DOCSLIB.ORG

Cyber Wargaming: Finding, Designing, and Playing Wargames for Cyber Security Education

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Wargaming: Finding, Designing, and Playing Wargames for Cyber Security Education Cyber Wargaming: Finding, Designing, and Playing Wargames for Cyber Security Education Andreas Haggman Submitted to Royal Holloway, University of London for the award of Doctor of Philosophy in Information Security Supervised by Professor Keith Martin Professor Klaus Dodds February 2019 1 Declaration of authorship I, Andreas Haggman, hereby declare that this thesis and the work presented in it is entirely my own. Where I have consulted the work of others, this is always clearly stated. Signed: Date: 2 Abstract This thesis investigates, and contributes to, the use of wargaming in cyber security education. Wargaming has a rich history of pedagogic use, but little work exists that addresses the critically important subject of cyber security. Cyber security is a global problem that frequently makes news headlines, yet the field is dogged with a reputation as a domain only for technologists, when in fact cyber security requires a whole gamut of approaches to be properly understood. The thesis is broadly divided into three parts. The first part is a comprehensive literature review of wargaming scholarship, analysing the benefits and drawbacks of wargaming, and some of the justifications for why a tabletop boardgame may be more effective than a game enhanced by technology. Following on from this, the thesis provides an outline of current work in cyber wargaming by analysing existing games, evaluating their contributions as educational tools, and identifying successful game mechanics and components. The second part of the thesis outlines the design process of an original wargame created for cyber security education and awareness training. The analysis outlines what the game design intends to achieve in terms of pedagogical outcomes and how the design evolved through the development process. In this part some methodological considerations around the research are also analysed, including how the thesis uses grounded theory and ethnography as academic underpinnings, and issues around the researcher’s positionality during fieldwork. The final part of the thesis reports on the deployment of the original game to a wide variety of organisations. Both quantitative and qualitative data is analysed to ascertain what players learned from playing the game and evaluates the effectiveness of the game by comparing it to previous theoretical findings. Finally, the researcher's experiences of conducting the thesis are evaluated with close reference to the identified methodological considerations. 3 Acknowledgements I want to acknowledge the stimulating and supportive Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London (funded by the EPSRC and the UK government (EP/K035584/1)). The CDT is an amazing programme and I am proud to have been a part of it. Thanks to Tom Mouat and Rob Black for helping arrange and take part in some of the most valuable game sessions; to Thorsten Kodalle for making possible one of the most incredible experiences of my professional life; and to Simon Shiu for believing