Executive Summary

Posted: January 4th, 2023

Student’s Name

Tutor’s Name

Course Title

Date

Executive Summary

The research pays particular attention to the problem of cyber warfare, which appears to have adverse effects on different areas of life. The study provides a clear view on the meaning of cyber warfare, and shows how the heinous act target vulnerable computer systems exposing them to threat and malfunction. So far, various countries have experienced cases of cyber warfare, including the U.S., the UK, and Qatar among others. Individual states have come up with a number of regulations to contain cases of cyber warfare, and each country embrace measures and guidelines that they find suitable. Qatar is among the countries that acknowledge the importance of developing regulations and programs that combat cyber warfare after the country became a victim of cyber attack in 2017. The nation through its leadership employs a number of initiatives, including the use of cyber diplomacy, laws, and other establishments committed to prepare and protect the country against violations. The study describes how various countries including Qatar continue to take appropriate measures towards dealing with cyber warfare because such attacks affect various areas of life, such as infringement on state security, destruction of national infrastructure, interference with public information, and destabilizing social well-being. The analysis gives an elaborate description on how the Qatari government places mechanisms to understand the origin of the threat, and the state expects to meet several challenges while trying to equip the country with some of the most developed defensive mechanisms. Qatar has plans to combat online threats at a time that the country will be hosting the 2022 FIFA World Cup that people from all parts of the globe are likely to gather. The report shows that other than the application of regulations and frameworks at the national level, countries can gain valuable insight into ways of containing cyber warfare by adhering to the international directives that have global effect. The study describes some international guidelines such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the ClarifyingLawful Overseas Use of Data Act (CLOUD Act), and the Convention on Cybercrime of the Council of Europe (the Budapest Convention). All these initiatives to prevent online attacks illustrate how cyber warfare is a matter of global interest, which requires quick and proactive intervention to create a safer cyberspace for future generations. Overall, the report insinuates that it is possible to prepare the country and the world for cyber warfare, and to contain emerging issues, but through proper development and implementation of laws and various mitigating initiatives.

Cyber Warfare and International Law

Criminal offenses and war have always happened in the physical world, but the change of conflicts to electronic avenues has brought about new aspects that were previously unknown in the physical world. The report explores how cyber warfare is increasingly becoming an international threat with more nations fearing that they may become victims of a cyber attack that would affect important infrastructures. Many countries have structures and policies to counter cyber warfare because of the growing indulgence with cyberspace, but the report shows how it is important to rely on the international law, such as the United Nations Charter that provides eminent directives. Countries should align their strategies to combat cyber warfare with the principles of the UN Charter to achieve more peaceful coexistence, protect international rights, and to create a scenario where countries do not attack each other via online systems. Countries should also comply with the directives of the GDPR, CCPA, the Budapest Convention, and the CLOUD Act that take effect globally. Using both the local and international laws and policies increases the likelihood of combating cyber warfare that does not only tamper with the critical infrastructure, but also social networks, state security, public information, and social wellbeing. Qatar is an example of a country that puts several measures to prepare and prevent the country against any form of violation that could jeopardize the state’s operations as well as business and individual activities over the internet. The country has developed several guidelines and frameworks, including the formation of Q-CERT, the Information Security Center support, the Cyber Crimes Investigation Center, the NCSS, and the Government Network. Qatar also enacts laws such as Cybercrime Prevention Law no. 14 of 2014 and Decree Law No. 16 of 2010 that outlined the fines for violations, including unpermitted access to online content. Qatar is keen on how it identifies the sources of the threat, and pays particular attention to hacktivists, advanced persistent threats, cybercrime syndicates, and malicious insiders. The attempts by Qatar and other countries to contain cyber warfare illustrates how the threat receives overwhelming concern from state agencies, businesses, and individuals who want to guard themselves and their fundamental assets.

Background Information

With more and more people linked to the internet today, and the amount of connected apparatus and systems to surpass 50 billion by 2020, the IoT (Internet of Things) marks a significant shift in a digital world that have the capacity to impact each person and business. The IoT will always depend on smart devices with inbuilt sensors and cloud computing, and will also rely on other multiple applications to support the operations (EY 1). The main concern is that the effective integrated systems and environments required to handle the connected technology is not available, and cloud computing requires considerable advancements, particularly in security issues. The IoT serves as a the medium for of communication for people – and because human interaction is aided by machines and takes place more indirectly, there is a deeply rooted concern with the possibilities of identity theft, impersonation, hacking, and, in general, cyber warfare (EY 1). In Qatar, the internet has linked people with others around the globe in ways that many could not imagine decades ago, lowering hindrances to communication and encouraging cooperation in all aspects of professional and personal lives. Cyberspace has increasingly become a vital and dynamic part of the Qatari society, facilitating economic expansion and innovation and impact on the lives of everyone in many ways, and will continue to build and change people even more effectively in future (Ministry of Transport and Communications 1). Nonetheless, the great benefits come with some risks to the very technology and infrastructure that facilitates the ability of people to utilize the internet securely and safely. Cyberspace, with its unrestricted borders, offers those who would do harm with many opportunities to disrupt the activities of individuals and businesses (Ministry of Transport and Communications 1). Luckily, Qatar does not have to deal with the concern alone. However, in this period of escalating, and increasingly fatal attacks, cyber violations of all forms, keeping the national networks and the people safe and secure is one of the major global concerns facing all countries.

Describing Cyber Warfare

Cyber warfare refers to the utilization of technology to attack other countries, causing similar effects to that of real war. So much debate still continues among various groups and experts regarding the meaning of cyber warfare, and whether such type of conflict really exists (Robinson, Jones and Janicke 71). Cyber warfare could tamper with the operations of air defense through the use of computers to carry out an air attack (Robinson, Jones and Janicke 70). Cyber warfare entails the activities by any international body to attack and try to create harm to the infrastructure, information system or computers of another country. The attack could be through denial-of-services (DOS) invasion or computer viruses that cause malfunction (Robinson, Jones and Janicke 70). The attack could be in the form of espionage where a secretive group or body spies on another with the motive of acquiring particular information. Sabotage is another form of cyber warfare, which entails compromising vulnerable systems and could result in disruption of the entire system or equipment. Sabotage, for example, could tamper with military systems that are in charge of issuing commands and facilitating communication. Cyber warfare could also entail the utilization or affecting in a war space or battle space in the background of computer systems, networks, and online control systems (IoTs) (Robinson, Jones and Janicke 71). Cyber warfare could include both distrustful and aggressive activities relating to the adverse effects of collateral damage, espionage, and cyber attacks. The use of computer systems to cause infringement causes nations and security experts to consider alternative ways of handling the threats that are increasingly becoming global.

Governments are increasingly acknowledging that modern societies are so dependent on computer systems to perform their operations ranging from transportation to financial operations. Various countries are strengthening laws on cyber warfare to avoid such attacks that can be initiated from a considerable distance. Such laws and policies aim at protecting major institutions such as government institutions, banks, and multinational corporations. India, for example, created the ICERT (Indian Computer Emergency Response Team) in mid-2004 to avert cyber attackers from violating the computer systems in the country. Qatar, through the Minister of Information and Communications Technology that now operates as the Ministry of Transport and Communications, continues to develop policies to secure the country’s cyberspace and to increase security efforts to tackle cyber-related threats at the global level. The Prime Minister formed the National Cyber Security Committee in 2013 to look into possible threats and develop suggestions for mitigation. The Ministry had championed the establishment of the Qatar Computer Emergency Response Team in 2005 when it partnered with a U.S.-based university (Carnegie Mellon University). Dr. Hessa Al-Jaber, the Minister of Information and Communications Technology in Qatar, steered the formation of the National Cyber Security Strategy to protect the country’s critical information and communication technology (ICT) infrastructure, react to and recover from cyber threats and attacks, and to create a suitable legal structure and guidelines to form a secure and reliable cyberspace (Qatar National Cyber Security Strategy 1). Many other countries all over the world are continually developing regulations and frameworks that counter cyber attacks with the common objective of cultivating a culture of cyber safety that encourages secure and suitable utilization of cyberspace, and enhancing their national cyber security competencies.

The world has experienced several instances of cyber warfare in the recent past, which show such attacks are real and could happen without much care and preventive measures. The Director of the Government Communications Headquarters (Iain Lobban) drew national attention when he announced in 2010 that the UK was at a considerable risk of cyber warfare by hostile countries. The Titan Rain is another example of large scale cyber warfare to have occurred in the recent past. The attack comprised of a series of cyber activities that tampered with several state agencies within the UK and the U.S. governments (Cyber Operations Tracker). Chinese state actors are suspected for violating the confidential systems and networks of UK’s foreign and defense ministries and of the United States Department of State, Department of Energy, and Homeland Security. The espionage was made public in 2005 but U.S officials said that the practice must have started in 2003 (Cyber Operations Tracker). Investigators in the UK reported that the violation persisted as late as mid-2007. The first attempt of state-orchestrated cyber warfare from the Chinese that became public instigated a decade-long attempt by the American government to lower the scope and magnitude of China’s cyber activities against American targets. The chart below offers a preview of the countries with the highest numbers of spamming bots with China and India leading several other nations with more than two million cases each. The information may be particularly helpful to governments, businesses and individuals who frequently conduct online activities with such countries;

