Technology and digitization are a great social good. But they also involve risks and threats. Cybersecurity is not just a matter of data or computer security; cybersecurity is about the security of society. Why "Philosophy"? To understand how to reason and think about threats and cybersecurity in today’s and tomorrow’s world, this book is necessary to equip readers with awareness. Philosophy of Cybersecurity is about the user’s perspective, but also about system issues. This is a book for everyone—a wide audience. Experts, academic lecturers, as well as students of technical fields such as computer science and social sciences will find the content interesting. This includes areas like international relations, diplomacy, strategy, and security studies. Cybersecurity is also a matter of state strategy and policy. The clarity and selection of broad material presented here may make this book the first book on cybersecurity you’ll understand. It considers such detailed basics as, for example, what a good password is and, more importantly, why it is considered so today. But the book is also about systemic issues, such as healthcare cybersecurity (challenges, why is it so difficult to secure, could people die as a result of cyberattacks?), critical infrastructure (can a cyberattack destroy elements of a power system?), and States (have they already been hacked?). Cyberspace is not a "grey zone" without rules. This book logically explains what cyberwar is, whether it threatens us, and under what circumstances cyberattacks could lead to war. The chapter on cyberwar is relevant because of the war in Ukraine. The problem of cyberwar in the war in Ukraine is analytically and expertly explained. The rank and importance of these activities are explained, also against the background of broader military activities. The approach we propose treats cybersecurity very broadly. This book discusses technology, but also ranges to international law, diplomacy, military, and security matters, as they pertain to conflicts, geopolitics, political science, and international relations.
Author(s): Lukasz Olejnik, Artur Kurasiński
Edition: 1
Publisher: CRC Press | Taylor & Francis Group
Year: 2024
Language: English
Commentary: TruePDF | Full TOC
Pages: 225
Tags: Computer Security Political Aspects; Computer Security Social Aspects
Cover
Half Title
Endorsement Page
Title Page
Copyright Page
Table of Contents
Preface
Authors
Chapter 1: Introduction to the philosophy of cybersecurity
1.1 A few words about history
1.1.1 The history of viruses and malware
1.1.2 Interest groups and hacker groups
1.1.3 Why cybersecurity has become important
1.2 The gradual increase in the role and importance of cybersecurity
1.2.1 The problem of scale
1.3 The international and military dimension
1.4 What is the philosophy of cybersecurity – how do we understand it?
1.5 Is cybersecurity achievable?
1.5.1 Confidentiality, integrity, and availability
1.5.2 For an ordinary user
1.5.3 Business use
1.5.4 State
1.5.5 The global problem
1.5.5.1 The problem of international stability
1.6 Important questions and a myth
1.6.1 The question of physical destruction
1.7 Is cybersecurity even achievable?
Notes
Chapter 2: Cyber threats and the necessary clarifications
2.1 Risk
2.2 Different types of risk
2.2.1 Artificial Intelligence and risk
2.2.2 Human rights
2.3 Briefly about cyberattacks
2.4 Kill chain – a useful thought model
2.4.1 Reconnaissance
2.4.2 Weaponization
2.4.3 Delivery
2.4.4 Exploitation
2.4.5 Installation
2.4.6 Command and control
2.4.7 Achieving goals
2.4.8 Kill chain – summary
2.5 The MITRE model
2.6 Social engineering and phishing
2.6.1 Masquerade in France using the “minister” method
2.7 Threat groups
2.7.1 Hacktivists
2.7.2 Cybercriminals
2.7.3 State groups, APT
2.7.4 Groups – synthesis
2.8 Cyber tools or cyberweapons?
2.8.1 Types of tools – a question of aims
2.8.1.1 Estonia (2007)
2.8.2 Exploit
2.9 CVE and security bug branding
2.9.1 20-year-old security vulnerabilities?
