Introduction
The exchange of intelligence data has many different functions, one of which is the prevention of all kinds of threats of various levels. Cyber threats are becoming an increasingly important task for information security every year. The rapid development of technology plays into the hands of both protection mechanisms and diversifies the actions of attackers. There are so-called Threat Intelligence Sharing Platforms (TISPs) that, along with CIT and blockchain, are promising developments for intelligence sharing (Bauer et al., 2020; Wu et al., 2019; Wagner et al., 2019). Given the high value of this information, a sufficiently high level of security is required. Awareness and knowledge in this area at the moment leaves much to be desired (Nussbaum, 2017). A major international crisis can arise when critical infrastructures are disabled at the state level and, therefore, security standards must be uniform and high. In these conditions of the new reality, when information technologies are an integral part of almost every aspect of human life, a unifying practice is needed at the international level.
There are a number of specific networks of critical data exchange functionality that have their own advantages and disadvantages. These may include MISP, OTX, and ThreatQ, but the complication lies not in the various alternatives and task functionality (Bauer et al., 2020). Legal features in the field of law, power and interaction with other countries can become part of the conflict situation in the management of this platform. Data integrity and security varies from country to country, which may differ on key issues, including the transfer and ownership of sensitive data (Tikk, 2020). The legal framework, being an obstacle, can serve as a symbol for the creation of common standards. Within the framework of cooperation between states, the chances of implementing interaction within a single platform are significantly increased in order to increase the responsibility of the parties and have the most secure channel for data exchange. Accordingly, this possibility will be evaluated in this work and potential future research, which will be described below.
Problem Statement
This problem is relevant in view of the significant improvement in the mechanisms of cyber attacks that can lead to data leakage, failure of critical systems and other negative consequences, which, due to the penetration of automation into everyday life, can pose a threat to a person (Bada & Nurse, 2020; Chigada & Madzinga, 2021). However, a universal platform for the transnational level does not yet exist. At the local level, the application of such concepts is seen, for example, in Ohio police departments, where the iLincs system operates (Business Editors, 2003). Communication with law enforcement agencies is implemented in such technologies within medicine, trade, and directly between the jurisdictions of this industry (Hickey et al., 2020; Lavorgna et al., 2020; Pickering & Fox, 2021). Each of the applications carries significant reasons that contribute, for example, to saving human lives, eliminating the possibility of fraud, and many others.
Given the above problems with the development of cyber attack mechanisms, the adaptation of this technology for international cooperation can greatly simplify and speed up communication between law enforcement agencies of different countries and, at the same time, attract the resources of all participants in the program to create a more reliable system protection. Otherwise, the critical infrastructure of individual states, which, as a rule, is closely connected with the economic and political situation in the country, may be at risk. These aspects, in turn, are formed, among other things, through interaction with other countries, including imports and exports, the securities and currency markets, supply chains, and much more. Each of these factors can become the target of a cyber attack, due to the significant integration of these processes into information technology, and therefore, the threat is facing many countries at once, and not just one. Cascading effects can have a negative and disruptive impact that must be avoided. Therefore, international law enforcement cooperation through advanced platforms for intelligence sharing should be considered.
Purpose Statement
The study is not limited to the presence or absence of the possibility of such application of technologies, the work will have to show the main mechanisms that implement this possibility. The purpose of this paper is to explain the reasons that speak for or against a given implementation, and to explore the methods by which the goals of their implementation can be presented. The global challenge lies in mitigating the consequences and preventing them completely through potential fruitful cooperation in the field of intelligence sharing security.
Hypothesis
The hypothesis to be either disproved or proven is that there is no possibility of international law enforcement cooperation through advanced intelligence sharing platforms due to technical and legal obstacles. The work will identify the main developments in the areas of cyberattacks and cybersecurity, data exchange platforms and relevant experience of successful or unsuccessful implementation of these technologies. Based on the review, the main research methods will be selected, which involve the involvement of stakeholders from different countries to discuss the possibility of using the proposed platforms. Previously, these platforms will be evaluated in independent experiments with already known cyber attacks on the manifestation of reliability and security in a quantitative form. The resulting information will then be offered to the management of various business corporations and, if possible, administrative units, which, based on a survey, will be able to evaluate the possibility of use.
