Strategy of the concept of cyber defense

The discussion of cyber defense strategies is about a variety of issues, among which the most important issue is whether the significance of the potential damage caused by cyber-attacks can justify the use of a complex system to enforce these two types of deterrence. Finding an answer to this question is difficult because the available information is negligible and is often provided by sources whose neutrality is uncertain. In fact, the severity of the dangers of cybercrime (or, in other words, the constant hostile acts affecting information systems globally) cannot be simply determined.

But based on the evidence available, there have been significant cyber-attacks since 2007 (including deep-seated spyware interventions), all of which indicate cybercriminals that are more abusive Malicious actors are placed; while information and communication systems in their everyday activities have a very sensitive place to carry out physical and material operations, store confidential and personal information or exchange information between actors at distances.

In contrast to this wide range of malicious activities, the first issue that comes to be identified is the overall role that cyber oppression can have.

In some circumstances, a state that has used the infrastructure and equipment used to carry out malicious acts is also responsible for the charges and charges. Thus, in countries where there are no judicial authorities to identify and prosecute cybercriminals or cybercriminals, some actions cause them to be identified as responsible or co-sponsors of a cyber-attack. Thus, governments, as well as groups providing hacker refuge services or facilitating their operations in the attack, can be held responsible.

Governments that refuse to cooperate in conducting criminal investigations on their territory are also partly responsible for the attack. In fact, in some cyber-attacks, we find that some malicious acts do not occur without the participation, support, tactical agreement or even lack of corrective / defense measures by governments. Some experts in the field believe that hacking groups that are capable of producing long-term effects with remarkable results apparently benefit from technical assistance from governments; these groups, even if they are not affiliated with the state, are legally endorsed and supported by that government. Relying on this argument, we conclude that governments are the only cyber-sponsors and directors, which justifies coping operations. This argument supports symmetric countermeasures, to justify attacks on infrastructures or sensitive information systems.

However, the lack of a universal convention for cybercrime still makes it difficult to use these arguments. On the other hand, conflicts between national judicial approaches, such as the existence of a law protecting citizens’ digital data, can lead some governments to refrain from cooperating in this area. Finally, I cannot ignore the possibility of first and second type errors:

– Failure to operate equipment, in particular software, may produce results that are comparable to the effects of an attack or a technical or logical disruption. Additionally, some hackers (in coincidence) may be in a situation where they have more effects than they expect or are in their power.

– The development and development of technical equipment can facilitate investigation and investigation of the attack. The ability of governments to intercept the root of the attack, identify operational practices (and, if possible, re-create them), decrypt codes and software used in an attack; and, in parallel, access to human and technical resources (in particular, in Computational Power or Technical Knowledge Areas) is still on the rise. However, along with these technical advances, the power of hacking groups to expand attacks and sabotage is also increasing, but technical and humanitarian privileges are potentially available to governments, and if governments can benefit from these privileges the most effective syntax will make it easy to identify authorities and actors.

It should be kept in mind that defense equipment that provides coping responses against malicious actors should generally be cyber-threats and their effects have been appropriate to the attack, but the answer to some of the invasions should not be the option to remove the asymmetric equipment. The use of physical, financial, or judicial countermeasures must be viewed more than anything else against actors with limited cyber-interests. Paying attention to the features of cyberspace will require us to reorganize our efforts in this regard, in order to pave the way for the emergence of a defense strategy based on credible defensive measures and methods of threat with defensive characteristics.

For this reason, at the executive level, it is better to apply methods that allow the synchronization of all cybercriminal actions and programs of different departments. It should also ensure strategic navigation and the necessary political rule for all defensive and aggressive equipment. This hierarchy should lead to the definition of the rules for the deployment and conditions of the use of cybercrime as well as the coordination of surveillance and alert activities.

Sajad Abedi
Sajad Abedi
National Security and Defense Think Tank