Pub Date : 2023-07-04DOI: 10.34190/eccws.22.1.1547
Kenyeres Attila Zoltán, Lauren Weigand
The phenomenon of fake news and media manipulation has always existed in human history, long before the invention of digital technology. However, never before in the history of mankind has it been possible to spread fake news so quickly, in such large quantities and to such large masses, as now, in the age of the internet and social media. In this paper we identified 31 recurring signs of fake news and phishing scams spreading on social media in Hungary, Romania and Slovakia, based on the content analysis of 866 screenshots of social media posts, internet articles, phishing emails and SMS messages from these 3 countries. The most common group of signs are signs of provoking emotions. The second largest group of indicators include the characteristics of the media publishing the news. The third major category is the visual appearance and wording of the news. The fourth group of recurring signs refers to the original source of the news. The fifth group of indicators is the lack of reliable and/or official media coverage of the story. The elements of the sixth group of signs are the photoshopped and re-framed 'proof' images and videos that appear in the news. The seventh, and final group, of indicators refers to the prior beliefs and biases of the target audience. Provoking emotions, and thereby turning off the recipient's critical thinking, is the most common sign of fake news, scams and other hoaxes. Consequently, there is a great need for a high level of critical thinking and information literacy regarding social media contents on the part of the recipient. Our research was based on a fake news database collected in the framework of an international Erasmus+ project called "Media Detective". The aim of the project is to develop media literacy training modules for teachers and youth workers that could be used in school settings.
{"title":"From Provoking Emotions to fake Images: The Recurring Signs of fake news and Phishing Scams Spreading on Social Media in Hungary, Romania and Slovakia","authors":"Kenyeres Attila Zoltán, Lauren Weigand","doi":"10.34190/eccws.22.1.1547","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1547","url":null,"abstract":"The phenomenon of fake news and media manipulation has always existed in human history, long before the invention of digital technology. However, never before in the history of mankind has it been possible to spread fake news so quickly, in such large quantities and to such large masses, as now, in the age of the internet and social media. In this paper we identified 31 recurring signs of fake news and phishing scams spreading on social media in Hungary, Romania and Slovakia, based on the content analysis of 866 screenshots of social media posts, internet articles, phishing emails and SMS messages from these 3 countries. The most common group of signs are signs of provoking emotions. The second largest group of indicators include the characteristics of the media publishing the news. The third major category is the visual appearance and wording of the news. The fourth group of recurring signs refers to the original source of the news. The fifth group of indicators is the lack of reliable and/or official media coverage of the story. The elements of the sixth group of signs are the photoshopped and re-framed 'proof' images and videos that appear in the news. The seventh, and final group, of indicators refers to the prior beliefs and biases of the target audience. Provoking emotions, and thereby turning off the recipient's critical thinking, is the most common sign of fake news, scams and other hoaxes. Consequently, there is a great need for a high level of critical thinking and information literacy regarding social media contents on the part of the recipient. Our research was based on a fake news database collected in the framework of an international Erasmus+ project called \"Media Detective\". The aim of the project is to develop media literacy training modules for teachers and youth workers that could be used in school settings.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126327978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1082
Thomas A. Dempsey
The expansion of Information Operations (IO) over the past ten years has allowed individuals and groups to increase their sphere of influence on a global scale. Nation-state cyber threat actors have increased their presence on social media, building out false personas to influence large populations. This type of activity is difficult to stop due to the availability of social networks on the internet and the ease of creating false personas that can’t be directly attributed to the actor. IO activity has been observed with the Russian cyber activity during the 2016 U.S. Presidential elections and from Russian social media campaigns provoking extremist groups and attempting to cause physical harm, such as the 2017 campaign on Facebook to start a rally and a simultaneous counter rally in front of the Islamic Da’wah Centre of Houston. Although Russia has been observed leveraging this capability, they are not the only global actor in the cyber domain taking advantage of IO. Global threat actors have leveraged social media platforms and blogs to influence the global population and spread propaganda. This type of activity has been seen within traditional warfare using propaganda techniques. With the introduction of the cyber domain into warfare, there is an increased ability to communicate not only to one population but to the global community with the intent to manipulate the masses using IO. This paper examines the Cybersecurity Operations (CO) that have been observed utilizing IO and the psychological impacts they have had in successful campaigns against the United States. This paper argues that with increased influence capabilities in the cyber domain, individuals and groups will continue using IO to support tactical and strategic objectives. Through the available literature, this paper examines the impacts that IO has had on the United States through attempts to manipulate elections and create divides in the nation over the last ten years. This paper leverages the psychology of group processes to analyze the literature involving social media campaigns and the influencing of groups through the lens of social identity theory to provide new insight into mitigating and countering IO.
