No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
A Critical Analytical View of Control Theory and the Geopolitical and Economic Drivers Affecting Cyber Security Warfare
Abstract
Nearly 1 billion emails were exposed in 1 single year affecting 20% or 1 and 5 internet users, causing cyber security warfare worldwide. Under the control theoretic approach, users can prescribe defense actions to security alerts that provide system alerts of cyber-attacks in progress when the network is compromised. This critical analytical view of the World Economic Forum statistical data surrounds the five major drivers affecting the geopolitical and economic conditions of the top 50 nations based on public motivation, government policy, education system, labor market, and population inclusivity. The statistical data illustrates how data breaches have become an ongoing business issue causing an average of $4.35 million annually per organization. Within the cyber security market spectrum, control theory can address some of the challenges associated with geopolitical and economic drivers affecting cyber security warfare by providing a framework for designing and implementing adaptive security systems.
... In general, this study contributes to a deeper understanding of how cyber threats manifest across industries and time, providing actionable insights for policymakers, organizations, and cybersecurity professionals. Future work can extend these findings by integrating additional contextual data, such as geopolitical factors, to further enhance predictive models and defense mechanisms [42,43]. ...
The escalating prevalence of cyber threats across industries underscores the urgent need for robust analytical frameworks to understand their clustering, prevalence, and distribution. This study addresses the challenge of quantifying and analyzing relationships between 95 distinct cyberattack types and 29 industry sectors, leveraging a dataset of 9261 entries filtered from over 1 million news articles. Existing approaches often fail to capture nuanced patterns across such complex datasets, justifying the need for innovative methodologies. We present a rigorous mathematical framework integrating chi-square tests, Bayesian inference, Gaussian Mixture Models (GMMs), and Spectral Clustering. This framework identifies key patterns, such as 1150 Zero-Day Exploits clustered in the IT and Telecommunications sector, 732 Advanced Persistent Threats (APTs) in Government and Public Administration, and Malware with a posterior probability of 0.287 dominating the Healthcare sector. Temporal analyses reveal periodic spikes, such as in Zero-Day Exploits, and a persistent presence of Social Engineering Attacks, with 1397 occurrences across industries. These findings are quantified using significance scores (mean: 3.25 ± 0.7) and posterior probabilities, providing evidence for industry-specific vulnerabilities. This research offers actionable insights for policymakers, cybersecurity professionals, and organizational decision makers by equipping them with a data-driven understanding of sector-specific risks. The mathematical formulations are replicable and scalable, enabling organizations to allocate resources effectively and develop proactive defenses against emerging threats. By bridging mathematical theory to real-world cybersecurity challenges, this study delivers impactful contributions toward safeguarding critical infrastructure and digital assets.
... Lewis and Baez [36] study theories related to control and how they influence warfare, underlining the difficulties in coordinating responses to cyberattacks that involve stakeholders such as government, agencies, businesses, and organisations. The lack of coordination among these groups arises from conflicts of interest, disparities in knowledge levels, and conflicting objectives. ...
As the digital environment progresses, the complexities of cyber threats also advance, encompassing both hostile cyberattacks and sophisticated cyber espionage. In the face of these difficulties, cooperative endeavours between state and non-state actors have attracted considerable interest as crucial elements in improving global cyber resilience. This study examines cybersecurity governance’s evolving dynamics, specifically exploring non-state actors’ roles and their effects on global security. This highlights the increasing dangers presented by supply chain attacks, advanced persistent threats, ransomware, and vulnerabilities on the Internet of Things. Furthermore, it explores how non-state actors, such as terrorist organisations and armed groups, increasingly utilise cyberspace for strategic objectives. This issue can pose a challenge to conventional state-focused approaches to security management. Moreover, the research examines the crucial influence of informal governance processes on forming international cybersecurity regulations. The study emphasises the need for increased cooperation between governmental and non-governmental entities to create robust and flexible cybersecurity measures. This statement urges policymakers, security experts, and researchers to thoroughly examine the complex relationship between geopolitics, informal governance systems, and growing cyber threats to strengthen global digital resilience.
