Aunshul Rege

Not biting the dust: using a tripartite model of organized crime to examine India’s Sand Mafia

ABSTRACT India’s Sand Mafia, which illegally mines sand for construction, generates approximately USD 17 million per month in revenues. Despite the devastating environmental, physical, and economical harms caused, there is a dearth of criminological research on this organized crime group. This paper develops a tripartite model of organized crime that is used to explore the Sand Mafia’s modus operandi, modus vivendi, and modus coordināti. It conducts document analysis of 75 media and environmental documents published between 2010 and 2015. This group operates as numerous, fragmented structures with transient memberships, and uses violence, political affiliation, and regenerative properties to ensure continued operation. Other factors, such as inadequate manpower, poor enforcement, rapid economic development, and limited acceptance of alternatives to sand, collectively compound the problem of illicit sand mining. Recommendations for alleviating the problem, such as imposing stricter regulations, implementing an independent regulatory body, and empowering local residents, are also examined. Future lines of research inquiry, such as conducting harms analysis via multidisciplinary research, are also offered.

Organization, operations, and success of environmental organized crime in Italy and India: A comparative analysis:

Despite the devastating short- and long-term consequences of resource-related environmental crimes, rampant illegal soil and sand mining continues worldwide. In countries such as India and Italy, organized crime groups have emerged as prominent illegal suppliers of soil and sand. The proposed study focuses on an understudied research area at the intersection between organized crime and environmental crimes, and offers a trans-comparative study of illegal soil and sand mining conducted by Indian and Italian organized crime groups with two main objectives. First, a comparative analysis of the organizational mechanisms, operational practices, threat management, and supporting cultural, regulatory, and policing factors is conducted. Second, a discussion of how these groups reflect mainstream models and theories of organized crime is offered.

A temporal assessment of cyber intrusion chains using multidisciplinary frameworks and methodologies

Current approaches to cybersecurity are response-driven and ineffective as they do not account for adaptive adversarial behavior and dynamic decision-making. Using empirical evidence of observations done at the US Industrial Control Systems Computer Emergency Response Teams (ICS-CERT) Red Team-Blue Team cybersecurity training exercise held at Idaho National Laboratory (INL), this paper identifies how adversaries carry out, and adapt during, cyberattacks. This paper employs a unique mixed methods approach of qualitative observations and quantitative data science to address three objectives: (i) providing a quantitative framework for temporal analysis of the cyberattack processes by creating a time series representation of the qualitative data, (ii) employing data science methods, such as hierarchical clustering analysis, on the generated time series data to complement and supplement our understanding of cyberattack processes, and (iii) understanding how adversaries adapt during the disruptions by defenders.

Adversary dynamics and smart grid security: A multiagent system approach

Power grid is the backbone of infrastructures that drive the US economy and security, which makes it a prime target of cybercriminals or state-sponsored terrorists, and warrants special attention for its protection. Commonly used approaches to smart grid security are usually based on various mathematical tools, and ignore the human behavior component of cybercriminals. This paper introduces a new dimension to the cyberphysical system architecture, namely human behavior, and presents a modified CPS framework, consisting of a. cyber system: SCADA control system and related protocols, b. physical system: power grid infrastructure, c. the adversary: cybercriminals, and d. the defender: system operators and engineers. Based on interviews of ethical hackers, this paper presents an adversary-centric method that uses adversarys decision tree along with control theoretic tools to develop defense strategies against cyberattacks on power grid.

Factors Impacting Attacker Decision-Making in Power Grid Cyber Attacks

For several years, security experts and government officials have been warning about a “Cyber Pearl Harbor” – a cyber attack on the nation’s power grid. Current cyber security research focuses on the tactical aspects of infrastructure attacks and views attackers as passive agents, downplaying their strategies. The research only minimally incorporates the human element, which limits the understanding of cyber attacks on the critical infrastructure.

Using a Real-Time Cybersecurity Exercise Case Study to Understand Temporal Characteristics of Cyberattacks

Anticipatory cyber defense requires understanding of how cyber adversaries make decisions and adapt as cyberattacks unfold. This paper uses a dataset of qualitative observations conducted at a force on force (“paintball”) exercise held at the 2015 North American International Cyber Summit (NAICS). By creating time series representations of the observed data, a broad range of data mining tools can be utilized to discover valuable verifiable knowledge about adversarial behavior. Two types of such analysis discussed in this work include clustering, which aims to find out what stages show similar temporal patterns, and peak detection for adaptation analysis. Collectively, this mixed methods approach contributes to understanding how adversaries progress through cyberattacks and adapt to any disruptions they encounter.

Incorporating the human element in anticipatory and dynamic cyber defense

Advanced Persistent Threats (APTs) use sophisticated cyberattacks to disrupt a nations critical infrastructure. Conventional cyberattack management is response-driven, which (while important) is ineffective, especially in managing APTs. There is an immediate need for anticipatory defense measures that reflect the adaptive nature of this new breed of adversaries. This paper identifies five main research areas that need immediate attention. Using a criminological framework and empirical evidence of observations and interviews done at Industrial Control Systems Computer Emergency Response Teams (ICS-CERT) Red/Blue cybersecurity training exercise held at Idaho National Laboratory, this paper argues that understanding how adversaries adapt at various points in the intrusion chain is crucial in profiling APTs and developing anticipatory cybersecurity measures. The paper offers recommendations for further research and the relevance of multidisciplinary collaboration.

Assessment of Group Dynamics During Cyber Crime Through Temporal Network Topology

Understanding group dynamics can provide valuable insight into how the adversaries progress through cyberattacks and adapt to any disruptions they encounter. However, capturing the characteristics of such dynamics is a difficult task due to complexities in the formation and focus of the adversarial team throughout the attack. In this study, we propose an approach based on concepts and measures of social network theory. The results of experiments performed on observations at the US Industrial Control Systems Computer Emergency Response Team’s (ICS-CERT) Red Team-Blue Team cybersecurity training exercise held at Idaho National Laboratory (INL) show that the team dynamics can be captured and characterized using the proposed approach. Moreover, we provide an analysis of the shifts in such dynamics due to the adversarial team’s adaptation to disruptions caused by the defenders.

Using a critical infrastructure game to provide realistic observation of the human in the loop by criminal justice students

Understanding human behavior is crucial in anticipating adversarial actions during cyberattacks. The Criminal Justice (CJ) discipline offers the necessary frameworks to unpack the complex facets of adversarial behavior and movement, and should therefore be leveraged for their possible contributions to the area of proactive cybersecurity. Yet the discipline remains weak at training current and future CJ workforce on these matters in a hands-on manner. This paper presents a cybersecurity training exercise where a power grid simulator is used to educate CJ students via experiential learning about concepts of cyberattacks and cybersecurity as well as exposing them to doing hands-on cybersecurity field research. The paper reports on Game use as an important opportunity to observe humans put under additional stress in operating conditions. The paper discusses what CJ students learn from multidisciplinary simulation-based exercises, the challenges and limitations they face, and how training this workforce could help contribute towards proactive cyberdefense of critical infrastructure.