{"title":"Spreading Lies Through the Cyber Domain","authors":"Thomas A. Dempsey","doi":"10.34190/eccws.22.1.1082","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1082","url":null,"abstract":"The expansion of Information Operations (IO) over the past ten years has allowed individuals and groups to increase their sphere of influence on a global scale. Nation-state cyber threat actors have increased their presence on social media, building out false personas to influence large populations. This type of activity is difficult to stop due to the availability of social networks on the internet and the ease of creating false personas that can’t be directly attributed to the actor. IO activity has been observed with the Russian cyber activity during the 2016 U.S. Presidential elections and from Russian social media campaigns provoking extremist groups and attempting to cause physical harm, such as the 2017 campaign on Facebook to start a rally and a simultaneous counter rally in front of the Islamic Da’wah Centre of Houston. Although Russia has been observed leveraging this capability, they are not the only global actor in the cyber domain taking advantage of IO. Global threat actors have leveraged social media platforms and blogs to influence the global population and spread propaganda. This type of activity has been seen within traditional warfare using propaganda techniques. With the introduction of the cyber domain into warfare, there is an increased ability to communicate not only to one population but to the global community with the intent to manipulate the masses using IO. This paper examines the Cybersecurity Operations (CO) that have been observed utilizing IO and the psychological impacts they have had in successful campaigns against the United States. This paper argues that with increased influence capabilities in the cyber domain, individuals and groups will continue using IO to support tactical and strategic objectives. Through the available literature, this paper examines the impacts that IO has had on the United States through attempts to manipulate elections and create divides in the nation over the last ten years. This paper leverages the psychology of group processes to analyze the literature involving social media campaigns and the influencing of groups through the lens of social identity theory to provide new insight into mitigating and countering IO.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116950330","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1105
J. Mtsweni, Mphahlela Thaba
The evolution of technology in the African battlespace continues to pose a significant challenge to the African militaries. This evolution increases the need for the African militaries to be able to operate in the cyberspace strategically and effectively. Developing cyber warfare capabilities remains a challenge to many African militaries who are struggling to remain afloat due to ever decreasing resources, including budgets. This in turn reduces the effect of these militaries in the evolving battlespace. This paper seeks to present a comprehensive framework for developing cyber warfare capabilities for African militaries to be able to operate efficiently in the cyber battlespace. The proposed POSTEDFIT aligned framework, requires a comprehensive system thinking approach towards developing capabilities in a phased manner. This includes the ability to define the capabilities in terms of the requirements presented by the cyberspace, and the components forming these capabilities. The generic framework is based on the basic understanding of a capability, as the ability to do something, in this case, the ability to secure and operate in the cyberspace for African militaries, ability to conduct offensive cyber operations and ability to keep abreast with the evolving cyber battlespace.
