This item has file attachments that are restricted and can only be viewed from the TU Delft campus network.
The number of cyber-attacks creates the realization that the vulnerability of critical infrastructures of a country are increasing. The numbers of cyber-attacks are so high that governments fear a cyber war. This makes it important for governments to prepare their nation for cyber war. To be able to make the right preparation and to design the right resilient systems it is necessary to know how dangerous other countries can be by measuring their offensive cyber warfare capabilities. This leads to the design of a model based on offensive cyber warfare attributes and public indicators for the assessment of offensive cyber warfare capabilities. The aim of this research is to provide an approach of a maturity model to assess offensive cyber warfare capabilities of countries based on public data, by which governments can make better decisions and policies to prepare themselves for cyber war.
The research has been started with an in depth desk research describing the process of cyber warfare, which resulted in a diagram with 6 categories. These categories have been defined based on some literature about traditional warfare and an analogy about individuals in war. The 6 categories describing the process are: Motivation, Channel, Target, Means, Method and Damage. This diagram shows the difference between traditional and cyber war. Only offensive cyber warfare attributes are specified in this diagram. This was necessary for finding the indicators for offensive cyber warfare capability. From these 6 categories only two have been used to define offensive cyber warfare capability. Motivation level does not contribute to capability level, but to the threat level. If one is motivated, it does not necessarily mean that one has the capability. The channel is the environment where the cyber attack is launched. Having access to the channel, having knowledge about it and skills for operating in this medium is necessary to launch a cyber attack. So channel is an important group to consider for assessing offensive cyber warfare capability. The Target actually does not decide on the capability of another. So this is not important for the design of the model. The Means are very important to assess the offensive capability level, because having the ability to create the means, having access to them and the ability to use them shows how capable one is. The Method is the way how the attack is performed for example from behind or from the front and thus is not contributing to the assessment of the capability level. Also Damage is not contributing to the capability of a country, because anyone can cause damage by hiring others. So based on this analysis Channel and Means are important for assessing the offensive cyber warfare capability level. Based on these 2 classification and their details in the diagram the indicators for offensive cyber warfare capability have been identified. This resulted in a theoretical model showing the relation between the indicators and the cyber warfare attributes. As data to direct indicators are limited, an approach of a model has been given based on proxy variable and indirect indicators for which data was available.
Due to limitation only an approach of a model for assessing offensive cyber warfare capability has been given, which is based on proxy variable and indirect indicators. The equation in this report is a first approach of a model assessing offensive cyber warfare capability, on which further research can be conducted.
The growth in capability level is described by maturity levels. There are 5 maturity levels defined for offensive cyber warfare capability based on the Channel and Means capability, which are: Beginners, Semi-intermediate, Intermediate, Semi-advanced and Advanced.
In chapter 1 an introduction has been given, describing the aim of this research, the research questions and the research methods. In chapter 2 the theoretical background has been built resulting in a diagram describing offensive warfare, maturity levels and a theoretical model for assessing offensive cyber warfare capability. Chapter 3 gives an approach of a model and the statistical analysis to be performed. Chapter 4 has been devoted on reflection and the report ends with conclusions and research relevance.