in the research at its earliest stages. This thesis has been far from ordinary in many ways, and enormous thanks goes to my supervisors Klaus Dodds and Keith Martin for enduring more trials and tribulations than could reasonably be expected. Their advice and guidance has been nothing short of invaluable. Thanks to all the participants who played the game, whom I regret I cannot thank individually in these pages, but especially to my peers at Royal Holloway who contributed to early playtesting sessions when the game was, frankly, rubbish. Without their input the game would not be what it is today. Thanks to Kim Burchill for casting her expert eye over the final drafts to pick out my spelling and grammar errors. Thanks also to my parents for their nurture and care. Who knew lilla gubben would end up writing a PhD thesis?! Finally, on a personal level, my eternal gratitude goes to my partner Ellie, without whose support and understanding none of this would have been possible. Andreas Haggman Twickenham, February 2019 4 Table of Contents DECLARATION OF AUTHORSHIP 2 ABSTRACT 3 ACKNOWLEDGEMENTS 4 LIST OF FIGURES 8 LIST OF TABLES 9 CHAPTER 1: INTRODUCTION – WHY CYBER WARGAMING? 10 1.1 MOTIVATION 11 1.2 A DEARTH OF CYBER GAMES 12 1.3 GENESIS OF THE THESIS 14 1.4 THESIS STRUCTURE 16 1.5 KEY ORIGINAL CONTRIBUTIONS 18 CHAPTER 2: USES, ADVANTAGES, AND LIMITATIONS OF WARGAMING 19 2.1 USES OF WARGAMING 20 2.1.1 CATEGORISING THE USES OF WARGAMING 21 2.1.2 FUTURES AND ANTICIPATION 26 2.1.3 SKILLS 32 2.1.4 PLAY AND PLAYFULNESS 36 2.2 ADVANTAGES OF WARGAMING 39 2.2.1 ADVANTAGES OVER COMPUTERS 39 2.2.2 THE HUMAN FACTOR 43 2.2.3 COST 45 2.2.4 CREATIVITY 46 2.2.5 EXPERIENCE AND SIMULATION 47 2.2.6 FLEXIBILITY 48 2.2.7 SAFETY 49 2.3 LIMITATIONS OF WARGAMING 50 2.3.1 ABSTRACTION 50 2.3.2 OPPONENTS 53 2.3.3 OUTCOME 54 2.3.4 POLITICS OF REPRESENTATION 55 CHAPTER 2 CONCLUSION 57 CHAPTER 3: THE STATE OF PLAY – EXISTING CYBER WARGAMES 60 3.1 LUDIC COMPONENTS 64 3.1.1 GAMES THAT ARE PLAYABLE AND ENJOYABLE 64 3.1.2 GAMES THAT ARE NOT QUITE GAMES 69 3.2. ADVERSARIAL NATURE 72 3.2.1 PLAYER VERSUS PLAYER 73 5 3.2.2 PLAYER VERSUS SYSTEM 76 3.3 CARDS 78 3.4 SIMULATING UNPREDICTABILITY 81 3.5 MARKETPLACE 84 CHAPTER 3 CONCLUSION 88 CHAPTER 4: DESIGNING A CYBER SECURITY WARGAME 90 4.1 REALISM VERSUS COMPLEXITY IN GAME DESIGN 92 4.1.1 LENGTH OF RULES 93 4.2 KEY CONSTITUENTS OF CYBERSPACE 94 4.2.1 ENTITIES 96 4.2.2 RELATIONSHIPS BETWEEN CONSTITUENTS 107 4.3 STRATEGIC GOAL-SETTING IN CYBER SECURITY 111 4.3.1 PLAYER OBJECTIVES 113 4.3.2 MANAGING LIMITED RESOURCES 116 4.4 CYBER ATTACK AND DEFENCE DYNAMICS 118 4.4.1 DYNAMICS OF TIME PROGRESSION 118 4.4.2 DYNAMICS OF CYBER CAPABILITY DEVELOPMENT 121 4.4.3 ATTACK VECTORS 127 4.4.4 DYNAMICS OF ATTACK RISK AND REWARD 130 4.4.5 DYNAMICS OF ATTRIBUTION 132 4.5 GEOPOLITICAL REALITIES OF CYBER SECURITY 134 4.5.1 CLUMSY CIVIL SERVANT EVENT CARD 135 4.5.2 BANKING ERROR EVENT CARD 136 4.5.3 PEOPLE’S REVOLT EVENT CARD 137 4.5.4 QUANTUM BREAKTHROUGH EVENT CARD 138 4.6 VISIBILITY IN CYBERSPACE 139 CHAPTER 4 CONCLUSION 141 CHAPTER 5: METHODOLOGY FOR STUDYING GAMES AND PLAYERS 144 5.1 GROUNDED THEORY AND ITS LINKS TO WARGAMING 146 5.2 ETHNOGRAPHIC PRACTICE 149 5.2.1 STRATEGIC POSITIONALITY 150 5.2.2 STRATEGY FOR