{"title":"Developing Robust Cyber Warfare Capabilities for the African Battlespace","authors":"J. Mtsweni, Mphahlela Thaba","doi":"10.34190/eccws.22.1.1105","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1105","url":null,"abstract":"The evolution of technology in the African battlespace continues to pose a significant challenge to the African militaries. This evolution increases the need for the African militaries to be able to operate in the cyberspace strategically and effectively. Developing cyber warfare capabilities remains a challenge to many African militaries who are struggling to remain afloat due to ever decreasing resources, including budgets. This in turn reduces the effect of these militaries in the evolving battlespace. This paper seeks to present a comprehensive framework for developing cyber warfare capabilities for African militaries to be able to operate efficiently in the cyber battlespace. The proposed POSTEDFIT aligned framework, requires a comprehensive system thinking approach towards developing capabilities in a phased manner. This includes the ability to define the capabilities in terms of the requirements presented by the cyberspace, and the components forming these capabilities. The generic framework is based on the basic understanding of a capability, as the ability to do something, in this case, the ability to secure and operate in the cyberspace for African militaries, ability to conduct offensive cyber operations and ability to keep abreast with the evolving cyber battlespace.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124895584","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1106
M. Watney
Social media has an enormous impact on the manner in which society communicates and shares information. Digital is no longer a supplementary channel, but is the first place most people go to for news, information and communication. The transmission of social media disinformation has increased dramatically across the world and it necessitates a response. The discussion focuses on the response to social media disinformation on a national level. The discussion does not focus on foreign state or state-sponsored actors of misinformation. The focus and publicity may - within the context of cybersecurity - predominantly have been on cyberattacks, such as ransomware attacks. However, recent incidents - unrelated to foreign state interference and cyberattacks - illustrate that cybersecurity law must encompass the threat of disinformation. The 2020 COVID-19 pandemic, 2021 Washington, DC, United States, and South African as well as the 2023 Brazil riots illustrate the harmfulness of social media disinformation. Cognisance should be taken of the lessons learnt from the examples of social media disinformation as it may assist in determining a response to disinformation. There are various responses to national social media disinformation, such as legislative social media platform regulation, censorship, and criminalisation of the disinformation by itself. The response within the context of a cybersecurity threat landscape necessitates scrutiny as the response may impact on human rights. The trade-off between security and human right protection may be the violation of human rights to prevent harm from disinformation.�
{"title":"Legal Response to Social Media Disinformation on National Level","authors":"M. Watney","doi":"10.34190/eccws.22.1.1106","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1106","url":null,"abstract":"Social media has an enormous impact on the manner in which society communicates and shares information. Digital is no longer a supplementary channel, but is the first place most people go to for news, information and communication. The transmission of social media disinformation has increased dramatically across the world and it necessitates a response. The discussion focuses on the response to social media disinformation on a national level. The discussion does not focus on foreign state or state-sponsored actors of misinformation. The focus and publicity may - within the context of cybersecurity - predominantly have been on cyberattacks, such as ransomware attacks. However, recent incidents - unrelated to foreign state interference and cyberattacks - illustrate that cybersecurity law must encompass the threat of disinformation. The 2020 COVID-19 pandemic, 2021 Washington, DC, United States, and South African as well as the 2023 Brazil riots illustrate the harmfulness of social media disinformation. Cognisance should be taken of the lessons learnt from the examples of social media disinformation as it may assist in determining a response to disinformation. There are various responses to national social media disinformation, such as legislative social media platform regulation, censorship, and criminalisation of the disinformation by itself. The response within the context of a cybersecurity threat landscape necessitates scrutiny as the response may impact on human rights. The trade-off between security and human right protection may be the violation of human rights to prevent harm from disinformation.\u0000 ","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126144039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1196
Jani Päijänen, J. Salonen, A. Karinsalo, T. Sipola, T. Kokkonen
The current shortage of cybersecurity professionals is about 2 million people worldwide, and in Europe the industry is seeking for about 350 000 skilled professionals. There is also an enormous need for dedicated cybersecurity training courses for existing professionals who wish to acquire completely new skills or maintain their current ones. Due to the lack of new skilled workforce, the current cybersecurity personnel are overworked in their work. In order not to waste the valuable time of cybersecurity professionals with unnecessary training, cyber exercises should be well prepared. This article is based on research conducted in a European collaborative project and more specifically, a cyber exercise organised in early 2022. The purpose of our research was to conduct a preliminary assessment of the participants to learn about their skills and expectations before the cyber exercise. This assessment was used for fine-tuning the exercise. To achieve this, we identified common trends in the participants’ interests during the cyber exercise. The preliminary assessment was carried out as a web survey. The responses were cross tabulated to find meaningful indicators related to skills and interests of the participant group. We identified the most and least preferred knowledge areas for both the industry and public sector participants. Our findings show that the most interesting knowledge areas of all respondents were primarily technical in nature (Data Security, Connection Security, System Security), but Organisational Security was also reported. The least interesting knowledge areas were mostly non-technical in nature (Human Security, Organisational Security, Societal Security) but also Component Security was reported. We also enquired about the preferred team size. The majority of the respondents preferred a team size of three to four persons. The preferred single session duration was 46–60 minutes. The results help cybersecurity professionals to match their knowledge needs with the existing cybersecurity proposition and to determine the right and most beneficial training for them. The results also assist the providers of cyber training and other exercises to describe the targeted development of specific cybersecurity and other knowhow in a coherent, standard-like, way.
