On the importance of cyber-security training for multi-vector energy distribution system operators

Multi-vector Energy Distribution Systems (EDS) are increasingly connected to provide new services to consumers and Distribution Network Operators (DNO). This exponential growth in connectivity, while beneficial, tremendously increases the attack surface of critical infrastructures, demonstrating a clear need for energy operator cyber-security training. This paper highlights the cyber-security challenges faced by EDS operators as well as the impact a successful cyber-attack could have on the grid. Finally, training needs are contextualised through cyber-attack examples

A review of cyber-ranges and test-beds:current and future trends

Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CR and TB platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CR and TB research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs dimensions, as well as, highlighting a diminishing differentiation between application areas

Blockchain solutions for forensic evidence preservation in IoT environments

The technological evolution brought by the Internet of things (IoT) comes with new forms of cyber-attacks exploiting the complexity and heterogeneity of IoT networks, as well as, the existence of many vulnerabilities in IoT devices. The detection of compromised devices, as well as the collection and preservation of evidence regarding alleged malicious behavior in IoT networks, emerge as areas of high priority. This paper presents a blockchain-based solution, which is designed for the smart home domain, dealing with the collection and preservation of digital forensic evidence. The system utilizes a private forensic evidence database, where the captured evidence is stored, along with a permissioned blockchain that allows providing security services like integrity, authentication, and non-repudiation, so that the evidence can be used in a court of law. The blockchain stores evidences’ metadata, which are critical for providing the aforementioned services, and interacts via smart contracts with the different entities involved in an investigation process, including Internet service providers, law enforcement agencies and prosecutors. A high-level architecture of the blockchain based solution is presented that allows tackling the unique challenges posed by the need for digitally handling forensic evidence collected from IoT networks

Cyber-Trust: The Shield for IoT Cyber-Attacks

The security problems arising from the flawed design of legacy hardware and embedded devices allow cyber-criminals to easily compromise systems and launch large-scale attacks toward critical cyber-infrastructures. The interdisciplinary approach proposed in this chapter captures different phases of such emerging attacks, before and after known or unknown (zero-day) vulnerabilities have been widely exploited by cyber-criminals to launch the attack. Emphasis is given on building a proactive cyber-threat intelligence gathering and sharing system to prevent the exploitation of vulnerabilities and design flaws found in IoT devices. This intelligence information is used to maintain accurate vulnerability profiles of IoT devices, in accordance with data protection, privacy, or other regulations, and optimally alter their attack surface to minimize the damage from cyber-attacks

Strategies to Counter Artificial Intelligence in Law Enforcement: Cross-Country Comparison of Citizens in Greece, Italy and Spain

This paper investigates citizens’ counter-strategies to the use of Artificial Intelligence (AI) by law enforcement agencies(LEAs). Based on information from three countries (Greece, Italy and Spain) we demonstrate disparities in the likelihood of ten specific counter-strategies. We further identified factors that increase the propensity for counter-strategies. Our study provides an important new perspective to societal impacts of security-focused AI applications by illustrating the conscious, strategic choices by citizens when confronted with AI capabilities for LEAs