Cyber influence defense: Applying the DISARM framework to a cognitive hacking case from the Romanian digital space

Applied Cybersecurity & Internet Governance Pub Date : 2024-07-10 DOI:10.60097/acig/190196

Alina Bârgăoanu, Mihaela Pană

{"title":"Cyber influence defense: Applying the DISARM framework to a cognitive hacking case from the Romanian digital space","authors":"Alina Bârgăoanu, Mihaela Pană","doi":"10.60097/acig/190196","DOIUrl":null,"url":null,"abstract":"One of the main lessons learned in the context of Russia’s\nfull-scale invasion of Ukraine starting in February 2022 is that for-\neign information manipulation and interference (FIMI) operations\nare closely coupled with cyber threats. Regardless of whether\ncyberattacks are followed by an information manipulation compo-\nnent and vice versa, the merger of the two can be an early indica-\ntor of the potential for a conflict to escalate from the cyber area\nto the ground. Our article is premised on the idea that today’s\nhighly technologised information ecosystem is a fertile ground for\ncyberattacks and information manipulation in the context of FIMI;\nmore specifically, it enables cognitive hacking, meaning hacking\nthe human mind and human cognition altogether through techno-\nlogical disruption and cyber pressure. Starting from this premise,\nthe aim of the article is to highlight the technological determi-\nnants of cognitive hacking and identify silent or emerging threats\nthat bypass technological sensors and seek to disrupt and manip-\nulate the information environment. The empirical part is based on observation as a descriptive method, which is used to analyse\na case of cognitive hacking carried out via a YouTube malvertis-\ning campaign targeting Romanian users. This case study is anal-\nysed qualitatively by matching the DISinformation Analysis & Risk\nManagement (DISARM) framework with evidence collected through\nOpen-Source Intelligence (OSINT) tools, following an innovative\nanalysis structured according to the purposes, actions, results and\ntechniques (PART) model. The extensive analysis of the identified\ncase shows that applying the DISARM framework to cyber-enabled\noperations can be useful for anticipating and responding to FIMI\nthreats, even when such operations do not appear to have a spe-\ncific, immediately identifiable purpose.","PeriodicalId":123092,"journal":{"name":"Applied Cybersecurity & Internet Governance","volume":"23 8","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied Cybersecurity & Internet Governance","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.60097/acig/190196","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

One of the main lessons learned in the context of Russia’s full-scale invasion of Ukraine starting in February 2022 is that for- eign information manipulation and interference (FIMI) operations are closely coupled with cyber threats. Regardless of whether cyberattacks are followed by an information manipulation compo- nent and vice versa, the merger of the two can be an early indica- tor of the potential for a conflict to escalate from the cyber area to the ground. Our article is premised on the idea that today’s highly technologised information ecosystem is a fertile ground for cyberattacks and information manipulation in the context of FIMI; more specifically, it enables cognitive hacking, meaning hacking the human mind and human cognition altogether through techno- logical disruption and cyber pressure. Starting from this premise, the aim of the article is to highlight the technological determi- nants of cognitive hacking and identify silent or emerging threats that bypass technological sensors and seek to disrupt and manip- ulate the information environment. The empirical part is based on observation as a descriptive method, which is used to analyse a case of cognitive hacking carried out via a YouTube malvertis- ing campaign targeting Romanian users. This case study is anal- ysed qualitatively by matching the DISinformation Analysis & Risk Management (DISARM) framework with evidence collected through Open-Source Intelligence (OSINT) tools, following an innovative analysis structured according to the purposes, actions, results and techniques (PART) model. The extensive analysis of the identified case shows that applying the DISARM framework to cyber-enabled operations can be useful for anticipating and responding to FIMI threats, even when such operations do not appear to have a spe- cific, immediately identifiable purpose.

查看原文本刊更多论文

网络影响防御：将 DISARM 框架应用于罗马尼亚数字空间的认知黑客案例

俄罗斯从 2022 年 2 月开始大规模入侵乌克兰，从中汲取的主要教训之一是，外国信息操纵和干扰（FIMI）行动与网络威胁密切相关。无论网络攻击之后是否会有信息操纵行动，反之亦然，两者的结合都是冲突可能从网络领域升级到地面领域的早期迹象。我们这篇文章的前提是，当今高度技术化的信息生态系统是在 FIMI 背景下进行网络攻击和信息操纵的沃土；更具体地说，它使认知黑客（cognitive hacking）成为可能，即通过技术逻辑破坏和网络压力完全入侵人类思想和人类认知。从这一前提出发，文章旨在强调认知黑客的技术决定因素，并识别那些绕过技术传感器、试图破坏和操纵信息环境的无声或新兴威胁。实证部分以观察作为描述性方法，用于分析一个通过针对罗马尼亚用户的 YouTube 恶意攻击活动进行认知黑客攻击的案例。该案例研究采用创新的分析方法，根据目的、行动、结果和技术（PART）模型，将信息分析和风险管理（DISARM）框架与通过开放源情报（OSINT）工具收集的证据进行匹配，从而对案例研究进行定性分析。对已确定案例的广泛分析表明，将 DISARM 框架应用于网络行动有助于预测和应对 FIMI 威胁，即使这些行动似乎没有特定的、可立即识别的目的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Applied Cybersecurity & Internet Governance

自引率

0.00%

发文量