Dipl.-Inf. Thomas Reinhold

Wissenschaftlicher Mitarbeiter / Doktorand
Kontakt: reinhold(at)peasec.tu-darmstadt.de
Technische Universität Darmstadt, Fachbereich Informatik,
Wissenschaft und Technik für Frieden und Sicherheit (PEASEC)
Thomas Reinhold ist wissenschaftlicher Mitarbeiter sowie Doktorand am Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) am Fachbereich Informatik der TU Darmstadt. Er beschäftigt sich seit vielen Jahren mit den gesellschaftlichen Auswirkungen von Technologie und den Herausforderungen der Interaktion zwischen Menschen und Computersystemen. In diesem Kontext stehen die Bedrohungen im Cyberspace und das Problem der zunehmenden Militarisierung dieser Domäne im Mittelpunkt seines wissenschaftlichen Interesses mit einem besonderen Fokus auf Fragen der Abrüstung und Rüstungskontrolle sowie den Problemen der Attribution im völkerrechtlichen Kontext.
Er hat Informatik und Psychologie an der Technischen Universität Chemnitz studiert. 2015 war er der Campaigner der Cyberpeace-Kampagne des Forum InformatikerInnen für Frieden und gesellschaftliche Verantwortung. Seit 2017 ist er Miglied des Transatlantic Cyber Forum und hat dort in unterschiedlichen Arbeitsgruppen zu nationalen sowie internationalen Cyber-Sicherheitspolitik sowie neuen technischen Entwicklungen wie den Auswirkungen und der Regulierung von Künstlicher Intelligenz mitgewirkt. Er ist außerdem Mitglied der Research Advisory Group der Global Commission on the Stability of Cyberspace (GCSC) und seit 2009 Non-Resident-Fellow am Institut für Friedensforschung und Sicherheitspolitik an der Universität Hamburg.
Publikationen:
[BibTeX]
@incollection{reinhold_armament_2022,
title = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
booktitle = {Armament, {Arms} {Control} and {Arti}ficial {Intelli}gence. {The} impact of software, machine learning and artificial intelligence on armament and arms control},
publisher = {Springer},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Schörnig, Niklas and Reinhold, Thomas},
year = {2022},
keywords = {Projekt-ATHENE-SecUrban, Security, Peace},
}
[BibTeX]
@book{schornig_armament_2022,
title = {Armament, {Arms} {Control} and {Artificial} {Intelligence} - {The} {Janus}-faced {Nature} of {Machine} {Learning} in the {Military} {Realm}},
publisher = {Springer},
author = {Schörnig, Niklas and Reinhold, Thomas},
year = {2022},
keywords = {Projekt-ATHENE-SecUrban, Peace},
}
[BibTeX] [Abstract] [Download PDF]
The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.
@article{franken_digital_2022,
title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
volume = {38},
url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
doi = {10.1016/j.ijcip.2022.100522},
abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
number = {100522},
journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
year = {2022},
keywords = {Projekt-ATHENE-SecUrban, Security, A-Paper, Ranking-ImpactFactor, Selected, Projekt-AgriRegio},
pages = {1--15},
}
[BibTeX]
@article{reinhold_book_2022,
title = {Book {Review}: {Artificial} {Intelligence} and {The} {Future} of {Warfare}, {James} {Johnson} (2021)},
journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
author = {Reinhold, Thomas and Reuter, Christian},
year = {2022},
keywords = {Projekt-ATHENE-SecUrban, Peace},
}
[BibTeX] [Abstract] [Download PDF]
The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.
@article{reinhold_towards_2021,
title = {Towards a {Cyber} {Weapons} {Assessment} {Model} – {Assessment} of the {Technical} {Features} of {Malicious} {Software}},
issn = {2637-6415},
url = {https://peasec.de/paper/2021/2021_ReinholdReuter_CyberWeapons_IEEETransactionsTechnologySociety.pdf},
doi = {10.1109/TTS.2021.3131817},
abstract = {The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.},
journal = {IEEE Transactions on Technology and Society},
author = {Reinhold, Thomas and Reuter, Christian},
year = {2021},
keywords = {Projekt-ATHENE-SecUrban, A-Paper, Ranking-ImpactFactor, Peace, AuswahlPeace, Cyberwar},
}
[BibTeX] [Download PDF]
@article{reinhold_zur_2021,
title = {Zur {Rolle} und {Verantwortung} der {Informatik} für die {Friedensforschung} und {Rüstungskontrolle}},
volume = {38},
url = {https://peasec.de/paper/2021/2021_Reinhold_RolleVerantwortungInformatikFriedensforschung_FIFF.pdf},
journal = {FIfF-Kommunikation},
author = {Reinhold, Thomas},
year = {2021},
keywords = {Security, Peace, Projekt-DualUse, Cyberwar},
pages = {47--49},
}
[BibTeX] [Download PDF]
@incollection{reinhold_verfassungs-_2020,
title = {Verfassungs- und völkerrechtliche {Fragen} im militärischen {Cyber}- und {Informationsraum} unter besonderer {Berücksichtigung} des {Parlamentsvorbehalts}, der {Zurechenbarkeit} von {Cyberangriffen} sowie einer möglichen {Anpassung} nationaler und internationaler {Normen}},
url = {www.peasec.de/paper/2020/2020_Reinhold_VerfassungsVoelkerrechtlicheFragenCyberInformationsraum.pdf},
booktitle = {Deutscher {Bundestag}, {Verteidigungsausschuß}},
publisher = {Deutscher Bundestag, Verteidigungsausschuß},
author = {Reinhold, Thomas},
year = {2020},
keywords = {Projekt-ATHENE-SecUrban, Security, Peace, Cyberwar},
pages = {1--9},
}
[BibTeX] [Abstract] [Download PDF]
Attribution consists of technical, legal and politically defined processes. However, the interna- tional community has not yet defined processes unilaterally, even though the UN GGE has proposed to address the increase of cyber operations. Taking existing threat exchange stand- ards into account, this paper presents an approach to support efforts for more effective attrib- ution by developing a platform with the common open source threat exchange formats STIX and MEAC. Furthermore, the platform is evaluated in terms of usability.
@inproceedings{riebe_threat_2019,
address = {Darmstadt, Germany},
title = {Threat {Intelligence} {Application} for {Cyber} {Attribution}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/9164},
abstract = {Attribution consists of technical, legal and politically defined processes. However, the interna- tional community has not yet defined processes unilaterally, even though the UN GGE has proposed to address the increase of cyber operations. Taking existing threat exchange stand- ards into account, this paper presents an approach to support efforts for more effective attrib- ution by developing a platform with the common open source threat exchange formats STIX and MEAC. Furthermore, the platform is evaluated in terms of usability.},
booktitle = {{SCIENCE} {PEACE} {SECURITY} '19 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
publisher = {TUprints},
author = {Riebe, Thea and Kaufhold, Marc-André and Kumar, Tarun and Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
year = {2019},
keywords = {Security, Student, Peace, Projekt-DualUse},
pages = {56--60},
}
[BibTeX] [Download PDF]
@incollection{reuter_arms_2019,
address = {Wiesbaden},
title = {Arms {Control} and its {Applicability} to {Cyberspace}},
isbn = {978-3-658-25651-7 978-3-658-25652-4},
url = {http://link.springer.com/10.1007/978-3-658-25652-4_10},
language = {en},
urldate = {2021-05-11},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Fachmedien Wiesbaden},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4_10},
pages = {207--231},
}
[BibTeX] [Abstract] [Download PDF]
The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.
@incollection{reinhold_cyber_2019,
address = {Wiesbaden, Germany},
title = {From {Cyber} {War} to {Cyber} {Peace}},
isbn = {978-3-658-25652-4},
url = {https://www.springer.com/de/book/9783658256517},
abstract = {The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4_7},
keywords = {Projekt-CRISP, Projekt-CROSSING, Security, Peace, Projekt-DualUse, Cyberwar},
pages = {139--164},
}
[BibTeX] [Abstract] [Download PDF]
Im Dezember 2017 wurde eine Invasion des deutschen Regierungsnetzwerks entdeckt; dieses vernetzt Bundesministerien und Behörden (vgl. Reinhold 2018a). Die Angreifer nutzten das Intranet der Hochschule des Bundes für öffentliche Verwaltung und der Bundesakademie für öffentliche Verwaltung als Einfallstor. Dieses ist der am wenigsten gesicherte Teil des Systems, da externe Teilnehmerinnen und Teilnehmer auch außerhalb der Einrichtung darauf zugreifen müssen, beispielsweise für Fortbildungen des Auswärtigen Amtes.
@incollection{reuter_cyberwar_2019,
title = {Cyberwar zwischen {Fiktion} und {Realität} – technologische {Möglichkeiten}},
isbn = {978-3-658-27713-0},
url = {https://peasec.de/paper/2019/2019_ReuterRiebeAldehoffKaufholdReinhold2019_CyberwarZwischenFiktionUndReal_Cyberwar.pdf},
abstract = {Im Dezember 2017 wurde eine Invasion des deutschen Regierungsnetzwerks entdeckt; dieses vernetzt Bundesministerien und Behörden (vgl. Reinhold 2018a). Die Angreifer nutzten das Intranet der Hochschule des Bundes für öffentliche Verwaltung und der Bundesakademie für öffentliche Verwaltung als Einfallstor. Dieses ist der am wenigsten gesicherte Teil des Systems, da externe Teilnehmerinnen und Teilnehmer auch außerhalb der Einrichtung darauf zugreifen müssen, beispielsweise für Fortbildungen des Auswärtigen Amtes.},
booktitle = {Cyberwar – die {Digitalisierung} der {Kriegsführung}},
publisher = {Springer VS},
author = {Reuter, Christian and Riebe, Thea and Aldehoff, Larissa and Kaufhold, Marc-André and Reinhold, Thomas},
editor = {Werkner, Ines-Jacqueline and Schörnig, Niklas},
year = {2019},
doi = {10.1007/978-3-658-27713-0},
keywords = {Security, Peace, Projekt-DualUse, Cyberwar},
pages = {15--38},
}
[BibTeX] [Abstract] [Download PDF]
Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or moni-toring specific actions and their accordance with the respective rules. In contrast to his-torical examples of former military technologies, cyberspace features some unique char-acteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potential-ly useful verification approaches.