{"title":"Participants Prefer Technical Hands-on Cyber Exercises Instead of Organisational and Societal Ones","authors":"Jani Päijänen, J. Salonen, A. Karinsalo, T. Sipola, T. Kokkonen","doi":"10.34190/eccws.22.1.1196","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1196","url":null,"abstract":"The current shortage of cybersecurity professionals is about 2 million people worldwide, and in Europe the industry is seeking for about 350 000 skilled professionals. There is also an enormous need for dedicated cybersecurity training courses for existing professionals who wish to acquire completely new skills or maintain their current ones. Due to the lack of new skilled workforce, the current cybersecurity personnel are overworked in their work. In order not to waste the valuable time of cybersecurity professionals with unnecessary training, cyber exercises should be well prepared. This article is based on research conducted in a European collaborative project and more specifically, a cyber exercise organised in early 2022. The purpose of our research was to conduct a preliminary assessment of the participants to learn about their skills and expectations before the cyber exercise. This assessment was used for fine-tuning the exercise. To achieve this, we identified common trends in the participants’ interests during the cyber exercise. The preliminary assessment was carried out as a web survey. The responses were cross tabulated to find meaningful indicators related to skills and interests of the participant group. We identified the most and least preferred knowledge areas for both the industry and public sector participants. Our findings show that the most interesting knowledge areas of all respondents were primarily technical in nature (Data Security, Connection Security, System Security), but Organisational Security was also reported. The least interesting knowledge areas were mostly non-technical in nature (Human Security, Organisational Security, Societal Security) but also Component Security was reported. We also enquired about the preferred team size. The majority of the respondents preferred a team size of three to four persons. The preferred single session duration was 46–60 minutes. The results help cybersecurity professionals to match their knowledge needs with the existing cybersecurity proposition and to determine the right and most beneficial training for them. The results also assist the providers of cyber training and other exercises to describe the targeted development of specific cybersecurity and other knowhow in a coherent, standard-like, way.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123750364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1013
Ladislav Burita, Aneta Coufalikova, Kamil Halouzka
The published study is a part of the long-term research of emails with phishing attacks against the article's author. In the previous three years, 3 experiments were carried out to analyze phishing emails. The result is their detailed classification. The subsequent experiment was focused on defense against phishing attacks using the rules of the MS Outlook email client. The last experiment, which is the article's content, is devoted to analyzing communications with phishing attackers. A fake identity was created for the experiment and security rules were set up. A total of 100 phishing emails were answered, with a preference for those whose content was not aimed at fulfilling any request; that was clarified during the communications. The conducted literature search confirmed the assumption that no one is engaged in similar research, so the results of the research may be more interesting for the cybersecurity community. The articles of the literary research are focused on the issue of social engineering from an interdisciplinary perspective. A great deal of attention has also been oriented on the influence of social networks on people information perception or on their exploitation in cyber-attacks. The result of the study is a statistical analysis of communications and a detailed analysis of its content. Out of 100 replies to the phishing email, 32 (32%) were answered by the phisher. The longest communications had 6 cycles. If the phisher insisted aggressively on personal information, the communications was terminated. From the content of the communications, the attacker's procedures and his argumentation to obtain the required information were primarily examined. A detailed analysis of the texts from the communications aimed to answer the question of whether the phisher is a robot or a person. Further considerations are being made within the team on how to continue researching phishing attacks.
