Cybersecurity

Starting from the early 2000s it became clear that classic cyber protection wasn’t enough
anymore.
Traditional strategies are based on a signature approach where the security system is familiar
with the behavior (signature) of the possible threats. The known signatures are stored in a
database that is used by security systems for constant monitoring of the organizational
behavior—network, storage, devices, users, etc. Therefore, the traditional approach could be
described by the Latin motto praemonītus praemūnītus, i.e., “forewarned, forearmed.”
The number of threats is growing rapidly, making it very difficult to be “forewarned.” In the
modern cyber battlefield, security operations centers (SOCs) face daily, new threats where
signatures are not known. It’s unacceptable to sit back and wait until someone investigates the
new threats and creates new signatures.
But that doesn’t mean that a signature-based approach isn’t valid anymore. After all, cyber
protection is usually designed like an onion with several layers of defense. In this onion
architecture, there is one missing layer—the layer that deals with new, unknown threats.

The current development of a cyber defence policy by the North Atlantic Treaty Organization (NATO) is usually seen as exemplifying the alliance’s changing scope of intervention; as well as its broadened perception of security. From an institutional-liberalist perspective, it is said to illustrate the transformation of NATO from a defensive alliance into a security management institution. However, others have pointed out that NATO cyber defence policy has been developed with regard to seminal events, such as the cyber-attacks on Estonia in 2007 and on Georgia in 2008, and mirrors the persisting cold war logic in NATO current policy.

This dissertation aims to investigate if NATO’s cyber agenda exemplifies the alliance’s transformation into a security management institution; or rather if it displays the continuity of NATO’s self-perception as a defensive alliance. In order to address these questions properly, this dissertation is based on an interpretative approach, using discourse analysis as a method, and a theoretical framework drawing on constructivist accounts, as well as on various liberal institutionalist concepts.

The results of this analysis displayed mixed elements. However, it ultimately seems that NATO cyber defence policy exemplifies the continuous prevalence of NATO’s self-perception as an alliance, designed to defend its members against an external threat. Indeed, the analysis highlights that developments in NATO cyber defence policy are generally conceived as new facets of NATO’s original role – demanding adjusting NATO’s strategy and operational capacities. Yet, NATO cyber defence policy does not seem to represent a fundamental shift in NATO’s perception of its own purpose.

This analysis also highlights the need for further research including additional variables, such as the differentiation between different types of cyber security threats that NATO faces.

This paper presents the sharing of our experiences and lessons learned to modernize a warship with C6ISR utilizing the digital engineering MBSE models of complex systems. We captured Enterprise Architecture (EA) DoDAF views, KPP and KSA in Capability Views (CV). At the EA, information passes into domain specific SoS Block Definition Diagrams (BDD) and Internal Block Diagrams (IBD) to interface and exchange information via SysML models and generate the Interface Control Document (ICD) automatically. The paper illustrates the mapping of EA with SoS digital models and tracing from EA to SoS MOE, MOP, MOS and TPM. The paper applies a Use Case to exemplify OOSEM life cycle activities for requirements traceability. The paper has demonstrated that both EA and SoS are derived from Systems Engineering (SE) process and can be validated and verified via the “V-Model” and endorse the noticeable reduction in the total development cost per complex systems project.

With growing global political weight and one of the biggest digital markets in the world, India, a leading developing country in the G77, is poised to play a critical role in the WSIS+10 Review. In line with its earlier positions on related issues, the priorities outlined by the Indian government for the Review so far prominently feature development and cybersecurity concerns. However, following a new-found alignment on internet-related policy issues across Ministries, earlier priorities regarding enhanced cooperation will now be balanced by active support for multistakeholder approaches to internet governance. For civil society advocates, the Indian government's recent embrace of multistakeholderism is of particular importance, as it provides a new opening for enhanced civil society engagement with the Ministry of External Affairs: the WSIS+10 Review can provide a first opportunity for the Ministry to prove that it is serious about this commitment. The practical impact of this shift in India's policy on the positions of the G77 and the negotiations more broadly may, however, remain limited.

The United States military conducts operations on the sea, in the air, and on the land. As the world flattens with the dawn of the cyber age, the United States Navy finds itself on the front lines of the emerging battlefield of cyberspace. Adapting to this new environment requires the development of a strategic campaign plan involving defensive and offensive capabilities. The research problem participating in this scenario uncovers the current implementation of naval tactics to defend against attacks and uncover vulnerabilities and deficiencies. The scope ranges from large scale state sponsored operations to the individual sailor viewing email on a government computer. The significance of the research problem investigates the strength of countermeasures throughout the fleet. Identifying these strengths give way to the weakness residing in the organization as a whole. The contribution to overall cybersecurity and defense is a diagnosis of shortfalls in the current naval infrastructure and offer corrective solutions through training and overall awareness to the problems at hand.

