Critical Infrastructure Protection | Journal of Information Warfare

Critical Infrastructure Protection

Australia Critical Infrastructure Protection: A Twenty-Year Journey

Abstract:

The aim of the paper is to describe Australia’s national Cyber Security strategy development since the late 1990s to the 2020s. A common theme is that the management of Australia’s commercial critical infrastructure has presented ongoing challenges to industry and the government. A key issue of the Australian situation is that that the majority of critical infrastructure resides under the control of the business sector and not under direct government control. The paper also describes the new Cyber Security critical infrastructure issues associated with the COVID-19 situation.

Published In

Volume 20, Issue 4

Written By

Keywords

Critical Infrastructure Protection

Read more about Australia Critical Infrastructure Protection: A Twenty-Year Journey

Industrial Internet of Things Security for the Transportation Infrastructure

Abstract:

The transportation sector is evolving with the introduction of the Internet of Things (IoT) and Industrial Internet of Things (IIoT). IIoT devices are used in the monitoring and control of industrial and related processes and have many useful applications in the transportation sector. This article provides a comparison between IoT and IIoT, and an overview of the threats, vulnerabilities, risks, and incidents related to their use in the transport infrastructure. A guideline for security standards, frameworks, and controls to govern and secure IoT and IIoT specific to transport infrastructure is proposed, with a focus on the rail and maritime sectors.

Published In

Volume 19, Issue 3

Written By

Barend Pretorius

Brett van Niekerk

Keywords

Internet of Things (IoT)

Industrial Internet of Things (IIoT)

Transport Infrastructure

Critical Infrastructure Protection

Read more about Industrial Internet of Things Security for the Transportation Infrastructure

Economic Information Warfare: Feasibility and Legal Considerations for Cyber-Operations Targeting Commodity Value Chains

Abstract:

With the increasing prevalence of cyberattacks and the drive for hyper-connected digital economies, there is a growing probability that national economies will be directly affected by cy- berattacks. There is also a growing consideration of vulnerabilities in the physical transportation infrastructure, which is comprised of a number of interlinking components that enable international trade in raw materials and consumer goods, known as commodity value chains.

Published In

Volume 18, Issue 2

Written By

Brett van Niekerk

Trishana Ramluckan

Keywords

Commodity Value Chain

Critical Infrastructure Protection

Cyber-operations

Economic Information Warfare (EIW)

International Humanitarian Law (IHL)

Read more about Economic Information Warfare: Feasibility and Legal Considerations for Cyber-Operations Targeting Commodity Value Chains

Critical Infrastructure: You Get What You Pay For

Abstract:

Programmable Logic Controllers (PLCs) have proliferated into multiple commercial sectors, including critical infrastructure applications. PLCs often manage resources that offer high-impact targets but with a lackadaisical treatment of security—a recipe for trouble. This paper proposes a misuser-driven approach for PLC assessment.

Published In

Volume 17, Issue 2

Written By

William R Mahoney

Matthew L. Hale

Keywords

Vulnerability Analysis

Use-Case Approach

Reverse Engineering

Programmable Logic Controllers

Critical Infrastructure Protection

Read more about Critical Infrastructure: You Get What You Pay For

Leveraging Virtualization Technologies to Improve SCADA ICS Security

Abstract:

In recent years, Supervisory Control and Data Acquisition (SCADA) Industrial Control Systems (ICS)—systems used for controlling industrial processes, power plants, or assembly lines—have become a serious concern because of security and manageability issues.

Published In

Volume 15, Issue 3

Written By

Edmundo Monteiro

Keywords

Critical Infrastructure Protection

Industrial Control Systems

Read more about Leveraging Virtualization Technologies to Improve SCADA ICS Security

A Process for the Identification of Security Risks from Critical Infrastructure Interdependencies

Abstract

Traditional security risk assessment takes a broad asset-based view of organizations. The risk identification process therefore focuses on well-known threats and vulnerabilities to static and discrete assets that fall within the scope of organizational boundaries under investigation. It does not offer a methodology or framework that systematically deals with risks that arise from the complex interdependencies1 among the critical infrastructures2. To support this proposition, this paper conducts a systematic analysis of the security risks resulting from logical, cyber, geographical and physical interdependencies between telecommunications and power infrastructures.

Published In

Volume 10, Issue 1

Written By

Keywords

Critical Infrastructure Protection

Information Security

Security Risk Assessment

Read more about A Process for the Identification of Security Risks from Critical Infrastructure Interdependencies

U.S. Energy Sector Cybersecurity: Hands-off Approach or Effective Partnership?

Abstract:

Recent reporting has identified significant threats to the U.S. energy’s critical infrastructure from nation states and other groups through cyberspace. Efforts to improve the security and resilience of U.S. energy infrastructure relies upon voluntary partnerships between the U.S. Government and public and private energy infrastructure owners.

Published In

Volume 15, Issue 1

Written By

Joseph A. Allen

Kyle K. Francis

Keywords

Public-Private Partnerships

Critical Infrastructure Protection

Read more about U.S. Energy Sector Cybersecurity: Hands-off Approach or Effective Partnership?

Vulnerability Analysis in Critical Infrastructure Protection

ABSTRACT

This paper describes a novel approach to critical infrastructure vulnerability analysis and risk assessment that applies to sectors that can be represented as networks. The method – called model-based vulnerability analysis (MBVA) - is based on a combination of scale-free network theory and fault-tree/event-tree analysis. MBVA incorporates two new optimal resource allocation equations: one for minimizing fault occurrences, and a second equation for minimizing financial risk. The method has been successfully used to identify vulnerabilities in sectors as diverse as water, energy, telecommunications, and power grids.

