DOCSLIB.ORG

A New Systematic Modelling Methodology for Improving Cyber-Attack Evaluation on States' Critical Information Infrastructure (C

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

A new systematic modelling methodology for improving cyber-attack evaluation on states’ Critical Information Infrastructure (CII) Kosmas Pipyros March 2019 Information Security and Critical Infrastructure Protection (INFOSEC) Laboratory Department of Informatics A new systematic modelling methodology for improving cyber-attack evaluation on states’ Critical Information Infrastructure (CII) Kosmas Pipyros A dissertation submitted for the partial fulfillment of a Ph.D. degree January 2019 Department of Informatics Athens University of Economics & Business Athens, Greece ii Supervising Committee: 1. Theodoros Apostolopoulos, Professor, Athens University of Economics & Business (Chair). 2. Dimitris Gritzalis, Professor, Athens University of Economics & Business (Deputy Rector). 3. Lilian Mitrou, Professor, University of the Aegean. Examination Committee: 1. Theodoros Apostolopoulos, Professor, Athens University of Economics & Business (Chair). 2. Dimitris Gritzalis, Professor, Athens University of Economics & Business (Deputy Rector). 3. Lilian Mitrou, Professor, University of the Aegean. 4. Evgenia Alexandropoulou, Professor, University of Macedonia. 5. Ioannis Mavridis, Professor, University of Macedonia. 6. Maria Kanellopoulou – Bottis, Associate Professor, Ionian University. 7. Panayiotis Kotzanikolaou, Assistant Professor, University of Piraeus. iii A new systematic modelling methodology for improving cyber-attack evaluation on states’ Critical Information Infrastructure (CII) Copyright © 2019 by Kosmas Pipyros Department of Informatics Athens University of Economics and Business 76 Patission Ave., Athens GR-10434, Greece All rights reserved. No part of this manuscript may be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the author. iv Disclaimer The views and opinions expressed in this thesis are those of the author and do not in any way represent the views, official policy or position of the Athens University of Economics and Business or his employer. "Η έγκριση διδακτορικής διατριβής υπό του Τμήματος Πληροφορικής του Οικονομικού Πανεπιστημίου Αθηνών δεν υποδηλοί αποδοχή των γνωμών του συγγραφέως.” (Ν. 5343/ 1932, άρθρο. 202) v Acknowledgements Reaching to the end of my doctoral studies I consider myself very fortunate for being able to work with my encouraging professors of my supervising committee. I had the opportunity to meet them during my master’s degree and I would like to express my gratitude for giving me the opportunity to embark on a master’s degree in information systems security without having the necessary background because my bachelor’s degree is on Law. Their lectures were the inspiration for my PhD thesis and I feel very grateful for that. More specifically, I would like to express my appreciation to my Ph.D. Supervisor Prof. Theodoros Apostolopoulos for giving me the opportunity to accomplish this research. Professor, thank you for your continuous guidance, support and inspiration during the more than five years of my academic research, for your encouragements and for your enlightening suggestions. I would also like to express my deep gratitude and appreciation to Prof. Lilian Mitrou for her guidance, enthusiastic encouragement and useful comments during the development of this research work. This Ph.D. thesis would not have been accomplished without her valuable and constructive suggestions and recommendations. Her willingness to give her time so generously is very much appreciated. It gives me pleasure to express my deep sense of gratitude to Prof. Dimitris Gritzalis for his continuous guidance, meticulous suggestions and astute criticism during my PhD. Furthermore, his academic advices and support helped me to improve my work and to keep my progress on schedule. I would like also to express my thanks to Dr. Christos Thraskias for the stimulating discussions and his invaluable scientific advices and help during the development of our research method. He was the one that help me the most during my first research steps and I feel very grateful for his support and professionalism but mainly for his friendship. Finally, I would like to express my gratitude to my dearest wife, Sotiroula for her unconditional love, patience, support but especially for bringing to life our beloved son a few months ago. This dissertation is dedicated to him. Athens, 28th December 2018 vi Dedication To our son Theodore: ‘You have made me stronger, better and more fulfilled than I could have ever imagined.’ vii Abstract Over the past decades, rapid advances in Information and Communication Technologies (ICTs) have connected billions of individuals across the globe, integrated economies through connected supply chains, and spurred new efficiencies through World Wide Web (WWW). The rapid development ICTs, its presence in every aspect of human life and the high degree of dependency on cyberspace make cybersecurity a common objective for a society’s proper functioning and the well-being of its citizens. As the European Commission states in its Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions entitled “Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace” (JOIN 1, European Commission, 2013), cyber security: “[…] commonly refers to the safeguards and actions that can be used to protect the cyber domain, both in the civilian and military fields, from those threats that are associated with or that may harm its interdependent networks and information infrastructure”. Despite the general integrity of digital networks and systems, deep digital integration has also created new vulnerabilities and threats by individual hackers, organized crime, terrorist groups and even nation states. Those threats, commonly referred to as cyber-attacks, include actions “[…] taken to undermine the functions of a computer network for a political or national security purpose”. Furthermore, the US National Research Council (2009) defines cyber-attacks as “deliberate actions to alter, disrupt, deceive, degrade, or destroy computer systems or networks or the information and/or programs resident in or transiting these systems or networks”. The more Critical Infrastructures (hereafter CI) are becoming independent from human intervention the higher the well-being of societies and citizens but also the vulnerability of states. The increasing number and complexity of cyber-attacks on states’ CI in recent years has been transforming cyberspace into a new battlefield where “the mouse and the keyboard being the new weapons” bringing out “cyber warfare” as the “5th dimension of war”. In 2010, the Pentagon has acknowledged cyberspace as a new field for war, after land, sea, air and space, which is vital for military operations (William J. Lynn, 2010). In order to defend USA Critical Information Infrastructure (hereafter CII) from cyber-attacks former US President Barack Obama (2009-2017) declared America’s digital infrastructure a strategic national asset (The White House, 2010). Moreover, former US Secretary of Defense Leon Panetta (2011-2013), during his speech “Defending the nation from cyber-attacks in 2011, pointed out that this is a pre- 9/11 moment and that a cyber-attack perpetrated by nation states or violent extremist groups could be as destructive as the terrorist attack on 9/11”. The decision of the US government reflected the need to address the challenges posed with regard to cyber-attacks that could be qualified as cyberwar actions. viii Furthermore, at EU level, only for the year 2016 there were more than 4,000 ransomware attacks per day with 80% of the European companies to experience at least one cyber security incident. In addition, more than 150 countries and 230,000 systems across sectors and countries were affected with a substantial impact on essential services connected to CI. Therefore, Jean- Claud Juncker, President of the European Commission, in his recent State of the Union address to the European Commission in 13 September 2017 pointed out that “Cyber-attacks can be more dangerous to the stability of democracies and economies than guns and tanks. Cyber-attacks know no borders, and no one is immune” (State of the Union 2017, European Commission). The number and complexity of cyber-attacks has been increasing steadily in recent years. The major players in today’s cyber conflicts are well organized and heavily funded teams with specific goals and objectives, working for or supported by a nation-state. Cyber-attacks such as those of Estonia (2007) and Iran (2010) demonstrate the significance and the magnitude of the problem. Moreover, at international level, the “WannaCry” ransomware attack of May 2017 affected hundreds of thousands of computers in 150 countries. In addition, the “NotPetya” attack a month later, which the United States publicly attributed to Russia, was deemed by the White House to be the most expensive cyber-attack in history (Center for Strategic & International Studies, Significant Cyber Incidents, 2018). The continuous increase in both the number and the intensity of cyber-attacks on states’ CII renders the research on defining and evaluating these categories of cyber-attacks into a pressing need. Today all the EU member states (ENISA) and most of the NATO member states have a National Cyber Security Strategy (NCSS) as a key policy feature, helping them to tackle risks which have the potential
Recommended publications
  • Cyber Law and Espionage Law As Communicating Vessels