2.9.2 The economy of security bugs and exploits
2.9.3 Frameworks and other tools
2.10 Ransomware
2.10.1 Data loss and ransom
2.10.2 Business model – money is the target
2.10.3 How to protect yourself – Rule 3-2-1
2.10.4 Geopolitical and legal problem – Corsairs of the twenty-first century ?
Notes
Chapter 3: Cybersecurity from the user’s point of view
3.1 Cybersecurity as a problem of ordinary people
3.1.1 Digitization is progressing and what comes of it
3.1.2 Do we build dependencies ourselves?
3.1.3 Data center on fire – talking about hard luck!
3.2 You have to protect yourself – is it possible? HOW DO YOU DO IT?
3.2.1 Problems also for experts
3.2.2 Security is the increase in costs for attackers
3.2.3 Pay attention to what matters
3.2.3.1 The question of resources and scale
3.2.4 Risk modeling
3.2.5 What are the actual threats to us?
3.3 The Iron rules
3.3.1 Technology is for people
3.3.2 Vendors should take care of basic security – the importance of ecosystems
3.3.3 The risk surface
3.3.3.1 Mapping the ways of use
3.3.3.2 Identification of risk points and a selection of solutions
3.3.3.3 Legal requirements to the rescue?
3.3.4 Up-to-date software
3.3.5 The principle of limited trust in what appears on the screen
3.3.6 Verifying communication
3.3.7 Passwords
3.3.7.1 Good passwords
3.3.7.2 Breaking passwords is not that easy!
3.3.7.3 We don’t change good passwords (unless there are good reasons for it)
3.3.7.4 Good passwords are long passwords
3.3.7.5 Passphrases – Diceware
3.3.8 Storing passwords
3.3.9 Two- or multi-factor authentication
3.3.9.1 Toward passwordless systems
3.3.10 Paranoia
3.3.11 Up-to-date knowledge
3.3.12 Web browser
3.3.12.1 Use different browsers
3.3.13 Different risks to different “drawers” (or “pigeon holes”)
3.3.14 Safe e-mail
3.3.14.1 Webmail
3.3.14.2 Is big safer?
3.3.15 Instant messaging
3.3.15.1 Encryption
3.3.16 Social media
3.3.17 Do we need a VPN? Probably not
3.3.17.1 Tor
3.3.18 Remember that the threat model depends on who you are and what you do
3.4 Are we always in danger and does someone always want to hack us?
3.4.1 Not all threats are technical
3.4.2 We may not have any influence on some problems
3.5 Antivirus software
3.6 User privacy – a broad topic
3.6.1 Settings
3.6.2 Not only bad people have something to hide
3.6.3 Smartphone – the center of life
3.6.4 What do they know about us?
3.6.5 Privacy as a product feature and business advantage
3.6.6 Privacy versus technologies and standards
Notes
Chapter 4: Cybersecurity of healthcare infrastructure
4.1 The digitalization of healthcare is progressing
4.1.1 Digitalization and its issues
4.1.2 COVID-19 as a digital accelerator
4.2 Digitalization and cybersecurity risks
4.3 Risks and threats
4.3.1 Cyberattacks on hospitals
4.3.2 WannaCry ransomware as a driver of cybersecurity funding?
4.3.3 Cyberattacks on healthcare in Ireland in 2021
4.3.4 Other cyberattacks on healthcare centers
4.3.5 Will the insurer cover the losses?
4.3.6 Does cyber insurance make sense ?
4.3.7 Hospitals are not treating cybersecurity as a priority – and that is reasonable?
4.4 Digitalization of diagnostics and new vulnerabilities
4.4.1 Risks of implants
4.4.2 Data leaks or modification of diagnostics
4.4.3 Cyberattacks on the supply chain
4.5 Cybersecurity of medical devices
4.5.1 Targeted attack on a patient using an insulin pump
4.5.2 Targeted attack – battery drain
4.5.3 Attacks on medical devices – summary
4.6 How to secure a hospital
4.6.1 Hardware, software, licenses, updates…
4.6.2 What happens in the event of a large-scale cyberattack? Scenario of a systemic cyberattack
4.6.2.1 Segmentation, segregation, and isolation
4.7 Lethal effects
4.7.1 Bad design – Therac-25 system
4.7.2 Chasing sensation?
4.7.3 Careful with reports?
4.7.4 Why kill with a cyberattack ?
4.7.4.1 Is it easy to detect death due to a cyberattack?
4.8 Okay, but can a cyberattack kill?
4.8.1 Cyberattack scenario with lethal consequences – can such a logic bomb be detected?
4.8.2 Coordinated battery drain of a medical implant? A scenario
Notes
Chapter 5: Cybersecurity of critical infrastructure
5.1 Vulnerable part of the State
5.1.1 A different classification of cyberattacks
5.2 Examples of cyberattacks against critical infrastructure
5.2.1 Energy
5.2.1.1 Nuclear power plants
5.2.1.2 Cyberattacks on energy distribution in Ukraine
5.2.1.3 What happens when the power is switched off
5.2.1.4 An attempt to turn off the power under wartime conditions?
5.2.1.5 How to protect the system
5.2.1.6 Blackout as a result of a cyberattack? Scenarios
5.2.2 Scenario: Physical destruction of the transformer
5.2.2.1 Practical demonstration of physical damage
5.2.2.2 Skepticism about reports is recommended
5.2.3 Water treatment/sanitation systems
5.2.4 Gas and oil
5.2.4.1 Siberian pipeline – give it no credence
5.3 Securing critical infrastructure
5.4 Hacking physical elements
5.4.1 Ransomware for industrial systems and PLC worm
5.5 Physical effects
5.5.1 Stuxnet
5.5.2 German steel mill
5.6 Transportation systems