Published In

Volume 3, Issue 2

Written By

Keywords

Critical Infrastructure Protection

Vulnerability Analysis

Risk Assessments

Read more about Vulnerability Analysis in Critical Infrastructure Protection

A Tale of Two Cities: Approaches to Counter-Terrorism and Critical Infrastructure Protection in Washington, DC and Canberra

ABSTRACT

All nations undertake a variety of activities to protect their citizens from the threat posed by terrorism. In the last decade, the requirements of effective counter- terrorism (CT) policy have become more demanding as the result of the changing nature of global terrorism, and the challenges posed by the requirement to protect vulnerable critical national infrastructures (CNI). (Since the events of 11 September 2001, of these policies has taken on an unprecedented importance.) But the approaches taken by different nations regarding national CT and critical infrastructure protection (CIP) policies have varied considerably. In this paper, the authors will examine the approaches to CT and CIP policies adopted by two nations – the United States and Australia – both before and after 11 September 2001. The paper concludes by proposing explanations for the different approaches in CT and CIP policies adopted by the United States and Australia.

Published In

Volume 3, Issue 1

Written By

Edwin ‘Leigh’ Armistead

Keywords

Counter Terrorism

Critical Infrastructure Protection

National Security Policy

Read more about A Tale of Two Cities: Approaches to Counter-Terrorism and Critical Infrastructure Protection in Washington, DC and Canberra

Is Task Force Smith Rushing To An Electronic Pearl Harbor?

ABSTRACT

The United States of America remains ill prepared against cyberattack in spite of years of well-documented and well-publicized warnings by governmental and non-governmental organizations. The result is the extreme vulnerability of the U.S. to attack in cyberspace by its opponents with severe consequences to the U.S. infrastructure and economy. This paper examines why the ill preparedness of the U.S. to cyberattack is a serious problem, a brief history of this problem with an emphasis on the recent three years, the on-going measures to solve this problem, recommended solutions, and a conclusion.

Published In

Volume 2, Issue 2

Written By

Curtis “Curt” Hellenbrand, Jr.

Keywords

Critical Infrastructure Protection

Read more about Is Task Force Smith Rushing To An Electronic Pearl Harbor?

International Coordination to Increase the Security of Critical Network Infrastructures

ABSTRACT

‘All our infrastructures are increasingly dependent on information and communications systems that criss-cross the nation and span the globe. That dependence is the source of rising vulnerabilities…’ (PCCIP, 1997). Improving the security of these infrastructures requires coordination within and among organizations and nations. In this paper, we discuss five areas that demonstrate the value of international coordination: standardization, information sharing, halting attacks in progress, legal coordination, and providing aid to developing nations. International approaches to coordination in these areas should be matched with appropriate national strategies to secure network-connected infrastructures more effectively.

Published In

Volume 2, Issue 2

Written By

Seymour Goodman

Pamela Hassebroek

Keywords

Critical Infrastructure Protection

Read more about International Coordination to Increase the Security of Critical Network Infrastructures

Information Operations – A Swedish View

ABSTRACT

This paper touches upon Swedish views of how to organize traditional domestic responsibilities to better catch up with emerging IT-related threats. This paper stresses the need for developed forms of public-private co-operation. It also discusses new ways of handling crises and conflicts, as well as of enforcing sanctions in the international arena.

Published In

Volume 1, Issue 1

Written By

Keywords

Information Operations (IO)

Information Assurance

Critical Infrastructure Protection

Read more about Information Operations – A Swedish View

An Emergent Security Risk: Critical Infrastructures and Information Warfare

ABSTRACT

This paper examines the emergent security risk that information warfare poses to critical infrastructure systems, particularly as governments are increasingly concerned with protecting these assets against attack or disruption. Initially it outlines critical infrastructure systems and the notion of information warfare. It then discusses the potential implications and examining the concerns and vulnerabilities such cyber attacks would pose, utilising exemplar online attack occurrences. It then examines the current Australian situation before suggesting some considerations to mitigate the potential risk that information warfare poses to critical infrastructure systems, and by association: government, industry and the wider community.

Published In

Volume 8, Issue 3

Written By

Keywords

Critical Infrastructure Protection

Information Warfare (IW)

Read more about An Emergent Security Risk: Critical Infrastructures and Information Warfare

Results from a SCADA-Based Cyber Security Competition

ABSTRACT

On April 1 2011, Regis University hosted the 7th Computer and Network Vulnerability Assessment Simulation (CANVAS) competition with a turnout of 68 event competitors and at least two dozen faculty and spectators. The event was a major success. The competition sought primarily to introduce a Critical Infrastructure Protection (CIP) theme to a cyber competition to raise awareness of these types of attacks. This paper will discuss the goals and intricacies of developing the CANVAS cyber competition, including technical details, extensibility of CIP-focused cyber competitions, as well as the continued development and value of CIP simulation infrastructure.

Published In

Volume 12, Issue 2

Written By

Daniel Likarish

Keywords

Critical Infrastructure Protection

Cyber Competition

Read more about Results from a SCADA-Based Cyber Security Competition

Strategies for Combating Sophisticated Attacks

ABSTRACT

Industrial control systems (ICS) monitor and control the processes of public utility infrastructures that society depends on—the electric power grid, oil and gas pipelines, transportation and water facilities. Attacks that impact the operations of these critical assets could have devastating consequences. Yet, the complexity and desire to interconnect ICS components have introduced vulnerabilities and attack surfaces that previously did not exist. Cyber attacks are increasing in sophistication and have demonstrated an ability to cross over and create effects in the physical domain. Most notably, ICS associated with the critical infrastructure have proven susceptible to sophisticated, targeted attacks.

