The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of (...) any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified. (shrink)

Does it seem that with each reported state cyberattack, there comes an announcement of discovery, an attribution to one of a handful of usual suspects, some threatening language suggesting imminent retribution, and then nothing more? Increased incidence of cyberattack makes its occurrence seem simultaneously rampant in terms of publicity and minimal in terms of threat of war. If rampant, how can repeated deployment by the same actors carry no punitive consequences? How is such audaciousness tolerated? For some, a (...) cyberattack by a state is an act of war. Its prevalence suggests there must be a void somewhere that facilitates its use without consequence. Others think state cyberattack is like other internet novelties: digital malfeasance, amounting to a nuisance that naturally follows from a digital‐based existence, particularly since non‐state actors are typically involved. Yet, state‐on‐state hostilities are historically perilous on a vast scale, and there is a multilateral system for regulating the use of force in the context of war. Acts of war, even when seeming minimal in impact, are not by‐products of a digital fad, and cyberattack is now described as far more than ‘nuisance’. If anywhere, the place for clarity on hostile state cyberoperations use should be accounted for in International Humanitarian Law. Yet, in its present form, it is ambiguous if not silent on the subject, suggesting that cyberattack currently presents an advantage to perpetrating states. Does this void or these ambiguities make cyberattacks more legally advantageous to states than traditional, kinetic weaponry? I examine whether existing IHL is sufficiently adaptable to state cyberoperations through a mixed legal and theoretical approach and conclude that they do. (shrink)

To secure computers and information systems from attackers taking advantage of vulnerabilities in the system to commit cybercrime, several methods have been proposed for real-time detection of vulnerabilities to improve security around information systems. Of all the proposed methods, machine learning had been the most effective method in securing a system with capabilities ranging from early detection of software vulnerabilities to real-time detection of ongoing compromise in a system. As there are different types of cyberattacks, each of the existing state-of-the-art (...) machine learning models depends on different algorithms for training which also impact their suitability for detection of a particular type of cyberattack. In this research, we analyzed each of the current state-of-the art machine learning models for different types of cyberattack detection from the past 10 years with a major emphasis on the most recent works for comparative study to identify the knowledge gap where work is still needed to be done with regard to detection of each category of cyberattack. (shrink)

A philosopher argues that state-sponsored cyberattacks against central military or civilian targets are always acts of war. What is this philosopher doing? According to conceptual analysts, the philosopher is making a claim about our concept of war. According to philosophical realists, the philosopher is making a claim about war per se. In a quickly developing literature, a third option is being explored: the philosopher is engineering the concept of war. On this view, the philosopher is making a proposal about which (...) concept we should have – even if it deviates from the extant concept, and even if it does not capture ‘what war really is’. The activity or method of proposing such revisionary definitions, as well as the metaphilosophical reflection on it, has become known as conceptual engineering. (shrink)

The internet has made the world more linked than ever before. While taking advantage of this online transition, cybercriminals target flaws in online systems, networks, and infrastructure. Businesses, government organizations, people, and communities all across the world, particularly in African countries, are all severely impacted on an economic and social level. Many African countries focused more on developing secure electricity and internet networks; yet, cybersecurity usually receives less attention than it should. One of Africa's major issues is the lack of (...) adequate digital security infrastructure, which has harmed businesses, governmental institutions, and individual communities more than it has helped. The majority of African countries operate without cybersecurity measures in place to combat cyberattacks. Only a few examples of today's cyber risks include digital extortion, business email intrusion, data breaches, online fraud, ransomware, and phishing, and new types of cybercrime are always developing. Due to the advent of new technology, cybercriminals have become more organized and quicker in their attacks and alliance creation. To maintain a secure digital environment for all internet users, this study focused on the challenges, solutions, and need for African countries to improve their online safety by tackling cybercrime, online fraud, and cybersecurity concerns. The objective of this study is to offer practical and long-term answers to the problems posed by cybercrime, with a continuing emphasis on enhancing online safety. It will assess the effectiveness of cutting-edge cybersecurity measures, legislative frameworks, and cross-border cooperative efforts, as well as potential areas for improvement. Additionally, the study will examine cutting-edge methods like blockchain technology, machine learning, and other cutting-edge methods that could improve our using digital defences to stop cybercrime. (shrink)

This article assesses how autonomy and machine learning impact the existential risk of nuclear war. It situates the problem of cyber security, which proceeds by stealth, within the larger context of nuclear deterrence, which is effective when it functions with transparency and credibility. Cyber vulnerabilities poses new weaknesses to the strategic stability provided by nuclear deterrence. This article offers best practices for the use of computer and information technologies integrated into nuclear weapons systems. Focusing on nuclear command and control, avoiding (...) autonomy and machine learning is recommended as one means to reduce the existential risk of unintended nuclear conflict. (shrink)

Cyberspace relies on information technologies to mediate relations between different people, across different communication networks and is reliant on the supporting technology. These interactions typically occur without physical proximity and those working depending on cybersystems must be able to trust the overall human–technical systems that support cyberspace. As such, detailed discussion of cybersecurity policy would be improved by including trust as a key value to help guide policy discussions. Moreover, effective cybersystems must have resilience designed into them. This paper argues (...) that trustworthy cybersystems are a key element to resilient systems, and thus are core to cybersecurity policy. The paper highlights the importance of trustworthiness for resilient cybersystems. The importance of trustworthiness is shown through a discussion of three events where trustworthiness was the target or casualty of cyberattacks: Stuxnet, hacking of communications and the Edward Snowden revelations. The impact of losing trust is highlighted, to underpin the argument that a resilient cybersystem ought to design in trustworthiness. The paper closes off by presenting a general set of policy implications arising from recognition of the interplay between trust, trustworthiness and resilience for effective cybersecurity. (shrink)