The impact of cybersecurity power in the world by Modern Diplomacy

GEOPOLITICAL

HANDBOOKS The Impact of Cyber Security theory in the World A new approach to information management Cybercrime attacks and identification of actors Cyber warfare in the Word Pathology of a soft war with Iran in cyberspace The Role of Information and Cyber Security and the Impact on Foreign Policy Strategy of the concept of cyber defense

moderndiplomacy www.moderndiplomacy.eu

THE IMPACT OF CYBER SECURITY POWER IN THE WORLD SAJAD ABEDI

SAJAD ABEDI Sajad Abedi a Resident Research Fellow at the National Security and Defense Think Tank. he obtained his PhD. degree in National Security Studies. His research interests pertain to Arab-Israeli studies, the Cyber Security studies and National Security.

MODERNDIPLOMACY.EU

INTRODUCTION

Since the principle of self-restraint addresses a wide range of threats, both in the area of justice and in the field of military and strategic affairs. But the implementation of deterrence in cyberspace is only proposed if the risks that are objectively possible have a direct impact on the security and survival of a government; therefore, each state is required to make it possible in any way to overcome the existing challenges.

The challenges of an attack, the estimation of the impact and reconstruction of the incident and the purpose of an attack, in the framework of public networking and actors, distinguish the cyberspace from other areas where deterrence is formed. Intrusions in cyberspace, although possible and possible, cannot be limited to

existing measures, but unique The result is that, according to concepts have to be developed Joseph S. Nay Jr, power in cyberspace is inherently wideand presented. spread and the expression of The same is true of cyberspace different actors is divided. In dominance and power. Accord- fact, some challenges in the ing to Daniel T. Coel, power here field of cybercrime are similar is "the ability to use cyberspace to those of other forms of deto gain points and impact on terrence. For example, the probevents in other operating envi- lem of identifying cyber attacks ronments, using power equip- is reminiscent of the challenges ment". The important thing is of deterrence of nuclear terrorthat on the eve of entering the ism. cyberspace is a low level that, unlike other classical domains Identifying the effects of a (land, sea, air, and space), any cyber attack is much more simcountry, organization, social ilar to identifying the effects of group or individual can pene- biological weapons. Also, the trate it and play an unbelievable invisibility of computerized weapons is very similar in many role. respects to the biological In the classical context, the weapons challenge. conflict often ends with erosion and the reserves of one side, while most hostile acts in cyberspace are almost unprofitable. GEOPOLITICAL HANDBOOKS

/08

The Impact of Cyber Security theory in the World

The correct control of cyber security often depends on decisions under uncertainty. Using quantiﬁed information about risk, one may hope to achieve more precise control by making better decisions.

Information technology (IT) is critical and valuable to our society. IT systems support business processes by storing, processing, and communicating critical and sensitive business data. In addition, IT systems are often used to control and monitor physical industrial processes. For example, our electrical power supply, water supply and railroads are controlled by IT systems. These “controlling” systems have many names. In this Notes they are referred to as

SCADA (Supervisory Control and Data Acquisition) systems, or occasionally, as industrial control systems.

They are complex real-time systems that include components like databases, application servers, web interfaces, human machine interfaces, dedicated communication equipment, process control logic, and numerous sensors and actuators that measure and control the state of the industrial process. In many industrial processes (e.g., electrical power transmission) these components are also distributed over a large geographical area. SCADA systems can be seen as the nervous system of industrial processes and since our society is heavily dependent on the GEOPOLITICAL HANDBOOKS

industrial processes that SCADA systems manage, we are also dependent on the behavior of our SCADA systems.

a SCADA system today does not require the SCADA-expertise that was required prior to the move to more open, standardized and common compoOver the last two decades our nents. SCADA systems and their environments have changed. They In parallel with the move to used to be built on proprietary more common and widely and specialized protocols and known solutions, SCADA sysplatforms. Today, however, tems have moved from being SCADA systems operate on top isolated and standalone to be of common and widely used interwoven in the larger IT envioperating systems (Windows ronment of enterprises. XP) and use protocols that are Process data collected by standardized and publicly avail- SCADA systems, production able. These changes have al- plans, and facility drawings are tered the threat environment for often exchanged over enterSCADA systems. prises’ computer networks. It is also common to allow users to The move to more well-known remotely connect to operator and open solutions lowers the interfaces, for instance, so that threshold for attackers who process-operators can connect seek to exploit vulnerabilities in remotely when they are on these SCADA systems. Vulner- standby duty and so that supabilities are regularly found in pliers are able to perform mainthe software components used tenance remotely. in SCADA systems (the operating systems) and instructions The increased integration with that can be used to exploit more administrative enterprise these vulnerabilities are often systems has also contributed made available in the public do- to a changed threat environmain. The increased openness ment. Administrative systems also lowers the thresholds for are, with few exceptions, conattacks targeting special-pur- nected (directly or indirectly) to pose SCADA components, pro- the internet. Hence, the possigrammable logic controllers bility for administrative sys(PLCs). Today there is an inter- tems to exchange data with est in the vulnerabilities they SCADA systems is also a poshave and there is information sibility for attackers or malware available in the public domain to come in contact with these about their design and internal systems and exploit their vulcomponents. In fact, it is even nerabilities, without physical possible to buy a subscription proximity. to exploit code speciﬁcally targeting SCADA systems’ com- The lowered threshold to ﬁnd ponents. In other words, a and use SCADA-related vulnersuccessful cyber attack against abilities and tighter integration

