The Concept of Cyberspace
Cyberspace
The concept of cyberspace refers to a ubiquitous, continuously-growing and interconnected digital technology. Technology refers to a sum of processes, skills, techniques and methods utilized by people in producing goods or services or accomplishing a scientific investigation or a carefully planned objective (Carroll, 2017). The aspect of technology may be constituted by the mere knowledge of the processes or techniques, or it can go further to include the machines’ embodiments to permit operation without the actual knowledge of how the machines operate. The simplest forms of technology refer to the use and development of basic tools.
In the modern era, the term cyberspace is used by governments, industry leaders, military, security agencies, entrepreneurs, and technology strategists to describe the world’s technological environment’s domain, which comprises the global network of computer processing systems, telecommunication networks and information technology infrastructures. Previously, this term emerged from the arts and science fiction. The Oxford Dictionary defines cyberspace in the US as a national jurisdiction in which computer networks allow communication. Social interactions are what define cyberspace, and not the technical implementation. Supporting their definition of what cyberspace is, Morningstar & Farmer (2003) highlight that the technical computational medium in cyberspace is merely an augmentation of the communication channel involved between real people; its core element is that it provides a platform upon which many subscribers influence and affect one another. The concept goes deep to observe that individuals in the real world seek depth, complexity and richness in the virtual world.
The term became popular in the 1990s, where its use represented many new phenomena and ideas that were emerging from the dramatic growth of digital and networking communication. Using this global network, individuals can now conduct businesses, exchange information, interact, play games, create arts, engage in political discussions and provide social support to each other. This term (cyberspace) has become a conventional way of describing the diverse nature of the internet culture and anything to do with the internet. In the US, the interdependent network of information technology infrastructures and the interconnected information technology is considered a critical part of the country’s infrastructure. As a result, the government believes in a need to have a code of shared ethics and rules that mutually benefit every person in cyberspace. The most critical and fundamental code regarding this concept is the right to privacy (Spinello, 2014). Some of the international community’s fundamental rights are directly associated with working online, and where opinions are involved with social experiences.
Consequently, being a vital part of the country’s infrastructure, cyberspace is an integral element in all facets of American life. It affects and influences the economy, the private and public industries, and even the defense. It is, therefore, vulnerable to a variety of attacks, hazards and threats. Accordingly, some certain agencies and institutions are tasked with the formulation and development of strategic plans that aim to prevent and control these risks.
Homeland Security
The US Department of Homeland Security is the federal executive Department whose task is to ensure all citizens’ public security. It can be compared to the home or interior ministries in other states. Some of the Department’s core missions include disaster management and prevention, border security, customs and immigration, anti-terrorism, and Cybersecurity. It began its operations in 2003 as a result of the enactment of the Homeland Security Act. The Homeland Security Council coordinates policies relating to homeland security at the White House. The Departments of Energy, Justice and Health and Human Services are other departments tasked with homeland security responsibilities.
Homeland security is a term that did not take to actual theater of interest until the terror attacks of September 11, 2001. Initially, the practice and concept of homeland security were considered a fuzzy subset of national security. The concept has grown and has since become a domestic theater of concern, with specific focus given on preventing, detecting, deterring, responding and mitigating significant incidents that aim to hurt the nation, its fabric, and its citizens, or within its own boundaries (Brady, 2015). Therefore, homeland security is clearly distinct from national security.
Homeland security seeks to protect the American citizens and their interests within its boundaries, whereas national security protects Americans’ interests abroad. On that note, the Department of Homeland Security has the responsibility of domestic prevention and protection, including the protection of the nation’s borders; foreign responsibilities to security are split between the Department of State, the military and the Department of Defense (Brady, 2016). Constitutionally limited intelligence agencies and various domestic federal laws provide support efforts in homeland security. Despite the best efforts of law enforcement, the tasks of the Department of Homeland Security on transportation infrastructure, border security and Cybersecurity are all critical areas of need.
In 2002, the Department of Homeland Security was established by the Homeland Security Act. The purpose was to create a single Cabinet agency, consolidated US executive branch organizations relating to homeland security. The Department’s need was further solidified by the Gilmore commission, which was supported by a majority in Congress. Consequently, several agencies with specific tasks were incorporated by the Department. The Secretary of Homeland Security heads the Department with the help of the Deputy Secretary. In 2003, the Department incorporated the Immigration and Naturalization Service (INS) and went on to perform its functions. It categorized services and enforcement functions into Citizenship and Immigration Services and Immigration and Customs Enforcement in performing these functions. The units gathering intelligence ad investigative divisions were united to form the Homeland Security Investigations, which acted as the Department’s primary investigative unit. Furthermore, the Department assumed responsibilities relating to border enforcement. As time went by, other functions were assigned to the Department through various agencies’ official formation. The growth of a continuous threat and risk in the US cyberspace is an example of such a scenario.
