Search results

An intrusion is defined as any set of actions that attempts to compromise the integrity, the confidentiality, or the availability of a resource. Following the pioneering work of Anderson in 1980 it has been recognised that while computer systems and networks need to be protected from unauthorised external access, using firewalls for example, it is not possible to provide an unconditional guarantee of invulnerability to intrusion. There are a number of reasons for this. One is the extreme diversity of intrusions observed, for example password stealing and cracking, masquerade and sniffer attacks, subversion of security controls (via trapdoors, Trojans etc), denial of service attacks, and malicious codes (viruses, worms, Trojans, logic bombs etc). Another reason is that over 70 per cent of attacks on networks are believed to be internal in origin.

SCOPE AND DEFINITIONS The provision of any service requires the utilisation of resources. In a digital context these resources might be processor cycles, memory capacity, disk space or communications bandwidth. A Denial of Service (DoS) attack implies either the removal of those resources by some external event or their pre‐emption by a competing process; this should be understood to include rerouting or replacing a service. The sole objective of a DoS attack is thus to prevent the normal operation of a digital system in the manner required by its customers and intended by its designers. As such, DoS attacks on the mission‐critical or business‐critical infrastructure systems of financial, commercial or other enterprises offer the potential for sabotage, blackmail or extortion operations.

In this article the historical development of computer crime is traced and analysed. Some major examples of the phenomenon are examined with particular reference to financial and commercial information systems and institutions. The varied motivations of computer criminals are also considered. Finally, some lessons for today's financial and commercial IT communities are offered.

Introduces the subject with the classical three‐layer security paradigm for information assurance of “protect, detect, react”, noting that it leaves open the question of who or what should react, and how. Lists 15 technical possibilities for a reactive defence to a presumed intrusion which vary greatly in their degree of aggression, mentions the problem of false positives in cases of active defence strategies, and relates the strategies to relevant legal and ethical considerations. Concludes that verification of a genuine intrusion incident is often very difficult, but the cost of failure will also be high; this is linked to the asymmetric nature of information warfare, where the cost of defence is much higher than the cost of attack.

This article is concerned with answering the question: What is the extent and nature of the Information Warfare (IW) threat from sub‐state radical political groups? Although there has been a great deal of speculation and theorising about the potential threat from terrorist groups, there has been little open source research on this subject. Even at a classified level, it appears that intelligence agencies are struggling with the construction of methodologies for threat assessment.

Aims to demonstrate how information warfare (IW) is being progressively domesticated and how it democratizes warfare. Briefly outlines the so‐called Revolution in Military Affairs. Presents an overview of the various modalities of IW. Introduces the defining features of IW from both the attacker’s and the target’s perspective. Describes types of offence and defence. Assesses the extent to which IW and information terrorism are having or will have an impact on the daily lives of individual groups and considers the various social actors. Offers some observations on the negative externalities and possible longer term social costs associated with IW and information terrorism in the civil sphere.