Showing papers on "Cyberwarfare published in 2022"

The Cyberwarfare in Ukraine

Abstract: The hybrid war in Ukraine is shaping cybersecurity for critical infrastructures and services worldwide. The events will be changing cybersecurity processes worldwide for a long time beyond the resolution of the conflict.

The Cyber Dimension of the Russia–Ukraine War

Abstract: Abstract The cyber dimension to the Russia–Ukraine war has been extensive. It reveals the characteristics of modern cyber conflict between well-matched states. While its predominant component has been a massive online ‘information’ battle for hearts and minds, comprehensibly amplified by private cyber-vigilante individuals and groups, it has also involved a large and concerted Russian campaign to disrupt Ukrainian critical infrastructure. This has been largely blunted by the soundness of Ukrainian cyber security, bolstered by Western assistance. Nevertheless, the risk remains that the cyber conflict could escalate beyond cyberspace to a more widespread confrontation between Russia and NATO. The chances of this happening are increased by uncertainty over the true nature of cyber operations, their responsible use, and especially how international law applies to them, making the efforts of states to address these issues urgently needed.

APT Cyber-attack Modelling: Building a General Model

Abstract: The global community continues to experience an increase in the scale, sophistication, and successful perpetration of cyber-attacks. As the quantity and value of electronic information have increased, so too have the efforts of criminals and other malicious actors who have embraced the Internet as a more anonymous, convenient, and profitable way of carrying out their activities. The systems are attacked more and more by single or multiple hacktivists, state sponsored hackers, cyber criminals, cyber terrorists, cyber spies, or cyber warfare warfighters. The cyber security approach requires a balance of cyber threat intelligence, real time cyber-attack detection and especially the cyber early warning ability. Threats in cyberspace aredifficult to define, as it is hard to identify the source of attacks and the motives that drive them, or even to foresee the course of an attack as it unfolds. The identification of cyber threats is further complicated by the difficulty in defining the boundaries between national, international, public, and private interests. Because threats in cyberspace are global in nature and involve rapid technological developments, the struggle to respond them is ever-changing and increasingly complicated. Cyber-attack models describe the structure of an attack in different phases. They provide a means to conceptualize the different aspects and elements of an attack. However, it is important to understand that not all attacks must complete all phases to be successful, and the objective of the attack defines the structure of the attack. Different actors have built different cyberattack models. Modeling is used to understand the different goals of cyber attackers. Attack models are based on attack targets and attack objectives. This paper analyzes different APT cyber-attack models and presents a general cyber-attack model.

Where is Russia’s cyberwar? Researchers decipher its strategy

Abstract: Many analysts expected an unprecedented level of cyberattacks when Russia invaded Ukraine — which so far haven’t materialized. Many analysts expected an unprecedented level of cyberattacks when Russia invaded Ukraine — which so far haven’t materialized.

When Cryptographic Ransomware Poses Cyber Threats: Ethical Challenges and Proposed Safeguards for Cybersecurity Researchers

Abstract: Cryptographic ransomware, a malware capable of destroying data, is a serious threat if used against providers of critical infrastructures such as healthcare, energy supply chains, banking services, and transport systems. Used as such, ransomware may qualify as cyber weapon, but the current discussion around cyber and information warfare is not sufficiently legally regulated. This delegates the safe governance thereof to the application of ethical principles but leaves researchers working on ransomware in doubt about the double-use nature of their work and what code of conduct to follow. Although some existing biomedical research ethical principles have been repurposed for ICT research, in the context of recent threats posed by ransomware attacks, these efforts need an urgent rethink, especially when it involves the research of cybersecurity researchers dealing specifically with ransomware. This paper does not offer solutions, but rather describes the complexity, nature, and extent of ethical challenges raised by cybersecurity research and invites the cybersecurity research community to enter into active discussions around the need to consider the development of an appropriate research ethics framework in the domain of cybersecurity.

North Korea’s Cyber Capabilities and Their Implications for International Security

Abstract: North Korea’s economic and technological backwardness does not seem to allow Pyongyang to possess proficient cyberwarfare capabilities. Yet, North Korea’s cyber offensive capabilities are a major security threat in a new convergence space called the cyber–physical space (CPS) that connects the real world and the virtual world. How has North Korea become a formidable actor in the CPS, despite economic and technological disadvantages? Put differently, what makes North Korea a global cyber power despite its disconnect from international society? What are North Korea’s motivations behind strengthening its cyber capabilities in recent decades and what implications do these hold for international security? The primary objective of this article is to examine North Korea’s motivations for strengthening its cyber capabilities and analyze their implications for the sustainability of stability and peace on the Korean peninsula and beyond. By investigating the exemplary cases of North Korea’s recent cyberattacks, it seeks to explore the effective ways to manage the risks that North Korea’s enhanced cyber proficiencies pose in the current and future CPS.

Study on Cyber Attack Damage Assessment Framework

Abstract: Cyberspace has expanded as a result of the rapid spread of the Internet. This expansion has led to a change from conventional warfare to a form that includes cyber warfare. Cyber warfare, which occurs in cyberspace, consists of numerous cyberattacks using the vulnerabilities of cyber assets. Cyberattacks have increased with increases in the number of assets connected to the network and the information held by these assets; information can control the outcome of a war. Therefore, it is very important to assess the damage from cyberattacks between physical operations because such cyberattacks may be directly linked to the failure of an operation. This paper presents a cyber damage assessment framework for assessing the damage from cyberattacks between physical operations.

Intelligent Warfare

Abstract: This book examines the future trend toward "intelligent" warfare considering the global environment, the history of warfare, and scientific and technological advancement. It develops a comprehensive set of theoretical frameworks, application concepts, and evaluation criteria for military intelligence. The volume is packed with theoretical highlights and vivid examples, including the tracking of Osama bin Laden, the decapitation strike against Qasem Soleimani, the remote assassination of Iranian nuclear scientists, the drone war in the Nagorno–Karabakh conflict, modern equipment deployed in the Palestinian–Israeli conflict, and the war between social media groups. In addition, the author envisions a possible future for "intelligent" wars in which adversarial parties engage in combat through virtual and unmanned systems. This nature may help avoid the brutality and high death toll associated with traditional warfare. The book explores the possibility of future civilized warfare. It will be of interest to researchers, academics, and students in the fields of politics, military intelligence, and military technology, and to those who are interested in intelligent warfare in general.

Cyber war: The hidden side of the Russian-Ukrainian crisis

Abstract: Conventional political analysts point out that a Russian-Ukrainian military confrontation, if it does occur, could have its cyber repercussions. Cyber specialists are aware that behind all this is a cyber-war, whose battles have already begun and whose victims have multiplied since 2014.This article aims to shed light on the history of the Russian-Ukrainian cyber war and the most important operations that took place during it. It also sheds light on the cyber capabilities of both sides, and prospects the future of cyber war for both sides and the role of the United States of America and the European Union in it.While Ukraine suffers lack of cyber security expertise, poor regulation, limited response capacity and lack of coordination between cyber related agencies, Kiev is aware of the strength of the Russian cyber capabilities and is currently in a race against time to reduce the gap and improve means of defense and cyber deterrence in cooperation with allies, especially the United States and the European Union.

Toward a Cyber Weapons Assessment Model—Assessment of the Technical Features of Malicious Software

Abstract: The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools—often dubbed cyber weapons—are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is—among other aspects—hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms-related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, this article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, this article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.

Article 36: Review of AI Decision-Support Systems and Other Emerging Technologies of Warfare

Abstract: Artificial intelligence (AI) decision-support systems significantly impact how States make warfare decisions, conduct hostilities, and whether they comply with international humanitarian law. Decision-support systems, even if they do not autonomously execute targets, can play a critical role in the long chain of human-machine and machine-machine decision-making infrastructure, thus contributing to the co-production of hostilities. Due to a lack of a definition of the treaty terms weapons, means or methods of warfare, it is unclear whether non-weaponized AI decision-support systems should be subjected to a legal review prescribed by Article 36 of the Additional Protocol I. It remains a challenge to determine exactly what should be subjected to review beyond weapons. This chapter suggests that based on the following four criteria it can be determined whether an item should be subjected to a legal review: (i) it poses a challenge to the application of international humanitarian law; (ii) it is integral to military decision-making; (iii) it has a significant impact on military operations; (iv) and it contributes to critical offensive capabilities. These four criteria are derived from a detailed analysis of the conceptualization of the terms weapons, means or methods of warfare by states. If an item meets all four criteria, it should not be deployed without the issue of legality being explored with care. By applying the legal review to AI decision-support systems, States fulfil the duty to observe international humanitarian law in decision-making and mitigate risks to unlawful conduct in warfare. The author further promotes the conceptualization of Article 36 as a review of technologies of warfare.

Cybersecurity For Defense Economists

Abstract: Cybersecurity plays a role in national security. This study introduces cybersecurity concepts in ways familiar to defense economists and identifies parallel methods of analysis in the fields. The theoretical tools of both fields include microeconomics and game theory. These tools enable analyses of phenomena present in both milieus: public goods, externalities, commons, incentives, interdependent security, platform economics, and inefficiency of decentralized decision making. Additional topics include cyber war, cyberterrorism, deterrence and disinformation in cyberspace, price of anarchy, and economics of cryptography.

Cyberattack and Cyberwarfare Strategies for Businesses

Abstract: A cyberattack is an attempt by cybercriminals as individuals or organizations with unauthorized access using one or more computers and computer systems to steal, expose, change, disable or eliminate information, or to breach computer information systems, computer networks, and computer infrastructures. Cyberattackers gain a benefit from victims, which may be criminal such as stealing data or money, or political or personal such as revenge. In cyberattacks, various targets are possible. Some potential targets for businesses include business and customer financial data, customer lists, trade secrets, and login credentials.Cyberattackers use a variety of methods to gain access to data, including malware such as viruses, worms, and spyware and phishing methods, man-in-the-middle attacks, denial-of-service attacks, SQL injection, zero-day exploit, and DNS tunneling.Related to cyberattack, the term cyberwarfare is gaining popularity nowadays. Cyberwarfare is the use of cyberattacks by a state or an organization to cause harm as in warfare against another state's or organization's computer information systems, networks, and infrastructures.Military, civil, and ideological motivations, or hacktivism can be used to launch a cyberwarfare. For these reasons, cyberwarfare may be used to conduct espionage, sabotage, propaganda, and economic disruption.Considering highly digitalized business processes such as e-mails, digital banking, online conference, and digital manufacturing methods, damage of cyberwarfare to businesses and countries are unavoidable. As a result, developing strategies for defending against cyberattacks and cyberwarfare is critical for businesses. The concepts of cyberattack and cyberwarfare, as well as business strategies to be protected against them will be discussed in this chapter.

Cyber Security Awareness in Using Digital Platforms Among Students in A Higher Learning Institution

Abstract: As COVID-19 took hold, online learning became the norm as universities and classrooms worldwide were forced to close their doors. Education institute closures impacted more than 1.2 billion students across 186 countries as of April 2020. This pandemic, too, has shifted our Malaysian education sector as well. Academicians and students are adopting online learning via open and distance learning platforms. Education 5.0 is the revolution of human intelligence and cognitive computing. When the world is moving towards this, the major challenge one will face is the challenges in this digitalisation era, the challenges on cyber security and the risk associated with it. This study uses a digital learning platform to examine the cyber security awareness among UiTM Terengganu Faculty of Computer and Mathematical Sciences students. The study is significant to focus on the weakness and to educate the students about being cyber victims. The data was collected using a set of questionnaires among 110 students. Numbers and statistics from open-ended and closed-ended questions helped obtain data. Descriptive analysis shows that many students have awareness and knowledge of cyber security, cyberattack, and cyberbullying. © 2022. All Rights Reserved.

Building Cyber Peace While Preparing for Cyber War

Abstract: This chapter offers an analysis of the multilateral efforts conducted over the past decade to build cyber peace in a context of proliferation of cyber conflicts and exacerbated geopolitical tensions, not to mention the global COVID-19 pandemic that has largely disrupted international meetings. It studies more specifically how international law has been leveraged in UN negotiations to serve strategic objectives.

The Promise and Perils of Allied Offensive Cyber Operations

Abstract: NATO strategy and policy has increasingly focused on incorporating cyber operations to support deterrence, warfighting, and intelligence objectives. However, offensive cyber operations in particular have presented a delicate challenge for the alliance. As cyber threats to NATO members continue to grow, the alliance has begun to address how it could incorporate offensive cyber operations into its strategy and policy. However, there are significant hurdles to meaningful cooperation on offensive cyber operations, in contrast with the high levels of integration in other operational domains. Moreover, there is a critical gap in existing conceptualizations of the role of offensive cyber operations in NATO policy. Specifically, NATO cyber policy has focused on cyber operations in a warfighting context at the expense of considering cyber operations below the level of conflict. In this article, we explore the potential role for offensive cyber operations not only in wartime but also below the threshold of armed conflict. In doing so, we systematically explore a number of challenges at the political/strategic as well as the operational/tactical levels and provide policy recommendations for next steps for the alliance.

Persistent Aggrandizement? Israel’s Cyber Defense Architecture

Abstract: Defend Forward has emerged as a key pillar of current US cyber defense strategy. According to the 2018 Command Vision of the US Cyber Command (CYBERCOM), the concept means that the United States will “defend forward as close as possible to the origin of adversary activity, and persistently contest malicious cyberspace actors to generate continuous tactical, operational, and strategic advantage.”1 In other words, under Defend Forward, the United States will engage in cyber defense outside US networks and on foreign territory. It will take the initiative instead of waiting for threats to materialize at home.

R&D Trend and Development Direction of Cyber Warfare Weapon System Technology

Abstract: 사이버전무기체계는 사이버 위협으로 부터 아군의 정보체계를 보호하고 사이버 공간에서 우위를 달성하기 위해 사용하는 무기체계이다. 최근 사이버전무기체계는 적국의 발전소, 금융기관 등의 기반시설에 막대한 피해를 초래할 수 있는 강력한 비대칭 전력으로 평가 받고 있으며, 이로 인해 사이버전장의 적 사이버공격을 효율적으로 대처·차단하고 아군의 자산을 보호하기 위한 사이버전무기체계 기술개발의 중요성이 점점 더 부각되고 있다. 본 논문에서는 국내 사이버전무기체계에 대한 분류 및 사이버전 기술의 분류를 살펴본 후 국내·외 사이버전무기체계 기술의 연구개발 동향을 조사·분석한다. 또한, 앞서 조사·분석한 사이버보안, 인공지능, 빅데이터, 운영기술 보안 등 여러 분야의 기술과 융합된 다양한 사이버전무기체계 기술의 국내·외 연구개발 동향 비교분석을 통하여, 사이버전무기체계 적용 인공지능 모델 보안과 무기체계 운영기술 보안이라는 국내 사이버전무기체계 기술의 연구개발 발전 방향을 제시한다.

Cyberwarfare and its Effects on Critical Infrastructure

Abstract: The growth and capabilities of cyberspace have brought about many advantages to societies. Individuals and businesses have used cyberspace for easier communication, but nation-states also utilise it to improve the functioning of their critical infrastructure. Critical infrastructures provide vital services such as the health, safety and security needed for the efficient functioning of societies. However, vulnerabilities in cyberspace have made cyberattacks such as cyberwarfare possible. Cyberwarfare is an international concern due to the negative impact it can have on critical infrastructure. This paper aims to discuss cyberwarfare and the potential effects that it can have on critical infrastructure. This paper follows a theoretical research methodology to provide an understanding of cyberwarfare. In addition, the paper provides a better understanding of the impact that cyberwarfare can have on critical infrastructure. The paper contains an exhaustive definition of cyberwarfare. Since cyberwarfare is a type of cyberattack, it is similar but not the same as other cyberattacks such as cybercrime and cyberterrorism. Therefore, to gain a clear understanding of cyberwarfare, the paper discusses cyberwarfare, cybercrime, and cyberterrorism. The paper also discusses some of the most significant cyberwarfare incidents. Since the effects can be devastating, critical infrastructure must be protected from cyberwarfare. A survey of techniques for protecting critical infrastructure from cyberwarfare is presented. The identified incidents highlight the effects that cyberwarfare can cause. Hence, the possible effects that cyberwarfare can cause on critical infrastructure is discussed. Due to the negative effects of cyberwarfare, nations need to be prepared to protect their critical infrastructure from cyberwarfare. Therefore, the paper also discusses the authors’ stance on South Africa preparedness to defend themselves in the event of cyberwarfare.

Deployment of Artificial Intelligence with Bootstrapped Meta-Learning in Cyber Security

Abstract: Cybersecurity is an extensive and vivacious domain in the commercial progression of the ecosphere. By up-to-date inhabitants, networking settings and assets, cybersecurity fits with the exigent task to realize the necessities of the imminent populace. Intelligent cybersecurity / intellectual smart cybersecurity has risen as a pioneering tool to deal with latest ambiguities in programmed cybersecurity enduring capability by bringing together Artificial Intelligence (AI) in Cybersecurity Computerization. The mechanism that enterprises in this cutting-edge technology handles the mechanism capability to acquire via depleting Bootstrapped Meta-learning and reinforced with rewards as Supreme Cybersecurity vintages, besides least resource utilizations as well as time limits. AI empowered cybersecurity technology is a vital constituent of the imminent cybersecurity revolution ahead. During this operation, a proficient computerization of AI application in the arena of cybersecurity sustenance is ready for attaining the supreme output welfares as results, also inhibiting the real assets. Setting the precise real-time issues are trailed by cracking it for affluence and escalation or magnification of cybersecurity thus by prominent universal preeminent impending cybersecurity. A meta-learning/AI-based automated security strategy is vital in the protection of critical infrastructure, users and assets disinclined to outbreaks.

Cybers Security Analysis and Measurement Tools Using Machine Learning Approach

Abstract: Artificial intelligence (AI) and machine learning (ML) have been used in transforming our environment and the way people think, behave, and make decisions during the last few decades [1]. In the last two decades everyone connected to the Internet either an enterprise or individuals has become concerned about the security of his/their computational resources. Cybersecurity is responsible for protecting hardware and software resources from cyber attacks e.g. viruses, malware, intrusion, eavesdropping. Cyber attacks either come from black hackers or cyber warfare units. Artificial intelligence (AI) and machine learning (ML) have played an important role in developing efficient cyber security tools. This paper presents Latest Cyber Security Tools Based on Machine Learning which are: Windows defender ATP, DarckTrace, Cisco Network Analytic, IBM QRader, StringSifter, Sophos intercept X, SIME, NPL, and Symantec Targeted Attack Analytic.

Cybersecurity and cyber defence strategies of Japan

Abstract: Modern national security strategies of many states attempt at covering risks and threats rising in nontraditional domains of outer space, electromagnetic and cyberspaces. Cyberattacks aim at inflicting financial, psychological, technological and physical damage at various goals from individuals and corporations to states and international organisations. One of the specific features of a cyberattack is uncertainty of its source: it is sometimes impossible to identify the attacker. All these provide incentives for states to qualify cyberthreats as threats to their national security, thus pushing them towards establishing mechanisms of dealing with these threats. As a result, more states attempt at formulating their strategies of cyber security and cyber defence. Japan, as one of the developed countries, relies heavily on its information infrastructure and telecommunication networks, and the military realm is not an exception. Since the early 2000s, the Japanese government has been elaborating its cybersecurity and cyber defence strategies, steadily unfolding its strategic vision of the new security environment. Japan has come up with a complex strategy of information security, cybersecurity and cyber defence. A key approach of the cybersecurity strategy for Japan is acting in a proactive manner while enhancing its reactive capabilities, meaning containment and sustainability capabilities accordingly.

A Study on Cyber Target Importance Quantification and Ranking Algorithm

Abstract: Most of the challenges and conflicts facing countries and groups today involve cyberspace. Therefore, military forces around the world are developing methods (doctrines) and weapon systems to conduct cyberspace operations in order to dominate cyberspace. To conduct cyberspace operations, cyber target information must be collected in cyberspace, and cyber targets must be selected to achieve effective operational objectives. In this study, we develop a target importance rank (TIR) algorithm based on the PageRank algorithm that quantitatively calculates the importance of each target in cyberspace for cyber target selection. The proposed algorithm was developed to quantify the degree of connectivity, criticality, and exposure of computer network hosts, and to create a list of target importance priorities based on the quantified values.

3-Cs of Cyberspace and Pakistan: Cybercrime, Cyber-Terrorism, and Cyber Warfare

Abstract: This qualitative exploratory and embedded case study deliberates the nature of 3-Cs – cybercrime, cyber-terrorism, cyber warfare – against Pakistan. What are the three Cs and how are they impacting the state and society in Pakistan. How Pakistan has been dealing with these threats related to its cyberspace. While taking cue from cyber realism – which provides the basic lens to conduct this research – this study notes that states and state-sponsored individuals, groups, and organisations remain the main actors in the cyberspace who are active against each other. The perception that the cyberspace has diminished the role of state is an exaggeration. States still are the most important actors in the cyber world order animated by the typical great power politics. Pakistan remained a prime target of the cybercrimes, cyber-terrorism, and cyber warfare launched by the regional and extra-regional states. Though, it has implemented Prevention of Electronic Crime Act (PECA) and passed National Cyber Policy, yet it still has to go a long way in order to protect itself against the 3-Cs of the cyberspace. Adopting a proactive strategy to counter these threats prematurely is still a far-fetched cry for Pakistan.