From Russia with Love: Understanding the Russian Cyber Threat to U.S. Critical Infrastructure and What to Do about It

I. Introduction II. A Short History of Russian Hacking of U.S. Government Networks and Critical Infrastructure III. Unpacking the Ukraine Grid Hacks and Their Aftermath IV. Analyzing Policy Options to Help Promote the Resilience of U.S. Government Systems and Critical Infrastructure ... A. Contextualizing and Introducing Draft Version 1.1 of the NIST Cybersecurity Framework ... B. Operationalizing International Cybersecurity Norms on Critical Infrastructure ... C. Deterrence and a Path Forward ... 1. Publicize Benefits as Applied … 2. Publicize Exercise Results ... 3. Publicize Updates V. Conclusio

Curbing the Market for Cyber Weapons

President Obama recently warned that foreign governments, criminal syndicates and lone individuals are probing our financial, energy and public safety systems every day and that in a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home. \u27 Until recently, the technical challenges of identifying and exploiting U.S. computer vulnerabilities impeded all but the most powerful of nations from acquiring such capabilities. These impediments have vanished. Now, criminals, terrorists, and rogue nations can simply buy what they need in a booming online market for the most dangerous exploits of all: weaponized 0day exploits

Asymmetric Threats: Analyzing the Future of Nuclear Terrorism & Cyber Attacks; The Value of Deterrence Theory for Addressing the Challenges of Nuclear Terrorism in the age of 21st Century Cybersecurity

Given the rapid development and ease of access to technology, the threat of extremist organizations utilizing cyberspace as a means to target critical American strategic infrastructure is of increasing concern. The risk posed by the acquisition of fissile material, sabotage, or use of a nuclear device by an extremist organization has been exasperated due to technological development outpacing strategy. Despite policy-makers’ attempts to protect the public from cyber-attacks and nuclear terrorism, the federal policies in place have failed to account for the continual evolution of technology and the gaps in security that this advancement brings. Through examining documents from congressional and bureaucratic agencies using content analysis, this study examines whether or not policymakers, congressional or bureaucratic, use deterrence theory when they make policy, suggestions, rules, and guidelines. This thesis asks how U.S. policy regarding nuclear terrorism has changed given a rise in cyberthreats? This thesis also asks a second question: Which federal agency is most capable of dealing with cyberthreats concerning nuclear terrorism? The findings of this research concluded that as cyberthreats continued to develop, policymakers using deterrence theory shifted to using previous waves of deterrence theory, primarily dealing with rivalry and competitive threats. In addition, this research finds that intelligence agencies are the most capable federal agencies in proving guidelines and informing future policymakers

ARTIFICIAL INTELLIGENCE AND CYBER SECURITY – FACE TO FACE WITH CYBER ATTACK – A MALTESE CASE OF RISK MANAGEMENT APPROACH

The work paper aims to underline the benefits of using Artificial Intelligence to improve the business productivity, and in the same time to address awareness in order to overcome fear in exploring new technology, because of cyber-attacks. How vulnerable are businesses to computerization? 100%. Internet is a virtual space available for everyone. Storing data on any device that can be connected to the internet can become vulnerable in any given second. This article comes to show how we can use cybersecurity to protect our business, presenting in the same time cases of risk management form Malta

Evaluation of the 2015 DoD Cyber Strategy: Mild Progress in a Complex and Dynamic Military Domain

In 2011, the Department of Defense (DoD) released its Strategy for Operating in Cyberspace, which officially recognized cyberspace as an operational domain akin to the traditional military domains of land, sea, air, and space. This monograph examines the 2015 DoD Cyber Strategy to evaluate how well its five strategic goals and associated implementation objectives define an actionable strategy to achieve three primary missions in cyberspace: defend the DoD network, defend the United States and its interests, and develop cyber capabilities to support military operations. This monograph focuses on events and documents from the period of about 1 year before and 1 year after the 2015 strategy was released. This allows sufficient time to examine the key policies and guidance that influenced the development of the strategy as well as follow-on activities for the impacts from the strategy. This inquiry has five major sections that utilize different frameworks of analysis to assess the strategy: 1. Prima Facie Analysis: What is its stated purpose and key messages? 2. Historical Context Analysis: What unique contributions does it introduce into the evolution of national security cyberspace activities? 3. Traditional Strategy Analysis: Does it properly address specific DoD needs as well as broader U.S. ends in a way that is appropriate and actionable? 4. Analysis of Subsequent DoD Action: How are major military cyberspace components—joint and Service—planning to implement these goals and objectives? 5. Whole of U.S. Government Analysis: Does it integrate with the cyberspace-related activities of other U.S. Government departments and agencies? The monograph concludes with a section that integrates the individual section findings and offers recommendations to improve future cyberspace strategic planning documents.https://press.armywarcollege.edu/monographs/1401/thumbnail.jp

