New Q&A with Alina Bârgăoanu and Mihaela Pană
ACIG editor Marek Górka talks to Alina Bârgăoanu and Mihaela Pană from National University of Political Studies and Public Administration, Bucharest, Romania
Marek Górka: How has Romania's cybersecurity policy changed after Russia's invasion of Ukraine?
Alina Bârgăoanu and Mihaela Pană: The hot conflict is unfolding right in the proximity of Romania, which makes us more aware and alert to the possible threats, not to mention that the kinetic part of the conflict is accompanied by all the actions pertaining to hybrid warfare: disinformation, propaganda, cyber-influence, algorithmic warfare, data and information harvesting, to name just a few. In such a context, a good cybersecurity policy means winning people over by making them see themselves as part of the solution, not the problem. It is common knowledge that cyber threats exploit human weaknesses in order to break in computer systems (thus seeking their technical disruption), the war unfolding in Ukraine has revealed that hostile cyber actions are also carried out for non-technical effects, such as creating panic, undermining trust and reputations, distracting attention, drying up resources and interfering with people's cognition by exploiting technological vulnerabilities. In line with such changed modus operandi, Romania has designed campaigns in order to increase cyber threat awareness among the general public and general awareness regarding disinformation and influence operations, blending the technological and social components into a holistic approach.
Marek Górka: How can information manipulation increase the threat level?
Alina Bârgăoanu and Mihaela Pană: A common cyber threat in this war on European Union's border has been Killnet, a network of cybercriminals who seek ideological revenge by targeting neighboring countries that support Ukraine. In fact, Killnet is almost literally about “killing the net” by undermining people's trust in technology, rather than merely exposing the inability of governments to protect digital services. The ability to use cyber threats such as social engineering in order to get access to cyber networks and then disrupt them is just as consequential as using disinformation in order to influence people's minds, attention and emotions. Both types of actions can be used by state and non-state cyber actors seeking to maximize their impact. Replace Killnet with any other cybercriminal organisation whose purpose is to disrupt social cognitive systems, such as Doppelganger. What they have in common is that they exploit the hyper-connectivity of the current digital ecosystem, its affordances, in order to disrupt, distract, disorient. One example of such digital affordances exploited for cyber and social harm alike is the “silent hacking” of online advertising platforms, which was the main focus of our research article published by your esteemed journal.
Marek Górka: What factors need to be in place for effective cooperation in cybersecurity in Central and Eastern Europe?
Alina Bârgăoanu and Mihaela Pană: You are touching an important point, meaning hybrid threats know no borders, whereas responses to these hybrid threats have been limited to national borders, and, inside such borders, to institutional and disciplinary ones. From our non-technical perspective, this silo-focused approach needs to change, meaning that cybersecurity governance need to overcome such physical, institutional or disciplinary borders. Effective cooperation and communication should involve various stakeholders, technical and non-technical alike, having in mind the fact that the final beneficiary of an effective cybersecurity governance is society at large. Early warning systems that cut across borders are a concrete example of how such governance might function for the benefit of society at large.
Marek Górka: How is cybersecurity education conducted at universities in Romania?
Alina Bârgăoanu and Mihaela Pană: In recent years, cybersecurity has become a familiar topic in all levels of education. It is generally understood as a crosscutting skill without which a robust professional and personal life can no longer be imagined. An IT career is highly praised by the Romanian youth, hence the popularity of IT degree programs with the Romanian polytechnic universities. What we would like to see in the future is more synergies between technical programs and social sciences programs, more cross-fertilization between strictly technical skills and knowledge of public opinion, social cognition and communication. This would be in line with the notion of cyber resilience, which is more comprehensive than the traditional one, that of cyber security. What is also needed is the lowering of the age when people are exposed to digital literacy skills, maybe even starting from primary or secondary education, again, with an equal focus on increasing technical awareness and the skills related to critical thinking and analysis.
Marek Górka: How has Romania's cybersecurity policy changed after Russia's invasion of Ukraine?
