Enhancing Strategic Information Security Management in Organizations through Information Warfare Practices

Today’s organizations use control-centred security management systems as a preventative shield against a broad spectrum of attacks. However, these have proven to be less effective against the customized and innovative strategies and operational techniques used by Advanced Persistent Threats (APTs). In this short paper we argue that to combat APTs, organizations need a strategic-level shift away from a traditional prevention-cantered approach to that of a response-cantered one. Drawing on the information warfare (IW) paradigm in military studies, and using Dynamic Capability Theory (DCT), this research examines the applicability of IW capabilities in the corporate domain. We propose a research framework to argue that conventional prevention-centred response capabilities; such as incident response capabilities and IW-centred security capabilities can be integrated into IW-enabled dynamic response capabilities that improve enterprise security performance

Cyber Security Classification Model Evaluation and Comparison

Cyber incidents can be defined as violations of explicit or implied policies that can include unauthorized access, disruption, unauthorized use, or changes to systems, networks, hardware, and software (US Cert, 2018). This description does not account for all possibilities and cyber incidents continue to evolve and increase in visibility for organizations (Pescatore, 2017). Cyber incidents can have real costs associated with them to governments, companies, and individuals. For instance, in December of 2013 Target Corp. reported a data breach of 40 million credit card accounts (Krebs, 2013). According to their 2016 SEC filings, it cost the company $291 million and hurt their reputation in the market (Herberger, 2016). Another great example would be the StuxNet attack where a worm was able to physically damage lab equipment required to develop nuclear weapons in Iran. The costs of lost national security, development time, and cost of the equipment were huge, but are not easily calculated (Kushner, 2013). Further the recent cyber incident at Equifax, where on September 7th of 2017 an estimated 143 million U.S. consumers’ data was breached at Equifax. While this is costly to the organization it had larger implications for consumers and the economy (DeMarco, 2018)

Akıllı şehirlerdeki kritik altyapıların siber güvenliği

Smart city is a trending topic that many researchers from different disciplines are interested in. Even though it is supposed to be a study field of public administration, it has also technical dimensions which are focused on by researchers from engineering sciences. On the other hand, there is a security dimension of smart cities which has a boundary that includes multidisciplinary contributions. The security of cities has been an essential issue throughout the ages, but with the emergence of smart cities, the development of internet and communication technologies, and as a consequence of interconnection of critical infra structures in the smart cities, a new dimension of security has been emerged as the headline of security studies. This headline is cyber security. This study aims to investigate cyber security issues in smart cities particularly focusing on critical infrastructures and presents a recommendatory model for providing cyber security of critical infrastructures in smart cities.Akıllı şehir birçok farklı alandan araştırmacıların ilgisini çeken popüler bir konudur. Kamu yönetimi alanında bir çalışma alanı olmasına rağmen, mühendislik bilimlerindeki araştırmacılar tarafından odaklanılan teknik boyutlara da sahiptir. Öte yandan, çok disiplinli katkıları içeren bir sınırı olan akıllı şehirlerin bir de güvenlik boyutu vardır. Şehirlerin güvenliği, çağlar boyunca önemli bir mesele olmuştur, ancak akıllı şehirlerin ortaya çıkması, internet ve iletişim teknolojilerinin gelişimi ve akıllı şehirlerdeki kritik alt yapıların sanal ağlarla birbirlerine bağlanması sonucunda, güvenliğin yeni bir boyutu güvenlik çalışmalarının ana başlığı haline gelmiştir. Bu başlık siber güvenliktir. Bu çalışma, akıllı şehirlerde özellikle kritik altyapılara odaklanan siber güvenlik meselelerini sorgulamayı amaçlamakta ve akıllı şehirlerdeki kritikaltyapıların siber güvenliğini sağlamak için öneri niteliğinde bir model ortaya koymaktadır

A Hierarchical Statistical Framework for the Extraction of Semantically Related Words in Textual Documents

Nowadays there exist a lot of documents in electronic format on the Internet, such as daily news, blog articles, messages posted online, even books and magazines. The information that can be extracted from these documents is of particular importance to several agencies and companies (e.g. security agencies, insurance companies, advertising and marketing companies, etc.). In the case of security, for instance, recent studies have shown that cyber criminals generally exchange their experiences and knowledge via media such as forums and blogs. These exchanged data, if well extracted and modeled, can provide significant clues to agencies operating in the security field. However, managing and processing the huge quantity of multimodal (i.e. image, video, text, audio) information present on the Web is a challenging task. In this thesis, we focus on textual data for which many statistical language modeling frameworks have been developed to facilitate the management of digitized texts. Many of these approaches have achieved great performances on various applications. However, most of them have focused on modeling documents individually, while in real world most documents are related, organized and archived into categories according to their themes. The main goal of this thesis is to propose a hierarchical statistical model to analyze documents collections, characterized by a hierarchical structure, to find hidden information and detect potential threats according to them. The proposed model is part of a large cyber security forensics system that we are designing to discover and capture potential security threats by retrieving and analyzing data gathered from the Web. Our approach models each node in a given textual collection using advanced statistical techniques and allows capturing the semantic information hidden inside it. In particular, a log-bilinear model is adopted to describe words in vector space in such a way that their correlations can be discovered and derived, from their representations, at each level of the hierarchical structure. Experimental results on real world data illustrate the merits of our model and its efficiency in extracting hidden semantic information from documents collections

