Factors That Make Cyberspace Different to Terrestrial Cyber Security - Literature review Example

jоr Аssignmеnt – Сybеr Intеlligеnсе Factors that make cyberspace different to terrestrial cyber security Cyberspace can be defined as the man-made domain that is created when connections involving computers, routers, switches, wireless devices, fibre optic cables, satellites and other components are made to make it possible to transfer huge amounts of data at high speeds (Williams 2014). Even then, Ploug (2009, p. 70) is of the view that cyberspace is a concept that is difficult to understand fully. Ploug (2009, p. 70) views cyberspace as a virtual space, place or room that is maintained and accessed via networks computers that interconnected, and in which agents are interacting. Based on this point of view, cyberspace can be regarded as a kind of place for interaction that is made available through networks of interconnected computers. Up to this point, it can be said that Ploug’s (2009, p. 70) definition of cyberspace is similar to the definition provided by (Williams 2014). Ploug (2009, p. 70) goes further to explore the concepts of virtuality and ‘the net’ that are related to cyberspace. The virtuality of cyberspace denotes the nature of cyberspace’s independence of any particular spatiotemporal location (Ploug 2009, p. 70). In other words, as a space or place of interaction, cyberspace does not need the parties that are interacting to be at a specific location at a given moment in time in order to meet in the said pace or place. Interaction in cyberspace is linked to a physical substratum, but it may be asynchronous or synchronous, and it could encompass agents located in any possible geographical location. The second as aspect of cyberspace is ‘the net’. The definition if cyberspace as provided above obviously does not include the possibility of the concept of cyberspace being simply another word for ‘the net’ or cyberspace being a concept that means the pool of information stored in computers and made accessible via computer networks (Ploug 2009, p. 70). Nonetheless, as should be apparent from the definition of cyberspace, the concept is dependent on the availability of an internet. In addition, cyberspace appears to be a place, space or room that supervenes upon the availability and functioning of interlinked networks of computers. Therefore, any change in the condition of the relevant interlinked computers, will also have an impact on the kind of interaction that is experienced in cyberspace (Ploug 2009, p. 70). On another note, Carneiro (2015, p. 318) seems to agree with Ploug’s (2009, p. 70) notion that cyberspace is dependent on the availability of an internet. The authors takes the debate even further by noting that cyberspace encompasses the Internet as ell as lots of other networks of computers that are not necessarily accessible from the Internet. It is further argued that some of the private networks resemble the Internet, but they are, at least in theory, separate. Carneiro (2015, p. 318) also adds that other components of the Internet are transactional and perform functions such as sending data about many flows, credit transactions, and stock market trades. Further, some networks, which are part of the cyberspace, control systems that make it possible for machines to talk to each other, such as elevators and control panels (Carneiro 2015, p. 318). Just like it is done in the physical or terrestrial space such as maritime, land, space and air, many activities are also conducted in cyberspace (Williams 2014). As seen from the description provided by Carneiro (2015, p. 318) above on what can be done in cyberspace, there is indeed much that can be done in cyberspace. However, as the number of activities that can be done in cyberspace increases, so do the possible related security risks increase. Unlike the terrestrial or physical environment which is surrounded by risks that can be predicted and thwarted, cyberspace presents a whole new dimension of security challenges. According to the National Cyber Security Centre (NCSC) (2013, p. 3), cyber security risks are a continually evolving threat to organisations’ capacity to attain their objectives and deliver their core functions. For instance, in regard to any organization who data can be accessed through cyberspace, there are risks as the presence of cyber criminals interested in obtaining money via scams or fraud by selling valuable company information. There are also industrial competitors as well as foreign state actors who have interest in gaining economic benefits for their own firms or countries. Organisations are also subject to the threat of hackers who find it enjoyable to interfere with computer systems. As well, cyberspace is subject to the activities of hacktivists, who attack different organisations for ideological or political motives. It is also possible that an organisation’s employees who have lawful access to the organisation’s data may accidentally or intentionally