MODERNDIPLOMACY.EU

with enterprise systems are two cyber security problems that add to the volume of cyber security issues related to architecture and conﬁguration of the actual SCADA systems. Historically, SCADA systems were built to be reliable and available, but not to be secure against attacks with a malicious intent.

SCADA systems are thus critical assets, have exploitable vulnerabilities, and are interwoven into the enterprise architectures. Decision makers who wish to manage their cyber security need to be able to assess the vulnerabilities associated with different solution architectures. However, assessing the cyber security of an enterprise environment is diﬃcult. The budget allocated for cyber security assessments is usually limited. This prohibits assessments from covering and investigating all factors that could be of importance. The set of variables that should be investigated, and how important they are, is also hazy and partly unknown.

For instance, guidelines such as do not prioritize their cyber security recommendations. Such prioritizations are also difﬁcult to do in a generic guideline since the importance of many variables are contingent on the systems architecture and environment and guidelines are limited to one or few typical architectures. Variables are also dependent on each other.

/10

An attack against a SCADA system may be performed in a number of ways and can involve a series of steps where different vulnerabilities are exploited. Thus, some combinations of vulnerabilities can make an attack easy, but a slightly different combination may make attacks extremely diﬃcult. Thus, informed decisions require an analysis of the vulnerabilities associated with different architectural scenarios, and at the same time, an analysis of how these vulnerabilities relate to each other.

These problems are not unique for SCADA systems. Many administrative IT systems also have complex environments; administrative IT systems often need to be analyzed on a high level of abstraction; the importance of different variables is hazy also for administrative IT systems. Like the administrative environment, the SCADA environment consists of software, hardware, humans, and management processes. And as described above, there is a substantial overlap between the components which are used in both environments today. However, there is a difference in what needs to be protected in these environments. Security is often thought of as a triage of conﬁdentiality, integrity and availability. For SCADA systems, integrity and availability of functionality are crucial, but conﬁdentiality of business data is not. Because of this, cyber security assessments of SCADA

systems have a different focus than for many other systems. The importance of availability and integrity has also other implications. For instance, because of the consequence of a potential malfunction, it is recommended that SCADA systems should not be updated before extensive testing, and network based vulnerability scanners should be used with care in SCADA environments.

Information security is increasingly seen as not only fulﬁllment of Conﬁdentiality, Inte grity and Availability, but as protecting against a number of threats having by doing correct economic tradeoffs. A growing research into the economics of information security during the last decade aims to understand security problems in terms of economic factors and incentives among agents making decisions about security, typically assumed to aim at maximizing their utility.

Such analysis is made by treating economic factors as equally important in explaining security problems as properties inherent in the systems that are to be protected. It is thus natural to view the control of secu-

rity as a sequence of decisions that have to be made as new information appears about an uncertain threat environment. Seen in the light of this and that obtaining security information usually in it is cost, I think that any usage of security metrics must be related to allowing more rational decisions with respect to security. It is in this way I consider security metrics and decisions in the following.

The basic way to understand any decision-making situation is to consider which kind of information the decision-maker will have available to form the basis of judgments. For people, both the available information, but also potentially the way in which it is framed (presented), may affect how well decisions will be made to ensure goals. One of the common requirements on security metrics is that they should be able to guide decisions and actions to reach security goals. However, it is an open question how to make a security metric usable and ensuring such usage will be correct (with respect to achieving goals) comes with challenges. The idea to use quantiﬁed risk as a metric for decisions can be split up into GEOPOLITICAL HANDBOOKS

two steps. First do objective risk analysis using both assessment of system vulnerabilities and available threats in order to measure security risk. Second, present these results in a usable way so that the decisionmaker can make correct and rational decisions. While both of these steps present considerable challenges to using good security metrics, I consider why decisions using quantiﬁed security risk as a metric may go wrong in the second step.

Lacking information about security properties of a system clearly limits the security decisions, but I fear that introducing metrics do not necessarily improve them; this may be due to 1) that information is incorrect or imprecise, or 2) that usage will be incorrect. This work takes the second view and we argue that even with perfect risk assessment, it may not be obvious that security decisions will always improve. I am thus seeking properties in risky decision problems that actually predict the overall goal - maximi zing utility - to be, or not to be, fulfilled. More specifically, we need to find properties in quantifications that may put decision-making at risk of going wrong. The way to understand where security decisions go wrong is by using how people are predicted to act on perceived rather than actual risk. I thus need to use both normative and descriptive models of decision-

MODERNDIPLOMACY.EU

making under risk. For normative decisions, I use the well-established economic principle of maximizing expected utility. But for the descriptive part, I note that decision faults on risky decisions not only happen in various situations, but have remarkably been shown to happen systematically describe by models from behavioral economics.

