All Articles
Unprecedented internet connectivity in dangerous machinery and the essential function of society requires preventative cyber risk solutions. This article reviews the new Kinetic Cyber, the UK’s upcoming Product Security and Telecommunications Infrastructure (PSTI) Bill and reflects upon International Humanitarian Law (IHL) relating to weapons of mass destruction.
Intelligence agencies today have to collect and analyse intelligence on numerous individuals, state and non-state actors in an environment of many complex hybrid threats and overlapping interests. Additionally, there is a glut of data from several sources that need to be processed quickly and accurately. Artificial Intelligence (AI) presents a viable way to maximise the value of the All-Source intelligence products. Despite all the promise AI holds for the Intelligence Community, the technology is far from perfect.
Artificial intelligence and machine learning (AI/ML) have seamlessly and fundamentally transformed the way we interact with digital technology [1]. Dual-use applications, such as the case of AI/ML, can be quickly exploited by cybercriminal activities. One example is phishing, one the first types of cybercrime. While phishing in today’s world is still perceived as an outdated scam, AI/ML advancements have paved the way for more convincing phishing attacks and the wider use of hyper-targeted spear-phishing. This article will focus on the AI/ML-enabled transformation of phishing and spear-phishing and the consequences it poses for the cybersecurity environment.
Artificial intelligence (AI) has the potential to radically change societies. By employing it in numerous fields, ranging from healthcare to the economy can improve humans’ lives. However, this revolutionary technology may cause disruptive imbalances in the military power relations between countries, especially in the field of nuclear stability. Although the development of AI-based defensive weapon systems might improve nuclear deterrence, incorporating artificial intelligence into nuclear offensive capabilities and command and control (C2) systems could accelerate escalation in crisis scenarios.
There is the confidence that the globalised, networked systems we have built are resilient enough to overcome significant disruptions. What if this confidence is misplaced? This article seeks to answer this question in relation to what is likely the most important of humankind’s networks: the electrical grid. Two methods for conducting a cyber attack against the electrical grid will be considered; the first for disrupting the grid, and the second for destroying core elements. A warning will be offered to the West not to rely on technological supremacy in cyberspace as a deterrent to cyber attacks.
Previous articles in this series have shed light on the evolution of Private Military and Security Companies (PMSC). Growing beyond the commonly held conceptions in academia and of the industry itself, PMSCs are involved in conflicts around the world. Used by both states and non-state actors, these companies are also branching out into other demographics and types of security. These include intelligence gathering and analysis as well as cyberspace, domains that are typically the preserve of states. The cyber realm has not only been populated by a number of private cybersecurity firms but also hackers-for-hire willing to strike anyone anywhere. Additionally, this article will briefly explore the emerging opportunities for PMCSs in Latin America and China.
An increased reliance on electricity combined with new production methods and structural changes in the grid pose new challenges in guaranteeing stable and affordable access to electricity. These structural changes imply the integration of ‘smart’ control systems, which often rely on internet connections. Yet, considering the rapid development of malicious activities in the cyber domain, a smarter grid is not always safer.
By Dorien Van Dam
In 2015, representatives of 196 state parties negotiated the Paris Agreement, whose focal point was to limit global warming to below 2 °C, but preferably below 1.5 °C. The Intergovernmental Panel on Climate Change published a new report in October 2018. This report calls for urgent action to phase out fossil fuels by outlining the disastrous impacts of global warming that could be avoided by limiting global warming to 1.5 °C compared to 2 °C [1]. The need to phase out fossil fuels is well acknowledged, but this transition opens up a whole new range of hurdles to overcome. An increased reliance on electricity combined with new production methods and structural changes in the grid pose new challenges in guaranteeing stable and affordable access to electricity. These structural changes imply the integration of ‘smart’ control systems, which often rely on internet connections. Yet, considering the rapid development of malicious activities in the cyber domain, a smarter grid is not always safer.
Phasing out the use of fossil fuels requires the intensified use of alternative sources of energy. Among the largest sources of renewable energy are wind and solar-power. This production takes place on both the industrial and household levels, for example on large solar farms as well as individual solar panels on rooftops. This development means that electricity is now ‘injected’ in the grid from multiple entry-points: both in the ‘traditional’ top-down direction, as well as in bottom-up processes. However, in the absence of (economically viable) large-scale electricity storage capacity, the grid has to be perfectly balanced at all times: input and output have to be equal. This balancing act becomes increasingly difficult due to several reasons. One is the aforementioned multidirectional injection of electricity into the grid. Another reason is the intermittent production nature of renewable energy sources; solar and wind energy are only produced when the sun shines and the wind blows, and therefore are difficult to regulate.
