Showing papers on "Cyberwarfare published in 2005"

Pattern of Global Cyber War and Crime: A Conceptual Framework

Abstract: The flourishing synergy arising between organized crimes and the Internet has increased the insecurity of the digital world. How hackers frame their actions? What factors encourage and energize their behavior? These are very important but highly underresearched questions. We draw upon literatures on psychology, economics, international relation and warfare to propose a framework that addresses these questions. We found that countries across the world differ in terms of regulative, normative and cognitive legitimacy to different types of web attacks. Cyber wars and crimes are also functions of the stocks of hacking skills relative to the availability of economic opportunities. An attacking unit's selection criteria for the target network include symbolic significance and criticalness, degree of digitization of values and weakness in defense mechanisms. Managerial and policy implications are discussed and directions for future research are suggested.

The Law and Economics of Cybersecurity: Global Cyberterrorism, Jurisdiction, and International Organization

Abstract: INTRODUCTION The rise of cyberspace has greatly facilitated all kinds of activity, including commercial, social, and governmental interaction. There is no doubt that cyberspace today constitutes valuable real estate indeed. We have also routed our control of many real-world processes through cyberspace. Because of this increased value, the security of cyberspace has grown in importance. The rise of cyberspace and the rise of terrorism may be understood as antagonists in a modernist drama. Both have evolved from state sponsorship into relatively independent and decentralized phenomena. Both exist outside the state. Both use network forms of organization alongside other forms of organization. Cyberspace is both a tool and a target of terrorists. It could also be a tool against terrorists. Most critically, cyberspace is a tool of human interaction and commerce, while terrorism is the nemesis of human interaction and commerce. So, these forces, although similar in structure, are natural opponents. The rise of terrorism, as one type of asymmetric and distributed warfare, has threatened not only the gains derived from cyberspace but the activities that now come to depend on communication through cyberspace infrastructure. Individuals and governments wish to ensure that they will continue to reap the benefits of cyberspace and that cyberspace controls will not be turned against them. Their enemies see cyberspace as a high-value target. And indeed, during Al Qaeda's reign in Afghanistan, it developed an academy of cyberterrorism, seeking means to attack the cyberspace infrastructure of the West (Gellman 2002).

Extending command and control infrastructures to cyber warfare assets

Abstract: The goal of this work is to identify a framework for the integration of cyber command and control within the classical command and control infrastructure. The advent of cyber resources and military capabilities, as well as additional cyber information, requires that command and control infrastructures be updated to incorporate such cyber infrastructures. While much of these infrastructures operate in isolation from the physical resources, there are needs for cross-over between the two disciplines. Such crossovers require far more flexibility than traditional command and control hierarchies allow. This paper discusses available cyber resources, typical goals of such resources, the reasoning behind such crossover activity, and a developed model for providing such a hierarchy.

Cyberwarfare seen through a mariner's spyglass

Abstract: The Internet has become an essential tool in the everyday conduct of commercial life and its security has become a topic of growing importance since 9/11. The ability of terrorists to conduct cyberwarfare is largely unknown, but the potential for the disruption of life worries many policymakers. In searching for precedent to anticipate the potential impact of a cyberwar, it is important to identify modes of conflict that are useful against asymmetrically matched opponents and conflict that strikes at the economy. The author suggests that an effective model for looking at cyberwarfare is that of maritime "guerre de course" or commerce warfare. Moreover, the maritime paradigm provides a useful dialog with which to examine possible future trends in cyberwarfare beyond effects including the impact of technological innovation, sociological and historical trends, and tactics.

Control Systems Security Test Center - FY 2004 Program Summary

Abstract: In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nation’s critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems more » Security identified five high-level strategic goals for improving cyber security of control systems. « less

The Real Niche for Intrusion Detection Systems

Abstract: Intrusion Detection Systems have become a staple in the defense of enterprise information technology infrastructures. Although most recently decried as perhaps ineffective, intrusion detection is critical to the health of networked computer resources, and will remain essential to cyber defense. Re-examining the role of intrusion detection systems, recognizing how the systems must be configured and placed within the enterprise, and appreciating the intelligence that these systems can actually provide, give new hope to beleaguered information technology managers in the front lines of the cyber war.