The Strategic Importance of Building a Resilient Cyber Defense.pdf

The Strategic Importance of Building a Resilient Cyber
Defense: Experiences, Cooperation, Perspectives
© Associate professor Metodi Hadji-Janev, Brigadier General
© Adjunct Faculty Member, Ira A. Fulton School of Engineering, Arizona State University, U.S.A.
Member of the North Macedonia Marshall Center Alumni Association,
12th Meeting of the heads of the National Security
Authorities South East Europe
University “Goce Delcev”-Stip
Military Academy
“General Mihailo Apostolski-Skopje”
Ira A. Fulton School of Engineering, Arizona State University, ASU, U.S.A.
Ira A. Fulton Schools of Engineering

AGENDA
1. Cybersecurity trends & Western Balkans
2. Digital transformation and Western Balkan: Why
cybersecurity will continue to be a top security
concern?
3. Way forward for Western Balkan Leadership: building
resilience to cyber threats
4. Conclusion
© Associate professor D-r Metodi Hadji-Janev
Session II
The Strategic Importance of Building a Resilient Cyber Defense: Way forward for the WB leadership

© D-r Metodi Hadji-Janev
The ongoing digital transformation
interconnection and interdependence
converging the cyber and physical world
Session II

Cyber crime
Cyber attack
Cyber
espionage
The overall approach
Session II

Financial
effects
Terrorism
War?
Cyber crime
Cyber attack
Cyber
espionage
What you know about cybersecurity today may not be relevant tomorrow
Session II

Cyber crime
Cyber attack
Cyber
espionage
Financial
effect
Terrorism
Financial
effect
Terrorism
War?
© Dr. Metodi Hadji-Janev
Session II

Session II:
What you know about cybersecurity today may not be
relevant tomorrow
Cyber attacks
Cyber Crime Cyber Espionage
Cyber War
Terrorist use
of cyberspace

Session II:
Cyber attacks evolved
- Viruses,
- Worms,
- Trojan
horses and
- Simple DOS
-Malware
- Phishing
- SQL Injection Attack
- Cross-Site Scripting
(XSS)
- Distributed Denial of
Service (DoS)
- Session Hijacking
and
- Man-in-the-Middle
Attacks
- Credential Reuse
2000’s 2010’s
-Ransomware;
Malware;
-Cryptojacking;
-E-mail related
threats;
-Threats against data;
-Threats against
availability and
integrity;
-Disinformation –
misinformation;
-Non-malicious
threats;
-Supply-chain attacks
2020-2021

How does cyber security affect WB cyberspace ?
Emotional
Societal
Economic
Safety
Political/ security
1. Cyber security trends & Western Balkans
Session II:

During the Kosovo campaign,
for example, NATO has
arguably experienced the
first ever organized cyber
attacks
Cybersecurity evolution
Session II:

Although not a regional trend
per se,
Leavitt Lydia, (January 25, 2011), “Cybercrime writer mysteriously
disappears in Bulgaria”, http://www.tgdaily.com/security-
features/53558-cybercrime-writer-mysteriously-disappears-in-bulgaria
Danco Dancev
Although not a regional trend
per se, mysterious disappearing
of a cyber crime writer in
Bulgaria in 2010 and 2011
speaks that actions in SEE
cyberspace has significant
influence to the security
Session II:
Cyber attacks evolved – the whole new level

Young hacker from Macedonia
back in 2012 was detained due
to the cyber crime allegations
(i.e. attempting to penetrate
illegally several security
websites in the US).
________, (November 20, 2012), “FBI Arrested Young Hacker from
Struga” Press 24, from: http://star.press24.mk/story/poznato/foto-fbi-
uapsi-mlad-haker-od-struga-sin-na-poznata-struzhanka
Session II:

