To see the other types of publications on this topic, follow the link: State cyberattacks.
Journal articles on the topic 'State cyberattacks'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'State cyberattacks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Watney, Murdoch. "Cybersecurity Threats to and Cyberattacks on Critical Infrastructure: a Legal Perspective." European Conference on Cyber Warfare and Security 21, no. 1 (June 8, 2022): 319–27. http://dx.doi.org/10.34190/eccws.21.1.196.
Full textAbstract:
Over the years cybersecurity threats to and cyberattacks on the critical infrastructure by state and non-state actors have escalated in intensity and sophistication. Cyberattacks, such as the 2017 NotPetya ransomware attack, the 2020 SolarWinds software supply chain attack and the 2021 Colonial Pipeline ransomware attack, illustrate the vulnerability of critical infrastructure to cyberattacks.
Most cyberattacks are committed across borders involving criminal hackers or state supported hackers. Furthermore, critical infrastructure is increasingly interconnected and interdependent. Connectivity brings about the risk of a cyberattack, demonstrated by the 2021 Colonial Pipeline ransomware attack. Interconnectedness also means that the compromise of one critical infrastructure asset can have a domino effect that degrades or disrupts others and results in cascading consequences across the economy and national security. Operational continuity is essential and this may have been one of the reasons why Colonial Pipeline paid a ransom to cyber-attackers.
A cyberattack on the critical infrastructure of a state cannot be seen in isolation as the consequences of the attack may impact other states, this was illustrated by the 2017 WannaCry and NotPetya ransomware attacks. The level of sophistication of cyberattacks has increased over the years as shown by the 2020 SolarWinds software supply chain attack. The escalation of attacks has served as a catalyst for governments to address the risk to critical infrastructure. Countries need to have strong government bodies which supervise cybersecurity in their country and work together with their counterparts in other countries by sharing information regarding threats and attacks against critical infrastructure.
The discussion focuses on the challenges that threats to and attacks on critical infrastructure present, the possible solutions a government may implement in addressing cyberattacks on critical infrastructure and the accountability of state and non-state actors of cyberattacks on critical infrastructure. The issues are discussed from a legal perspective.
2
Nizovtsev, Yuriy Yu, Andrii M. Lyseiuk, and Mykhailo Kelman. "From self-affirmation to national security threat." Revista Científica General José María Córdova 20, no. 38 (April 1, 2022): 355–70. http://dx.doi.org/10.21830/19006586.905.
Full textAbstract:
This paper aims to study the main stages of cyberattacks’ evolution in terms of the danger they pose, from the first hooligan cyberattacks to modern cyberwars. The authors use empirical qualitative and quantitative research methods to assess the stages of cyberattack development, considering their increasing numbers, diversity, and the creation of the malware employed. The paper provides a better understanding of the causes, conditions, and consequences of the emerging types of cyberattacks. The article concludes by pointing out the three stages in the evolution of cyberattacks and draws upon the main characteristic features of the current state of the cyber environment.
3
Annef, Al Bahits. "ANCAMAN SIBER DI TENGAH PANDEMI COVID-19 : TINJAUAN TERHADAP KEAMANAN NON-TRADISIONAL DAN KEAMANAN SIBER DI INDONESIA." Sriwijaya Journal of International Relations 1, no. 1 (June 28, 2021): 18–33. http://dx.doi.org/10.47753/sjir.v1i1.3.
Full textAbstract:
Several policies made by country during pandemic related to restriction and prohibition of public mobility implicated to cyberspace activities. Internet Users in Indonesia increased significantly by 17% in 2020 compared to 2019. Internet Users escalation during pandemic reciprocal with the rise of cyberattacks. By using qualitative methods, this paper aims to explain the phenomenon using two approaches, non-traditional security and cybersecurity. The author's findings show that cyberattacks in Indonesia elevated by 5 times in 2020. Some of these cyberattacks include phishing emails, ransomware and disinformation. These cyberattacks potentially threaten human security in various sectors such as personal, community, health, and economic security. Author also tries to elaborate the cyberattack with the National Cyber and Crypto Agency’s (BSSN) responses as a state entity.
4
KOLOSOK, Irina N., and Liudmila A. GURINA. "Identification of Cyberattacks on SCADA and WAMS Systems in Electric Power Systems when Processing Measurements by State Estimation Methods." Elektrichestvo 6, no. 6 (2021): 25–32. http://dx.doi.org/10.24160/0013-5380-2021-6-25-32.
Full textAbstract:
The hardware and software tools of the data acquisition and processing systems, as well as the state estimation procedure intended to support the actions of dispatching personnel in performing operational and emergency control of electric power systems (EPS), are critically important components of the EPS information and communication subsystem, but at the same time, they are most vulnerable to cyberattacks. To reduce the extent to which cyberattacks can affect the control quality, it is proposed to use statistical methods for processing measurement information. First of all, these are static and dynamic state estimation methods, including a procedure for verifying measurements or detecting bad data. An analysis of data quality can determine the type of cyberattack undertaken and identify overlooked vulnerabilities. The article presents the findings from a study of two most commonly used bad data detection methods: the a priori method for analyzing the residuals of test equations and the a posteriori method for analyzing the weighted estimation residuals to identify data distorted as a consequence of specially generated cyberattacks. An algorithm to detect erroneous measurements that appear during cyberattacks and are not identified by conventional measurement verification methods in performing EPS state estimation is proposed
5
Khattak, Zulqarnain H., Hyungjun Park, Seongah Hong, Richard Atta Boateng, and Brian L. Smith. "Investigating Cybersecurity Issues in Active Traffic Management Systems." Transportation Research Record: Journal of the Transportation Research Board 2672, no. 19 (July 22, 2018): 79–90. http://dx.doi.org/10.1177/0361198118787636.
Full textAbstract:
Active traffic management (ATM) systems have been introduced by transportation agencies to manage recurrent and non-recurrent congestion. ATM systems rely on the interconnectivity of components made possible by wired and/or wireless networks. Unfortunately, this connectivity that supports ATM systems also provides potential system access points that results in vulnerability to cyberattacks. This is becoming more pronounced as ATM systems begin to integrate Internet of Things (IoT) devices. Hence, there is a need to rigorously evaluate ATM systems for cyberattack vulnerabilities, and explore design concepts that provide stability and graceful degradation in the face of cyberattacks. In this research, a prototype ATM system along with a real-time cyberattack monitoring system were developed for a 1.5-mile section of I-66 in Northern Virginia. The monitoring system detects deviation from expected operation of an ATM system by comparing lane control states generated by the ATM system with lane control states deemed most likely by the monitoring system. This comparison provides the functionality to continuously monitor the system for abnormalities that would result from a cyberattack. In the case of any deviation between two sets of states, the monitoring system displays the lane control states generated by the back-up data source. In a simulation experiment, the prototype ATM system and cyberattack monitoring system were subject to emulated cyberattacks. The evaluation results showed that the ATM system, when operating properly in the absence of attacks, improved average vehicle speed in the system to 60 mph (a 13% increase compared to the baseline case without ATM). However, when subject to cyberattack, the mean speed reduced by 15% compared to the case with the ATM system and was similar to the baseline case. This illustrates that the effectiveness of the ATM system was negated by cyberattacks. The monitoring system allowed the ATM system to revert to an expected state with a mean speed of 59 mph and reduced the negative impact of cyberattacks. These results illustrate the need to revisit ATM system design concepts as a means to protect against cyberattacks in addition to traditional system intrusion prevention approaches.
6
Górka, Marek. "Catalysts of Cyber Threats on the Example of Visegrad Group Countries." Politics in Central Europe 18, no. 3 (September 1, 2022): 317–42. http://dx.doi.org/10.2478/pce-2022-0014.
Full textAbstract:
Abstract The article deals with cyber incidents that were recorded in the area of the V4 countries. It is important for the discussed topic to extract certain factors and with their help to characterise the conducted cyberattacks in terms of political motivations. The analysis tries to prove the existence of politically motivated cyberattacks. This, in turn, helps to determine the consequences of such cyber incidents. Moreover, the scale and magnitude of the cyberattack can be information to determine the strategic maturity and cyber capabilities of the adversary. Thus, the incidents that have occurred allow a cyberattack to be characterised in political terms and thus have value as information about ongoing conflicts in cyberspace that either reflect reality or foreshadow actions yet to come in the real world. Cyber operations can also be used as a tool to build a sphere of influence and exert political, economic and military pressure on a particular state.