Zaharia

The Qatari government suspected a case of warfare when experts linked an attack against the Qatar News Agency to the United States Emirates (UAE) (Younes). The Ministry of Interior on Qatar while working with a team of FBI officers from the U.S. discovered that the attacks that commenced in April 19, 2017 was organized well and the UAE government must have played a role in propagating the cyber warfare (Younes). Qatar learned of the origin of the attack after IT experts managed to trace particular IP addresses to the UAE in the hour preceding the posting of the falsified content (Qatar-America Institute). The main motive of the attack was to create and post untrue reports, which were aimed at tarnishing the Emir’s reputation (Younes). False quotes from High Highness Sheikh Tamim bin Hamad al-Thani and Qatari Minister of Foreign Affairs (Mohammed bin Abdulrahman bin Jassim al-Thani) were publicized on the hacked Qatar News Agency’s website and Twitter account (Qatar-America Institute). The fabricated information was posted on Wednesday, May 24, 2017 at 12:13 am. Soon after the news was posted, it became a major concern in two other Gulf Cooperation Council (GCC) countries. More than 20 prominent politicians and senior persons were readily available between 1 am and 5 am Qatari time to discuss the misleading news and criticize the Qatari leadership on live TV in the two nations (Qatar-America Institute). Within 45 minutes of publicizing the manipulated quotes, the Qatari government informed the media broadcasters at the regional level that the information is false and termed the act a cyber attack (Gulf Times). The intervention by the Qatari government did not stop media groups in the two other GCC nations from continuing with broadcasting the misleading content. The incidence caused harsher effects about a week and a half later when several GCC nations started to dampen their diplomatic ties with Qatar (Qatar-America Institute). Some Arabic nations restricted Qatari flights from entering their airspace and some even closed their borders with Qatar, which affected trading activities. The situation that came to be referred to as the Blockade of Qatar, included nations such as the Kingdom of Saudi Arabia (KSA), UAE, the Maldives, some section of Yemen, Egypt, the Comoros, Djibouti, Mauritania, Bahrain, and Senegal all which placed severed their diplomatic ties with Qatar. Only Kuwait and Oman seem to seclude their selves from the geopolitical issues surrounding Qatar, and believe that the Qatari government was a victim of a cyber attack. Such occurrences indicate that cyber warfare is a global phenomenon that warrants the attention of all countries to develop more effective regulations and policies towards preventing more destruction and threat.

The Qatar invasion and the subsequent blockade could be attributed to the low number of cyber security experts located in the country. Morten describes how until 2016, it was a general perception of leaders in the GCC that cyber security was neither a major concern nor a strategic priority, and instead termed an additional cost. The consensus affected Qatar that invested in few cybersecurity professionals, thereby exposing the country to considerable invasion such as the one witnessed in 2017. Globally, America is the leading in terms of cyber security experts with more than 1,100,000 specialists spread across the different states, followed by India and China that have more than 780,000 and 500,000 specialists respectively (Morten). The Kingdom of Saudi Arabia leads in the Middle East with 45,700 specialists followed by Kuwait (Morten). Qatar comes second-last in the GCC in terms of cyber security professions with 6500 experts compared to Oman’s 5200 (Morten). The two charts below offer more insight into the spread of cyber security professionals at the global and GCC levels;

Morten

Morten

Initiatives by Qatar to Combat Cyber Warfare – Cyber Diplomacy

ICT systems offer the Qatari government, businesses, not-for-profit organizations, and individuals with reach to the knowledge and information required to change Qatar into a more developed nation by 2030. The sectors that rely on ICT, include but are not limited to healthcare, government, water, electricity, energy, and finance, and are speedily embracing the most advanced digital applications (Ministry of Transport and Communication). Doing so makes it possible to offer services of higher quality, and creates the opportunity to achieve efficiency and effectiveness while interacting with stakeholders in Qatar and around the globe (Ministry of Transport and Communication). The government and other stakeholders are confident these technologies will enable Qatar to maintain economic advancement and development, offer an elevated standard of living for coming generations, form essential employment chances, and foster entrepreneurship and innovation. Qatar’s substantial investment in technology has placed the nation as a regional leader, and today the country ranks position 23 among the 148 nations in the Networked Readiness Index released by the World Economic Forum in 2014 (Ministry of Transport and Communication). Internet usage and penetration is also above the globe’s average. Guaranteeing the security and safety of broadband users, therefore, remains a paramount concern to broaden broadband usage and infiltration, and ultimately, strengthening confidence in online operations (Ministry of Transport and Communication). The great investment Qatar places in ICT would not want to expose its infrastructure to cyber security threats, and various groups work together to develop plans, regulations, and programs would safeguard interne t users and the state from online attacks.

The use of information and communications technology (ICT) in Qatar as an avenue for innovation and growth requires the country to build its security and resilience in cyberspace to continue witnessing the growth and success. Therefore, the country is working to develop comprehensive national strategies with the objective of dealing with the current and emerging risks and threats. The country established the Qatar established the National Cyber Security Committee in 2013 to offer framework for collaboratively dealing with cyber security at the highest point of the state. The Committee formulated the Qatar’s National Cyber Security Strategy (NCSS) to serve as a guide moving forward to elevate cyber security in the country (Ministry of Transport and Communications 1). The NCSS relies on the good leadership and other cyber security developments, awareness initiatives, and measures that would develop an effective protective plan in the long-run. The NCSS is committed to understand the threats and challenges Qatar faces, by looking into the behaviors and patterns of malicious attackers, as well as assessing the impact of a shortage of IT experts with adequate cyber security information and lack of appropriate local technicians of cyber security issues (Ministry of Transport and Communications 1). The Committee and the NCSS develop the basic structures for combating online attacks that may occur in the country. Nonetheless, effective governance is needed to execute and manage implementation of the NCSS, and the country has proceeded to form the Cyber Security Coordination Office, which will give details to the Prime Minister, and be the center stage of cyber security activities across the country (Ministry of Transport and Communications 1). The Cyber Security Coordination Office will play essential functions, including creating priorities to encourage the highest form of cyber security in the country, offering strategic guidelines for the country’s cyber security initiatives, and working in close ties with institutions with cyber security objectives and responsibilities and achieve the goals of the NCSS.  

Apart from the formation of the Qatar Computer Emergency Response Team, the National Cyber Security Committee in 2013, and the National Cyber Security Strategy, Qatar continues to embrace more diversified means of dealing with cyber warfare. Similar to the fierce uproar regarding external interference in the 2016 American presidential election, the cyber warfare in Qatar not only put the country in at the heart of cybersecurity discussions concerning technology and other important aspects such as policy and security management (Ayad and Shlrzal). The Gulf crisis also set a worldwide visible precedent for Qatar’s capacity to appropriately handle or prevent such a violation.

By taking the incident as an opportunity, Doha has created a virtue of urgency. Qatar has since enhanced its cyber diplomacy initiatives. In particular, by not only focusing on cyber warfare and cyber defense, Doha has also formulated a chance for multilateral conversations on how cyber tranquility and cyber morals will have to be sustained and handled in the future (Ayad and Shlrzal). Qatar had established substantial investments in formulating an environment to develop ideas for protecting cyberspace long before the Gulf crisis (Ayad and Shlrzal). Enhancing its digital capacity, improving its capabilities, and creating transnational corporations have been essential aspects of the nation’s cybersecurity plan from the beginning. Qatar is increasingly becoming mindful of the importance for sufficient preparedness against online infringements. The formation of National Cyber Security Strategy in 2014 came as a milestone at a time when the country seeks to safeguard its population and networks (Ayad and Shlrzal). Nonetheless, the formation of the Qatar Computer Emergency Response Team (Q-CERT), which is officially tasked with the duty of identifying and preventing cyberattacks against the state and other important sectors provided more avenues to curb cyber warfare (Ayad and Shlrzal). Q-CERT adheres to the directives of the Banking Supervision Rules that were formed by the Central Bank of Qatar (CBQ) to secure Qatar’s financial establishments against any nature of online contravention. In addition, the creation of the Cybersecurity Coordination Office and the Cyber Crimes Investigation Center means that Qatar is dedicated to achieve long-term solutions (Ayad and Shlrzal). The Qatari Ministry of Transport and Telecommunications is in the front position in encouraging cyber international relations by scheduling and carrying out annual practices that bring in one place private and public entities in a series of enlightening and practical ways, creating alertness and preparedness on how to deal with and avert cyber attacks.

Qatar served as the venue for the second convention dubbed the Global Security Forum that was conducted at the beginning of October 2019. The convention that was prepared by the Soufan Center, which is a security-oriented strategy group in New York brought together experts and state officials from more than fifty nations to take part in various sessions, creating more awareness on the security concerns created by the emergence and proliferation of contemporary information warfare in modern’s digitally interrelated communities and societies (Ayad and Shlrzal). The meeting provided valuable insight into ways of dealing with cyber warfare that still guide the country up to today.

Qatar has recognized the significance of education, exploration, and use of scientific approaches in advancing mechanisms on cyber security, and continues to reinforce its position as a center for comprehensive cyber threat competence. Centers of higher learning in Qatar such as the Hamad Bin Khalifa University (HBKU) among other prominent institutions all offer essential and advanced courses and studies on how to manage cyber warfare and computer use. HBKU’s Qatar Computing Research Institute is also devoted to doing research and development (R&D) with the purpose of dealing with the national and worldwide cyber security distress (Ayad and Shlrzal). Researchers, students, and local and international experts work together at HBKU’s QCRI with the objective of coming up with proper solutions (Ayad and Shlrzal). QCRI has partnered with international affiliates, including various institutions of higher learning to build up on the Tanbih project that gives valuable media literacy and aspirations to control the communal repercussions of misleading news by offering a virtual news apparatus that recognizes misinformation, prejudice, and favors in media reporting (Ayad and Shlrzal). Elsewhere, the Qatar Center for Artificial Intelligence works together with worldwide institutions, such as Boeing and MIT to recognize appropriate answers to technology restraints, such as cyber warfare.

In a convention held in Doha Qatar, more than one hundred and thirty technicians surveyors, and students of different backgrounds participated in a global cybersecurity event in 2019 to discuss pertinent issues. The people attending the global occasion discussed ways of introducing remedies to constraints in major operational areas that are likely to expose internet users to inappropriate threat and violation (Ayad and Shlrzal). The incident came up with ways of how players in the academia and private sectors, both globally and locally can identify solutions to the most disturbing concerns governments encounter in the field of cybersecurity, and how such programs could be copied elsewhere in the world.