    Cyber Law and Espionage Law As Communicating Vessels

    Maurer School of Law: Indiana University Digital Repository @ Maurer Law Books & Book Chapters by Maurer Faculty Faculty Scholarship 2018 Cyber Law and Espionage Law as Communicating Vessels Asaf Lubin Maurer School of Law - Indiana University, [email protected] Follow this and additional works at: https://www.repository.law.indiana.edu/facbooks Part of the Information Security Commons, International Law Commons, Internet Law Commons, and the Science and Technology Law Commons Recommended Citation Lubin, Asaf, "Cyber Law and Espionage Law as Communicating Vessels" (2018). Books & Book Chapters by Maurer Faculty. 220. https://www.repository.law.indiana.edu/facbooks/220 This Book is brought to you for free and open access by the Faculty Scholarship at Digital Repository @ Maurer Law. It has been accepted for inclusion in Books & Book Chapters by Maurer Faculty by an authorized administrator of Digital Repository @ Maurer Law. For more information, please contact [email protected]. 2018 10th International Conference on Cyber Conflict CyCon X: Maximising Effects T. Minárik, R. Jakschis, L. Lindström (Eds.) 30 May - 01 June 2018, Tallinn, Estonia 2018 10TH INTERNATIONAL CONFERENCE ON CYBER CONFLicT CYCON X: MAXIMISING EFFECTS Copyright © 2018 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1826N-PRT ISBN (print): 978-9949-9904-2-9 ISBN (pdf): 978-9949-9904-3-6 COPYRigHT AND REPRINT PERmissiONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]).
  • Cyber War in Perspective: Russian Aggression Against Ukraine

