of the individuals who would be tasked with leading the Institute’s efforts: assisting vulnerable victims, conducting attack analyses, and sharing their findings.
In order to capture the nature, scale and impact of such a global cyberattack, the report begins by highlighting in particular the consequences of the 2017 “NotPetya” attack and the gaps in the international response. While NotPetya was chosen as one prominent example, similar events take place with increasing frequency each passing year and underline the core mission of the Institute to operate in response to attacks that cause “significant and direct harm on civilians and/or civilian infrastructure.”
Disclaimer: For the purposes of this report, there are presumptions made about how particular individuals and organizations might engage with the work of the CyberPeace Institute. This is purely to illustrate how the Institute would operate, and is not meant to reflect actual commitments or obligations by third parties. The employees and activities of the CyberPeace Institute included in the report are also fictitious, but based on anticipated behaviors. Ultimately, this case study provides exemplary context for how we envision the CyberPeace Institute would partner with others, operate efficiently and effectively, and add unique value to the ecosystem going forward to support a more safe and secure cyberspace.