Alina Bârgăoanu and Mihaela Pană: The hot conflict is unfolding right in the proximity of Romania, which makes us more aware and alert to the possible threats, not to mention that the kinetic part of the conflict is accompanied by all the actions pertaining to hybrid warfare: disinformation, propaganda, cyber-influence, algorithmic warfare, data and information harvesting, to name just a few. In such a context, a good cybersecurity policy means winning people over by making them see themselves as part of the solution, not the problem. It is common knowledge that cyber threats exploit human weaknesses in order to break in computer systems (thus seeking their technical disruption), the war unfolding in Ukraine has revealed that hostile cyber actions are also carried out for non-technical effects, such as creating panic, undermining trust and reputations, distracting attention, drying up resources and interfering with people's cognition by exploiting technological vulnerabilities. In line with such changed modus operandi, Romania has designed campaigns in order to increase cyber threat awareness among the general public and general awareness regarding disinformation and influence operations, blending the technological and social components into a holistic approach.
Marek Górka: How can information manipulation increase the threat level?
Alina Bârgăoanu and Mihaela Pană: A common cyber threat in this war on European Union's border has been Killnet, a network of cybercriminals who seek ideological revenge by targeting neighboring countries that support Ukraine. In fact, Killnet is almost literally about “killing the net” by undermining people's trust in technology, rather than merely exposing the inability of governments to protect digital services. The ability to use cyber threats such as social engineering in order to get access to cyber networks and then disrupt them is just as consequential as using disinformation in order to influence people's minds, attention and emotions. Both types of actions can be used by state and non-state cyber actors seeking to maximize their impact. Replace Killnet with any other cybercriminal organisation whose purpose is to disrupt social cognitive systems, such as Doppelganger. What they have in common is that they exploit the hyper-connectivity of the current digital ecosystem, its affordances, in order to disrupt, distract, disorient. One example of such digital affordances exploited for cyber and social harm alike is the “silent hacking” of online advertising platforms, which was the main focus of our research article published by your esteemed journal.
Marek Górka: What factors need to be in place for effective cooperation in cybersecurity in Central and Eastern Europe?
Alina Bârgăoanu and Mihaela Pană: You are touching an important point, meaning hybrid threats know no borders, whereas responses to these hybrid threats have been limited to national borders, and, inside such borders, to institutional and disciplinary ones. From our non-technical perspective, this silo-focused approach needs to change, meaning that cybersecurity governance need to overcome such physical, institutional or disciplinary borders. Effective cooperation and communication should involve various stakeholders, technical and non-technical alike, having in mind the fact that the final beneficiary of an effective cybersecurity governance is society at large. Early warning systems that cut across borders are a concrete example of how such governance might function for the benefit of society at large.
Marek Górka: How is cybersecurity education conducted at universities in Romania?
Alina Bârgăoanu and Mihaela Pană: In recent years, cybersecurity has become a familiar topic in all levels of education. It is generally understood as a crosscutting skill without which a robust professional and personal life can no longer be imagined. An IT career is highly praised by the Romanian youth, hence the popularity of IT degree programs with the Romanian polytechnic universities. What we would like to see in the future is more synergies between technical programs and social sciences programs, more cross-fertilization between strictly technical skills and knowledge of public opinion, social cognition and communication. This would be in line with the notion of cyber resilience, which is more comprehensive than the traditional one, that of cyber security. What is also needed is the lowering of the age when people are exposed to digital literacy skills, maybe even starting from primary or secondary education, again, with an equal focus on increasing technical awareness and the skills related to critical thinking and analysis.
| eISSN: | 2956-4395 |
| ISSN: | 2956-3119 |
Publisher
NASK – National Research Institute
Kolska Street 12
01-045 Warsaw, Poland
www.nask.pl
E-mail: contact@acigjournal.pl
Kolska Street 12
01-045 Warsaw, Poland
www.nask.pl
E-mail: contact@acigjournal.pl
© 2006-2024 Journal hosting platform by Bentus
We process personal data collected when visiting the website. The function of obtaining information about users and their behavior is carried out by voluntarily entered information in forms and saving cookies in end devices. Data, including cookies, are used to provide services, improve the user experience and to analyze the traffic in accordance with the Privacy policy. Data are also collected and processed by Google Analytics tool (more).
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