Published In

Volume 12, Issue 1

Written By

K. Thirunarayan

Keywords

Defense-in-Depth Limitations

Critical Infrastructure Protection

Read more about Strategies for Combating Sophisticated Attacks

Critical Infrastructure Protection Policy: The Israeli Experience

ABSTRACT

This article presents the Critical Infrastructure Protection (CIP) policy in Israel and analyses its evolution. Israel established a centralist national critical infrastructure protection system in late 2002, which was implemented rather harmoniously. However, the evolving cyber-environment has led to renewed discussions. After years of discontent, a comprehensive review of national cyber-posture was conducted in 2011. Significant policy changes, fostering coordinated cooperation between public, security, academic, and private sectors, are now in progress. This examination of the Israeli CIP approach may assist policy-making in other countries.

Published In

Volume 12, Issue 3

Written By

Keywords

Critical Infrastructure Protection

Read more about Critical Infrastructure Protection Policy: The Israeli Experience

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Archive

Volume 23

Issue 1

Volume 22

Volume 21

Volume 20

Volume 19

Volume 18

Volume 17

Volume 16

Volume 15

Volume 14

Volume 13

Volume 12

Volume 11

Volume 10

Volume 9

Volume 8

Volume 7

Volume 6

Volume 5

Volume 4

Volume 3

Volume 2

Volume 1

Keywords

(

(ISC)2

2

2G GSM

3

3D Tactics

3D Vulnerability Analysis

3D-Printed Gun

3G UMTS

4

4G LTE

4th Generation War

8

802.11

9

9/11 Aftermath

A

Academic

Access Control

Access Management

Act of War

Action Learning

Active Cyber Defense

Active Response

Active Sensor

Activist Intelligence

Acts of Violence

AdaBoost

Adaptive Red Team

Adaptive Security

Admiralty Law

Advance Encryption Standard (AES) Algorithm

Advanced Encryption Standard (AES)

Advanced Persistent Threat

Advanced Persistent Threat (APT)

Advanced Persistent Threats

Advanced Persistent Threats (APT)

Adversarial Adaptability

Adversarial Attacks

Adversarial Learning

Adversary Behaviour

AFSIM

Agenda Building Theory

Agenda Setting Theory

Agenda-Setting Theory

Agent-Based Modelling

Agile Governance

Agile Mission Groups

Agile Security

AI

Air Warfare

Alarms

Algorithm

Algorithms

Allocation Cost

Ambidextrous Framework

Ambiguous Self-Induced Disinformation Attacks

ANAKONDA-16

Analogue Network Security

Analysis

Analytics

Android

Anomaly Detection

Anonymised Network

Anonymity

Ant Colony Optimisation (ACO)

Ant Tree Miner (ATM)

Anthropology

Anti-Tamper

Anticipatory

Anticipatory Cyber Defence

Anticipatory Ethics

Antifragility

Antivirus

Applications of Intelligence

Applied Probability

Approving Officials

APT

Architecture

Armed Conflict

Armenia

Arms

Arms Control

Army

Artefact

Artificial Intelligence

Artificial Intelligence (AI)

ArtificialIntelligence

Artificially Driven Hybrid Warfare

ASCOPE

ASEAN

Aspectual Analysis

Asset Discovery

Asset Inventory

Assurance

Asymmetric Threats

Asymmetric Warfare

Attack

Attack Lifecycle

Attack Process

Attack Scenarios

Attack Tree

Attack Vectors

Attacks

Attestation

Attitude

Attitudes (KSA)

Attribution

Audit

Augmented Reality

Australia

Australian Constitution

Australian Defence Force

Authentication

Authorities

Authorization Based Access Control

Automated Response Action

Automation

Automobiles

Autonomous Drones

Autonomous Systems

Availability

Awareness

Awareness Training

a

and Information Warfare

B

Babylonia

Backfire

Backup Protection

Barton Whaley

Battle Management

Battlespace

Bayesian Networks

Bayesian-Nash Equilibrium

Behaviour Change

Behavioural Profiling

Belgium

Belief Networks

Belief Systems

Bias

Big Brother

Big Data

Big Data Analytics

Big Five

Binary Analysis

Bio-inspired

Bioinformatics

Biological Warfare

Biometrics

Bitcoin Technology

Blockchain

Blue Team

Book Review

Bot

Bot Controller

Botnet Discovery

Botnets

Bots

Boundaries

Breach

BreakingPoint

Broadband Access

Brute-Force Attacks

Budapest Convention

Burnout

Bush/Obama Doctrine

Business Continuity

Business Process Modeling Notation

Byzantine Generals Playing Evolutionary Games

C

C2

C2S

Cache-Timing Attack

Cache-Timing Countermeasures

Caesar

CANbus

CANVAS

Capability Development

Capability Maturity Model

Capability Packages

Capacity Building

Case Study

Castells

CCDC

CDX

Center of Gravity

Certification

Channel-Estimation

Channel-PUFs

Charter of the United Nations

Cheap Talk Game

China

CIA

CIEDI

CIP

Cipher

Clausewitz

Client Forensics

Closed National Networks

Cloud

Cloud and Big Data

Cloud Computing

Cloud Computing Services

Cloud Data Platform

Cloud Forensics

Cloud Privacy

Cloud Services

Cloud Storage Service

CMMC

CNCI

CNSSI No. 1253

CNSSP 22

Co-Evolution

Coburg Intrusion Detection Data Sets (CIDDS)

CoCom

Cognition

Cognitive Bias

Cognitive Dissonance

Cognitive Domain

Cognitive Malware

Cognitive Rigidity

Cognitive Security

Cognitive Task Analysis

Cognitive Warfare

Cognitive Workload

Cold War

Collaboration

Collateral Damage

Collective Defence

Collective Intelligence

Collective Security

Combat Camera (CC)