Properly regulating and balancing the grid requires the collection of large amounts of data about the production and consumption of energy. This is often done through Supervisory Control and Data Acquisition systems (SCADA systems) – these are control systems installed on remote places in the electricity grid. SCADA systems have a dual function. First, they gather data about energy flows and send this data to a central command centre. Second, they execute control commands that they receive from the centre with the purpose of keeping the grid balanced and thus operational [2] [3]. These SCADA systems sometimes referred to as SMART systems (Self-Managing and Reliable Transmission systems), are credited with increasing efficiency and enabling the integration of ‘irregular’ production methods [4]. However, they are also more vulnerable to hackers.
The exchange of data and commands between a SCADA system and the central command centre frequently takes place through an internet connection. Such connections, especially wireless ones, make a system easier to target. Therefore, the risk that external actors gain access to control systems is larger. Subsequently, if a hacker manages to take control and disconnect the system, it can take longer for the grid regulators to regain control because such SCADA systems are often placed in remote locations. By accessing control systems and using this access for disrupting command structures, hackers can disrupt the balance of the grid and ultimately even cause blackouts. This, for example, happened in 2015, when hackers managed to gain access to a remote substation in Ukraine and rendered it inoperable and again in 2016 when Ukrainian Industrial Control systems were hacked [5] [6].
In the context of an increased reliance on electricity, to enable our shift away from fossil fuels, it is safe to conclude that the stable functioning of the electricity grid is of paramount importance. Additionally, the strategy of the European Energy Union heavily relies on the future development of the electricity sector. Integration and standardization of electricity control systems might streamline cross-country energy flows and stimulate the development of a truly interconnected market, but could also render it more vulnerable. If you figure out how to hack one, you know how to hack all of them. Ultimately, we can conclude that a smarter grid is not always a safer grid.
[1] Intergovernmental Panel on Climate Change (2018). Global Warming of 1.5 °C. Retrieved 8 October 2018 at http://www.ipcc.ch/report/sr15/.
[2] Jarmakiewicz, J., Maslanka, K., & Parobczak K., (2015). Evaluation of the Cyber Security Provision System for Critical Infrastructure. Journal of Telecommunications and Information Technology, no. 75, 22-29.
[3] Jarmakiewicz, J., Parobczak, K., & Maślanka, K. (2017). Cybersecurity protection for power grid control infrastructures. International Journal of Critical Infrastructure Protection, 18, 20-33.
[4] Beaulieu et al. (2016). Smart Grids from a Global Perspective: Bringing Old and New Energy Systems. Springer: Switzerland.
[5] Cox, J. (2016). The Malware That Led to the Ukrainian Blackout. Vice Motherboard. Retrieved 8 October 2018 from https://motherboard.vice.com/en_us/article/wnx5yz/the-malware-that-led-to-the-ukrainian-blackout
[6] Imeson, M. (2017). Electricity industry on alert for ‘cyber sabotage’. Financial Times. Retrieved 8 October 2018 from https://www.ft.com/content/1fc89bd8-996c-11e7-8c5c-c8d8fa6961bb.
Transport, energy, health, and finance are the most vulnerable sectors exposed to cyber-threats. Issuing the EU Cybersecurity Strategy in 2013 was an important step forward in developing a common framework; however, the strategy lacked the practical initiatives that would deliver tangible outcomes.
By Rusudan Zabakhidze
In the past decade, cyber warfare has become an exceptional phenomenon that has increased the vulnerability of individuals, non-state actors, and state actors to unprecedented levels. Businesses and governments rely on networks to provide their services across the EU. However, the cyber threat vulnerability of the world’s second-largest economy remains unclear. This article provides an introduction to the EU’s strategic cyber security vision by critically analysing internal and external challenges in the implementation of the recently published cyber security strategy: “Resilience, Deterrence, and Defense: Building strong cybersecurity for the EU.”
In the case of a cyber offense, the victimised country is often hampered to find a proper response because of the ambiguity surrounding the nature and origin of the attack. Since the cyber-attacks against Estonia in 2007, there have been growing concerns over the possibility of election hacking by foreign states, ransomware attacks, and other cybercrime. According to the statistics provided by the European Commission, 80% of European companies experienced at least one cybersecurity incident in 2017 [1]. Correspondingly, 86% of Europeans believe that the cybercrime risks are increasing [2].