I have considered when quantiﬁed risk is being used by people making security decisions. An exploration of the parameter space in two simple problems showed that results from behavioral economics may have impact on the usability of quantitative risk methods. The results visualized do not lend themselves to easy and intuitive explanations, but I view my results as a ﬁrst systematic step towards understanding security problems with quantitative information.

There have been many proposals to quantify risk for information security, mostly in order to allow better security decisions. But a blind belief in quantiﬁcation itself seems unwise, even if it is made correctly. Behavioral economics shows systematic deviations of weighting when people act on explicit risk. This is likely to threaten security and its goals as security is increasingly seen as the management of economical trade-offs. I think that these ﬁndings can be used partially to predict or understand wrong security decisions depending

on risk information. Furthermore, this motivates the study how strategic agents may manipulate, or attack, the perception of a risky decision.

Even though any descriptive model of human decision-making is approximate at best, I still believe this work gives a wellarticulated argument regarding threats with using explicit risk as security metric. My approach may also be understood in terms of standard system specification and threat models: economic rationality in this case is the specification, and the threat depends on bias for risk information. I also studied a way of correcting the problem with reframing for two simple security decision scenarios, but only got partial predictive support for fixing problems this way. Furthermore, I have not found such numerical examinations in behavioral economics to date.

Further work on this topic needs to empirically conﬁrm or reject these predictions and study to which degree they occur (even though previous work clearly makes the hypothesis clearly plausible at least to some degree) in a security context. Furthermore, I think that similar issues may also arise with several forms of quantiﬁed information for security decisions.

These questions may also be extended to consider several self-interested parties, in gametheoretical situations. Another topic is using different utility functions, and where it may be normative to be economically risk-aversive rather than riskneutral. With respect to the problems outlined, rational decision-making is a natural way to understand and motivate the control of security and requirements on security metrics.

/12

But when selecting the format of information, a problem is also partially about usability. Usability faults often turn into security problems, which is also likely for quantiﬁed risk. In the end the challenge is to provide users with usable security information, and even more broadly investigate what kind of support is required for decisions. This is clearly a topic for further research since introducing quantiﬁed risk is not without problems. Using knowledge from economics and psychology seems necessary to understand the correct control of security.

GEOPOLITICAL HANDBOOKS

A new approach to information management

The American people, both directly and through their representatives, are more focused on organizing and conducting the work of intelligence agencies than ever before. Because of intelligence operations play an important role in life and security. From the September 11, 2001 incident, terrorism and weapons of mass destruction are debates that are constantly being raised in American families.

Not surprisingly, there are suggestions for the transformation of organizations and the US intelligence system beyond the public awareness. Foreign countries are demanding this, and many people inside the country also need to understand such a change.

MODERNDIPLOMACY.EU

Many of the organizational methods and structures that have proven successful over the years have failed in some cases, especially in the September 11 incident, and have provided enough information to the United States in dealing with Saddam Hussein's weapons designs in Iraq. They did not set up the country.

Information managers and many other people who are involved do not agree with such changes. They often prefer to deal with marginal issues because information is every day and it is time consuming to make such changes. In 1986, Casey, former head of the CIA, created a counterterrorism center. He believed that the center created the necessary coordi-

/14

nation in design and operation, and analysts were working in the immediate vicinity of the operators, but many of the old members of the CIA and intelligence operations threatened their place and those under their control. They knew even years after the establishment of the anti-terrorist center, there has been tension between the function of the center and other elements of the organization. The CIA, after receiving adequate guidance from the military, should provide an oﬃcial mechanism for post-operative investigations. A review of human gathering about Iraq should include the history of that program, the selection of personnel for it, the targeting of Iraq and the recruitment of people and benchmarking it for deployment and operation.

Such a "post-operation" review should not undermine the level of shielding, accusing, deﬁning or denigrating anyone. It should also be ensured that managers and leaders discuss important goals such as Iran and North Korea, systems for designing breakthroughs, tools for deploying a framework for spy operations based on accurate sur veys and information to adjust the plan to maximize the quality and ensure optimal operations. Other human resources managers should have a summary of the methods that have been effective in reducing the failure rate. Really important operational information should not be compromised in this way.

Managers and information leaders should work on re-use of "post-operation" formal surveys, planning, recruiting, training, recruitment, assessment and promotion of their staff. In many cases, the development of such systems is not required by law. The system needs to be explicit, honest and accurate, and also requires a co-operative work force. This system examines the need for a foreign country in order to increase the success of a successful business person, not a business, policy or training consultant in a team. Such a foreign country has a new perspective and can ask questions that do not come to the minds of others.