TARGETING RESEARCH PARTICIPANTS 155 5.2.3 SECURITY AND CLASSIFICATION OF INFORMATION 157 5.3 FACILITATION AND ADJUDICATION 159 5.3.1 TACTICAL POSITIONALITY I 161 5.4 METHODS FOR CAPTURING GAME RESULTS AND PLAYER EXPERIENCES 163 5.4.1 DATA GATHERING METHODS 164 5.4.2 TACTICAL POSITIONALITY II 170 5.5 DATA ANALYSIS METHODS 171 CHAPTER 5 CONCLUSION 173 CHAPTER 6: PEDAGOGY AND PRACTICE IN CYBER WARGAMING 174 6 6.1 GAMING BY NUMBERS: QUANTITATIVE USES OF METADATA AND GAME DATA 175 6.1.1 THE GENDER IMBALANCE IN WARGAMING 176 6.1.2 IN-GAME PERFORMANCE AS A GUIDE TO REAL-WORLD PERFORMANCE 177 6.1.3 IN-GAME RESULTS AS A GUIDE TO REAL-WORLD RESULTS 179 6.1.4 PLAYING STYLES OF DIFFERENT GROUPS 181 6.2 LEARNING THROUGH THE GAME: EXPECTED AND UNEXPECTED RESULTS 183 6.2.1 ENTITIES 184 6.2.2 ENTITY RELATIONSHIPS 189 6.2.3 OBJECTIVES 191 6.2.4 RESOURCE MANAGEMENT 194 6.2.5 ATTACK AND DEFENCE DYNAMICS 196 6.2.6 GEOPOLITICAL REALITIES AND LANDSCAPES 209 6.2.7 VISIBILITY IN AND OF CYBERSPACE 211 6.3 PRACTICING WARGAMING THEORY 214 6.3.1 REALISM VERSUS COMPLEXITY 215 6.3.2 DECISION-MAKING EXPERIENCE 217 6.3.3 ENGAGEMENT 218 6.3.4 MANUAL WARGAMING AND ADVANTAGES OVER COMPUTERS 227 CHAPTER 6 CONCLUSION 230 CHAPTER 7: A WARGAMING PRACTITIONER’S EXPERIENCE 233 7.1 THE IMPACT OF THE RESEARCHER’S POSITIONALITY 234 7.1.1 CREATING RESEARCH OPPORTUNITIES 235 7.1.2 TACTICAL POSITIONALITY 242 7.2 SECRECY, SECURITY, AND CLASSIFICATION OF INFORMATION 258 7.2.1 ACCESS DENIED 259 7.2.2 STIFLED PARTICIPANTS 261 7.3 HUMOUR AS A PEDAGOGICAL TOOL 263 7.3.1 ELEVATING MUNDANITY THROUGH HUMOUR 265 7.3.2 POKING FUN AT PRESIDENTS 267 7.3.3 USING HUMOUR TO ENGINEER AFFECTIVE ATMOSPHERES 268 CHAPTER 7 CONCLUSION 270 CHAPTER 8: CONCLUSIONS 274 8.1 RESEARCH FINDINGS COMPARED TO THE LITERATURE 275 8.1.1 CORROBORATING THE STORY-LIVING EXPERIENCE 276 8.1.2 CORROBORATING THE MODIFIABILITY ADVANTAGE OF MANUAL GAMES 276 8.1.3 CORROBORATING THE BALANCE BETWEEN REALISM AND COMPLEXITY 277 8.1.4 GAME RULES ARE NOT EASY TO WRITE 278 8.2 NOVEL TAKEAWAYS FOR WARGAMERS 278 8.2.1 MERGING DISTANT LITERATURE 279 8.2.2 A CATALOGUE FOR BEST-PRACTICE IN CYBER GAMES DESIGN 279 8.3 KEY ORIGINAL CONTRIBUTIONS OF THE RESEARCH 280 8.3.1 DEVELOPMENT OF A NOVEL CYBER WARGAME 280 8.3.2 A WARGAMING PRACTITIONER’S EXPERIENCE 281 7 8.3.3 ADDRESSING THE CENTRAL THESIS OBJECTIVE 282 8.4 THE WAY AHEAD 283 APPENDICES 285 APPENDIX A: PLAYER DOSSIERS 285 UK GOVERNMENT 285 ELECTORATE 286 UK PLC 287 GCHQ 288 UK ENERGY 289 RUSSIA GOVERNMENT 290 ONLINE TROLLS 291 ENERGETIC BEAR 292 SCS 293 ROSENERGOATOM 294 APPENDIX B: GAME RULES 295 APPENDIX C: GAME SESSIONS 297 BIBLIOGRAPHY 308 List of Figures FIGURE 1: A GAME OF [D0X3D!] IN ACTION 68 FIGURE 2: SCREENSHOT FROM SPOT THE RISKS, OFFICE VERSION 72 FIGURE 3: OPERATION DIGITAL CHAMELEON GAME BOARD 74 FIGURE 4: CTRL+ALT+HACK GAME BOX AND CONTENTS 79 FIGURE 5: MAELSTROM GAME BOARD 87 FIGURE 6: VERSION 1.0 OF THE GAME BOARD 97 FIGURE 7: FINAL VERSION OF THE GAME BOARD 97 FIGURE 8: THE IN-GAME BLACK MARKET 122 FIGURE 9: BLACK MARKET ASSET CARDS 123 FIGURE 10: VERSION 1.0 COMBAT RESULTS TABLE 131 FIGURE 11: FINAL VERSION COMBAT RESULTS TABLE 131 FIGURE 12: EVENT CARDS 135 FIGURE 13: NON-EVENT CARD 135 FIGURE 14: WARGAME OUTCOME PROBABILITY DISTRIBUTIONS.
