Cyber warfare: African research must address emerging reality

This thematic report sets out the case for why studies in cyber security and cyber conflict need to be prominent in the African digital transformation research agenda.CA2016www.wits.ac.za/linkcentre/aji

The Authority of Government in Clearing Hatefull and Hostilities Electronic Information Based on Tribe, Relegion, Race and Intergroup

The Act Number 19 of 2016 concerning the amendment of The Act Number 11 of 2008 concerning Information and Electronic Transaction governing the authority of government in clearing hateful and hostilities electronic information based on tribe, religion, race and intergroup. On the one hand, the government authority aims to protect the public interest and the integrity of the nation, but on the other hand, termination of access to information would restrict the right to freedom of opinion and the right to privacy of Internet users. This study was a normative legal research, which examined the basic authority for the government to shut down negative content in cyberspace. Legal materials were collected through library research. The analysis was conducted qualitatively. This study examined three issues, namely; spreading hatred and hostility in cyberspace, legality government to close the spreading hatred and hostility and electronic evidence in spreading hatred and hostility. Spreading hatred and hostility were criminal acts that used the Internet as facilities. Internet was used by extremists to disseminate his teachings, even being used to commit acts of terrorism (cyber terrorism). In maintaining the unity and integrity, then the government had the authority to shut down access to the unlawful electronic system. The closure should be accompanied by proof of electronic information that contains hatred and hostility based on tribe, religion, race and intergrou

Skjevt ut fra hoppkanten? Myndighetenes organisering av sikkerhet i cyberdomenet

Digitalisering og globalisering har bidratt til et enklere og mer effektivt samfunn, men også økt sårbarheten. Utviklingen påvirker trusselbildet og har introdusert nye sikkerhetsutfordringer. Det tradisjonelle skillet mellom indre og ytre sikkerhet, fred og krig er mindre tydelig enn før. Grensesnittet mellom stat- og samfunnssikkerhet er krevende. Her ligger kjernen i statens utfordring. Hvordan fordele ansvar når norsk sikkerhetsarkitektur organiseres etter sektorprinsippet? Digitaliseringen skaper store utfordringer med å avdekke hvem som står bak en hendelse i cyber. Studiets problemstilling omhandler tilpasninger til det endrede trusselbilde og ser på hvilke faktorer som påvirker myndighetenes veivalg i form av lovutvikling og organisering av sikkerhetsarkitekturen i cyber. Datainnsamlingen er i all hovedsak fra offentlige dokumenter som trusselvurderinger, offentlige utredninger, forarbeider og høringssvar. Først sees det på utviklingen i cyberdomenet, både fra akademia og myndighetene. Så gjennomgås tilpasninger til det nye scenario ved analyse av forarbeidene til to lovforslag, Etterretningstjenesteloven og Fullmaktsloven. Sist sees det på oppståtte gråsonescenario som følge av det utvidede trusselbilde og myndighetens plassering av ansvar. Myndighetenes situasjonsforståelse bygger på at statlige aktører representerer den største trusselen. Det fremmes likevel at majoriteten av cyberangrep er kriminalitet. Politiet, som er primæraktøren innen samfunnssikkerhet utgir ingen offentlige trusselvurderinger. Narrativet kan således sies "å eies" av EOS tjenestene. Dette kan påvirke lovutviklingen. Fellesnevneren for begge lovforslagene er at de utfordrer grunnleggende prinsipper som rettssikkerhet og maktfordeling vårt liberale demokrati er tuftet på. Oppgaven redegjør for at det i høringsrundene ble reist en rekke grunnleggende spørsmål om ansvarsfordeling, gråsoneproblematikk og hjemmelsgrunnlag. Fordi trusselaktør er vanskelig å identifisere i cyber, oppstår et behov for tverrsektorielle løsninger. Spesielt Nasjonal sikkerhetsmyndighet har fått en utvidet rolle i å ivareta cybersikkerheten. Utvidelse av mandatet kan øke gråsonen hva gjelder hvem som er ansvarlig for hva og til hvilken tid. Dagens sikkerhetsarkitektur kan fremstå som overlappende og til dels uoversiktlig. Trusselbildet bør sees i dimensjoner og ikke sekvensielt. Fordi statlige aktører utpekes som den største trusselen oppfattes sikkerhetssituasjonen som eksistensiell. Frykt kan derfor medføre en aksept for statlig overvåkning i bytte mot frihet. Cyber kan i så måte være i ferd med å bli sikkerhetisert. Samfunnssikkerhetsrelaterte trusler er ikke definert og derav ikke vurdert i sin fulle bredde og betydning. Norsk sikkerhetsarkitektur tar tilsynelatende utgangspunkt i statlige aktører, og sektor- og ansvarsprinsippet tvinger ansvarsfordelingen inn i tradisjonelle strukturer. Følgen er at koordineringsutfordringene øker og statens totale ressurser søkes samordnet ved at tverrsektorielle institusjoner og sentre vokser, og motstandskraften mot trusselen i cyber kan fremstå som fragmentert.Digitisation and globalisation have made life easier and more efficient, but they have also increased our vulnerability. The nature of the threat picture is evolving while new threats emerge. The traditional division between internal and external security, war and peace is blurred. The interface between stateand public security is demanding and is at the core of the state’s challenge. How should responsibilities be divided when Norwegian security architecture is organised along sector lines? This thesis discusses how government authorities adapt to changed threat levels and what elements influence their decisions with respect to legislative changes and organisation of the country’s cybersecurity. Data has been collected mainly from threat assessments, government white papers, preparatory works and consultation responses. First, I discuss developments in cyberspace from the perspectives of both academia and government authorities. Then I discuss how the new scenario is reflected in two proposed new laws by analysing the preparatory works. Finally, I discuss the grey areas created by the extended threat picture and the adopted division of responsibilities. The current understanding is that other state actors represent the biggest threat. However, the vast majority of cyberattacks are criminal. The police, who are the primary actors in public security, do not publish threat assessments. Thus, it may be said that the narrative is “owned” by the intelligence, surveillance and security services, and this may shape legislation. The common denominator in both the new acts is that they challenge the fundamental principles, e.g. due process and power sharing, onwhich our liberal democracy is built. The thesis describes how, during the consultation phase, a number of fundamental issues were raised about division of responsibilities, grey areas and authorisation. Because threat actors in cyberspace are hard to identify, they require a multi-sectorial approach. The National Security Authority in particular, has been given an expanded role in protecting national cybersecurity. The expansion of their mandate may enlarge the grey area with respect to who is responsible for what and when. The current security architecture can appear overlapping and complex. Current threat should be analysed in dimensions, not sequentially, and because state actors are identified as representing the biggest threat, the threats facing us are considered existential. Fear can then lead to greater acceptance of state surveillance in exchange of freedom. In this way, cyberspace can be said to become “securitised”. Threats against public security are therefore not identified or discussed in necessary detail. Privateactors who on a global scale own and manage the vast majority of data, are not discussed in national threat assessments. This may lead to a “blind zone” in situational understanding. The security architecture in Norway is apparently built to counter state actors, and the sector principle of organising divides responsibilities along traditional sectorial lines. As a result, the challenges in coordinating efforts increase and the state seeks to coordinates its overall resources by enlarging multi-sectorialinstitutions and centres, and the forces combatting threats in cyberspace can appear fragmented