{"title":"How to safely communicate with a phishing attacker by email?","authors":"Ladislav Burita, Aneta Coufalikova, Kamil Halouzka","doi":"10.34190/eccws.22.1.1013","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1013","url":null,"abstract":"The published study is a part of the long-term research of emails with phishing attacks against the article's author. In the previous three years, 3 experiments were carried out to analyze phishing emails. The result is their detailed classification. The subsequent experiment was focused on defense against phishing attacks using the rules of the MS Outlook email client. The last experiment, which is the article's content, is devoted to analyzing communications with phishing attackers. A fake identity was created for the experiment and security rules were set up. A total of 100 phishing emails were answered, with a preference for those whose content was not aimed at fulfilling any request; that was clarified during the communications. The conducted literature search confirmed the assumption that no one is engaged in similar research, so the results of the research may be more interesting for the cybersecurity community. The articles of the literary research are focused on the issue of social engineering from an interdisciplinary perspective. A great deal of attention has also been oriented on the influence of social networks on people information perception or on their exploitation in cyber-attacks. The result of the study is a statistical analysis of communications and a detailed analysis of its content. Out of 100 replies to the phishing email, 32 (32%) were answered by the phisher. The longest communications had 6 cycles. If the phisher insisted aggressively on personal information, the communications was terminated. From the content of the communications, the attacker's procedures and his argumentation to obtain the required information were primarily examined. A detailed analysis of the texts from the communications aimed to answer the question of whether the phisher is a robot or a person. Further considerations are being made within the team on how to continue researching phishing attacks.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128674746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1201
Gazmend Huskaj, Stefan Axelsson
Technological advancements in information and communications technologies and related hardware and software have positively transformed the political, military, economic and social domains in all countries around the globe. These technologies are imperfect, and States and state-sponsored threat actors are exploiting flaws in hardware and software for various types of attacks. Furthermore, the same threat actors exploit software technologies to spread disinformation and disseminate false information to mislead public opinion. This research article reviews the discourse of the scientific community on disinformation. The purpose is to understand where the research focus lies and who the researchers are the co-authors, and the publication venues. This research article reviews the scientific literature using the computational literature review, a semi-automated review method and the structural topical modelling framework to understand trends in the research. Of 3 097 documents published in 1 700 publication venues between 1974 to 2022, 704 were analysed. The results reveal 46 topics on issues such as rumours and disinformation spread during the Covid-19 pandemic, Soviet and Russian Information Warfare, and Trolls and health-related themes and effects.
{"title":"A State-of-the-art of Scientific Research on Disinformation","authors":"Gazmend Huskaj, Stefan Axelsson","doi":"10.34190/eccws.22.1.1201","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1201","url":null,"abstract":"Technological advancements in information and communications technologies and related hardware and software have positively transformed the political, military, economic and social domains in all countries around the globe. These technologies are imperfect, and States and state-sponsored threat actors are exploiting flaws in hardware and software for various types of attacks. Furthermore, the same threat actors exploit software technologies to spread disinformation and disseminate false information to mislead public opinion. This research article reviews the discourse of the scientific community on disinformation. The purpose is to understand where the research focus lies and who the researchers are the co-authors, and the publication venues. This research article reviews the scientific literature using the computational literature review, a semi-automated review method and the structural topical modelling framework to understand trends in the research. Of 3 097 documents published in 1 700 publication venues between 1974 to 2022, 704 were analysed. The results reveal 46 topics on issues such as rumours and disinformation spread during the Covid-19 pandemic, Soviet and Russian Information Warfare, and Trolls and health-related themes and effects.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124553601","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1442
Didier Danet
The digital space is now an active area of conflict. Attacks take many forms, to the point where concepts multiply and overlap. One concept in particular raises important questions: cognitive warfare. Cognitive warfare is an issue of concern to all countries, but there are very significant differences in approach between countries such as the United States or France and countries such as Russia, Iran or China. We try to show that these very different approaches leave Western countries unprepared for a global threat and poorly identified vulnerabilities. The concept of cognitive security therefore appears to be a promising avenue for reflection.