Command and Control

Command and Control (C2)

Commercial Security

Commercial Solutions for Classified

Commodity Value Chain

Common Data Model

Communication

Communication Behaviour

Communications Security

Community of Interest

Companies

Competences

Complexity

Complexity Science

Comprehensive

Comprehensive Approach (CA)

Computational Intelligence

Computer

Computer Attack

Computer Audit

Computer Crime

Computer Forensics

Computer Network Attack

Computer Network Defence (CND) Choices and Behaviours

Computer Network Defense

Computer Network Operations Development Program

Computer Security

Conceptual Model

Confidentiality

Confusion

Consumer Awareness

Content Analysis

Contested Cyber Environment

Context Manipulation

Contextual Analysis

Contextual Query

Continuity

Continuous Identity Verification

Control

Control Measures

Controller Area Network (CAN)

Conventional Warfare

Convergence

Cookies

Coordinated Response Action

Coordination

Core Narrative

Corporate Intelligence

Corporate Spies

Corpus Linguistics

Counter influence

Counter Intelligence

Counter Terrorism

Counterattacks

Counterfeiting

Countering Hybrid Warfare

Countering Interference Operations through Minimising Social Divides

Covert Action

Covert Channels

Covert Operations

Covid-19 Disinformation

CPS

Crawler Traps

Credibility

Crime Scripting

Crisis Communication

Crisis Management

Criteria Development

Critical Assets

Critical Cyber Infrastructure

Critical Discourse Analysis

Critical Information Infrastructure

Critical Information Infrastructure Protection

Critical Infrastructure

Critical Infrastructure Protection

Critical Infrastructure Protection and Modelling

Critical National Infrastructure

Cross-border Stored Electronic Evidence

Crowdsourcing

Crucial Decisions

Cryptographic Protocol

Cryptographic Protocols

Cryptography

CSfC

Cultural Dimensions

Cultural Values

Culture

Curriculum

Cyber

Cyber Decision-Making

Cyber Intelligence

Cyber Security

Cyber Warfare

Cyber Activities

Cyber Activity

Cyber Apprenticeship

Cyber Army

Cyber Attack

Cyber Behaviours

Cyber Blockades

Cyber Capability

Cyber Command

Cyber Common Operating Picture (CCOP)

Cyber Competition

Cyber Conflict

Cyber Counterintelligence

Cyber Crime

Cyber Deception

Cyber Defence

Cyber Defense

Cyber Deterrence

Cyber Domain

Cyber Enabled

Cyber Event Detection

Cyber Forces Training

Cyber Governance

Cyber Incident Response

Cyber Information Sharing

Cyber Intelligence

Cyber Intelligence Analysis

Cyber Intelligence Support

Cyber Law

Cyber Maturity

Cyber Monitoring

Cyber Offense

Cyber Offensive and Defensive Capability

Cyber Operations

Cyber Operations other than War

Cyber Operations Planning

Cyber Operations Training

Cyber Physical System

Cyber Physical Systems

Cyber Power

Cyber Range and Training Environment (CRATE)

Cyber Risk

Cyber Risk Management

Cyber Risk Mitigation

Cyber Sanctions

Cyber Security

Cyber Security Challenge

Cyber Security Controls

Cyber Security Costs

Cyber Security Sensors

Cyber Security Theory

Cyber Situational Awareness

Cyber Situational Awareness (CSA)

Cyber Sophistication

Cyber Stability

Cyber Terrorism

Cyber Threat Intelligence

Cyber Threat Intelligence (CTINT)

Cyber Threats

Cyber War

Cyber Warfare

Cyber Warfare Impact

Cyber Warfare Threat

Cyber Weapon

Cyber Weapons

Cyber Workforce

Cyber-attack

Cyber-attack Pathways

Cyber-Ecosystem

Cyber-kill Chain

Cyber-operations

Cyber-Physical

Cyber-Physical Security

Cyber-Physical System (CPS)

Cyber-Physical Systems

Cyber-Power

Cyber-Security

Cyber-security Design

Cyber-threat Intelligence

Cyberattack

Cyberattacks

Cyberconflict

Cybercrime

Cybercrime as a Service (CaaS)

Cybercrime economy

Cybercrime strategy

Cybercrimes

Cyberphobia

Cybersecurity

Cybersecurity

Cybersecurity Awareness

Cybersecurity Framework (CSF)

Cybersecurity Maturity Model Certification

Cybersecurity Norms

Cybersecurity Skills

Cyberspace

Cyberspace Governance

Cyberspace Operations

Cyberspace Operations Planning

Cyberterrorism

Cyberwar

Cyberwarfare

Cyborg

D

Dark Triad

Dark Web

Dark Web Markets

Darknet

Data

Data Analysis

Data Enrichment

Data Exfiltration

Data Gathering

Data Hiding

Data Localisation Laws

Data Loss

Data Mining

Data Privacy

Data Retrieval

Data Security

Data Tagging

Data-Set Generation

Database

Dataset

DBSy

DDoS

Deception

Decision

Decision Making

Decision Support

Decision Theory

Decision Trees

Decision Trees (DTs)

Decision-Making

Decision-Making Processes

Decoy Systems

Deep Web

Deepfake

Deepfakes

Defence

Defence Acquisition

Defence Mechanisms

Defense

Defense-in- Depth

Defense-in-Depth Limitations

Defensible Systems

Defensive Cyber Operations

Defensive Cyber Operations (DCO)

