Ebook: Cybersecurity and Resilience in the Arctic

The editors would like to acknowledge the generous funding for January 2019 Advanced Research Workshop in Finland from NATO’s Science for Peace and Security Programme, which inspired this book. The editors also thank the many participants who attended this meeting and contributed their ideas to improve the international assessment and governance of Arctic resilience and cybersecurity.

Additional gratitude is due to the U.S. Army Engineer Research and Development Center, which supported Drs. Linkov and Trump in their work related to resilience of Hybrid Threats. The editors are thankful for the support of Dr. Ilker Adiguzel, who personally attended and opened the workshop in Rovaniemi.

We would like to acknowledge our internal production editors. Miriam Pollock spent considerable effort to prepare all chapters for submission. Additional support for internal editing and review is greatly appreciated by Kaitlin Volk. Trump, Hossain, and Linkov acknowledge and thank Mr. George Siharulidze, who crafted and illustrated several scientific figures for this work.

The editors are also grateful for Decision Partners, who provided administrative support for the workshop, and for the University of Lapland, who provided logistical and on-site support as hosts for the event.

The Arctic regions of the world have in recent years experienced an increase in human activity not seen before in modern times. Receding polar ice and climate change have contributed to the opening of new sea routes, creating opportunities in intercontinental shipping and tourism. Increased accessibility has enabled the extraction of natural gas and oil, metals, and other resources. The cold climate provides natural cooling for data centers and other computational facilities. Economic activities are coupled with the expansion of military and civilian infrastructure, including for telecommunications, scientific installations, ports, and other intermodal transportation facilities. Information technology promotes efficiency and technologies such as fiber optic cables, satellite communications, radio, and others enable accessibility to these infrastructures from locations outside the Arctic. However, the reliance on information and communication technology and the connectedness of most critical infrastructures (electricity, communications, information, financial and government services, etc.) result in new vulnerabilities exposed by natural disasters or environmental accidents and which adversarial agents can exploit. Cyber security and resilience play a central role in ensuring the safety and security of communities in this age of interconnectedness and big data. Due to their often remote and extreme conditions, Arctic regions face unique challenges of cyber security and resilience for their critical infrastructure. This chapter summarizes discussions and lessons learned from a working group at a NATO Advanced Research Workshop on Governance for Cyber Security and Resilience in the Arctic as it pertains to critical infrastructure, held in Rovaniemi, Finland on 27-30 January, 2019. It aims to provide perspectives on cyber security in the context of Arctic infrastructure from multiple disciplines, including engineering and computer science, international relations, social sciences, law, and governance. Each perspective identifies challenges and opportunities in cyber security and resilience, in particular ones characteristic to Arctic regions. This includes documenting available theory and methods, including analogous methods from other fields, and describing data availabilities and needs. Lessons are derived from past and ongoing scenarios and incidents and methods for forecasting emerging and future scenarios are reviewed. Recommendations for research and practice to increase the cyber security and resilience of infrastructure are provided.

Information and communication technology is widely adopted in modern ships to manage and control a wide range of subsystems such as those that control navigation and access to ship or to entertain people on board. Furthermore, to maximize efficiency and saving, all these systems are interconnected to the Internet and accessible from remote locations. The reliance on information and communication technology and system interconnection results in new vulnerabilities exposed to adversarial agents. The system interconnection also blurs the distinction between safety and security because am attack on one of the two properties may have a side effect on the other one. We briefly review the cyber risk posed by the increasing adoption of the Industry 4.0 technology in the maritime sector and discuss how the existence of several IT and OT components may increase the resulting risk. We briefly review some strategies to analyze possible attacks and describe an automated solution to assess and manage the overall resulting risk. Lastly, we discuss a risk assessment and management of a real ship and a strategy to increase the ship resiliency.

