Cyber Warfare Research Articles

Indonesia's Digital Security Strategy: Countering the Threats of Cybercrime and Cyberterrorism

Cybercrime is becoming a very serious threat to Indonesia's national security. The pervasive nature of cyberattacks raises questions about the effectiveness of current regulatory measures. This research aims to analyze how the government addresses security challenges in cyberspace in a sustainable manner. A descriptive qualitative method was used to evaluate the impact of cybercrime in Indonesia and its relationship with highly interrelated regulations. The results show that the threat of cybercrime and cyber-terrorism, in both physical and digital forms, has increased alarmingly in recent years. The impact of universal access to all relevant information has several consequences, including the spread of false information and the development of cybercrime networks. Significant measures are needed to disrupt the cyber terrorism industry to create a safe environment in Indonesia. The success of regulatory measures in Indonesia relies on a holistic approach involving the active participation of the government, society, and the private sector.

A method of network attack-defense game and collaborative defense decision-making based on hierarchical multi-agent reinforcement learning

Faced with the challenges of security strategy design brought about by the complexity of attack behavior and the dynamism of network structure, dynamic hierarchical intelligent defense methods have shown their effectiveness. However, in complex network environments, their application requires a higher level of coordination mechanisms. Therefore, this paper proposes a hierarchical multi-agent reinforcement learning network attack and defense game and cooperative defense decision-making method, which autonomously and efficiently completes the formulation of defense strategies and defense behavior responses. Firstly, we construct a Stackelberg hypergame model of cyberspace conflicts, and under the condition of information loss, characterize the multi-layer dynamic defense coordination response mechanism. Secondly, By utilizing a hierarchical multi-agent reinforcement learning method as the driving force for game evolution, we sequentially solve the Nash equilibrium of the game, and form a dynamic autonomous defense strategy. Finally, we construct a hierarchical multi-agent reinforcement learning framework, which decouples the defense decision problem, reduces the dimension of the defense action space and the exploration difficulty of the strategy space, and learns coordinated defense strategies more efficiently. We used the CybORG (Cyber Operations Research Gym) environment for simulation. We compared and analyzed the autonomously generated cyber defense strategies with other related works, verifying the superior coordination performance of our method in defense strategy generation and control.

Cyber security attack recognition on cloud computing networks based on graph convolutional neural network and graphsage models

In this paper, the modeling of the network attacks of cloud computing through Graph Neural Networks is considered. Based on structural features and relationships between neighboring nodes and the edges of the cloud ecosystem a cyberattack detection method is proposed. A simulation dataset is created on the CSE-CIC-IDS2018 dataset to train and test the proposed graph neural network based models. In a comparative analysis of the suggested method with the existing one superior results are obtained from the model constructed on the GraphSAGE algorithm. Thus in the recognition of dataset samples, the model obtained a value of 0.97739 according to the accuracy metric. The values obtained by the algorithm on precision, recall, and F1-score metrics were also higher compared to the Graph Convolutional Neural Network model.

Artificial Intelligence Computer Weapon Based True Research on Corona Virus [Covid-19

Electronic torture, Electromagnetic radiation torture, or Psychotronic torture are terms used by individuals who are targeted by this wireless Synthetic telepathic technology or Direct Energy Weapon [Electromagnetic Radiation weapon]. Wireless Synthetic telepathy technology or Super artificial intelligence computers Criminal operators, often actors or often government employees, agents or crime syndicates, use transmitted electromagnetic radiation (Such as microwave listening effects), satellite technology and surveillance techniques. Wireless Remote Neural Monitoring: Bridging the gap between brain and technology In the field of neuroscience and technological advancement, the concept of deep tech satellite wireless neural monitoring technology has emerged as an unprecedented innovation weapon. Which has been developed to read and understand the human brain and to interact with the human brain and understand the human body, it is also a wireless direct energy weapon. These deep tech satellite surveillance criminal operators are using this Neurotechnology and wireless Direct Energy Weapons on a large scale against civilians. This true research has been done to protect citizens from illegal deep tech satellite surveillance weapon technology and cyber terrorism. The researcher has presented his research to the whole world in very simple words and in an easy manner. So that the world can easily understand this research and the governments of the countries of the world can protect their citizens from future man-made diseases and viruses.

Operational cyber incident coordination revisited: providing cyber situational awareness across organizations and countries

ABSTRACT Cyber situational awareness (CSA) is a prerequisite for justified decision-making and to maintain cyber security. This becomes particularly complex when establishing inter-organizational awareness across sectors. For example, computer security incident response teams (CSIRTs) and national cyber security centers need to establish CSA among countries when coordinating regional cyber incident response. Today’s state of the art of information sharing across larger numbers of organizations is often still the least common denominator in the shape of web-based forms and email reports. These are easily applicable by almost everyone who wants to report findings even in stressful situations. However, these do not prove to be efficient for the coordinator that aggregates and merges the data. Therefore, a cyber coordination platform using online surveys is proposed. This approach uses surveys to collect, aggregate and visualize data in a dashboard to support cyber coordination and knowledge management. Furthermore, the online surveys are easy to use and respond to and therefore simplify the participation of stakeholders. We propose an architecture and implement a prototype using popular web application frameworks. The evaluation in a user study revealed promising results with respect to increased efficiency and decreased resource requirements for establishing situational awareness.

PENYADAPAN DALAM TINDAK PIDANA TERORISME DI INDONESIA DAN FILIPINA DITINJAU DARI PERSPEKTIF HAK ASASI MANUSIA

Terrorism in Indonesia and the Philippines is growing rapidly. Wiretapping is used as a method of investigating terrorists. The purpose of this study is to find out and examine whether wiretapping of terrorism suspects according to the terrorism law is with human rights and the reasons why wiretapping terrorism in Indonesia takes a longer period of time than in the Philippines. Normative research method with statutory approach and comparative law. Sources of data in the form of secondary data consisting of primary legal materials and secondary legal materials. Wiretapping has not been specifically regulated in the law, while in practice it has caused controversy over the wiretapping procedure. Wiretapping is a problem because it violates the privacy rights of citizens. Wiretapping must be carried out in line with human rights principles including technical and licensing so that it can prove that wiretapping is certainly intended to provide protection. Wiretapping in Indonesia takes longer because terrorism networks in Indonesia are not centered on one area, so it takes a relatively long time to conduct wiretapping.

Cyber Strategy in Practice

National cyber security strategies had already undergone a period of evolution before Russia’s 2022 invasion of Ukraine, ostensibly in preparation for just such a catalyser of major cyber conflagration. But the cyber war never came. Tom Johansmeyer, Gareth Mott and Jason R C Nurse analyse the national cyber security strategies (NCSS) of the US, Ukraine and Russia – as significant cyber domain stakeholders in the conflict – and how aligned these strategies were for the cyber component of the Ukrainian war. In addition, they consider areas of reflection for the future evolution of NCSS documents, particularly in light of the current state of play with cyber operations. ■

Cyber AI Research Trends

Today day to day there is an increase in cyber threat agents who are continuously coming with strategies which will help them evade the usual defences and end up obtaining or compromising vital information. AI use in monitoring tools by now can count among crucial techniques that help business entities to prevent these dangers. The propelled novel algorithms have replaced ‘human-in-the-loop’ method performing actions to assess security threats making the mechanisms much better. Such a piece dives into the area of AI robots that are utilized in threat intelligence, in order for machines to quickly discover all loop holes that attackers could use to break into a network. The application of Artificial Intelligence by businesses can in advance of the attacks, rather than as a response after the event, thwart them by the use of algorithms and predictive analytics to spot patterns of anomalies or suspicious activities. AI-powered models covering neural-network based threat identification to natural language processing belong to the spectrum of solutions implementing machine learning trained on datasets and cutting-edge algorithms. AI-based threat intelligence was presented to public as in line with practical coverage and real life issues and especially through examples. This technical issue might solve the inefficiency of identifying threats soon and thus increase their accuracy once again, in fact, it will use immediate reaction well too, like it used to. An exploration of computer ethics will touch on the topics of cyber security and data handling among others. As for their practical aspects, they have to be derived from moral righteousness founded on inner values. On the other hand, utilizing AI in threat intelligence processes calls for training of skilled workforce who will, in the long run, be able to face not only today’s cyber threats but also the future ones. In the past ten years reacting was the major issue in analysing cyber intelligence. Through the use of machine learning, enterprises across cyberspace can foresee probabilities of the most burdensome situations for them. Thus, making friendly organizations is the work of great threat intelligence in the 21st century

