What Ukraine Taught NATO about Hybrid Warfare

Russia’s invasion of Ukraine in 2022 forced the United States and its NATO partners to be confronted with the impact of hybrid warfare far beyond the battlefield. Targeting Europe’s energy security, Russia’s malign influence campaigns and malicious cyber intrusions are affecting global gas prices, driving up food costs, disrupting supply chains and grids, and testing US and Allied military mobility. This study examines how hybrid warfare is being used by NATO’s adversaries, what vulnerabilities in energy security exist across the Alliance, and what mitigation strategies are available to the member states. Cyberattacks targeting the renewable energy landscape during Europe’s green transition are increasing, making it urgent that new tools are developed to protect these emerging technologies. No less significant are the cyber and information operations targeting energy security in Eastern Europe as it seeks to become independent from Russia. Economic coercion is being used against Western and Central Europe to stop gas from flowing. China’s malign investments in Southern and Mediterranean Europe are enabling Beijing to control several NATO member states’ critical energy infrastructure at a critical moment in the global balance of power. What Ukraine Taught NATO about Hybrid Warfare will be an important reference for NATO officials and US installations operating in the European theater.https://press.armywarcollege.edu/monographs/1952/thumbnail.jp

Cybercrime and Risks for Cyber Physical Systems

Cyber Physical Systems (CPS) is the integration of computation and physical systems that make a complete system such as the network, software, embedded systems, and physical components. Major industries such as industrial plants, transport, national grid, and communication systems depend heavily on CPS for financial and economic growth. However, these components may have inherent threats and vulnerabilities on them that may run the risk of being attacked, manipulated or exploited by cyber attackers and commit cybercrimes. Cybercriminals in their quest to bring down these systems may cause disruption of services either for fame, data theft, revenge, political motive, economic war, cyber terrorism, and cyberwar. Therefore, identifying the risks has become imperative in mitigating the cybercrimes. This paper seeks to identify cybercrimes and risks that are associated with a smart grid business application system to determine the motives and intents of the cybercriminal. The paper identified four goals to mitigate the risks: as business value, organizational requirements, threat agent and impact vectors. We used the Analytical Hierarchy Process (AHP) to determine the importance of the goals that contribute to identifying cybercrime and risks in CPS. For the results, a case study is used to identify the threat and vulnerable spots and the prioritized goals are then used to assess the risks using a semi-quantitative approach to determine the net threat level. The results indicate that using the AHP approach to identify cybercrime and risk on CPS provides specific risk mitigation goals

False Data Injection Impact on High RES Power Systems with Centralized Voltage Regulation Architecture

The increasing penetration of distributed generation (DG) across power distribution networks (DNs) is forcing distribution system operators (DSOs) to improve the voltage regulation capabilities of the system. The increase in power flows due to the installation of renewable plants in unexpected zones of the distribution grid can affect the voltage profile, even causing interruptions at the secondary substations (SSs) with the voltage limit violation. At the same time, widespread cyberattacks across critical infrastructure raise new challenges in security and reliability for DSOs. This paper analyzes the impact of false data injection related to residential and non-residential customers on a centralized voltage regulation system, in which the DG is required to adapt the reactive power exchange with the grid according to the voltage profile. The centralized system estimates the distribution grid state according to the field data and provides the DG plants with a reactive power request to avoid voltage violations. A preliminary false data analysis in the context of the energy sector is carried out to build up a false data generator algorithm. Afterward, a configurable false data generator is developed and exploited. The false data injection is tested in the IEEE 118-bus system with an increasing DG penetration. The false data injection impact analysis highlights the need to increase the security framework of DSOs to avoid facing a relevant number of electricity interruptions

Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency (NATO COE-DAT Handbook 1)