Load more

Recommended publications
  • Little Wars by H.G. Wells
    Little Wars 1 Little Wars The Project Gutenberg EBook of Little Wars, by (H)erbert (G)eorge Wells #20 in our series by (H)erbert (G)eorge Wells Copyright laws are changing all over the world. Be sure to check the copyright laws for your country before downloading or redistributing this or any other Project Gutenberg eBook. This header should be the first thing seen when viewing this Project Gutenberg file. Please do not remove it. Do not change or edit the header without written permission. Please read the "legal small print," and other information about the eBook and Project Gutenberg at the bottom of this file. Included is important information about your specific rights and restrictions in how the file may be used. You can also find out about how to make a donation to Project Gutenberg, and how to get involved. **Welcome To The World of Free Plain Vanilla Electronic Texts** **eBooks Readable By Both Humans and By Computers, Since 1971** *****These eBooks Were Prepared By Thousands of Volunteers!***** Title: Little Wars Author: (H)erbert (G)eorge Wells Release Date: January, 2003 [EBook #3691] [This file was last updated on August 5, 2002] Edition: 11 Language: English Character set encoding: ASCII *** START OF THE PROJECT GUTENBERG EBOOK LITTLE WARS *** eText by Alan D. Murray - North Carolina Edition 11 revisions by William Jenness and Andrew Sly. Little Wars (A Game for Boys from twelve years of age to one hundred and fifty and for that more intelligent sort of girl who likes boys' games and books) With an Appendix on Kriegspiel By H.
    [Show full text]
  • How World of Warships Doubled Referrals with Amazon Moments
    How World of Warships doubled referrals with Amazon Moments 100% 38% 20% 42% increase in increase in average increase in conversions decrease in cost referrals revenue per user to payers per action CHALLENGES World of Warships is a free-to-play naval warfare-themed multiplayer online game produced and published by Wargaming. World of Warships had an existing referral program targeted at both acquiring new players and winning back lapsed players (over 90 days inactive) but wanted to improve the participation numbers and make it more valuable for players to refer their friends. In addition, they were looking to explore the potential of a rewards powered referral program as a more cost effective user acquisition channel. World of Warships had previously tested a small pilot campaign to enable rewards for referrals but needed a more streamlined solution for providing rewards across multiple countries. Amazon Moments allowed World of Warships to easily deliver valuable, real-world rewards to players to drive acquisition and winback and lower acquisition costs. SOLUTION To increase player referrals and drive stickiness for new and returning users, World of Warships launched a Moments-powered campaign that provided Amazon credits to players who referred a friend (a recruit). Recruits were invited to join or return to the game via personal referral links sent by World of Warships players. To qualify for the referral reward, new recruits needed to play a battle on a non-premium tier 6 ship, and returned players needed to win 25 battles. To participate in the referral program, players needed to have at least 15 battles played on their account.