Cross-border initiatives have also served a fundamental function in enhancing cyber diplomacy as affiliate countries share information, and help each other at a time of crisis. Following the infringement that caused a crisis in the Gulf, the Qatari government created several mutual relations to advance its cybersecurity inventiveness and distribute information all over the world (Ayad and Shlrzal). For example, a combined scheme that was introduced by a Turkish and Qatari research institutions that began in 2017 seeks to develop ground-breaking concerns to prevalent cybersecurity threats (Ayad and Shlrzal). Qatar hopes that the cross-border initiatives will yield the highly anticipated results.

In the emergence of the cyberattack that caused an unexpected Qatar blockade in 2017, Qatar has relentlessly worked to present itself as leader in the use of diplomatic ties to deal with the challenge. While there cannot be any uncertainties of the economic impediment in the GCC nation, Qatar’s outstandingly considerate cyber international relations and response may certainly have enhanced extra transnational partnership with some of the principal large-scale institutions that are vital to the influential discussions on cybersecurity (Ayad and Shlrzal). Having placed itself at the front position on this matter, and with a broadening digitized and intricate cyberspace, that today poses much risk to all nations, it is imaginable that a leadership place in cybersecurity-related matters may as well turn out to be one of the most effective soft power plans that Qatar is yet to fully explore.

Cybercrime Prevention Law no. 14 of 2014

The Cybercrime Prevention Law no. 14 of 2014 is the law that controls and penalizes criminal activities relating to hacking of information websites and networks, information programs, and information systems. Qatar today has a high capacity of internet connection, with at least 96% of the households linked to the internet as of 2014, based on the findings by the United Nations Broadband Commission. The elevated internet connectivity means that Qatar maintains its place as the second among the 135 developing states in terms of internet connectivity. Qatar continues to experience a surge in legitimate digital solutions and content services, not only from companies that started to deal with IT solutions many years ago, but also from inventive start-ups, both working to develop suitable mitigation measures. The Qatari government introduced a cybercrime prevention law (No.14 of 2014) on September 16, 2014 with the objective of heightening the tools for dealing with cyber and online crimes. The law places numerous sanctions and describes some penalties for violations carried through online platforms, computers, IT networks and other related infringements. The law is committed to protect the nation’s technological infrastructure and fortifying cybersecurity within the country. The law became effective upon its creation, but was later included in the Official Gazette to adhere to the legal formalities. Some parties opposed the law during its drafting arguing that some part of the law violated freedom of speech reach to media, but despite the criticism, Qatar went ahead to enforce the legislation.

The Cybercrime Prevention Law no. (14) of 2014 contains some key provisions that would help to contain cyber warfare. The rule sets a 10 year imprisonment and a fine not above 200,000 Qatari Riyal for interfering with any authorized electronic documents, or the violator goes behind bars for at least three years. A violator based on requirements of Cybercrime Prevention Law no. (14) of 2014  would have to pay an utmost penalty of  100,000 Qatari Riyal if they interfere with an informal electronic document. Similar consequences await those who pretend to be other individuals, or participate in identity theft or engage in fraudulent acts through online platforms. The law forbids content crimes that forbids the publication of misleading or untruthful news, but the strict terms for this violation are not clearly defined, making it unclear what information would put social media users and local journalists and reporters in legal problem. Therefore, journalists, social media users, and news agencies must be keen to authenticate the origin of the news or information before releasing it to the public with the aim of protecting the law. The law sets a jail term not greater than three years and a fine not beyond 200,000 Qatari Riyal for unwarranted possession or exploitation of an electronic card, such as a credit card or an ATM, or for tampering with electronic cards or using account numbers for improper reasons. A violator based on the regulation would have to stay behind bars for approximately three years or pay a fine of about 500,000 Qatari Riyal for interfering with intellectual property rights, such as trademarks, business logos, patents, and copyrights. Qatar is dedicated to implementing every aspect of the Cybercrime Prevention Law no. (14) of 2014 because the Price Waterhouse Cooper exposed through the Global Economic Crime Survey that it conducted in 2014 that cyber-related offenses are the second most widespread forms of monetary violations taking place in the GCC countries. As such the businesses functioning within the region are at a significantly high threat. Despite the dissatisfaction generated about the cybercrime law when it was in the early development phases, it is clear that Qatar together with the United Arab Emirates (UAE) has taken the leading positions in matters concerning cybercrime and has put in place directives and jail terms for individuals and groups that go against the law.

The Qatar Computer Emergency Response Team

The creation of the The Qatar Computer Emergency Response Team in 2006 by the Supreme Council of Information & Communication Technology (ictQATAR) and CERT Coordination Center (CERT/CC) came as a milestone in preparing for internet security threats. The partnership between the two leading IT agencies in Qatar was the first ever coordination center and emergency response team to be erected in the Middle East. Q-CERT entered into a deal with the Escal Institute of Advanced Technologies also called the SANS Institute, which is a privately-managed American for-profit firm focused on IT security and cyber security training to offer courses across Qatar in cybercrime security for IT experts working for the state. Q-CERT held the first-ever cyber drill in the Gulf Cooperation Council that engaged internet security experts from five GCC nations. The event showed that Q-CERT has the ability to protect Qatar against any form of violation emanating from online sources. Q-CERT’s primary objectives are to come up with cybercrime privacy regulations and laws and enlighten the public on their public awareness, promote confidentiality and integrity of data, and help public and private stakeholders in handling vulnerabilities against Qatar’s IT infrastructure (Q-CERT). The other major objectives of Q-CERT are to offer guided and proactive guidance for handling ICT security in the society, and to create awareness of cybersecurity and cybercrime in public and private institutions. The public awareness particularly benefit social media users who are unsusceptible of the threats they are likely to face and parents who acquire essential tips on how to safeguard their children.

Social networking has changes the way people interact with each other, exchanging information and taking part in activities that explore the interests of others. Since social interactive avenues are fed with a lot of personal content and there have been escalating concern with individuals providing a lot of their private information, which offers cyber offenders the chance to lure unsuspecting online users, it is vital to take measures at the individual level that would prevent attacks. The Qatar Computer Emergency Response Team (Q-CERT) urges Qatari citizens to try and acquire tips of staying safe when making friends online from the National Information Security Center, which gives a wide range of information about security-related issues (Q-CERT). Q-CERT calls on Qatari citizens to be aware of pretenders and to be vigilant every time they use online platforms. The site informs Qatari citizens to know that possible exploiters can pretend to be someone else with a different background and age and convince an online user to accept them as a friend (Q-CERT). Q-CERT encourages Qatari citizens to know the importance of avoiding posting personal information, such as home or work address or phone number on social media profiles or other avenues that are likely to attract violators. The increased sensitization on the need to watch out for possible cases of cyber warfare has informed Qatari citizens the importance of being careful when positing image and text as they can easily be copied out by potential exploiters because in some situations the images or the text can be used to commit identity theft (Q-CERT). Q-CERT calls on all nationals to be cautious while posting their photos because exploiters can use them to threaten or blackmail the owners. It is encouraging that many online users in Qatar also try to avoid posting pictures that expose their location, or other confidential information that violators can use to commit a crime. Also, Q-CERT cautions Qatari citizens to be vigilant with how they share their passwords with others, especially those who are unknown to them (Q-CERT). The increased use of social media platforms and the awareness that such avenues present possible threats of attacks encourages people to only add friends to the personal site if they know them in person. Q-CERT also reminds social media users to be keen on who they add as friends because people may not be who they claim they are, a situation which could cause potential harm. The massive education Q-CERT conducts that sensitive individual internet users contribute towards combating cyber warfare at the national and internal levels because improper acquisition of the personal information of a single of few people can cause substantial damage on national security infrastructure and social well-being.

Q-CERT provides additional information to the public and private entities that could help to manage the issue of cyber warfare that is increasingly becoming a menace in most of the countries in the Middle East. The establishment sensitizes online users on the benefits of practicing password hygiene, which entails developing and using complex passwords rather than using simple formulations like “1234” or “ABCD” that hackers can simply guess, or which cannot safeguard users against phishing (Q-CERT). Q-CERT sensitizes regular internet users about the merits of subscribing to suitable anti-virus software and keeping the system updated with scheduled and automated scans. A fundamental practice by Q-CERT that continues to safeguard individuals, organizations, and the state against cyber attacks is the relentless cautioning against phishing infringements (Q-CERT). Such sensitization creates awareness on the importance of being careful when opening file attachments sent through email or other electronic avenues. All these sensitization initiatives help to contain cyber violations at the individual, national, and global levels.

Qatar’s Preparations towards the World Cup

Qatar is set to become the initial country in the Middle East to host the highly coveted FIFA World Cup in 2022. The new Lusail Iconic Stadium with a capacity of 80,000 spectators is ready and all eyes are on Qatar to see how it would handle the whole affair (Huxley). Looking forward to hosting the international event, the Middle East has come under growing scrutiny over the state of its security and technical infrastructure (Huxley). To today, the Middle East, like most developed regions, is more susceptible to cyber attacks considering its digitally interrelated nations and high rate of using smartphone.