A Temporal Framework for Hypergame Analysis of Cyber Physical Systems in Contested Environments

Game theory is used to model conflicts between one or more players over resources. It offers players a way to reason, allowing rationale for selecting strategies that avoid the worst outcome. Game theory lacks the ability to incorporate advantages one player may have over another player. A meta-game, known as a hypergame, occurs when one player does not know or fully understand all the strategies of a game. Hypergame theory builds upon the utility of game theory by allowing a player to outmaneuver an opponent, thus obtaining a more preferred outcome with higher utility. Recent work in hypergame theory has focused on normal form static games that lack the ability to encode several realistic strategies. One example of this is when a player’s available actions in the future is dependent on his selection in the past. This work presents a temporal framework for hypergame models. This framework is the first application of temporal logic to hypergames and provides a more flexible modeling for domain experts. With this new framework for hypergames, the concepts of trust, distrust, mistrust, and deception are formalized. While past literature references deception in hypergame research, this work is the first to formalize the definition for hypergames. As a demonstration of the new temporal framework for hypergames, it is applied to classical game theoretical examples, as well as a complex supervisory control and data acquisition (SCADA) network temporal hypergame. The SCADA network is an example includes actions that have a temporal dependency, where a choice in the first round affects what decisions can be made in the later round of the game. The demonstration results show that the framework is a realistic and flexible modeling method for a variety of applications

The Global Encyclopaedia of Informality, Volume 2

Alena Ledeneva invites you on a voyage of discovery to explore society’s open secrets, unwritten rules and know-how practices. Broadly defined as ‘ways of getting things done’, these invisible yet powerful informal practices tend to escape articulation in official discourse. They include emotion-driven exchanges of gifts or favours and tributes for services, interest-driven know-how (from informal welfare to informal employment and entrepreneurship), identity-driven practices of solidarity, and power-driven forms of co-optation and control. The paradox, or not, of the invisibility of these informal practices is their ubiquity. Expertly practised by insiders but often hidden from outsiders, informal practices are, as this book shows, deeply rooted all over the world, yet underestimated in policy. Entries from the five continents presented in this volume are samples of the truly global and ever-growing collection, made possible by a remarkable collaboration of over 200 scholars across disciplines and area studies. By mapping the grey zones, blurred boundaries, types of ambivalence and contexts of complexity, this book creates the first Global Map of Informality. The accompanying database (www.in-formality.com) is searchable by region, keyword or type of practice, so do explore what works, how, where and why