A commitment to using the best results in these reviews is essential. The US government and politics are eager to face a crisis and failure to design new policies or seek quick solutions and examine the issue. In any organization, it's diﬃcult to transfer funds from steady plans to creative and new ones. Especially in the US government, the fundamentals of the country's budget are old and weird.

be licensed and funded. It is difﬁcult to compete for the new budget, but basically the competition between the initiatives takes place, not between the new plans and the ﬁxed plans.

One of the hallmarks of CIA operations is the development of creativity. Creative leaders and oﬃcers will identify problems and provide solutions, But spending too much on new creativity, regardless of cutting or cutting out budgets. The "stirring up" of something in the database is hard and frustrating. But when all US intelligence facilities are under investigation and new threats, they must be shuﬄed.

Spying, human gathering and other programs will never be fully realized. Because of this is the nature of the world of information. The only thing they guarantee is that their performance in the context of informing policymakers and military and operational commanders emphasizes the quality, accuracy, accuracy and utilization of the best available technical and human-coordinated programs.

Every year the congress and executive branch decide on budgeting for personnel, logistics, operational programs and infrastructure - they decide to continue the same or increase it with a slight change. When the management of the organization, the budget and congress organization agrees with the operational plans, then they will

GEOPOLITICAL HANDBOOKS

Cybercrime attacks and identification of actors

Given the nature of the cyberspace, although the allocation of a set of malicious acts to a particular actor appears to be quite complex, there are many elements that allow the implementation of cybercriminals.

Geo-strategic texture and technical texture can facilitate the assignment of hostile acts to responsible actors: for example, in a cybercrime attack on Estonia, although the oﬃcial Russian services did not directly operate to neutralize its servers, but it seems It turns out that Russia has played a signiﬁcant role in the attack. Of course, it cannot be said that this is the only decisive factor in identifying an actor, since in some cases many actors may be suspected of carrying out an

MODERNDIPLOMACY.EU

attack, or even actors may be attacked and try to act as a third party Accused. It may even be possible for a government to take responsibility for cyber attacks against its rival to increase its containment position.

In some circumstances, a government that has used the infrastructure and equipment used to carry out malicious acts is also responsible for and charged. Thus, in countries where there are no judicial authorities to identify prosecution for malicious cyber attacks or cybercriminals, some actions cause them to be identiﬁed as responsible or co-sponsors of a cyber invasion. Thus, governments, as well as groups providing hacker refuge services or

/16

facilitating their operations in a single attack, can be held accountable. Also, governments refusing to cooperate in carrying out criminal investigations on their territory are also partly responsible for the attack. In fact, in some cyber attacks, we ﬁnd that some malicious acts do not occur without participation, support, tacit consent, or even lack of corrective / preventive measures by governments.

tion, if participants in this system deﬁne the necessity of imposing compulsory or punitive measures, its deterrence will increase dramatically.

Joseph S. Nye, in his book, "Cyber Power", introduced this special dimension of cyber-bullying: "Since false flags are not complete, rumors of the source of cyber attacks seem to be valid." (Although not judged by a court of law), the damage to In some cases, even if there are the soft power of a cyber atmany indications that the ac- tacker can contribute to detertors are involved in an attack, it ring attacks. " is difficult to provide documentary evidence to accuse them; The actor's reputation in cyberand this uncertainty makes the space is particularly valuable in adoption of preventive counter- comparison to other environmeasures extremely sensitive. ments. Many online actors are But by expanding the concept known by their Internet users of "multinational response", this for their reputation (honesty, problem can be addressed. competence, access to reliable information, independence, This concept is: etc.) and have many followers. Increase the capabilities of The opinions expressed, the analysis and investigation of analyses provided, and the inthe attack, through the use of formation provided by these acsynergies between state- tors, are relatively reliable given owned technical equipment their positive or negative repuand the expansion of judicial tation. and military cooperation. In fact, the reputation of govAchieving a common right to ernments, real people and legal condemn a hostile act and its people on the Internet creates a possible author - governments real cyber identity, which is due and non-governmental groups - to a reputation that comes from through the creation of a uni- classical different interactions. fied vote, this is based on un- Cyber security in cyberspace is, proven evidence. in fact, more dynamic and more volatile than actual space. Governments and member organizations of this multina- Companies, for example, are tional system can achieve a placed against actors who are certain level of cybercrime re- often not well-known, who can liance on this solution. In addi- publish them on the Internet

using simple materials related to their products, products or partners.

In fact, it is a serious challenge to be charged with casting cybercrime. In the same vein, blow to credit can be a means of deterring them from participating in a malicious act.

GEOPOLITICAL HANDBOOKS

Cyber warfare in the Word

The concept of information warfare began as a technology oriented tactic to gain information dominance by superior command and control. This soon developed into a realization of the power of information as both a ‘weapon’ as well as a ‘target’.