First monograph linking ethics and conduct of cyber conflict, including for the first time a description of "state-sponsored hacktivism" as the preferred mode of cyber warfare.  Offers the first sustained critique of the Tallinn Manual on international law pertaining to cyber conflict.
Discusses the emergence of norms of responsible state behavior for nations engaged in cyber conflict, as well as a voluntary "code of ethics" for each nation's cyber warriors.

In 2001, the Convention on Cybercrime of the Council of Europe, also known as the Cybercrime Convention or the Budapest Convention, became the first binding international instrument to foster a common criminal policy and international cooperation to battle cybercrime in signatory States. Whether or not India should join the Convention has, since then, been a topic of intense debate. In this paper, the author considers the Convention’s major strengths and weaknesses in five areas of crucial importance to Indian stakeholders. To sign or not? There might not be an easy answer, as this paper will show.

At the recently concluded ITU Plenipotentiary Conference in Busan, India proposed a controversial new resolution that sought to contribute to realising a more secure information society. But while some criticisms of the draft resolution were justified, much of the discussion at the ITU Plenipot overlooked the considerable merit that India’s proposed new resolution has when considered against the backdrop of the larger politics of global Internet governance. For its attempt to find solutions to long-standing concerns of developing countries while at the same time recognising the value of existing internet governance institutions, India’s proposal deserves a second reading, argues Anja Kovacs.

With the arrival of cyberspace, a whole host of new security and other challenges have arisen which are not always adequately tackled. In order to deal with them more appropriately, India has repeatedly argued for a greater role of the UN in the formulation of international Internet-related public policies, particularly where cybersecurity is concerned. However, as the cybersecurity landscape is rather complex, it brings a range of challenges to especially India’s more ambitious proposals to mobilise the multilateral system. What are those challenges, how can we work through them, and what are possible alternative approaches to cybersecurity-related problems? We investigate.

This book explores the political process behind the construction of cyber-threats as one of the quintessential security threats of modern times in the US.

Myriam Dunn Cavelty posits that cyber-threats are definable by their unsubstantiated nature. Despite this, they have been propelled to the forefront of the political agenda. Using an innovative theoretical approach, this book examines how, under what conditions, by whom, for what reasons, and with what impact cyber-threats have been moved on to the political agenda. In particular, it analyses how governments have used threat frames, specific interpretive schemata about what counts as a threat or risk and how to respond to this threat. By approaching this subject from a security studies angle, this book closes a gap between practical and theoretical academic approaches. It also contributes to the more general debate about changing practices of national security and their implications for the international community.

Software Defined Wide Area Network (SD-WAN or SDWAN) is a modern conception and an attractive trend in network technologies. SD-WAN is defined as a specific application of software-defined networking (SDN) to WAN connections. There is growing recognition that SDN and SD-WAN technologies not only expand features, but also expose new vulnerabilities. Unfortunately, at the present time, most vendors say that SD-WAN are perfectly safe, hardened, and fully protected. The goal of this paper is to understand SD-WAN threats using practical approach. We describe basic SD-WAN features and components, investigate an attack surface, explore various vendor features and their security, explain threats and vulnerabilities found in SD-WAN products. We also extend existing SDN threat models by describing new potential threats and attack vectors, provide examples, and consider high-level approaches for their mitigations. The provided results may be used by SD-WAN developers as a part of Secure Software Development Life Cycle (SSDLC), security researchers for penetration testing and vulnerability assessment, system integrators for secure design of SD-WAN solutions, and finally customers for secure deployment operations and configurations of SD-WAN enabled network. The main idea of this work is that SD-WAN threat model involves all traditional network and SDN threats, as well as new product-specific threats, appended by vendors which reinvent or introduce proprietary technologies immature from a security perspective.

The following paper explores the main resolutions of the EU since the break of the millennium regarding Cyber-related issues, estimates whether they have a practical sense or only a declaratory nature, and lays out some observances regarding these decisions.

Experts in cybersecurity principles for satellite and space systems believe that with the stakes so high when it comes to protecting the data that satellites carry, security cannot be an afterthought. It must play an integral part of the design process itself. Learn more in a Cybersecurity Principles for Satellite and Space Systems course by Tonex.