Cyber security analysis of connected vehicles

AbstractThe sensor‐enabled in‐vehicle communication and infrastructure‐centric vehicle‐to‐everything (V2X) communications have significantly contributed to the spark in the amount of data exchange in the connected and autonomous vehicles (CAV) environment. The growing vehicular communications pose a potential cyber security risk considering online vehicle hijacking. Therefore, there is a critical need to prioritize the cyber security issues in the CAV research theme. In this context, this paper presents a cyber security analysis of connected vehicle traffic environments (CyACV). Specifically, potential cyber security attacks in CAV are critically investigated and validated via experimental data sets. Trust in V2X communication for connected vehicles is explored in detail focusing on trust computation and trust management approaches and related challenges. A wide range of trust‐based cyber security solutions for CAV have been critically investigated considering their strengths and weaknesses. Open research directions have been highlighted as potential new research themes in CAV cyber security area.

Do We Know Whether to Laugh or Cry? User Responses to @Ukraine’s Dark-humour Meme

This study investigates international users’ reception of a dark-humour meme tweeted by Ukraine’s governmental Twitter (X) account on 7 December 2021 as part of its exceptional cultural practice of posting humorous memes. Tweeters’ responses to the ‘headaches meme’ are examined through a discourse-analytic lens. An emphasis is placed on the appreciation of the humour (emanating from the meme or its contextual embedding) and other forms of humour support demonstrated by its online indicators. The overarching aim is to distil and compare user reactions to the meme in two sociopolitical contexts—before and after the invasion of Ukraine that Russia mounted on 24 February 2022—based on two equal quote tweet samples. While the findings reveal a relative decrease in humour appreciation after the invasion, the same diversified reactions encompassing humour support or its lack and politically polarised discourses making for participatory digital warfare are detected in both parts of the dataset.

A lightweight framework for cyber risk management in Western Balkan higher education institutions.

Higher education institutions (HEIs) have a significant presence in cyberspace. Data breaches in academic institutions are becoming prevalent. Online platforms in HEIs are a new learning mode, particularly in the post-COVID era. Recent studies on information security indicate a substantial increase in cybersecurity attacks in HEIs, because of their decentralized e-learning structure and diversity of users. In Western Balkans, there is a notable absence of incident response plans in universities, colleges, and academic institutions. Moreover, e-learning management systems have been implemented without considering security. This study proposes a cybersecurity methodology called a lightweight framework with proactive controls to address these challenges. The framework aims to identify cybersecurity vulnerabilities in learning management systems in Western Balkan countries and suggest proactive controls based on a penetration test approach.

Understanding the Multifaceted Threats of Cyber security: A Comprehensive Analysis

Cyber security exploration has significantly increased to give better protection for cyber operations and help significant security problems that may arise. The primary end of this exploration is to identify and understand common cyber security problems. In a recent study, experimenters examined 69 different studies to determine which types of security problems are constant and how severe they are. The experimenters anatomized colourful aspects similar to where the studies were published, which countries conducted the exploration, and the types of effects that were targeted by cyber-attacks. The findings of the study revealed that the current strategies used for cyber-security are veritably general, and the results they give bear further testing and real-world exploration to estimate their effectiveness.

Unscripted Practices for Uncertain Events: Organizational Problems in Cybersecurity Incident Management

Scripts can help us understand the designer–user relationship, by offering analysis of designers’ intent in technological objects and examination of users’ behaviors through willingness (and unwillingness) to take on scripts. But how are we to understand these relationships in the context of cybersecurity, in the face of adversaries determined to gain unauthorized access to computer systems by actively subverting scripts? In effect, cybersecurity attacks involve re-scripting of computing systems to gain unauthorized access through unscripted features of these systems. Cybersecurity attacks are always uncertain events: attackers can never be certain when re-scripting will be successful, and defenders can never be certain when or where to expect an attack, as unscripted features are difficult to know until they are exploited. In this paper, I study practices of cybersecurity incident response to examine how cybersecurity engineers respond to the novel attacks they encounter daily. I show how these are fundamentally unscripted practices emerging in response to unstable scripts, structured through the uncertainties inherent in cybersecurity engineering practice. The improvised practices and changing networks of social relations which I trace demonstrate the limits of stable scripts and provide new tools for analyzing unstable scripts.

