My CAJ Experience

I guess the CAJ exam tomorrow will mark the end of this project and therefore the end of my blogging about cyberwar. In a way I am, of course, relieved that I finally concluded another task this semester, but I am also a bit sad for not having an excuse for researching an actually interesting topic on the internet. To end my CAJ project and to get a bit of an overview of my blogposts, I will use this post to resume my work and to talk a bit about what I learned from this project.

In the last few posts (I don't know exactly how many posts I wrote related to cyberwar) I talked about hackers, about what they are doing, their punishments when they get involved in cyberwar, the wish for their recruitment to reinforce cyber security, their targets and the difficulty of tracking them, as well as about a cyber conflict that involved Israeli and Saudi Arabian teams of hackers. I also talked about the two, probably most famous cyber attacks: Stuxnet and The Estonian Cyberwar. Looking at cyberwar from a different angle, I talked about the role timing played in cyber attacks, about a mathematical equation for calculating the perfect moment to attack and about the argument that "a cyberwar won't exist". As cyberwar is also directly linked to cyber security, I introduced a TED talk about cyber security and linked this to preparations for a cyberwar by the U.S as well as to cyberwar games. Last but not least, I tried to link cyberwar to the use of drones by the military and the revolution that could cyberwarfare could lead to in the military.

Looking back at my blogposts I regret that I did not focus on some more aspects of cyberwar. Even though I read about the different cyberwar scenarios that people fear, I never blogged about it. I could have easily linked this to doomsday preppers for example. I would also have liked to talk about an experiment when hackers succeeded in hacking into a car by using radio frequences, or to talk about some more famous cyber attacks.

If I had the chance to start the project all over again, I would start with simply reading a lot about cyberwar. Then I would go on to create a mind map about all the different topics I read about and how they could relate to each other. I would plan my posts better and try to bring them into order before actually putting them online, instead of letting myself be led from one topic to another.

Even so, I have to say that I greatly enjoyed this project. I learned a lot about cyberwar and cyber security, but I also learned a lot in English. Looking back at this project also taught me how important organization is, mainly if a project develops over a period of several weeks or even months.

The U.S prepares for a Cyberwar

http://securityaffairs.co/wordpress/12070/security/how-the-us-are-preparing-to-cyber-warfare.html

In the context of cyber warfare, the US and Israel are generally considered the most advanced countries, as they have allegedly participated in the creation of the first official cyber weapon, Stuxnet, as well as in many other sophisticated cyber-attacks. As both nations suffer an increasing number of cyber-attacks daily and are therefore improving their cyber capabilities. The Pentagon has even announced a major expansion of its cyber army to defend national infrastructures in 2013.

They announced that the Defense Department’s Cyber Command would be increased from 900 to 4000 units and that the resources dedicated to the operations in cyberspace were going to be quadrupled. In addition to the expansion of the Cyber Command, a restructure into three distinct areas, namely

1.      “national mission forces” is responsible for the protection of computer systems that support the nation’s power grid and critical infrastructure.

2.     “combat mission forces” is responsible for offensive operations.

3.     “cyber protection forces” is responsible for Pentagon’s computer systems security.

was planned.

In order to further expand their cyber warfare capabilities, Pentagon has even involved private companies, universities and computer-gaming companies in the development of certain technologies. Mainly now the U.S has started to massively invest in cyber defense, so as to respond to cyber threats and to attain the ability to launch successful cyber-attacks against hostile states.

The goal of one specific project, in cooperation with DARPA, is to develop a new generation of cyber soldiers, AI, able to prevent cyber-attacks and to launch itself strong offensive cyber-attacks. The research program has a duration of five years and will be financed with $110 million.

Not only the US, but governments all over the world are searching for a cyber strategy that provides an optimum balance between a good cyber offense and defense, as most cyber-attacks are characterized by the necessity of an immediate cyber response in order to avoid the destruction of assets and resources.

As cyber espionage, hacking and warfare operations are shifting to cyberspace, the US and any ther government must improve its cyber capabilities.

Cyberwar Games

http://www.optimalrisk.com/Advanced-Cyber-Defence-Services/Cyber-War-Games
http://www.zdnet.com/largest-ever-cyber-wargame-tests-europes-defences-7000028871/

As cyberwar has increasingly gained attention in recent years, the popularity and importance of cyberwar games has been on the rise as well. As experts mention that it becomes more and more apparent that static security measures are one of the greatest risks of sophisticated cyber attacks, agencies are trying to strengthen their ability to recover quickly from cyber attacks and to resume normal operations.

In order to be prepared for destructive cyber attacks, a combination of sophisticated technology and managerial procedures is needed. The reaction of staff in the situational analysis, decision making and communication need the greatest improvement in a crisis. The general knowledge of organisations on cyberwar, their capabilities and their awareness of the threat of cyberwar can be elevated by the simulation of a cyberwar.

 Those war games generally consist of a series of desktop exercises and masterclasses over a period of two days. In the first phase attempts to create a familiarity with the general knowledge on cyberwar and how to manage it. In the second phase the game itself takes place. One team starts to attack the computer system of an organization, which is in return observed and accompanied by mentors through their response to these attacks. The whole process of attacks and counter-attacks are assessed and evaluated. The third phase consists of a workshop in which the war game is analyzed and the performances of different organizations are compared and contrasted.

Recently Europe’s largest ever cybersecurity war games have begun in order to test the cooperation of EU countries in the event of a cross-border cyber attack. More than 200 organisations will take part in this event, including energy companies and telecom operators.