The WordPress platform is without a doubt the most popular CMS platform on the web. This platform has various features and tools which make it the preferred option for many website owners. Its popularity has captured the imagination of both good and bad people on the web. Criminals whose aim is to capitalize on the weaknesses of the platform have devised ways in which they can hack and steal valuable information from WordPress users. In fact, the severity of the attacks on the WordPress platform can range from the loss of little information to the loss of entire websites.

Presented at the 2018 Florida Cyber Conference, Cyberville demonstrates modern exploits on critical infrastructure (SCADA/ICS) while visually and interactively representing potential disruption on a physical model of the Tampa Bay region. This is supplementary documentation to be accompanied with a Git folder.

Digitalization is exposing developing countries to a growing number of risks as well as opportunities associated with connecting to the Internet. Myanmar stands out as a critical case of both the pitfalls and the benefits Internet connection can bring. Amidst a political transition from military rule to a functioning democracy Myanmar is adding ICT to key areas like banking and e-government. Having been one of the least connected countries in the world only a few years ago the country is now connecting to the Internet at an unprecedented pace, with few institutions in place to ensure the transition goes smoothly. The rapid expansion of Internet connectivity is connecting ever more people to an international world of business, discourse, and entertainment, but also crime, subterfuge, and discord. A crucial aspect for development in the years to come will be the harnessing of the benefits, as well as mitigating the downsides that inherently follow in the wake of Internet access (Schia, 2018). In this chapter, we examine the risks and potential benefits of Myanmar’s embracement of digital technologies.

In recent years, the growth of brain-computer interfaces (BCIs) has been remarkable in specific application fields, such as the medical sector or the entertainment industry. Most of these fields use evoked potentials, like P300, to obtain neural data able to handle prostheses or achieve greater immersion experience in videogames. The natural use of BCI involves the management of sensitive users' information as behaviors, emotions, or thoughts. In this context, new security breaches in BCI are offering cybercriminals the possibility of collecting sensitive data and affecting subjects' physical integrity, which are critical issues. For all these reasons, the fact of applying efficient cybersecurity mechanisms has become a main challenge. To improve this challenge, this chapter proposes a framework able to detect cyberattacks affecting one of the most typical scenarios of BCI, the generation of P300 through visual stimuli. A pool of experiments demonstrates the performance of the proposed framework.

Timely sharing of cyber security related information between organizations has long been perceived as an effective measure to address cyber security challenges. Even though information sharing is a cost-effective tool and a crucial step towards a more effective in combating cyber crime, it is not a magical solution for all of the problems for cyber security.

This paper presented a realistic analysis of Stuxnet cyber-attack, aiming to uncover the complexities associated with the launch decision-making process. It managed to answer the question: Why were Stuxnet cyber-attack adopted, as a strategic choice for managing the conflict instead of traditional choices? It also gave an understanding for the security challenges and the strategic implications that cyber-attack had to pose. Finally, it reached a number of conclusions to the effect that: Realism, as a theory mostly concerned with issues of national security and power, can be a very suitable theoretical framework for analyzing and understanding cyber-attacks. The analysis confirmed that realism is an appropriate framework for identifying important issues related to security in the cyberspace and can provide useful insights into some of the enduring characteristics of international relations in the cyberspace.

Medical training devices are becoming increasingly dependent on technology creating opportunities that are inherently conducive to security breaches. Previous medical device research has focused on individual device security breaches and the technical aspects involved with these breaches. This research examines the viability of breaching a production deployed medical training mannequin. The results of the proof of concept research indicate that it is possible to breach a medical training mannequin in a live environment. The research contribution is an initial empirical analysis of the viability of compromising a medical training mannequin along with providing the foundation for future research.

About ISACA ® With more than 100,000 constituents in 180 countries, ISACA (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA ® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor ® (CISA ®), Certified Information Security Manager ® (CISM ®), Certified in the Governance of Enterprise IT ® (CGEIT ®) and Certified in Risk and Information Systems Control TM (CRISC TM) designations.

Intrusion Detection is a topic that is of interest both in the corporate world as well as academia. In the advent of Big Data Analytics, multiple analytics techniques can be used on the enormous amounts of data that is being generated every single day in order to discover knowledge. This inherently poses a threat to the security and privacy of all the parties involved. Therefore, it is a necessity in today's world to reinforce the security systems with robust Intrusion Detection and Prevention Systems. A nominal Cybersecurity System can no longer suffice for detecting and minimizing the damage from cyber-attacks especially since many of the attacks do not fall under a pre-discovered category. In this paper we review the various works particularly concerning Big Heterogeneous Data as well as present opportunities for further research to be conducted in these areas.

