Cyber Resilience Research Articles

Application of Situational Crime Prevention Framework for Cybercrime Mitigation

The purpose of this study is to apply the Situational Crime Prevention (SCP) technique to cybercrime mitigation using the South Africa cybercrime incidences as a case study. The SCP was first explained from the theoretical perspective and its five major strategies namely “increase effort”, “increase risks”, “reduce reward”, “reduce provocation” and remove excuses” were explained and linked to remote and online crimes. Prevalent cybercrimes perpetrated in South Africa were also highlighted with hacking used specifically as an example in this study. The SCP technique was tailored towards the mitigation of hacking and its prevalent forms. The SCP fraud prevention “hardening framework” was developed and validated using the hacking incidences in South Africa as a case study. Based on this policy recommendations were made to promote cyber resilience. The outcomes of this study are conceptual frameworks with guidelines for applying the SCP strategies to remote and online crime. The conceptual frameworks are suitable for cybercrime prevention and mitigation and for achieving cyber-resilience

A Cyber Risk Assessment Approach to Federated Identity Management Framework-Based Digital Healthcare System.

This paper presents a comprehensive and evidence-based cyber-risk assessment approach specifically designed for Medical Cyber Physical Systems (MCPS)- and Internet-of-Medical Devices (IoMT)-based collaborative digital healthcare systems, which leverage Federated Identity Management (FIM) solutions to manage user identities within this complex environment. While these systems offer advantages like easy data collection and improved collaboration, they also introduce new security challenges due to the interconnected nature of devices and data, as well as vulnerabilities within the FIM and the lack of robust security in IoMT devices. To proactively safeguard the digital healthcare system from cyber attacks with potentially life-threatening consequences, a comprehensive and evidence-based cyber-risk assessment is crucial for mitigating these risks. To this end, this paper proposes a novel cyber-risk assessment approach that leverages a three-dimensional attack landscape analysis, encompassing existing IT infrastructure, medical devices, and Federated Identity Management protocols. By considering their interconnected vulnerabilities, the approach recommends tailored security controls to prioritize and mitigate critical risks, ultimately enhancing system resilience. The proposed approach combines established industry standards like Cyber Resilience Review (CRR) asset management and NIST SP 800-30 for a comprehensive assessment. We have validated our approach using threat modeling with attack trees and detailed attack sequence diagrams on a diverse range of IoMT and MCPS devices from various vendors. The resulting evidence-based cyber-risk assessments and corresponding security control recommendations will significantly support healthcare professionals and providers in improving both patient and medical device safety management within the FIM-enabled healthcare ecosystem.

Cyber attacks on critical infrastructures and satellite communications

The cyber-attack on the Ukrainian positioning network at the beginning of the ongoing Russia-Ukraine war demonstrated how the branching of satellite connections can have severe repercussions for communication systems. While ground-based networks are changing, the vulnerability of critical infrastructure to cyber-attacks and technical failures has become a serious concern. As cyber attackers are increasingly targeting industrial control systems rather than stealing data, attacks have become more sophisticated and significant. Future connectivity to 5 G networks, the entry of new private players in this sector, and the economic growth of emerging countries will further increase the attack surface of the space sector. A risk-based approach is therefore needed to increase protection and resilience against cyber-attacks. This requires a comprehensive understanding of the technologies and their vulnerabilities, as well as the ability to quickly develop solutions to counter attacks. Responding effectively with legal and policy means is essential to adapting to changes and to providing continuity and security of services. This paper highlights the main qualities of communication technology, its vulnerabilities, and the critical challenges to achieving cyber resilience. It identifies significant assets, defence solutions, and legal and policy aspects that should be further researched to enhance the cyber resilience of European assets.