Defensive Information Operations

Definition

Denial

Denial and Deception

Denial of Service

Denial of Service Attack

Department of Defense

Department of Defense

Dependency

Design

Design Science Research

Designed-In Assurance Features

Destabilization

Detect (D)

Detecting Junk Mail

Deterrence

Deterrence Implementation

Deterrence Theories

Device Fingerprinting

Diamond Model of Intrusion Analysis

Digital Borders

Digital Cooperation

Digital Evidence

Digital Forensics

Digital Identity

Digital investigation

Digital Investigations

Digital Isolation

Digital Rights Management

Digital Sovereignty

Digital Warfare

DIME

DIME-FIL

Diplomacy

Disaster Management

Discourse Analysis

Discrimination

Disinformation

Disrupting Botnet

Disruption Tolerant

Distorted news/information

Distributed Authority

Distributed Denial of Service (DDoS)

Diversity

DMMI Matrix Cube

DNS

DNSSEC

Doctrine

Documentary Film

DoD

DoDI 8510.01

Domains

Domestic Information Intelligence Operations

DoS

DOTMLPF II

Drone

Drones

Dual Technologies

Dutch Defence Cyber Command (DCC)

Dynamic Defence

Dynamic Hybrid Fault Models

Dynamic Policy

Dynamic Security Policy

E

E-CRIME Project

E-EWS

E-mail

E-mail Filtering

E-mail Headers

Early Warning

East Timor

Eavesdropping

Echo Chambers

Ecologically Valid

Economic Action

Economic Considerations

Economic Dominance

Economic Information Warfare (EIW)

Economic Information Warfare (EIW)

Economic Sanctions

Editoral

Editorial

Education

Educational Resources

Effects Analysis

Effects-Based Operations

Effects-Centric

Effects–Based Operations

Electro Magnetic Spectrum (EMS)

Electromagnetic

Electronic Control Unit (ECU)

Electronic Control Unit (ECU)

Electronic Health Records (EHR)

Electronic Warfare

Electronic Warfare (EW)

Elimination Cost

Embedded Device

Embedded Systems

Emergency Management (EM)

Emergency Management Intelligence (EMINT)

Emergency Response

Emerging and Disruptive Technologies

Emotion

Employment

Encryption

Energy Sector

Enterprise

Epidemiology

Erratic Attacks

Escalation

Espionage

Ethics

Ethnography

Ethnonationalism

Europe

European Theatre of Operations

Event Correlation

Event Logs

Event-Driven Systems

Evidence

Evidence Collection

Evolutionary Game Theory

Exercise

Experience-Based

ExperientialLearning

Experiments

Exploitation

Exploits

Export Control

Extended Evolutionary Game Theory

External Component

Extremist Organization

e

eBay

F

Facebook

Fake News

Fake Personas

False Information

False-Positive Alerts

Fatigue

Fault Tolerance

Fear Appeal

Federal Program Response

Federal Security Service

Field Programmable Gate Array (FPGA)

FIMI

Finland

Firmware

First Principles

First Nations Australians

FISHBOWL Pilot

Fit For Purpose Security

Five-Dimensional Operations

Fog of War

Force Readiness

Forced-Latency

Foreign Information Manipulation and Interference

Foreign Policy

Forensic Analysis

Forensic Case Management

Forensic Computing

Forensic Discovery

Forensic Report Referencing

Forensics

Foresight

Formal Methods

Fortified Cyber Defence

Fourth Industrial Revolution

Frames

Framework

Fraud

Frustration

Functional Resilience

Functional Resonance

Funding

Future

Future of Cyber

Future Terror

Futures Tables

G

Game Theory

Gamification

Gaming

General Morphological Analysis

Geneva Conventions

Global Governance

Global Performance Metric

Global Times

Globalism

Globalization

Google

GOTS

Governance

Government

Graphic Design

Graphical Passwords

Grey Zone Conflict

GRLVQI

Grounded Theory

Group Dynamics

H

Hacker

Hackers

Hacking

Hacktivism

Hamas

Handicap Principle

Hardware

Hardware Verification

HAVARO

HAVEX

Hawala

Hawaladar

Health

Healthcare Institutions

HealthConnect

HERF

Heuristic Processing

Hezbollah

Hiding

Higher education

Highly Perishable Information

Historical Archives

Hofstede

Home Battlefield

Homeland Security

Homophily

Honeyd Honeynet

Honeynet

Honeypot

Host Discovery

HTTP

HTTP Flood

Human Behaviour

Human Component

Human Factors

Human Introduced Cyber Vulnerabilities (HICV)

Human Performance Variability

Human Rights

Human Subjects

Humanisation

Hunting

Hybrid

Hybrid Dynamics

Hybrid Rhizome

Hybrid Threat

Hybrid Threats

Hybrid War

Hybrid Warfare

Hypergame Theory

I

IA

IC ITE

ICMP Ping Flood

ICS

ICS Security

ICT Product Integrity

Identification Based Access Control

Identifying Spam

Identity Theft

IDESG

IMSI-Catcher

Incident

Incident Command System (ICS)

Incident Response

Incident Response Assistance

Index

India

Indigenous Australians

Industrial

Industrial Control Systems

Industrial Control Systems (ICS)

Industrial Internet of Things (IIoT)

Infection

Infiltration

Influence

Influence Operations

Influence Operations (IO)

Influence Warfare

Influenceoperations

Influencers

Infodemic

Informal Value Transfer

Informatic Environment

Information

Information Warfare

Information Activities

Information and Communication Technologies

Information Assets

Information Assurance

Information Attack Model

Information Burglary

Information Campaigns

Information Domain

Information Dominance

Information Effects

Information Environment

Information Flow

Information Fusion

Information Influence

Information Influence Operations

Information Infrastructure Warfare

Information Leakage

Information Management

Information Management (IM)

Information Op- erations

Information Op-erations

Information Operations

Information Operations (IO)

Information Overload

Information Privacy

Information Related Capabilities (IRCs)

Information Retrieval

Information Security

Information Security Controls

Information Security Practice Principles

Information Security Strategy

Information Sharing

Information Space Governance

Information Sphere

Information Superiority

Information Systems

Information Systems Security

Information Terrorism

Information Theory

Information Visualization

Information War

Information Warfare

Information Warfare (IW)

Information Warfare Commander (IWC)

Information Warfare Training

Information Warfighting Function (IWfF)

Informational Warfare Operations

Informatised War

Infosec Economy

Infosphere

InfowarCon

Innocence of Muslims

Insider Threat

Inteference Operations

Integrated Team Trainer

Integrity

Intelligence

Intelligence and Cyber

Intelligence Assessment

Intelligence Community

Intelligence Community (IC)

Intelligence Disclosures

Intelligence Gathering

Intelligence Practice

Intelligence Reform

Intelligent Agent

Intent Estimation

Inter-Media Agenda Setting

Interference

International Criminal Law

International Cyber-Order

International Ethics

International Humanitarian Law

International Humanitarian Law (IHL)

International Law

International Laws and Treaties

International Relations

Internationalization

Internet

Internet Research Agency

Internet Background Radiation

Internet Fragmentation

Internet Freedom

Internet Key Exchange

Internet of Things

Internet of Things (IoT)

Internet Protocols

Internet Referral Unit

Internet Security

Internet Sovereignty

Internet Surveillance

Interoperability

Interposing Tactics

Intervention

Intifada

Intrusion

Intrusion Detection

Intrusion Detection (ID)

Intrusion Detection Systems (IDSs)

Intrusion Prevention

IO Standards

IPSec Security

IPSec Tunnel

Irregular Warfare

Islamic

Islamic Banking

Islamist Militant

ISO 27001

Israel

Israel Defence Forces

Israel Defense Forces

Israeli Defense Forces

Issue 14.3

Iterative Analysis of Competing Hypotheses

i

ipv6

J

Japan

JIE

John Boyd

Journey Mapping

Junk News

Jus Post Bellum

Just War

K

Katakri

Kerberos

Key Leader Engagement (KLE)

Key Leader Enhancement (KLEN)

Key Management

Key Terrain

Kill Chain

Kinetic Harm

Kinetic Operations

Knowledge

Knowledge and Action Gap

Knowledge Engineering

Knowledge Items

Knowledge Management

Kosovo

L

Language of War

Law Enforcement

Law Enforcement Investigation

Law of Armed Conflict

Lawfare

Leaders

Learning by Research and Development

Learning environment

Legal Admissibility

Legal Compliance

Legislation

Lethal Autonomous Weapons (LAWs)

Levels and Categories

Libya

Literature

Lithuania

Live Virtual Constructive Training

Lone Actor

Lone Gunmen

Lone Operator

Lone Wolf

Low-Energy Encryption

Low-Intensity Conflict

Low-Rate DoS Attack

LSB

M

Machine Learning

Malicious Software

Malinformation

Malware

Malware Analysis

Malware Collection

Malware Taxonomy

Man-in-the-Middle

Manageability

Management

MANET

MARISA project

Maritime Incidents

Maritime Information Warfare

Maritime Security

Maritime Surveillance

Market Segmentation

Maskirovka

Mass Media

MDA/ML

Measures

Meat Puppets

Media Relations

Medical informatics

Meme

Mental Models

Message Fabric

Message Flow

Messy War

Metadata

Metanarrative

Methodology

METOC

Metrics

Microsimulation

Militant Groups

Military

Military Affairs

Military Approaches

Military Cadets

Military Deception

Military Energy Security

Military Exercises

Military Innovation

Military Leadership

Military Operations

Military Systems

Misinformation

Misinformation Diffusion

Misinformation Propagation

Misinformation/Disinformation

Misperception

Mission Assurance

Mission Awareness

Mission Essential Functions

Mission Mapping

Mission Modeling

Mission Modelling

Mission Threads

Misuse

Misuse Detection

Mobile

Mobile Commerce

Mobile Computing

Mobile Device

Mobile Malware

Mobile Phones

Mobile Security

Mobility Innovation Center

Model

Model Checking

Modelling

Modelling and Simulation

Modelling Complex Problems

Modelling of IT Security

Modern Conflict

Modern Warfare

Modern-Day Warfare

Money Laundering

Motivation

Motivations

Moving Target

Moving Target Defence Contexts

Multi Capability Development Campaign (MCDC)

Multi Objective

Multi- stakeholderism

Multi-agent Simulations

Multi-Domain Operations

Multidisciplinarity

Multidisciplinary Research

Multilateralism

Music

Mutual Legal Assistance Treaties

MWCollect Daemon

N

Narrative Networks

Narrative Paradigm Theory

Narrative Warfare

Narratives

Narratology

National

National Security Policy

National Critical Infrastructure and Key Assets (NCI/KA)

National Critical Infrastructures

National Cyber Security

National Cyber Security Centres

National Cyber Security Centres

National Cyber Security Strategy

National Cyber Strategy

National Institute of Standards and Technology

National Instruments of Power

National Intelligence

National Security

National Security Policy

National Security South Africa

National Segment of the Internet

NATO

NATO Cyber Defence Concept

NATO Strategic Concept 2010

Near-real-time

NEC

Net Discourse; Diaspora Communities

Net-enabled Warfare

NetFlow

Network

Network Analysis

Network Attack

Network Canning

Network Centric Operations

Network Centric Warfare

Network Complexity

Network Covert Channels

Network Defense

Network Emulator

Network Intrusion Detection

Network Resilience

Network Risk

Network Security

Network Security Operations

Network Sensors

Network Telescope

Network Warfare

Networks

Neural Networks

Neutralisation

Neutrality

Neutralize

New Media

New Strategic Concept of NATO

News

Next Generation Networking

Next-Generations Threats

NIAP

NIATEC

NIST

NIST 800-53 IR-7

NMAP Fingerprinting

Non Government Organisations

Non-Conventional Warfare

Non-kinetic Effects (NKE)