Features of liability for cyber-attacks in EU countries

The article is devoted to the peculiarities of responsibility for cyber-attacks in the countries of the European Union. It is noted that cyber-attacks on state bodies can be a component of cyber war or hybrid war and at the same time pose a threat to national and global security, as they can lead to the leakage of important information, disrupt the operation of state systems and lead to various negative consequences. So, for example, in Europe, the main goals of hackers from 2022, in addition to Ukraine, became Poland, the Baltic countries, Northern Europe and Germany. The share of cyberattacks on European Union (EU) countries increased from about 10% in the first quarter of 2022 to almost 50% in 2023. In total, 162 cyber-attacks were carried out on Ukraine in 2022; to Poland – 114; Estonia, Lithuania and Latvia – 157; Sweden, Norway, Denmark and Finland – 95, Germany – 57.
 An increase in the activity of cyber-attacks on the networks of the energy sector, the diplomatic corps, law enforcement agencies, the defense complex, state enterprises and media companies has been established. The main goal of these attacks is to damage the country’s critical infrastructure. Globally, there has been a steady trend towards an increase in the number of targeted cyber-attacks on critical infrastructure facilities in recent years. And therefore, in connection with the possible negative consequences in the case of the implementation of cyber-attacks, it is important to note that ensuring the effective functioning of the country’s cyber defense system remains a high-priority task. Each year underscores the urgency of this challenge as threats in cyberspace continue to grow and become more highly specialized.
 It was concluded that their public attribution will be important for determining possible responsibility in the countries of the European Union for a cyber-attack, which will include the identification and public announcement of who is behind a specific cyber-attack that affects state, commercial or other objects.

NEOREALISM AND DIGITAL TRANSFORMATION IN RUSSIA-UKRAINE WAR: A MORE CYNICAL PERSPECTIVE TOWARDS UNJUST WAR?

The usage of digital technology, especially in warfare, on the one hand, exacerbates the judgment of the war. After the world experienced a major-devastating World War (I and II), International Relations – as a practice vis-à-vis discipline – has gone through a synthesis phase. Although the world has looked very different from the 19th century, states, as the acknowledged primary actors, are still chasing their national interests and power. Russia is one of the major powers after World War II, willing to reclaim its past glory by showing its possession towards the neighboring countries, one of which is Ukraine. This paper tries to judge the presence of digital technology as a combat equipment in worsening the magnitude of the war. This paper uses the International Humanitarian Law (IHL) as the principal guide for conducting a war. By contrast, what was happening in the field (das sein) will be seen through a Neorealism perspective as one of the major perspectives in International Relations studies. As the first full-scale modern cyber war, Russia-Ukraine has exemplified the use of digital technology to obscure the purposes of the war – creating a just and justified means to achieve national interest apart from political ways.

The performance of Logistic Regression, Decision Tree, KNN, Naive Bayes and SVM for identifying Automotive Cybersecurity Attack and Prevention: An Experimental Study