The importance of information rather than its associated vehicle – information technology − created a situation where influence became a critical factor in conflict. As the nature of conflict changed to being an almost ongoing situation, control over mass communication became a high priority task for governments as well as the military. As such, the manipulation of information became an essential function.

MODERNDIPLOMACY.EU

Information warfare is primarily a construct of a ‘war mindset’. However, the development of information operations from it has meant that the concepts have been transferred from military to civilian affairs.

The contemporary involvement between the media, the military, and the media in the contemporary world of the ‘War on Terrorism’ has meant the distinction between war and peace is diﬃcult to make. However, below the application of deception in the military context is described but it must be added that the dividing line is blurred.

Of course, deception has been an attribute of humans throughout history. Its informal use in war also has a history as long

/18

as war itself. However, only in the twentieth century with its formal use by governments and the military did the development of its theoretical base begin. The Soviet Union used Maskirovka to great effect during the Cold War and was ﬁrst to develop it as an integrated part of normal diplomatic and military procedure (Smith, 1998). It also became a formal part of doctrine in Western militaries in that late twentieth century.

mation environment (network warfare operations, electronic warfare operations and integrated control enablers are the others). The components of influence operations are psychological operations, military deception, operations security, counter-intelligence, public affairs, and counter-propaganda. All of these activities have one aim: to influence the mind and behavior of the adversary in ways beneficial to the perpetrator. As such, all involve deception to a greater or lesser The U.S. Joint Doctrine for In- degree. formation Operations defines deception as: This is in contrast to a decade earlier where the emphasis was Those measures designed to on technology and its use. The mislead the enemy by manipula- objective of deception is to be tion, distortion, or falsification of used with the other tactics to evidence to induce him to react gain ‘information superiority’ in manner prejudicial to his in- where this is defined as “the terests state that is achieved when a competitive advantage is deHowever, the Joint Doctrine for rived from the ability to exploit Military Deception gives a fuller a superior information posidefinition: tion”. It is attempting to get the adversary to believe what the Military deception is defined as deceiver wants them to believe being those actions executed to for the advantage of the dedeliberately mislead adversary ceiver and the disadvantage of decision makers as to friendly the deceived. military capabilities, intentions, and operations, thereby causing It is truly using information as a the adversary to take specific weapon. Information superioractions that will contribute to ity is the raison d’être of inforthe accomplishment of the mation warfare. The theory of friendly mission. deception was also developed outside the formal doctrinal A later doctrine from the US Air area. For instance, since the Force (2005) on information mid-1990’s investigators from warfare (actually, information RAND examined the use of deoperations) refers to ‘influence ception and its theoretical operations’ as one of the four basis and produced a model for major components of the infor- deception planning.

In 1991, J Bowyer Bell and Barton Whaley published Cheating and Deception as an attempt to theorize about the nature of deception in its broadest sense. They created a classiﬁcation of deception types. In it, they speculated that there were two basic types of deception: Level 1; that consisted of hiding the real, and Level 2; this showed the false. Of course, Level 2 is always a part of level 1.

These fundamental types are further divided into six categories. Hiding can be broken into: masking (basically means blending in for example, camouﬂage), repackaging (where something is given a new ‘wrapping’), and dazzling (which consists of confounding the target for example, using codes). Showing can be broken into: mimicking (this means producing replicas, which have one or more characteristics of reality), inventing (which involves creating new realities), and decoying (which involves misdirecting the attacker).

Information warfare is split into offensive and defensive modes. Deception has its place in the offensive mode although counter-deception is regarded in U.S doctrine as defensive. However, the distinction is somewhat artiﬁcial and, as will be illustrated below, it can be used in all the elements of information war-fare. Information warfare (information operations) consists of various functions. GEOPOLITICAL HANDBOOKS

These include defensive activities such as: operations security (this denies knowledge of your own operations to the enemy), counter deception (decreases the effect of an enemy’s deception activities), and counter propaganda or counter psychological operations (which attempts to counter the impact of the enemy’s messages). Offensive activities include: military deception (measures designed to mislead the enemy by manipulation, distortion and falsiﬁcation of evidence), and psycho logical operations (measures to inﬂuence attitudes and behavior of allies and enemies).

Added to these are the closely aligned Public Affairs and Civil Affairs. Public Affairs is concerned with military/government interaction with the media, whilst Civil Affairs is concerned with those actions needed to inﬂuence the relations between the military and the civilian population in a military operation. American sources are used in this paper as they are the most published. For instance, the Australian and United Kingdom doctrines for information operations have a classiﬁcation of ‘Restricted’.

By deﬁnition, information warfare has information and its use as a weapon as the core of its activities. As deception is about limiting access to and manipulation of information, it is a fundamental requirement MODERNDIPLOMACY.EU

for successful information warfare. This permeates all its levels: tactical, operational and strategic.

Arquilla and Rondfelt (1996) describe nations as being at different stages in the development of a networked society. They proffer four stages: clan/tribal, institutional, market, and organizational networks. Developed nations such as America, Australia, and the United Kingdom would ﬁt into the latter category.