{"title":"Cognitive Security: Facing Cognitive Operations in Hybrid Warfare1","authors":"Didier Danet","doi":"10.34190/eccws.22.1.1442","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1442","url":null,"abstract":"The digital space is now an active area of conflict. Attacks take many forms, to the point where concepts multiply and overlap. One concept in particular raises important questions: cognitive warfare. Cognitive warfare is an issue of concern to all countries, but there are very significant differences in approach between countries such as the United States or France and countries such as Russia, Iran or China. We try to show that these very different approaches leave Western countries unprepared for a global threat and poorly identified vulnerabilities. The concept of cognitive security therefore appears to be a promising avenue for reflection.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133939606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1093
Thenjiwe Sithole, J. D. Toit, S. V. Solms
In recent years, there have been intensifying cyber risks and volumes of cyber incidents prompting a significant shift in the cyber threat landscape. Both nation-state and non-state actors are increasingly resolute and innovative in their techniques and operations globally. These intensifying cyber risks and incidents suggest that cyber capability is inversely proportional to cyber risks, threats and attacks. Therefore, this confirms an emergent and critical need to adopt and invest in intelligence strategies, predominantly cyber counterintelligence (CCI), which is a multi-disciplinary and proactive measure to mitigate risks and counter cyber threats and cyber-attacks. Concurrent with the adoption of CCI is an appreciation that requisite job roles must be defined and developed. Notwithstanding the traction that CCI is gaining, we found no work on a clear categorisation for the CCI job roles in the academic or industry literature surveyed. Furthermore, from a cybersecurity perspective, it is unclear which job roles constitute the CCI field. �This paper stems from and expands on the authors’ prior research on developing a CCI Competence Framework. The proposed CCI Competence Framework consists of four critical elements deemed essential for CCI workforce development. In order of progression, the Framework’s elements are: CCI Dimensions (passive-defensive, active-defensive, passive-offensive, active-offensive), CCI Functional Areas (detection, deterrence, deception, neutralisation), CCI Job Roles (associated with each respective Functional Area), and Tasks and Competences (allocated to each job role). Pivoting on prior research on CCI Dimensions and CCI Functional Areas, this paper advances a proposition on associated Job Roles in a manner that is both intelligible and categorised. �To this end, the paper advances a five-step process that evaluates and examines Counterintelligence and Cybersecurity Job Roles and functions to derive a combination of new or existing Job Roles required for the CCI workforce/professionals. Although there are several cybersecurity frameworks for workforce development, establishing the CCI Job Roles is specifically based on the expression of the Job Roles defined in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.
{"title":"A Cyber Counterintelligence Competence Framework: Developing the Job Roles","authors":"Thenjiwe Sithole, J. D. Toit, S. V. Solms","doi":"10.34190/eccws.22.1.1093","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1093","url":null,"abstract":"In recent years, there have been intensifying cyber risks and volumes of cyber incidents prompting a significant shift in the cyber threat landscape. Both nation-state and non-state actors are increasingly resolute and innovative in their techniques and operations globally. These intensifying cyber risks and incidents suggest that cyber capability is inversely proportional to cyber risks, threats and attacks. Therefore, this confirms an emergent and critical need to adopt and invest in intelligence strategies, predominantly cyber counterintelligence (CCI), which is a multi-disciplinary and proactive measure to mitigate risks and counter cyber threats and cyber-attacks. Concurrent with the adoption of CCI is an appreciation that requisite job roles must be defined and developed. Notwithstanding the traction that CCI is gaining, we found no work on a clear categorisation for the CCI job roles in the academic or industry literature surveyed. Furthermore, from a cybersecurity perspective, it is unclear which job roles constitute the CCI field. \u0000This paper stems from and expands on the authors’ prior research on developing a CCI Competence Framework. The proposed CCI Competence Framework consists of four critical elements deemed essential for CCI workforce development. In order of progression, the Framework’s elements are: CCI Dimensions (passive-defensive, active-defensive, passive-offensive, active-offensive), CCI Functional Areas (detection, deterrence, deception, neutralisation), CCI Job Roles (associated with each respective Functional Area), and Tasks and Competences (allocated to each job role). Pivoting on prior research on CCI Dimensions and CCI Functional Areas, this paper advances a proposition on associated Job Roles in a manner that is both intelligible and categorised. \u0000To this end, the paper advances a five-step process that evaluates and examines Counterintelligence and Cybersecurity Job Roles and functions to derive a combination of new or existing Job Roles required for the CCI workforce/professionals. Although there are several cybersecurity frameworks for workforce development, establishing the CCI Job Roles is specifically based on the expression of the Job Roles defined in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130979176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.34190/eccws.22.1.1207
