Cyber Infrastructure Protection: Vol. II

View the Executive SummaryIncreased reliance on the Internet and other networked systems raise the risks of cyber attacks that could harm our nation’s cyber infrastructure. The cyber infrastructure encompasses a number of sectors including: the nation’s mass transit and other transportation systems; banking and financial systems; factories; energy systems and the electric power grid; and telecommunications, which increasingly rely on a complex array of computer networks, including the public Internet. However, many of these systems and networks were not built and designed with security in mind. Therefore, our cyber infrastructure contains many holes, risks, and vulnerabilities that may enable an attacker to cause damage or disrupt cyber infrastructure operations. Threats to cyber infrastructure safety and security come from hackers, terrorists, criminal groups, and sophisticated organized crime groups; even nation-states and foreign intelligence services conduct cyber warfare. Cyber attackers can introduce new viruses, worms, and bots capable of defeating many of our efforts. Costs to the economy from these threats are huge and increasing. Government, business, and academia must therefore work together to understand the threat and develop various modes of fighting cyber attacks, and to establish and enhance a framework to assess the vulnerability of our cyber infrastructure and provide strategic policy directions for the protection of such an infrastructure. This book addresses such questions as: How serious is the cyber threat? What technical and policy-based approaches are best suited to securing telecommunications networks and information systems infrastructure security? What role will government and the private sector play in homeland defense against cyber attacks on critical civilian infrastructure, financial, and logistical systems? What legal impediments exist concerning efforts to defend the nation against cyber attacks, especially in preventive, preemptive, and retaliatory actions?https://press.armywarcollege.edu/monographs/1527/thumbnail.jp

ANTI-FRAGILE INFORMATION SYSTEMS

As complex socio-technical systems composed of many interconnected parts, interacting in non-linear, dynamic, emergent, and unexpected ways, Information Systems are fragile. In this paper we introduce the concept of antifragility as an alternative means of apprehending the fragility of Information Systems and a novel way of dealing with risk, uncertainty, and the unknown. Antifragility is the opposite of fragility. Antifragility allows us to go beyond robustness or resilience by moving away from a predictive mode of thinking and decision making to a mode that embraces the unknown and randomness and focuses on the characteristics that render systems fragile rather than trying to assess and predict the chain of events that may harm them. We propose a set of guidelines for moving from the fragile toward the antifragile and explore, for the processes of the IT function, their applications and the questions they raise for practice and research

Malware, a Device Under the 1988 SUA Convention

In 1988 the International Maritime Organization modernized international law in response to a vexing problem of the time—maritime terrorism. Before then, not all violent crimes against vessels amounted to piracy and therefore many maritime criminals escaped justice. To close this gap and facilitate the prosecution of those who endanger navigation, IMO member States enacted the 1988 Convention for the Suppression of Unlawful Acts Against the Safety of Maritime Navigation. More than three decades later, the 1988 SUA Convention may be useful to address a more modern problem—cyberattacks against commercial vessels. The 1988 treaty prohibits various acts against shipping, including the placement of a device on a ship when likely to cause damage that could endanger the ship’s navigation. This article explores whether this specific prohibition extends into the digital domain. It looks at the existing international regulatory framework meant to mitigate cyber threats and examines whether State parties of SUA may prosecute maritime malware cases that happen to breach the international regulatory framework. The article concludes that malware qualifies as a device under the treaty and advocates for the 166 State parties to incorporate SUA prosecutions into their maritime cyberattack response plans

The emotional infrastructure of a cybercrime collective:Evidence from Dark0de

Complex cybercrime markets face collective action problems. As they involve disparate networks of individuals, they cannot use in person persuasion or coercion to ensure cooperation. They face a tension between being open to new members and opportunities, and regulating participation. We propose that collective emotional regulation plays a crucial part in managing members’ behaviours within illicit marketspaces. We take one critical case, Dark0de, which was a leading English language cybercrime market. Drawing on a publicly available dataset of internal discussions, we use Qualitative Thematic Content Analysis and Conversational Analysis to investigate how through mutual emotion regulation, this cybercrime collective managed collective action dilemmas deriving from the context of its activity, containing conflict among members and fostering cooperation along with competition. We conclude that emotional micro-dynamics are key to maintaining cybercriminal marketplaces as relatively stable communities, circumscribing individuals’ actions and aligning them with emergent normative orders, enabling those communities to remain operable in adverse environments. Dark0de can be seen as a representative case for a category of digital environments where the community develops its own emotional ethnopsychology which uses displays of semi-ironic abuse and attack along with cooperation on emerging projects