As much of the data storage and processing, and communications is achieved by electronic networks in these nations, digital deception would take prime place. In other less developed nations, other methods would take prominence. In developed and developing nations, the combination of mass media and communication networks has provided a rich, if challenging, environment for information warfare and deception. Ironically, this ‘information rich’ environment makes deception both more and less achievable. The ubiquity of communications makes the dissemination of data much easier. Hence, people have access to various views. However, the context with which this information is interpreted is primarily determined by the mass media that is generally owned by small cartel of interests. It is in this paradoxical world that future deceivers will work.

The theory of deception was also developed outside the formal doctrinal area. For instance, since the mid-1990’s investigators from RAND examined the use of deception and its theoretical basis and produced a model for deception planning.

/20

Pathology of a soft war with Iran in cyberspace

The soft -war against Iran is a fact that all the scholars acknowledge. In fact, the main and hidden purpose of the soft -war is to disrupt the information system of the countries and to inﬂuence the public opinion of the countries. Cybercrime is today in the cyberspace community. With this regard, what is the position of cyber space in this media and cyber campaign?

The soft -war is a kind of conﬂict between countries, which is dominated by content, programs and software, mainly from the media. In fact, any confrontation between countries or groups those are rival or hostile to each other, in which media, cyber and software tools are used is regarded as a

"softwar" in the world. In the softwar space, the subject of rockets, guns, tanks, ships and aircraft is not the subject of satellite, Internet, newspapers, news agencies, books, movies, and cinema.

Naturally, the soldiers involved in this soft -war are no longer generals, oﬃcers and military, but journalists, cinemas, artists and media actors.

Naturally, satellite TVs and radio programs within the framework of the soft -war debate are the continuation of the domination of the capitalist system and seek to secure their own interests and interests in other countries. The main purpose of these types of networks is to inﬂuence the public GEOPOLITICAL HANDBOOKS

opinion of their target countries and to disrupt the internal information system of the countries concerned. They use several technological tools to reach their predetermined plans, goals, and scenarios. These goals can be faced with various shapes and shapes. Soft -War has existed throughout history. Even when technological tools such as radio, television, and satellite were not available, there was a softwar in the context of the war of thought and psychological warfare. But what's happening now in the world is that hardware or hard-core wars have multiple implications for the invading countries.

Therefore, they are trying to achieve their goals by adopting a soft war strategy alongside their hard wars either independently and only within the framework of softwar. As time goes by, with the growth of technology and media techniques, the working methods of these networks become more complex. Naturally, the layers of the soft -war become more complex, more complete, and the recognition of these tricks becomes even harder.

In his book Soft Power, Joseph Nye introduces elements as soft power pillars, some of which are music and art. That's also the basis of the soft warfare. In fact, music, art, university, sports, tourism, ancient artifacts, culture and lifestyle of a nation are soft power. MODERNDIPLOMACY.EU

On this basis, there are weaknesses and weaknesses in the internal dimension. One of the most important problems and weaknesses is the inability to use all of its software capabilities in cyber warfare and public diplomacy. In the soft -war of the other faction, the group, the person, the group, the cult, and so on, does not matter. Softwar does not know the border. Accordingly, all internal groups in this ﬁeld must be activated in accordance with the guidelines of the Supreme Leader, we must have in the internal arena and in all cultural ﬁelds and "infrastructure elements" the softwar of maximum absorption and minimal elimination, that is, from all the capacities of the system for Cultural confrontation with hostile countries.

and the imagination that a nation makes for itself. What image do you have in your mind when you hear German or German people? When do you hear the image of the people of Afghanistan, China, Japan, or Arab countries? This is an image that is powerful in the world and talks. Inside Iran, there was a weakness in drawing this image. To create a good image of Iran, one should use the simplest tools, including practical suggestions that media like Voice and Television Organization are capable of demonstrating to the ordinary people of the community. When a tourist arrives for the first time in the country, he is surprised at the first step in entering the airport. Because he faces scenes he did not expect or in the sense of another The most basic element of soft image of Iran. power is the people. Social capital, public trust, public partici- In fact, we are now in a softpation, public culture, public war space. Satellite, radio and education, and finally all the television tools, along with things that exist in people, lo- cyber-tools, have created a fullcalism, nativeism, subcultures, blown war against the Islamic and traditional cultures come Republic of Iran. With the from people. In fact, this is growth of technology and something that should be given media techniques, the working the most concentration and at- methods of media networks betention. Using the capacity of come more complicated, and the people to cope with these more complicated, more comexternal pressures will have the plete, and harder to know than greatest success. the soft warfare. Today, the Islamic Republic of Iran is a good But how should these capaci- news country, but the country is ties, potentials and capital of not news. That is, all countries people is used? The first is of the world receive Iran-related used in the media. The national news on most issues and topidentity in the world is charac- ics from countries other than terized by the national image, us about the country. Once it that is, the look, the imagination has come to an end, as we re-

solve many of the problems in the framework of Article 44, policymakers will take steps to improve media and cyber media activities. The following strategies can be put forward to combat soft war against Iran in cyberspace and media:

