Cyber Primer

Recommendations

Info

Cyber threats 2.7. Threat actors exploit cyberspace’s characteristics through innovative approaches that often have a low-entry cost and they are helped by the ease of access often presented to them. Such malevolent actors may seek to create uncertainty and mistrust through: • direct access to people and systems; • attacking and exploiting our national and economic infrastructures; and • attacking military capabilities including command and control systems, logistical support and personnel. 2.8. Nation states. The most sophisticated threat is likely to come from established, capable states (or their proxies) who exploit cyberspace to gather intelligence on government, military, industrial and economic targets. Defence is particularly concerned when states: • seek intelligence about UK military plans; • steal intellectual property and intelligence on UK military capabilities; • exploit UK military capabilities using their military and intelligence services with knowledge of the vulnerabilities of our capabilities; • deny the UK use of its cyberspace communications channels; • conduct subversive activities using their intelligence services; and • use proxies or large numbers of synchronised and coordinated partisans to cover the true origin of their activities within cyberspace. The theft of personal data from the United States Office of Personnel Management shows the alleged use of cyber operations by a state. 23 23 Details on this case study can be found at Annex 2A on pages 36-37. 24 Cyber Primer (2nd Edition)
Cyber threats 2.9. Terrorists. Terrorists, their supporters and sympathisers use cyberspace to spread propaganda, radicalise potential supporters, raise funds, communicate and coordinate plans. Such groups may also use cyberspace to facilitate or mount attacks against our critical national infrastructure. 2.10. Criminals. Criminals target the information on Defence and industries’ computer networks and online services for commercial gain (for example, contractual intelligence or intellectual property theft). They also target civilian and military personnel for fraud or identity theft. As government services and businesses transfer more of their operations online, the scope for potential targets will continue to grow. The impact that a cyber attack can have on e-commerce is illustrated by the drop in the Dow Jones Stock Exchange following false information concerning the President of the United States being posted in social media. 24 2.11. Patriotic hackers. Patriotic hackers act upon states’ behalf. During times of increased tension they aim to: • spread disinformation; • attempt to perpetrate attacks on, or block attacks by, perceived enemies of the state; and • disrupt critical services. The cyber attack against Estonia in 2007 shows the disruption that patriotic hackers can cause. 25 2.12. Hacktivists. Hacktivists are groups or individuals who seek to gain unauthorised access to computer files or networks to further social or political ends. 26 They aim to: • cause disruption, reputational, political and financial damage (for example, through releasing sensitive government information); 24 More details on this case study can be found at Annex 2A on pages 38-39. 25 More details on this case study can be found at Annex 2A on pages 40-41. 26 Hacktivists, as with other threat actors, employ the skills of hackers. Cyber Primer (2nd Edition) 25
Page 1 and 2: Cyber Primer Second Edition Develop
Page 3 and 4: Cyber Primer The Cyber Primer (2nd
Page 5 and 6: Preface ‘The Government will ensu
Page 7 and 8: Contents Preface . . . . . . . . .
Page 9 and 10: “In the information age almost al
Page 11 and 12: Fundamentals of cyber Chapter 1 - F
Page 13 and 14: Fundamentals of cyber • are ready
Page 15 and 16: Fundamentals of cyber cyber and cyb
Page 17 and 18: Fundamentals of cyber • details o
Page 19 and 20: Mainstreaming, competencies, unders
Page 21 and 22: Fundamentals of cyber 1.27. Cyber b
Page 23 and 24: 1A.5. Armed attack. Armed attack is
Page 25 and 26: Fundamentals of cyber Notes Cyber P
Page 27 and 28: “In the “We information reserve
Page 29 and 30: Cyber threats Chapter 2 - Cyber thr
Page 31: Cyber threats 2.5. Cyber attacks ca
Page 35 and 36: Cyber threats b. Payload. Payload i
Page 37 and 38: Cyber threats The process of attrib
Page 39 and 40: Phishing Spear phishing Whaling Fak
Page 41 and 42: Cyber threats Malware types Viruses
Page 43 and 44: Cyber threats and/or securely. Such
Page 45 and 46: How Against whom Why Theft of perso
Page 47 and 48: Cyber threats Using Twitter to mani
Page 49 and 50: Cyber threats Cyber attacks against
Page 51 and 52: Cyber threats State use of cyber op
Page 53 and 54: Cyber threats Case study 6 - The im
Page 55 and 56: Cyber threats Impact of malware on
Page 57 and 58: Cyber threats Social engineering ag
Page 59 and 60: “In the information age almost al
Page 61 and 62: Chapter 3 - Cyber functions Cyber f
Page 63 and 64: Cyber functions levels, they protec
Page 65 and 66: Cyber functions • command and con
Page 67 and 68: Cyber functions 3.16. Indicators an
Page 69 and 70: Cyber functions Maritime Land Air a
Page 71 and 72: Cyber functions 3.27. Electromagnet
Page 73 and 74: “In the information “It is impo
Page 75 and 76: Integrating cyber operations Chapte
Page 77 and 78: Integrating cyber operations Cyber
Page 79 and 80: Integrating cyber operations archit
Page 81 and 82: Integrating cyber operations physic
Page 83 and 84:
Integrating cyber operations NATO a
Page 85 and 86:
Integrating cyber operations Cyber
Page 87 and 88:
Integrating cyber operations Israel
Page 89 and 90:
Integrating cyber operations Cyber
Page 91 and 92:
Lexicon Lexicon Part 1 - Acronyms a
Page 93 and 94:
Part 2 - Additional terms and defin
Page 95 and 96:
Lexicon information operations Info
Page 97 and 98:
Lexicon TEMPEST TEMPEST refers to t
Page 99 and 100:
Lexicon Cyber Security Information
show all

Cyber Primer

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?