The purpose of this study was to examine pedagogical best practices for student mastery of cybersecurity competencies. Additionally, the researcher explored factors that may either promote or hinder student learning in cybersecurity education. Interviews were conducted with cybersecurity educators from colleges and universities in Alabama and Tennessee who are members of the National Centers of Academic Excellence (CAE) program in Cyber Defense (CD). Eight higher education institutions from the state of Tennessee and Alabama participated in this study who had passed the requirement of Academic Excellence / Cyber Defense Centers of Academic in becoming National CAE designated institutions for cybersecurity programs. The participants were interviewed, and the collected data from the interviews were kept confidential. The study sought to find the best pedagogies being used in cybersecurity programs in institutions designed as Centers of Academic Excellence (CAE) to prepare students. The study also sought to determine specific pedagogical best practices depending upon type of competency, as well as determining the factors that exist that may either promote or hinder student learning in cybersecurity education? The outcome of this research has brought a new light in which students learn cybersecurity subjects alongside suggestions and future research for improving cybersecurity education at academic institutions. The results from this study indicate that there are four pedagogical themes: Theme A, Hands-on virtual reality online; Theme B, Hands-on with instructor; Theme C, Mixed or blended learning and Theme D, Flipped classroom learning. All cybersecurity competencies can be achieved only through hands-on learning; findings yielded one theme from this study that will enable educators of higher education to use hands-on with virtualization led by an instructor as the best pedagogy. The final findings, determining factors that promote or hinder student learning in cybersecurity education, include a lack of adequate budgetary resources and staff to adequately address security concerns. Staffing was the second most voiced weakness. Higher education students expect all campus computing resources and environments to be reliable, fast, safe, ubiquitous, and secure; however, their expectations were not met. Cybersecurity professionals are paid a high salary, and higher education institutions expect their instructors to be paid demeaning amounts. Finally, a positive note towards promoting learning is the use of adjunct faculty who provide a significant service to the community and technical colleges in promoting cybersecurity training. Adjunct faculty bring to the classrooms an extensive cybersecurity experience.

Data Theft is a rampant crime in India. Employees steal data as it is there gratuity. As per The IT Act,2000 Data Theft is a cyber crime in India and attracts criminal as well as civil remedies. This articles discusses the law provisions and case based scenario of data theft in India.

Abstract: Cyberspace has become the new frontier for countries to demonstrate power. Nations that have developed defense tools or those that can successfully launch attacks against adversaries will become the next global superpowers [1], [2]. While cyber threats and attacks by government agencies are well documented, most widespread attacks are done by individuals or hacking groups for personal gains [3], [4]. The UAE has become a major target for cyber conflicts due to increased economic activity, tourism, technology and rise of the oil and gas industry. Furthermore, the wide spread of internet in the region to the tune of 88 % has exposed it to attackers [3]. Recent attacks against Saudi Arabia’s ARAMCO and Qatar RasGas and the Stuxnet attack on the Iranian nuclear plants are often cited as examples [3], [5]. Previous reports show that the UAE Government is set to double expenditure on homeland security [6]. Therefore, we need to assess whether available cyber-security defenses ar...

We are living in the age of globally connected information systems.  Very few networks remain isolated because of the need to reach consumers or pass information around the world.  Banks, social networking companies, and retailers are all held to an availability standard placed upon them by distance customers.  Service related businesses rely on the World Wide Web (WWW) to advertise and compete with their more famous competitors.  The government relieves bottle necks at brick and mortar offices by offering a vast majority of services via the web.  Seldom will we find a business that does not have an online presents.  But all this availability comes at a cost and more often than not the cost is decreased security.
Social engineering, viruses, physical security, and internal threats plague the World Wide Web and creates an abominable adversary for today’s system administrators.  To make matters even more difficult, companies don’t view information technology (IT) security as a cost effective investment.  Paul Paget from Pwnie Express stated that “most companies spend between 4 and 10 percent of their IT budget on security” (Ottolini, 2015).  Despite the growing publicity of hackers and breaches companies still resist the investment with a blind notion that their system have enough protection to thwart even the most sophistic attack.  Besides, it’s never been penetrated before so we must be doing well, right?

La ciberseguridad es un problema a hacer frente por los despachos de abogados, grandes y pequeños y en esta profesión lo estamos abordando realmente mal. Es difícil luchar contra algo que no se ve y poca gente entiende, sobre todo cuando no sabes qué es lo que tienes que buscar. El ciberataque a la OPM (Offices of Personnel Management) en Estados Unidos comprometió los datos personales de 21 millones de empleados que habían trabajado y trabajan para el gobierno de Estados Unidos incluido el personal contratado así como los ciberataques a aseguradoras médicas cuyo objetivo es robar información personal de sus clientes. Pero los ciberataques no solo tienen como objetivos a los gobiernos o grandes multinacionales, la ciberseguridad debe ser una prioridad para los despachos de abogados. A continuación se describen grandes errores que los abogados cometen en el ámbito de la ciberseguridad: 1. Contraseñas: aunque diariamente utilizamos contraseñas para abrir los ordenadores, no todas las contraseñas son iguales. Se deben implementar una política de contraseñas fuerte, por ejemplo doble autenticación, actualizar las contraseñas cada 2 a 4 meses, nunca repetir contraseñas. Las contraseñas deben tener un mínimo de 10 caracteres que combinen números, letras y caracteres especiales así como la exclusión del uso del nombre propio o apellido.

The requirement for a collaborative effort to achieve a common set of security standards for use by entities that process, store or transport voter data. -More than 350,000 voting machines are used in the Unites States today in over 42 States (VerifiedVoting 2017). The rise in the use of electronic mediums has posed great concern for those voting and those running for office. In 2016, the State of Florida reported the targeted attempts by Russian hackers to infiltrate and manipulate electronic voting in as much as 67 elections offices. As well reporting from additional sources that as many as voter database compromises across 21 states and forensics discovery at attempts by hackers to infiltrate the networks of voting equipment vendors, local election boards, political parties and email and social media accounts for candidates.  The industry and cyber security community has not discovered a process to protect the most democratic process in the world to date – Voting remains a target held at risk. 2018 Elections are critical to moving the U.S. forward to recovery - Feel free to reach out if you need support or have any additional questions.

Amidst an explosion in digital health product investment, increasingly frequent cybersecurity vulnerabilities, and a scattered regulatory framework, the digital health marketplace requires a clear, measured approach to consumer safety and data privacy. While legal and technology scholars have generally proposed increased activity in and examination of cybersecurity, neither have taken a multidisciplinary approach, leveraging both technology and law to advance a regulatory framework for the digital health market. Leveraging existing U.S. Food and Drug Administration processes with enhanced oversight will create the framework necessary to simultaneously protect patients while providing clear direction for businesses producing digital health products and services. The Federal Food, Drug, and Cosmetic Act is well-positioned to regulate cybersecurity for the United States Digital Health Marketplace.

The book faces an essential contemporary issue: the definition of the limits of action, protection and use of cyberspace as a fifth operational domain, as well as in the measures to be taken to make this environment more secure. Using the term adopted by the US Department of Defense, the authors use practical experience to indicate an agenda that aims to create means to improve the defense of areas such as state security, economics, democracy and privacy.

Smart homes and healthcare have increasingly grown more popular in the recent years. Due to the amount of data, it records the need for a more secure method is needed to ensure security and privacy. Consequently, these methods can also ensure security and privacy in Smart health. The intended outcome of this review paper is to analyze the problems which people might be facing related to security issues in their smart homes and initiate a discussion on how healthcare devices which come in a package by future homes are vulnerable to cyber attacks which will result into data breaches. By reviewing previous literature, this paper proposes blockchain as a method to improve security and privacy in smart homes and smart healthcare. Using this platform, we debated about the uprising blockchain technology which may contribute to these elements and how its components can assist healthcare to grow with complete security in mind. This research discusses how blockchain based solutions may give rise to future homes and healthcare based on an ideal framework.

Malware, also referred to as the distribution of a malicious code present relentless opposition to cybersecurity. In this generation, identifying malware in systems is becoming a war seemingly with no end since the malware is ever evolving and the data security needs to be the first priority. The software is embedded in the perfect way to a user who is unknown by what we call a Malware author. The security-critical resources of the OS come in contact with the malware on the network or the system hosting for the purpose of eliminating their data or to get information which may be private like credit card numbers and passwords. To reduce this crime, Malware authors apply the Application Program Interface (API).

The password is the most widely used identity verification method in computer security domain. However, due to its simplicity, it is vulnerable to imposters. A way to strengthen the password is to combine Biometric technology with password. Keystroke dynamics is one of the behavioural biometric approaches which is cheaper and does not require any sophisticated hardware other than the keyboard. The chapter uses a new feature called Virtual Key Force along with the commonly extracted timing features. Features are normalized using Z-Score method. For feature subset selection, Particle Swarm Optimization wrapped with Extreme Learning Machine is proposed. Classification is done with wrapper based PSO-ELM approach. The proposed methodology is tested with publically available benchmark dataset and real time dataset. The proposed method yields the average accuracy of 97.92% and takes less training and testing time when compared with the traditional Back Propagation Neural Network.