Literature Review and Definitions
The exchange of intelligence data within the same country is usually carried out quite successfully due to the high consistency and uniform legislation between the bodies in question. At the international level, it is necessary to resort to some kind of interdepartmental instances, and if we talk about software, then third-party organizations that provide it (Tikk, 2020). MISP, OTX and ThreatQ stand out as the most commonly used platforms in the field (Bauer et al., 2020). First of all, it is necessary to consider these platforms for their reliability and security. First, there are several types of threat intelligence, including strategic, tactical, technical, and operational. As part of cybersecurity, a number of tests are carried out that can be implemented to test these systems. The listed representatives of the software, at the same time, are add-ons to existing systems both in medicine and in trade, where there may already be gaps for intruders.
As a consequence, engagement with law enforcement requires systems to be adapted. First of all, the review of the literature needs to address the relationship between law enforcement jurisdictions, where certain rules already exist. The exchange of information between central and regional authorities implies the transfer of important information, which is characterized by a high degree of confidentiality. Studies show that jurisdictional boundaries do not stop offenders from doing what they do (Pickering & Fox, 2021). At the same time, however, wide-ranging inter-agency collaboration has improved the organizational reporting process for more detailed and efficient agency operations (Pickering & Fox, 2021). Data exchange over a secure channel would be extremely useful. This is due to the fact that the transfer of personal information about suspects is a process that, on the one hand, should be significantly protected under the legislation on the dissemination of personal information, and on the other, could stimulate work and communication between authorities (Pickering & Fox, 2021). Features of the system will help eliminate various aspects of rivalry between departments and direct them towards a common goal.
These law enforcement reporting systems can contribute to medicine. The main problem identified in hospitals is related to the care of psychologically ill patients (Hickey et al., 2020). Therefore, the corresponding functionality of communication with law enforcement agencies can be used in many areas of human life. Data transmitted to hospitals is confidential, as it contains personal information about the person. Business companies may suffer losses when attacking cloud services or e-commerce programs (Couzigou, 2018). The losses are economic in nature and are often measured in financial terms, which can significantly increase the cost item (Couzigou, 2018). To deal with these incidents, it is proposed to introduce full control over potential autonomous cyber weapons, or to introduce a ban on them; simplifying the attribution of cyber incidents for simplified technical work; and create an international body and approve legislation at this level regarding cyber incidents (Chernenko et al., 2018). Consequently, the demand for such products exists and is dictated by the relevance even now, which requires only technical implementation and legal aspects of the consent of cooperation.
Research Methods and Design
To evaluate the two identified factors in the hypothesis, the study includes quantitative approaches. As a consequence, the results of the assessment of the technical side of the question and surveys should be checked using the t-test for the parameter of statistical significance. The chosen method prevails over others, such as ANOVA, in that it gives a more accurate estimate, but for fewer samples (Creswell & Creswell, 2017). The technical evaluation of the selected platforms will be carried out using the method of weighted voting by choosing the optimal solution for certain criteria. To implement testing, it is proposed to use penetration tests of all types, including internal, external, blind, double-blind and targeted (Fowler et al., 2018). Moreover, it is necessary to watch for potentially dangerous anomalies, which can include path traversal, arbitrary code execution, and third-party file reading (Fowler et al., 2018). Based on the results of this part of the study, a table will be compiled that will include the success of passing all tests from simple to complex with a certain weight, then the impact of the detected anomalies on the score obtained. Having determined the required number of degrees of freedom, a test of statistical significance will be carried out by t-test with the selected confidence interval.
Survey methods are encountered quite often in the sources reviewed in the literature review. This is due to the fact that questionnaires, first of all, provide an opportunity for quantitative interpretation of initially qualitative answers, and are convenient for remote interaction, which is critical in this study, since it requires work with international participants in the experiment. An important aspect is the preparation of a preliminary ethics form and question validation in order to avoid potential conflicts of interest and implement a fully responsible approach. Mixed and qualitative methods would require more sophisticated assessment tools, which would greatly increase the study time (Creswell & Creswell, 2017). As a result, it is proposed to compile a questionnaire in the form of statements, where each item should be evaluated on a Likert scale – from 1 to 5, where 1 reflects complete disagreement with the statement, and 5 – vice versa.