C. Lipps, Annika Tjabben, Matthias Rüb, Jan Herbst, S. P. Sanon, Rekha Reddy, Yorman Munoz, H. Schotten
Intelligent, comprehensive and, above all, secure wireless interconnection is the driving force behind technological progress. To ensure this, the development towards Sixth Generation (6G) Wireless Systems has been launched and is scheduled to be operational by 2030. This data technology of the future turns 6G into the infrastructure of a new generation of mobile, intelligent, and context-sensitive services, available everywhere and featuring high trustworthiness and performance, relying on both, network-side and off-network context sources. In addition, the networks themselves ought to become intelligent and thus more efficient and resource-saving, which requires a high degree of automated utilization of Artificial Intelligence (AI). Building upon the principles of information and communication theory for both the physical (bit)-transmission layer (PHY) and media access, new communication concepts for 6G will be developed providing the foundations for research into new single and multi-user operation, access and core networks. The flip side of this coin of opportunities: Sophisticated technology inevitably leads to additional security vulnerabilities, open access systems and Open-Radio Access Network (O-RAN) approaches imply new attack vectors. The holistic interconnection of everything renders it ever more attractive to attackers to harm systems, and create damage. Furthermore, enhanced computational power along with quantum computers make conventional systems more vulnerable than ever, and the value of the transmitted data increases tremendously: It is not only machine and sensor data, but also very personal and healthcare data transmitted with 6G. Therefore, the aim is to build a resilient and secure 6G system capable of recognizing attacks and uncertainties, flexibly absorbing them, recovering in a timely and sustainable manner, and compensating for impaired functionality through transformation. This holistic resilience-by-design approach is based, among other things, on technology such as Quantum Key Distribution (QKD) and Post Quantum-Crypto to achieve end-to-end security, Reconfigurable Intelligent Surfaces (RISs) to rely, control and manipulate the wireless transmission channel, Wireless Optical Communication (WOC), Physical Layer Security (PhySec), but also Body Area Networks (BANs), the integration of the human body relying on biometrics and the Tactile Internet (TI). These concepts will be discussed and shed light on in the scope of this work.
{"title":"Designing Security for the Sixth Generation: About Necessity, Concepts and Opportunities","authors":"C. Lipps, Annika Tjabben, Matthias Rüb, Jan Herbst, S. P. Sanon, Rekha Reddy, Yorman Munoz, H. Schotten","doi":"10.34190/eccws.22.1.1207","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1207","url":null,"abstract":"Intelligent, comprehensive and, above all, secure wireless interconnection is the driving force behind technological progress. To ensure this, the development towards Sixth Generation (6G) Wireless Systems has been launched and is scheduled to be operational by 2030. This data technology of the future turns 6G into the infrastructure of a new generation of mobile, intelligent, and context-sensitive services, available everywhere and featuring high trustworthiness and performance, relying on both, network-side and off-network context sources. In addition, the networks themselves ought to become intelligent and thus more efficient and resource-saving, which requires a high degree of automated utilization of Artificial Intelligence (AI). Building upon the principles of information and communication theory for both the physical (bit)-transmission layer (PHY) and media access, new communication concepts for 6G will be developed providing the foundations for research into new single and multi-user operation, access and core networks. The flip side of this coin of opportunities: Sophisticated technology inevitably leads to additional security vulnerabilities, open access systems and Open-Radio Access Network (O-RAN) approaches imply new attack vectors. The holistic interconnection of everything renders it ever more attractive to attackers to harm systems, and create damage. Furthermore, enhanced computational power along with quantum computers make conventional systems more vulnerable than ever, and the value of the transmitted data increases tremendously: It is not only machine and sensor data, but also very personal and healthcare data transmitted with 6G. Therefore, the aim is to build a resilient and secure 6G system capable of recognizing attacks and uncertainties, flexibly absorbing them, recovering in a timely and sustainable manner, and compensating for impaired functionality through transformation. This holistic resilience-by-design approach is based, among other things, on technology such as Quantum Key Distribution (QKD) and Post Quantum-Crypto to achieve end-to-end security, Reconfigurable Intelligent Surfaces (RISs) to rely, control and manipulate the wireless transmission channel, Wireless Optical Communication (WOC), Physical Layer Security (PhySec), but also Body Area Networks (BANs), the integration of the human body relying on biometrics and the Tactile Internet (TI). These concepts will be discussed and shed light on in the scope of this work.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128814002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: