NATO has designated cyberspace as a domain of warfare and recognized that an adversarial cyber campaign could trigger the Alliance’s collective defense mechanism under Article 5. Given the complexities of cyberattacks and the difficulties of designing an effective response, it is unknown whether and what kind of cyberattack(s) might trigger
a collective defense response from the Alliance.

Today cyberspace is a one military domain. The new cyber capacities of armed forces create new possibilities to achieve the goals of war. These new and advanced cyber capabilities are a part of the new non-kinetic environment where cyber operations are used in combination with information warfare (IW) and electronic warfare (EW). These non-kinetic operations are used with lethal weapons systems to produce an operational advantage. This article is a preliminary review of cyber operations in the Ukraine conflict. The article reviews the balance between defense and offense in cyberspace, the utility of offensive cyber operations, and the requirements for effective cyber defence.

This article reports on the paired objectives of cyber efficiency and cyber resilience in evaluating how successful a digital system will be in accomplishing its functions, where efficiency in this context is defined as the ability to function successfully without waste and resilience is the ability of a system to deal with disruptive events.

How can a focus on socio-technical vulnerability and uncertainty make cyber security more resilient? In this article, authors provide a conceptual discussion of how to increase cyber resilience.

Russia’s cyberwar in Ukraine has been as reckless as its physical one. Its cyber-attack on satellites on the first day of fighting mistakenly spilled over into almost 6,000 German wind farms. It sprayed “wiper” malware across the country, irreversibly destroying data. And it directed attacks at civilian power and water infrastructure, adding to the misery of its shells and rockets. It has been one of the most intensive cyber-campaigns ever conducted—and perhaps the most irresponsible.

Cyber threat intelligence (CTI) is contextualised knowledge, built on information that is collected, processed, analysed, and disseminated to the right audience, in order to comprehend a malicious threat actor's motivation, goals, objectives, targets, and attack behaviours. The CTI value increases by the ability to be shared, consumed, and actioned timely, by the right stakeholders, based always on quality standards and parameters, which boost the cyber security community to understand how adversaries act and to counter the constantly emerging sophisticated cyber threats. In this article, along with the identification of research gaps, after a comparison between existing research studies in the similar scope of CTI evaluation and sharing mechanisms, we propose a blockchain-based cyber threat intelligence system architecture, which collects, evaluates, stores, and shares CTI, enabling tamper-proof data and exclusion of untrustworthy evaluation peers, while evaluating, at the same time, the quality of CTI Feeds against a defined set of quality standards. The evaluation of the data is performed utilising a reputation and trust-based mechanism for selecting validators, who further rate the CTI feeds using quality-based CTI parameters, while the consensus for preserving the fairness of the results and their final storage is performed via the recently introduced proof-of-quality (PoQ) consensus algorithm. The data, which are stored in the proposed ledger, constitute a reliable, distributed, and secure repository of CTI Feeds and contain their objective evaluation, as well as the performance of the validators who participated in each evaluation, while these data can be further used for assessing the reputation of CTI Sources. Finally, in order to assess the proposed system's reliability, integrity, and tolerance against malicious activities, the model is subject to a theoretical analysis using a probabilistic simulation, taking into account various aspects and features of the integrated mechanisms. The results show that the tolerance against malicious validators is acceptable, even when the ratio between legitimately vs. maliciously behaving validators is 1 : 50