Russian Cyber Onslaught Was Blunted by Ukrainian Cyber Resilience, Not Merely Security

Russian Cyber Onslaught Was Blunted by Ukrainian Cyber Resilience, Not Merely Security

Cyber Resilience of the Central Bank Digitial Currency Ecosystem

Cyber Resilience of the Central Bank Digitial Currency Ecosystem

TRANSFORMING CYBERSECURITY FOR RESILIENT SMART SERVICES - A CASE STUDY OF THE HAGUE

Cyber-attacks and adversarial threats to the digital operations of smart cities is a growing concern globally. To address the cybersecurity transformation needs and challenges of interdependent digital operations, the concept of cyber resilience is becoming increasingly significant. This article provides an insight on the concept of cyber resilience, depicts how urban resilience and cyber resilience are inter-related in the context of smart cities, and discusses the cyber resiliency engineering techniques that the enterprises need to consider for deploying cyber resilience capabilities in their digital operations. Finally, the initiatives at The Hague smart city, a cyber resilience leader, are highlighted as a case study to show how these practices can transform cybersecurity for enhancing resilience in smart services.

Integrated model to optimize supplier selection and investments for cyber resilience in digital supply chains

Digitalization has revolutionized the supply chain networks but also introduces vulnerabilities to the cyber threats. Notably, in past two years, the cyber-attacks on different organizations worldwide have increased at an alarming rate resulting in significant financial loss to supply chains, intellectual property breaches and supply disruptions. As a result, companies are making significant investments in their cybersecurity. However, many incidents were reported where threat actors attacked a company using the shared digital systems with its suppliers. Therefore, it is important that suppliers are selected based on their cyber resilience. This paper identifies the cyber resilience criteria and proposed a multi criteria decision making based framework to evaluate the cyber resilience of a supply chain partner. It has been also realized that investment in organizational cybersecurity alone is not sufficient to protect supply chains. Companies are now investing in increasing their supply chain cyber capabilities. In this direction, paper also proposes a mixed integer linear program (MILP) to jointly optimize supplier selection and cyber investment decisions in a supply chain based on the supplier's current cyber resilience and potential return on the cyber investments made in selected suppliers. Computational experiments are conducted to study the tradeoffs and impact of sourcing strategy, supplier capacity, cyber security investment decisions on supply chain cyber resilience. The findings underscore that an integrated decision making of supplier selection and cyber investments maximizes the supply chain cyber resilience.

Advancing Cyber Resilience for Autonomous Systems with Novel AI-based Intrusion Prevention Model

Advancing Cyber Resilience for Autonomous Systems with Novel AI-based Intrusion Prevention Model

Cybersecurity in the Age of AI: Protecting Our Data and Privacy in a Digital World

In the digital age, Artificial Intelligence (AI) is pivotal in enhancing cybersecurity, offering advanced capabilities to detect and mitigate cyber threats efficiently. This article delves into AI's role in strengthening cyber security, emphasizing its ability to proactively identify vulnerabilities, forecast attacks, and automate incident responses. It also addresses the challenges and ethical concerns associated with AI in cyber security, such as the potential for misuse by cybercriminals to conduct sophisticated attacks and issues related to data privacy and algorithmic bias. The piece highlights the necessity of a balanced approach to leveraging AI, advocating for collaboration among stakeholders to navigate the ethical and regulatory complexities. Ultimately, it underscores AI's indispensable role in developing resilient cyber security frameworks and fostering a secure digital environment amidst an increasingly complex threat landscape.

Cyber Resilience Act 2022: A silver bullet for cybersecurity of IoT devices or a shot in the dark?