5.7 What do the States do about it?
5.7.1 Europe, USA
5.8 The key civilizational issue
Notes
Chapter 6: Cybersecurity of a State
6.1 What is the cybersecurity of a State?
6.1.1 Cybersecurity of citizens, or described more broadly
6.2 Countries have already been hacked
6.2.1 Cyber operations against the U.S. political system (2016)
6.2.2 Elections, intelligence, and human nature
6.2.3 Intentional leaks and their effects
6.2.4 Cyber operations against the political system in France (2017)
6.2.5 Cyber-enabled information operations aimed at the electoral process
6.2.6 Hacking social media accounts – a preface to an information operation?
6.2.7 Professional cyber operations
6.2.8 Cyber operations and the situation at the Polish–Belarusian border in 2021
6.2.9 The case of Taiwan: Outreach and the man from nowhere
6.2.10 Attacks elsewhere
6.3 Electronic voting as a systemic vulnerability of a State
6.3.1 Transparency issues
6.3.2 Tread carefully with digitization
6.4 A general scenario – cyber-enabled information operation
6.5 How countries protect or defend themselves
6.5.1 EU GDPR, NIS – when it is worthwhile or necessary to act
6.5.2 CERTs and other institutions
6.6 Is it possible to secure the State?
6.6.1 Elections
6.6.2 Political parties
6.6.3 Cybersecurity of the electoral staff – a challenge
6.6.3.1 Personal issue
6.6.3.2 Headquarters/staff cybersecurity strategy
6.6.3.3 More about the human factor
6.6.3.4 Technical, cloud measures
6.6.3.5 Routine deletion of data
6.6.4 Cybersecurity as a PR problem
6.7 The necessity of a State cybersecurity strategy
6.8 Or maybe disconnect from the Internet?
Notes
Chapter 7: Cyberconflict and cyberwar
7.1 Rivalry and competition between the States
7.2 Cyberintelligence, cyberespionage…
7.3 Cyber police
7.4 Cyber army
7.4.1 Standard tools
7.4.2 Cyberattack is not an attack
7.4.3 Cyber operations
7.4.3.1 Defensive cyber operations
7.4.3.2 ISR operations
7.4.3.3 Offensive operations
7.4.4 Proportions of different operations
7.5 Cyber capabilities
7.5.1 Physical effects
7.5.2 Disruptive effects
7.5.3 Denial of service and blocking
7.5.4 Information acquisition and data collection
7.5.5 Signaling
7.5.6 Delivery
7.5.6.1 Cyber operation with close access in Rotterdam
7.5.6.2 Bribing employees
7.6 What is cyberwar?
7.6.1 A war limited to cyberattacks? Nope.
7.6.2 Cyberattacks accompanying other military actions
7.7 Cyber-offensive actions
7.7.1 Cyber operations with physical effects
7.7.2 Can a cyberattack kill? Operational-military approach
7.7.3 Targeting – can cyberattacks aim at specific targets, people?
7.8 Cybersecurity of weapon systems
7.8.1 What does this lead to?
7.8.2 Good news?
7.9 Is it possible to respond militarily to a cyberattack?
7.9.1 Article 51 of the United Nations Charter
7.9.1.1 Article 51
7.9.2 Attribution
7.9.2.1 Acting under a false flag – masking
7.9.3 Attribution levels
7.9.4 State practice – establishing customs?
7.9.5 Why indicate at all?
7.10 Would there be any rules IN cyberwar?
7.10.1 Ideas for using new technologies and protecting ourselves from threats
7.10.2 The laws of war (laws of armed conflict)
7.10.3 Cyberattack scenario causing gas poisoning – in violation of Chemical Weapons Convention
7.11 Means of cyberattack – cyber weapons
7.11.1 Tools
7.11.2 Methods
7.11.3 Dual use
7.12 Where to get cyber capabilities
7.12.1 Building
7.12.2 Buying
7.12.3 A note on automatically generated tools
7.13 Cyberdeterrence – a force projection tool
7.13.1 Cyberdestabilization
7.13.2 Escalation
7.13.3 Escalation ladder
7.14 Risk of escalation
7.14.1 Cyberattack scale and rank – impact-wise
7.15 How countries are preparing
7.15.1 What threats are we facing ?
7.15.2 Risk of escalation and war
7.15.2.1 But it’s not like we have any automatism here!
7.15.3 Cyberattacks as an integral element of combat, offensive, and military operations
7.15.3.1 Cyber Gleiwitz incident scenario
7.15.4 Can stabilization be supported?
7.15.5 Standards
7.15.6 Civilians and warfare
7.16 Cyberspace and State affairs
7.16.1 Three limits – organizational, technological, and legal
7.16.2 Threats and their reality
7.16.3 Cyber operations in intelligence gathering
7.16.4 Is it worth giving funds to the military?
7.16.5 Separation of cyber entities is necessary
7.16.5.1 Cyber Access Acquisition Agency?
7.16.6 Do States need offensive capabilities?
7.16.7 The specifics of the problem – who wants to understand it?
7.16.8 What does the Cardinal Richelieu teach us about cybersecurity?
7.16.9 Threats due to cyber capabilities
7.16.9.1 Risk of internal abuse
7.16.9.2 External threat
7.17 Cyberwar in Ukraine in 2022
7.17.1 Situation prior to the conflict
7.17.1.1 Cyber-enabled information operation – preparing the information environment before the invasion
7.17.2 Situation during the armed conflict
7.17.2.1 No cyberapocalypse
7.17.2.2 In operation units of different countries
7.17.2.3 Unofficial, amateur units
7.17.2.4 The risk of spillover of the cyberconflict to other countries
Notes
Chapter 8: Conclusion