This article presents a novel framework called the Policy Informative Cyber Case Analysis for cyberattack incidents. The aim of this framework is to provide a structured documentation and translational assessment tool for cyber incidents of geopolitical significance to a broader policy audience. The article discusses case study method as applied to cyber incidents, situates the framework amongst other useful methods, discusses the application of structured analytic techniques (SAT) such as “chronologies and timelines” and “devil’s advocacy,” presents the framework, and provides conclusions. Cyber incident cases, primarily the 2015 attack on the Ukrainian electric-grid is used throughout to elucidate the utility and application of the framework.
Floquet engineering consists in the modification of physical systems by the application of periodic time-dependent perturbations. The search for the shape of the periodic perturbation that best modifies the properties of a system in order to achieve some predefined metastable target behavior can be formulated as an optimal control problem. We discuss several ways to formulate and solve this problem. We present, as examples, some applications in the context of material science, although the methods discussed here are valid for any quantum system (from molecules and nanostructures to extended periodic and non periodic quantum materials). In particular, we show how one can achieve the manipulation of the Floquet pseudo-bandstructure of a transition metal dichalcogenide monolayer (MoS 2 ).
Cybercrime is wreaking havoc on the global economy, national security, social stability, and individual interests. The current efforts to mitigate cybercrime threats are primarily focused on technical measures. This study considers cybercrime as a social phenomenon and constructs a theoretical framework that integrates the social, economic, political, technological, and cybersecurity factors that influence cybercrime. The FireHOL IP blocklist, a novel cybersecurity data set, is used to map worldwide subnational cybercrimes. Generalised linear models (GLMs) are used to identify the primary factors influencing cybercrime, whereas structural equation modelling (SEM) is used to estimate the direct and indirect effects of various factors on cybercrime. The GLM results suggest that the inclusion of a broad set of socioeconomic factors can significantly improve the model’s explanatory power, and cybercrime is closely associated with socioeconomic development, while their effects on cybercrime differ by income level. Additionally, results from SEM further reveals the causal relationships between cybercrime and numerous contextual factors, demonstrating that technological factors serve as a mediator between socioeconomic conditions and cybercrime.
This study investigates the effect of information sharing and deferral option on a firm’s information security investment strategies by considering strategic interactions between a firm and an attacker. We find that 1) information sharing decreases a firm’s security investment rate. 2) If a deferral decision is possible, the firm will decrease its immediate investment, and avoid non-investment. 3) After information sharing, the probability of a firm’s deferral decision increases for low-benefit information (SL) but decreases for high-benefit information (SH). 4) When information sharing accuracy is low, a firm only defers decisions in a fraction of SL; when information sharing accuracy is high, the firm defers its decisions in all SL and a fraction of SH. 5) Information sharing can improve the effect of deferral decision when accuracy is low but weaken it when accuracy is high. These results contradict the literature, wherein information sharing reduces a firm’s uncertainty on cybersecurity investment and decreases deferment options associated with investment.
Backpropagation (BP)-based gradient descent is the general approach to train a neural network with a multilayer perceptron. However, BP is inherently slow in learning, and it sometimes traps at local minima, mainly due to a constant learning rate. This pre-fixed learning rate regularly leads the BP network towards an unsuccessful stochastic steepest descent. Therefore, to overcome the limitation of BP, this work addresses an improved method of training the neural network based on optimal control (OC) theory. State equations in optimal control represent the BP neural network’s weights and biases. Meanwhile, the learning rate is treated as the input control that adapts during the neural training process. The effectiveness of the proposed algorithm is evaluated on several logic gates models such as XOR, AND, and OR, as well as the full adder model. Simulation results demonstrate that the proposed algorithm outperforms the conventional method in terms of improved accuracy in output with a shorter time in training. The training via OC also reduces the local minima trap. The proposed algorithm is almost 40% faster than the steepest descent method, with a marginally improved accuracy of approximately 60%. Consequently, the proposed algorithm is suitable to be applied on devices with limited computation resources, since the proposed algorithm is less complex, thus lowering the circuit’s power consumption.