Reports about working in a network with hackers from
different countries also indicate the threat in the SEE
Cyberspace
________, (December 13, 2012), “10 arrested in cyber-crime probe”,
Express UK, retrieved 24.03.2014 from:
http://www.express.co.uk/news/world/364435/10-arrested-in-cyber-
crime-probe © D-r Metodi Hadji-Janev
“Individuals from Britain, the
US, Bosnia and Herzegovina,
Croatia, Macedonia, New
Zealand and Peru were arrested
in an operation carried out with
the assistance of Facebook and
international law enforcement
agencies”
Session II:

DD4BC cybercrime
group DDOs for Bitcoin
Session II:
How Bosnia and Herzegovina: Crackdown on 'Cyber
Blackmail' Group
buka.com,” “istinito.com,” “e-
novine,” “federalna.ba,”
“fena.co.ba,” “kurir.rs” and
“blic.net.”
IGOR SPAIC (January 26, 2016), Bosnia and Herzegovina: Crackdown on 'Cyber Blackmail' Group
OCCPR
developing a software meant to exploit weaknesses of digital
Bitcoin wallets to steal Bitcoins

Montenegro hit by series of large-scale, sophisticated
and coordinated hacker attacks
Session II:
Change in the context – from crime to political impact
Over 200 attacks on websites, state
institutions, online fraud and misuse
of personal accounts were reported in
2016, compared with just six in 2012
Dusica Tomovic (February 22, 2017), Montenegro on Alert Over New Cyber Attacks, BIRN

North Macedonia hit by Powerful Greek Army
Session II:
leaked dozens of email addresses and passwords from staffers in
North Macedonia’s ministries of finance and economy
Bojan Stojkovski (June 3, 2020), Password hack claim puts cyber security on the public
agenda in North Macedonia, GlobalVoices

North Macedonia hit by Anonopsmkd
Session II:
DDoS Attack – vigilante
stile or attention
The denial-of-service attack on TIME.mk, which involved more than
35 million addresses that generated thousands of clicks per seconds,

Session II:
The publication of the salary database for more
than 690 000 Albanians in 2022 is one of the
country’s biggest scandals
runway with
Russian shadows

Defending democratic governance and human
rights in the digital era
Challenges to preserve democratic values
dual-use digital technologies
a new dimension of “security vs. liberty challenge”
Session II:
Change in the context – from opportunity to disruption

by mega-corporates whose
“surveillance capitalism” is catalytic
to the accumulation of historically
unprecedented individual power
Challenge to preserve democratic values
Shoshana Zuboff, (2014), “Digital Declaration: Big Data as Surveillance Capitalism
there is an accelerated accumulation of power
Session II:

China and Russia, but also other authoritarian regimes
The rise of authoritarian states in digital era
recognize that technological edge translates into
diplomatic, economic, military and normative power
Session II:

Understood the importance of competitive advantage
in digital age
China - specific program that envisions
world leadership in key strategic
technologies, having already achieved
primacy in 5G connectivity, leading
Artificial Intelligence and facial recognition
State control of the regulations vs self-regulation
Session II:

Understood the importance of competitive advantage in digital age
The rise of authoritarian states in digital era
State control of the regulations vs self regulation
Session II:

The danger - these practices can empower authoritarian
regimes to develop their own version of panopticon
regime they can present as equivalent to democracy
We will refer to this later in 2.
Challenge to preserve democratic values
Jeremy Bentham
Session II:
Change in the context – from opportunity to disruption

North Macedonia – Veles the capital of Fake News
Session II:
Change in the context – import to export

Global trends in cyber security/defense exploit WB
vulnerabilities
Clickbait journalism
Anti-vax anti 5 G technologies
Session II:
Change in the context – import to export

Russian meddling inside North Macedonia and
Montenegro
Session II:
Change in the context – Avenue of approach
“They have transferred money and they’re also conducting broader
influence campaigns” Mattis for the Washington Post, September 2018

AGENDA
2. Digital transformation and Western Balkan: Why
cybersecurity will continue to be a top security
concern?
3. Way forward for Western Balkan Leadership
4. Conclusion
© Associate professor D-r Metodi Hadji-Janev, BG
Session II:

Cyber attacks could generally be systematized in two
groups Syntactic attacks and Semantic attacks.
Syntactic attacks are straight forward
it is considered malicious software which includes
- viruses,
- worms, and
- Trojan horses
Session II:
2. Digital transformation and Western Balkan: Why cybersecurity will
continue to be a top security concern?