Transnational State-sponsored Cyber Economic Espionage: A Legal Quagmire

Transnational state-sponsored cyber economic espionage poses a threat to the economy of developed countries whose industry is largely reliant on the value of information. In the face of rapid technological development facilitating cyber economic espionage from afar on a massive scale, the law has not developed apace to effectively address this problem. Applicable United States domestic laws have been ineffective in addressing the problem due to lack of enforcement jurisdiction, sovereign immunity, and inability to hold the state sponsor accountable. Customary international law principles offer little help in combatting the issue, as countermeasures are typically unavailable since espionage may not be ongoing by the time a victimized state can confidently attribute it to a state and retortions are a relatively weak response. Although existing treaties have not been effective in addressing this problem, a multilateral global treaty specifically addressing transnational state-sponsored cyber economic espionage may be a promising way forward

Cyber as a deterrent: utilizing offensive cyber capabilities in NATO's deterrence posture

Due to the lack of attention on the strategic benefits offensive cyber capabilities hold and how they could be used as deterrents, the purpose of this paper is to contribute to the strategic thought on utilizing offensive cyber capabilities as means of cross-domain deterrence and more specifically how NATO could adopt that approach to bolster its deterrence posture. For this a case-study is conducted on NATO and its members who have offered their national cyber capabilities for NATO’s use. It was discovered that NATO has the potential enhancing its deterrence posture through the utilization of offensive cyber capabilities as means of deterrence based on the conditions set by the mainstream deterrence theories. Therefore, NATO should start with acknowledging the offensive cyber capabilities as means of its cross-domain deterrence. Second, it and the Allies should share the same understanding and communicate a clear unified message to the adversary on which effects are they willing to relay and how thereby offensive cyber operations are perceived. However, the classical deterrence theories fall short on explaining how exactly means with clandestine nature can be presented as a deterrent to the enemy. Furthermore, how to create the deterrent cyber threat by holding the functionality of the enemy’s infrastructure – which should achieve strategic effects if targeted – at risk. This confirmed the hypothesis that the classical deterrence theories neglect to explain how to develop offensive cyber capabilities into credible deterrents. Therefore, it was illuminated that the existing deterrence theory needs to be improved by acknowledging particularly two distinct features that offensive cyber capabilities hold: clandestine nature and that depending on the expected effect, the process of deploying the offensive cyber capability can be time consuming. Regarding the second feature, it requires to answer questions on how to hold the enemy at risk by threatening to harm with offensive cyber means its critical infrastructure – which should have greater strategic effect if targeted, but attacking it successfully may require long time to develop the tailored cyber weapon through - and if presence-based offensive approach is required, how to communicate that to the adversary without increasing instability between the actors.https://www.ester.ee/record=b5243332*es

Intrusion Prevention And Detection in Small to Medium-Sized Enterprises

This paper will examine in depth the reluctance of small to medium-sized enterprises (SMEs) to implement cybersecurity measures amidst the growing threat of cyberattacks. Small businesses encompass the vast majority of for profit and nonprofit organizations in the world. Due to the growing connectedness of the global economy through the Internet and e-business, the reluctance of SMEs to invest in security measures threatens the very existence of many organizations and their partners. The detection and defense against attacks through intrusion detection systems (IDS) and intrusion prevention systems (IPS) are two solutions that assist in detecting and deflecting potential breaches of security. An extensive look at how both IDS and IPS can provide meaningful solutions to SMEs through their visibility and control measures (including their unique characteristics, applications, and limitations) will be explored

Strategies for Mitigating Cyberattacks Against Small Retail Businesses

Abstract Small retail businesses are increasingly becoming targets for social media cyberattacks, often losing profitability when forced to close operations after a cyberattack. Small retail business leaders are concerned with the negative impact of cyberattacks on firms’ viability and competitiveness. Grounded in general systems theory, the purpose of this qualitative multiple-case study was to explore strategies retail leaders use to deter social media cyberattacks. The participants were 11 small retail business leaders. Data were collected using semistructured interviews and analyzed using thematic analysis. Three themes emerged: using multiple strategies to deter social media cyberattacks, importance of training regarding cybersecurity best practices, and the need for a contingency plan. A key recommendation is for small retail business leaders to provide employees and customers with training regarding proper cybersecurity protocols. The implications for positive social change include the potential to improve cybersecurity measures and enhance a small business’ viability and employment opportunities, positively impacting local communities and tax revenues