Cyberinsecurity and Cyberwarfare

This chapter seeks to define the term “cyberinsecurity” as the intersection of human fears and errors with user behaviour in a digital setting. Examining links between psychology and human-computer interaction, the author explores several case studies set against the context of cyber-authoritarianism in Asian countries and argues that any attempts to address or advance studies in cybersecurity and cyberwarfare must be grounded in a solid foundation of current social science theory.

Developing Confidence Building Measures (CBMs) in Cyberspace between Pakistan and India

Cyberspace is at once an area of immense cooperation and a no-holds barred arena for competition. Difficulties in creating a stable environment in cyberspace stem from differing national perceptions regarding the freedom of the Internet, application of international law and problems associated with attribution. Information space has no borders and no recognized rules of engagement or internationally accepted regulatory mechanisms. State parties, freelancers, criminals and terrorists all consider cyber operations beyond the pale of international jurisdiction. Some agreements have emerged concerning cybercrime but cyber warfare remains outside binding legal obligations. In the absence of a consensus on treaty obligations, it is a good idea to begin by constructing credible confidence building measures (CBMs) in information space between rival states. The prospects of an unintentional war as a consequence of a cyber-attack can spell disaster for South Asia. This paper discusses a range of CBMs that can be created between India and Pakistan in cyber space to control malicious cyber behavior and avert an inadvertent war. It advocates cyber cooperation instead of cyber warfare.

Towards Protecting Critical Infrastructures

Critical Infrastructures (CIs) such as power distribution are referred to as “Critical” as, in case of failure, the impact on society and economy can be enormous. CIs are exposed to a growing number of threats. ICT security plays a major role in CI protection and risk prevention for single and interconnected CIs were cascading effects might occur. This chapter addresses CI Protection discussing MICIE Project main results, along with the mechanisms that manage the degree of confidence assigned to risk alerts allowing improving the resilience of CIs when faced with inaccurate/inconsistent alerts. The CockpitCI project is also presented, aiming to improve the resilience and dependability of CIs through automatic detection of cyber-threats and the sharing of real-time information about attacks among CIs. CockpitCI addresses one MICIE's shortcoming by adding SCADA-oriented security detection capabilities, providing input for risk prediction models and assessment of the operational status of the Industrial Control Systems.

The Rigorous Security Risk Management Model

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

Cyber Warfare

The term cyber warfare is becoming increasingly common in mainstream media, on the political stage and in military circles. To many it will appear as if the world has been caught unaware by the rise of cyber warfare and its impact on global society. In reality, research on cyber warfare in the form it is known today dates back to the 1980s. This chapter presents cyber warfare from the perspective of the research community. It highlights current research into eight distinct areas of cyber warfare, and examines the arguments, agreements and disagreements between various authors in each field. The chapter is organised into sections, with each section providing background and analysis into a particular area.

Toward Principles of Cyberspace Security

Increasing global dependence on cyberspace, rapidly and continuously changing technology, sustained vulnerabilities, and advanced persistent threats are driving an increasing societal risk of attack in cyberspace. Assuring a broad range of infrastructure critical for a well-functioning society is essential in a broad range of areas including but not limited to communications, transportation, and commerce. Based on an engagement with government, industry, and academia, and building upon prior research in computer security principles, this chapter articulates a set of enduring cybersecurity principles that can serve as a focusing framework to improve trust and assurance of systems considering requirements, architecture and design, and operations and maintenance. This chapter first outlines the threat and its consequence, describes prior research in cybersecurity principles, and then outlines a set of succinct and actionable cybersecurity principles.

The Islamist Cyberpropaganda Threat and Its Counter-Terrorism Policy Implications

This chapter examines Islamist cyberpropaganda case studies live in 2014, namely Al Qaeda, Islamic State, Boko Haram and Al Shabaab. The authors define cyberpropganda as the exploitation of the generative characteristics of online interaction for the production and reproduction of propaganda. The cross-case analysis identifies key messages and themes, how cyberpropaganda is generated and spread, and how it is made attractive to those who may act on it. In the discussion that follows implications for the policy-maker are identified and addressed. These include whether to tackle symptoms or causes of the problems and whether to treat the problems as essentially global or local. The final issue is how the counter-propagandist can make themselves heard.

Cyber Attacks and Preliminary Steps in Cyber Security in National Protection

Cyber attacks launched by individuals and/or supported by nation states have increased due to the prevalence of information technologies at critical infrastructure of the states. In this chapter, such attacks and consecutive impacts are visited. In connection with this issue, evolution of cyber threats from annoying malware to serious weapons is studied by examples; hence, precautions against such threats are visited and usage of anti-malware applications as prevalent precautions is assessed within the scope. Selected information security standards and strategies of selected states and precautions for cyber security of Turkey are studied. Our findings underline that educated citizens and companies along with public institutions should cooperate to provide a nationwide cyber security. Consequently, it is defended that governments should play an affective role to protect, educate, and guide governmental and private companies and citizens on the cyber security by promoting the cyber security topic in the successive national development plans.

Cybersecurity Requires a Clear Systems Engineering Approach as a Basis for Its Cyberstrategy

Systems engineering is the branch of engineering concerned with the development of large and complex systems, where a system is understood to be an assembly or combination of interrelated elements or parts working together toward a common objective. Past experience has shown that formal systems engineering methodologies have not always been successfully applied to large and complex cybersecurity systems. These complex systems have become commonplace when applying cyberstrategies in cybersecurity operations. The ability to build, operate and maintain such systems is crucial to the effectiveness of cybersecurity operations. Most importantly, a cyberstrategy program must surround these systems on a global scale across multiple inter-related platforms. In this chapter, the authors demonstrate why a systems engineering approach is best suited for large and complex information systems used in cybersecurity, as well as the overall cyberstrategies that must also reside over these systems.

Attribution

Attribution, finding the identity of actors behind an attack, is of primary importance to be able to classify an attack as a criminal act, an act of war, or an act of terrorism. But attribution is difficult. Many experts and analysts have explained this difficulty with technical arguments. This chapter seeks to bring nuances to such arguments closely analysing how attribution functions. It brings a focus on political factors constraining attribution, and on specifically three ones: standards of evidence, time, and private companies. It makes three main arguments. Firstly, standards of evidence are only secondary to the political will to attribute an attack. Secondly, time cannot only be reduced; the context surrounding attribution is as much important. Thirdly, companies' important role in attribution also gives ground for accused party to easily undermine their claims. The chapter concludes with opening up the debate on the usefulness of meta-data for attribution.