Cyber attacks could generally be systematized in two
groups Syntactic attacks and Semantic attacks
Semantic
attack is the
modification
and
dissemination
of correct and
incorrect
information.
Session II:
Cyber security

Do all end here?
How about
Hardware theft/and abuse
Service theft
How about
Hardware theft/and abuse
- physical devices such as computer or parts of
computers and multimedia portable devices (cell and
personal assistance devices)
Service theft
– wi-fi spoofing mooching, piggy backing or even war
driving ????
Session II:

Do all end here?
The Story of 'Operation Orchard': How Israel Destroyed
Syria's Al Kibar Nuclear Reactor
Erich Follath and Holger StarkThe Story of 'Operation Orchard': How Israel Destroyed Syria's Al Kibar Nuclear
Reactor, Der Spiegel, 2009, retreived 20.04.2014 from:
http://www.spiegel.de/international/world/the-story-of-operation-orchard-how-israel-destroyed-syria-s-al-kibar-
nuclear-reactor-a-658663.html
Imad Mughniyah
Hezbollah leader, was
assassinated by the Israelis
in February 2008. The
Mossad had obtained
information that
Mughniyah was planning to
avenge the air strike on Al
Kibar with an attack on an
Israeli embassy
Session II:

The challenge!
Consider Stuxnet or Flame!
Cyber weapon limits?
Depends?
Session II:

©
D-r
Metodi
Hadji-Janev
Cyber vs. Physical world
Horizontal vs Vertical
Session II:
Convergence of cyber and physical worlds challenge
Horizontal
Today, cyberspace is governed in an
environment where decisions are
taken by multiple actors, including
governments, businesses, civil
society, and individuals or briefly
“stakeholders.”
Bottom-up Vertical Top-down
Social Contract Theory -
the political order is simply the means
towards an end—the benefit of the
individuals involved—and legitimate
only to the extent that they fulfill
their part of the agreement
Trade freedom for service and commodity Trade freedom for security

Anarchy
Tyranny
General
Natural
Universal
Limited in two ways (the
right of the others and public
safety)
Session II:
Convergence challenge – The human Rights perspectives
Governing Human rights context

Executive
Judiciary
Legislative
Anarchy
Tyranny
Human Rights influence
Government
is organized
Government is
limited
Local vs. Central
Constitutional Law
Criminal Law
Personal data protection
International Law
Convergence challenge
Governing Human rights context
Session II:

Ius ad bellum Ius in bello
Ius contra bellum Ius post bellum
LAW
POLICY
Preventive
diplomacy
Conflict
management
Conflict
Resolution
Transition
from conflict
to peace
OPERATIONS
Shape
Maneuver/surve
illance/exercises
SASO/IW/
PSO/COIN/(
MCO)
Deter/Seize the Initiative/Dominate/Stability/En.cv.Aut.
Maneuver/surv
eillance/movem
ent to contact
MCO/offence
/defense/IW
/COIN
Law, Policy and Military operations
2. Digital transformation and Western Balkan: Why cybersecurity will continue to be a top security
concern?
-The convergence challenge to the strategic design -
Session II:
Cyber space-based threat vectors-cyber security

Ius ad bellum Ius in bello
Ius contra bellum Ius post bellum
LEGAL
POLITICAL
Preventive
diplomacy
Conflict
management
Conflict
Resolution
Transition
from conflict
to peace
OPERATIONAL
Shape
Maneuver/surve
illance/exercises
SASO/IW/
PSO/COIN/(
MCO)
Maneuver/surv
eillance/movem
ent to contact
MCO/offence
/defense/IW
/COIN
concern?
Session II:

Ius ad bellum Ius in bello Ius post bellum
LEGAL
POLITICAL
Preventive
diplomacy
Conflict
management
Conflict
Resolution
Transition
from conflict
to peace
OPERATIONAL
Shape
Maneuver/surve
illance/exercises
SASO/IW/
PSO/COIN/(
MCO)
Maneuver/surv
eillance/movem
ent to contact
MCO/offence
/defense/IW
/COIN
concern?
Session II:

State and non state actors are exploiting this challenge
for political purposes - threats are evolving
Session II:
The Convergence challenge - two folded
Asymmetric Hybrid Hyper threats
Cyber

Coordinated cyber attacks on economic sector – can
derogate states ability to defense itself
Session II:
Asymmetry
Alleged
Theft of data on the F-35
Joint Strike Fighter, the
F-22 Raptor fighter jet,
and the MV-22 Osprey
This espionage reduces cost and accelerates the development of
foreign weapon systems,
enables foreign reverse-engineering and countermeasures
development, and thus reduces the advantage at low costs

Session II:
Cyber and Critical information infrastructure
The Dick Cheney’s case

Session II:
Hybrid threats
… Employing political warfare and blends
conventional warfare, irregular warfare and
cyberwarfare with other influencing methods, such
as fake news, diplomacy, lawfare and foreign
electoral intervention…

Session II:
Hybrid threats – corrupting liberal democracy
The influence operations – “Fake news” and “clickbait”
From individual personal and emotional threats to national
security threats
Cyber harassment Mis, Dis, Mal information Online violent radicalization

Three main reasons that provide for authoritarian
regimes to emerge
EU & US
disengagement
from the region Captive state
phenomenon
across the
region of WB
Media &
information
illiteracy &/or
disengagement
from the
people
© Dr. Hadji-Janev
Session II:
Research on Authoritarian influence
sponsored by IRI

Session II:
Hybrid threats – corrupting liberal democracy
weaponizing social media
The influence operations – “Fake news” and “clickbait”
… Both state and non-
state actors have
figured out how to
manipulate the profit
model of social media
where the user is
treated as a product on
the advertising market
“filter bubble”
of the like-minded
sponsored by IRI

Global trends in cyber security/defense exploit WB
vulnerabilities example media and information literacy
Research conducted by Cyber security corporate security
and crisis management initiative
Session II:
- use all instruments of power
DIME
- use modern technology as
vectors to achieve strategic ends
corrupt democratic projects and
values
-exploit democratic weaknesses,
are flexible and adaptive
functioning in a decentralized
manner
sponsored by IRI

https://c3initiative.com/
Session II:
- “synergy between PRC and Russia in the information
influence across the WB”
From isolated proxies and COVID-19disinformation to synergy of
prizing and influence

Session II:
- “synergy between PRC and Russia in
the information influence across the WB”
Convergence – digital silk road?

- Organized crime and geostrategic context
Session II:
Research conducted by Cyber security corporate security and crisis management initiative
-A failure of imagination?

Session II:
The future is coming
Hyper threats – are coming
The ability to increase velocity and the volume of
processing data and causing radical shifts in the
decision making require greater attention on fixing the
governance in the digital age

AGENDA
1. Cyber security trends & Western Balkans
2. Digital transformation and Western Balkan: Why cyber
security will continue to be top security concern?
4. Conclusion
© Associate professor D-r Metodi Hadji-Janev, BG
Session II:

Session II:
The focus of enhancing structural changes in the WB
societies has largely been driven by the EU and to certain
degree NATO initiatives

Session II:
New technologies and capabilities are already beginning
to turn speculative fiction into reality
New ways of thinking, organising and
acting

Session II:
NATO's main focus in cyber
defence is to protect its own
networks, operate in cyberspace
(including through the Alliance's
operations and missions), help
Allies to enhance their national
resilience and provide a platform
for political consultation and
collective response

Session II:
Multilayered resilience - are we up to the challenge?
- Unintended Administrative obstacles –out of the
context case
- Public procurement case example
- Digital forensic dilemma-rule of law what?
- Lack of awareness case

Session II:
Do you think that cyber defense resilience depends on
community resilience (municipality level)?
Strategies on cyber security/defence do not address
community resilience

Session II:
What do you think about smart cities?
Local vs Central governance
A mayor in the city from the WB has run a tender
willing to develop a smart city and the lowest bid
comes from a Chinese vendor-do you see a problem
here?
*Reminder: everything was in accordance with the EU-based rules
for public tenders – a public-private partnership

Session II:
Responsibility to the Western aid
How do you spend resources?
Tons of resources to fight disinformation vs eroding
support to Euro-Atlantic values and integration

Recommendations for building resilience
Building cyber-resilient societies – a
hole of society approach
Mobilize local resources
Absorptive
Adoptive
Transformative
Session II:

Though given in a different context the former US
Secretary of Defense statement, that
the “success does not go to the country that develops a
new technology first, but rather, to the one that better
integrates it and more swiftly adapts its way of fighting”
Session II:

WB governance must adapt, and escape constrain of
just being reactive to the speed of technological
innovation and exploit the benefits of cyber space and
digital technologies
Session II:

Therefore, the WB leadership has an obligation to lead
the way forward amid transitions, disruptions, chaos
and ambiguity
Session II:

The WB leadership should be the driving force in
broadening engagement and mitigating challenges
Based on such a platform WB leadership should craft
tailored regulations that will anchor WB administration
in improving capacities but also, to enhance
transparency, oversight, and accountability.
Session II:

EU should include WB in its rule-setting processes and
should closely coordinate future steps
Session II:

Last but not least, WB leadership must rethink safety
and security
Session II:
cyber hygiene vs national security

Recommendations for future strategists
Finding the right balance
Law enfor. Defense Cris.Man.&CIP Intel & Con Cyb.gov/diplom
economic development vs. improved national security
modernization of infrastructure vs. critical infrastructure protection
private sector vs. public sector
data protection vs. information sharing
individual freedoms vs. public safety
Session II:

AGENDA
2. Digital transformation and Western Balkan: Why cyber
security will continue to be top security concern?
4. Conclusion
© Associate professor D-r Metodi Hadji-Janev
Session II:

4. Conclusion
Session II:
-The convergence of cyber and physical world is real
and ongoing influencing the cybersecurity threat
landscape
-Wester Balkan states are not immune to global
challenges coming from cyber space
-Wester Balkan leaders must seriously consider cyber
security among the top priorities and invest in human
capital while building multilayered resilience–anchored
to the whole of society approach

Session II:
The Strategic Importance of Building a Resilient Cyber Defense: Way
forward for the WB leadership
Cyber security
Q & A
© Associate professor Metodi Hadji-Janev
© Adjunct Faculty Member, Ira A. Fulton School of Engineering, Arizona State University, U.S.A.
University “Goce Delcev”-Stip
Military Academy
“General Mihailo Apostolski-Skopje”
Ira A. Fulton School of Engineering, Arizona State University, ASU, U.S.A.
Ira A. Fulton Schools of Engineering

The Strategic Importance of Building a Resilient Cyber Defense.pdf

Recommended

Recommended

More Related Content

Similar to The Strategic Importance of Building a Resilient Cyber Defense.pdf

Similar to The Strategic Importance of Building a Resilient Cyber Defense.pdf (20)

Recently uploaded

Recently uploaded (13)

The Strategic Importance of Building a Resilient Cyber Defense.pdf