With the continuous development of the networked society, the ability of cyber attackers is becoming increasingly intelligent, posing a huge threat to complex cyber–physical networks (CCPNs). Therefore, how to design a security strategy for CCPNs under attack has become an urgent problem to be solved, which promotes our work. The problem of the distributed event-triggered synchronization of CCPNs in the presence of denial-of-service (DoS) attacks is investigated in this paper. Firstly, a distributed event-triggered controller is designed such that all nodes of networks are synchronized without DoS attacks by relieving the communication occupancy rate of limited bandwidths. Meanwhile, Zeno and singular triggering behaviors are excluded to illustrate the effectiveness of the proposed event-triggered strategy. Secondly, in view of the continuous switching of CCPNs topologies caused by DoS attacks, an event-triggered control (ETC) strategy is proposed to ensure the synchronization of CCPNs under DoS attacks. Meanwhile, the frequency and duration of tolerable DoS attacks that can ensure the stability of the systems are calculated. Finally, two examples are given to illustrate the effectiveness of the proposed method.
Cybersecurity risks have become obstinate problems for critical water infrastructure management in Australia and worldwide. Water management in Australia involves a vast complex of smart technical control systems interconnected with several networks, making the infrastructure susceptible to cyber-attacks. Therefore, ensuring the use of security mechanisms in the control system modules and communication networks for sensors and actuators is vital. The statistics show that Australia is facing frequent cyber-attacks, most of which are either undetected or overlooked or require immediate response. To address these cyber risks, Australia has changed from a country with negligible recognition of attacks on critical infrastructure to a country with improved capability to manage cyber warfare. However, little attention is paid to reducing the risk of attacks to the critical water infrastructure. This study aims to evaluate Australia’s current cybersecurity attack landscape and the implemented controls for water infrastructure using a systematic literature review (SLR). This study also compares Australia in the context of global developments and proposes future research directions. The synthesis of the evidence from 271 studies in this review indicates the importance of managing security vulnerabilities and threats in SCADA water control systems, including the need to upgrade the contemporary water security architecture to mitigate emerging risks. Moreover, human resource development with a specific focus on security awareness and training for SCADA employees is found to be lacking, which will be essential for alleviating cyber threats to the water infrastructure in Australia.
With the high digitization, informatization, and networking of practical complex systems, the security and reliability issue of systems control in the cyber-physical environment is becoming more and more critical, especially under the background of rampant network attacks nowadays. The security control for time-varying delay systems based on random switching moving defense method in a cyber-physical environment is studied in this paper. First, the security control model of one class of time-varying delay dynamic systems considering the actuator and controller attack problem is presented; second, controller design based on switching strategy for moving defense is studied; and then the security control scheme for time-varying delay systems based on random switching moving defense is presented for dealing with cyber attacks from malicious adversaries. Finally, multiple simulation results are presented to show the effectiveness of the proposed scheme.
Background
Cryptocurrency fraud has become a growing global concern, with various governments reporting an increase in the frequency of and losses from cryptocurrency scams. Despite increasing fraudulent activity involving cryptocurrencies, research on the potential of cryptocurrencies for fraud has not been examined in a systematic study. This review examines the current state of knowledge about what kinds of cryptocurrency fraud currently exist, or are expected to exist in the future, and provides comprehensive definitions of the frauds identified.
Methods
The study involved a scoping review of academic research and grey literature on cryptocurrency fraud and a 1.5-day expert consensus exercise. The review followed the PRISMA-ScR protocol, with eligibility criteria based on language, publication type, relevance to cryptocurrency fraud, and evidence provided. Researchers screened 391 academic records, 106 of which went on to the eligibility phase, and 63 of which were ultimately analysed. We screened 394 grey literature sources, 128 of which passed on to the eligibility phase, and 53 of which were included in our review. The expert consensus exercise was attended by high-profile participants from the private sector, government, and academia. It involved problem planning and analysis activities and discussion about the future of cryptocurrency crime.
Results
The academic literature identified 29 different types of cryptocurrency fraud; the grey literature discussed 32 types, 14 of which were not identified in the academic literature (i.e., 47 unique types in total). Ponzi schemes and (synonymous) high yield investment programmes were most discussed across all literature. Participants in the expert consensus exercise ranked pump-and-dump schemes and ransomware as the most profitable and feasible threats, though pump-and-dumps were, notably, perceived as the least harmful type of fraud.
Conclusions
The findings of this scoping review suggest cryptocurrency fraud research is rapidly developing in volume and breadth, though we remain at an early stage of thinking about future problems and scenarios involving cryptocurrencies. The findings of this work emphasise the need for better collaboration across sectors and consensus on definitions surrounding cryptocurrency fraud to address the problems identified.
As countries in the Indo-Pacific seek to manage the challenges posed by China’s growing power and assertiveness, they are increasingly relying on minilateral groupings and emphasizing deterrence to maintain regional peace. The essays in this Asia Policy roundtable address the resulting question: can minilateral groupings deter coercion and aggression in the Indo-Pacific and, if so, under what conditions?
Why do states aid other states' economic development? This has long been pondered in international relations (IR) and addressed by realism, humanitarian internationalism, and other theories. However, the recent establishment of cybersecurity capacity building (CCB) centers calls for a renewed investigation of the subject due to the nature of new digital technology. This article is particularly concerned with both the national security and economic development domains of CCB, because cybersecurity has become a critical national security concern for many nations and because internet-related technology has become essential for economic development, requiring its secure and safe operation. This paper argues that CCB, a new form of international development, has been pursued with disparate goals by different states, conditional upon the donor's surrounding international environment. With cases of CCB centers recently established by Japan and the Republic of Korea (ROK), this research demonstrates that while Japanese CCB efforts are aligned with Japan's national strategy, the ROK has approached CCB largely from the perspective of developmental assistance. The study suggests that academics uncover disparate rationales behind similar CCB activities, that potential recipients need to recognize the difference, and that foreign policymakers must recognize the versatile implications of CCB when internationally coordinating such efforts.
At present, most of the economic, commercial, cultural, social and governmental activities and interactions of countries, at all levels, including individuals, non-governmental organizations and government and governmental institutions, are carried out in cyberspace. Recently, many private companies and government organizations around the world are facing the problem of cyber-attacks and the danger of wireless communication technologies. Today’s world is highly dependent on electronic technology, and protecting this data from cyber-attacks is a challenging issue. The purpose of cyber-attacks is to harm companies financially. In some other cases, cyber-attacks can have military or political purposes. Some of these damages are: PC viruses, knowledge breaks, data distribution service (DDS) and other assault vectors. To this end, various organizations use various solutions to prevent damage caused by cyber-attacks. Cyber security follows real-time information on the latest IT data. So far, various methods had been proposed by researchers around the world to prevent cyber-attacks or reduce the damage caused by them. Some of the methods are in the operational phase and others are in the study phase. The aim of this study is to survey and comprehensively review the standard advances presented in the field of cyber security and to investigate the challenges, weaknesses and strengths of the proposed methods. Different types of new descendant attacks are considered in details. Standard security frameworks are discussed with the history and early-generation cyber-security methods. In addition, emerging trends and recent developments of cyber security and security threats and challenges are presented. It is expected that the comprehensive review study presented for IT and cyber security researchers will be useful.
Due to the integration of information and internet, the power network has facing more and more uncertain risks of malicious attacks. In response to this problem, we studied it from following four aspects. First of all, multiple cyber-attacks (Denial-of-service, information disclosure, replay attack and deception attack) are analyzed from each operating mechanism. Then, the subsystems are concluded to be a generic modeling frame with considering different type cyber-attack. Secondly, secure defense scenarios are proposed according to each kind cyber-attacks based on the mechanism details. Thirdly, security control conditions are derived by utilizing control theory of stability. Finally, IEEE-14 and IEEE-39 system are used as typical cases to illustrate and analyze the impact of dynamic load altering attack on some of these nodes.
After reading, writing, and arithmetic, the 4th ‘r’ of literacy is cyber-risk
- A Watters
Cybersecurity Spillovers.
- Verstraetem
- Zarskyt
- M.Verstraete