Internet of Things (IoT) is an ecosystem of interconnected devices (IoT devices) that is capable of intelligent decision making. IoT devices can include everyday objects such as televisions, cars and shoes. The interconnectedness brought forth by IoT has extended the need for cybersecurity beyond the information security realm into the physical security sphere. However, ensuring cybersecurity of IoT devices is far from straightforward because IoT devices have several cybersecurity challenges associated with them. Some of the pertinent cybersecurity challenges of IoT devices in this regard relate to: (i) Security During Manufacturing, (ii) Identification and Authentication, (iii) Lack of Encryption, (iv) Large Attack Surface, (v) Security During Updates, (vi) Lack of User Awareness and (vii) Diverging Standards and Regulations.Against this background, the Cyber Resilience Act (CRA) has been proposed to complement the existing EU cybersecurity framework consisting of legislations such as the Cybersecurity Act and the NIS2 Directive. However, does the CRA provide a framework for effectively combating the cybersecurity challenges of IoT devices in the EU? The central crux of the CRA is to lay down and enforce the rules required to ensure cybersecurity of ‘products with digital elements’, which includes IoT devices. To this end, several obligations are imposed on manufacturers, importers and distributors of IoT devices. Manufacturers are mandated to ensure that the essential cybersecurity requirements prescribed by the CRA are met before placing IoT devices in the market. While the cybersecurity requirements mandated by the CRA are commendable, the CRA suffers from several ambiguities which can hamper its potential impact. For instance, the CRA could provide guidance to manufacturers on how to conduct cybersecurity risk assessment and could clarify the meanings of terms such as “limit attack surfaces” and “without any known exploitable vulnerabilities”.When the fundamental themes of the CRA is analysed from the prism of the cybersecurity challenges of IoT devices, it becomes clear that the CRA does provide a foundation for effectively addressing the cybersecurity challenges of IoT devices. However, the expansive wording in various parts of the CRA, including in the Annex I Requirements, leaves scope for interpretation on several fronts. Consequently, the effectiveness of the CRA in tackling the Security During Manufacturing Challenge, Identification and Authentication Challenge, Large Attack Surface Challenge and Diverging Standards and Regulations Challenge would be largely contingent on how harmonised standards develop and how the industry adopts them. The CRA seems to be more effective, albeit not fully so, in significantly addressing the Lack of Encryption Challenge, Security During Updates Challenge and Lack of User Awareness Challenge of IoT devices. However, the manner in which the CRA addresses all these cybersecurity challenges could be improved upon if an agency such as the ENISA was given the legal mandate to set elaborate standards for cybersecurity requirements under the CRA.

Denmark’s Sector Responsibility Principle: A Tedious Cyber Resilience Strategy

Denmark’s Sector Responsibility Principle: A Tedious Cyber Resilience Strategy

Cyber Resiliency Enhancement of Overcurrent Relays in Distribution Systems

Cyber Resiliency Enhancement of Overcurrent Relays in Distribution Systems

Cyber Resiliency of Aircraft Systems: A Literature Review

Aircraft have an important role in the overall defense of almost every country. However, military aircraft are not only susceptible to traditional kinetic weapons but also to constantly developing cyber weaponry. There has been global growth in the number of cyber threats in recent years, and the field of military aviation is not outside the growing threat. The war in Ukraine and recent military aircraft procurements in Europe make the topic very timely. A highly skilled and resourced adversary is able to conduct complex long-term attacks that penetrate even well-protected systems, such as military aircraft systems. Even air-gap does not protect aircraft from cyber threats as modern aircraft have complex and networked avionics and support systems. The study aims to find the current trends of cyber security research related to aircraft systems. The included topics are, for example, cyber resiliency and cyber protection in the system life cycle. The study concentrates particularly on forming an overall view of the most vulnerable military aircraft systems. The study presents a non-systematic literature review based on public data sources, such as research reports, articles, etc. A set of nine relevant sources was chosen for detailed qualitative analysis. Because of the lack of detailed military sources, applicable study materials related to commercial passenger aircraft were included. The results suggest that the most vulnerable aircraft systems from the viewpoint of cyber security are those that are exposed to threats via communication and satellite systems. Other vulnerable systems are sensors and avionics systems that transfer, or process critical data related to the functions of the aircraft. In addition, the study found that it is difficult to protect aircraft systems from cyber threats because of their complexity, maintenance operations, and supply chains, which also increase the size of the attack vector. To tackle the issue, it is important to follow the development of regulations and policies related to cyber security in aviation and to study the methods of managing the threat in a holistic and cost-effective manner.