In 2014 NATO’s Center of Excellence-Defence Against Terrorism (COE-DAT) launched the inaugural course on “Critical Infrastructure Protection Against Terrorist Attacks.” As this course garnered increased attendance and interest, the core lecturer team felt the need to update the course in critical infrastructure (CI) taking into account the shift from an emphasis on “protection” of CI assets to “security and resiliency.” What was lacking in the fields of academe, emergency management, and the industry practitioner community was a handbook that leveraged the collective subject matter expertise of the core lecturer team, a handbook that could serve to educate government leaders, state and private-sector owners and operators of critical infrastructure, academicians, and policymakers in NATO and partner countries. Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency is the culmination of such an effort, the first major collaborative research project under a Memorandum of Understanding between the US Army War College Strategic Studies Institute (SSI), and NATO COE-DAT. The research project began in October 2020 with a series of four workshops hosted by SSI. The draft chapters for the book were completed in late January 2022. Little did the research team envision the Russian invasion of Ukraine in February this year. The Russian occupation of the Zaporizhzhya nuclear power plant, successive missile attacks against Ukraine’s electric generation and distribution facilities, rail transport, and cyberattacks against almost every sector of the country’s critical infrastructure have been on world display. Russian use of its gas supplies as a means of economic warfare against Europe—designed to undermine NATO unity and support for Ukraine—is another timely example of why adversaries, nation-states, and terrorists alike target critical infrastructure. Hence, the need for public-private sector partnerships to secure that infrastructure and build the resiliency to sustain it when attacked. Ukraine also highlights the need for NATO allies to understand where vulnerabilities exist in host nation infrastructure that will undermine collective defense and give more urgency to redressing and mitigating those fissures.https://press.armywarcollege.edu/monographs/1951/thumbnail.jp

Impacts and Risk of Generative AI Technology on Cyber Defense

Generative Artificial Intelligence (GenAI) has emerged as a powerful technology capable of autonomously producing highly realistic content in various domains, such as text, images, audio, and videos. With its potential for positive applications in creative arts, content generation, virtual assistants, and data synthesis, GenAI has garnered significant attention and adoption. However, the increasing adoption of GenAI raises concerns about its potential misuse for crafting convincing phishing emails, generating disinformation through deepfake videos, and spreading misinformation via authentic-looking social media posts, posing a new set of challenges and risks in the realm of cybersecurity. To combat the threats posed by GenAI, we propose leveraging the Cyber Kill Chain (CKC) to understand the lifecycle of cyberattacks, as a foundational model for cyber defense. This paper aims to provide a comprehensive analysis of the risk areas introduced by the offensive use of GenAI techniques in each phase of the CKC framework. We also analyze the strategies employed by threat actors and examine their utilization throughout different phases of the CKC, highlighting the implications for cyber defense. Additionally, we propose GenAI-enabled defense strategies that are both attack-aware and adaptive. These strategies encompass various techniques such as detection, deception, and adversarial training, among others, aiming to effectively mitigate the risks posed by GenAI-induced cyber threats

Autonomous Vehicles in Road Tunnels : A Risk Safety Perspective

This study examines the challenges associated with deploying autonomous vehicles (AVs) in road tunnels, focusing on both operational aspects and vehicle-human interaction. This work explored that road tunnels present unique constraints, such as limited visibility and confined spaces, which necessitate careful consideration for AV integration. It is observed that factors like varying light conditions and restricted communication capabilities within tunnels impact AVs' performance. Additionally, the study investigates and categorizes challenges related to tunnel geometries, infrastructure modifications, sensor technologies, emergency situations, and human-machine interaction. Furthermore, this work comprehensively explored academic and non-academic literature, gathering contemporary knowledge on AVs in road tunnels in one place to provide a foundational base for researchers on this topic. In this regard, the adopted methodological framework is also presented for researchers' review. The other notable contribution is to specifically highlight the critical operational issues of human-AV interaction in tunnel environments. In the last section, it also proposes potential solutions to these issues. In doing so, it keeps the directional approach open for other researchers as there are insightful risk-related implications for further research in this significant domain

Russian Interference In The 2016 United States Presidential Election

This work addresses how and why Russia interfered in the United States 2016 presidential election, and identifies a larger pattern of behavior that helps explain this action. Though Russia’s cyberattack defies precedent with regard to Russia-US geopolitical relations, it comes as the latest iteration of Russian cyberwarfare and intelligence warfare on its adversaries. In particular, Russia’s interference in US politics grew out of the tactics and networks developed in “Cyber War I,” waged by Russia on Estonia in 2007, and from Russia’s interference in Ukrainian political systems since 2014. To accomplish its ends, Russia perpetrated cyberattacks on state election systems and national industry infrastructure, disseminated foreign and domestic propaganda campaigns, hacked the computer systems of political networks, and attempted to recruit American citizens as assets, particularly key members of the Trump campaign team