7
Połeć, Jolanta, and Wojciech Trzaskowski. "The Influence of Cyberwars on Socioeconomic Activity of Residents of Central and Eastern Europe." Przegląd Nauk o Obronności, no. 12 (June 20, 2022): 111–30. http://dx.doi.org/10.37055/pno/150838.
Full textAbstract:
ObjectivesThe purpose of this article is to investigate and present the issue of cyberwar and its impact on the socio-economic activity of inhabitants of Central and Eastern Europe.MethodsThe main method used in this study is a systematic review of international and Polish political literature in the fields of cybersecurity, sociology, military, international relations and international politics.ResultsThe analysis enabled identifying the importance of the cyberspace driven by the technological development. Article discusses key terms, the concept of cyberwar, categorization of cyberattacks and their influence on the socio-economic activity of the inhabitants of Central and Eastern Europe. The last part examines examples of cyberattacks in Kosovo, Estonia, Georgia, Bulgaria and Ukraine.ConclusionsThe technological progress impacts the emergence of cyberthreats such as cybercrime, cyberterrorism or cyberwars carried out through the newest technology. These actions are affecting both state institutions and citizens. The examples prove that cyberwar is already being used to damage the big-scale national projects. A cyberattack often targets a politically inconvenient opponent, not to physically eliminate them but to cause chaos and a breach of trust among their adherents. Some countries use cyberattacks to influence the internal affairs of another country. Even if thoroughly planned and carried out, an attack can still change or strengthen the current government. Neglecting the threat of cyberattacks may affect the citizens gravely. It may increase the awareness of the danger or give an institution greater control over personal freedom of citizens. Cybersecurity is best achieved through education and raising awareness.
8
Hrushko, M. V. "ATTRIBUTION OF CYBERATTACKS AS A PREREQUISITE FOR ENSURING RESPONSIBLE BEHAVIOR IN CYBERSPACE." Constitutional State, no. 43 (October 26, 2021): 195–201. http://dx.doi.org/10.18524/2411-2054.2021.43.241002.
Full textAbstract:
Growing impunity in cyberspace is cause by the lack of responsibility for the most serious cyberoperations that present a threat to both state and non-state actors. The only possible solution is to trace such cyberoperations to those who stand behind them. Since the seriousness of consequences increases in case of state-committed cyberattacks, the article deals with the issue of attribution of cyberattacks to states with the aim of ensuring responsible behavior of all states in cyberspace. The existing practice of public attribution and features of cyberoperations, as a rule, requires not only performing legal attribution, but also technical and public (political) attribution. Author thus starts with analyzing the current state of affairs – public attribution of cyberattack, its effectiveness and the role of private sector in attribution (decentralized attribution to support or deny government`s finding). The article also examines the customary basis for attributing state-related cyberattacks contained in the Articles on State Responsibility for Internationally Wrongful Acts and Tallinn Manual 2.0 on the Application of International Law to Cyberoperations. Although public attribution is, indeed, a step towards responsible behavior in cyberspace, legal attribution may contribute even more. In this article increased attention is paid to the test of effective control, which is used to attribute internationally wrongful acts to states committed by non-state actors acting under its control or direction. Finally, it concludes that global efforts are needed to ensure responsible behavior in cyberspace, especially in the context of international security. For this, states should get into partnership with private sector in performing attribution of cyberoperations and apply to international bodies, which have jurisdiction over state claims and are able to perform legal attribution for the purpose of establishing state responsibility. Only in this way it will be possible to guarantee responsible behavior of states in cyberspace, and create a common understanding and approach against cyberoperations committed by non-state cyber actors.
9
Alsulami, Abdulaziz A., Qasem Abu Al-Haija, Ali Alqahtani, and Raed Alsini. "Symmetrical Simulation Scheme for Anomaly Detection in Autonomous Vehicles Based on LSTM Model." Symmetry 14, no. 7 (July 15, 2022): 1450. http://dx.doi.org/10.3390/sym14071450.
Full textAbstract:
Technological advancement has transformed traditional vehicles into autonomous vehicles. Autonomous vehicles play an important role since they are considered an essential component of smart cities. The autonomous vehicle is an intelligent vehicle capable of maintaining safe driving by avoiding crashes caused by drivers. Unlike traditional vehicles, which are fully controlled and operated by humans, autonomous vehicles collect information about the outside environment using sensors to ensure safe navigation. Autonomous vehicles reduce environmental impact because they usually use electricity to operate instead of fossil fuel, thus decreasing the greenhouse gasses. However, autonomous vehicles could be threatened by cyberattacks, posing risks to human life. For example, researchers reported that Wi-Fi technology could be vulnerable to cyberattacks through Tesla and BMW autonomous vehicles. Therefore, further research is needed to detect cyberattacks targeting the control components of autonomous vehicles to mitigate their negative consequences. This research will contribute to the security of autonomous vehicles by detecting cyberattacks in the early stages. First, we inject False Data Injection (FDI) attacks into an autonomous vehicle simulation-based system developed by MathWorks. Inc. Second, we collect the dataset generated from the simulation model after integrating the cyberattack. Third, we implement an intelligent symmetrical anomaly detection method to identify false data cyber-attacks targeting the control system of autonomous vehicles through a compromised sensor. We utilize long short-term memory (LSTM) deep networks to detect False Data Injection (FDI) attacks in the early stage to ensure the stability of the operation of autonomous vehicles. Our method classifies the collected dataset into two classifications: normal and anomaly data. The experimental result shows that our proposed model’s accuracy is 99.95%. To this end, the proposed model outperforms other state-of-the-art models in the same study area.
10
Eichensehr, Kristen E. "Decentralized Cyberattack Attribution." AJIL Unbound 113 (2019): 213–17. http://dx.doi.org/10.1017/aju.2019.33.
Full textAbstract:
Attribution of state-sponsored cyberattacks can be difficult, but the significant uptick in attributions in recent years shows that attribution is far from impossible. After several years of only sporadic attributions, Western governments in 2017 began attributing cyberattacks to other governments more frequently and in a more coordinated fashion. But nongovernment actors have more consistently attributed harmful cyber activity to state actors. Although not without risks, these nongovernmental attributions play an important role in the cybersecurity ecosystem. They are often faster and more detailed than governmental attributions, and they fill gaps where governments choose not to attribute. Companies and think tanks have recently proposed centralizing attribution of state-sponsored cyberattacks in a new international entity. Such an institution would require significant start-up time and resources to establish efficacy and credibility. In the meantime, the current system of public-private attributions, decentralized and messy though it is, has some underappreciated virtues—ones that counsel in favor of preserving some multiplicity of attributors even alongside any future attribution entity.
11
Knebel, Sebastian, Mario D. Schultz, and Peter Seele. "Cyberattacks as “state of exception” reconceptualizing cybersecurity from prevention to surviving and accommodating." Journal of Information, Communication and Ethics in Society 20, no. 1 (October 11, 2021): 91–109. http://dx.doi.org/10.1108/jices-01-2021-0015.
Full textAbstract:
Purpose This paper aims to outline how destructive communication exemplified by ransomware cyberattacks destroys the process of organization, causes a “state of exception,” and thus constitutes organization. The authors build on Agamben's state of exception and translate it into communicative constitution of organization (CCO) theory. Design/methodology/approach A significant increase of cyberattacks have impacted organizations in recent times and laid organizations under siege. This conceptual research builds on illustrative cases chosen by positive deviance case selection (PDCS) of ransomware attacks. Findings CCO theory focuses mainly on ordering characteristics of communication. The authors aim to complement this view with a perspective on destructive communication that destroys the process of organization. Based on illustrative cases, the authors conceptualize a process model of destructive CCO. Practical implications The authors expand thoughts about a digital “corporate immune system” to question current offensive cybersecurity strategies of deterrence and promote resilience approaches instead. Originality/value Informed by destructive communication of cyberattacks, this theory advancement supports arguments to include notions of disorder into CCO theory. Furthermore, the paper explains where disruptions like cyberattacks may trigger sensemaking and change to preserve stability. Finally, a novel definition of ‘destructive CCO’ is provided: Destructive Communication Constitutes Organization by disrupting and destroying its site and surface while triggering sensemaking and becoming part of sensemaking itself.
12
Vasylenko, Serhii, Igor Samoilov, and Serhii Burian. "Method of control of the state of protection of the automated process control system of the critical infrastructure facility." Collection "Information Technology and Security" 10, no. 1 (June 30, 2022): 17–26. http://dx.doi.org/10.20535/2411-1031.2022.10.1.261047.
Full textAbstract:
Constant dynamic processes of society informatization drastically change all spheres of its life, giving them new impulses and opportunities for implementation in the new conditions. At the same time, these processes are the cause of fundamentally new challenges for the security sector, which cause the deep penetration of information technology into all elements of infrastructure, including critical ones. Cyberattacks on critical information infrastructure facility of critical infrastructure facility (CIIF CIF) are particularly dangerous. Much of the CIIF CIF cyberthreats are related to the massive implementation of Industry 4.0 (I 4.0) technologies such as digital ecosystems, the Industrial Internet of Things (IIoT), big data analytics, the use of digital platforms, etc. The risks associated with these require new solutions in the management of the CIIF CIF conservation status. In the work as CIIF CIF considered the automated process control system (APCS) CIF built with IIoT-sensors usage. The peculiarities of building such systems and the need for rapid response to any cyberincidents require automation of the management of decision-making process for the application of the necessary protection means. For the state of protection against cyberattacks on APCS CIF it is proposed to use the method of making management decisions based on a dynamic programming, depending on the type of cyberattack control, selection and application of appropriate means of protection and to reduce the consequences of cyberincidents.
13
Kolosok, Irina, and Liudmila Gurina. "Cyber Security-Oriented Smart Grid State Estimation." E3S Web of Conferences 69 (2018): 02004. http://dx.doi.org/10.1051/e3sconf/20186902004.
Full textAbstract:
Development of Smart Grid involves the introduction of Wide Area Measurement System (WAMS), which provides the use of information, computing and digital technologies for measuring, transmitting and processing operating parameters when solving control problems. In this regard, the increased vulnerability to cyberattacks of the control system was noted. The control of Smart Grid includes monitoring, forecasting and planning of the system operation based on its Electric Power System state estimation results. Therefore, the goal of the paper is to develop a mathematical instrument to bad data detection under cyberattacks. Particular attention is paid to false data injection attacks which result in distortion of state variables estimates. The result of the research is an algorithm developed for state estimation based on the interior point method and test equation obtained by Crout matrix decomposition. The obtained results showed effectiveness of the algorithm in state estimation.
14
Surilova, O. O. "PUBLIC ATTRIBUTION OF CYBERATACS BY EU MEMBER STATES AND THE APPLICATION OF CYBERSANCTIONS BY THE UNION TO CYBERATTACKS THREATENING THE UNION OR ITS MEMBER STATES." Constitutional State, no. 43 (October 26, 2021): 209–16. http://dx.doi.org/10.18524/2411-2054.2021.43.241005.
Full textAbstract:
The article examines the issue of public attribution of cyberattacks threatening the European Union or its Member States, and effectiveness of the adopted «cyber diplomacy toolbox» within the Framework for a joint EU diplomatic response to malicious cyber activities. Since public attribution of cyberattacks is a sovereign political decision, which differs from legal attribution for the purpose of invoking state responsibility under Articles on State Responsibility for Internationally Wrongful Acts, author defines the rationale behind decisions to attribute or not to attribute cyberattacks to a particular state by examples of the Netherlands and France. While the Netherlands insist on deterrent effect of public attribution, France believes in the effectiveness of attribution provided to the allege wrongdoer by diplomatic channels. In the article, the effectiveness of cybersanctions implemented at Union level against a limited range of cyberattacks threatening the Union or its Member States was also under assessment. Article concludes that imposition of targeted sanctions in conjunction with sectoral sanctions will increase sanctions` purposes to coerce, constrain, and to signal. However, nowadays only targeted sanctions against individuals and legal entities are foreseen by the EU`s decision. At the same time, this fact does not exclude the possible application of sectoral sanctions against the most serious cyberattacks against EU` or its member states` infrastructure. Finally, the article justifies the possibility of using attribution reports prepared by the private sector to include individuals in the sanctions list if the attribution of Member States is based on intelligence that they do not wish to disclose. Moreover, malicious cyberoperations affect not only states`, but also private sector`s, interests. Private IT and cybersecurity companies thus have a chance to prove their ability to produce detailed and reliable reports on attribution of cyberoperations. Author is convinced both centralized (governmental) and decentralized (private) attribution of cyberattacks is necessary for correctness of findings.
15
Voronko, I. "DIFFERENTIAL-GAME MODEL OF INFORMATION PROTECTION FOR COMPUTER SYSTEMS OF TRANSPORT INFRASTRUCTURE." Collection of scientific works of the State University of Infrastructure and Technologies series "Transport Systems and Technologies" 1, no. 38 (December 24, 2021): 201–12. http://dx.doi.org/10.32703/2617-9040-2021-38-198-19.
Full textAbstract:
The article considers the reliability and protection of information of computer systems of transport infrastructure and describes the synthesis and analysis of differential game models and methods of modeling cyberattack processes on the server of computer information and diagnostic systems of the railway power supply distance. A unified differential-game model of the cyberattack process on the multi-task server of the information-diagnostic computer system of the lower level of the railway has been developed, which allows to obtain optimal strategies for information protection in cyberattacks. The results of modeling the cyberattack process are presented, to assess the integrated indicators of server security, using the optimal strategies for each of the functions. The appearance of the unified model of the computer information system is shown, and the graphs of the transient processes of the probability of the server being in a protected state and the probability of server failure for any of the functionalities are given.
16
Poptchev, Peter. "NATO-EU Cooperation in Cybersecurity and Cyber Defence Offers Unrivalled Advantages." Information & Security: An International Journal 45 (2020): 35–55. http://dx.doi.org/10.11610/isij.4503.
Full textAbstract:
The article identifies the trends as well as documented instances of adversarial cyberattacks and hybrid warfare against NATO and EU Member States. It illustrates how these adversarial activities impact on the broader aspects of national security and defence, the socio-economic stability and the democratic order of the states affected, including on the cohesion of their respective societies. Cyberattacks by foreign actors—state and non-state—including state-sponsored attacks against democratic institutions, critical infrastructure and other governmental, military, economic, academic, social and corporate systems of both EU and NATO Member States have noticeably multiplied and have become more sophisticated, more destructive, more expensive and often indiscriminate. The cyber and hybrid threats are increasingly seen as a strategic challenge. The article presents some salient topics such as the nexus between cyberattacks and hybrid operations; the game-changing artificial intelligence dimension of the cyber threat; and the viability of public attributions in cases of cyberattacks. On the basis of analysis of the conceptual thinking and policy guide-lines of NATO, the European Union and of the U.S., the author makes the case that a resolute Trans-Atlantic cooperation in the cyber domain is good for the security of the countries involved and essential for the stability of today’s cyber-reliant world.
17
Kolosok, Irina, and Liudmila Gurina. "A bad data detection approach to EPS state estimation based on fuzzy sets and wavelet analysis." E3S Web of Conferences 216 (2020): 01029. http://dx.doi.org/10.1051/e3sconf/202021601029.
Full textAbstract:
The paper offers an algorithm for detection of erroneous measurements (bad data) that occur at cyberattacks against systems for data acquisition, processing and transfer and cannot be detected by conventional methods of measurement validation at EPS state estimation. Combined application of wavelet analysis and theory of fuzzy sets when processing the SCADA and WAMS measurements produces higher accuracy of the estimates obtained under incomplete and uncertain data and demonstrates the efficiency of proposed approach for practical computations in simulated cyberattacks.
18
LYSENKO, SERGII, DMYTRO SOKALSKYI, and IIANA MYKHASKO. "METHODS FOR CYBERATTACKS DETECTION IN THE COMPUTER NETWORKS AS A MEAN OF RESILIENT IT-INFRASTRUCTURE CONSTRUCTION: STATE-OF-ART." Computer systems and information technologies, no. 3 (April 14, 2022): 31–35. http://dx.doi.org/10.31891/csit-2021-5-4.