    [Show full text]
  • The Inventory of the H.G. Wells Collection #458
    The Inventory of the H.G. Wells Collection #458 Howard Gotlieb Archival Research Center Wells, Herbert George, 1866 - 1946 Purchi.se 1969 Box 1 Letters . 16 AIS, l postcard AIB, 3 holograph envelopes ✓1899 AIS 1899 N0 vember 27, Sandgate, Ken} to Harold Grost, Esq. ✓ 1900 AIS 1900 January 28, Sandgate, Kent, to "Connell" Conal 0 •Riordan 2 PPo ✓AIS 1900 October 19, Sandgate, Keny to 'lftMy Dear Sir" 3 PPo on l Marked "iBrivaten o V ALS 1900 November _22, Sandgate, Kent, to 11Dear Sir11 2 PP• on l Marked 11Private 11 ·v'Envelope holograph. Postmarked 1900 November 23. Addressed to William H. Maas, Esqo, Londono ✓1905 AIS 1905 April 30, Sandgate, to the Director of trre Natural History Museum~ ✓1914 ALS 1914 April 7, t,1ondonJ to «.DEar Sirs" ✓ 1922 AIS nodo, Dun.mow, to Mrs o Dawson Scott. Envelope holograph. Postli"..arked 1922, June 12, London. Addressed to Mrs. Dawson Scott. ✓ ALS n.d., London, to Mrs 0 Scotto Envelope holograph. Postmarked 1922, June 15, Londono Addressed to Mrs. Dawson Scott. ( 1924 AIS 1924 November 3, Dunmow, to Miss Hordero /1925 AIS 1925 June 8, Dunmow, to Miss H0 rdero v/1928 Postcard ALSo Postmarked 1928 January 21, London, to Mrs• Dawson Scotto V" 1935 ALS 1935 May 15, r.Londonl, to -Miss Hordero Wells, Herbert George 1866 - 1946 Page 2 AL5 November 15, n .y., r.London l to Lord Du...visa.ny. AL5 Ilodo [London] to 11 :My dear Sir" 4 PP• on 2 cards. Ats n.d. Dunmow to Mr. Ridling ?, 1 P• ' .AL5 n.d.
    [Show full text]
  • Getting to Yes with China in Cyberspace
    Getting to Yes with China in Cyberspace Scott Warren Harold, Martin C. Libicki, Astrid Stuth Cevallos C O R P O R A T I O N For more information on this publication, visit www.rand.org/t/rr1335 Library of Congress Cataloging-in-Publication Data ISBN: 978-0-8330-9249-6 Published by the RAND Corporation, Santa Monica, Calif. © Copyright 2016 RAND Corporation R® is a registered trademark Cover Image: US President Barack Obama (R) checks hands with Chinese president Xi Jinping after a press conference in the Rose Garden of the White House September 25, 2015 in Washington, DC. President Obama is welcoming President Jinping during a state arrival ceremony. Photo by Olivier Douliery/ABACA (Sipa via AP Images). Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions.html. The RAND Corporation is a research organization that develops solutions to public policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan, and committed to the public interest. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors.
    [Show full text]
  • Little Wars the Basic Game the Rules Given Here Constitute the Basic Game As De- When H
    Little Wars The Basic Game The rules given here constitute the basic game as de- When H. G. Wells committed to paper the rules signed by H. G. Wells. for his Little Wars in 1913, one suspects he had some The advanced game, whose rules begin on page 6, inkling of the course the field was steering. Games de- contains my revisions and expansions to Wells’ original. rived from the Prussian Kriegsspiel were not at all un- common in the Europe of his day. By that time, Ox- 1. Troops ford’s University Kriegspiel [sic] Club dated back forty years. 1.1. Unit Types and Terminology. Little Wars is Unlike Kriegsspiel and its descendants in the dice, ta- played with three kinds of unit: infantry, cavalry, and ar- bles, and hefty rulebooks tradition, which have their tillery. Infantry and cavalry (collectively, men or troops) roots in battlefield simulation, Little Wars began with may be represented by toy soldiers of the appropriate pure play: knocking over a toy soldier with a toy cannon. kind. Infantry should be of uniform size, as should cav- This spark of whimsy courses through the game’s veins. alry. Foot soldiers of between one and a half and two Which victory is sweeter: rolling well on the combat re- inches tall work well. sults table, or sending an enfiladed column of miniature Artillery (or guns) should be of the breech-loading, soldiers flying with a well-aimed cannon shot? Your au- spring-firing variety1. thor knows which one he prefers. What it gives up in 1.2.
