Active Cyber Defense within the Concept of NATO’s Protection of Critical Infrastructures
Authors: Serkan Yağlı, Selçuk Dal
Abstract:
Cyber attacks pose a serious threat to all states. Therefore, states constantly seek for various methods to encounter those threats. In addition, recent changes in the nature of cyber attacks and their more complicated methods have created a new concept: active cyber defense (ACD). This article tries to answer firstly why ACD is important to NATO and find out the viewpoint of NATO towards ACD. Secondly, infrastructure protection is essential to cyber defense. Critical infrastructure protection with ACD means is even more important. It is assumed that by implementing active cyber defense, NATO may not only be able to repel the attacks but also be deterrent. Hence, the use of ACD has a direct positive effect in all international organizations’ future including NATO.
Keywords: Active cyber defense, advanced persistent treat, critical infrastructure, NATO.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1091700
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3647References:
[1] S. Lachow, Irving, "Active Cyber Defense A Framework For Policymakers”, Policy Brief, pp. 1, February 2013.
[2] A Websense White Paper, "Advanced Persistent Threats and Other Advanced Attacks” rev. 2, pp. 1, 2012.
[3] Hutchins, Eric M, Clopperty, Michael J. Amin, Rohan M, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains” pp. 2, November 21, 2010.
[4] A Websense White Paper, "Advanced Persistent Threats and Other Advanced Attacks” rev. 2, pp. 1, 2012.
[5] Kaspersky Lab, "Kaspersky Lab Identifies Operation "Red October,” an Advanced Cyber-Espionage Campaign Targeting Diplomatic and Government Institutions Worldwide.” Accessed November 19, 2013. http://www.kaspersky.com/about/news/virus/2013/Kaspersky_Lab_Identifies_Operation_Red_October_ an_Advanced_Cyber_Espionage_Campaign_Targeting_Diplomatic_and_Government_Institutions_Worldwide.
[6] Fryer-Biggs, Zachary, "Cyber security: merging and acquisitions”, Atlantic Organization for Security (AOS) Brief, pp. 2, September 2011.
[7] Software Dell.com, "An Anatomy of a Cyber-Attack”, Accessed November 1, 2013. http://software.dell.com/documents/anatomy-of-a-cyber-attack-ebook-24640.pdf.
[8] Wong, Tiong Pern. "Active Cyber Defense: Enhancing National Cyber Defense.” Ph.D. dissertation, Naval Postgraduate School, Monterey, December 2011,
[9] S. Lachow, Irving, "Active Cyber Defense A Framework For Policymakers”, Policy Brief, pp. 1, February 2013.
[10] Ünver, Mustafa, "Kritik Altyapıların Korunması”, Bilgi Teknolojileri ve Koordinasyon Dairesi Başkanlığı, syf 6, Mayıs, 2010.
[11] "Action Plan on Information Security measures for Critical Infrastructure”, Decision by Information Security Council, pp. 2, 13 December, 2005.
[12] US Government, "Homeland Security Act 2002”, Accessed August 5, 2013. http://www.dhs.gov/xlibrary/assets/hr_5005_enr.pdf.
[13] Homeland Security Presidential Directive / HSPD-7, "Critical Infrastructure Identification, Prioritization, and Protection” Accessed August 9, 2013. http://www.fas.org/irp/offdocs/nspd/hspd-7.html.
[14] Communication from the Commission to the Council and the European Parliament, "Critical Infrastructure Protection in the Fight against Terrorism” pp. 2, October 2004.
[15] Ünver, Mustafa, "Kritik Altyapıların Korunması”, Bilgi Teknolojileri ve Koordinasyon Dairesi Başkanlığı, syf 17, Mayıs, 2010.
[16] NATO Parliamentary Assembly, "162 CDS 07 E rev 1 - The Protection of Critical Infrastructures”, Accessed August 18, 2013. http://www.nato-pa.int/default.asp?SHORTCUT=1165.
[17] "NATO Prague Summit Declaration” Accessed March 03, 2013. http://www.nato.int/docu/pr/2002/p02-127e.htm
[18] Çiftçi, Hasan. "Her Yönüyle Siber Savaş.” TÜBİTAK Popüler Bilim Kitapları, pp. 52, Ankara, 2012.
[19] Cooperative Cyber Defense Centre of Excellence, "Cyber Defense”, Accessed on 3 December 2013, https://www.ccdcoe.org/
[20] NATO Cooperative Cyber Defence Centre of Excellence, "Mission and Vision” Accessed July 18, 2013. https://www.ccdcoe.org/11.html.
[21] NATO Parliamentary Assembly, "173 DSCFC 09 E bis - NATO and Cyber Defence” Accessed August 18, 2013. http://www.nato-pa.int/default.asp?SHORTCUT=1782.
[22] Smedts, Bart. "NATO’s Critical Infrastructure Protection and Cyber Defence.” Royal High Institute for Defence Center for Security and Defence Studies, pp. 14, July 2010.
[23] NATO Communications and Information (NCI) Agency, "End to End Capability Delivery” Accessed September 18, 2013. http://www.ncsa.nato.int.
[24] The NCIRC Technical Centre, "The NCIRC Technical Centre's Mission”, Accessed September 18, 2013. http://www.ncirc.nato.int/.
[25] Transatlantic Policy Briefs, "Coming to Terms with a New Treat: NATO and Cyber Security” pp. 3, January 2013.
[26] Ibid:4
[27] Çiftçi, Hasan. "Her Yönüyle Siber Savaş” TÜBİTAK Popüler Bilim Kitapları, pp. 52, Ankara, 2012.
[28] Transatlantic Policy Briefs, "Coming to Terms with a New Treat: NATO and Cyber Security” pp. 3, January 2013.