Other Suitable Intervention Mechanisms

Qatar would not want to lose its valuable assets and infrastructure to cyber attacks, and it is the reason why the relevant agencies continue to develop suitable intervening measures.  The formation of the National ICS Security Standard and the National Information Assurance Policy offer essential guidelines on security practices and controls to safeguard the cyberspace and to enhance internet security (Ministry of Transport and Communication). Furthermore, Qatar formulated the Anti-Spam Guidelines in 2013 as part of the National Information Assurance Framework to lower the effects of unsolicited e-messages on individual users or entities (Ministry of Transport and Communication). The other initiative surrounds the formation of the Banking Supervision Rules by the Qatar Central Bank (QCB), which helps to identify the cyber security measures and guidelines that financial institutions must adhere to, such as reporting incidences of computer or online attacks to the Qatar Computer Emergency Response Team (Q-CERT) and the Central Bank (Ministry of Transport and Communication). The other initiative revolves around the formation of the Information Risk Expert Committees (IREC), which regulates operations in the government, energy, and finance sectors. The initiative was formed through a public-private collaboration to handle a variety of cyber security concerns, such as mitigation plans, preparedness operations, repercussions, vulnerabilities, and threats (Ministry of Transport and Communication). Furthermore, the IREC play the fundamental role of facilitating the exchange of information within all sectors and with other affiliates to improve the resilience of the CII. Other Law no. 14, Qatar has made considerable advancement in creating a domestic legal structure that offers a national administration for governing cyber security, combating cyber crime, protecting the privacy rights of individuals, and promoting the resilience of CII (Ministry of Transport and Communication). For example, the institution of the Decree Law no. 16 of 2010 created penalties for violations, including inappropriate access and use of information systems, unlawful disruption of an information system, intercepting confidential information, and identity theft (Ministry of Transport and Communication). The initiatives set up by the Qatari together with others play essential functions in regulating cases of online attacks, which are a major concern in the GCC country and beyond.

Qatar continues to apply other mechanisms with the objective of strengthening its protection against cyber warfare. The country held its first nationwide cyber practice for important sectors, such as energy networks and facilities, banking, transportation, and the government to improve these agencies’ capacity to recognize and deal with cyber attacks and threats (Ministry of Transport and Communication). The attempts by the Qatari government to sensitize internet users through the Cyber Safety Education and Awareness initiative continue to offer essential tips on how to combat online attacks and to enhance cyber security detection and prevention (Ministry of Transport and Communication). The country is committed to preventing any form of infringement, which is apparent through the formation of appropriate digital forensics platforms, improving its capacity to investigate cyber-related crimes. The initiatives to investigate cyber crime received a major boost with the formation of the Information Security Center and the Cyber Crimes Investigation Center that work tirelessly to protect the general public and hunt violators who utilize advanced technologies to propagate their criminal operations (Ministry of Transport and Communication). Also, the government has formulated robust global ties and is a dynamic member in international attempts to structure international guidelines and frameworks on cyber security, including taking active roles in the Meridian Process and the International Telecommunication Union (Ministry of Transport and Communication). The stakeholders are optimistic the plans and initiatives will be helpful in regulating online violations that are increasingly causing harm on different groups.  

The Qatari government continues to actively invest in people, creating processes and regulations, and executing technology to elevate cyber security for state entities, individuals, and businesses. Additional efforts, nonetheless, are required to achieve the future requirements as reliance on ICT widens and new threats appear (Ministry of Transport and Communication). The initiatives to the present time have mainly been rolled out from the bottom up. Consequently, matters of cyber security are neither executed nor institutionalized at the various institutions, businesses, or state agencies nor at the national level (Ministry of Transport and Communication). The ability of the Qatari leadership to institute regulations and encourage the use of cyber security most appropriate has been restrained making it hard to deal with cyber crime and assist entities suppress and safeguard against any form of online attacks (Ministry of Transport and Communication). Whereas businesses are starting to acknowledge the threats in cyberspace and take measures to advance cyber security, many adhere to independent guidelines and cannot achieve the correct technologies and competence to implement the suitable cyber security best initiatives. Although individual users can reach information about the threats they are likely to experience while using online platforms, users need more help to maintain the nature of their systems and to safeguard their personal data (Ministry of Transport and Communication). The initiatives set by Qatar certainly offer a stable foundation for the coming years, but various stakeholders, including individuals, agencies, and government institutions must work as a team to improve cyber security in the country. Working as a team will help to create and sustain a safe cyberspace that protects the national interests and preserves the essential values and rights of the Qatari society (Ministry of Transport and Communication). Hopefully, suitable and adequate intervention will help to protect the country’s CII, react to, deal with, and recover from cyber attacks and violations through sharing of certain information, and to create a regulatory and legal structure to facilitate the formation of a vibrant and safe cyberspace. Furthermore, working hard to enact all the plans and directives will create and foster national cyber security preparedness and capabilities, and will establish a culture of cyber security that encourages safe and suitable utilization of cyberspace (Ministry of Transport and Communication). Collectively, these goals offer the basis for protecting the country and its people against cyber threats, and make it possible to take a proactive approach to dealing with cyber security (Ministry of Transport and Communication). Also, the plans will make it easier to detect, respond, and recover from challenges and threats through a process of reactive cyber security initiatives.

The government of Qatar understands that appropriate cyber risk management is essential to make sure that the country continues to identify and safeguard systems that encourage the delivery of vital services and capabilities. The state, critical sector organizations and other institutions must embrace security controls and enact measures to evade the possible risks to important assets, networks, and systems to the well-being of Qatar, its security and prosperity (Ministry of Transport and Communication). Qatar as part of developing a suitable cyber risk management plan tries to build its capacity to gather and assess cyber security incidents, alerts, and threats (Ministry of Transport and Communication). The Government Network, which is a structure for government agencies to link over a safe communication avenue, thus promoting increased government sharing and elevated security for electronic operations, facilitates the gathering and analyzing of cyber security information (Ministry of Transport and Communication). The country has adequate plans to use complex data analytics correlate the information, and recognize trends linked to security needs compliance and cyber threat activities over the internet or a particular network (Ministry of Transport and Communication). The relentless assessment of vital networks will provide the chance for Qatar to in real time the risks to network systems, detect threats, and take immediate measures to handle the repercussions. The numerous attempts by Qatar to protect the state and its people from online attack demonstrate that the country knows the importance of preventing cyber warfare that may cause both short and long-term adversities.

The New Structure

Qatar has formulated a new plan to strengthening its cyber security with the objective of safeguarding the interrelated ICT services and products with the desire to offer opportunities to strengthen the efficiencies found in IT advancement. The vision of the new plan by the NCSS seeks to create and maintain a safe cyberspace to protect the national desires and preserve the essential values and rights of the Qatari society (Ministry of Transport and Communications 9). The new plan will help to react, determine, and recover from cyber attacks and violations through sharing of information, action, and collaboration. The new structure will also create a legal structure and regulatory framework to create a vibrant and safe utilization of cyberspace. Also, the government hopes that the new plan will form and cultivate Qatar’s national cyber security capabilities.

Nonetheless, Qatar may only achieve the desired objectives in using the new model, by paying considering attention to the core aspects, and making enough sacrifices and investment to make the practice successful.

Knowing the Possible Origins of Cyber Warfare

The IT experts in Qatar know that the cyberspace has largely transformed from one of individual violators to highly developed groups and sophisticated cyber criminal cartels, and are taking diversified approaches to prevent possible attacks from any of the avenues. The nation is prepared to deal with threats from hacktivists, which comprises of groups or individuals seeking to interfere with networks and systems for a variety of reasons, encompassing political, financial, or notoriety factors (Ministry of Transport and Communication). The teams seeking to develop a safe and secure cyberspace in Qatar are increasingly gaining knowledge on how hacktivists connect across international borders to overpower targeted websites and reach critical information (Ministry of Transport and Communication). The experts gain more information on how such violators may seek to shame their prey or to disable their operations. The IT specialists pay considerable attention to how hacktivists can launch and use distributed denial of service (DDoS) threats, reach vital state information, deface websites, and publish misleading information about a high-ranking official or political leader (Ministry of Transport and Communication). The experts in Qatar are increasingly becoming watchful of the possible effects of advanced persistent threats (APT), which happen when cruel actors utilize intricate and unique malware to secretly access personal or proprietary information as well as fundamental state solutions (Ministry of Transport and Communication). The ICT experts in Qatar try to gain more information on how the APTs could utilize customized solutions to take advantage of third-party software, social engineering, insiders, and network hardware to create various interruptions, disable essential networks and interfere with data.

The IT experts in Qatar concerned with preventing possible online attacks are increasingly becoming watchful of the malicious insiders and cyber crime syndicates that have the potential to cause great harm to the country. The malicious insiders comprise of trusted individuals who are encouraged to violate the availability, integrity, and confidentiality of an agency’s information and information systems (Ministry of Transport and Communication). The interveners continue to gain knowledge on how the objective of malicious insiders, include ideological differences, revenge, or financial benefit. The state and private experts acknowledge the possible adverse effects of malicious insiders because such individuals do not have to violate or tamper with perimeter network structures because they have the trust to reach vital information and information systems, and can utilize various methodologies to interfere with or damage business and government systems (Ministry of Transport and Communication). Also important, Qatar has become keener on the possible effects of cyber crime syndicates, which comprise of organizations seeking account information to engage in fraudulent deals or to steal money. Cyber crime syndicates are fond of stealing and selling essential business information to unauthorized groups or individuals who can utilize the data to cause more harm (Ministry of Transport and Communication). The interveners are increasingly becoming aware that the violators forming cyber crime syndicates use various approaches to reach their goals, such as dispatching large volumes of e-mails while pretending to be a financial institution or other reputable institutions to get essential financial information and customer details. The interveners are fast gaining information that would help to understand how the cyber crime syndicates utilize large-scale DDoS attacks to interfere with enterprises that largely depend on the internet with the hope that the approach would protect the country against malicious attacks (Ministry of Transport and Communication). The experts already know that cyber crime syndicates can utilize 419 fraud scams to reach unsuspecting internet users to make money. The focus experts have on the different groups that are likely to cause online attacks play fundamental functions in safeguarding the country and the globe against cyber warfare that could result in more devastating effects.