Classification of text documents and extraction of semantically related words using hierarchical Latent Dirichlet Allocation

The amount of available data in our world has been exploding lately. Effectively managing large and growing collections of information is of utmost importance because of criticality and importance of these data to different entities and companies (government, security, education, tourism, health, insurance, finance, etc.). In the field of security, many cyber criminals and victims alike share their experiences via forums, social media and other cyber platforms. These data can in fact provide significant information to people operating in the security field. That is why more and more computer scientists turned to study data classification and topic models. However, processing and analyzing all these data is a difficult task. In this thesis, we have developed an efficient machine learning approach based on hierarchical extension of the Latent Dirichlet Allocation model to classify textual documents and to extract semantically related words. A variational approach is developed to infer and learn the different parameters of the hierarchical model to represent and classify our data. The data we are dealing with in the scope of this thesis is textual data for which many frameworks have been developed and will be looked at in this thesis. Our model is able to classify textual documents into distinct categories and to extract semantically related words in a collection of textual documents. We also show that our proposed model improves the efficiency of the previously proposed models. This work is part of a large cyber-crime forensics system whose goal is to analyze and discover all kind of information and data as well as the correlation between them in order to help security agencies in their investigations and help with the gathering of critical data

REDESIGNING THE COUNTER UNMANNED SYSTEMS ARCHITECTURE

Includes supplementary material. Please contact [email protected] for access.When the Islamic State used Unmanned Aerial Vehicles (UAV) to target coalition forces in 2014, the use of UAVs rapidly expanded, giving weak states and non-state actors an asymmetric advantage over their technologically superior foes. This asymmetry led the Department of Defense (DOD) and the Department of Homeland Security (DHS) to spend vast sums of money on counter-unmanned aircraft systems (C-UAS). Despite the market density, many C-UAS technologies use expensive, bulky, and high-power-consuming electronic attack methods for ground-to-air interdiction. This thesis outlines the current technology used for C-UAS and proposes a defense-in-depth framework using airborne C-UAS patrols outfitted with cyber-attack capabilities. Using aerial interdiction, this thesis develops a novel C-UAS device called the Detachable Drone Hijacker—a low-size, weight, and power C-UAS device designed to deliver cyber-attacks against commercial UAVs using the IEEE 802.11 wireless communication specification. The experimentation results show that the Detachable Drone Hijacker, which weighs 400 grams, consumes one Watt of power, and costs $250, can interdict adversarial UAVs with no unintended collateral damage. This thesis recommends that the DOD and DHS incorporates aerial interdiction to support its C-UAS defense-in-depth, using technologies similar to the Detachable Drone Hijacker.DASN-OE, Washington DC, 20310Captain, United States Marine CorpsApproved for public release. Distribution is unlimited

The threat of ransomware in the food supply chain: a challenge for food defence

In the food industry, the level of awareness of the need for food defence strategies has accelerated in recent years, in particular, mitigating the threat of ransomware. During the Covid-19 pandemic there were a number of high-profile organised food defence attacks on the food industry using ransomware, leading to imperative questions over the extent of the sector’s vulnerability to cyber-attack. This paper explores food defence through the lens of contemporary ransomware attacks in order to frame the need for an effective ransomware defence strategy at organisational and industry level. Food defence strategies have historically focused on extortion and sabotage as threats, but often in terms of physical rather than cyber-related attacks. The globalisation, digitalisation and integration of food supply chains can increase the level of vulnerability to ransomware. Ransomware is an example of an organised food defence threat that can operationalise both extortion and sabotage, but the perpetrators are remote, non-visible and often anonymous. Organisations need to adopt an effective food defence strategy that reduces the risk of a ransomware attack and can enable targeted and swift action in the event an incident occurs. Further collaboration between government and the private sector is needed for the development of effective governance structures addressing the risk of ransomware attacks. The novelty of this article lies in analysing the issue of ransomware attacks from the perspective of the food sector and food defence strategy. This study is of potential interest to academics, policy makers and those working in the industry

The Profession of IT Discussing Cyber Attack

Comm. of the ACM, Vol. 53, No. 9, Sept. 2010.The article of record as published may be located at http://dx.doi.org/10.1145/1810891.181090