Safeguarding Australia from cyber-terrorism : a proposed cyber-terrorism SCADA risk framework for Australia

Terrorist groups are currently using information and communication technologies (ICTs) to orchestrate their conventional physical attacks. More recently, terrorists have been developing a new form of capability within the cyber-arena to coordinate cyber-based attacks. This paper identifies that cyber-terrorism capabilities are an integral, imperative, yet under-researched component in establishing, and enhancing cyber-terrorism risk assessment models for SCADA systems. This paper is an extension of work previously published by Beggs and
Warren 2008, it presents a high level overview of a cyber-terrorism SCADA risk framework that has been adopted and validated by SCADA industry practitioners. The paper proposes a managerial framework which is designed to measure and protect SCADA systems from the threat of cyber-terrorism within Australia. The findings and results of an industry focus group are presented in support of the developed framework for SCADA industry adoption and acceptance.

Safeguarding Australia from cyber-terrorism : a proposed cyber-terrorism SCADA risk framework for industry adoption

Terrorist groups are currently using information and communication technologies (ICTs) to orchestrate their conventional physical attacks. More recently, terrorists have been developing a new form of capability within the cyber-arena to  coordinate cyber-based attacks. This paper identifies that cyber-terrorism capabilities are an integral, imperative, yet under-researched component in establishing, and enhancing cyber-terrorism risk assessment models for SCADA systems.

This paper is an extension of work previously published by Beggs and Warren 2008, it presents a high level overview of a cyber-terrorism SCADA risk framework that has been adopted and validated by SCADA industry practitioners. The paper proposes a managerial framework which is designed to measure and protect SCADA systems from the threat of cyber-terrorism within Australia. The findings and results of an industry focus group is presented in support of the developed framework for SCADA industry adoption and acceptance.

Safeguarding Australia from cyber-terrorism : a SCADA risk framework

Terrorist groups are currently using information and communication technologies (ICTs) to orchestrate their conventional attacks. More recently, terrorists have been developing a new form of capability within the cyber-arena to coordinate cyber-based attacks. This chapter identifies that cyber-terrorism capabilities are an integral, imperative, yet under-researched component in establishing, and enhancing cyber-terrorism risk assessment models for SCADA systems. This chapter examines a cyber-terrorism SCADA risk framework that has been adopted and validated by SCADA industry practitioners. The chapter proposes a high level managerial framework, which is designed to measure and protect SCADA systems from the threat of cyber-terrorism within Australia. The findings and results of an industry focus group are presented in support of the developed framework for SCADA industry acceptance.

Computer hacking and cyber terrorism: The real threats in the new millennium?

As the new millennium approaches, we are living in a society that is increasingly dependent upon information technology. However, whilst technology can deliver a number of benefits, it also introduces new vulnerabilities that can be exploited by persons with the necessary technical skills. Hackers represent a well-known threat in this respect and are responsible for a significant degree of disruption and damage to information systems. However, they are not the only criminal element that has to be taken into consideration. Evidence suggests that technology is increasingly seen as potential tool for terrorist organizations. This is leading to the emergence of a new threat in the form of 'cyber terrorists', who attack technological infrastructures such as the Internet in order to help further their cause. The paper discusses the problems posed by these groups and considers the nature of the responses necessary to preserve the future security of our society.

The war of attrition in cyber-space or "cyber-attacks", "cyber-war" and "cyber-terrorism"

Nos últimos anos tornou-se óbvio que o mundo virtual das bases de dados e do software – popularmente denominado como ciberespaço – tem um lado negro. Este lado negro tem várias dimensões, nomeadamente perda de produtividade, crime financeiro, furto de propriedade intelectual, de identidade, bullying e outros. Empresas, governos e outras entidades são cada vez mais alvo de ataques de terceiros com o fim de penetrarem as suas redes de dados e sistemas de informação. Estes vão desde os adolescentes a grupos organizados e extremamente competentes, sendo existem indicações de que alguns Estados têm vindo a desenvolver “cyber armies” com capacidades defensivas e ofensivas. Legisladores, políticos e diplomatas têm procurado estabelecer conceitos e definições, mas apesar da assinatura da Convenção do Conselho da Europa sobre Cibercrime em 2001 por vários Estados, não existiram novos desenvolvimentos desde então. Este artigo explora as várias dimensões deste domínio e enfatiza os desafios que se colocam a todos aqueles que são responsáveis pela proteção diária da informação das respetivas organizações contra ataques de origem e objetivos muitas vezes desconhecidos.

Safeguarding Australia from cyber-terrorism: a SCADA risk framework

Terrorist groups are currently using information and communication technologies (ICTs) to orchestrate their conventional attacks. More recently, terrorists have been developing a new form of capability within the cyber-arena to coordinate cyber-based attacks. This chapter identifies that cyber-terrorism capabilities are an integral, imperative, yet under-researched component in establishing, and enhancing cyber-terrorism risk assessment models for SCADA systems. This chapter examines a cyber-terrorism SCADA risk framework that has been adopted and validated by SCADA industry practitioners. The chapter proposes a high level managerial framework, which is designed to measure and protect SCADA systems from the threat of cyber-terrorism within Australia. The findings and results of an industry focus group are presented in support of the developed framework for SCADA industry acceptance.

Cyber warfare: a multidisciplinary analysis

Cyber warfare is an increasingly important emerging phenomenon in international relations. The focus of this edited volume is on this notion of cyber warfare, meaning interstate cyber aggression, as distinct from cyber-terrorism or cyber-crime. Waging warfare in cyberspace has the capacity to be as devastating as any conventional means of conducting armed conflict. However, while there is a growing amount of literature on the subject within disciplines, there has been very little work done on cyber warfare across disciplines, which necessarily limits our understanding of it. This book is a major multidisciplinary analysis of cyber warfare, featuring contributions by world-leading experts from a mixture of academic and professional backgrounds.

A proposed cyber-terroism SCADA risk framework concept for Australia

Terrorist groups are in theory currently using information and communication technologies (ICTs) to orchestrate their conventional attacks. More recently, terrorists have been developing a new form of capability within the cyber arena to coordinate cyber based attacks. This paper examines a proposed cyber-terrorism SCADA risk framework concept. The paper proposes a conceptual framework which is designed to measure and protect the threat of cyber-terrorism against SCADA systems within Australia. The findings and results of a focus group will be examined to help validate the framework concept.

A national information infrastructure model for information warfare defence

Information infrastructures are an eclectic mix of open and closed networks, private and public systems, the Internet, and government, military, and civilian organisations. Significant efforts are required to provide infrastructure protection, increase cooperation between sectors, and identify points of responsibility. The threats to infrastructures are many and various, and are increasing daily: information warfare, hackers, terrorists, criminals, activists, and even competing organisations all pose significant threats that cannot be sufficiently dealt with using the current infrastructure model. We present a National Information Infrastructure model that is based on defence against threats such as information warfare.

Cibercrimen y ciberterrorismo : ¿exageración mediática o realidad?

La expansión de las tecnologías de la información y las comunicaciones (TIC) ha traído muchas ventajas, pero también algunos peligros. Son frecuentes hoy en día las noticias sobre delitos relacionados con las TIC. Se usa a menudo el término cibercrimen y el de ciberterrorismo pero, ¿realmente son una amenaza para la sociedad?. Este trabajo realiza un análisis del cibercrimen y el ciberterrorismo. Para ello se hace un estudio en profundidad desde distintos puntos de vista. En primer lugar se analizan varios aspectos básicos de la materia: el contexto en el que se desarrollan estas actividades, el ciberespacio y sus características, las ventajas que tiene el cibercrimen respecto a la delincuencia tradicional, características y ejemplos de ciberterrorismo y la importancia de la protección de las infraestructuras críticas. Luego se realiza un estudio del mundo del cibercrimen, en el cual se muestran los distintos tipos de cibercriminales, los actos delictivos, herramientas y técnicas más habituales usadas por el cibercrimen, la web profunda y la criptomoneda; se indican asimismo varios de los grupos criminales más conocidos y algunas de sus acciones, y se realiza un estudio de las consecuencias económicas del cibercrimen. Finalmente se hace un repaso a los medios legales que distintos países y organizaciones han establecido para combatir estos hechos delictivos. Para ello se analizan estrategias de seguridad de distinto tipo aprobadas en multitud de países de todo el mundo y los grupos operativos de respuesta (tanto los de tipo policial como los CSIRT/CERT), además de la legislación publicada para poder perseguir el cibercrimen y el ciberterrorismo, con especial atención a la legislación española. De esta manera, tras la lectura de este Proyecto se puede tener una visión global completa del mundo de la ciberdelincuencia y el ciberterrorismo. ABSTRACT. The expansion of Information and Communications Technology (ITC) has brought many benefits, but also some dangers. It is very usual nowadays to see news about ITC-related crimes. Terms like cyber crime and cyber terrorism are usually used but, are they really a big threat for our society?. This work analyzes cyber crime and cyber terrorism. To achieve it, a deep research under different points of view is made. First, basic aspects of the topic are analyzed: the context where these activities are carried out, cyber space and its features, benefits for cyber criminals with respect to traditional crime, characteristics and relevant examples of cyber terrorism, and importance of critical infrastructures protection. Then, a study about the world of cyber crime is made, analyzing the typology of different kinds of cyber criminals, the most common criminal acts, tools and techniques used by cyber crime, and the deep web and cryptocurrency. Some of the most known criminal groups and their activities are also explored, and the economic consequences of cyber crime are assessed. Finally, there is a review of the legal means used by countries and organizations to fight against these unlawful acts; this includes the analysis of several types of security strategies approved by countries all around the world, operational response groups (including law enforcement and CSIRT/CERT) and legislation to fight cyber crime and cyber terrorism, with special emphasis on Spanish legal rules. This way, a global, complete view of the world around cyber crime and cyber terrorism can be obtained after reading this work.

Native language identification (NLID) for forensic authorship analysis of weblogs

This chapter introduces Native Language Identification (NLID) and considers the casework applications with regard to authorship analysis of online material. It presents findings from research identifying which linguistic features were the best indicators of native (L1) Persian speakers blogging in English, and analyses how these features cope at distinguishing between native influences from languages that are linguistically and culturally related. The first chapter section outlines the area of Native Language Identification, and demonstrates its potential for application through a discussion of relevant case history. The next section discusses a development of methodology for identifying influence from L1 Persian in an anonymous blog author, and presents findings. The third part discusses the application of these features to casework situations as well as how the features identified can form an easily applicable model and demonstrates the application of this to casework. The research presented in this chapter can be considered a case study for the wider potential application of NLID.

Islamist Cyber Networks in Spanish-Speaking Latin America

Despite significant concern among policy, law enforcement and intelligence communities in the United States (U.S.) over the possible spread of radical Islamist thought throughout the world as part of a global jihad movement, there has been little investigation into the growing cyber networks in Latin America that promote strong anti-Semitic and anti-U.S. messages. This paper offers an overview of that network, focusing on the structure of Shi’ite websites that promote not only religious conversion but are also supportive of Iran -- a designated State-sponsor of terrorism – its nuclear program. Hezbollah, and the “Bolivarian revolution” led by Venezuelan President Hugo Chávez and his allies in Bolivia, Ecuador and Nicaragua. There is also a smaller group of Sunni Muslim websites, mostly tied to the legacy organizations of the Muslim Brotherhood. Many of the Shi’ite websites are linked to each other consistently portray Israel as a Nazi State, and the United States as an imperialist war monger. The Palestinian issue is frequently juxtaposed with the anti-imperialist struggle that those states supporting Chávez’ Bolivarian revolution claim to wage against the United States. Some of the Islamist websites claim thousands of new convert, but such claims are difficult to verify. Most of the websites visited touted the conversion of one or two individuals as significant victories and signs of progress, implying that there are few, if any, mass conversions. While conducting this research, no websites directly claiming to be linked to Hezbollah were found, although there numerous sites hosted by that group that were active until around 2006. Several of the inactive links are supportive of Hezbollah as a political party. No websites linked to al Qaeda were found. Yet a substantial Internet network remains operational. Much of the outreach for Shi’ite Muslims, closely tied to Iran, is sponsored on numerous websites across the region, including El Salvador, Chile, Ecuador, Colombia, Mexico and Bolivia. Numerous Facebook forums for discussion are also hosted around Latin America. These links must be viewed in the context of the rapidly expanding diplomatic, intelligence, political and economic ties of Iran in recent years with the self-proclaimed Bolivarian states. Given the sparse literature available and the rich vein of un-mined information on the sites cited as well as others that one could find with additional research, the cyber network of Islamist groups remains one of the least understood or studied facets of their presence in Latin America and the Caribbean. It merits significantly more investigation.