Almost all services and most traditional services are now totally dependent on the digital environment. Few users are aware of the revolutionary nature of modern technology. Every day we use real-time access to existing digital services in our home country and social media (SoMe) to communicate with friends locally or elsewhere in the world. We can communicate with them in real time with text messages or even through real-time video feeds. People have the choice of millions of movies to watch at anytime, anywhere. Modern communications systems like satellites and submarine optical cables system connect data centers and data networks of different continents together, enabling real-time communications throughout the world. We can order different goods from all over the world, pay the invoices electronically and have the goods delivered to our door. Companies use the same channels of communication for daily communications, trading, sending invitations to tender, and transferring money through banks in real time.

As a result of these developments, people and systems produce huge amounts of data which needs to be processed and stored. However, the technical solutions for all of these new service environments are not yet in line with international standards and their connections to telecommunications and service networks are very diverse. Technically outdated solutions and new technologies are often used simultaneously. Future information and communication systems need to be designed and adapted to work in this challenging business environment where security threats and cybercrime are constantly present. Each function has its own service and communication needs depending on the user group. These groups include design and maintenance staff, financial management staff, telecom operators, service provider staff, virtual service providers and operators, administrative agents, indigenous peoples, immigrants, manufacturers, banks, etc. To date no other technology has had such a strategic impact on our society as submarine optical cable systems, and at the same time has remained so poorly understood among the general population. This is especially true even if we were to talk about the communication systems in the Arctic, systems which are a very tempting target for hackers and state actors who seek to use the undersea cables and nets that connect the continents to each other or to different parts of the Arctic communities.

Threats such as attackers, accidents, wear and tear, and natural forces make analytics for resilience a challenging task. The arctic region presents distinct resilience challenges compared to other regions of the world. Threat detection and mitigation become particularly challenging when considering regional influence such as: a cold climate, climate change, harsh weather, a lack of fast access to real-world resources, a sparse distribution of technologies including telecommunications towers/cables and real-world sensors in networks, a lack of fall back and recovery options, large distances between technologies and civilisation, as well as winter darkness. The purpose of this chapter is to provoke a discussion on analytics and decision-making challenges for resilience in the arctic, and how these might be addressed by current research in the academic space. Specifically, this chapter outlines a number of academic works for situational awareness and decision-making support including tools and methods to improve resilience of organisations, infrastructures and missions. I discuss how these works might be applied in the arctic, as well as the challenges in doing so.

Smart Grids is an emerging technology promising significant changes in the economy and the social sphere all over the world. Arctic region turns on a rapid transformation in its energy sector from being a consumer of electricity to producing, sharing, and storing energy deploying smart grid infrastructure. With that, due to often remote and extreme conditions, cybersecurity is one of many challenges in leveraging energy grids in the Arctic. Considering recent hackers’ attacks on energy grids and taking into account the distributed structure of these systems, the use of traditional means of computer protection and the search for a crime figure becomes more difficult or impossible. This chapter summarizes our previous work and the findings from a working group at a NATO Advanced Research Workshop on Governance for Cyber Security and Resilience in the Arctic as it pertains to critical infrastructure, held in Rovaniemi, Finland on 27–30 January 2019. It aims to introduce some application areas of smart grid security and forensics, discuss the opportunities, and outline the open issues in the topic. The several problems that may arise during the forensics process in smart grids and practical recommendations for their resolving are also discussed. According to recommendations of the UK National Cyber Security Center, we follow a four-step procedure to analyze logging architectures and highlight some issues related to the Chain of Custody (CoC) process. We also discuss challenges for forensic in smart grids in connection with a blockchain and propose a decentralized transaction platform based on blockchain tailored to the energy sector with all the latest technology such as advanced metering infrastructure, distributed generation, etc. Some aspects of developing a cyber-forensic framework for cyber-crime investigation based on the smart grid network data are also discussed.

The nature of cyber risks is distinctly different in several dimensions from other risks in shipping and transport. This article explores these differences and describes the results of a research process to categorize published literature about cyber-risks in supply chain and shipping, through a framework called the Wave Analogy of Resilience. By using this wave analogy, this article describes a way of organizing this categorization, and describes how it can be used to understand both how a shipping system failure results in a cyber-attack, and how this cyber-attack will increasingly affect areas in the shipping system, from operational to strategic, until the attack is stopped.

The process of using blockchain technology to ensure cybersecurity in the Arctic is considered. The most common methods of using blockchain technologies in the modern market of information technologies are analyzed. The prospects of its development and the possibility of combining various types of system architectures are highlighted. Smart contracts on the blockchain are considered. Attention is drawn to the use of cryptographic algorithms in technology.

Ensuring a reliable and efficient supply chain is imperative to an organization’s mission. Disruptions to the supply chain can harm organizational performance, and improving resilience can minimize such harm. This paper conducts a bibliometric and thematic review of supply chain resilience literature focused on modeling; placing supply chains in the context of the broader system where they operate. Resilience is defined based on system evolution (plan, absorb, recover, adapt) in response to threats and the threats’ effects on components of the supply chain sub-systems (production, transportation, command and control). The results show that most reviewed papers investigated either all phases of resilience for incomplete supply chains or components of resilience for whole supply chains, but not both. This paper argues that improving supply chain resilience requires looking at more than a set of locations and steps in production, but also requires a system representation of the multiple networks and decision tools that determine how goods travel between locations.

To engineer a more defensible and survivable system, resiliency metrics must be current and provide relevant and practical measurement objectives to understand business impact from secure and resilient systems. Although there are several industry Information Communications Technology (ICT) frameworks to measure resiliency, each are proprietary in nature requiring specific input variables with different purposes and intent within specific industries, technologies, or regulatory guidelines. This paper will address resiliency and the metrics attributes that may be considered for visual and statistical tracking and measurement.

Some historical information and photographs about Arctic exploration are presented. Formalized presentation of information security risk levels is considered. Linear random processes that can be used to constructed a cybersecurity system in the Arctic and some of their properties are presented Definitions and some properties of linear ARMA fields are also shown.

Arctic regions are gaining external attention as climate change and technology advancements expand opportunities for economic exploitation in such diverse domains as tourism, information technologies, and mining. Media coverage and political conflict meanwhile highlight ecological change such as melting glaciers and permafrost, shifting precipitation, and related ecological interactions. National and international efforts are underway to define and implement policies and to mobilize resources hoping to mitigate impacts, but Arctic citizens themselves represent the key to regional resilience in the face of such irreversible change to natural and socio-economic landscapes. This chapter transcends the predominate analytical domains of system dependencies and decision analysis to explore how people live and interact within their communities to sense, respond, recover, and adapt to their changing world; the essence of resilience. We show how important concepts of agency, creativity, hope, meaning, and reflexivity allow people to interact and synthesize effective place-based, resilient capacity.

This paper seeks to expand the scope of conceptualizing social resilience in the digital era. It examines emerging trends in how groups or communities, formally or informally associated, use the digital space in the recovery stages of disruptive events. While disruptive events or collective traumas can include environmental disasters, health epidemics, security or economic crises, the focus here is placed on collective social responses to hybrid threats. Hybrid threats combine online with offline destabilizing tactics that attack targets’ virtual or (physical) infrastructure, exploit psychological manipulation, political subversion and social polarization in order to expose targets’ vulnerabilities. The paper argues that the amorphous online character of hybrid threats solicits new responses and enhanced digital social resilience. Yet a conclusive concept of what digital social resilience means and how it manifests in practice is still lacking. Following a rigorous review of literature and case studies, findings in the paper identify three behavioral tendencies in how communities already use digital spaces and tools to respond to contemporary hybrid threats: i) collective mobilization, crowdsourcing and toolmaking, ii) emotive solidarity, and iii) restoration of morality quests. The paper then postulates that these observed forms of collective online behavior characterize and define emerging signs of social resilience in the contemporary online environment.