Cyber Threats in Civil Aviation

Emergency and Disaster Management ◽

10.4018/978-1-5225-6195-8.ch007 ◽

2019 ◽

pp. 119-141 ◽

Cited By ~ 2

Author(s):

Calvin Nobles

Keyword(s):

Cyber Attacks ◽

Civil Aviation ◽

Legacy Systems ◽

Cyber Defense ◽

Defense Strategies ◽

Effective Strategies ◽

Cyber Threats ◽

Private And Public ◽

Supply Risks

Civil aviation faces increased cybersecurity threats due to hyperconnectivity and the lack of standardized frameworks and cybersecurity defenses. Educating the civil aviation workforce is one method to enhance cyber defense against cyber-attacks. Educating the workforce will lead to initiatives and strategies to combat cyber-attacks. Private and public entities need to remain aggressive in developing cyber defense strategies to keep pace with the increasing vulnerabilities of hyperconnectivity. Areas that require immediate attention to safeguard against cybersecurity threats in civil aviation are: 1) Eliminating supply risks, 2) Upgrading legacy systems, 3) Mitigating technological aftereffects, 4) Increasing cybersecurity awareness, 5) Developing cybersecurity workforce, 6) Managing hyperconnectivity, and 7) Leveraging international entities. To safeguard civil aviation infrastructure from cybersecurity threats require assertive, coordinated, and effective strategies and capabilities to defend the network.

Download Full-text

Cyber Threats in Civil Aviation

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch058 ◽

2018 ◽

pp. 1185-1207

Author(s):

Calvin Nobles

Keyword(s):

Cyber Attacks ◽

Civil Aviation ◽

Legacy Systems ◽

Cyber Defense ◽

Defense Strategies ◽

Effective Strategies ◽

Cyber Threats ◽

Private And Public ◽

Supply Risks

Civil aviation faces increased cybersecurity threats due to hyperconnectivity and the lack of standardized frameworks and cybersecurity defenses. Educating the civil aviation workforce is one method to enhance cyber defense against cyber-attacks. Educating the workforce will lead to initiatives and strategies to combat cyber-attacks. Private and public entities need to remain aggressive in developing cyber defense strategies to keep pace with the increasing vulnerabilities of hyperconnectivity. Areas that require immediate attention to safeguard against cybersecurity threats in civil aviation are: 1) Eliminating supply risks, 2) Upgrading legacy systems, 3) Mitigating technological aftereffects, 4) Increasing cybersecurity awareness, 5) Developing cybersecurity workforce, 6) Managing hyperconnectivity, and 7) Leveraging international entities. To safeguard civil aviation infrastructure from cybersecurity threats require assertive, coordinated, and effective strategies and capabilities to defend the network.

Download Full-text

The invisible hole of information on SMB's cybersecurity

Online Journal of Applied Knowledge Management ◽

10.36965/ojakm.2019.7(1)14-26 ◽

2019 ◽

Vol 7 (1) ◽

pp. 14-26

Author(s):

Ruti Gafni ◽

Tal Pavel

Keyword(s):

Mass Communication ◽

Cyber Attacks ◽

Communication Media ◽

Specific Information ◽

Exploratory Research ◽

Cyber Attack ◽

Public Attention ◽

Cyber Threats ◽

Accessible Information ◽

Types Of Information

Small and Medium Businesses (SMB) use Internet and computer-based tools in their daily processes, sometimes without being aware to the cyber threats, or without knowing how to be prepared in case of a cyber-attack, although they are a major target for cyber-attacks. Specific information about cybersecurity needed by SMBs, in order to cope with cyber threats, is not always available or easily accessible. In this study, a vast search of different types of information about SMBs’ cybersecurity was performed, in order to find whether a hole of accessible information exists in this area. This exploratory research covered general mass communication media channels, technological and professional cybersecurity websites, and academic journals, and found that indeed very few studies, articles and news items were published in this matter. Leveraging knowledge and awareness, diminishing the shame for reporting cyber-attacks, and increasing mass communication media interest and public attention, may be activities to cover this “invisible hole”.

Download Full-text

Cyber Attacks on Critical Infrastructure

Civil and Environmental Engineering ◽

10.4018/978-1-4666-9619-8.ch018 ◽

2016 ◽

pp. 448-465

Author(s):

Ana Kovacevic ◽

Dragana Nikolic

Keyword(s):

Control Systems ◽

Cyber Security ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Cyber Attack ◽

Future Directions ◽

Infrastructure Systems ◽

Cyber Threats ◽

Scada Systems ◽

Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Download Full-text

Mathematical Study of Advanced Persistent Threat (APT) Hunting Techniques

10.47260/jcomod/1021 ◽

2020 ◽

pp. 1-24

Author(s):

Argyrios Alexopoulos ◽

Nicholas J. Daras

Keyword(s):

Cyber Attacks ◽

Nation State ◽

Cyber Attack ◽

Mathematical Study ◽

Cyber Defense ◽

Modus Operandi ◽

Protection Measures ◽

Advanced Persistent Threat ◽

Rigorous Description ◽

Cyber Kill Chain

The paper documents, based mainly on [3]-[6] published papers where a consistent mathematical description of cyberspace and various types of Cyber-Attacks and protection measures are presented, a holistic mathematical approach to a rigorous description of Advanced Persistent Threat (APT) actors’ modus operandi through various scenarios and Cyber Kill Chain stages [2]. After referring [6] to the various elements of Cyber-Attacks we propose some techniques (via 5 scenarios) of tracking the modus operandi of the most sophisticated and non-linear cyber actors, the Advanced Persistent Threat actors that are usually nation-state or nation-state backed and usually stay undetected for an extended time in later stages of Cyber Kill Chain in defenders’ networks. Keywords: Valuation of cyber assets, vulnerability of cyber assets, node supervision, sophistication of an attack germ of cyber-attack, cyber defense, proactive cyber protection, Advanced Persistent Threat (APT) actors, Indication of Compromise (IOC), Tactics, Techniques and Procedures (TTPs).

Download Full-text

Assessing Cyber-Worthiness of Complex System Capabilities using MBSE: A new rigorous engineering methodology

10.36227/techrxiv.14703033.v1 ◽

2021 ◽

Author(s):

Stuart Fowler ◽

Keith Joiner ◽

Elena Sitnikova

Keyword(s):

Complex System ◽

Complex Systems ◽

Systems Engineering ◽

Cyber Attacks ◽

Simulation Methods ◽

Assessment Methodology ◽

Cyber Attack ◽

Cyber Threats ◽

Attack Surface ◽

Model Based Systems Engineering

<div>Cyber-worthiness as it is termed in Australian Defence, or cyber-maturity more broadly, is a necessary feature of modern complex systems which are required to operate in a hostile cyber environment. To evaluate the cyber-worthiness of complex systems, an assessment methodology is required to examine a complex system’s or system-of-system’s vulnerability to and risk of cyber-attacks that can compromise such systems. This assessment methodology should address the cyber-attack surface and threat kill chains, including supply chains and supporting infrastructure. A cyber-worthiness capability assessment methodology has been developed based on model-based systems engineering concepts to analyse the cyber-worthiness of complex systems and present a risk assessment of various cyber threats to the complex system. This methodology incorporates modelling and simulation methods that provide organisations greater visibility and consistency across diverse systems, especially to drive cybersecurity controls, investment and operational decisions involving aggregated systems. In this paper, the developed methodology will be presented in detail and hypothesised outcomes will be discussed.</div>

Download Full-text

Cybersecurity Policy and Its Implementation in Indonesia

Journal of ASEAN Studies ◽

10.21512/jas.v4i1.967 ◽

2016 ◽

Vol 4 (1) ◽

pp. 61 ◽

Cited By ~ 1

Author(s):

Muhamad Rizal ◽

Yanyan Yani

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

The State ◽

Nation State ◽

Counter Measures ◽

Cyber Threats ◽

Unitary State ◽

The Republic ◽

The Government ◽

State Defense

The purpose of state defense is to protect and to save the integrity of the Unitary State of the Republic of Indonesia, the sovereignty of the state, as well as its security from all kinds of threats, whether they are military or non-military ones. One of the non-military threats that potentially threatens the sovereignty and security of the nation-state is the misuse of technology and information in cyberspace. The threat of irresponsible cyber attacks can be initiated by both state and non-state actors. The actors may be an individual, a group of people, a faction, an organization, or even a country. Therefore, the government needs to anticipate cyber threats by formulating cyber security strategies and determining comprehensive steps to defend against cyber attacks; its types and the scale of counter-measures, as well as devising the rules of law.

Download Full-text

Cyber Attacks on Critical Infrastructure

Advances in Digital Crime, Forensics, and Cyber Terrorism - Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance ◽

10.4018/978-1-4666-6324-4.ch001 ◽

2015 ◽

pp. 1-18 ◽

Cited By ~ 1

Author(s):

Ana Kovacevic ◽

Dragana Nikolic

Keyword(s):

Control Systems ◽

Cyber Security ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Cyber Attack ◽

Future Directions ◽

Infrastructure Systems ◽

Cyber Threats ◽

Scada Systems ◽

Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Download Full-text

China's Cyber Tool

Cyber Behavior ◽

10.4018/978-1-4666-5942-1.ch040 ◽

2014 ◽

pp. 794-812

Author(s):

Timothy L. Thomas

Keyword(s):

Information Age ◽

Cyber Defense ◽

Cyber Threats

This chapter analyses how China is using cyber reconnaissance to achieve electronic shi, defined as strategic advantage. It examines China's cyber strategy and information age advantages; Chinese financial and military cyber threats; China's hacker population; and Chinese organizations devoted to cyber defense. Once attained, electronic shi allows a country to “win victory before the first battle.”

Download Full-text

Cooperation and Free Riding in Cyber Security Information-Sharing Programs

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch018 ◽

2018 ◽

pp. 309-324 ◽

Cited By ~ 1

Author(s):

Asmeret Bier Naugle ◽

Austin Silva ◽

Munaf Aamir

Keyword(s):

Information Sharing ◽

Cyber Security ◽

Low Cost ◽

Cost Savings ◽

Free Riding ◽

Cyber Attacks ◽

Defense Strategies ◽

Shared Information ◽

Substantial Investment ◽

Human Decision

Even with substantial investment in cyber defense, the risk of harm from cyber attacks is significant for many organizations. Multi-organization information-sharing programs have the potential to improve cyber security at relatively low cost by allowing organizations that face similar threats to share information on vulnerabilities, attacks, and defense strategies. The dynamics of an information-sharing program are likely to depend heavily on interactions between human decision makers. This article describes a system dynamics model of an information-sharing program. The model incorporates decision-making strategies of managers and cyber defenders in each participating organization. The model was used to assess how free-riding behavior is likely to affect the success of a multi-organization information-sharing program. Results shows that free riding may make information sharing more volatile and less beneficial early on, but other factors, including cost savings and the perceived utility of shared information, are likely to create success later in the time horizon.

Download Full-text