The scale of this cyberwar game should also prove that Europe takes the threat of cyberwar seriously. The whole event is organized by the European Union Agency for the Network and Information Security (Enisa).

16 cybersecurity incidents which were similar to real life cases, were given to the participants. The results were then investigated and analysed by security professionals in terms of confidentiality, integrity and availability of sensitive information.

How do instant photographs work?

In order to answer the question of how exactly Polaroid cameras are able to take pictures and have them fully developed only moments later, some information on the structure of the film used in instant cameras is needed.

The Polaroid film itself consists of the same three light-sensitive layers used in conventional cameras, which are separated from each other by dye coupler layers. An image layer, along with a timing layer and an acid layer are placed on top of them. A black base layer forms the undermost layer of all of the other layers mentioned above. Probably the most important layer is the layer situated between the light-sensitive layer and the image layer, which contains a chemical called the re-agent. 
The re-agent is a mixture of opacifiers, which block light; alkali, necessary for neutralizing acids; and white pigments. The entire frame of the film is covered in a combination of these elements. The re-agent itself starts the chemical reaction taking place in Polaroid film.

The chemical processes start once the Polaroid camera pushes the film out, using rollers inside the camera. The re-agent is spread across the whole film, which starts a series of chemical reactions. The colors from the dye layers move up from the lower layers, the acid layer moves towards the top and the re-agent moves towards the lower layers. Another chemical reaction occurs once the re-agent and the acids meet. The alkali and the opacifier in the re-agent react with the acids to make the re-agent turn clear. Following this reaction the image starts to appear until the film is, at last, fully developed.

International Regulation of Cyber-Warfare

Several experts in cyber-security, cyber-intelligence, cyber-warfare and cyber-terrorism gathered in 2013 at an event entitled “International Regulation of Cyber-Warfare”. The fact that the current framework of international law is silent on the concept of cyber-warfare was criticized my many; demanding a regulation of cyber weapons.

The main question remains how exactly the law should be applied to cyber operations. Many referred to the “Tallinn Manual”, created by a group of experts on cyber security, as a possible option for how international law applies to cyberspace. In this manual, several factors that play an important role in classifying a happening in cyberspace as a cyber-attack are elaborated.

Several difficulties that could arise from applying international law to cyber warfare were equally discussed. As an example for this, the discrimination between civilians and combatants was mentioned as being problematic, as this would require that the attack be carried out against a specific group of IP addresses. The requirement of combatants wearing a fixed distinctive sign recognizable at a distance would equally be difficult to meet.

Even so, cyber war now poses a real threat to national security with rising number of cyber-attacks carried out by an increasing variety of actors, including hackers, spies, companies and states.

The experts then discussed the definition of cyber weapons in order to create the possibility of applying international law to their use. They mentioned that cyber weapons must be deployed within the context f a cyber-warfare act, that the purpose of the cyber-attack must be a physical destruction or damage caused directly or indirectly and that the means to achieve this outcome have to involve technological information systems. A cyber weapon is therefore a device of computer instructions used in a conflict between national or non-national actors, with the purpose of causing physical damage to people or equipment.

Even though the event continued with mentions of legal and non-legal nature, underlining the interest of the participants in a regulation of cyber weapons, no decision on how law could be applied was made.

 http://isiseurope.wordpress.com/2013/11/06/international-regulation-of-cyber-warfare/

NEW CAJ: Cyberwar Abstract

The purpose of this CAJ is to provide information on the topic of cyberwar that has become a general topic of discussion recently and about  a potential threat to the future of human beings. In the following blog posts, famous cyber threats will be covered, but the difficulties in defining recent cyberattacks as cyberwar and the probability of the future outbreak of a cyberwar will equally be discussed. Several scientific journals as well as websites dedicated to cyber security and to technology in general, just as TED talks on topics related to cyberwar, served as the sources of information of this CAJ. The research conducted on the topic of cyberwar concluded that greatest difficulty in defining cyberwar is the fact that it is hard to track cyberattacks back to their source and that series of cyberattacks can only be considered an act of war if a nation leads its operation. This further leads to the assumption that the outbreak of a cyberwar is highly unlikely. To further research cyberwar, the different forms of cyberattacks that could be used in cyberwar will be presented and theories about the potential risk of a cyberwar outbreak will be elaborated.

ABSTRACT: “WHEN ZOMBIES ATTACK: MATHEMATICAL MODELLING OF AN OUTBREAK OF ZOMBIE INFECTION”

ABSTRACT: “WHEN ZOMBIES ATTACK: MATHEMATICAL MODELLING OF AN OUTBREAK OF ZOMBIE INFECTION”

The purpose of the article is to demonstrate the flexibility of mathematical models and to prove that modelling can respond to a variety of biological challenges, including outbreaks of zombie infection. To prove this, five mathematical models were taken into consideration. The timescale in each of these models was short, so that the birth and death rates of humans could not influence the outcome of the equations. In addition to that, only humans were considered susceptible to zombie infection in all five models. The first three models conclude with the fact that a coexistence between humans and zombies is impossible, as this will eventually lead to the eradication of humans. According to the fourth model, in which the existence of a cure for zombiism is taken into consideration, humans would be able to survive in low numbers. Only the fifth model, which includes the factor of an impulsive eradication of zombies, would allow humans to survive the outbreak relatively undamaged. Though the scenario of a zombie outbreak is unrealistic, these findings can in real life be applied to examine the allegiance to political parties or diseases with dormant infection.