Addressing the Digital Resilience Challenge in the Electricity Sector in Nigeria: From Risk to Resilience

The electricity sector in Nigeria stands at the crossroads of an ever-evolving digital landscape and the pressing need for resilience in the face of dynamic challenges. This paper explores Nigeria's electricity sector, navigating its evolving digital landscape with a focus on resilience amid growing challenges. Shifting from risk reduction to resilience building, the study utilizes stakeholder interviews to assess cyber resilience. Unveiling technological advancements, it addresses interdependencies, vulnerabilities, and cyber threats in the connected grid. The study discusses some enabling practices to solve these issues including the role of policy and regulatory frameworks in fostering a culture of resilience and collaboration among various stakeholders. Amid the digital revolution, it advocates readiness, responsiveness, and rehabilitation for Nigeria's electricity sector. The study serves as a strategic roadmap for public and private decision-makers to tackle digital resilience challenges.

Architecture Framework for Cyber Security Management

The smooth operation of contemporary society relies on the collaborative functioning of multiple essential infrastructures, with their collective effectiveness increasingly hinging on a dependable national system of systems construction. The central focus within the realm of cyberspace revolves around safeguarding this critical infrastructure (CI), which includes both physical and electronic components essential for societal operations. The recent surge in cyber-attacks targeting CI, critical information infrastructures, and the Internet, characterized by heightened frequency and increased sophistication, presents substantial threats. As perpetrators become more adept, they can digitally infiltrate and disrupt physical infrastructure, causing harm to equipment and services without the need for a physical assault. The operational uncertainty of CI in these cases is obvious. The linchpin of cyber security lies in a well-executed architecture, a fundamental requirement for effective measures. The framework of this paper emphasizes organizational guidance in cyber security management by integrating the cyber security risks assessment and the cyber resilience process into overall continuity management of organizations business processes.

Assessment of Cyber Resilience in the Maritime Domain Using System Dynamics and Analytical Hierarchy Process (AHP)

The maritime industry is increasingly dependent on digital technology, making it vulnerable to cyber threats. Every stakeholder is exposed to cybersecurity risks and challenges. This research aims to provide an assessment and simulation model of cyber resilience in the maritime domain, supported by qualitative descriptive statistical methods. This study is also supported by system dynamics and Analytical Hierarchy Process (AHP). The data were obtained from an eight-member expert panel (academics and practitioners) and pertain to the research period January 2022 – February 2023 and the Indonesian Sea area. Research results on global weight revealed the threat (MC-1), vulnerability (MC-2), and technologies (MC-3) sub-criteria as the most important, with the global weight of 0.102 each, followed by the navigation (MO-2), and governance and compliance (CR-6) sub-criteria with the global weight of 0.072 and 0.065, respectively. Maritime cyber resilience evaluation is based on three main criteria. The maritime operation criterion has the highest resilience value, with overall evaluated value of maritime cyber resilience being in the acceptance resilience category level 4, with the value of 3.535 (70.701%). Furthermore, changes in the maritime cyber resilience value in the 2022-2025 period are still at level 4 (acceptance resilience). Maritime cyber resilience is expected to stagnate at its current level 4 in 2023. In the third and fourth year (2024-2025), a downward trend in the maritime cyber resilience value is expected.

Resiliency of forecasting methods in different application areas of smart grids: A review and future prospects

The cyber–physical infrastructure of a smart grid requires data-dependent artificial intelligence (AI)-based forecasting schemes for predicting different aspects for the short- to long-term, where AI-based schemes include machine learning (ML), deep learning (DL), and hybrid models. These forecasting schemes in different application areas of a smart grid can be vulnerable to cyber-attacks, which is yet to be addressed from a broad perspective. This work reviews the literature addressing the vulnerability of forecasting schemes in smart grids with a categorization of application areas. The existing research works addressing cyber-security or cyber resiliency are reviewed and then presented in an organized manner according to application areas to highlight their advantages and disadvantages. The findings of this review indicate a critical need to develop accurate and robust AI-based forecasting schemes capable of withstanding diverse attack scenarios in each sector, while addressing unsymmetrical attention to different sectors of smart grids. Hence, this review provides a comprehensive overview of the current literature and emphasizes the necessity for the research community to advance toward developing attack-resilient AI-based forecasting schemes designed explicitly for smart grids.

