ebook img

Cyberwarfare. Threats to Critical Infrastructure PDF

550 Pages·2022·10.151 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Cyberwarfare. Threats to Critical Infrastructure

PALGRAVE STUDIES IN CYBERCRIME AND CYBERSECURITY Cyberwarfare Threats to Critical Infrastructure Kristan Stoddart Palgrave Studies in Cybercrime and Cybersecurity Series Editors Thomas J. Holt, Michigan State University, East Lansing, MI, USA Cassandra Cross, School of Justice, Queensland University of Technology, Brisbane, QLD, Australia This book series addresses the urgent need to advance knowledge in the fields of cybercrime and cybersecurity. Because the exponential expan- sion of computer technologies and use of the Internet have greatly increased the access by criminals to people, institutions, and businesses around the globe, the series will be international in scope. It provides a home for cutting-edge long-form research. Further, the series seeks to spur conversation about how traditional criminological theories apply to the online environment. The series welcomes contributions from early career researchers as well as established scholars on a range of topics in the cybercrime and cybersecurity fields. Original series creators and co-founders: Marie-Helen Maras and Thomas J. Holt. Kristan Stoddart Cyberwarfare Threats to Critical Infrastructure Kristan Stoddart School of Social Sciences Swansea Universtiy Swansea, UK Palgrave Studies in Cybercrime and Cybersecurity ISBN 978-3-030-97298-1 ISBN 978-3-030-97299-8 (eBook) https://doi.org/10.1007/978-3-030-97299-8 © The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer International Publishing AG, part of Springer Nature 2022 This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors, and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Palgrave Macmillan imprint is published by the registered company Springer Nature Switzerland AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland Acknowledgments From 2014–2017 I was involved in a major (£1.2 million) project exam- ining SCADA systems and the Cyber Security Lifecycle funded by Airbus Group and the Welsh Government. This was, and remains, a project in which I will be eternally grateful to have been involved. It was led quite superbly by Dr. Kevin Jones who is now the Chief Information Secu- rity Officer at Airbus Group. He was, and remains, inspirational and an active leader in the global cybersecurity field. The genesis of this book was in this project. Through it, I worked with some of the leaders in cybersecurity in locations throughout Europe and North America. I owe a huge debt of gratitude to my friend and former colleague, Professor Emeritus Len Scott, who read most parts of this when it was a larger two-volume study. Additionally, my long-term collaborator and friend, Professor Emeritus John Baylis, aided me in fundamental discus- sions of warfare and much else besides. I also need to thank Professor Christian Kaunert at the University of South Wales (where I hold a Visiting Professorship) for all his encouragement with what have become three books (this book, and my related books, China and its Embrace of Offensive Cyberespionage and potential for cyber warfare and Russia’s v vi Acknowledgments cyber offensives against the West ). I would also like to thank Professor Stuart Macdonald and my colleagues at the Cyber Threats Research Centre (CYTREC) at Swansea University where I am currently an Asso- ciate Professor. There are also friends and colleagues I would add too numerous to mention. Whilst the content I have used produced by United States government agencies is in the public domain I am grateful to be able to reproduce materials from a number of U.S. government agencies. These are the White House, National Security Council, United States Congress and United States Senate, the Department of Energy, Department of Home- land Security, Department of Justice, Federal Aviation Authority, Federal Bureau of Investigation, Federal Emergency Management Agency, the National Institute of Standards, and Technology (NIST)/Department of Commerce. In addition, the Department of Defense and branches of the DOD including the National Security Agency, Central Intelligence Agency, Defense Intelligence Agency, Office of the Director of National Intelligence, U.S. Cybercommand, the Office of the Director of National Intelligence, the Defense Advanced Research Projects Agency, and the Joint Chiefs of Staff. I am also grateful to NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) for permission to quote from James A. Lewis, ‘The Role of Offensive Cyber Operations in NATO’s Collec- tive Defence’, which appeared in Tallinn Paper 8 (2015); Ji Young Kong, Kyoung Gon Kim and Jong In Lim, ‘The All-Purpose Sword: North Korea’s Cyber Operations and Strategies’, in