Cybersecurity and Infrastructure Security Agency
Cyberspace, being a vital infrastructure in the US, is vulnerable to various risks that stem from both cyber hazards, threats and physical attacks. Enlightened nation-states and cyber actors take it upon themselves to exploit vulnerabilities in the infrastructure to steal money or information. They develop capabilities to threaten, destroy, or disrupt the delivery of essential services. In 2018, the President signed into law the law that established the agency tasked with Cybersecurity. The Cybersecurity and Infrastructure Security Agency Act of 2018 is landmark legislation that provided an elevation of the mission of the former National Protection and Programs Directorate, which was an agency within the Department of Homeland Security. The Act establishes the Cybersecurity and Infrastructure Security Agency (CISA).
CISA collaborates with the federal government to acquire resources and tools used in Cybersecurity, builds the nation’s capacity in the defense against cyber-attacks, and builds incident response services and evaluation capabilities. The agency’s main aim is to safeguard different government networks, which support the essential operations of other agencies and departments. Regarding Cybersecurity, CISA focuses on cyber incident response, combatting cybercrimes, cybersecurity governance, protecting critical infrastructure, securing federal networks, and promoting cybersecurity information, exercises, training, and information sharing. Being an extended version of the National Protection and Programs Directorate, CISA falls under the Secretary of the NPPD and the Deputy Director. After its formation, CISA is expected to improve Cybersecurity across the various levels of government, improve the protection against nation-state or private hackers in cybersecurity operations, and coordinate the cybersecurity programs within state CISA composes of several sub-components. These sub-components include the cybersecurity division, emergency communications division, infrastructure division, National Risk Management Center, Integrated Operations Division, and Federal Protective Service, among others (Department of Homeland Security, 2019).
The Cybersecurity Division has the responsibility of guarding government networks and collaborating with the private sector to improve the security surrounding critical networks. This division constitutes the nation’s flagship operation integration center, incident response center, and cyber defense center. The division has served 24/7 to operate as an incidence response and situational analysis and awareness center. It has also served as a national hub for operational integration, technical expertise and cyber and communications information. Being the agency that should specifically look at the communication and information technology sector, CISA evaluates the consistency of national-level reporting with the National Response Framework.
The sub-agency tasked with the planning, evaluation, and collaboration to identify and address the most significant risks to the country’s cyberspace infrastructure is the National Risk Management Center (NRMC). This division coordinates closely with other key stakeholders and private agencies to perform its function. It prioritizes and finds ways to manage the most significant risks, risks that affect the functioning of the state or federal governments, or the private sector. The division focuses on functions that, when impeded or destructed, would have debilitating effects on either national public health, economic security, or security. Various other divisions under CISA have different roles that contribute to the overall function of CISA. Two systems guide all levels of organizational functions; these are the National Incident Management System (NIMS) and the Incident Command System (ICS).
National Incident Management System
This is a system that acts as a guide to all governmental or non-governmental organizations. This also includes the private sector. This system provides that all these parties have to work together to protect, prevent, respond, mitigate, and recover from incidents that harm the citizens or their interests. It provides for shared processes, systems, and vocabulary that successfully deliver the National Preparedness System’s capabilities. The system defines specific operational guides that provide on how personnel should work together in incidents. NIMS was first published in 2004 by the Department of Homeland Security. Since its first publication, the nation has made significant strides in collaboration and planning before, during, and after emerging incidents (Federal Emergency Management Agency, 2017). During incidences and crisis, people from different backgrounds work together to save lives and protect the environment and property. The unity witnessed strengthens organizations and communities because people help and share each other with resources in needy times.
NIMS ensures practitioners and partners’ engagement from a variety of fields, private sector, non-governmental organizations, and all levels of government. It synchronizes the best practices in times of incidences, changes in law, policies, and adds on the roles of different kinds of personnel in emergency operation centers. This system incorporates different perceptions and views from the actual experiences of emergency personnel who respond to incidents every day. The purpose remains the same regardless of its growth and development; to enhance efforts in unity by providing standardized approaches on how to manage and act during incidents.
Incident Command System
In a disaster, a standardized and unified system for communication, control and command is required. The reason for this is that leadership in disaster situations is assumed and maintained by local government officials. Because of the different structures within different levels of government, however, many local governmental organizations, federal and other response agencies may be involved in the response and recovery. This creates the need for a standardized system; the Incident Command System comes in.
The ICS is a unified system that creates a hierarchical structure, which allows for a unified and unchallenged response by multiple agencies. The system allows different agencies, both governmental and non-governmental, to coordinate and organize responses and reactions to disasters without compromising or disagreeing on the local command’s decision-making authority (Burgiel, 2020). The system enables the prioritization of certain needs and the effective use of the available resources. The ICS foundationally establishes the management and planning functions of responding partners in working in a systematic and coordinated manner. These functions include using common terminologies during incidents, creating unified command structures, planning, coordinating resource allocation and management, and integrating communication media. These functions include the assignment of one central coordinator, referred to as the incident commander. This incident commander is in charge of managing response activities, including assignment of personnel, obtaining additional resources, coordinating with participating partners, and deploying of equipment. The ICS incorporates different management systems that enable the fulfillment of its roles; these systems have the command, operations, logistics, finance and planning sections.