The automotive industry has witnessed a significant increase in cyber threats as vehicles become more connected and reliant on software-driven systems. To safeguard against these threats, effective cybersecurity measures must be implemented. This paper explores the use of Support Vector Machine (SVM) algorithms as a means of bolstering automotive cybersecurity attack prevention. SVM algorithms have demonstrated remarkable capabilities in various domains due to their ability to handle complex and high-dimensional data. By leveraging SVM algorithms, this research aims to enhance the detection and prevention of cybersecurity attacks targeting automotive systems.
 The proposed approach involves training SVM models using labeled datasets that include both normal and anomalous driving scenarios. By analyzing various features and patterns extracted from the data, the SVM models can learn to differentiate between normal and malicious behaviour. These models can then be used in real-time to identify and mitigate potential cyber threats.
 The results of this study is compared with other machine learning algorithm like Logistic Regression, Naive Bayes, KNN, Decision Tree, highlight the effectiveness of SVM algorithms in detecting and preventing automotive cybersecurity attacks. The models exhibit high accuracy rates in distinguishing between normal and anomalous behavior, providing a robust defense mechanism against potential threats.
 In conclusion, this research emphasizes the significance of leveraging SVM learning algorithms for automotive cybersecurity attack prevention. By harnessing the power of machine learning, automotive systems can be fortified against cyber threats, ensuring the safety and integrity of vehicles and their passengers.

THREAT ACTORS SEEKING TO EXPLOIT AI CAPABILITIES. TYPES AND THEIR GOALS

Artificial Intelligence’s advancement has led to ethical and privacy concerns due to the ability of algorithms to mine personal data and conduct surveillance on a large scale. The influence of Artificial Intelligence (AI) in cybersecurity extends beyond private entities and individuals. In this scenario, it is important to highlight the threatening actors and their objectives in order to counter AI-based cyber threats. We are dealing with different entities, each having its own interests: cybercriminals are interested in making profit, terrorist groups cause ideological violence and nation-states target geopolitical influence. Moreover, they are increasingly interested in developing AI-driven cyber warfare capabilities for either attacking their enemies or enhancing their defence measures against such attacks. This trend will most likely aggravate the global cyber arms race as countries compete to surpass each other in the development and deployment of AI-driven cyber capabilities. Consequently, it has become crucial for organizations and individuals to understand how AI affects cybersecurity and, thus, adapt their strategies accordingly. Traditional defences must be supplemented with AI-powered tools and techniques to stay ahead of the curve, while security experts must continually update their skills and expertise to cope with the changing threat landscape.

Active Measures Concept Deconstruction Through the Lenses of Information Influence

This study deconstructs the concept of active measures through the prism of information influence. It understands it as sophisticated methods of influencing public opinion and political decisions, originally used by the Soviet Union and now adapted to cyberspace by the Russian Federation. In the analysis, the concept is contrasted with the general abstraction of information influence. This helps to better understand the proximity of active measures to similar concepts. We conclude that abstractions of information influence are also valid for conceptual understanding and practical examples of contemporary Russian active measures. Active measures are subsidiary to information influence, serving as tactical means to achieve the latter's strategic goals. Furthermore, the author states that the information environment is the operational theatre for active operations, cyber operations can be its manifestation, information operations support as a key component of a broader information operations strategy, and psychological operations are its critical element.

CYBER TECHNOLOGIES IN MODERN INTERNATIONAL CONFLICTS AND METHODS OF ENSURING CYBERSECURITY

The article examines the problems of cybersecurity of the state. As you know, the number and scale of international conflicts have increased recently. The methods of conducting armed conflicts have also changed. More and more people began to move from conventional military clashes to information wars and cyber wars. Over time, technological progress has led to the emergence of new arenas for conflicts between countries and factions. Cyberwar has become one of these arenas, where the main weapons are not missiles and submachine guns, but computer codes and supercomputers. This article reveals the role of cyber technologies in modern international conflicts and presents what threats and opportunities they provide on the battlefield.

Cyber Threats to Iran from USA and Israel: Counter Strategies by Iran

The escalating prominence of cyber security issues worldwide has intensified concerns about cyber warfare within the context of the strained relationships among the United States, Israel, and Iran. The hypothesis posits that cyber warfare is inevitable and could lead to catastrophic consequences. Using qualitative research methods from secondary sources like books, journals, etc., this study aims to elucidate the nature of these threats. The research delves into research questions i.e. What are the fundamental cyber warfare strategies employed by the United States, Israel, and Iran, and how they contribute to the escalating tensions among them? How do cyber threats originating from the USA and Israel impact Iran's national security? What are the possible future outcomes of cyber warfare between these nations? Despite limitations such as observational and descriptive study constraints, thematic focus on the security dynamics between these nations, this research contributes to understanding the evolving landscape of cyber security.