Possible Challenges

The adoption of advanced technologies such as mobile applications and cloud computing, the application of smart-grid technologies, and the considerable growth in technology users offer fundamental opportunities for innovation and advancement. The opportunities, nonetheless, exist in a growingly fast-paced and changing environment that will continue to influence the capability of Qatar to innovate and compete effectively in the international economy. Qatar must overcome some of the possible challenges that could derail or slow its progress to achieve the desired goals and objectives. The nation, for instance, should address the cyber security services and skills deficit, which could prevent the application of effective intervention mechanisms. The information by the Ministry of Transport and Communication illustrates how internationally and in Qatar, there is acute shortage of employees with the appropriate knowledge, abilities and skills to appropriately know the intricacies of ICT and deal with the cyber security threats. Furthermore, some local providers give reliable and effective cyber security structures. As ICT components advance in intricacy, the deficits have the capability to advance, and if not appropriately handled, further influences the nation’s capacity to safeguard essential information infrastructure. The other challenge that could derail how Qatar tries to deal with the emerging threats involves the intricacies surrounding the global supply chain risks. The Ministry of Transport and Communication informs that the international cyber ecosystem is a structure of interlinked systems that usually incorporate numerous elements from different sources around the globe. The interveners acknowledge how it is increasingly becoming hard to tell the cause and integrity of ICT products. In addition, international supply chain causes weaknesses that malicious users can utilize to cause violations (Ministry of Transport and Communication). The third challenge has to do with industrial control system (ICS) connectivity because the recent years have witnessed an increase in situations where ICSs connect to the internet and business networks (Ministry of Transport and Communication). Whereas the connectivity offers the chance to remotely monitor the mechanical processes utilized for the production of electricity, gas and oil production, and the purification of water, which all enhance the risks of ICSs to cyber attacks.

Qatar is likely to achieve the desired results in preventing attacks by putting measures to overcome the other challenges that could derail necessary progress. The GCC country should consider the possible constraints associated with information sharing because the owners or providers of information may not be willing to share some information about incidents, best initiatives, or vulnerabilities for fear of showing weaknesses (Ministry of Transport and Communication). Furthermore, individual firms do not always know that they information they have about possible cyber attacks may be of considerable value to others. The other challenge has to do with constrained executive leadership awareness. While chief technology officers, chief information officers, chief information security officers, and IT managers often deal with issues related to cyber security at their agencies, cyber security interferes with more than the effective flow of the business affecting its bottom line and overall mission (Ministry of Transport and Communication). However, when the communication processes between IT experts and organizational leaders is affected, the highest levels of the firm can lack adequate awareness of the major risks or the resources required to enforce security measures and regulations, coordinate incident responses, and handle the risks (Ministry of Transport and Communication). In addition, the altering privacy expectations create some hurdles that may interfere with applying guidelines that affect prevents possible attacks. The information by the Ministry of Transport and Communication show that as a result of the escalated use of personal information within state agencies and throughout global businesses, nations continue to institute and improve privacy regulations to safeguard individuals and their information. Most of these nations require enough level of protection before permitting global agencies to move data to destinations beyond their borders. When personal information is not adequately safeguarded, businesses face considerable risks, and for a state agency, this could imply loss of loyalty in its internet activities, while businesses face the risk of losing purchasers to international competitors (Ministry of Transport and Communication). The state and non-state agencies seeking to develop structures that would safeguard the country against any form of cyber attacks should consider these challenges and develop suitable intervention mechanisms that would result in the anticipated results.

Other Possible Strategies for Qatar to Combat Cyber Warfare

Qatar can improve its response mechanism to cyber warfare and cybercrime by adhering to the three phases of cybersecurity advancement identified by EY. Activate, adapt, and anticipate, or the three As, provide a framework for states to elevate their response mechanism with the goal of implementing superior cybersecurity protocols at each category (EY 21). The country while implementing stage one, activate, must concentrate on building its base of cybersecurity. The initiative entails formulating information security guidelines, which will provide a suitable, but not the most appropriate, fortification against cyber threats and attack. Stage one requires the country to prepare the fundamental requirements and resources that would stimulate the formation of a solid platform for cybersecurity (EY 21). The second phase is adapt, and here the national stakeholders should focus on implementing real change that would help the country survive in case of an attack or grow as it develops its systems (EY 21). The implementers must remember that the nature of cyber warfare changes, which requires the formation of effective security measures to cope with the changing dynamics and obligations; otherwise, Qatar may become ill-prepared to defend itself over time. The policy developers should proceed to the third category, anticipate, which advocates for the formation of tactics to identify and destabilize potential online attacks (EY 21). The implementers must know precisely what they need to defend their most essential resources, and continuously put into trial suitable reactions to possible incident scenarios. Achieving the position may not be easy because the venture requires a robust cybersecurity system, an effective risk appraisal approach, a qualified incident reaction framework, and an enlightened nation and leaders. The country at stage three should be more confident about their capacity to mitigate unsurprising threats and unpredictable attacks that is the country anticipates cyber warfare.

Qatar should go beyond relying on its structures and transform its way of perceiving warfare to stop being simply reactive to current and future attacks. The Global Information Security Survey conducted by EY in 2015 found out that only a small portion of IT firms had a threat response team with committed staff (EY 21). The findings tell Qatar that the only option to get ahead of online attackers is to master how to predict their attacks, which implies that the cybersecurity systems should be able to answer several concerns. Qatar or the cybersecurity system should be able to learn from what happens out there and, use the information to make necessary changes, and should also be able to tell how other successful institutions deal with emerging threats and attacks (EY 21). Qatar should proceed to ask how it is possible to fortify the country against attacks, and how the nation can differentiate between targeted attacks from a random one. Preparing for the attack requires the country to understand the possible economic costs of a violation, and to know how the local and global partners would be impacted by an online attack (EY 21). Also, the country should try to understand the possible regulatory and legal repercussions of a fatal attack because such awareness may help to make necessary transformation to make the response mechanism more prepared and able to react to major attacks. Also important, dealing with online treats and attacks require the country to identify how to assist others within the ecosystem address the emerging violations. The response team in Qatar, therefore, should not desist from following the guidelines by EY because the organization can help the country improve its capacity to react to alterations in the threat landscape (EY 21). EY gives crucial services to help organizations and governments form in-built threat intelligence initiatives as well as several essential threat intelligence networks in subscription-based structures and complete spectrum handled online threats intelligence operations. 

Furthermore, Qatar should identify security appraisal as a suitable approach for recognizing vulnerabilities and knowing their repercussions. The country should embark on strengthening its internal audit mechanisms, risk management approaches, and IT security, and contextualize the technical findings within the national context to fully know the risks to the most essential assets (EY 21). It is the continuous assessment between national leaders and technical operators that will make the country more effective in assessing the security of both emerging and established technologies. 

Increasing Focus on the Action Plan for 2014-2018

The Qatari government would increase its chance of suppressing warfare by paying more attention to the Action Plan for 2014-2018, and always borrowing concepts that would safeguard the country against any violation. The Action Plan is suitable because it offers more details on the plans by Qatar to attain its cybersecurity vision (Ministry of Transport and Communications). Achieving the objectives of the Action Plan require the various state agencies to work as a team, and focus on reaching the same goals and objectives. For example, Qatar Foundation, the Ministry of Information and Communications Technology, Public Prosecution, the Ministry of Defense, and the Ministry of Interior among other state agencies should work as a team to execute the actions for the benefit of the whole country (Ministry of Transport and Communications). The relevant stakeholders should pay attention to objective 1 (protecting national critical information infrastructure (CII)), by taking several factors into consideration. One of the initiatives Qatar should put more emphasis on is assessing the potential risks to CII by creating a national CII risk evaluation and management structure to direct the recognition of CII components and forms (Ministry of Transport and Communications). The team in charge of the process should assess the possible vulnerabilities, threats, and repercussions, and formation of risk profiles. Assessing the risks to CII requires the intervening team to carry out regular risk evaluations of CSOs and other firms with CII, and to perform dependency and interdependency analysis to identify systematic threats that could affect the various sectors (Ministry of Transport and Communications).  Safeguarding the national CII requires the intervening team to implement cyber security measures and standards to suppress risk to CII. The implementation of the cyber security controls requires the implementers to create and sustain a CII cyber security measure and maturity framework, as well as specific cybersecurity guidelines.

The team seeking to protect the national CII should focus on other important aspects that would help to strengthen Qatar’s readiness and ability to respond to cyber attacks. The team working on the security system should monitor the trends of cyber security and potential threats to CII and give real time feedback to all stakeholders (Ministry of Transport and Communications). The intervening group must at this stage develop industry-specific or institutional security operations hubs or threat intelligence units to enhance response and resilience. The intervening team should always try to utilize trustworthy technology services and products by developing the capacity to assess and validate ICT systems and products for utilization in essential areas (Ministry of Transport and Communications). Furthermore, using trustworthy technology platforms requires the development of proper directives that outline security needs for cyber security and ICT providers. An important aspect that may help to develop the national CII is to continuously assess the security situation by creating a capability to perform relentless diagnostics and examination of IoT networks to better know the potential risks, encourage preventive guidelines, identify and rectify infected apparatus, and inform affected end-users.

Developing a national defense mechanism requires the team to pay considerable attention to objective 2, which seeks to react to, determine and recuperate from cyber threats and attacks through timely sharing of information, teamwork, and action. Achieving the objective requires Qatar to improve and maintain its situational alertness and capabilities by creating and maintaining a national cyber security coordination capacity to enhance the collective awareness of cyber security threats and attacks in Qatar and help sustain the reaction to issues of national concern (Ministry of Transport and Communications). Developing advanced awareness requires the working group to formulate a national structure for recording and assessing cyber violations. Effective response, resolution, and recovery from cyber threats and attacks require the interveners formulate and relentlessly advance incident reaction mechanisms by developing a process for coordination and handling incident responses, and by facilitating information exchanges between cyber operations stations to enhance reaction to incidents, information sharing, and provision of training opportunities (Ministry of Transport and Communications). Effective reaction and recovery from cyber invasions requires the country to focus on lowering cyber disruptions and infections within CII. Containing cyber infections within CII requires the implementers to carry out continuous evaluations of networks to recognize and do away with destructive codes on IT infrastructure, and forming and implementing tools to detect possible attacks on national CII.