Full textAbstract:
The paper presents a state-of-art of the methods for cyberattacks detection in the computer networks. The main accent was made on the concept of the resilience for the IT infrastructure. The concept of cyber resilience in the terms of cybersecurity was presented. The survey includes the set of approaches devoted to the problem of construction resilient infrastructures. All investigated approaches are aimed to construct and maintain infrastructure’s resilience for cyberattacks resistance. Mentioned techniques and frameworks keep the main principles to assure resilience. To do this there exists some requirements to construct such infrastructure: IT infrastructure has to include the set ready to use measures of preparation concerning the possible cyber threats; it must include the set of special measures for the protection, as well as for cyberattacks detection; important issue and required is the possibility to respond the attack and to be able to absorb the negative attacks’ impact; IT infrastructure must be as adaptive as it is possible, because today the dynamic of the attacks mutation is very high; IT infrastructure must be recoverable after the attacks were performed. In addition, the state-of-art found out that known approaches have domain-specific usage and it is important to develop new approaches and frameworks for the cyberattacks detection in the computer networks as a means of resilient IT-infrastructure construction.
19
Lukicheva, I. A., and A. L. Kulikov. "The usage of power system multi-model forecasting aided state estimation for cyber attack detection." Power engineering: research, equipment, technology 23, no. 5 (January 9, 2022): 13–23. http://dx.doi.org/10.30724/1998-9903-2021-23-5-13-23.
Full textAbstract:
THE PURPOSE. Smart electrical grids involve extensive use of information infrastructure. Such an aggregate cyber-physical system can be subject to cyber attacks. One of the ways to counter cyberattacks is state estimation. State Estimation is used to identify the present power system operating state and eliminating metering errors and corrupted data. In particular, when a real measurement is replaced by a false one by a malefactor or a failure in the functioning of communication channels occurs, it is possible to detect false data and restore them. However, there is a class of cyberattacks, so-called False Data Injection Attack, aimed at distorting the results of the state estimation. The aim of the research was to develop a state estimation algorithm, which is able to work in the presence of cyber-attack with high accuracy.METHODS. The authors propose a Multi-Model Forecasting-Aided State Estimation method based on multi-model discrete tracking parameter estimation by the Kalman filter. The multimodal state estimator consisted of three single state estimators, which produced single estimates using different forecasting models. In this paper only linear forecasting models were considered, such as autoregression model, vector autoregression model and Holt’s exponen tial smoothing. When we obtained the multi-model estimate as the weighted sum of the single-model estimates. Cyberattack detection was implemented through innovative and residual analysis. The analysis of the proposed algorithm performance was carried out by simulation modeling using the example of a IEEE 30-bus system in Matlab.RESULTS. The paper describes an false data injection cyber attack and its specific impact on power system state estimation. A Multi - Model Forecasting-Aided State Estimation algorithm has been developed, which allows detecting cyber attacks and recovering corrupted data. Simulation of the algorithm has been carried out and its efficiency has been proved.CONCLUSION. The results showed the cyber attack detection rate of 100%. The Multi-Model Forecasting-Aided State Estimation is an protective measure against the impact of cyber attacks on power system.
20
Kallberg, Jan, and Bhavani Thuraisingham. "State Actors' Offensive Cyberoperations: The Disruptive Power of Systematic Cyberattacks." IT Professional 15, no. 3 (May 2013): 32–35. http://dx.doi.org/10.1109/mitp.2013.20.
Full text
21
Maltseva, Irina, Yuliya Chernish, and Roman Shtonda. "ANALYSIS OF SOME CYBER THREATS IN WAR." Cybersecurity: Education, Science, Technique 16, no. 4 (2022): 37–44. http://dx.doi.org/10.28925/2663-4023.2022.16.3744.
Full textAbstract:
This article examines the most famous and high-profile cyber threats that were carried out against the state during the Russian invasion. We also analyzed the laws that were adopted during the hostilities on the territory of our state. They have significantly affected the protection against further threats to the entire system.The issue of Russia's destructive and destructive cyberattacks before the invasion of our country proves that cyberattacks play an important and strategic role in today's world and war, regardless of whether the public is aware of it. This threat is constant for us and it does not stand still and develops. Cyberattacks pose significant problems to our system and infrastructure with paradoxical consequences.Ukraine's security dependssignificantly on cybersecurity. This should not only focus attention, but even make every effort. Technological progress will grow, and behind it the dependence in cyberspace. It should be noted that the legislative regulation of relations also has its needs for constant updating and support of the rapid development of technological processes
22
Sigholm, Johan. "Non-State Actors in Cyberspace Operations." Journal of Military Studies 4, no. 1 (December 1, 2013): 1–37. http://dx.doi.org/10.1515/jms-2016-0184.
Full textAbstract:
Abstract The growing importance of cyberspace to modern society, and its increasing use as an arena for dispute, is becoming a national security concern for governments and armed forces globally. The special characteristics of cyberspace, such as its asymmetric nature, the lack of attribution, the low cost of entry, the legal ambiguity, and its role as an efficient medium for protest, crime, espionage and military aggression, makes it an attractive domain for nation-states as well as non-state actors in cyber conflict. This paper studies the various non-state actors who coexist in cyberspace, examines their motives and incitements, and analyzes how and when their objectives coincide with those of nation-states. Literature suggests that many nations are currently pursuing cyberwarfare capabilities, oftentimes by leveraging criminal organizations and irregular forces. Employment of such non-state actors as hacktivists, patriot hackers, and cybermilitia in state-on-state cyberspace operations has also proved to be a usable model for conducting cyberattacks. The paper concludes that cyberspace is emerging as a new tool for state power that will likely reshape future warfare. However, due to the lack of concrete cyberwarfare experience, and the limited encounters of legitimate cyberattacks, it is hard to precisely assess future effects, risks and potentials.
23
Mokhor, Volodymyr, Oleksandr Korchenko, Serhii Honchar, Maxsim Komarov, and Alla Onyskova. "Research of the impact on the ecology of the state of cybersecurity of the critical infrastructure objects." E3S Web of Conferences 280 (2021): 09009. http://dx.doi.org/10.1051/e3sconf/202128009009.
Full textAbstract:
The analysis of the impact on the ecology of the state of cybersecurity of critical infrastructure objects and the factors influencing the state of cybersecurity of the information system of the critical infrastructure object is performed. An explanation is given of why cybersecurity violations in automated process control systems can lead to consequences in the industrial sector and environmental impact. The need to develop effective and adequate proposals and measures for cybersecurity of information systems of the critical infrastructure objects is shown. The classification of assets that are the objects of cyberattacks by attackers and the categories of impact on the critical infrastructure objects are given. Approaches to determining the cyber threat risk factor of the critical infrastructure object and the relevance of threats are presented. The method of assessing the degree of possible damage from the implementation of information security threats is considered. The results of this analysis can be used to develop proposals and measures to avoid the effects of cyberattacks on the critical infrastructure objects. The prospect of further research is to develop a methodology for determining the relationship between specific cyberattacks and possible quantitative damage.
24
Тарасевич, Ксения Александровна. "Cyberattack as a Risk Factor During Formation of Business Reputation of a Commercial Legal Entity." ЖУРНАЛ ПРАВОВЫХ И ЭКОНОМИЧЕСКИХ ИССЛЕДОВАНИЙ, no. 2 (June 15, 2022): 87–92. http://dx.doi.org/10.26163/gief.2022.68.56.015.
Full textAbstract:
Проводится анализ рисков и последствий кибератак для предпринимательской деятельности и деловой репутации юридических лиц. Исследуются свойства и особенности кибератак в коммерческом секторе, обосновывается необходимость противодействия угрозам в цифровом пространстве. Автор приходит к выводу о необходимости усиления взаимодействия на уровне государства, субъектов корпоративного сектора и представителей информационно-цифрового сообщества для создания действенного механизма по комплексной защите от угрозы кибератак. The article provides analysis of both risks and consequences of cyberattacks with regard to the impact thereof on businesss activities and business reputation of legal entities. The paper focuses on traits and features of cyberattacks in the commercial sector, it also makes the case for the need to strengthen multilevel cooperation including the state, corporate sector entities and digital society to create an efficient mechanism for comprehensive protection against the threat of cyberattacks.
25
Vega Vega, Rafael Alejandro, Pablo Chamoso-Santos, Alfonso González Briones, José-Luis Casteleiro-Roca, Esteban Jove, María del Carmen Meizoso-López, Benigno Antonio Rodríguez-Gómez, et al. "Intrusion Detection with Unsupervised Techniques for Network Management Protocols over Smart Grids." Applied Sciences 10, no. 7 (March 27, 2020): 2276. http://dx.doi.org/10.3390/app10072276.
