An emergent security risk : critical infrastructures and information warfare

This paper examines the emergent security risk that information warfare poses to critical infrastructure systems, particularly as governments are increasingly concerned with protecting these assets against attack or disruption. Initially it outlines critical infrastructure systems and the notion of information warfare. It then discusses the potential implications and examining the concerns and vulnerabilities such cyber attacks would pose, utilising exemplar online attack occurrences. It then examines the current Australian situation before suggesting some considerations to mitigate the potential risk that information warfare poses to critical infrastructure systems, and by association: government, industry and the wider community.<br /

Towards Managing and Understanding the Risk of Underwater Terrorism

This dissertation proposes a methodology to manage and understand the risk of underwater terrorism to critical infrastructures utilizing the parameters of the risk equation. Current methods frequently rely on statistical methods, which suffer from a lack of appropriate historical data to produce distributions and do not integrate epistemic uncertainty. Other methods rely on locating subject matter experts who can provide judgment and then undertaking an associated validation of these judgments. Using experimentation, data from unclassified successful, or near successful, underwater attacks are analyzed and instantiated as a network graph with the key characteristics of the risk of terrorism represented as nodes and the relationship between the key characteristics forming the edges. The values of the key characteristics, instantiated as the length of the edges, are defaulted to absolute uncertainty, the state where there is no information for, or against, a particular causal factor. To facilitate obtaining the value of the nodes, the Malice spectrum is formally defined which provides a dimensionless, methodology independent model to determine the value of any given parameter. The methodology produces a meta-model constructed from the relationships between the parameters of the risk equation, which determines a relative risk value

The Exigency and How to Improve and Implement International Humanitarian Legislations More Advantageously in Times of Both Cyber-warfare and Cyberspace

This study provides a synopsis of the following topics: the prospective limiters levied on cyber-warfare by present–day international legislation; significant complexities and contentions brought up in the rendering & utilization of International Humanitarian Legislation against cyber-warfare; feasible repercussions of cyber-warfare on humanitarian causes. It is also to be contended and outlined in this research study that non–state actors can be held accountable for breaches of international humanitarian legislation committed using cyber–ordnance if sufficient resources and skill are made available. It details the factors that prosecutors and investigators must take into account when organizing investigations into major breaches of humanitarian legislation committed in cyber–space, as well as the jurisdictional components of transgressions of the rules and L.o.A.C (Legislation of Armed Conflict). Due to the limitations imposed by both time and space, the planned analysis cannot be thorough; rather, it will have to remain conservative and concentrate on providing a basic grasp of the topics that are most pertinent to the modern practice of statecraft. Furthermore, given the technical and statutory complication of the subject matter as well as the fact that legal research remains in its infancy, the aspiration of this study should remain low to distinguishing matters and placing those in framework. It cannot be the goal of this study to magisterially resolute the prevailing issues that have arisen

Experimentation methodology for evaluating operational INFOCON implementations

Information Operation Condition (INFOCON) implementations and specifically the impact these implementations can have on warfighting command and control processes are not yet widely understood or appreciated by the majority of the operating forces. INFOCON actions are designed to heighten or reduce defensive posture uniformly, to defend against computer network attacks, and to mitigate sustained damage to the DoD infrastructure. Experimentation is required to explore the effects on certain command and control processes under various INFOCON conditions. This thesis explored requirements for conducting these INFOCON experiments and resulted in the development of an INFOCON experimental design methodology that can be used as a framework for designing and conducting INFOCON experiments in the field. INFOCON experimentation will provide insights and a better understanding of the effects that these implementations will have on the ability of a commander to command and control his or her forces.http://archive.org/details/experimentationm109451088

A Quantitative Research Study on Probability Risk Assessments in Critical Infrastructure and Homeland Security

This dissertation encompassed quantitative research on probabilistic risk assessment (PRA) elements in homeland security and the impact on critical infrastructure and key resources. There are 16 crucial infrastructure sectors in homeland security that represent assets, system networks, virtual and physical environments, roads and bridges, transportation, and air travel. The design included the Bayes theorem, a process used in PRAs when determining potential or probable events, causes, outcomes, and risks. The goal is to mitigate the effects of domestic terrorism and natural and man-made disasters, respond to events related to critical infrastructure that can impact the United States, and help protect and secure natural gas pipelines and electrical grid systems. This study provides data from current risk assessment trends in PRAs that can be applied and designed in elements of homeland security and the criminal justice system to help protect critical infrastructures. The dissertation will highlight the aspects of the U.S. Department of Homeland Security National Infrastructure Protection Plan (NIPP). In addition, this framework was employed to examine the criminal justice triangle, explore crime problems and emergency preparedness solutions to protect critical infrastructures, and analyze data relevant to risk assessment procedures for each critical infrastructure identified. Finally, the study addressed the drivers and gaps in research related to protecting and securing natural gas pipelines and electrical grid systems

An Integrated Cybersecurity Risk Management (I-CSRM) Framework for Critical Infrastructure Protection

