My Unusual, Unexpected, and Unpredictable IW Journey, 1988-2021: A Memoir & Observations on the Future of IW Education


Up until 1981 I was a professional recording engineer and producer. By pure happenstance, in 1983 I was introduced to encryption while consulting to Western Digital. That work led me to a quite unconventional career shift that put me, an audio engineer, in the middle of international intriques surrounding the early days of information warfare. This is my story.

Categorising Cybercrime and Cybercriminals: The Problem and How It Has Changed


Twenty years ago, the Journal of Information Warfare published a paper examining the problem of cybercrime and the nature of those responsible for it. Taking its cue from the title of the original paper, this sequel begins by reflecting upon the situation of two decades ago, before jumping forward to examine the landscape of today. 

Critical Roles of Information, Analysis, Research, and Operations in the Cyber Realm


PNNL developed an Adaptive Cyber Integration Framework (ACIF) in a pilot program to facilitate the timely sharing of cyber threat information along with the advancement of situational awareness tools to enhance protection against and respond to critical infrastructure cybersecurity threats. ACIF comprises components implemented iteratively to achieve research and mission goals. The ACIF components include data-generation technologies, analytic-tools development and maturation, data enrichment and fusion, trust building with stakeholders, investigative research, analytic rigor, production, and dissemination. Each component, its importance to the ACIF, and how each can be adopted and applied across other information-sharing sectors and domains are discussed as a case study in this paper.

Flexible and Adaptive Malware Identification Using Techniques from Biology


The holy grail in cyber analytics is to find new ways to understand the information we already have access to. One way to do that is to characterize the data into reasonable sizes and then leverage any known information to generate new insights. Biologists have been using a similar process for decades. This paper introduces the MLSTONES tool set that was developed by leveraging biology and bioinformatics, high-performance computing, and statistical algorithms applied to cyber data and specifically to malware. Furthermore, the paper discusses the tool suite, its applications, and how it compares to or can work with other related tools.

Deploying Software-Defined Networking in Operational Technology Environments


Software-Defined Networking for Operational Technologies, referred to as OT-SDN, is a leading technology to secure critical infrastructure and command and control systems. As the name implies, OT-SDN networks are programmable, which allows system owners to utilise the characteristics of their physical processes to inform the security of their network. There are best practices for deploying OT-SDN into an environment, whether it is all at once or over time (hybrid) that the network is converted to SDN technologies. Through the development of data-mining tools and standardised process control, OT SDN can be deployed reliably. These tools will minimise or eliminate any communication failures during the transition and will provide network owners with complete documentation of their network environment. The resulting documentation could enable or facilitate network owners to pass any audits or policy checks (such as Authority to Operate) before being allowed to utilise the OT-SDN infrastructure.

Protecting U.S. Army Infrastructure by Enhancing Cybersecurity for Onsite Third-Party Energy Providers


The U.S. Army Office of Energy Initiatives (OEI) facilitates the procurement of independently owned and operated energy generating assets to support energy resilience capabilities at U.S. Army installations. When developing contracts for these assets, OEI implements a set of cybersecurity requirements it has developed based on energy sector consensus guidance. For many energy projects, these OEI Cybersecurity Requirements are the primary set of cybersecurity requirements the U.S. Army applies. For others, the U.S. Department of Defense Risk Management Framework and Cybersecurity Maturity Model Certification provide additional cybersecurity requirements and guidance.

Enhancing the European Cyber Threat Prevention Mechanism


This research will determine how it is possible to implement the national cyber threat prevention system into the EU level Early Warning System. Decision makers have recognized that lack of cooperation between EU member countries affects public safety at the international level. Separate operational functions and procedures between national cyber situation centres create challenges.

Cyberwarfare: Threats, Security, Attacks, and Impact


Cyberwarfare, an emerging topic within computer science, has the potential to disrupt power grids, cripple economies, and cause political unrest. This paper first discusses investigations into the different groups behind cyberwarfare activities, from nation states to individual hackers. This is followed by an overview of cyberwarfare attacks covering methods, targets, and impact. Next, the economic, socio-political, and infrastructure impacts from cyberwarfare are considered. The paper concludes with a discussion of ways to mitigate the damage from these types of attacks, the importance of learning from the attack methods, and suggestions to prevent future attacks.

Industrial Internet of Things Security for the Transportation Infrastructure


The transportation sector is evolving with the introduction of the Internet of Things (IoT) and Industrial Internet of Things (IIoT). IIoT devices are used in the monitoring and control of industrial and related processes and have many useful applications in the transportation sector. This article provides a comparison between IoT and IIoT, and an overview of the threats, vulnerabilities, risks, and incidents related to their use in the transport infrastructure. A guideline for security standards, frameworks, and controls to govern and secure IoT and IIoT specific to transport infrastructure is proposed, with a focus on the rail and maritime sectors.

Defending the Cyber Sea: Legal Challenges Ahead


New technologies are creating a massive concern for the shipping industry as cyberat-tacks on board ships and in ports continue to rise. More than 90% of world trade is carried by the shipping industry; and, as of 2018, there are more than 53,000 merchant ships sailing the cyber seas. At the same time, these systems are very vulnerable to cyberattacks. Through empirical research, this paper explores the global maritime cybersecurity legal landscape and advances recommendations for policy and legal frameworks essential to ensure safety and security on the cyber sea.