Full textAbstract:
The present research work focuses on overcoming cybersecurity problems in the Smart Grid. Smart Grids must have feasible data capture and communications infrastructure to be able to manage the huge amounts of data coming from sensors. To ensure the proper operation of next-generation electricity grids, the captured data must be reliable and protected against vulnerabilities and possible attacks. The contribution of this paper to the state of the art lies in the identification of cyberattacks that produce anomalous behaviour in network management protocols. A novel neural projectionist technique (Beta Hebbian Learning, BHL) has been employed to get a general visual representation of the traffic of a network, making it possible to identify any abnormal behaviours and patterns, indicative of a cyberattack. This novel approach has been validated on 3 different datasets, demonstrating the ability of BHL to detect different types of attacks, more effectively than other state-of-the-art methods.
26
Acton, James M. "Cyber Warfare & Inadvertent Escalation." Daedalus 149, no. 2 (April 2020): 133–49. http://dx.doi.org/10.1162/daed_a_01794.
Full textAbstract:
The advent of cyber warfare exacerbates the risk of inadvertent nuclear escalation in a conventional conflict. In theory, cyber espionage and cyberattacks could enhance one state's ability to undermine another's nuclear deterrent. Regardless of how effective such operations might prove in practice, fear of them could generate escalatory “use-‘em-before-you-lose-‘em” pressures. Additionally, cyber threats could create three qualitatively new mechanisms by which a nuclear-armed state might incorrectly conclude that its nuclear deterrent was under attack. First, cyber espionage could be mistaken for a cyberattack. Second, malware could accidentally spread from systems that supported non-nuclear operations to nuclear-related systems. Third, an operation carried out by a third party could be misattributed by one state in a bilateral confrontation to its opponent. Two approaches to risk reduction are potentially viable in the short term: unilateral restraint in conducting potentially escalatory cyber operations, and bilateral or multilateral behavioral norms.
27
González-Manzano, Lorena, José M. de Fuentes, Cristina Ramos, Ángel Sánchez, and Florabel Quispe. "Identifying Key Relationships between Nation-State Cyberattacks and Geopolitical and Economic Factors: A Model." Security and Communication Networks 2022 (June 29, 2022): 1–11. http://dx.doi.org/10.1155/2022/5784674.
Full textAbstract:
Nation-state cyberattacks, and particularly Advanced Persistent Threats (APTs), have rocketed in the last years. Their use may be aligned with nation-state geopolitical and economic (GPE) interests, which are key for the underlying international relations (IRs). However, the interdependency between APTs and GPE (and thus IRs) has not been characterized yet and it could be a steppingstone for an enhanced cyberthreat intelligence (CTI). To address this limitation, a set of analytic models are proposed in this work. They are built considering 234M geopolitical events and 306 malicious software tools linked to 13 groups of 7 countries between 2000 and 2019. Models show a substantial support for launched and received cyberattacks considering GPE factors in most countries. Moreover, strategic issues are the key motivator when launching APTs. Therefore, from the CTI perspective, our results show that there is a likely cause-effect relationship between IRs (particularly GPE relevant indicators) and APTs.
28
Soleymannejad, Mohammad, Danial Sadrian Zadeh, Behzad Moshiri, Ebrahim Navid Sadjadi, Jesús García Herrero, and Jose Manuel Molina López. "State Estimation Fusion for Linear Microgrids over an Unreliable Network." Energies 15, no. 6 (March 21, 2022): 2288. http://dx.doi.org/10.3390/en15062288.
Full textAbstract:
Microgrids should be continuously monitored in order to maintain suitable voltages over time. Microgrids are mainly monitored remotely, and their measurement data transmitted through lossy communication networks are vulnerable to cyberattacks and packet loss. The current study leverages the idea of data fusion to address this problem. Hence, this paper investigates the effects of estimation fusion using various machine-learning (ML) regression methods as data fusion methods by aggregating the distributed Kalman filter (KF)-based state estimates of a linear smart microgrid in order to achieve more accurate and reliable state estimates. This unreliability in measurements is because they are received through a lossy communication network that incorporates packet loss and cyberattacks. In addition to ML regression methods, multi-layer perceptron (MLP) and dependent ordered weighted averaging (DOWA) operators are also employed for further comparisons. The results of simulation on the IEEE 4-bus model validate the effectiveness of the employed ML regression methods through the RMSE, MAE and R-squared indices under the condition of missing and manipulated measurements. In general, the results obtained by the Random Forest regression method were more accurate than those of other methods.
29
Pérez-Morón, James. "Eleven years of cyberattacks on Chinese supply chains in an era of cyber warfare, a review and future research agenda." Journal of Asia Business Studies 16, no. 2 (November 3, 2021): 371–95. http://dx.doi.org/10.1108/jabs-11-2020-0444.
Full textAbstract:
Purpose The contribution of this study aims to twofold: First, it provides an overview of the current state of research on cyberattacks on Chinese supply chains (SCs). Second, it offers a look at the Chinese Government’s approach to fighting cyberattacks on Chinese SCs and its calls for global governance. Design/methodology/approach A comprehensive literature review was conducted on Clarivate Analytics’ Web of Science, in Social Sciences Citation Index journals, Scopus and Google Scholar, published between 2010–2021. A systematic review of practitioner literature was also conducted. Findings Chinese SCs have become a matter of national security, especially in the era of cyber warfare. The risks to SC have been outlined. Cybersecurity regulations are increasing as China aims to build a robust environment for cyberspace development. Using the Technology-organization-environment (TOE) framework, the results show that the top five factors influencing the adoption process in firms are as follows: relative advantage and technological readiness (Technology context); top management support and firm size (Organization context) and government policy and regulations (Environment context). Research limitations/implications This review focuses on cyberattacks on Chinese SCs and great care was taken when selecting search terms. However, the author acknowledges that the choice of databases/terms may have excluded a few articles on cyberattacks from this review. Practical implications This review provides managerial insights for SC practitioners into how cyberattacks have the potential to disrupt the global SC network. Originality/value Past researchers proposed a taxonomic approach to evaluate progress with SC integration into Industry 4.0; in contrast, this study is one of the first steps toward an enhanced understanding of cyberattacks on Chinese SCs and their contribution to the global SC network using the TOE framework.
30
Nikolaienko, Bohdan, and Serhii Vasylenko. "APPLICATION OF THE THREAT INTELLIGENCE PLATFORM TO INCREASE THE SECURITY OF GOVERNMENT INFORMATION RESOURCES." Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska 11, no. 4 (December 20, 2021): 9–13. http://dx.doi.org/10.35784/iapgos.2822.
Full textAbstract:
With the development of information technology, the need to solve the problem of information security has increased, as it has become the most important strategic resource. At the same time, the vulnerability of the modern information society to unreliable information, untimely receipt of information, industrial espionage, computer crime, etc. is increasing. In this case, the speed of threat detection, in the context of obtaining systemic information about attackers and possible techniques and tools for cyberattacks in order to describe them and respond to them quickly is one of the urgent tasks. In particular, there is a challenge in the application of new systems for collecting information about cyberevents, responding to them, storing and exchanging this information, as well as on its basis methods and means of finding attackers using integrated systems or platforms. To solve this type of problem, the promising direction of Threat Intelligence as a new mechanism for acquiring knowledge about cyberattacks is studied. Threat Intelligence in cybersecurity tasks is defined. The analysis of cyberattack indicators and tools for obtaining them is carried out. The standards of description of compromise indicators and platforms of their processing are compared. The technique of Threat Intelligence in tasks of operative detection and blocking of cyberthreats to the state information resources is developed. This technique makes it possible to improve the productivity of cybersecurity analysts and increase the security of resources and information systems.
31
Lobach, Dmitriy. "TO THE QUESTION OF POSSIBLE INTERNATIONAL LEGAL QUALIFICATION OF CYBER ATTACKS AS A CRIME OF AGGRESSION AND INTERNATIONAL TERRORISM." Advances in Law Studies 9, no. 4 (December 25, 2021): 46–50. http://dx.doi.org/10.29039/2409-5087-2021-9-4-46-50.
Full textAbstract:
The article examines the political and legal aspects of the possible qualification of cyberattacks as acts of aggression and international terrorism. It is noted that cyber threats, which in the modern conditions of the development of the information and digital environment are considered in many national security doctrines as new challenges that threaten not only national interests, but also international law and order. It is concluded that modern trends in the development of international relations, taking into account the current state of scientific and technological progress, demonstrate the possibility of qualifying cyberattacks as acts constituting a crime of aggression or international terrorism.