The questionnaire will be compiled based on the results of tests of the software in question. Then, in questions, the participants of the experiment will be offered the main identified minuses and pluses of the results obtained in the first part of the study in terms of the implementation of this software in their companies or law enforcement agencies. Questions will be divided into two groups in advance: those that affect the technical implementation aspect, and those that describe legal obstacles. As a result, the results will be tested with a t-test for statistical significance, as well as for an additional search for a correlation between the two delivered aspects. The study will make it possible to draw conclusions about the possibility or impossibility of creating such a system of communication and intelligence sharing between law enforcement agencies in different countries and possibly indicate the main reasons that hinder or facilitate implementation. The practical significance of the work will be to identify the best platform from the existing ones, as well as to be of a recommendatory nature for the relevant authorities to lobby for international standards in the field of cybersecurity.
Conclusion
In this work, the actual problem of the exchange of intelligence data between law enforcement agencies in different countries was identified, the reasons for potential obstacles to the creation of such a system were identified. Relevance is dictated not only by the title of this study, but goes beyond the boundaries of one industry in the field of medicine and trade. Based on these determinants, including technical implementation and legal issues, the design and methodology of the study was proposed in two stages. The first step is to identify the most stable and secure system for exchanging data around existing threats through a series of software tests and anomaly detection with further statistical interpretation by weighted voting. The second stage includes a questionnaire of various representatives of law enforcement agencies from different countries, where, on a Likert scale, they will be asked to evaluate various statements in favor of the two identified aspects. The result will be the most secure and effective platform for the exchange of intelligence data and an understanding of whether the obstacles found are an obstacle to the implementation of this system. Further research can identify other causes, focus on the technical part of the implementation and explore, for example, the cultural or social aspects of the problem.
References
Bada, M., & Nurse, J. R. (2020). The social and psychological impact of cyberattacks. In Emerging cyber threats and cognitive vulnerabilities (pp. 73-92). Academic Press.
Bauer, S., Fischer, D., Sauerwein, C., Stelzer, D., Breu, R., & Latzel, S. (2020). Towards an evaluation framework for threat intelligence sharing platforms.Cybersecurity and Privacy in Government.
Business Editors. (2003). Central Ohio law enforcement agencies implement new crime- fighting technology to improve cross-jurisdictional communication. Business Wire, 1–15.
Chernenko, E., Demidov, O., & Lukyanov, F. (2018). Increasing international cooperation in cybersecurity and adapting cyber norms. Council on Foreign Relations.
Chigada, J., & Madzinga, R. (2021). Cyberattacks and threats during COVID-19: A systematic literature review.South African Journal of Information Management, 23(1), 1-11.
Couzigou, I. (2018). Securing cyber space: the obligation of States to prevent harmful international cyber operations. International Review of Law, Computers & Technology, 32(1), 37-57.
Creswell, J. W., & Creswell, J. D. (2017). Research design: Qualitative, quantitative, and mixed methods approaches. Sage publications.
Fowler, D. S., Bryans, J., Shaikh, S. A., & Wooderson, P. (2018). Fuzz testing for automotive cyber-security. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W) (pp. 239-246). IEEE.
Hickey, W., C., King, J., Layne, H., Besler, C., Andrzejewski, V., & Gijada, J. (2020). Connecting law enforcement and emergency department providers to improve access to mental health services.Journal of Psychosocial Nursing and Mental Health Services, 58(8), 24–30.
Lavorgna, M., S. E., Pickering, B., & Neumann, G. (2020). Floraguard: Tackling the online illegal trade in endangered plants through a cross-disciplinary ICT-enabled methodology.Journal of Contemporary Criminal Justice, 36(3), 428–450.
Nussbaum, B. H. (2017). Communicating cyber intelligence to non-technical customers.International Journal of Intelligence and Counterintelligence, 30(4), 743–764.
Pickering, & Fox, A. M. (2021). Enabling collaboration and communication across law enforcement jurisdictions: Data sharing in a multiagency partnership.Criminal Justice Policy Review, 88740342110667.
Tikk, E. (2020). What do we talk about when we talk about international cybersecurity. In Routledge Handbook of International Cybersecurity (pp. 389-395). Routledge.
Wagner, T. D., Mahbub, K., Palomar, E., & Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions.Computers & Security, 87, 101589.
Wu, Y., Qiao, Y., Ye, Y., & Lee, B. (2019). Towards improved trust in threat intelligence sharing using blockchain and trusted computing. 2019 Sixth International Conference on Internet of Things: Systems, Management and Security.