Development and Implementation of Cybercrime Strategies in Africa with Specific Reference to South Africa


Cybercrime is increasing at a rate few individuals would have predicted. IBM estimated in 2016 that, in 2019, the cost of cybercrime would reach $2 trillion, a threefold increase from the 2015 estimate of $500 billion. The growth of the Internet and the rapid development of technology provide enormous economic and social benefits but at the same time provide platforms for cyber-criminals to exploit. Organised crime is using more sophisticated techniques, which require highly skilled and specialised law enforcement responses. 

International Humanitarian Law and its Applicability to the South African Cyber Environment


Although International Humanitarian Law (IHL) is considered applicable to all forms of warfare including future warfare, it does not regulate cyberwarfare in its current form. The South African government has introduced the National Cybersecurity Policy Framework and the Cybercrimes Bill in addition to existing Information Communications Technology legislation. However, the areas of jus in bello (just war) and jus ad bellum (the right to go to war) have not been sufficiently addressed regarding cyberwarfare. This paper seeks to explore the interaction between cyberattacks and IHL and its applicability to the South African cyber environment with an overview of South Africa’s cybersecurity posture and framework within a global context.

A Basic Set of Mental Models for Understanding and Dealing with the CyberSecurity Challenges of Today


For most people, cybersecurity is a difficult notion to grasp. Traditionally, cybersecurity has been considered a technical challenge, and still many specialists understand it as information security, with the notions of confidentiality, integrity, and availability as its foundation. Although many have searched for different and broader perspectives, the complexity and ambiguity of the notion still thwarts a common understanding. While the author was developing and executing a MSc cybersecurity program for professionals with a wide variety of backgrounds and widely differing views on cybersecurity, the lack of a common understanding of cybersecurity was clearly evident. Based on these observations, the author began seeking and defining a new, transdisciplinary conceptualization of cybersecurity that can be widely agreed upon. It resulted in the publication of three scientific papers. This paper is an amalgam of the contents of the three supplemented with some extensions. It turned out that the previously introduced description of two key notions, cyberspace and cybersecurity, is still an adequate starting point. Described here is a set of additional mental models elaborating on these key notions and providing more detail on their meanings.

Assessing Cyber Security Threats and Risks in the Public Sector of Greece


Organisations having to cope with new threats and risks are increasing their focus and looking at novel ways to improve their cyber security assurance. As critical national infrastructures are becoming more vulnerable to cyberattacks, their protection becomes a significant issue for EU member states. The National Cyber Security Authority of Greece (NCSA) takes all necessary steps towards a secure Greek cyberspace.

Adversarial Artificial Intelligence: State of the Malpractice


ArtificialIntelligence (AI), widely deployed in society, is rapidly becoming the next major battleground. Our society depends on the power of AI to solve problems in multiple domains—including commercial, infrastructural, and military systems. But AI is also vulnerable to a variety of attacks, some of which are common across many types and deployments of AI.

Cyber Threat Screening Using a Queuing-Based Game-Theoretic Approach


Dynamic and uncertain security environments, such as cyber systems, often involve strategic interactions among multiple decision-making agents. In this paper, the authors consider a cybersecurity setting in which a system administrator (defender) has to screen malicious service requests from an attacker seeking to exhaust available cyber resources and inconvenience users with legitimate requests. This paper proposes a novel cyber-threat inspection model, based on Stackelberg games, that unifiesaspects of Threat Security Games with the Erlang-B queuing framework to provide equilibrium strategies for both the attacker and defender.

Enabling Situational Awareness in Operational Technology Environments through Software Defined Networkin


Network situational awareness has long been associated with the task of aggregating system logs to determine activity and events ongoing in the network. However, this current method of obtaining situational awareness does not clearly address the mission of a facility or organisation, the key customers at stake, and the real-time statuses of the critical infrastructures. 

Software-Defined Networking Traffic Engineering Process for Operational Technology Networks


Network designs are often functional with little consideration for security. Growth and maintenance of critical infrastructure, mission-focused networks can be ad hoc and can preclude large-scale technology replacements, reconfigurations,or even patching. These restrictions are contributing factors to increased vulnerabilities. 

Africa’s Contribution to Academic Research in Cybersecurity: Review of Scientific Publication Contributions and Trends from 1998 to 2018


Contributions of scientific knowledge in cybersecurity are made by researchers glob- ally, where the focus and scope differ based on the development and challenges in cybersecurity faced by each country. This study examines the publication contributions and trends of African re- searchers in the field of cybersecurity for a period of 20 years (1998 to 2018). 

No Silver Lining: Information Leakage in Cloud Infrastructures


As more businesses and individuals migrate their workloads to cloud infrastructures, many are unaware of a potential issue inherent in these systems: information leakage, the potential inadvertent release of data through a Virtual Machine (VM) to another VM, which then transfers the information to a third party.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.












Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.


Get in touch

  • Journal of Information Warfare
    21 North Broad Street
    Suite 2-H
    Luray, VA 
  • 757.581.9550