cyber security

Understanding Cyber Warfare Through Frameworks

/ bugejajoseph / Leave a comment
Photo by Joseph Fuller on Pexels.com

Cyber warfare is a rapidly evolving field, and various frameworks have been developed to better understand and defend against cyber attacks. Several cyber kill chains have been developed to explain what an attacker might do. The most commonly used at present are the Lockheed Martin Cyber Kill Chain and the MITRE ATT&CK framework.

The Lockheed Martin Cyber Kill Chain is a seven-stage framework that describes the steps an attacker might take in a cyber attack. It includes stages for reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives. 

The MITRE ATT&CK framework is a comprehensive database of tactics, techniques, and procedures used by attackers that is organized into several categories such as initial access, execution, persistence, privilege escalation, defense evasion, credential access, discovery, lateral movement, collection, command and control, and exfiltration.

The Unified Kill Chain is a framework that combines elements from the Lockheed Martin Cyber Kill Chain, the MITRE ATT&CK framework, and other frameworks to provide a more comprehensive view of cyber attacks.  It includes eighteen attack phases, which are the steps a cyberattack may progress through.

Overall, cyber warfare is highly complex and requires extensive knowledge and understanding of the different frameworks and best practices for defending against attacks. By familiarizing ourselves with these frameworks, we can better prepare ourselves for the challenges ahead and ensure our networks remain secure.

Exploring the Interdependencies between AI and Cybersecurity

/ bugejajoseph / Leave a comment
Photo by Pixabay on Pexels.com

With the increasing prevalence of AI technology in our lives, it is important to understand the relationship between AI and cybersecurity. This relationship is complex, with a range of interdependencies between AI and cybersecurity. From the cybersecurity of AI systems to the use of AI in bolstering cyber defenses, and even the malicious use of AI, there are a number of different dimensions to explore.

  • Protecting AI Systems from Cyber Threats: As AI is increasingly used in a variety of applications, the security of the AI technology and its systems is paramount. This includes the implementation of measures such as data encryption, authentication protocols, and access control to ensure the safety and integrity of AI systems.
  • Using AI to Support Cybersecurity: AI-based technologies are being used to detect cyber threats and anomalies that may not be detected by traditional security tools. AI-powered security tools are being developed to analyze data and detect malicious activities, such as malware and phishing attacks.
  • AI-Facilitated Cybercrime: AI-powered tools can be used in malicious ways, from deepfakes used to spread misinformation to botnets used to launch DDoS attacks. The potential for malicious use of AI is a major concern for cybersecurity professionals.

In conclusion, AI and cybersecurity have a multi-dimensional relationship with a number of interdependencies. AI is being used to bolster cybersecurity, while at the same time it is being used for malicious activities. Cybersecurity professionals must be aware of the potential for malicious use of AI and ensure that the security of AI systems is maintained.

Courses Needed for a PhD: Exploring the Requirements at a Swedish University

/ bugejajoseph / Leave a comment
Photo by Kampus Production on Pexels.com

If you are considering a Ph.D., you may wonder what courses you should take. This is a common question, and the answer depends mainly on the particular university, department, and field of study. As someone who has studied at a Swedish university, I can offer some insight into this topic.

The first type of courses taken by Ph.D. students are those related to the subject of their studies. For example, a student studying Computer Science, with a specialization in cyber security, may take courses such as Advanced Cryptography, Advanced Network Security, and Security Protocols. These courses provide the student with the knowledge and skills necessary to apply their research to cyber security.

The second type of courses taken by Ph.D. students are those related to research methods. Research methods courses are designed to help the student develop the skills necessary to conduct research and interpret and communicate the results of their research. Some of the courses that Ph.D. students take in this area include Qualitative Research, Quantitative Research, Statistics, and Research Design. These courses help the student develop the skills and knowledge necessary to design and implement research projects and interpret and communicate their results.

The third type of courses taken by Ph.D. students are those related to the broader objectives of their Ph.D. These include courses such as Pedagogy, Leadership, and Professional Development. These courses are designed to help the student develop the skills and knowledge necessary to be successful in academia, such as the ability to teach, lead, and work with other professionals in the field.

A university often offers some, if not all, of the doctorate courses needed for a candidate to complete a Ph.D. However, it’s also feasible that the university will let the student attend classes or use research resources at other institutions. This is especially true if the student is pursuing a program that is interdisciplinary, in which they may need to draw on the resources and subject matter expertise of other institutions. Additionally, universities may offer online courses or allow distance learning, allowing students to gain their education from remote locations.

In conclusion, the courses taken by a Ph.D. student depend on the field of study, the university, and the department. Generally, courses related to the subject of their studies, research methods, and broader objectives are taken. These courses are necessary for the student to develop the skills and knowledge necessary to pursue a successful Ph.D.

Cybersecurity and the IoT: A Guest Lecture at Lund University

/ bugejajoseph / Leave a comment

Today, I was invited to give a two-hour guest lecture about cybersecurity and the IoT to Lund University students. I introduced students to some state-of-the-art attacks that target IoT devices, networks, and services.

Everything can be a target when connected to the Internet, from a benign-looking device like a smart light bulb to a sophisticated system such as an electric car. Most of these things (which are often called smart objects) tend to be connected to public clouds, making them prone to remote attacks, ranging from misconfiguration to hijacking of accounts to malicious insiders, and more.

I also highlighted that it appears to be a growing trend that fewer vulnerabilities are being reported by various nations than before, specifically fewer vulnerabilities being reported by China. This could suggest that certain nations are covertly stockpiling vulnerabilities in order to strategically exploit them, perhaps for espionage purposes, but also for more nefarious purposes.

Anyway, in case you want to learn more about cyber security and the IoT, you are welcome to get in touch.