The European Union is working on completing the Digital Single Market which will further extend the “four freedoms” (movement, capital, goods, and labour) by providing the rules of fair competition for the individuals and businesses of the Member States to engage in online activities [3]. Therefore, the costs related to cyber attacks are only expected to increase, creating a need for the development of effective preventive mechanisms. Some Member States have already included Cybersecurity in their National Security Strategies. Yet, the ambition of creating the Digital Single Market coupled with the highly interdependent nature of the EU economy indicates a need for action on the collective European level, rather than the individual national levels.
Transport, energy, health, and finance are the most vulnerable sectors exposed to cyber-threats [4]. Issuing the EU Cybersecurity Strategy in 2013 was an important step forward in developing a common framework; however, the strategy lacked the practical initiatives that would deliver tangible outcomes [5]. Necessary resources, for example, are still up to each Member State to acquire. In September 2017, the European Commission proposed a wide range of concrete measures that aim to further strengthen the EU’s cyber defense structures and capabilities, entailing more cooperation between the Member States. The updated strategy, “Resilience, Deterrence, and Defense: Building strong cybersecurity for the EU,” revolves around three principles: building resilience, developing legislative responses, and strengthening international cooperation [6].
While the implementation of the proposed initiatives is a long-term process, the EU has already taken its first steps regarding the security of its own institutions. An inter-institutional arrangement established a permanent Computer Emergency Response Team (CERT-EU) covering all EU institutions, bodies, and agencies.
The European Commission has created the EU Cybersecurity Agency for Network and Information Security (ENISA). This agency coordinates cooperation among member states against cyberattacks. The EU has created a blueprint that guides incident responses for large-scale cyberattacks. An EU-wide certification scheme is also in consideration to increase the quality and security of digital products and services. The EU plans to support Research and Competence Centers and to set up a cyber defense training and education platform. The EU also aims to develop a framework for a Joint EU Diplomatic Response to Malicious Cyber Activities and to deepen cooperation with the North Atlantic Treaty Organization (NATO) [7].
Even though the proposed initiatives cover a wide range of responses, there are a number of practical challenges that will significantly affect the speed, as well as the outcomes, of the mentioned initiatives. The EU has neither properly defined resilience or deterrence nor made sufficiently clear how it intends to overcome institutional fragmentation and lack of legal authority in cybersecurity issues [8]. Other tasks that lie ahead include finding consensus on what constitutes a cybercrime and building the capacities to trace the sources of attacks.
While updating the original cyber security strategy can be considered a positive step towards the EU’s increased resilience, the challenges posed by institutional fragmentation of the Union may hinder the implementation process. Ultimately, as the frequency and scale of cyberattacks increase, effective mechanisms are essential. Failure to implement the proposed initiatives will automatically result in the failure of the establishment of the Digital Single Market. Failure to adapt to the risks and realities of the 21st century could harm the EU’s credibility, and ultimately its viability, not only with its citizens, but worldwide.
[1] European Commission. 2017. State of the Union. Cyber Security Factsheet. [online]
Available at: http://www.consilium.europa.eu/media/21480/cybersecurityfactsheet.pdf
[2] ibid
[3] European Commission. 2015. Shaping the Digital Single Market. [online]
Available at: https://ec.europa.eu/digital-single-market/en/policies/shaping-digital-single-market
[4] Council of the European Union. 2017. Reform of the Cyber Security in Europe. [online]
Available at: http://www.consilium.europa.eu/en/policies/cyber-security/
[5] European Commission and High Representative of the EU for Foreign Affairs and Security Policy.
2013. Cyber Security Strategy of the EU: An Open, Safe and Secure Cyberspace. [online]
Available at: https://eeas.europa.eu/archives/docs/policies/eu-cyber-security/cybsec_comm_en.pdf
[6] European Commission. 2017.
State of the Union - Cybersecurity: Commission scales up EU's response to cyber-attacks.
[online] Available at: http://europa.eu/rapid/press-release_IP-17-3193_en.htm
[7] European Commission. 2017. State of the Union. Cyber Security Factsheet. [online]
Available at: http://www.consilium.europa.eu/media/21480/cybersecurityfactsheet.pdf
[8] Bendiek, A, Bossong, R & Matthias Schulze. 2017. The EU’s Revised Cybersecurity Strategy.
German Institute for International and Security Affairs. [online]
Available at: https://www.swp-berlin.org/fileadmin/contents/products/comments/2017C47_bdk_etal.pdf
