Cyberkonflikten i Ukraina : Cyberattacker som instrument i tvingande diplomati

Kolli, Johanna

January 2018

This paper aims to describe and explain the Russian use of cyberattacks in the Ukrainian conflict. Two major cyber events, BlackEnergy in 2015 and NotPetya in 2017, are analysed by the theoretical framework of coercive diplomacy developed by Daniel Byman and Matthew Waxman, as well as the theory of cyber coercion made by Daniel R. Flemming and Neil C. Rowe. This paper concludes that the Russian use of cyberattacks could be understood as an extension of their already widespread practice of coercive diplomacy as a foreign policy tool. The cyberattacks were developed to pressure the Ukrainian energy and economic sector, through destabilisation of the economic powerbase and the country as a whole. The cyber offenses are developed to push the Ukrainian politics from western influence back towards the Russian political orbit. This due to the political, economic, and power interests Russia finds in the post-soviet state of Ukraine.

cyber attack

cyber conflict

cyber coercion

coercive diplomacy

BlackEnergy

NotPetya

Ukraine

Russia

Political Science

Statsvetenskap

Offensive Cyber Operations: An Examination of Their Revolutionary Capabilities

Wardle, Madelyn

28 May 2021

No description available.

Political Science

International Relations

cyber realm

cyber attacks

offensive cyber operations

Säkerhetisering av cyber? : En studie om inramningen av cyberhot i svensk politik

Pohjanen, Sofia

January 2021

The following thesis intends to study how cyber security and cyber threats are portrayed in Swedish political discourses on cyber between the years 2015-2021. How the question about cyber security is framed can have a major impact on Sweden’s security- and digitization policy and further, on the population's view of which problems are important and how resources should be allocated. Through qualitative text analysis, more specific discourse analysis, political debate articles and government reports will be analyzed to evaluate how the question about cyber security has been framed as an existential threat and if so, for whom?  The purpose is to investigate whether features of securitization occurs and if the question about cyber security can be defined as securitized. And further, what kind of measures has been proposed as protection against these threats? The study also aims to identify which actors' arguments and problem representations have had an impact. The results show that there has been a securitization move within political cyber discourses and a number of safety features have been proposed or have already taken place. The question about cyber security can therefore be defined as securitized. The results also show that a few numbers of government actors have the privilege to represent the problems and furthermore, decide what actions to take.

cyber security

cyber defense

cyber threat

security policy

securitization

Political Science

Statsvetenskap

Cognitive Cyber Weapon Selection Tool Empirical Evaluation

Ponangi, Preethi Vinayak

21 April 2011

No description available.

Engineering

Cyber warfare

Cognitive weapons

Cognitive Cyber Weapon Selection Tool

Cyber operator

Cognitive weapon selection

Cyber Threat Intelligence from Honeypot Data using Elasticsearch

Al-Mohannadi, Hamad, Awan, Irfan U., Al Hamar, J., Cullen, Andrea J., Disso, Jules P., Armitage, Lorna

18 May 2018

yes / Cyber attacks are increasing in every aspect of daily life. There are a number of different technologies around to tackle cyber-attacks, such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, switches, routers etc., which are active round the clock. These systems generate alerts and prevent cyber attacks. This is not a straightforward solution however, as IDSs generate a huge volume of alerts that may or may not be accurate: potentially resulting in a large number of false positives. In most cases therefore, these alerts are too many in number to handle. In addition, it is impossible to prevent cyber-attacks simply by using tools. Instead, it requires greater intelligence in order to fully understand an adversary’s motive by analysing various types of Indicator of Compromise (IoC). Also, it is important for the IT employees to have enough knowledge to identify true positive attacks and act according to the incident response process. In this paper, we have proposed a new threat intelligence technique which is evaluated by analysing honeypot log data to identify behaviour of attackers to find attack patterns. To achieve this goal, we have deployed a honeypot on an AWS cloud to collect cyber incident log data. The log data is analysed by using elasticsearch technology namely an ELK (Elasticsearch, Logstash and Kibana) stack.

Cyber attacks

Cyber threats

Honeypot data

Elasticsearch

Cyber threat intelligence technique

Effective Cyber Security Strategies for Small Businesses

Cook, Kimberly Diane

01 January 2017

Disruptive technologies developed in the digital age expose individuals, businesses, and government entities to potential cyber security vulnerabilities. Through the conceptual framework of general systems theory, this multiple case study was used to explore the strategies among owners of 4 retail small- and medium-size enterprises (SMEs) in Melbourne, Florida, who successfully protected their businesses against cyber attacks. The data were collected from a review of archival company documents and semistructured interviews. Yin's 5-phased cycles for analyzing case studies provided the guidelines for the data analysis process. Three themes emerged from thematic analysis across the data sets: cyber security strategy, reliance on third-party vendors for infrastructure services, and cyber security awareness. The study findings indicated that the SME owners' successful cyber security strategies might serve as a foundational guide for others to assess and mitigate cyber threat vulnerabilities. The implications for positive social change include the potential to empower other SME owners, new entrepreneurs, and academic institutions with successful cyber security strategies and resources to affect changes within the community. SME owners who survive cyber attacks may spur economic growth by employing local residents, thus stimulating the socioeconomic lifecycle. Moreover, implementation of these successful strategies may catalyze consumer confidence, resulting in greater economic prosperity.