misuse such data (NCSC 2013, p. 3). By looking at the nature of things that can be done in the cyberspace environment, one can decipher how the types of crimes that can be committed in cyberspace differ from those that can be committed in the terrestrial environment. According to Chawki (2005), cybercrimes are different from terrestrial crimes in four ways. First is that cybercrimes are easy to learn how to commit, given amount of information that is available in the cyberspace. Secondly, cybercrimes require a few resources compared to the possible damage that can be caused. Thirdly, cybercrimes can be committed in a given jurisdiction without the physical presence of the person committing the crime. This is because of the most of such crimes are made possible by the Internet. The fourth point is that many cases of cybercrime are often clearly illegal, meaning that one can commit them without the fear of getting arrested. A further look that the difference between cyberspace and terrestrial security can be based on the nature of threats and security risks that are involved in both environments, some of which have been addressed above. To start with, computer-related offences are committed across cyberspace and they do not stop at the conventional state boundaries (Chawki 2005, p. 9). Also, cybercrimes can be committed from anywhere and can target any computer across the world (Chawki 2005, p. 9). This means that unlike terrestrial security in which surveillance would be around people is a given neighbourhood, cyberspace security has to focus on security threats from across the world. The complex nature of cybercrimes also shows how cyberspace and terrestrial security differ. There are many examples of crimes that are committed cyberspace, which are more difficult to prevent and control than would be the case in the terrestrial space. For example, Hacking is made possible by a multiplicity of technologies. These include tempest attack, packet sniffing, buffer overflow, and password cracking (Chawki 2005, p. 15).There are also case of use of malicious codes and viruses. In this case, computers can be targeted using logic bombs, Trojan horse attacks, as well as data diddling – the act of placing false data in a computer or illegally altering data (Chawki 2005, p. 15; Kabay 2009, p. 2.9). A malicious code is any computer program that is designed to shift one computer to another and from one network to another while intentionally modifying computer systems or causing damage to data without the permission of the owners or operators (Chawki 2005, p. 15; Pfleeger & Pfleeger 2003, p. 111). On the other hand, computer viruses are specific types of malicious codes that replicate themselves and insert their copies or new versions of themselves into other programs when they are executed with the infected programmes (Chawki 2005, p. 16; Parsons & Oja 2012, p. 23). Viruses can steal data in a computer, destroy files, or cause a slowing done of the computer system’s functioning (Parsons & Oja 2012, p. 23) Because of the lack of boundaries in cyberspace, there is no doubts that malicious codes and viruses can be spread over a very large network of computers within a very short time and cause notable disruptions or even damages. Other threats that are related to cyberspace security and which present a different challenge from what would be experienced in the terrestrial environment include cases of online fraud; cyberstalking, hate speech and harassment; cyberterrorism; and cybertheft (Chawki 2005). Online fraud can be exercised in different forms such as manipulation of computers, desktop counterfeiting and computer forgery, modification of data or programs, Internet-based auction fraud, and electronic-mail forgery (Chawki 2005, pp. 15-18). Cyberterrorism refers to the convergence of cyberspace and terrorism (Janczewski & Colarik 2005, p. 43). It can be defined as “premeditated, politically, motivated attack against information, computer systems, computer programs, and data which result in violence against non combatant targets by sub national groups or clandestine agents” (Chawki 2005, p. 20). What this means is that unlike what happens in the terrestrial environment where physical assets may be the target of attacks, cyberterrorism involved the targeting of information, data, computer programs, and computer systems, which could have disastrous effects if vital data or information is destroyed of if unauthorised people get access to such data or information. Cybertheft on the other hands means the use of different information communication technology approaches to steal money, information or other values. Unlike the terrestrial environment which theft would involve the physical acquisition of various properties through means such as burglary, cybertheft involves methods such as embezzlement, DNS cache poisoning, unlawful appropriation, identity theft, and piracy (Chawki 2005, p. 21). How intelligence should be applied in the cyberspace domain Intelligence