    [Show full text]
  • Сonference Program "SQA Days - 25"
    Сonference program "SQA Days - 25" Legend Test management Automaon tesng Mobile tesng Performance/Security tesng Test design and so on Psychology, learning Funconal tesng New technologies tesng (AI, blockchains, IoT, etc.) Other 31.05.2019 – First Day Secon A (330 people) Secon B (300 people) Secon C (250 people) 08:30 Registraon, morning tea/coffee 09:30 Opening ceremony 10:00 10:40 Andrey Ladutko Nikita Belkovskiy Yana Korsunskaya PandaDoc АО "Аркадия" BPMobile Minsk, Belarus Taganrog, Russia Minsk, Belarus OKR and QA - praccal advices Tesng SQL Server code with Features of subscripons tesng Regular Talk (1 h 30 min) tSQLt in iOS Regular Talk (40 min) Regular Talk (40 min) 10:55 11:35 Vitaliy Roschupkin Vitaliy Pedash ЗАО "ПФ "СКБ Контур" TDNA Ekaterinburg, Russia Zaporozhe, Ukraine Lead developers taught me how Perfomance tesng of iOS app to write automated tests via Xcode Regular Talk (40 min) Regular Talk (40 min) 11:50 12:30 Sergey Atroschenkov Igor Ershov Lunch. 1st shi EPAM, Radio-QA АО "Калуга Астрал" Kaluga, Russia Buzzword Driven Management Regular Talk (40 min) From Page Object to MVC using .NET Regular Talk (40 min) 12:45 13:25 Kateryna Chernikova Liliya Sapurina Krisna Stolyarenko Wix Deutsche Bank ООО "Клин.ру" Dnepropetrovsk, Ukraine Saint Petersburg, Russia Moscow, Russia Lean QA - A/B tesng, Tips and tricks: test syntax Money as a metric to bugs monitoring, automaon simplifying and mul- priorisaon Regular Talk (40 min) environment tesng Regular Talk (40 min) Regular Talk (40 min) 13:40 14:20 Nataliya Borisova Sergey Khrenov
    [Show full text]
  • Theescapist 042.Pdf
    putting an interview with the Garriott Games Lost My Emotion” the “Gaming at Keep up the good work. brothers, an article from newcomer Nick the Margins” series and even “The Play Bousfield about an old adventure game, Is the Thing,” you described the need for A loyal reader, Originally, this week’s issue was The Last Express and an article from games that show the consequences of Nathan Jeles supposed to be “Gaming’s Young Turks Greg Costikyan sharing the roots of our actions, and allow us to make and Slavs,” an issue about the rise of games, all in the same issue. I’ll look decisions that will affect the outcome of To the Editor: First, let’s get the usual gaming in Eastern Europe, both in forward to your comments on The Lounge. the game. In our society there are fewer pleasantries dispensed with. I love the development and in playerbase. I and fewer people willing to take magazine, read it every week, enjoy received several article pitches on the Cheers, responsibility for their actions or believe thinking about the issues it throws up, topic and the issue was nearly full. And that their actions have no consequences. and love that other people think games then flu season hit. And then allergies Many of these people are in the marketing are more than they may first appear. hit. All but one of my writers for this issue demographic for video games. It is great has fallen prey to flu, allergies or a minor to see a group of people who are interested There’s one game, one, that has made bout of forgetfulness.