    Cyber War in Perspective: Russian Aggression Against Ukraine

    cyber war in perspective: russian aggression against ukraine Cyber War in Perspective: Russian Aggression against Ukraine Edited by Kenneth Geers This publication may be cited as: Kenneth Geers (Ed.), Cyber War in Perspective: Russian Aggression against Ukraine, NATO CCD COE Publications, Tallinn 2015. © 2015 by NATO Cooperative Cyber Defence Centre of Excellence. All rights reserved. No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear a full citation. NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org LEGAL NOTICE This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre). It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Print: EVG Print Cover design & content layout: Villu Koskaru ISBN 978-9949-9544-4-5 (print) ISBN 978-9949-9544-5-2 (pdf) NATO Cooperative Cyber Defence Centre of Excellence The Tallinn-based NATO Cooperative Cyber Defence Centre of Excel- lence (NATO CCD COE) is a NATO-accredited knowledge hub, think-tank and training facility.
  • The Dark Space Project

    The Dark Space Project

    The Dark Space Project Dave McMahon Rafal Rohozinski Bell Canada Scientific Authority Rodney Howes DRDC Centre for Security Science The scientific or technical validity of this Contract Report is entirely the responsibility of the Contractor and the contents do not necessarily have the approval or endorsement of Defence R&D Canada. Defence R&D Canada – Centre for Security Science Contractor Report DRDC CSS CR 2013-007 July 2013 The Dark Space Project Dave McMahon Rafal Rohozinski Bell Canada Scientific Authority Rodney Howes DRDC Centre for Security Science The scientific or technical validity of this Contract Report is entirely the responsibility of the Contractor and the contents do not necessarily have the approval or endorsement of Defence R&D Canada. Defence R&D Canada – Centre for Security Science Contractor Report DRDC CSS CR 2013-007 July 2013 Scientific Authority Rodney Howes Rodney Howes eSecurity Portfolio Manager Approved by Original signed by Andrew Vallerand DRDC Centre for Security Science Director S&T Public Security Approved for release by Dr. Mark Williamson DRDC Centre for Security Science DRP Chair © Her Majesty the Queen in Right of Canada, as represented by the Minister of National Defence, 2013 © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ministre de la Défense nationale, 2013 THE Dark Space Project 1 | Page Privacy and Ethics Statement The methodology used in this research was based on guidance and precedence provided by the Privacy Commissioner of Canada and Auditor General of Canada for conducting cyber security research from primary data sources. No personal information has been used in this project.
  • 2014 6Th International Conference on Cyber Conflict (Cycon 2014)

    2014 6Th International Conference on Cyber Conflict (Cycon 2014)

    2014 6TH INTERNATIONAL CONFERENCE ON CYBER CONFLICT (CYCON 2014) Copyright © 2014 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1426N-PRT ISBN (print): 978-9949-9544-0-7 ISBN (pdf): 978-9949-9544-1-4 COPYRIGHT AND REPRINT PERMISSIONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profi t or non-commercial purposes, providing that copies bear this notice and a full citation on the fi rst page as follows: [Article author(s)], [full article title] 2014 6th International Conference on Cyber Confl ict P.Brangetto, M.Maybaum, J.Stinissen (Eds.) 2014 © NATO CCD COE Publications PRINTED COPIES OF THIS PUBLICATION ARE AVAILABLE FROM: NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org Layout: Jaakko Matsalu LEGAL NOTICE: This publication contains opinions of the respective authors only They do not necessarily refl ect the policy or the opinion of NATO CCD COE, NATO, or any agency or any government NATO CCD COE may not be held responsible for any loss or harm arising from the use of information contained in this book and is not responsible for the content of the external sources, including external websites referenced in this publication ABOUT THE NATO CCD COE The NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) is an international military organisation accredited in 2008 by NATO´s North Atlantic Council as a “Centre of Excellence”.