Non-kinetic Warfare

Non-State Actors

Norms

North Atlantic Treaty Organization (NATO)

North Korea

NSA

NSA Mobility Program

NSD-42

NSS

NSTIC

O

Occult

ODNI

Off-shoring

Offense

Offensive Cyber Capabilities

Offensive Cyber Operations

Offensive Cybersecurity

Offensive Cyberspace Operations

Omissive Behaviours

ONG

Onion Router

Online Activism

Online Communities

Online Databases

Online Fraud

Online Security Awareness

Ontological Indexing

Ontology

OODA

OODA Loop

OPC UA

Open (non-proprietary) Standards

Open Source

Open Source Intelligence

OpenFlow

OpenStack

Operating Systems

Operation Analysis

Operation Design

Operation Glowing Symphony

Operational Design

Operational Assurance

Operational Design

Operational Technology

Operational Technology (OT)

Operations Research

Operations Security

Opinion Paper

Optimal Sensor Placement

Optimized Fleet Response Plan (OFRP)

Organization

Organization Development

Organizational Bias

Outrage

Outsourcing

OWL

P

Pakistan

Paramilitary Action

Passive Sensor

Password Recovery

Pathological Politics

Payload

Paypal

PDA

Pearl Harbor

Penetration Testing

Perception

Perception Errors

Perception Management

Perception Management Operations

Perceptions

Persistent Cyber Attack

Persistent Engagement

Personal Information

Personality

Persuasion

Persuasion Resistance

Phase 0

Phishing

Phishing Tactics

Photography

Physical Layer

Physical Layer Security

Physical Security

Physical-Layer (PHY) Discrimination

Physically Unclonable Functions

Planning

Plausible Deniability

Plug & Trust

PMESII

Policies

Policy

Policy Analysis

Political Action

Political Engineering

Political Orientation

Political Patriotic and Revenge (PPR) Defacements

Political Warfare

Popaganda

Position Paper

Power

Power Line Communication (PLC)

Practical Security

Preliminary Threat Assessment

Prevent (P)

Principles of War

Prioritization

PRISM

Privacy

Privacy by Design

Privacy Enhancement Technology.

Privacy Harm

Private Information Retrieval

Private Sector

Privatised Spy Shops

Proactive Cyber Defence

Professionalism

Profile

Programmable Logic Controller

Programmable Logic Controllers

Programming

Proliferation

Propaganda

Propaganda/public diplomacy

Proselytizer

Protect

Protection

Protection Motivation Theory (PMT)

Protection Profiles

Protection Tree

Protocol Analysis

Psychological Operations

Psychological Warfare

Public Diplomacy

Public Key Cryptography

Public Relations

Public Sector

Public-Private Partnerships

Q

Qiao Liang

Qualitative Analysis

Quantitative Assessment

Question-Focused Data Sets

Queuing Theory

R

Random Forest

Ransomware

Rating Systems

Receiver Effects

Recognized Information Picture

Recover (R)

Recovered Data

Red Team

Reflexive Control

Reflexive Control

Registered

Registration

Relationship

Reliability

Religious Content

Remailer

Remittance

Remote Authentication

Remote Operations

Renewed Security Concept

Repair

Reparations

Replication

Repunit

Reputation Systems

Requirements Engineering

Research

Research Ethics

Research Methods

Resilience

Resiliency

Resource Exhaustion

Respond (R)

Response

Retaliation

Reverse Engineering

Revil

Revolution in Military Affairs

RF-DNA Fingerprinting

Rhino Poaching

Rhizome

Risk

Risk Analysis

Risk Assessment

Risk Assessments

Risk Definition

Risk Management

Risk Management Framework

Risk Management; Reliability

Risk Ontology

Risk Perception

RMF

Robots

Rotation

Rotational Assignments

Rule of Law

Rules of War

RuNet

Rural

Rural Areas

Ruses

Russia

Russian Federation

Russo-Ukraine Conflict

S

Sabis

Sabotage

Sambre

Satellite

SCADA

Scenarios

Science Fiction

Scifi

Scope of Spread

Scripted Agent

Search Engine; South Africa

Second Gulf War

Secret Key Generation

Secret Key Generation; Authentication

Secret Sharing Scheme

Secure Content Delivery

Secure Mobility

Secure Portable Application Device

Securitization

Security

Security Training and Certification

Security and Privacy

Security and Protection

Security and Risk

Security Assessment

Security Audit

Security Audit Criteria

Security Automation

Security Awareness

Security Community

Security Controls

Security Countermeasures

Security Criteria

Security Education

Security Incident

Security Model

Security Operating Centre

Security Posture

Security RequirementEengineering

Security Requirements

Security Risk Assessment

Security Risk Assessments

Security Risk Management

Security Threat Analysis

Self-deception

SELinux

Semantic Annotation

Semantic Web Technology

Sense-Making

Sensing

Sensitive Data

Sensor

Sensor Deployment

Sentiment Analysis

Serious Gaming

Shaping

Shared Credentials

Shared Situational Awareness

Sharp Power

Shipping

Shipping Regulations

Side-Channel Attack

Side-channel Attacks

Signaling Theory

Signature

Simulation

Simulation Experiment

Simulcasting PLC Network

Situation Picture

Situational Awareness

Skills

Slacktivism

Slovenia

Small and Medium Business (SMB)