Second, the launch of new media networks under the overall supervision of the audio and video, and with the production and management of the private sector is essential. These networks can informally meet the needs of people's entertainment and information and restore the people's conďŹ dence in First, the establishment of the the domestic media. National Center for the Coordination of Soft- War is indispen- Third, support for the producsable. This center is respon tion of healthy content in cybersible for coordinating the vari- space, especially native social ous internal institutions in the networks, should be supported ďŹ eld of countering the enemy's in order to defend the national softwar and controlling, moni- interests of the country within toring and monitoring media the framework of the software imaging from Iran. movement.

/22

Fourth, attention to the basics of soft power in the country is necessary for maximum absorption and minimal elimination. No artist should be defeated on the pretext of political orientation, the destruction of art and music and national honors, and bringing national issues into line with internal political challenges, will undermine Iran's soft power.

GEOPOLITICAL HANDBOOKS

The Role of Information and Cyber Security and the Impact on Foreign Policy

The emergence of the most advanced day-to-day technologies in the military centers of the world has transformed the methods of conﬂict among the nations before and more than anywhere. In the meantime, the increasing importance of information and its underlying role in the life of the countries has changed the military intentions in the wars so that, unlike the past, the goal is not to eliminate traditional weapons and the manpower of the enemy, whose destruction with the use of new methods.

In this way, the information age, along with its advanced technology, has led to a profound transformation in terms of such as weapons, goals, tactics, warfare, and so on. MODERNDIPLOMACY.EU

In recent years, the automation of the domestic infrastructure of some countries in the military, political and security sectors has dramatically acce lerated, as advances in information networks have provided new opportunities for lower costs and more eﬃciency.

The space for policy and cyber interaction is considered to be the most recent and most important area of interest among policy and international experts in the theoretical and practical field. Neglecting it can cause serious and unpredictable damage to countries. The title has the title of the most important actress in the field of international relations. Today, "cyber security" is spoken in the field of international relations and

/24

politics. Real space cyberspace is a new field for impact and as a result of friendship, cooperation, competition, hostility and even war between countries and other actors. These cases clearly show that the Internet and cyberspace have provided a new field for politics, a space in which individuals, groups and governments are acting and policy makers. In the field of international relations, under the influence of the realism tradition, international issues are divided into very important issues such as security and less important issues, such as economic issues. Some experts believe that because of the importance of cyberspace, cyber security should be considered as one of the most important, critical, security or policy issues.

In the space of "Cyber Security" as a major new issue in the field of politics and international relations, as in other areas of politics, "values" and "interests" by different actors such as governments, organizations and Governmental and nongovernmental actors, and even people who produce, distribute and consume. In fact, unlike in the past, cyber security has placed new actors alongside governments as the most important actors in international relations, which are sometimes more capable and successful in the Internet. Anyway, apart from all the benefits and benefits of the Internet, the fact is that the Internet has provided "a new war space" called

"cyber warfare". In this type of war, countries and other actors use the Internet to spy, sabotage, and create insurrections, revolutions and even the destruction of military installations and vital centers of the other side.

Of course, the Internet has created a new space for "cooperation" and "interaction" between countries. In this regard, the Internet has made the relationship between all actors, including governments, individuals, organizations, and institutions, cheap and comfortable, due to its high speed and precision. As a result, the conditions for collaboration and engagement have been more interesting than ever before. While countries and other actors are aware of the need for widespread international cooperation on the Internet, they know that cyberspace has created a new area of international cooperation. Finally, a new atmosphere in the international arena is formed that cannot be analyzed based on previous theories, approaches, and levels. In fact, the content and philosophy of the new space, called cyberspace, is very different from the past. In this new space, new types of friendship, cooperation, rivalry, hostility and war have been created alongside past patterns. Meanwhile, various and varied actors have been added to traditional actors that are very vague and unpredictable.

Consequently, these conditions must emphasize new ideas, approaches, and perspectives that are much more ﬂexible and open to the past. Therefore, the cyber space has created new conditions in which issues of international relations are presented in a different way, resulting in a new form of policy called cyber security which has particular implications in the ﬁeld of national and international security. Accordingly, in general, it can be said that "security policy" has a different meaning from what it has been so far, which includes two fundamental principles.

On the one hand, political planners, diplomats, such as lawyers and intellectuals, have to come up with a collective agenda in order to ﬁnd a place for subtle and supranational actors in politics and the administration of society. GEOPOLITICAL HANDBOOKS

On the other hand, the global arena will represent new areas where governments alone are not role-play, in other words, "non-governmental". So, while identifying the realm of government inﬂuence, a particular kind of problem arises when ﬁnding the right solution for them is not necessarily the responsibility of the government. Understanding and accepting this separation are important consideration in the security equations.