Tomáš Minárik, Siim Alatalu, Stefano Biondi, Massimiliano Signoretti, Ihsan Tolga and Gábor Visky (eds.), 2019 11th International Conference on Cyber Conflict: Silent Battle (Tallinn: CCD COE Publications, 2019); and Christian Czosseck, Rain Ottis and Anna-Maria Talihärm, ‘Estonia After the 2007 Cyber Attacks: Legal, Strategic and Organisational Changes in Cyber Security’, in Proceedings of the 10th European Conference on Information Warfare and Security at the Tallinn University of Technology Tallinn, Estonia 7–8 July 2011. I was fortunate to spend time with the excellent and committed people (civilian and uniformed) who work at the CCDCOE and to live in Tallinn, Estonia for an extended period. I also had (and hope to again) Acknowledgments vii the pleasure of visiting this beautiful city for NATO’s CyCon confer- ences where I met excellent people, felt what is like to be a frontier state of NATO and the EU, and came to appreciate the earnestness they hold for EU and NATO values. I am grateful to Perry Pederson for granting permission to use ‘Aurora revisited—by its original project lead’ that was published on langner.com. I am also grateful to Ralph Langer for his help. I am also grateful to ‘The Estate of Alexandra Milgram’ for permission to quote from Stanley Milgram, ‘Behavioral Study of Obedience’, which appeared in the Journal of Abnormal and Social Psychology, Vol. 67, No. 4 (October 1963). This work and his ideas of ‘six degrees of separation’ and the small world phenomenon continue to help generate insights. I would also like to thank Yale University Press for permission to quote from The Vory: Russia’s Super Mafia by Mark Galeotti and to Penguin Press for permis- sion to quote from Joel Brenner, America the vulnerable: inside the new threat matrix of digital espionage, crime, and warfare, (New York: Penguin Press, 2011). I also need to thank Eurozine for permission to quote from another work by Mark Galeotti, ‘(Mis)Understanding Russia’s two ‘hybrid wars”. Finally, I am very thankful to Verizon for permission to use extracts from their highly informative Data Breach Investigations Reports (DBIR) and to reproduce figures 15 and 16 from the 2021 DBIR. Whilst best efforts have been made to trace and acknowledge all copy- right holders, I would like to apologize should there have been any errors or omissions. I would also like to give my thanks to Josie Taylor, my commissioning editor at Palgrave Macmillan/Springer Nature. This book was begun in earnest during a career break in the summer of 2018. Although it had long been my intention to write up that which I had learned, I came to learn much more still. My knowledge (and hopefully my understanding) grew as I thought about the fundamental issues of cyberwar(fare) and war and warfare itself and then thought in tandem about the myriad of cyberespionage cases and activities I knew of or came to encounter. I came to realize that some separation was necessary but that some acts of cyberespionage were also part of the debate/continuum surrounding cyberwarfare. I hope I have done both subjects justice. Contents 1 Introduction 1 Cyberwar and Critical Infrastructure 3 The Threat Actors 6 The Cyber Context: States as Targets and Attackers 11 Cybercriminals and Their Usefulness as ‘Proxies’ and ‘Privateers’ 13 The Threat Landscape 15 Machine Learning, Artificial Intelligence, and High Performance (Quantum) Computing 17 Critical Infrastructure: ICS and SCADA 19 Subdue the Enemy Without Fighting 26 Cyber: The Fifth Domain of Warfare 29 A Short Guide toT erminology 31 Malware 31 Cyber Forensics 33 Overview 34 ix x Contents 2 On Cyberwar: Theorizing Cyberwarfare Through Attacks on Critical Infrastructure—Reality, Potential, and Debates 53 Introduction 53 The Fog of Cyberwar 54 What Is Cyberwar(fare)? 57 Cyberwar Deconstructed 59 Hybrid Warfare 61 International Law: JWT and the LOAC 65 Rules of Engagement 67 The Tallinn Manuals and the Cyberwarfare Debate 70 Cyberwar Against Critical Infrastructure as a War Winner 73 The Failure of Cyber Deterrence and the Attribution Problem 78 Iran 87 North Korea 94 Policy and Debates in the United States 102 The 2018 U.S. National Cyber Strategy: CISA and the Biden Administration 105 The U.S. Military and ‘Forward Defense’ 106 Conclusion 113 3 Cyberwar: Attacking Critical Infrastructure 147 Introduction 147 SCADA Systems and Critical Infrastructure 148 Proof-of-Concept: Aurora and Stuxnet 151 The Implications of Aurora and Stuxnet 152 Real-World Cases 153 Electricity Generation and Distribution 154 Electricity Producing Sites Include Nuclear Power Stations 156 Water Treatment and Sanitation 158 Dams and Reservoirs 159 The Oil and Gas Industry: Rigs, Refineries, and Pipelines 160 Chemical Plants 168 Ports and Logistics 169

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.