32
Toliupa, S., S. Buchyk, O. Buchyk, and O. Kulinich. "PROTECTION OF STATE MANAGEMENT OF CRITICAL INFRASTRUCTURE OBJECTS UNDER THE INFLUENCE OF CYBER ATTACKS." Information and communication technologies, electronic engineering 2, no. 2 (December 2022): 33–41. http://dx.doi.org/10.23939/ictee2022.02.033.
Full textAbstract:
Critical infrastructure describes physical assets and cyber systems that are so vital to the nation that their incapacitation or destruction would have an important impact on our physical and economic security or public health and safety. The critical infrastructure of country provides essential services that are the foundation of Ukrainian society. Being in the current state of hybrid war significantly increases the threat to critical infrastructure. National security largely depends on the protection of such facilities. The article proposes a method for managing the protection state against external cyberattacks on information systems of critical infrastructure facilities based on distributive identification and dynamic programming. The essence of the method is to use the distributive identification of the external cyberattacks parameters with the choice of applying measures to protect the system with a complete description of the information system and taking into account the strategies of influence on it based on dynamic programming. Unlike similar methods, the developed method makes a management decision on the security state of information resources with a set of input external cyber attacks parameters based on parallel-distributive identification and dynamic programming. The method allows to increase the reliability of making a management decision on assessing the security state of information resources in the information system of a critical infrastructure facility, provided that the time of making a management decision on assessing the security state is no more than similar methods.
33
Abuali, M. M., and M. Sh Junisbekov. "Current cybersecurity state of automated processes in the international Aktau seaport." Mechanics and Technologies, no. 3 (September 30, 2021): 58–62. http://dx.doi.org/10.55956/giwk9768.
Full textAbstract:
This work examines the current state of the system for protecting the seaport of Aktau from possible cyber threats. The need to test the systematic approach of the port of Aktau against possible cyberattacks by introducing a modernized system that can ensure the security of vulnerable clusters is described. Recommendations are presented aimed at identifying the importance of cybersecurity for other maritime clusters of Kazakhstan's industry.
34
Shin, Young, Jae Lee, and Myungchul Kim. "Preventing State-Led Cyberattacks Using the Bright Internet and Internet Peace Principles." Journal of the Association for Information Systems 19, no. 3 (March 2018): 152–81. http://dx.doi.org/10.17705/1jais.00488.
Full text
35
Boyte, Kenneth J. "A Comparative Analysis of the Cyberattacks Against Estonia, the United States, and Ukraine: Exemplifying the Evolution of Internet-Supported Warfare." International Journal of Cyber Warfare and Terrorism 7, no. 2 (April 2017): 54–69. http://dx.doi.org/10.4018/ijcwt.2017040104.
Full textAbstract:
This comparative international case study of cyber warfare provides a context for considering the evolution of cyber technologies as elements of hybrid warfare capable of creating confusion, disrupting communications, and impacting physical infrastructure (such as power grids and satellite-based communications and weapons systems). Expanding an unpublished paper recognized by the ASIS Foundation in its 2012 international student writing competition concerning global security, which compared the cyberattacks against Estonia in 2007 and the United States in 2012, this study re-examines and updates the original data in a broader analysis that primarily includes the cyberattacks against Ukraine during the 2013-2015 conflict, but also considers other incidents on the timeline of digitization. The study shows how cyber warfare, first reported in the 1990s, has become an integral component of war today for both state and non-state actors who use zombies and robot armies to penetrate national boundaries and firewalls via satellites.
36
Lavrova, D. S. "Forecasting the State of Components of Smart Grids for Early Detection of Cyberattacks." Automatic Control and Computer Sciences 53, no. 8 (December 2019): 1023–25. http://dx.doi.org/10.3103/s0146411619080133.
Full text
37
Shterev, Yordan. "Concepts of Cyber Security." Innovative STEM Education 4, no. 1 (June 10, 2022): 79–88. http://dx.doi.org/10.55630/stem.2022.0411.
Full textAbstract:
This article summarizes, presents and develops technological concepts of cybersecurity according to the current state of the problem. Based on the OSI model, the main protocols used for it and hardware devices on the one hand, and the main vulnerabilities and threats on the other, the current protections against cyberattacks have been revealed.
38
Deng, Fenglei, Jian Wang, Bin Zhang, Chao Feng, Zhiyuan Jiang, and Yunfei Su. "A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities." Scientific Programming 2020 (September 27, 2020): 1–21. http://dx.doi.org/10.1155/2020/8883746.
Full textAbstract:
In recent years, increased attention is being given to software quality assurance and protection. With considerable verification and protection schemes proposed and deployed, today’s software unfortunately still fails to be protected from cyberattacks, especially in the presence of insecure organization of heap metadata. In this paper, we aim to explore whether heap metadata could be corrupted and exploited by cyberattackers, in an attempt to assess the exploitability of vulnerabilities and ensure software quality. To this end, we propose RELAY, a software testing framework to simulate human exploitation behavior for metadata corruption at the machine level. RELAY employs the heap layout serialization method to construct exploit patterns from human expertise and decomposes complex exploit-solving problems into a series of intermediate state-solving subproblems. With the heap layout procedural method, RELAY makes use of the fewer resources consumed to solve a layout problem according to the exploit pattern, activates the intermediate state, and generates the final exploit. Additionally, RELAY can be easily extended and can continuously assimilate human knowledge to enhance its ability for exploitability evaluation. Using 20 CTF&RHG programs, we then demonstrate that RELAY has the ability to evaluate the exploitability of metadata corruption vulnerabilities and works more efficiently compared with other state-of-the-art automated tools.
39
Efrony, Dan, and Yuval Shany. "A Rule Book on the Shelf? Tallinn Manual 2.0 on Cyberoperations and Subsequent State Practice." American Journal of International Law 112, no. 4 (October 2018): 583–657. http://dx.doi.org/10.1017/ajil.2018.86.
Full textAbstract:
AbstractThis article evaluates acceptance of the Tallinn Rules by states on the basis of eleven case studies involving cyberoperations, all occurring after the first Tallinn Manual was published in 2013. Our principal findings are that (1) it is unclear whether states are ready to accept the Tallinn Rules; (2) states show uneven interest in promoting legal certainty in cyberspace; and (3) a growing need for coordinated response to cyberattacks may induce states to consider more favorably the Tallinn Rules.
40
Zhou, Buxiang, Yating Cai, Tianlei Zang, Jiale Wu, Binjie Sun, and Shi Chen. "Reliability Assessment of Cyber–Physical Distribution Systems Considering Cyber Disturbances." Applied Sciences 13, no. 6 (March 8, 2023): 3452. http://dx.doi.org/10.3390/app13063452.
Full textAbstract:
With the development of communication technology, traditional distribution networks have gradually developed into cyber–physical systems (CPSs), from which the cyber system provides more protection for the grid and brings new security threat–cyber disturbances. Current research cannot scientifically measure the impact of cyber disturbances on the system and lacks reliability indices for a comprehensive quantitative assessment of CPS reliability from the perspective of cyber–physical fusion. If the impact of information disturbances on system reliability is not assessed accurately, it will not be possible to provide a scientific and reasonable decision basis for system planning and operation. Therefore, a set of reliability assessment methods and indices for distribution network CPSs considering cyber disturbances is proposed. Firstly, a reliability modeling method combining fault tree and Petri net is proposed to model the reliability of a distribution network CPS, which can improve the efficiency and accuracy of the modeling. Secondly, the system state is divided into two categories: normal operation state and cyberattack state. Then, generalized reliability indices considering cyber disturbances for distribution network CPSs are defined. Finally, through the tests on the modified IEEE RBTS BUS2 distribution network CPS, an analysis of the effects of information component failures, cyberattacks, and access network structures on system reliability is conducted in this paper to verify the efficiency of the proposed method and the rationality of the newly defined reliability indices.
41
Riebe, Thea, Marc-André Kaufhold, and Christian Reuter. "The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study." Proceedings of the ACM on Human-Computer Interaction 5, CSCW2 (October 13, 2021): 1–30. http://dx.doi.org/10.1145/3479865.
Full textAbstract:
Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.