can be defined as the product that results from collecting, processing integrating, evaluating, analysis and interpreting of information that is available about a given phenomenon (Tripwire Guest Authors 2014). Along the same line, cyber intelligence is the product that results from “the collection, processing, analysis, integration, evaluation, and interpretation of available data concerning hostile cyber organization, cyber forces capabilities, network system, hardware, software, data, threats, vulnerabilities, and so on” (ho Eom 2014, p. 138). Ordinarily, intelligence involves planning and setting of the direction regarding what is to be achieved, collecting data, processing the collected data, turning the collected data into an intelligence product, and dissemination of information about the intelligence to the concerned persons so that they can use it (Tripwire Guest Authors 2014). The same approach can be followed when it comes to cyber intelligence. The purpose of cyber intelligence is mainly to gather information from or for cyberspace, which has a global domain within the information environment that consists of information infrastructures that are interdependent. While applying intelligence in cyberspace, there is need to consider the fact that over time, there has been accelerated interweaving of cyberspace with human activities over the second decade of the 21st century (Crowell n.d.). This means that militaries, governments and civilian organisations have to change their approach towards intelligence gathering in order to reflect these changes. According to Helm (n.d., p. 1), the fundamental theories of intelligence can be applied when considering intelligence in cyberspace. To start with, there is need to recognise the point that intelligence is not simply a collection of information – the information must be analysed and put into an appropriate perspective so as to become helpful intelligence. Since cyberspace makes it possible to seamlessly exchange information, it presents a challenge in regard to the large quantities of data or information that have to be processed and analysed prior to the information becoming helpful intelligence. Therefore, intelligence gathering in cyberspace must involve collecting information from the various diverse areas that comprise cyberspace, such as the darknet, the open Internet and all oter types of networks involved (Kalutarage et al. 2016, p. 33). According to Kalutarage et al. (2016, p. 33), making use of a big monolithic sensor network to gather intelligence about the cyberspace may not be possible because of the huge diversity of areas that exist in cyberspace. The uniqueness of the cyberspace as compare to other environments means that cyberspace is a pace that is uncertain (Kalutarage et al. 2016, p. 33). This implies that the people responsible for intelligence gathering with regard to cyberspace have to contend with a great deal of uncertainty, which is made even more complex by the nature of the computing environment. Intelligence gathering must therefore recognise the complexities and uncertainties involved in cyberspace by incorporating mechanisms to deal with any inconsistencies, address the incompleteness of information by compensating for the lack of knowledge in some areas, and constantly update the available knowledge base over time to address the changes that constantly occur in cyberspace (Kalutarage et al. 2016, p. 34). Allowances that intelligence practitioners need to make when dealing with cyberspace There are a number of things that intelligence practitioners need to pay attention to dealing with cyberspace. The first issue is the nature of the cyberspace domain. Here, allowances have to be made to ensure that the cyberspace domain is visualized in the perspective of an operational environment. Thus, there should be a discussion about cyberspace as a component of the operational environment in which the intelligence practitioners are involved. In this regard, analysts needs to be conversant with the cyber domain as well as its connection to other domains, since this is the first step in coming up with a reliable and effective intelligence gathering system. Therefore, there is need to ensure that al visualisation tools, doctrinal lexicon and standardised representations are matured to help in the intelligence processes (Helm n.d., p. 2). There is also need to consider potential adversaries with react to cyberspace intelligence gathering process. The intelligence gathering and analysis process needs to take into consideration issues such as the potential threats in cyberspace, such as hacktivists, who often find it possible to do in cyberspace what they would not be able to carry out in other domains (Helm n.d., pp. 2-3). Allowances need to be made to make it possible to identify such threats in advance so as to prevent the possible attacks and hence consequences. Allowances also need to be made in regard to ensure that there is operational efficiency within the team that