    [Show full text]
  • View Final Report (PDF)
    TABLE OF CONTENTS TABLE OF CONTENTS I EXECUTIVE SUMMARY III INTRODUCTION 1 GENESIS OF THE PROJECT 1 RESEARCH QUESTIONS 1 INDUSTRY SITUATION 2 METHODOLOGY 3 GENERAL COMMENTS ON INTERVIEWS 5 APT1 (CHINA) 6 SUMMARY 7 THE GROUP 7 TIMELINE 7 TYPOLOGY OF ATTACKS 9 DISCLOSURE EVENTS 9 APT10 (CHINA) 13 INTRODUCTION 14 THE GROUP 14 TIMELINE 15 TYPOLOGY OF ATTACKS 16 DISCLOSURE EVENTS 18 COBALT (CRIMINAL GROUP) 22 INTRODUCTION 23 THE GROUP 23 TIMELINE 25 TYPOLOGY OF ATTACKS 27 DISCLOSURE EVENTS 30 APT33 (IRAN) 33 INTRODUCTION 34 THE GROUP 34 TIMELINE 35 TYPOLOGY OF ATTACKS 37 DISCLOSURE EVENTS 38 APT34 (IRAN) 41 INTRODUCTION 42 THE GROUP 42 SIPA Capstone 2020 i The Impact of Information Disclosures on APT Operations TIMELINE 43 TYPOLOGY OF ATTACKS 44 DISCLOSURE EVENTS 48 APT38 (NORTH KOREA) 52 INTRODUCTION 53 THE GROUP 53 TIMELINE 55 TYPOLOGY OF ATTACKS 59 DISCLOSURE EVENTS 61 APT28 (RUSSIA) 65 INTRODUCTION 66 THE GROUP 66 TIMELINE 66 TYPOLOGY OF ATTACKS 69 DISCLOSURE EVENTS 71 APT29 (RUSSIA) 74 INTRODUCTION 75 THE GROUP 75 TIMELINE 76 TYPOLOGY OF ATTACKS 79 DISCLOSURE EVENTS 81 COMPARISON AND ANALYSIS 84 DIFFERENCES BETWEEN ACTOR RESPONSE 84 CONTRIBUTING FACTORS TO SIMILARITIES AND DIFFERENCES 86 MEASURING THE SUCCESS OF DISCLOSURES 90 IMPLICATIONS OF OUR RESEARCH 92 FOR PERSISTENT ENGAGEMENT AND FORWARD DEFENSE 92 FOR PRIVATE CYBERSECURITY VENDORS 96 FOR THE FINANCIAL SECTOR 96 ROOM FOR FURTHER RESEARCH 97 ACKNOWLEDGEMENTS 98 ABOUT THE TEAM 99 SIPA Capstone 2020 ii The Impact of Information Disclosures on APT Operations EXECUTIVE SUMMARY This project was completed to fulfill the including the scope of the disclosure and capstone requirement for Columbia Uni- the disclosing actor.
    [Show full text]
  • A Systematic Review on the Effectiveness of Gamification Features in Exergames
    Proceedings of the 50th Hawaii International Conference on System Sciences | 2017 How Effective Is “Exergamification”? A Systematic Review on the Effectiveness of Gamification Features in Exergames Amir Matallaoui Jonna Koivisto Juho Hamari Ruediger Zarnekow Technical University of School of Information School of Information Technical University of Berlin Sciences, Sciences, Berlin amirqphj@ University of Tampere University of Tampere ruediger.zarnekow@ mailbox.tu-berlin.de [email protected] [email protected] ikm.tu-berlin.de One of the most prominent fields where Abstract gamification and other gameful approaches have been Physical activity is very important to public health implemented is the health and exercise field [7], [3]. and exergames represent one potential way to enact it. Digital games and gameful systems for exercise, The promotion of physical activity through commonly shortened as exergames, have been gamification and enhanced anticipated affect also developed extensively during the past few decades [8]. holds promise to aid in exercise adherence beyond However, due to the technological advancements more traditional educational and social cognitive allowing for more widespread and affordable use of approaches. This paper reviews empirical studies on various sensor technologies, the exergaming field has gamified systems and serious games for exercising. In been proliferating in recent years. As the ultimate goal order to gain a better understanding of these systems, of implementing the game elements to any non- this review examines the types and aims (e.g. entertainment context is most often to induce controlling body weight, enjoying indoor jogging…) of motivation towards the given behavior, similarly the the corresponding studies as well as their goal of the exergaming approaches is supporting the psychological and physical outcomes.