Qatar while seeking to react to, resolve, and heal from cyber violations through effective processes of sharing information requires the implementers to consider other essential factors that would result in the desired outcome.  Establishing structures and procedures to increase timely actions and sharing of information among all the parties concerned. Developing mechanisms to improve timely information sharing requires the establishment and operation of tools and systems for propagating threats and vulnerabilities information among the trusted parties (Ministry of Transport and Communications). Also, the interveners have to create additional sector partnerships to bring stakeholders together to deal with cyber threats and advance CII resilience and preparedness, and to create a platform to bring together security specialists from across important sectors to mitigate systematic risks (Ministry of Transport and Communications). Furthermore, the interveners should ensure preparedness by carrying out cyber security practices and drills to improve preparedness and pass vital knowledge. Strengthening preparedness require IT practitioners to conduct national cyber security practices and infuse the acquired lessons into laws, operational capabilities, and measures (Ministry of Transport and Communications).  The specialists should carry out industry-specific cyber security practices to evaluate and test the capacity to respond to incidences (Ministry of Transport and Communications). Also, the IT specialists should focus on enhancing the existing systems and creating more effective bilateral and multilateral pacts to encourage information sharing, promote cybercrime inquiry processes, and encourage cyber activities.

Qatar may elevate its response to cyber attacks by fostering a culture of cybersecurity that encourages the safe and suitable utilization of cyberspace. The initiative requires the enhancement of cybersecurity knowledge across the society using various avenues. The country would attain the goal more effectively forming and maintaining national cyber security awareness across various demographic circles, such as parents, state workers, children, and seniors among other groups (Ministry of Transport and Communications). Also, achieving the desired goals and objectives requires the formation of award programs to praise and motivate good performance in cybersecurity for major achievements, such as innovative services and solutions or execution of security measures and best practices (Ministry of Transport and Communications). The state and IT specialists should take the initiative to encourage everyone to utilize cyber safety mechanisms and tools to safeguard against cyber violations. The interveners should work closely with internet service providers and other effective teams to assist individual users determine the security status of their IoT devices and systems (Ministry of Transport and Communications). Developing a culture of cybersecurity that encourages the safe and suitable use of cyberspace requires the concerned parties to facilitate the formation and implementation of cybersecurity lessons in learning facilities, including institutions of higher learning. The state and specialists should work with institutions of higher learning to create and implement suitable cybersecurity educational programs and curricula to help learners understand how to prevent cyber violations (Ministry of Transport and Communications). The government and IT experts should work with learning facilities to formulate training guides for instructors and school administrators, and equip them with essential materials to facilitate the delivery of cyber safety lessons. 

Attempts by other Countries to Contain Cyber Warfare

The Ministry of Law, Justice and Company Affairs that operates under the Indian Legislative Department formulated the Information Technology Act (2000) with the aim of combating possible cases of online infringement (Q-CERT). The Act is set to offer legal acknowledgement for activities conducted by means of exchanging electronic data and other forms of electronic interaction, usually called electronic commerce or e-commerce, which entails the utilization of alternatives to paper-based approaches of communication and storage of data, to enhance electronic storage and retrieval of documents with the various state agencies (Q-CERT). The introduction of the Information Technology Act of 2000 further sought to amend the Indian Evidence Act, the Indian Penal Code, the Bankers’ Books Evidence Act of 1891, and the Reserve Bank of India Act of 1934. The Act that falls into several chapters addresses different issues that could help to safeguard India against online violation occurring from the use of electronic devices (Q-CERT). The Act in Chapter IV, for example, touches on the attribution and acknowledgement of electronic records, while Chapter V addresses issues dealing with secure electronic records and safe digital signatures. Chapter VII addresses the various ways of authenticating digital signatures that are highly usable in e-commerce (Q-CERT). Chapter IX is important because it outlines the penalties for failing to adhere to the set rules and directives. For example, the Chapter outlines the penalties for causing damage to a computer or a computer system, failure to furnish information returns, and residuary penalty among other ramifications (Q-CERT). The Indians continue to rely on the Information Technology Act of 2000 together with other frameworks to combat the issue of cyber warfare that is fast becoming a global threat.

International Law

International law refers to the set of rules and regulations that govern the practices of sovereign states in their interaction with others. International law sets structures to direct countries across a broad range of operational areas including conflicts, trading activities, and diplomatic ties (United Nations). International law provides a chance for government to take part in more organized, steady, and unwavering global activities. Often the sources of international law include the rulings of lower and national courts, scholarly publications, extensively acknowledged principles of law, international customs, and treaties (United Nations). The sources act as the procedures and materials out of which the standards and regulations guiding the international community are formulated. Article 38 of the Statute of the International Court of Justice (ICJ) is presently widely accepted as an important source of international law (United Nations). The Statute requires courts to make judgment based the reports of international customs, international conventions, the universal doctrines of law accepted by civilized states, and based on the guidelines of Article 59, the instructions and judicial rulings of the highly renowned publicists of the various countries, as alternative ways for defining and application of the rules of law (United Nations). The United Nations Charter is an example of an international treaty of the United Nations that articulates the dedication to protect and uphold the human rights of all citizens, and outlines a wide set of guidelines related to attaining higher quality of living (United Nations). The requirements of the UN Charter triumph over the terms and conditions of any treaty and international custom pursuant to the provisions of Article 103. The essence of the UN Charter in shaping international law makes it a vital framework for curbing cyber warfare.

The Principles of the UN

Peaceful interactions and coexistence should be viewed as a set of principles or guidelines of international law, and not merely as a description of modern international relations, but as something declared to be the foundation for contemporary universal law and indeed the most crucial aspect within it. Chapter I of the UN Charter outlines the principles and purposes of the UN. The principles of the UN stated in Chapter I, Article 1 of the UN Charter offer valuable guidance that could help to encourage peaceful coexistence, safeguard inviolability of international rights, and promote non-infringement between countries via online systems or physical attacks (United Nations a). Principle 1 advocates for sovereign equality between all members, which insinuates that no one should intimidate the other through any means, including online platforms. The principle plays a crucial role in fostering peaceful coexistence between states, which may lower the possibilities of cyber attacks and warfare. Principle 2 further advocates for peaceful coexistence in the way it urges Member States to strive towards achieving their obligations in good faith (United Nations a). Principle 3 promotes inviolability of international rights and non-infringement between states by calling on all Members to settle their international misunderstandings by peaceful approaches in such a way that global justice, security, and peace are not breached (United Nations a). Settling disputes peacefully could prevent attacks through online platforms, and warring sides may find alternative ways of settling the disputes.

Principles 4, 5, and 6 if the UN Charter are equally essential in fostering equal coexistence and finding effective remedies to conflicts that could affect relationship with other states. Principle four promotes peace, safeguards international rights, and discourages conflicts by directing all Members to refrain from the use of force or threats against the sovereignty and territorial boundaries of any country, or in other ways that contravene the requirements of the United Nations (United Nations a). Refraining from threats could prevent the use of electronic and online systems to attack others, thereby promoting peace. Principle 5 may help to prevent violations in the way it encourages Members to support the UN in punishing violators same to Principle 6, which urges non-Members to adhere to the regulations to build international peace and security (United Nations a). Countries should rely on the principles of the UN Charter while developing mechanisms to curb cyber warfare to achieve successful outcome in promoting peace and preventing conflicts.

The Internet

The internet has linked people across the globe in ways that were not imaginable nearly a decade ago. The growth of the internet has eradicated communication hurdles and promotes cooperation in every area touching on professional and personal issues. At the same time, the internet is usually contrasted with the Wild West, an unruly edge where some people take advantage of the unmanaged systems to enrich themselves at the expense of those unaware of the threats associated with online activities (O’Donnellan). Cyberspace is now an integral part of the society, fostering economic advancement and innovation and building lives in significant ways, and will continue to widen and create even more opportunities in the coming years (Qatar National Cyber Security Strategy 1). Globally there have been a number of researches on internet usage and most of them show that internet use is prevalent among more educated people and the younger persons. The paper by Deniz and Geyik (896), for example, presents the findings of a study of students of the Istanbul University in Turkey whose objective was to assess the internet utilization behavior of the study population. The survey finds that the use of the internet by young people has escalated dramatically in the recent past, and surfing the internet has become a significant aspect of the students’ general life (Deniz and Geyik 899). However, with the great transformations come new risks to the structures that make it possible for people to utilize the internet effectively and without any threats. Cyberspace with its infinite nature, offers those who would cause threat with so much opportunity to interrupt with governments, businesses, and individuals (Deniz and Geyik 896). Since the September 11, 2001 terrorist attack on the U.S., many nations have increasingly shifted their attention on the monitoring of the internet in tackling cyber crime and terrorism. The emergence of unregulated use of the internet yet so many people, institutions, and governments rely on cyberspace for their daily increase the threats of cyber warfare.

Effects of Increased Interaction with Cyberspace

The growth of the internet creates a situation where people rely on cyberspace to perform their daily activities, but it is the increased involvement with online activities that makes the threat of cyber attacks more imminent. Deniz and Geyik (895) find that the use of information and communication technologies (ICTs) has expanded rapidly in the last decade across the globe. The growth comes with considerable effects. Bada and Nurse (2) write that the effects of cyberspace on society are undisputable. The growing numbers of people owning smartphones, laptops, and personal computers, and easy reach to the internet have transformed the lives of so many people.  Increased indulgence with electronic devices is increasingly influencing people’s behaviors, habits, and ideas. Today, many people and businesses use social media platforms to communicate and do business, and some social media channels such as Facebook and Twitter play crucial interactive roles in the political field. Unfortunately, it is the increased indulgence with electronic devices and cyberspace that elevates the possibilities of cyber threats and attacks at the national level.