Small Business

Small Business Cybersecurity

Small Message-Space Attack

Smart Grid

SOA

Social Cognition

Social Cognitive Theory

Social Contract

Social Control

Social Determiniates of Health as a National Security Risk

Social Engineering

Social Engineering

Social Media

Social Networking

Social Networking Sites

Social Networks

Society

Socio-political

Sock Puppets

Soft Power

Software

Software as a Weapon

Software Defined Networking (SDN)

Software DefinedNetworking

Software DefinedNetworking (SDN)

Software ID Tags

Software Reliability

Software-Defined Networking

Software-Defined Networks (SDN)

Soldiers

Source

South Africa

South Korea

Sovereign Citizen

Sovereignty

Soviet Union

Space Security

Space Systems

Space Weapon

Spam

Spear Phishing

Spectrum Management

SPIN

Spying

Spyware

SQL-Injection

Stackelberg Game

Stakeholder

Standard

Standards

Starlink

State

State Media

State Sovereignty

States

Steganalysis

Steganography

Storyweb

Strategic Communication (SC)

Strategic Communications

Strategic Culture

Strategic Cyberspace Analyses

Strategic Deterrence

Strategic Disconnect

Strategic Dominance

Strategic Information Warfare

Strategic Narrative

Strategic Reports and Recommendations for Cyber Security

Strategic Security Management

Strategic Stability

Strategic Theory

Strategy

Stress

Stuxnet

Subversion

Suggestions

Suicide Drones

Superiority

Supervisory Control and Data Acquisition (SCADA)

Surface Web

Surprise Attacks

Surveillance

Survivability

Suspicion

Sustainability

Swarming

SWID

Sybil Accounts

Symbolism

Synchronization

Synthetic Media

Synthetic Moving Images

System Boundaries

System Design

System Dynamism

System on a Chip (SoC)

Systems

Systems Complexity

Systems Theory

T

Tactics

Taiwan

Taliban

Tallinn Manual

Tallinn Manuals

Tanzania

Target Audience

Targeting Civilians

Taxonomy

Teaching

TECHINT

Technocracy

Technology

Technology Communities

Technology Policy

Temporal Logic

Terror Mobilization

Terrorism

Text Categorization

Text Mining

The Internet

Theory

Theory of Alliances

Think Tanks

Thought Diversity

Threat

Threat Actors

Threat Assessment

Threat Intelligence

Threat Landscape

Threat Mitigation

Threat Perception

Threat Susceptibility Assessment (TSA)

Threats

Three Warfares Strategy

Time-Based Security

Tire Pressure Monitoring Systems

Tire Pressure Monitoring Systems

Topic Modelling

TOR

Traffic Analysis

Trafficking

Training

Transdisciplinary View

Transfer of Research

Transformation

Transitive Access

Transnational Cybersecurity

Transparent Authentication

Transport Infrastructure

Transportation Systems

Trend Scouting

Tribute

Trolling

Trolls

Trust

Trust Factors

Trusted Computing

Twitter

t

the Sir Philip Sidney Game (SPS)

U

U.S. DoD Strategy for Operating in Cyberspace

U.S. International Strategy for Cyberspace

UAV

UBE

Ubiquitous Identity Management

Ubiquitous Security

UDP Flood

Ukraine

Ukraine War

Ukraine-Russia Conflict

Uncertainty

United States

Unrest

Unsolicited Bulk E-mail

US-China Relations

USA Really

Use of Force

Use-Case Approach

User Authentication

User-Centered Design

Using Popular Movements to Identify Isolated Populations in Target Countries

V

ValidatingIntroductionModels

Value Framing

Values

Verification

Victimization Narrative

Victims

Videos

Violent Extremist Organisations (VEOs)

Virtual Machine

Virtual Non-State Actors

Virtualization

Viruses

Visual Analytics

Visualisation

Volunteer Cyber Army

Voter Rolls

VPN

Vulnerabilities

Vulnerability Analysis

Vulnerability Assessment and Penetration Testing

Vulnerability Discovery

Vulnerability Management

Vulnerability Scanning

Vulnerable Services

W

Wang Xiangsui

War

War Crimes

War Games

War Gaming

War on Terror

Warfare

Wargaming

Warranting Theory

Wassenaar Arrangement

Weaponised Malware

Weaponization of Everything

Weaponization of Smart Systems

Web Design

Web Development

Web Security

Web Services

Web site Assessment

Web Tracking

Website

Weighted Average Masking Time (WAMT)

Western Union

Whole-of-Government Approach

Wicked Messy Problems

Wicked Problems

Wikileaks

Wired Signal

Wired Signal Distinct Native Attribute (WS-DNA)

Wireless Intrusion Detection

Wireless Network Security

Wireless Security

Wireless TCP/IP Fingerprinting

Wireless Technology

Worm

WPA2

X

XRY

Y

YouTube

YouTube Wars

Z

Zero Trust

Zero-Days

ZigBee

Zombie

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Latest

Volume 23, Issue 1 Editorial

March 27, 2024

‘No-one Likes a Cry-Baby’: The Effectiveness of Victimization Narratives in External Information Operations

March 27, 2024

Aspectual Human Performance Variability in Social Engineering Attacks

March 27, 2024

Get in touch

Registered Agent and Mailing Address

Journal of Information Warfare
ArmisteadTEC
Dr Leigh Armistead, President
1624 Wakefield Drive
Virginia Beach, VA 23455

757.510.4574

JIW@ArmisteadTec.com