![]() “Use of deliberate actions – perhaps over an extended period of time – to alter, disrupt, deceive, degrade, or destroy adversary computer systems or networks or the information and/or programs resident in or transiting these systems or networks.” (Owens et al., 2009: p.“Any action taken to undermine the functions of a computer network for a political or national security purpose." (Hathaway et al., 2012: p.The following six definitions of cyber-attack were identified: The journal articles published in the English language by organizations in North America and Europe were reviewed for the purpose of identifying definitions of “cyber-attack”. The remainder of this article infers the essential attributes of the cyber-attack concept from definitions of cyber-attacks found in the literature, synthesizes information on ten high-profile cyber-attacks, and uses it to provide concrete examples of the attributes of cyber-attacks.Īttributes from Definitions of Cyber-Attacks The main motivation for identifying the attributes of cyber-attacks is to enable building the theory of cyber-attacks as a unity of intellectual frameworks beyond the disciplinary perspectives (i.e., a transdisciplinary theory). It does so by examining various definitions published in the literature and information on ten high-profile cyber-attacks. This article contributes a set of attributes of the cyber-attack concept. Their objective was not to produce another one-sentence definition of security they set out to identify the essential attributes of security. They eliminated ambiguities and inconsistencies in the different uses of the security concept. Security researchers identified essential attributes to make explicit what was meant by security. In this article, the approach to clarify what is meant by cyber-attack is similar to the approach researchers followed to clarify what was meant by "security" in the late 1990s (e.g., Baldwin, 1997 Buzan, 1998 Huysmans, 1998). With the Internet of Things, the NSTAC believes that the window of time in which we can take action will only be open for another three to five years.Īlthough the word "cyber-attack" is used frequently, its meaning remains obscure (Hathaway et al., 2012, Roscini, 2014). If the country fails to do so, it will be coping with the consequences for generations.” This state-of-affairs has parallels to the experience with supervisory control and data acquisition systems, though in that case the threat space evolved over time. The urgency of research and development is underlined by the US National Security Telecommunications Security Advisory Committee (NSTAC, 2014): “There is a small – and rapidly closing – window to ensure that IoT is adopted in a way that maximizes security and minimizes risk. Senior corporate executives, government officials, and academics have become aware that there are: i) serious financial and regulatory costs arising from cyber-attacks (Pearson, 2014 Sugarman, 2014 US Securities and Exchange Commission, 2014) ii) vulnerabilities in high-value assets such as supervisory-control and data-acquisition systems (Ashford, 2013 Crawford, 2014 Kovacs, 2014 Nicholson et al., 2012 Weiss, 2014) iii) concerns about the upcoming deployment of the “Internet of Things” (IoT) (NSTAC, 2014) and iv) few constraining mechanisms to inhibit malicious behaviours of threat actors (Castel, 2012 Jowitt, 2014, Scully, 2013 Sugarman, 2014 Weiss, 2014). Although the article will be of interest to a broad community, it will be of particular interest to senior executives, government contractors, and researchers interested in contributing to the development of an interdisciplinary and global theory of cybersecurity. In this article, attributes of cyber-attacks are identified by examining definitions of cyber-attacks from the literature and information on ten high-profile attacks. To advance theory, design and operate databases to support scholarly research, perform empirical observations, and compare different types of cyber-attacks, it is necessary to first clarify the attributes of the “concept of cyber-attack”. The concept of cyber-attacks, however, remains underdeveloped in the academic literature. The bottom line of security is survival, but it also reasonably includes a substantial range of concerns about the conditions of existence.Ĭentral figure of the Copenhagen School AbstractĬyber-attacks threaten our ability to use the Internet safely, productively, and creatively worldwide and are at the core of many security concerns. Mehdi Kadivar Download this article as a PDF
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |