Adversary Targeting of Civilian Telecommunications Infrastructure

The impact of computer and communications systems in recent decades has not bypassed the national security of states in general, and the State of Israel in particular. Most systems in developed societies rely on computer and information infrastructures, and this growing dependence on information and communication technologies means that a blow to computers and information flow processes is liable to disrupt, paralyze, and sometimes even cause substantive physical damage to essential systems. Computer-based capabilities and their near-global ubiquity expose states to harm in cyberspace by various elements, including hostile countries, terrorist organizations, criminal elements, and even individuals driven by personal challenges or anarchist motives. The threat is particularly acute as management, control, and monitoring systems can be disrupted through changes to a computer program, and no physical attack is needed. Thus, it stands to reason that the face of future conflicts will be transformed beyond recognition. The strength of a sovereign state is a function of economic, societal, and scientific strength combined with military strength, and the purpose of the military strength is to protect the state's territory and its citizens so that they can cultivate and maintain economic strength. The vulnerability of computers and communications systems to cyber attacks entails a dramatic change in the concept of military strength. For the first time, it is possible to mortally wound national economic strength by paralyzing economic and civilian systems without using firepower and force maneuvers. Thus, the ability of states to operate in cyberspace for Dr. Col. (ret.) Gabi Siboni is head of the Military and Strategic Affairs Program at INSS and head of the Cyber Warfare Program at INSS, supported by the Philadelphia-based Joseph and Jeanetter Neubauer Foundation.

Polish Political Science Review

The ongoing escalation of animosities between the United States, the Russian Federation and the People’s Republic of China is beginning to resemble the Cold War, which as a historical period might have ended in the twentieth century, but still endures as a state of hostilities between the countries, expressed in the form of an indirect conflict. These countries are actively growing their cyber capabilities that enable indirect and covert operations aimed at their opponents. In cyberspace, the states involved express the hostilities and the aims they try to achieve in the least detectable way. As a result, cyberspace has been securitized. It has been recognized by NATO as a domain of activities. In the United States, the National Cybersecurity Strategy has been published, recognizing cyberspace as an integral part of the economy and defence. A similar document called the Information Security Doctrine was issued in the Russian Federation, which manifests Russia’s aspirations in the fi...

E. G. Carayannis et al. (eds.), Handbook of Cyber-Development, Cyber-Democracy, and Cyber-Defense, 2018

This chapter argues for a global strategic framework of operational capacity and resilience in the field of cyber-security reflected toward NATO’s current and future policies on security resilience. The chapters examines and discusses interoperability of aims and objectives in cyber-security as a global necessity so we may define law, rules and regulations, policy attributions, and authorities. It analyzes possible structures that are needed to be put in place on a global scale to defend security structures and members of the Alliance, reflecting issues of cyber-security. The chapter aims to define current threats and future challenges. Cyber-attacks are elements of asymmetrical or hybrid threats. The future of e-safety lays at the global estimation of cooperation against specified or approximate threats.

They do not necessarily reflect the policy or the opinion of NATO CCDCOE, NATO, or any agency or any government. NATO CCDCOE may not be held responsible for any loss or harm arising from the use of information contained in this book and is not responsible for the content of the external sources, including external websites referenced in this publication.

PowerGen Europe 2017 Conference, Cologne-GERMANY, 2017

The need to access to the information in a fast and reliable way has become an inevitable and urgent requirement within the scope of technological advances. Both the need of accessing to the information and the necessity to protect the information from malware and attackers, emphasize once more that the information security and cyber defense should be underlined with great attention. Today, the number of the systems, which do not interact with IT infrastructure, is quite insignificant. Critical infrastructures are managed centrally by using IT infrastructure. Security of critical infrastructures has become a main problem on its own. The notion of cyber-attacks is generally perceived as premeditated disruptive activities against computer networks, computer programs and data to create chaos and impair functioning infrastructures. Despite significant investment in technology and infrastructure, cyber-attacks represent one of the greatest challenges in information security. Cyber-attacks primarily pose threats to Internet-based applications and can disable a country’s power or other assets, which are connected to the Internet. By penetrating computer systems that control the energy and other basic services in a country, cyber-attacks can bring down a national service, causing serious cascading effects to create chaos and destabilize a country. Cyber-attacks do not pose a direct threat to infrastructures that are completely isolated from the internet but these infrastructures may be vulnerable to cyber sabotage (e.g. manual importing of virus). With this article, importance of the information and critical infrastructure security and cyber defense will be discussed by proposing solutions against cyber-attacks and possible cyber-attacks regarding the preventive enterprise applications and security of critical infrastructures like power generation and SCADA systems.

