Cybersecurity

Cyberwarfare: Threats, Security, Attacks, and Impact

Abstract: 

Cyberwarfare, an emerging topic within computer science, has the potential to disrupt power grids, cripple economies, and cause political unrest. This paper first discusses investigations into the different groups behind cyberwarfare activities, from nation states to individual hackers. This is followed by an overview of cyberwarfare attacks covering methods, targets, and impact. Next, the economic, socio-political, and infrastructure impacts from cyberwarfare are considered. The paper concludes with a discussion of ways to mitigate the damage from these types of attacks, the importance of learning from the attack methods, and suggestions to prevent future attacks.

Industrial Internet of Things Security for the Transportation Infrastructure

Abstract: 

The transportation sector is evolving with the introduction of the Internet of Things (IoT) and Industrial Internet of Things (IIoT). IIoT devices are used in the monitoring and control of industrial and related processes and have many useful applications in the transportation sector. This article provides a comparison between IoT and IIoT, and an overview of the threats, vulnerabilities, risks, and incidents related to their use in the transport infrastructure. A guideline for security standards, frameworks, and controls to govern and secure IoT and IIoT specific to transport infrastructure is proposed, with a focus on the rail and maritime sectors.

Defending the Cyber Sea: Legal Challenges Ahead

Abstract: 

New technologies are creating a massive concern for the shipping industry as cyberat-tacks on board ships and in ports continue to rise. More than 90% of world trade is carried by the shipping industry; and, as of 2018, there are more than 53,000 merchant ships sailing the cyber seas. At the same time, these systems are very vulnerable to cyberattacks. Through empirical research, this paper explores the global maritime cybersecurity legal landscape and advances recommendations for policy and legal frameworks essential to ensure safety and security on the cyber sea.

Development and Implementation of Cybercrime Strategies in Africa with Specific Reference to South Africa

Abstract: 

Cybercrime is increasing at a rate few individuals would have predicted. IBM estimated in 2016 that, in 2019, the cost of cybercrime would reach $2 trillion, a threefold increase from the 2015 estimate of $500 billion. The growth of the Internet and the rapid development of technology provide enormous economic and social benefits but at the same time provide platforms for cyber-criminals to exploit. Organised crime is using more sophisticated techniques, which require highly skilled and specialised law enforcement responses. 

International Humanitarian Law and its Applicability to the South African Cyber Environment

Abstract: 

Although International Humanitarian Law (IHL) is considered applicable to all forms of warfare including future warfare, it does not regulate cyberwarfare in its current form. The South African government has introduced the National Cybersecurity Policy Framework and the Cybercrimes Bill in addition to existing Information Communications Technology legislation. However, the areas of jus in bello (just war) and jus ad bellum (the right to go to war) have not been sufficiently addressed regarding cyberwarfare. This paper seeks to explore the interaction between cyberattacks and IHL and its applicability to the South African cyber environment with an overview of South Africa’s cybersecurity posture and framework within a global context.

A Basic Set of Mental Models for Understanding and Dealing with the CyberSecurity Challenges of Today

Abstract: 

For most people, cybersecurity is a difficult notion to grasp. Traditionally, cybersecurity has been considered a technical challenge, and still many specialists understand it as information security, with the notions of confidentiality, integrity, and availability as its foundation. Although many have searched for different and broader perspectives, the complexity and ambiguity of the notion still thwarts a common understanding. While the author was developing and executing a MSc cybersecurity program for professionals with a wide variety of backgrounds and widely differing views on cybersecurity, the lack of a common understanding of cybersecurity was clearly evident. Based on these observations, the author began seeking and defining a new, transdisciplinary conceptualization of cybersecurity that can be widely agreed upon. It resulted in the publication of three scientific papers. This paper is an amalgam of the contents of the three supplemented with some extensions. It turned out that the previously introduced description of two key notions, cyberspace and cybersecurity, is still an adequate starting point. Described here is a set of additional mental models elaborating on these key notions and providing more detail on their meanings.

Assessing Cyber Security Threats and Risks in the Public Sector of Greece

Abstract:

Organisations having to cope with new threats and risks are increasing their focus and looking at novel ways to improve their cyber security assurance. As critical national infrastructures are becoming more vulnerable to cyberattacks, their protection becomes a significant issue for EU member states. The National Cyber Security Authority of Greece (NCSA) takes all necessary steps towards a secure Greek cyberspace.

Adversarial Artificial Intelligence: State of the Malpractice

Abstract:

ArtificialIntelligence (AI), widely deployed in society, is rapidly becoming the next major battleground. Our society depends on the power of AI to solve problems in multiple domains—including commercial, infrastructural, and military systems. But AI is also vulnerable to a variety of attacks, some of which are common across many types and deployments of AI.

Cyber Threat Screening Using a Queuing-Based Game-Theoretic Approach

Abstract:

Dynamic and uncertain security environments, such as cyber systems, often involve strategic interactions among multiple decision-making agents. In this paper, the authors consider a cybersecurity setting in which a system administrator (defender) has to screen malicious service requests from an attacker seeking to exhaust available cyber resources and inconvenience users with legitimate requests. This paper proposes a novel cyber-threat inspection model, based on Stackelberg games, that unifiesaspects of Threat Security Games with the Erlang-B queuing framework to provide equilibrium strategies for both the attacker and defender.

Enabling Situational Awareness in Operational Technology Environments through Software Defined Networkin

Abstract:

Network situational awareness has long been associated with the task of aggregating system logs to determine activity and events ongoing in the network. However, this current method of obtaining situational awareness does not clearly address the mission of a facility or organisation, the key customers at stake, and the real-time statuses of the critical infrastructures. 

Software-Defined Networking Traffic Engineering Process for Operational Technology Networks

Abstract: 

Network designs are often functional with little consideration for security. Growth and maintenance of critical infrastructure, mission-focused networks can be ad hoc and can preclude large-scale technology replacements, reconfigurations,or even patching. These restrictions are contributing factors to increased vulnerabilities. 

Africa’s Contribution to Academic Research in Cybersecurity: Review of Scientific Publication Contributions and Trends from 1998 to 2018

Abstract: 

Contributions of scientific knowledge in cybersecurity are made by researchers glob- ally, where the focus and scope differ based on the development and challenges in cybersecurity faced by each country. This study examines the publication contributions and trends of African re- searchers in the field of cybersecurity for a period of 20 years (1998 to 2018). 

No Silver Lining: Information Leakage in Cloud Infrastructures

Abstract:

As more businesses and individuals migrate their workloads to cloud infrastructures, many are unaware of a potential issue inherent in these systems: information leakage, the potential inadvertent release of data through a Virtual Machine (VM) to another VM, which then transfers the information to a third party.

Implications of Privacy & Security Research for the Upcoming Battlefield of Things

Abstract:

This article presents the results of a trend-scouting study on the applicability of contemporary information privacy and information security research in future defence scenarios in a 25-year-horizon. The authors sketch the expected digital warfare and defence environment as a‘Battlefield of Things’ in which connected objects, connected soldiers, and automated and autonomous sensing and acting systems are core elements. 

Cyber-Securing Super Bowl 50: What Can a Live-Fire Football Match Teach Students about Becoming Better Cybersecurity Professionals?

Abstract:

The rise and regularity of cybersecurity incidents have increased the demand for trained workforce professionals. Institutions of higher education have responded by including practical hands-on exercises such as capstones, labs, and simulated attack-and-defend ‘Capture-the-Flag’ scenarios. Many degree programs also encourage students to gain experience via internships. 

Understanding Operator Fatigue, Frustration, and Cognitive Workload in Tactical Cybersecurity Operations

Abstract:

While the human factors of mission critical systemd weapons systems have been extensively studied, there has been little work on cyber operations. As with any system, the perfect storm of complex tasks in a high-risk environment takes an incredible toll on human operators, leading to errors, decreased performance, and burnout. An extensive studtacticaly of  cyber operations at the National Security Agency found that operator fatigue,  frustration,  and  cognitive  workload  significantly  increase  over  the  course  of  an operation. A discussion of these findings helps us understand the impact that the high-stress, high-risk environment of tactical cyber operations has on its ops such as air traffic control anerators.

Friend or Faux: Deception for Cyber Defense

Abstract:

Defensive deception provides promise in rebalancing the asymmetry of cybersecurity. It makes an attacker’s job harder because it does more than just block access; it impacts the decision making causing him or her to waste time and effort as well as expose his or her presence in the network. Pilot studies conducted by NSA research demonstrated the plausibility and necessity for metrics of success including difficulty attacking the system, behavioral changes caused, cognitive and emotional reactions aroused, and attacker strategy changes due to deception. Designing reliable and valid measures of effectiveness is a worthy (though often overlooked) goal for industry and government alike.

DDoS Attack Simulation to Validate the Effectiveness of Common and Emerging Threats

Abstract:

Distributed Denial of Service (DDoS) attacks are a persistent cyber threat and a growing concern in computer security. This paper seeks to analyse DDoS attacks and the technologies that have been developed in an attempt to combat their effectiveness. This paper includes results from a DDoS simulation using commercial hardware appliances to both demonstrate and measure the effectiveness of DDoS attacks on a targeted victim. The simulation validates the relevance of these hardware appliances in identifying and reducing network vulnerabilities. This paper also provides insight on the current impact of DDoS attacks globally and the threat that these attacks pose in the future.

Enhancing Cybersecurity by Defeating the Attack Lifecycle: Using Mobile Device Resource Usage Patterns to Detect Unauthentic Mobile Applications

Abstract:

Attacks are usually orchestrated based upon the motivation of the attackers, who are becoming increasingly savvy, better resourced, and more committed. This article examines cyber threats and vulnerabilities through the eyes of the perpetrator. To begin, the authors discuss some counter approaches that have produced limited benefits at best, and then introduce a novel approach that details the use of mobile device resource usage to discern unauthentic mobile applications from authentic applications.

Development of a Cyber-Threat Intelligence-Sharing Model from Big Data Sources

Abstract:

As data in cyberspace continues to grow because of the ubiquity of Information Communication Technologies (ICT), it is becoming challenging to obtain context-aware, actionable information from Big Data to timely detect and respond to cyberattacks that are increasing in severity, complexity, and frequency. In fact, cybercriminals are developing and sharing advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In order to reduce cybersecurity risks and strengthen cyber resilience, strategic cybersecurity information-sharing is a necessity. This article discusses one way of handling large volumes of unstructured data that have been generated by multiple sources across different sectors into a cyber-threat intelligence-sharing model.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.871.3949
  • jiw@gbpts.com