The European experience of legislative support for strengthening cyber resilience

The concept and content of cyber resilience are considered. characterizing features of cyber resilience are defined. The relationship between the concepts of cyber security and cyber resilience is detailed. Cyber resilience infrastructure and its components are defined. The current EU legislation on strengthening cyber resilience is analyzed. The positive aspects of strengthening cyber resilience in EU legislation have been identified. Special attention is paid to the review of the NIS2 Directive and the EU Cyber Resilience Act. The constituent components of a comprehensive cyber resilience strategy at the local level have been determined. The directions of the European Central Bank (ECB) aimed at strengthening the cyber resilience of the EU banking system are described. Based on the generalization of positive European experience, prospects for improving and strengthening cyber resilience in Ukraine are outlined.

Interconnected and resilient: A CGE analysis of AI-driven cyberattacks in global trade.

The burgeoning interconnectedness of global trade in the digital age not only presents enticing opportunities but also harbors potent vulnerabilities of artificial intelligence (AI)-driven cyberattacks. This study explores the cascading impacts of these disruptive threats on economies, supply chains, and trade, utilizing the intricate lens of Computable General Equilibrium modeling. Through meticulously designed simulation scenarios, we illuminate the potential economic ramifications of cyberattacks, with a focus on regions heavily reliant on digital technologies and interwoven supply chains. The analysis reveals significant declines in real GDP, trade prices and volumes, and trade route disruptions across regions. Notably, economies like China, the United States, the United Kingdom, and the EU, due to their deep integration in global networks, face pronounced vulnerabilities. However, amidst this bleak landscape, hope emerges in the form of cyber resilience. The study showcases the effectiveness of proactive measures like adaptable production systems, diversified trade partners, and robust cybersecurity infrastructure in mitigating the adverse impacts of cyberattacks. Incorporating cyber resilience significantly dampens the reported negative consequences, highlighting the critical role of preparedness in combating digital warfare. This study underscores the urgent need for a global paradigm shift toward cyber resilience. Collective efforts to bolster cybersecurity infrastructures, foster international cooperation in threat intelligence, and establish open and resilient trade frameworks are crucial in navigating the treacherous labyrinth of AI-driven cyberattacks. By embracing resilience strategies and fostering global collaboration, we can pave the way for a more secure and prosperous digital future, where interconnectedness becomes a tool for progress, not a vulnerability to be exploited.

Encrypted Chat Application

In today's cyber landscape, the protection of digital communication channels stands as a paramount concern. This abstract dissects the cyber resilience strategies underpinning the development of secure chat applications, with a particular focus on user interface design using Jetpack Compose and encryption integration leveraging Kotlin. The examination commences with an in-depth analysis of the cyber defence mechanisms ingrained within chat interfaces crafted through Jetpack Compose, the cutting-edge toolkit tailored for native Android UI construction. By meticulously adhering to Material Design principles, developers fortify chat interfaces against cyber intrusions, placing a premium on real-time messaging functionalities and multimedia integration to foster user engagement while deterring malicious exploitation.The abstract plunges into the cornerstone role of encryption in fortifying cybersecurity, spotlighting Kotlin's robust encryption capabilities. Through the adept utilization of Kotlin AES encryption algorithms, developers erect an impregnable bastion around user messages, guaranteeing both confidentiality and integrity. Synergizing encryption with Firebase Firestore for fortified data storage and Firebase Authentication for resilient user validation fortifies the application's cyber defense, thereby ensuring user data remains impervious to cyber threats. By amalgamating Jetpack Composes resilient UI design tools with Kotlin's encryption prowess, developers erect a formidable cybersecurity fortress around chat applications. This symbiotic alliance not only safeguards user privacy and data integrity but also reinforces communication channels against the relentless onslaught of cyber adversaries in the ever-evolving cyber landscape Key Words: Encryption Integration, Secure Chat Application, Cyber Resilience Strategies, Cyber Defense Mechanism.