Risk management plays a vital role in tackling cyber threats within the Cyber-Physical System (CPS) for overall system resilience. It enables identifying critical assets, vulnerabilities, and threats and determining suitable proactive control measures to tackle the risks. However, due to the increased complexity of the CPS, cyber-attacks nowadays are more sophisticated and less predictable, which makes risk management task more challenging. This research aims for an effective Cyber Security Risk Management (CSRM) practice using assets criticality, predication of risk types and evaluating the effectiveness of existing controls. We follow a number of techniques for the proposed unified approach including fuzzy set theory for the asset criticality, machine learning classifiers for the risk predication and Comprehensive Assessment Model (CAM) for evaluating the effectiveness of the existing controls. The proposed approach considers relevant CSRM concepts such as threat actor attack pattern, Tactic, Technique and Procedure (TTP), controls and assets and maps these concepts with the VERIS community dataset (VCDB) features for the purpose of risk predication. Also, the tool serves as an additional component of the proposed framework that enables asset criticality, risk and control effectiveness calculation for a continuous risk assessment. Lastly, the thesis employs a case study to validate the proposed i-CSRM framework and i-CSRMT in terms of applicability. Stakeholder feedback is collected and evaluated using critical criteria such as ease of use, relevance, and usability. The analysis results illustrate the validity and acceptability of both the framework and tool for an effective risk management practice within a real-world environment. The experimental results reveal that using the fuzzy set theory in assessing assets' criticality, supports stakeholder for an effective risk management practice. Furthermore, the results have demonstrated the machine learning classifiers’ have shown exemplary performance in predicting different risk types including denial of service, cyber espionage, and Crimeware. An accurate prediction can help organisations model uncertainty with machine learning classifiers, detect frequent cyber-attacks, affected assets, risk types, and employ the necessary corrective actions for its mitigations. Lastly, to evaluate the effectiveness of the existing controls, the CAM approach is used, and the result shows that some controls such as network intrusion, authentication, and anti-virus show high efficacy in controlling or reducing risks. Evaluating control effectiveness helps organisations to know how effective the controls are in reducing or preventing any form of risk before an attack occurs. Also, organisations can implement new controls earlier. The main advantage of using the CAM approach is that the parameters used are objective, consistent and applicable to CPS

Vulnerability assessment of modern ICT infrastructure from an information warfare perspective.

Ph. D. University of KwaZulu-Natal, Durban 2011.The overall objective of the study is to provide a vulnerability assessment of the mobile communications infrastructure to information warfare attacks; this study has a South African focus. The mobile infrastructure was selected as the infrastructure and mobile devices incorporate the majority of modern ICT technologies, namely social networking, wireless connectivity and mobility, mass storage, as well as the telecommunications elements. The objectives of the study are to: Propose a new information warfare model, and from this deduce a vulnerability assessment framework from the specific information warfare perspective. These are the guiding frameworks and model for the study. Gather information regarding threats and vulnerabilities, with particular focus on potential use in information warfare and relevance to South Africa. Establish the criticality of the mobile infrastructure in South Africa. Use the gathered information in the vulnerability assessment, to assess the vulnerability of the mobile infrastructure and related devices and services. The model and framework are generated through desk-based research. The information is gathered from research protocols that are relevant to both research and risk and vulnerability assessment, these include: expert input through interviews and a research workshop, incident and trend analyses through news and vendor reports and academic publishing, computer simulation, questionnaire survey, and mathematical analyses. The information is then triangulated by using it in the vulnerability assessment. The primary and secondary data shows that attacks on confidentiality are the most prevalent for both computer-based networks and the mobile infrastructure. An increase in threats and incidents for both computer and mobile platforms is being seen. The information security trends in South Africa indicate that the existing security concerns are likely to worsen, in particular the high infection rates. The research indicates that the mobile infrastructure is critical in South Africa. The study validates the proposed framework, which indicates that South Africa is vulnerable to an information warfare attack in general. Key aspects of vulnerability in the mobile infrastructure are highlighted; the apparent high load of the mobile infrastructure in South Africa can be seen as a high risk vulnerability. Suggestions to mitigate vulnerabilities and threats are provided

From cyber-utopia to cyber-war: normative change in cyberspace

This dissertation analyzes a normative change in state perception and political action towards the Internet. This change is currently reflected in certain measures aimed at the exercise of control and state sovereignty in and over cyberspace. These include phenomena such as the total surveillance of data streams and the extensive collection of connection data by secret services, the control (political censorship) and manipulation of information (information war) as well as the arms spiral around offensive cyber capabilities to disrupt and destroy information infrastructures. States face a loss of control that they want to compensate for. The phenomenon of the perceived loss of control and the establishment of a norm of control (filter and monitoring technology) is equally evident in various democratic and non-democratic states, as various studies show. This militarized perception of the Internet is remarkable in so far as Western politicians used to perceive the same Internet technology in the 1980s and 1990s in a completely different way. Back then the lack of state control was seen as desirable. Instead of controlling and monitoring all aspects of the Internet, a "hands-off" and laissez-faire idea dominated political behavior at the time: the possibilities of democratization through information technologies, the liberalization of authoritarian societies through technology and the free availability of global knowledge. The idea of national control over communications technology was considered innovation-inhibiting, undemocratic and even technically impossible. The topic of this work is the interaction between state power and sovereignty (e.g. political control through information sovereignty) and digital technologies. The research question is: Which process led to the establishment of norms of control and rule (surveillance, censorship, cyber-war) with regard to the medium Internet? Furthermore, the question arises: What are the implications of this change in standards for the fundamental functioning of the Internet? The aim is to examine in detail the thesis of the militarization of cyberspace empirically on the basis of a longitudinal case study using the example of Internet development in the USA since the 1960s. An interdisciplinary and multi-theoretical approach is chosen from constructivist norms research and the Social Construction of Technology approach