    [Show full text]
  • The Role of Wargames in the Development of Game Design
    The role of wargames in the development of game design Luiz Cláudio S. Duarte∗ Thiago Schaedler Uhlmann2 1PUCPR Figure 1: Playing Second Front: Sicily in 1943. Abstract ical representation of information. During the third quarter of the XX century, board wargames led the way in innovation in game design. Although small 1 Playing at war in comparison with present-day digital games industry, the Games are probably older than civilization [15]; however, as wargames industry was far from inconsequential, and several far as we know, game designers are a much younger breed. leading digital game designers started their careers playing Indeed, it is only from the 17th century onwards that we can or creating board wargames. Even the term “game designer” identify any game authors at all, such as Sir John Suckling was first used about the creators of board wargames. Noneof (Cribbage, 1630) [18] or John Jefferys (A Journey Through Eu- the information in this paper is new or unknown. However, rope, 1759). [6] But they did not think of themselves as game we believe that, as in any other human endeavour, game designers; even George S. Parker, founder and lead game designers can benefit from knowing some of the history from designer of the former Parker Brothers game company, did their field. Accordingly, in this paper we present some in- not identify himself as such during his lifetime (1866–1952). formation on board wargames, with special attention to the [16] influential role played by Redmond A. Simonsen, a graphic This comes as no surprise, since the concept of design as designer.
    [Show full text]
  • Downloads of Technical Information
    Florida State University Libraries Electronic Theses, Treatises and Dissertations The Graduate School 2018 Nuclear Spaces: Simulations of Nuclear Warfare in Film, by the Numbers, and on the Atomic Battlefield Donald J. Kinney Follow this and additional works at the DigiNole: FSU's Digital Repository. For more information, please contact [email protected] FLORIDA STATE UNIVERSITY COLLEGE OF ARTS AND SCIENCES NUCLEAR SPACES: SIMULATIONS OF NUCLEAR WARFARE IN FILM, BY THE NUMBERS, AND ON THE ATOMIC BATTLEFIELD By DONALD J KINNEY A Dissertation submitted to the Department of History in partial fulfillment of the requirements for the degree of Doctor of Philosophy 2018 Donald J. Kinney defended this dissertation on October 15, 2018. The members of the supervisory committee were: Ronald E. Doel Professor Directing Dissertation Joseph R. Hellweg University Representative Jonathan A. Grant Committee Member Kristine C. Harper Committee Member Guenter Kurt Piehler Committee Member The Graduate School has verified and approved the above-named committee members, and certifies that the dissertation has been approved in accordance with university requirements. ii For Morgan, Nala, Sebastian, Eliza, John, James, and Annette, who all took their turns on watch as I worked. iii ACKNOWLEDGMENTS I would like to thank the members of my committee, Kris Harper, Jonathan Grant, Kurt Piehler, and Joseph Hellweg. I would especially like to thank Ron Doel, without whom none of this would have been possible. It has been a very long road since that afternoon in Powell's City of Books, but Ron made certain that I did not despair. Thank you. iv TABLE OF CONTENTS Abstract..............................................................................................................................................................vii 1.
    [Show full text]
  • Paper: Wardialing Brief
    Wardialing Brief Kingpin @Stake, Inc. 196 Broadway, Cambridge, MA 02139, USA. http://www.atstake.com E-mail: [email protected] Abstract. Wardialing consists of using a computer to dial a given set of telephone numbers with a modem. Each phone number that answers with modem handshake tones and is successfully connected to is stored in a log. By searching a range of phone numbers for computers, one can find entry points into unprotected systems and backdoors into seemingly secure systems. This brief introduces the wardialing concept, examines concerns with today's network setups, and lists free and commercial software products, whitepapers, news reports, and Internet resources. Keywords: wardialing, telephony, security, modem 1 Introduction to Wardialing Wardialing, or scanning, has been a common activity in the computer underground and computer serucity industry for decades. Hollywood made wardialing popular with the 1983 movie, WarGames, in which a teenager searching for a videogame company ultimately uncovers a government nuclear war warning system [1]. Seventeen years after the mainstream was made aware of wardialing activity, the problem of unprotected dial-up systems still exists in the majority of corporations. The act of wardialing is extremely simple – a host computer dials a given range of telephone numbers using a modem. Every telephone number that answers with a modem and successfully connects to the host is stored in a log. At the conclusion of the scan, the log is reviewed and the phone numbers are individually dialed with a computer. The user then attempts to identify the systems, and, depending on the goals of the wardial, attempts system access.
    [Show full text]