@incollection{reinhold_verification_2019,
address = {Wiesbaden, Germany},
title = {Verification in {Cyberspace}},
isbn = {978-3-658-25652-4},
url = {https://www.springer.com/de/book/9783658256517},
abstract = {Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or moni-toring specific actions and their accordance with the respective rules. In contrast to his-torical examples of former military technologies, cyberspace features some unique char-acteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potential-ly useful verification approaches.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4_12},
keywords = {Projekt-CRISP, Security, Peace},
pages = {257--276},
}
[BibTeX] [Abstract] [Download PDF]
Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.
@incollection{reuter_future_2019,
address = {Wiesbaden, Germany},
title = {The {Future} of {IT} in {Peace} and {Security}},
isbn = {978-3-658-25652-4},
url = {https://www.springer.com/de/book/9783658256517},
abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Aal, Konstantin and Aldehoff, Larissa and Altmann, Jürgen and Buchmann, Johannes and Bernhardt, Ute and Denker, Kai and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Nordmann, Alfred and Reinhold, Thomas and Riebe, Thea and Ripper, Annette and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
editor = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4_19},
keywords = {HCI, Projekt-CRISP, Projekt-CROSSING, Security, UsableSec, Peace},
pages = {405--413},
}
Vorherige:
(2018) WannaCry about the tragedy of the commons? Game-theory and the failure of global vulnerability disclosure
Thomas Reinhold, Sven Herpig (2018) Spotting the Bear: Credible Attribution and Russian Operations in Cyberspace
Thomas Reinhold (2018) Rethinking the Attribution Problem – A Plausible Proof of Non-Involvement as an Alternative to Attribution
(2017) Zur Verantwortung der Informatik in einer technologisierten Gesellschaft, Sicherheit und Frieden, url
(2017) Arbeitspapier: „Digitale Gegenangriffe – Eine Analyse der technischen und politischen Implikationen von „hack backs“, pdf
(2016) Cyberspace als Kriegsschauplatz? Herausforderungen für Völkerrecht und Sicherheitspolitik, Aus Politik und Zeitgeschichte, url
(2016) Die Bundeswehr zieht ins Cyberfeld – Ein Kommentar zum Aufbau des neuen Bundeswehr-Organisationsbereiches Cyber- und Informationsraum, Blätter für deutsche und internationale Politik, url
(2016) Review zum „Cyberwar & Cyberpeace – Internationaler Pugwash-Workshop, 23.-24. Oktober 2015, Berlin“ in Wissenschaft & Frieden, Wissenschaft & Frieden, url
(2016) Vom Hindukusch zum Cyberspace – Wie die Bundeswehr unsere Sicherheit im virtuellen Raum verteidigen will, Internationale Politik und Gesellschaf, Friedrich-Eberst-Stiftung, url
(2016) Der Cyberspace – Vorfälle, militärische Aufrüstung und erste Friedensbestrebungen, Welttrends – das außenpolitischen Journal
(2015) Die Militarisierung des Cyberspace – Die Informatik ist gefordert!, Wissenschaft & Frieden, url
(2015) Von den Realitäten im Cyberwar, oder: Die Bedeutung des Sony-Hacks für zukünftige Cyber-Konflikte, url
(2015) Militarisierung des Cyberspace – Friedens- und sicherheitspolitische Fragen, Wissenschaft & Frieden, url
(2015) Friedens- und Sicherheitspolitische Fragen zur Militarisierung des Cyberspace, FIfF Kommunikation, url
(2015) Möglichkeiten und Grenzen zur Bestimmung von Cyberwaffen, Informatik 2015, Douglas Cunningham, Petra Hofstedt, Klaus Meer, Ingo Schmitt (Hrsg.), S. 587-596, Bonn: Gesellschaft für Informatik
(2015) Betrifft: Cyberpeace – Auswirkungen der Exportbeschränkungen von Cyberwaffen durch das Wassenaar-Abkommen, FIfF Kommunikation, url
(2015) Dosier „Kriegführung im Cyberspace“, Dossier 79 in 03/2015, url
(2014) Internationale Kooperationsrichtlinien – ein Ausweg aus dem Attributionsdilemma, Sicherheit und Frieden, url
(2012) Malware als Waffe, ADLAS Magazin für Außen- und Sicherheitspolitik, pdf