Effects of Cyber Warfare

Effects on National Infrastructure  

The national infrastructures are at risk during cyber warfare, which could lead to devastating financial repercussions. The country highly depends on its national infrastructure, which include the sites, networks, systems, and people responsible for appropriate functioning of the country. Some of the key national infrastructures that are at risk during cyber warfare energy equipment, transport and water facilities, health resources such as hospitals and health research institutions, and communication equipment such satellites and servers. Transportation of goods may fail as a result of cyber warfare, and ultimately the economy collapses. For example, Qatar has invested billions to advance the nation’s physical infrastructure. Advancements include modifying and modernizing the International Airport at Doha, constructing a new seaport, advancing road infrastructure, and installing an effective metro system and high-speed rail (Ministry of Transport and Communication). Qatar is also placing sizable investment in preparation for the 2022 Federation Internationale de Football Association (FIFA) World Cup, including considerable investment in technology to offer new and appropriate services for global viewers and visitors (Ministry of Transport and Communication). The infrastructures are at a significant risk of destruction because the enhancements of most of these infrastructures rely on sophisticated and innovative ICT (Ministry of Transport and Communication). Escalated use of broadband and ICT in developing the key infrastructure provide great benefits to individuals, institutions, businesses, and the government, but vulnerabilities usually accompany these gains (Ministry of Transport and Communication).It is increasingly disturbing that intricate new malware has the capacity to steal confidential data and disable important network infrastructure. Attacks on important infrastructure, such as industrial control systems (ICS), can interfere with physical machinery, causing severe equipment failure, and even causing loss of life (Ministry of Transport and Communication). As a major generator of clean fuel, a home to international firms, an early user of digital technological operations, and a leader in regional activities, Qatar remains an appealing center for ill-intentioned individuals who want to cause destruction and disruption (Ministry of Transport and Communication). Qatar, therefore, has to develop more effective countering measures to suppress any online attacks that could cause substantial loss to the national key infrastructure.

Effects on Public Information

The parties bestowed with the responsibility of preventing the country against cyber warfare should work harder to mitigate possible threats because successful attacks could tamper with public information systems and infrastructures. The public information systems available for use by the public in both the private and public sectors such as social media, telephone networks, and other electronic forms of communication are at considerable threat during cyber war and interaction between individuals and corporations may fail to achieve the desired communication outcome. The state should be vigilant to avoid possible attacks to safeguard the country’s communication systems.

Destabilization of Social Wellbeing

National attacks through computer systems affect social wellbeing and the public’s welfare could deteriorate if the relevant parties do not respond in real time. Disrupting social wellbeing because of cyber warfare could result in a situation where it is difficult to meet the basic human requirements and people are not able to coexist peacefully in the society and hardly get opportunities for growth and advancement. Conflict, including cyber warfare, may cause humanitarian crises and put terrific harm on people (Section 10). Such crises that could affect social wellbeing include severe shelter, food, and water inadequacies, massive displacements, and inadequate health services among other fundamental provisions (Section 10). The groups tasked with the duty of preventing cyber warfare should not relent in their activities to avoid destabilizing social wellbeing.

Cyber security researchers have discovered many other ways in which cyber warfare can have detrimental effects on wellbeing. A joint study by researchers from the Oxford University and Kent’s School of Computing sought to identify the various ways in which the cyber-incidents being witnessed today affect well-being at the individual and societal levels (ScienceDaily). The researchers also sought to identify how the adverse effects tend to spread as time passes, and hope that their findings will help to create more awareness on the numerous negative effects of cyber attacks on well-being (ScienceDaily). Overall, the researchers identified five major ways in which cyber attacks can affect wellbeing, including affecting the physical, economic, psychological, reputational, and social aspects (ScienceDaily). For example, under the physical aspect, the destruction of key infrastructure such as roads affect societal and individual wellbeing because it becomes hard to move from one place to the others, and it even becomes hard to engage in business operations, which falls under the economic category. Poor economic status derails the individuals’ or society’s ability to afford the primary human wants which further affect wellbeing. The psychological effects that affect individual wellbeing following a cyber attack include increased depression, shame, confusion, and embarrassment (ScienceDaily). The reputational affects that may interfere with individual wellbeing, include tarnished relationship with different people and loss of customers or partners in the case of a government. Finally, on a societal level, the possible risks of disrupting daily life operations can interfere with individual morale, which directly influence the wellbeing of the affected person (ScienceDaily). It is paramount, therefore, to establish effective structures that would counter any threats and attacks to create a society where the wellbeing of every person is guaranteed.

Effects on State Security

Cyber warfare puts the national security at risk and delayed intervention could create panic and anxiety among the citizens. Cases of failure of military equipment and systems, violations of national security secrets, and electrical power cuts that are likely to occur following a cyber attack may tamper with national security, and the country may be less effective in the way it responds to further infringement. Cyber warfare affects state security because businesses may collapse, and the individuals and household income may depreciate. The state agencies charged with the tasks of preventing possible attacks should not relent in their practices to prevent contravening the quality of state security.

Application of Proper Legislations and Policies

The possible severe effects of cyber warfare call for the application of suitable legislations and policies that would evade more problems and some regions such as the U.S. are already forming effective regulations to prevent possible cyber attacks. The California Consumer Privacy Act (CCPA) is an appropriate example of an efficient state rule meant to improve consumer guard and privacy rights for everyone residing in California. The Act has achieved tremendous outcome in building consumer confidence since its signing into law on June 2018 by Governor Jerry Brown. The law creates more avenues and facilitates the processes through which people know what personal information is gathered about them, and to know whether their personal information is disclosed or put under safe custody.The CCPA allows people to reject the sale of their personal data, and the residents can now access their information with ease and much faster. The law permits people to request for the removal of their personal information, and protects them against any form of discrimination for applying their privacy rights. It is possible to prevent cyber warfare through the application of the CCPA violators cannot access and use the personal information of others to launch attacks over the internet aimed at harming other countries.  

Another legislation that plays a vital role in preventing instances of cyber warfare is the General Data Protection Regulation (GDPR) that is applicable in the European Union (EU). The GDPR is the most essential overhaul of the EU data protection regulations for over 20 years. Amongst other functions, the GDPR is projected to give more effective defense to individuals and to present better security to firms in championing for enhanced data security across the EU member countries. The GDPR is similar to the CCPA in California in the way it allows for the protection of personal data during storage and transfer outside the EU. The law that applies to all businesses regardless of their type and size directs processors and managers of personal data to apply suitable data protection guidelines (European Commission). The directive urges data controllers and handlers to create information systems while keeping privacy in mind by applying the most effective privacy structures so that it is impossible for unauthorized persons to access datasets and personal information (European Commission). The GDPR directs data handlers to ensure that no data is retrieved and processed unless the practice happens in accordance with one of the six guidelines stipulated by the legislation. The law, for example, only mandates the processing of personal data when entering into a contract,or when consent exists between all parties, or under legal circumstances (European Commission). The GDPR is effective in regulating cyber warfare because unauthorized parties cannot easily access the personal data of others and use them to perpetuate online attacks against the state.

The regulation is appropriate because it offers hefty penalties and fines to those who fail to abide by the requirements. The fines for a major defiance under the law are substantial, and can be as high as 20 million pounds (O’Donnellan). The hefty fines help to push as many multinational corporations and SMEs as possible to incorporate features that protect the personal data of their customers, which all contribute towards containing cyber warfare in the region and beyond. More businesses and state agencies in the EU region welcome the provisions of the GDPR because they understand that data violations impact on the agency’s reputation and consumer loyalty, and also disrupt its consumer loyalty (O’Donnellan). The EU member states remember vividly what happened to Yahoo that lost approximately $350 million after its data was infringed upon immediately after forming a partnership with Verizon (O’Donnellan). The companies and state agencies in the EU adhere to the provisions of the GDPR because they know how data breaches interfere with strategic information and intellectual property rights, and how violation can disrupt daily operation. The companies that apply the directives of the GDPR would not want to be in a similar position with the NHS hospitals that were rendered nonoperational in the surgical department following the WannaCry ransomware violation of 2017 (O’Donnellan). As the magnitude of cyber threat continues to broaden, international and local firms should embrace the data security guidelines outlined by the GDPR as a chance to lower the risks of data violation and online attacks.

The ClarifyingLawful Overseas Use of Data Act (CLOUD Act) is legislation in the U.S. that offers provisions that could allow for the prevention of cyber warfare although some feel the law requires amendments to rectify some of its limitations. The U.S. federal law formulated in 2018 is an amendment of the Stored Communications Act of 1986 permits federal law enforcement agencies to retrieve data stored on servers in the U.S. or elsewhere (Evans et al.). The law directs data andcommunication firms in the U.S. to issue stored information for a subscriber or buyer on the servers they manage when requested by court warrant. Some groups, including the Human Rights Watch and the American Civil Liberties feel that the bill take away the rights enshrined in the Fourth Amendment that protects people from unwarranted seizures and searches. The critics feel that the bill is ineffective and could perpetuate cyber warfare because the state has the right to access personal data and share the information with foreign nations without notifying the affected person (Evans et al.). The CLOUD Act, however, may contribute towards preventing online attacks because it offers mechanisms for courts or companies to challenge the request when they feel that the information could get into wrong hands or used to perform illicit practices. The state must also follow the due process before accessing the data as a way of preventing unregulated access (Evans et al.). The CLOUD Act could be having some weaknesses, but the guidelines the state must follow before accessing the information may help to prevent unrestricted entry that could facilitate the occurrence of cyber warfare.