Conceptualizing Cybercrime: Definitions, Typologies and Taxonomies

Cybercrime is becoming ever more pervasive and yet the lack of consensus surrounding what constitutes a cybercrime has a significant impact on society, legal and policy response, and academic research. Difficulties in understanding cybercrime begin with the variability in terminology and lack of consistency in cybercrime legislation across jurisdictions. In this review, using a structured literature review methodology, key cybercrime definitions, typologies and taxonomies were identified across a range of academic and non-academic (grey literature) sources. The findings of this review were consolidated and presented in the form of a new classification framework to understand cybercrime and cyberdeviance. Existing definitions, typologies and taxonomies were evaluated, and key challenges were identified. Whilst conceptualizing cybercrime will likely remain a challenge, this review provides recommendations for future work to advance towards a universal understanding of cybercrime phenomena as well as a robust and comprehensive classification system

Pervasively Distributed Copyright Enforcement

In an effort to control flows of unauthorized information, the major copyright industries are pursuing a range of strategies designed to distribute copyright enforcement functions across a wide range of actors and to embed these functions within communications networks, protocols, and devices. Some of these strategies have received considerable academic and public scrutiny, but much less attention has been paid to the ways in which all of them overlap and intersect with one another. This article offers a framework for theorizing this process. The distributed extension of intellectual property enforcement into private spaces and throughout communications networks can be understood as a new, hybrid species of disciplinary regime that locates the justification for its pervasive reach in a permanent state of crisis. This hybrid regime derives its force neither primarily from centralized authority nor primarily from decentralized, internalized norms, but instead from a set of coordinated processes for authorizing flows of information. Although the success of this project is not yet assured, its odds of success are by no means remote as skeptics have suggested. Power to implement crisis management in the decentralized marketplace for digital content arises from a confluence of private and public interests and is amplified by the dynamics of technical standards processes. The emergent regime of pervasively distributed copyright enforcement has profound implications for the production of the networked information society

Taxonomy of the Snowden Disclosures

This brief Essay offers a proposed taxonomy of the Snowden Disclosures. An informed discussion on the legality and constitutionality of the emerging cybersurveillance and mass dataveillance programs revealed by former NSA contractor Edward Snowden necessitates the furtherance of cybersurveillance aptitude. This Essay contends, therefore, that a detailed examination of the Snowden disclosures requires not just a careful inquiry into the legal and constitutional framework that guides the oversight of these programs. A close interrogation also requires a careful inquiry into the big data architecture that guides them. This inquiry includes examining the underlying theories of data science and the rationales of big data-driven policymaking that may drive the expansion of big data cybersurveillance. These technological, theoretical, and policymaking movements are occurring within what has been termed by scholars as the National Surveillance State. Better understanding the manner in which intelligence gathering may be shifting away from small data surveillance methods and toward the adoption of big data cybersurveillance methods—and assessing the efficacy of this shift—can factually ground future debates on how best to constrain comprehensive and ubiquitous surveillance technologies at the dawn of the National Surveillance State

Taxonomy of the Snowden Disclosures

This brief Essay offers a proposed taxonomy of the Snowden Disclosures. An informed discussion on the legality and constitutionality of the emerging cybersurveillance and mass dataveillance programs revealed by former NSA contractor Edward Snowden necessitates the furtherance of cybersurveillance aptitude. This Essay contends, therefore, that a detailed examination of the Snowden disclosures requires not just a careful inquiry into the legal and constitutional framework that guides the oversight of these programs. A close interrogation also requires a careful inquiry into the big data architecture that guides them. This inquiry includes examining the underlying theories of data science and the rationales of big data-driven policymaking that may drive the expansion of big data cybersurveillance. These technological, theoretical, and policymaking movements are occurring within what has been termed by scholars as the National Surveillance State. Better understanding the manner in which intelligence gathering may be shifting away from small data surveillance methods and toward the adoption of big data cybersurveillance methods—and assessing the efficacy of this shift—can factually ground future debates on how best to constrain comprehensive and ubiquitous surveillance technologies at the dawn of the National Surveillance State