Accordingly, a new curriculum is being developed, the nature of which is not only the elimination of threats, but also the creation of opportunities and the fulﬁllment of requirements that

MODERNDIPLOMACY.EU

respect the capabilities of a political system. In this framework, new think tanks in the ﬁeld of security studies are divided into two state-centered and non-government approaches, thus deﬁning and identifying new actors in the national security equation, which has previously been for analysts they did not much matter. As the development of national security studies has progressed, the category of "threats" has also evolved, and we are turning to attention to new threats that are mostly non-governmental, and in contrast to the Cold War, in the two "national" and "supra" have spaces of the national government.

In addition, Iran's national security considerations have been subject to various developments; in summary, the evolution of "outwardtointrospection" from the "ideological approach and pure commitment to more realism", from the "Ummah-axis to Iran-centered" from "simplicity to complexity", and from the "Threat to Threat - Opportunity in the International System". In these developments, we are paying more attention to the need for a balance between the implications and limitations of cyber security and national security considerations.

/26

Strategy of the concept of cyber defense

The discussion of cyber defense strategies is about a variety of issues, among which the most important issue is whether the signiﬁcance of the potential damage caused by cyber-attacks can justify the use of a complex system to enforce these two types of deterrence. Finding an answer to this question is diﬃcult because the available information is negligible and is often provided by sources whose neutrality is uncertain. In fact, the severity of the dangers of cybercrime (or, in other words, the constant hostile acts affecting information systems globally) cannot be simply determined.

2007 (including deep-seated spyware interventions), all of which indicate cybercriminals that are more abusive Malicious actors are placed; while information and communication systems in their everyday activities have a very sensitive place to carry out physical and material operations, store confidential and personal information or exchange information between actors at distances. In contrast to this wide range of malicious activities, the first issue that comes to be identified is the overall role that cyber oppression can have.

In some circumstances, a state But based on the evidence that has used the infrastructure available, there have been sig- and equipment used to carry niﬁcant cyber-attacks since out malicious acts is also reGEOPOLITICAL HANDBOOKS

sponsible for the charges and charges. Thus, in countries where there are no judicial authorities to identify and prosecute cybercriminals or cyber criminals, some actions cause them to be identiﬁed as responsible or co-sponsors of a cyberattack. Thus, governments, as well as groups providing hacker refuge services or facilitating their operations in the attack, can be held responsible.

However, the lack of a universal convention for cybercrime still makes it difficult to use these arguments. On the other hand, conflicts between national judicial approaches, such as the existence of a law protecting citizens' digital data, can lead some governments to refrain from cooperating in this area. Finally, I cannot ignore the possibility of first and second type errors:

Some experts in the field believe that hacking groups that are capable of producing longterm effects with remarkable results apparently benefit from technical assistance from governments; these groups, even if they are not affiliated with the state, are legally endorsed and supported by that government. Relying on this argument, we conclude that governments are the only cyber-sponsors and directors, which justifies coping operations. This argument supports symmetric countermeasures, to justify attacks on infrastructures or sensitive information systems.

- The development and development of technical equipment can facilitate investigation and investigation of the attack. The ability of governments to intercept the root of the attack, identify operational practices (and, if possible, re-create them), decrypt codes and software used in an attack; and, in parallel, access to human and technical resources (in particular, in Computational Power or Technical Knowledge Areas) is still on the rise. However, along with these technical advances, the power of hacking groups to expand attacks and sabotage is also increasing, but technical and humanitarian privileges are potentially available to governments, and if governments can beneﬁt from these privileges

Governments that refuse to cooperate in conducting criminal investigations on their territory are also partly responsible for the attack. In fact, in some cyber-attacks, we ﬁnd that some malicious acts do not occur without the participation, support, tactical agreement or even lack of corrective / defense measures by governments.

MODERNDIPLOMACY.EU

- Failure to operate equipment, in particular software, may produce results that are comparable to the effects of an attack or a technical or logical disruption. Additionally, some hackers (in coincidence) may be in a situation where they have more effects than they expect or are in their power.

the most effective syntax will make it easy to identify authorities and actors.

It should be kept in mind that defense equipment that provides coping responses against malicious actors should generally be cyber-threats and their effects have been appropriate to the attack, but the answer to some of the invasions should not be the option to remove the asymmetric equipment. The use of physical, ﬁnancial, or judicial countermeasures must be viewed more than anything else against actors with limited cyber-interests. Paying attention to the features of cyberspace will require us to re organize our efforts in this regard, in order to pave the way for the emergence of a defense strategy based on credible defensive measures and methods of threat with defensive characteristics.

For this reason, at the executive level, it is better to apply methods that allow the synchronization of all cybercriminal actions and programs of different departments. It should also ensure strategic navigation and the necessary political rule for all defensive and aggressive equipment. This hierarchy should lead to the deﬁnition of the rules for the deployment and conditions of the use of cybercrime as well as the coordination of surveillance and alert activities.

moderndiplomacy www.moderndiplomacy.eu