The Role of the Budapest Convention in Preventing Cyber Warfare

The Convention on Cybercrime of the Council of Europe popularly referred to as the Budapest Convention is the initial global treaty aimed at addressing online internet-related crimes by improving cooperation between countries, advancing investigation approaches, and harmonizing laws at the national level. The Council of Europe developed the Budapest Convention in France in the attendance of representatives from New York, Ontario, Pretoria, and Osaka (Council of Europe). The initial international treaty on crimes carried out through the internet and other computer systems, particular helps to prevent cybercrimes that relate to violations of copyrights, online deception, infringements of networks, and hate crimes (Council of Europe). The convention aims at form a universal criminal policy aimed at safeguarding the society against cybercrimes, particularly by embracing suitable legislations and promoting international cooperation. The Budapest Convention is effective in preventing cyber warfare because it allows domestic judicial institutions to investigate and prosecute violators or the people responsible for cybercrime, and because it advocates for cooperation at the international level aimed at curbing threats and attacks (Council of Europe). The other provisions of the Budapest Convention that could help to prevent cyber warfare include the provision of suitable structures for storing data, retrieval, and interception of information (Council of Europe). More fundamentally, the Convention offers a framework for accessing data when dealing with trans-border issues, and allows for the formation of an assistance center where people can follow up on the storage and utilization of their personal information (Council of Europe). The Budapest Convention should set an example to hold other similar conventions with the objective of developing suitable structures for combating cyber warfare.

Conclusion

The growth of technology increases the risk of cyber warfare, which could result in adverse consequences that affect a state. Cyber warfare involves a scenario where a country or people who have state protection and use state resources manipulate the computer or electronic systems of other countries with the motive of causing harm. Several countries have become victims of cyber warfare, which indicate that such threats and attacks are real and any nation can be a victim without employing proper preventive measures. Cyber warfare is now more threatening than ever, and could even be more serious in future because people rely on electronic forms and the internet for various reasons. The internet transforms business operations and allows people to interact via social media avenues, which increase the possibilities of attacks. Countries should create proper mechanisms to counter cyber warfare and attacks because such violations could affect the national infrastructure, public informationsystems, social wellbeing, as well as destabilize national security. Nations should improve their protection against cyber warfare by developing and applying suitable legislations and policies. Several states including Qatar have by now introduced schemes to avoid online intimidation and infringement. Qatar understands the possible effects of cyber warfare in the different aspects of life, and continues to apply suitable mechanisms to deal with the threat that affects the various areas of life. The country invests in cyber diplomacy with the objective of creating awareness about the threat and forming closer ties with neighboring nations in combating the problem. Various institutions of higher learning have come together to facilitate the cyber diplomacy initiative, and so far the joint effort has yielded substantial results. The Qatari government enacted the Cybercrime Prevention Law no. 14 of 2014 with the objective of containing and preventing cases of cyber warfare. The regulation outlines some of the major penalties, including jail terms and fines that violators are likely to face, and the strict directives help to prevent any incidence. The Qatari government believes that the initiatives will play essential functions in meeting the objectives set by the national government and other security agencies, such as safeguarding the national CII, reacting, resolving, and dealing with cyber threats in the most effective manner and creating a legal structure to facilitate the formation of a safer cyberspace. The various groups working together to combat cyber attacks in Qatar also hope that the initiatives will create a culture that promotes the development and use of safe structures, and will form and promote a culture where the country can deal with its threats in the most effective manner. Qatar, however, must watch out for some of the challenges that could impede its initiatives and come up with suitable remedies. Some of the possible constraints could include considerable deficits in cyber security competence and services, risks in the global supply chain, problems with ICS connectivity, and constraints in sharing information. Also, more awareness is needed at the executive leadership level to be in a good position to handle the transforming privacy anticipations. The country can borrow the structure by EY, which requires the state to activate, adapt, and anticipate in developing a response mechanism that is strong enough to protect the country from cyber attacks. It may also be imperative to make use of ideas from legislations such as the General Data Protection Regulation, the California Consumer Privacy Act, the ClarifyingLawful Overseas Use of Data Act, and the Convention on Cybercrime of the Council of Europe

Works Cited

Alhout, Ra’ed. “Cyber Crime Prevention Law in Qatar.” Al Tamini & Co., October 2014, https://www.tamimi.com/law-update-articles/cyber-crime-prevention-law-in-qatar/#:~:text=On%2016%20September%202014%20the,combating%20online%20and%20cyber%20crimes.&text=Provisions%20on%20so%2Dcalled%20%E2%80%9Ccontent,to%20publish%20%E2%80%9Cfalse%20news%E2%80%9D. Accessed 18 June 2020

Ayad, Khristo and Shlrzal Abed. “Cyber Diplomacy in Qatar – A Virtue of Necessity.” International Policy Digest, December 30, 2019, https://intpolicydigest.org/2019/12/30/cyber-diplomacy-in-qatar-a-virtue-of-necessity/ Accessed 18 June 2020

Bada, Maria and Nurse Jason. “The Social and Psychological Impact of Cyber Attacks.” 2020,

https://arxiv.org/ftp/arxiv/papers/1909/1909.13256.pdf Accessed 23 June 2020

Council of Europe. “Bedapest Convention and Related Standards.” Council of Europe, 2020, https://www.coe.int/en/web/cybercrime/the-budapest-convention Accessed 18 June 2020

Cyber Operations Tracker. “Titan Rain.” Cyber Operations Tracker, 2020, https://www.cfr.org/interactive/cyber-operations/titan-rain Accessed 18 June 2020

Deniz Mujgan and Geyik Seda. “An Empirical Research on General Internet Usage Patterns of Undergraduate Students.” Procedia – Social Behavioral Sciences, vol. 195, 2015, pp. 185 – 904.

European Commission. “EU Data Protection Rules.” European Commission, 2020,

https://ec.europa.eu/info/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules/eu-data-protection-rules_en Accessed 18 June 2020

Evans, Marcus et al. “U.S. CLOUD Act International Privacy.” Data Protection Report, August 1, 2019,

https://www.dataprotectionreport.com/2019/08/u-s-cloud-act-and-international-privacy/ Accessed 18 June 2020

EY. Cybersecurity and the Internet of Things. London, 2015.

Gulf Times. “QNA Hacking a Dark Chapter in GCC’s History.” Gulf Times, May 23, 2018. https://www.gulf-times.com/story/593788/QNA-hacking-a-dark-chapter-in-GCC-s-history Accessed 16 July 2020

Huxley. “How is Qatar Defending its Cybersecurity Efforts in Preparation for FIFA World Cup 2022?” Huxley, 2020,

https://www.huxley.com/en-ae/blog/2019/08/how-is-qatar-defending-its-cybersecurity-efforts-in-preparation-for-fifa-world-cup-2022/ Accessed 18 June 2020

Ministry of Transport and Communications. “Qatar National Cyber Security Strategy.” Ministry of Transport and Communications, May 2020, https://www.motc.gov.qa/sites/default/files/national_cyber_security_strategy.pdf Accessed 23 June 2020

Morten, Richard. “Security in the Digital Age: A Report on the Middle East Cyber Security Workforce.” Fircroft, September 4, 2017,

https://www.fircroft.com/blogs/security-in-the-digital-age-a-report-on-the-middle-east-cyber-72474105124 Accessed 23 June 2020

O’Donnellan, Ruairi. “GDPR – An Opportunity to Rethink Data Security.” Intuition, August 17, 2017,

https://www.intuition.com/blog-cybersecurity-gdpr/ Accessed 18 June 2020

Qatar-America Institute. “Cyber Attack on the Qatar News Agency.” Qatar-America Institute, 2020,

https://qataramerica.org/wp-content/uploads/2016/12/365881322-Cyber-Attack-on-the-Qatar-News-Agency-Fake-News-Cyber-War-and-an-Attack-on-International-Norms-of-Sovereignty-1.pdf Accessed 18 June 2020

Q-CERT. “Qatar’s National Information Center.” Q-CERT, 2020,

https://www.qcert.org/ Accessed 18 June 2020

Robinson, Michael, Jones Kevin and Janicke Helge. “Cyber Warfare: Issues and Challenges.” Computers & Security, vol. 49, 2015, pp. 70 – 94.

ScienceDaily. “At least 57 Negative Impacts from Cyber-Attacks.” ScienceDaily, October 24, 2018. https://www.sciencedaily.com/releases/2018/10/181024112203.htm#:~:text=Cyber%2Dsecurity%20researchers%20have%20identified,fines%20or%20disrupting%20daily%20activities. Accessed 23 June 2020

Section 10. Social Well-Being.

https://www.usip.org/sites/default/files/GP_170-203_Social_Well-Being.pdf Accessed 18 June 2020

United Nations. “International Law and Justice.” United Nations, 2020,

https://www.un.org/en/sections/issues-depth/international-law-and-justice/index.html#:~:text=The%20international%20law%20is%20enshrined,that%20governs%20relations%20among%20nations.&text=The%20treaties%20cover%20a%20broad,and%20protection%20of%20the%20environment. Accessed 28 July 2020

United Nations a. “UN Charter.” United Nations, 2020, https://www.un.org/en/sections/un-

            charter/un-charter-full-text/. Accessed 28 July 2020

Younes, Ali. “Qatar Says Cyberattack ‘Originated from the UAE.” Aljazeera, July 20, 2017, https://www.aljazeera.com/news/2017/07/qatar-sheds-light-cyberattack-official-media-170720151344996.html Accessed 18 June 2020

Zaharia, Andra. “300+ Terrifying Cybercrime and Cybersecurity Statistics & Trends.” Comparitech, April 22, 2020,

https://www.comparitech.com/vpn/cybersecurity-cyber-crime-statistics-facts-trends/ Accessed 23 June 2020