New and Emerging threats in Cybersecurity
The society today, critical and economic infrastructures are mainly dependent on information technology solutions and computer networks. As this dependence increases, cyber-attacks and threats become more significant, attractive and potentially disastrous. The victims of these attacks are also significantly growing in number. According to a report, around 14 adults are prone to cyber-attacks every second, and to more than one million attacks every day (Jang-Jaccard & Nepal, 2014). Governments face many contemporary threats from political differences, terrorism, epidemics to war. Even though not a problem 20 years ago, the concept of cyberwarfare is now among the most significant problems, governments face. Although it has existed for a short period, most cyber operations are relatively secretive, making the use of cyberweapons much more effective (Mazanec & Thayer, 2015). The increase in cyber-attacks is primarily because cyber-attacks are much convenient, cheaper, and less risky than physical attack; beyond internet connection and a computer, criminals behind cyber-attacks only incur a few costs. These cybercriminals are neither constrained by distance nor geographical location. The anonymous nature of the internet also makes it challenging to identify and prosecute the crimes committed.
Cybersecurity concerns itself with understanding the different issues surrounding cyber-attacks and defense strategies meant to prevent or protect the integrity, confidentiality, and availability of information or digital technologies. Confidentiality refers to the prevention of the disclosure of privileged information to unauthorized systems or persons. Integrity refers to the prevention of any deletion or modification of data in an unauthorized manner. Availability refers to the assurance that the systems responsible for storing, delivering and processing data are readily accessible to anyone who needs them.
In cyberspace, according to many experts, the key choice of weapon used to carry out malicious intends to cybersecurity breaches is malware (Jang-Jaccard & Nepal, 2014). This is a broad class of attacks loaded onto a system to compromise the system to benefit the cybercriminal. This class of attacks is typically loaded without the authorization of the legitimate owner of the system. Some of the well-known malware classes include bot executables, spyware, Trojan horses, worms and viruses. Malware affects systems in various ways. They can trick the users into opening tainted files, alluring them to visit websites propagated by malware or actually propagating from infected machines. Malware may infect machines through USB drives; they may load themselves in these drives from infected machines and subsequently infect other devices in which the USD drives are inserted. The malware victims include process control systems, end-user systems, network devices such as switches and routers, and servers.
Many defense mechanisms against cyber-attacks utilize anti-virus software and firewalls. These perimeter defense mechanisms intercept and examine any traffic coming in and ensure no malware attempting to penetrate the systems. This perimeter defense model is generally accepted because it is far more comfortable and less costly than securing large volumes of applications or large numbers of internal networks. The combined efforts of the perimeter defense strategy are ineffective against the sophistication and evolving advancement of malware. This ever-evolving malware always seems to find ways in which it can infiltrate the defenses. The exploitations caused by malware occur in three distinct layers: Network, hardware, and software.
Conclusion
The explosive growth of internet interconnections and information technology systems has led to the growth and evolution of cyber-attack incidents with grievous and disastrous consequences (Jang-Jaccard & Nepal, 2014). In cyberspace, malware is the fundamental choice of weapon used to carry out these malicious incidents. These crimes revolve around exploiting the already existing loopholes in Cybersecurity or the utilization of new and unique emerging technologies. Consequently, there is a need to develop more effective and innovative malware defense mechanisms in the cybersecurity community. Although there are various systems used in instances of incidents, such as NIMS and ICS, there should be stringer mechanisms to prevent the occurrence of cyber-attacks and other threats to cyberspace. To help achieve this goal, it is crucial to look at the most exploited vulnerabilities in the existing layers and the new attack patterns witnessed in different emerging technologies such as smartphone technology, social media, critical infrastructure, and cloud computing.
References
Brady, K. (2015). Secure Management of American Borders in the Modern Era: Developing an Evolving Strategy. Pennsylvania State University.
Brady, K. (2016). Comprehensive Homeland Security: Developing a Domestic Protection Force for the United States. Journal of Homeland Security and Emergency Management.
Burgiel, S. (2020). The incident command system: a framework for rapid response to biological invasion. Biological Invasions, 155-165.
Carroll, S. (2017). A Comprehensive Definition of Technology from an Ethological Perspective. Social Sciences.
Department of Homeland Security. (2019). Cybersecurity and Infrastructure Security Agency Organizational Chart.
Federal Emergency Management Agency. (2017). National Incident Management System. Department of Homeland Security.
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in Cybersecurity. Journal of Computer and System Sciences, 973-993.
Mazanec, B., & Thayer, B. (2015). Cyberspace and Cyber Warfare. Deterring Cyber Warfare: Bolstering Strategic Stability in Cyberspace, 11-28.
Morningstar, C., & Farmer, R. (2003). The Lessons of Lucasfilm’s Habitat. The New Media Reader. Wardrip-Fruin and Nick Montfort: The MIT Press.
Spinello, R. (2014). Cyberethics: Morality and Law in Cyberspace. Jones & Bartlett Publishers.