42
Sutikno, Tole, and Deris Stiawan. "Cyberattacks and data breaches in Indonesia by Bjorka: hacker or data collector?" Bulletin of Electrical Engineering and Informatics 11, no. 6 (December 1, 2022): 2989–94. http://dx.doi.org/10.11591/eei.v11i6.4854.
Full textAbstract:
Recently, the public has been shocked by the mysterious figure of Hacker Bjorka. Bjorka hacked Indonesian officials. Bjorka leaks Indonesia's General Election Commission (KPU) data. This raises a significant red flag concerning Bjorka's ability to "disrupt" circumstances that are harmful to a large number of individuals, including his alleged action of leaking the personal data of influential state officials. Expert Putra Aji Adhari says Bjorka isn't a hacker. Aji Putra stated that Bjorka is a team. He, who has been invited to communicate with NASA, is sure Bjorka is still in Indonesia. Putra told Bjorka's hacking steps. Ardi Sutedja declared Bjorka isn't a person, his pattern mirrored a hacking group's. Sutedja knew Bjorka was Indonesian. Domestic targets, attacks, and mastery are evidences. On the other hand, Wiryana, as a hacker's handler, said that Bjorka is not a real hacker but rather a data collector. Ismail Fahmi says that a hacker like Bjorka uses a VPN to get to a server without leaving any traces. Bjorka might have come from Indonesia. One sign is that Bjorka's use of English is similar to how most Indonesians talk.
43
Kalinin, Maxim, Dmitry Zegzhda, Vasiliy Krundyshev, Daria Lavrova, Dmitry Moskvin, and Evgeny Pavlenko. "Application of Bioinformatics Algorithms for 3RO\PRUSKLF Cyberattacks Detection." Informatics and Automation 20, no. 4 (August 3, 2021): 820–44. http://dx.doi.org/10.15622/ia.20.4.3.
Full textAbstract:
The functionality of any system can be represented as a set of commands that lead to a change in the state of the system. The intrusion detection problem for signature-based intrusion detection systems is equivalent to matching the sequences of operational commands executed by the protected system to known attack signatures. Various mutations in attack vectors (including replacing commands with equivalent ones, rearranging the commands and their blocks, adding garbage and empty commands into the sequence) reduce the effectiveness and accuracy of the intrusion detection. The article analyzes the existing solutions in the field of bioinformatics and considers their applicability for solving the problem of identifying polymorphic attacks by signature-based intrusion detection systems. A new approach to the detection of polymorphic attacks based on the suffix tree technology applied in the assembly and verification of the similarity of genomic sequences is discussed. The use of bioinformatics technology allows us to achieve high accuracy of intrusion detection at the level of modern intrusion detection systems (more than 0.90), while surpassing them in terms of cost-effectiveness of storage resources, speed and readiness to changes in attack vectors. To improve the accuracy indicators, a number of modifications of the developed algorithm have been carried out, as a result of which the accuracy of detecting attacks increased by up to 0.95 with the level of mutations in the sequence up to 10%. The developed approach can be used for intrusion detection both in conventional computer networks and in modern reconfigurable network infrastructures with limited resources (Internet of Things, networks of cyber-physical objects, wireless sensor networks).
44
Hallman, Roger A., Maxine Major, Jose Romero-Mariona, Richard Phipps, Esperanza Romero, Scott M. Slayback, Francisco Tacliad, and John M. San Miguel. "Determining a Return on Investment for Cybersecurity Technologies in Networked Critical Infrastructures." International Journal of Organizational and Collective Intelligence 11, no. 2 (April 2021): 91–112. http://dx.doi.org/10.4018/ijoci.2021040105.
Full textAbstract:
Much of modern life is dependent on networked critical infrastructure systems—many known to be susceptible to cyberattacks—such as the electrical grid, water purification, and transportation systems. The consequences of a successful cyberattack on these systems could be catastrophic. Appropriate levels and strategies for cybersecurity investment for networked critical infrastructures present a serious challenge that administering organizations, whether public or private, must overcome in order to provide resilient services. This challenge includes understanding the actual vulnerabilities of an organization's networked systems, as well as the cost of a successful cyberattack on those systems. On top of this, an organization's cybersecurity acquisition workforce must be able to discern reality from the marketing hype that is produced by cybersecurity sales forces. Many product offerings from industry promise to secure critical infrastructures, but there is no good method for determining which product (or combination of products) is most effective for a specific environment or scenario. This paper presents a return on cybersecurity investment (ROCI) model utilized, together with a previously-developed framework for evaluating cybersecurity technologies, by the resilient critical infrastructures through secure and efficient microgrids (ReCIst) capability. ReCIst uses this model to guide decision makers on how to best implement cybersecurity towards energy resiliency, from financial, security posture, and energy efficiency perspectives. Challenges and the current state of cyber investment modeling in this domain are presented along with technical details on ReCIst's ROCI model and future work.
45
TANRIVERDIYEV, Elshan. "THE STATE OF THE CYBER ENVIRONMENT AND NATIONAL CYBERSECURITY STRATEGY IN DEVELOPED COUNTRIES." National Security Studies 23, no. 1 (March 30, 2022): 19–26. http://dx.doi.org/10.37055/sbn/149510.
Full textAbstract:
In the context of integration into modern information technologies, the state, society, business structures and individuals face critical challenges in the field of information and its authenticity in cyberspace, secure use of electronic services, protection of personal data, data completeness and confidentiality. In an environment where new cyber threats are constantly emerging and evolving, it is important for countries to have flexible, operational cybersecurity strategies against global cyber threats. In the modern era, cyberattacks and cyber defense are considered as an integral part of all operations. At present, no military operation is carried out without a cyber element. However, very few countries are able to respond to such attacks with state resources . Today, the issue of cybersecurity is considered one of the priorities. Every year, governmental, non-governmental and international organizations hold various events in this area at the regional and global levels. As it is seen, cybersecurity is a very broad and urgent problem. The Azerbaijani state has taken appropriate steps to assess the existing gaps and threats in this area in a timely manner and will continue to work with great determination . Currently, the number of cyberattacks and cyber-espionage against government agencies and private companies is growing rapidly. The consequences of well-planned and successful cyberattacks targeting interconnected and dependent information infrastructure can be devastating. Cybersecurity and privacy of personal information is becoming a strategic national issue affecting all levels of society. Therefore, cybersecurity becomes a necessary condition for the development of the information society. Each state has a different approach to cybersecurity, there are such views on cybersecurity as information security, the issue of national security, the issue of law enforcement agencies and the economic issue. Although all countries recognize the importance of international cooperation in the field of cybersecurity, the lack of a common language and approach complicates the process of international cooperation. Therefore, the partnership and cooperation of countries in the field of cybersecurity is vital. Provision of reliable cybersecurity is beyond the access of small states independently, and solving this problem requires the partnership and cooperation of all interested parties - states, law enforcement agencies, the private sector and citizens. The cross-border nature of cyber threats encourages countries to work closely together in the field of cybersecurity. Nowadays, the issue of cybersecurity is becoming a national strategic problem and affects all sectors of society. Fast, efficient and effective fight against cyber threats requires the definition of the right strategic goals. The development of a national cybersecurity strategy is the first and main step in the fight against cyber threats. To develop a successful and optimal national cybersecurity strategy, available national cybersecurity strategies should be analyzed and successful practices against cyber threats should be used.
46
Markov, A., and N. Romashkina. "The Problem of Identifying the Source (Atribution) of Cyberattacks – An International Security Factor." World Economy and International Relations 66, no. 12 (2022): 58–68. http://dx.doi.org/10.20542/0131-2227-2022-66-12-58-68.
Full textAbstract:
The work is devoted to the problem of attribution of cyberattacks as one of the top important issues on the global agenda of world politics. The subject of this research is targeted offensive computer attacks that perform state tasks. The authors have systematically analyzed the conceptual apparatus, classification features and general indicators, a set of problems related to identification of reliable sources of cyberattacks, as well as the features of targeted attacks and cybernetic groups supported by state actors. This allowed to conclude that the problem of attribution is emerging as a new scientific direction in the field of international information security. Based on the analysis of relevant studies of academic institutions and private companies, an attribution classification was proposed. It was utilized to review conceptual informal models of targeted computer attacks. The authors have analyzed issues of the applied methodological apparatus, which may affect the reliability of conclusions on imposing responsibility on the perpetrator of cyber-attack, while noting that there is a contradiction between the perception of the attribution results by various political blocs and unions. At the same moment, the USA and its allies are reported to pursue a policy of dominance in the field of attribution of targeted cyber-attacks. The paper proves the impact of modern breakthrough information technologies of the Fourth Industrial Revolution on the security of cyberspace as well as the impact of the attribution problem on the level of international security and strategic stability. This issue includes a complex set of political, regulatory, organizational and technical tasks with a high degree of uncertainty, where political aspects are playing a central role. The conclusions are confirmed by the statistics of public reports of IT companies and publications of leading research institutes. The main scientific result of the work is formulation of the problem of divergence in the attribution of computer attacks between political blocs and alliances, which negatively affects international security. The authors propose topical measures to solve the problem of attribution of cyberattacks.