2020

 NATO's nuclear capability is provided by the US and the UK. The modernization of systems and arsenals held by both states is proceeding apace. This has involved-and continues to involvethe integration and use of increasingly sophisticated new technologies within their nuclear programmes, including in their respective command, control and communication (C3) systems.  Cyber operations targeting NATO members' C3 systems and their assets, including nuclear assets, are also increasingly sophisticated in nature. While cybersecurity is a serious concern, and there is acknowledgment of the potential magnitude of cyberattacks, documentation available in the public domain indicates the need for NATO and its members to put in place further measures to ensure the cybersecurity of C3 systems, including those of nuclear systems (NC3). This is all the more pertinent given that some Allies' military capabilities still include legacy systems from the Soviet era. Ensuring Cyber Resilience in NATO's Command, Control and Communication Systems | Chatham House 3

King's College London, 2024

In recent years, the threat of cyber warfare has emerged as a significant concern, targeting not only government entities but also civilian companies and critical infrastructure. Unlike traditional warfare, the insidious nature of cyberattacks instils fear and disrupts economies without warning. Despite this growing threat, there remains a noticeable gap in cybersecurity awareness and preparedness among civilian entities. This research aims to comprehensively evaluate the impact of cyber warfare on these sectors, focusing on periods of geopolitical tension to identify correlations and vulnerabilities. The study will employ an observational exploratory and longitudinal approach, analysing both quantitative and qualitative data to reveal patterns and trends. Furthermore, it will examine common attack vectors and their impacts, providing a detailed assessment of the methods used by cyber attackers and the resulting damages[3]. The research seeks to underscore the urgent need for robust cybersecurity measures and propose actionable recommendations for governments and companies to effectively mitigate these risks and foster greater resilience against evolving cyber threats. This study aspires to advance national security and protect civilian infrastructures through improved cybersecurity strategies and policy development.

This article studies the Federated Advanced Cyber Physical Test range (FACT), a new initiative launched by the European Defence Fund (EDF) in December 2023 to develop a next-generation European cyber test-bed capability. The dependence of military and civil-urban infrastructures on digital and IoT systems underscores the need for and importance of a European cyber range to test military equipment on its cyber resilience. The article addresses the cyber vulnerability of these infrastructures under the current context of hybrid warfare and foreign cyber potential. The FACT case study underlines how this initiative embodies a capability that has yet to be achieved in the current EU framework by creating a shared cyber range test-bed. The analysis of pertinent EU-based NATO-owned cyber infrastructure also emphasises the existing future potential for appropriation and integration into a new European cyber architecture. Finally, the article stresses how FACT shows the potential and political willingness to change European cyber-resilience and interoperability in the long-term.

Access to the cyber domain has ultimately become one of the key "power sources" of prosperity. The dependence of our information society on the availability and integrity as well as on the reliability and confidentiality of data, information and knowledge makes it particularly susceptible to cyber threats. Risk management needs to strive for a balance between threats, vulnerabilities and consequences. Yet, it must no longer be performed only preventively and statically, but must rather be able to be adapted dynamically to the situation development. The dovetailing of military and civil networks constitutes a special risk for the armed forces because instabilities and failures of the common cyber infrastructure may also affect their operational readiness. The cyber domain is particularly exposed to risk especially in military conflicts due to its great vulnerability from a large distance and due to the anonymity of the attacker. However, armed forces should not only perceive the threats of this domain but also concentrate on the opportunities it provides. Modern states are completely right in acknowledging the importance of the domain of cyber. Technology moves quickly. Evolving technology is accelerating the flow of information, placing unique pressures on decision-making and action. The potential for cascading effects is amplified by the interconnectedness of cyberspace. We better prepare for a demanding new kind of challenge -in society, business and security.