is involved in collecting and analysing intelligence data (Helm n.d., p. 3). In this regard, there is need to ensure good interaction between intelligence practitioners involved, and it is also important to examine the relationship between different intelligence elements and how these elements interact with regard to intelligence data. Understanding how internal and external intelligence structures interact will help in optimising the development as well as integration of cyberspace intelligence. Another consideration is the intelligence cycle. Each step of the intelligence cycle should be examined from the point of view of the cyber space domain. This means that all the processes involved in intelligence, i.e. collecting, processing integrating, evaluating, analysis and interpreting of information, should be based on consideration of the unique aspects of cyberspace. Another allowance that intelligence practitioners need to make dealing with cyberspace is the understanding that knowledge about the cyberspace keeps changing. Hence, there is need to allow room for changes to be constantly made to databases and the information that is collected as part of the intelligence process. Avenues of enquiry that intelligence practitioners use in cyberspace Intelligence practitioners use in cyberspace use different avenues of inquiry including strategic, operational, and tactical levels. The strategic level involves determining the national or multinational security objectives and developing and using the resources that are available to achieve the set objectives (Intelligence and National Security Alliance 2013, p. 7). The activities involved at this level of inquiry include making decisions on whether to use cyber capabilities to get come technology or information, and the allocation of resources towards the development of general competencies for intervention. The operational level of inquiry is the stage at which campaigns or key operations are set up, performed, and maintained in order to attain strategic objectives within the respective areas of operation (Intelligence and National Security Alliance 2013, p. 9). This includes carrying out an analysis of trends that indicate the technical direction in which potential security risks might arise. At this this stage, there is also the development of capacity to be used in intervening in a given risk scenario. At the tactical level of inquiry, the activities involved focus on the ordered organisation of manoeuvre of elements to be used on dealing with an identified security risk (Intelligence and National Security Alliance 2013, p. 10). For example, when a case of possible risk or threat is detected, the organisation in question will come up with measures to ensure that the threat does not materialise and that no other such event can be successful as a threat in the future. References Carneiro, A 2015, ‘Defending information networks in cyberspace: some notes on security needs’, in MM Cruz-Cunha & M Manuela (eds), Handbook of research on digital crime, cyberspace security, and information assurance, Information Science Reference, Hershey, PA. pp. 314-333. Chawki, M 2005, A critical look at the regulation of cybercrime, Computer Crime Research Center, viewed 28 October 2016, . Crowell, D n.d. ‘Re-thinking intelligence support to cyberspace operations in the early 21st century’, EMC Chair Conference Paper. Helm, S n.d., ‘Intelligence, cyberspace and national security’, EMC Chair Conference Paper. Ho Eom, J 2014, ‘Roles and responsibilities of cyber intelligence for cyber operations in cyberspace’, International Journal of Software Engineering and Its Applications, vol. 8, no. 9, pp. 137-146. Intelligence and National Security Alliance 2013, Operational levels of cyber intelligence, Intelligence and National Security Alliance, September. Janczewski, LJ & Colarik AM 2005, Managerial guide for handling cyber-terrorism and information warfare, Idea Group Publishing, Hershey, PA. Kabay, ME 2009, ‘History of computer crime’, in S Bosworth, ME Kabay & E Whyne (eds), Computer security handbook, John Wiley & Sons Ltd, Hoboken, New Jersey. chapter 2. Kalutarage, H, Shaikh, S, Lee, B-S, Lee, C & Kiat, YC 2016, ‘Early warning systems for cyber defence’, Camenisch & D Kesdoğan (eds), in Open problems in network security, Springer, Zurich, pp. 29-42 NCSC 2013, Cyber security and risk management an executive level responsibility, viewed 28 October 2016, . Parsons, JJ & Oja, D 2012, Computer concepts 2012: introductory, Course Technology, Boston, MA. Pfleeger, CP & Pfleeger, SL 2003, Security in computing, 3rd edn, Prentice Hall, Upper Saddle River, New Jersey. Ploug, T 2009, Ethics in cyberspace: how cyberspace may influence interpersonal interaction, Springer, New York. Tripwire Guest Authors 2014, ‘An introduction to cyber intelligence’, Trip Wire, 16 January, . Williams, B 2014, ‘Cyberspace: What is it, where is it and who cares?’ Armed Forces Journal, viewed 28 October 2016, . Top of Form Bottom of Form Read More