47
Humeniuk, I. V., M. S. Basaraba, and O. V. Nekrilov. "METHODS OF ENSURING CYBER SECURITY OF CRITICAL COMPONENTSNETWORKS OF INFORMATION AND TELECOMMUNICATION SYSTEM." Проблеми створення, випробування, застосування та експлуатації складних інформаційних систем, no. 18 (December 30, 2020): 101–10. http://dx.doi.org/10.46972/2076-1546.2020.18.10.
Full textAbstract:
It is established that the efficiency and reliability of information and telecommunication systems, in particular the networks that are part of them, significantly depends on the high level of protection of critical components. However, the constant improvement of the technical equipment of these systems requires the creation of new and improvement of existing methodological support for cyber security. One of the promising approaches is the development of a universal method of cybersecurity in the context of cyberattacks (influences, threats, etc.) and unauthorized access by unauthorized users to critical nodes (components) of information and telecommunications systems. Timely detection, prompt counteraction to cyber threats and unauthorized access to critical network components is a necessary component of ensuring a high level of cybersecurity of the information and telecommunications system as a whole, especially in the context of hybrid warfare and armed aggression by the Russian Federation. To this end, the article proposes a method of cybersecurity of critical components of information and telecommunications systems, which is based on the integrated application of monitoring the state of network nodes and user access to them, recording the facts of cyberattacks based on analysis of incoming (outgoing) traffic, timely detection of unauthorized access to and commission of cyber threats, as well as operational response to these attempts. The paper presents the results of verification of the proposed methods. To this end, the article proposes a method of cybersecurity of critical components of information and telecommunications systems, which is based on the integrated application of monitoring the state of network nodes and user access to them, recording the facts of cyberattacks based on analysis of incoming (outgoing) traffic, timely detection of unauthorized access to and commission of cyber threats, as well as operational response to these attempts. The paper presents the results of verification of the proposed method. It is shown that its application allows to quickly detect the facts of cyber threats and unauthorized access to critical components of information and telecommunication systems networks and effectively counteract these attempts.
48
Kyva, Vladyslav. "ANALYSIS OF FACTORS AFFECTING CYBER SECURITY OF A HIGHER MILITARY EDUCATIONAL INSTITUTION." Cybersecurity: Education, Science, Technique 3, no. 15 (2022): 53–70. http://dx.doi.org/10.28925/2663-4023.2022.15.5370.
Full textAbstract:
The impact of the development and dissemination of information and communication technologies (ICT) in higher military educational institutions (HMEI) is considered in the article, as on the one hand, it increases its efficiency and promotes the training of highly qualified personnel (tactical, operational and strategic level of military education) for the Security Sector and defense of Ukraine, which is extremely necessary in the case of armed aggression by the Russian Federation, and on the other hand, it makes its information space vulnerable to cyberattacks, which the issue of cybersecurity of HMEI raises. At the same time, the author focuses on the analysis of cyber-attacks on educational institutions in recent years, which are due to the development of methods (means) of their implementation and wide access to them by various users, including attackers. In addition, Distributed Denial of Service (DDoS) cyber-attack is the most common cyber threat to international educational institutions, according to an analytical report by Netscout (a developer of ICT solutions to combat DDoS cyberattacks in the United States). It has been analyzed that criminals have recently used DDoS cyberattacks to extort money. Moreover, DDoS cyberattacks were aimed at banks, stock exchanges, travel agencies, currency exchanges and educational institutions. Therefore, the cybersecurity of HMEI needs constant attention from the participants of its provision. In addition, the analysis shows that the cybersecurity of any university is influenced by external and internal factors, which confirm the relevance of the chosen area of research. Therefore, the cybersecurity of HMEI requires an analysis of the factors that affect it, in order to choose the best option for its implementation. Accordingly, the essence and main features of the impact of factors on the cybersecurity of HMEI are identified and their characteristics are presented. The influence of factors on the cybersecurity of HMEI has been decomposed, in particular on the interdependence and criticality of their impact. The necessity of taking into account and constant monitoring of the influence of external and internal factors on the cybersecurity of HMEI is substantiated, which allows to get situational awareness of the current state of cybersecurity and to make appropriate decisions to the management.
49
Ahmed, Mohiuddin, David Cox, Benjamin Simpson, and Aseel Aloufi. "ECU-IoFT: A Dataset for Analysing Cyber-Attacks on Internet of Flying Things." Applied Sciences 12, no. 4 (February 14, 2022): 1990. http://dx.doi.org/10.3390/app12041990.
Full textAbstract:
There has been a significant increase in the adoption of unmanned aerial vehicles (UAV) within science, technology, engineering, and mathematics project-based learning. However, the risks that education providers place their student and staff under is often unknown or undocumented. Low-end consumer drones used within the education sector are vulnerable to state-of-the-art cyberattacks. Therefore, datasets are required to conduct further research to establish cyber defenses for UAVs used within the education sector. This paper showcases the development of the ECU-IoFT dataset, documenting three known cyber-attacks targeting Wi-Fi communications and the lack of security in an affordable off-the-shelf drone. At present, there are no publicly available labeled datasets that reflect cyberattacks on the Internet of Flying Things (IoFT). The majority of the publicly available network traffic datasets are emulated and do not reflect the scenarios/attacks from a real test setup. This dataset will be beneficial for both cybersecurity researchers to develop defense strategies and UAV manufacturers to design more secure products. In the future, endeavors will be taken to incorporate newer attacks and create datasets appropriate for big data analysis.
50
Diorditsa, Igor. "Modern legal content of optimization of directions of administrative and legal regulation of the state cybersecurity policy." Slovo of the National School of Judges of Ukraine, no. 4(33) (March 15, 2021): 31–42. http://dx.doi.org/10.37566/2707-6849-2020-4(33)-3.
Full textAbstract:
The article proposes to consider the author's results of determining the conceptual provisions for optimizing the areas of administrative and legal regulation of state cybersecurity policy. The content of the current state of state policy in the field of cybersecurity is considered. Theoretical and practical aspects of optimization of legal relations in the field of state cybersecurity policy are analyzed. The interpretation of the state cybersecurity policy of Ukraine is determined – the activity of state and legal institutions to manage real and potential cyber threats and dangers to meet the cyber needs of man and citizen, as well as the realization of national interests in this area. The own vision of directions of the state cybersecurity policy according to the maintenance of a number of regulatory legal acts is offered, namely: directions of the state cybersecurity policy according to the Law of Ukraine «About the basic principles of maintenance of cybersecurity of Ukraine»; directions of the state cybersecurity policy in accordance with the Law of Ukraine «On Fundamentals of National Security of Ukraine»; directions of the state cybersecurity policy in accordance with the Doctrine of Information Security of Ukraine. It is concluded that the priority areas for optimizing state policy to strengthen the administrative and legal regulation of cybersecurity of the state are the following reforming cyber law as a segment of information legislation of Ukraine, especially in terms of not only clearly defining current threats and threats to cyber security, but also mechanisms public policy, including symmetric cyber measures; research on the protection of critical infrastructure from cyberattacks; promoting the development of domestic innovative products that can be used to strengthen the cybersecurity of the state; completion of the implementation of the provisions of the Council of Europe Convention on Cybercrime into national law; optimization of the training system in the field of cybersecurity for the needs of the Armed Forces of Ukraine and other bodies of the security and defense sector of Ukraine; promoting a more active policy of state security institutions to inform the public about cyber threats; promoting the militarization of cyberspace; support for both existing multilateral training sessions on countering cyberattacks on the state information infrastructure, and initiating new types of such training sessions. Key words:cybersecurity, cyberspace, state policy, cybersecurity policy, cybercrime.