cyber security awareness

cyber security effectiveness

cyber security strategy

cyber security third party reliance

SME cyber security guidance

SMEs

Evaluating Cyber war

Lee, Jonathan Iming

21 February 2011

Richard A. Clarke and Robert K. Knake’s book, Cyber war, claims to identify a new threat and vulnerability in the United States. By examining the points they make and evaluating them in the context of the first cyber attack, STUXNET, we shall conclude that the technical argument is correct; however the overall argument is incomplete. What they fail to emphasize is the amount of human intelligence involved in committing a successful cyber attack, and the extent to which having intelligence operations greatly enhances a state's cyber capabilities. / text

Richard Clarke

Robert Knake

Cyber war

Cyber warfare

Cyberwar

Cyber attack

STUXNET

Information warfare

Counterintelligence

Richard A. Clarke

Transforming missions : mission strategy and cyber space. Research on the use of cyber space in transforming the mission of the South Korean church in 21st century

Kim, Ho Yun

13 June 2012

The present generation lives in the new information age as a result of rapid computer developments and the accessibility of the internet. Therefore, in the 21st century the world has to come to grips with the cyber space culture. Internet connections in South Korea, as in many countries in the world, make access to the world available in every house. Therefore, it is a necessity to understand the internet culture and internet is becoming part of everyday life. However, at the beginning of the 21st century, the most important attribute of the mission is missio Dei: the mission is God’s mission. God is a missionary God and mission has its origin in God. And finally, God also calls people as missionaries to share his love with the world. According to Bosch (1991:368-372), our daily life has become so fast and constantly changing that we cannot use past methods to be effective today. Therefore we need a paradigm shift in our thinking towards missions today, to become more relevant. There is a need for the church to understand this paradigm shift, and implement it into its thinking and practice of mission. Cyber mission is becoming important in the information age, and there are many advantages and disadvantages to it. These advantages are to be managed carefully. It is the church's responsibility to use cyber space to the advantage of God's Kingdom. The opening up of cyber space may prove to be a gift from God to his church today. Many Christians began to share their faith with others in cyber space through the internet and internet evangelism and cyber missions were born. Today, the internet has become one of the available means of sharing and proclaiming the Gospel. It offers us incredible power to share the Good News. The Christian has the great responsibility to the great commission to deliver the gospel to the end of the earth through the cyber Mission. The South Korean church became a strong Christian church, ranking as the second missionary sending country in the world of today. The South Korean church developed the cyber mission, as they realized the power of the internet. Most of the churches have their own web site and they have already started to use the cyber space for church ministry. / Thesis (PhD)--University of Pretoria, 2012. / Science of Religion and Missiology / unrestricted

Cyber community

Cyber space

South korea

Internet

Cyber mission

Mission ecclesiae

Mission

South africa

Missio dei

UCTD

Kybernetická bezpečnost: vztah USA a Číny / Cyber Security: US - Chinese Relations

Debnárová, Barbora

January 2015

This diploma thesis deals with cyber relation of the United States of America and the People's republic of China. The aim of this diploma thesis is to answer the following questions: What kind of cyber threat for the United States does China represent? How is China's cyber strategy characterised? How do USA react on this threat and what are the gaps in this reaction? The thesis is divided into four chapters. The first chapter deals with definition of cyberwarfare and its perception in Chinese context. The second chapter analyses USA - China relation and its implication for cyber security. The third chapter represents US reaction on Chinese cyber threat. The last chapter deals with the gaps in the reaction. Keywords USA, China, cyber threat, cyberwarfare, cyber espionage

Cyber Attack Modelling using Threat Intelligence. An investigation into the use of threat intelligence to model cyber-attacks based on elasticsearch and honeypot data analysis

Al-Mohannadi, Hamad

January 2019

Cyber-attacks have become an increasing threat to organisations as well as the wider public. This has led to greatly negative impacts on the economy at large and on the everyday lives of people. Every successful cyber attack on targeted devices and networks highlights the weaknesses within the defense mechanisms responsible for securing them. Gaining a thorough understanding of cyber threats beforehand is therefore essential to prevent potential attacks in the future. Numerous efforts have been made to avoid cyber-attacks and protect the valuable assets of an organisation. However, the most recent cyber-attacks have exhibited the profound levels of sophistication and intelligence of the attacker, and have shown conven- tional attack detection mechanisms to fail in several attack situations. Several researchers have highlighted this issue previously, along with the challenges faced by alternative solu- tions. There is clearly an unprecedented need for a solution that takes a proactive approach to understanding potential cyber threats in real-time situations. This thesis proposes a progressive and multi-aspect solution comprising of cyber-attack modeling for the purpose of cyber threat intelligence. The proposed model emphasises on approaches from organisations to understand and predict future cyber-attacks by collecting and analysing network events to identify attacker activity. This could then be used to understand the nature of an attack to build a threat intelligence framework. However, collecting and analysing live data from a production system can be challenging and even dangerous as it may lead the system to be more vulnerable. The solution detailed in this thesis deployed cloud-based honeypot technology, which is well-known for mimicking the real system while collecting actual data, to see network activity and help avoid potential attacks in near real-time. In this thesis, we have suggested a new threat intelligence technique by analysing attack data collected using cloud-based web services in order to identify attack artefacts and support active threat intelligence. This model was evaluated through experiments specifically designed using elastic stack technologies. The experiments were designed to assess the identification and prediction capability of the threat intelligence system for several different attack cases. The proposed cyber threat intelligence and modeling systems showed significant potential to detect future cyber-attacks in real-time. / Government of Qatar

Cyber-attack

Cyber-attack modelling

Cyber threat intelligence

Elasticsearch

Honeypots

Cloud services

Attack awareness

Object-based model