cyber infrastructure protection 2015 cyber security: a good defense is a cooperative international...
Post on 18-Jan-2016
221 Views
Preview:
TRANSCRIPT
Cyber Infrastructure Protection 2015
Cyber Security: a good defense is a cooperative
international deterrence capability
By:Haidar Chamas & Tarek Saadawi
City University of New YorkCenter for Information Networking
and Telecommunications (CINT)
All Rights Reserved 2015 1Center for Information Networking and
Telecommunications
All Rights Reserved 2015 2
Introduction and Background Cyber Security threats and challenges
New Cyber Security threat: Weaponized Internet
Proposed International Cyber Union Model ICU Structure Regional models International Cooperation and Trust Building
Automated Intelligent deterrence capability Conclusion
Outline
Center for Information Networking and Telecommunications
All Rights Reserved 2015 3
Global communication infrastructure accessible virtually from anywhere by anyone to share, exchange, or to download information online.
This infrastructure supports important commercial assets for conducting electronic transactions globally.
What is Cyberspace?
Center for Information Networking and Telecommunications
All Rights Reserved 2015 4
Protection mechanisms for the information that is stored or transported through cyberspace.
What is Cyber Security?
Center for Information Networking and Telecommunications
All Rights Reserved 2015 5
Exploiting system vulnerabilities Steal, misuse, or alter your information and credentials Own your system; create backdoor to install malicious code or malware
Growing Malware development Community Rise in attack tools complexities and resources Increase in malware code ≈ Increase in automation and acceleration of
attacks Determined Intelligent and sophisticated cyber criminals Improved processes and complexity
Makes it difficult for individuals to counter measure attacks
Rising market values for identity theft and stolen data Market Value…driven by Demand for types of data stolen
Type of Cybersecurity threats
Center for Information Networking and Telecommunications
All Rights Reserved 2015 6
The President, in Sep. 2015 said that Cybercrimes are: becoming the norm increasing in complexity and
sophistication presenting us with new challenges
Cyber-crimes and Cyber-threats
Center for Information Networking and Telecommunications
All Rights Reserved 2015 7
“NYPD computer system under daily attacks”Daily News, April 2009
The Internet Kill Switch: A Bill in draft mode proposes that the President of the USA “May declare a cyber-security emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal government or United States critical infrastructure information system or network” Network World, April 2009
Cyber Security Balancing Act: Government IT Pros face growing threats--- and compliance requirements Information Week, April 2009
“US is under cyber attack virtually all the time, every day”Secretary of Defense, Robert Gates, CBS 60 Minutes, April 2009
“Pentagon’s Computers invaded – design features of F-35 Jetfighter gleaned”
Wall Street Journal, April 2009
Headlines from CIP 2009 conference
Center for Information Networking and Telecommunications
All Rights Reserved 2015 8
Experian (T-Mobile) 15 million records
Donald Trump Hotels Ashley Madison
37 million records 10 thousand government officials
Office of Personal Management (OPM) 22 million records
Anthem health care 80 million records
Headlines from CIP 2015 Conference
Center for Information Networking and Telecommunications
All Rights Reserved 2015 9
CIP’15 cyberattacks headlines are not different from those in CIP’09;
they have increased five-fold, are more sophisticated, bolder, and becoming a threat to
global peace.
new game plan: think smarter, out of the box, and build a
global collaborative effort to effectively combat cyber-
threats.Center for Information Networking and
Telecommunications
All Rights Reserved 2015 10
International deterrence capability Laws and cooperation
The right tools that: Remedy user errors Ensure policies, implementations,
configurations are carried out correctly Protect sensitive data Provide relevant deterrence thru education
What is missing?
Center for Information Networking and Telecommunications
All Rights Reserved 2015 11
President Obama issued EO 13636 in 2013 to: take specific steps to improve information sharing with the
private sector raise the level of cybersecurity across our critical infrastructure enhance privacy and civil liberties
NIST released cybersecurity framework in response to President Obama EO to:
ensure America’s economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet.
The President’s Executive Order
Center for Information Networking and Telecommunications
All Rights Reserved 2015 12
Mr. Ash Carter indicated that the DoD Cyber Strategy sets clear and specific objectives for the DoD to achieve over the next five years and beyond. Primary missions include:
1. DoD must defend its own networks, systems, and information
2. DoD must prepare and be ready to operate in an environment where access to the Internet is contested
Secretary of the Defense DoD Cyber Strategy 2015
Center for Information Networking and Telecommunications
All Rights Reserved 2015 13
World Community under Threat
World Peace
CrosshairIn the Center for Information Networking and
Telecommunications
All Rights Reserved 2015 14
We are entering a new phase of cyber-threats and cyber-attacks having global impact on relations and economy increasing in complexity and sophistication presenting new challenges in detecting and
mitigating threats utilizing anonymous actors for hire expanding into military and weapons domains
New Threats: Weaponized and Militarized use of the Internet
Center for Information Networking and Telecommunications
All Rights Reserved 2015 15
Wanabee Hackers Organized Crime
Terrorists
Internal/External Agent
The Bad Guys with a mission
Hactivists
Center for Information Networking and Telecommunications
TOP
Secr
et
Trade
Secret
$$$
All Rights Reserved 2015 16
Exceptional Access channels: Law Enforcement channels and tapping tools Back Doors
Remote Access support: SOFTWARE MAINTENANCE Updates Technical support
Products & Marketing data collection
Using The Good Guys communication Channels
Center for Information Networking and Telecommunications
All Rights Reserved 2015 17
The world community needs to establish an International Cyber Union that will provide leadership in combating cyber threats. The ICU objectives are to promote cyber cooperation and data sharing on
attacks and mitigation, establish a set of cyber policies and laws, and collaborate on technology research and education.
Establish appropriate regions and determine their internetworking models in combating international cyber crimes: Regions may utilize the DNS registration model (ARIN, LACNIC, RIPE,
APNIC, AFRNIC) Region may super impose infrastructure and technology access means over
geographical boundaries (Americas, Africa, Europe, Arab States, East Asia & Australia & New Zeeland)
Regions can forge relationships based on their cybersecurity needs
What must be done!
Center for Information Networking and Telecommunications
All Rights Reserved 2015 18
ITU model: Africa, Americas, Arab States, Asia and Pacific,
Common Wealth of Independent States (CIS), and Europe
ICU models to consider? Combine Americas and Greenland? Combine Latin America with N. America? Create an Australia and New Zealand region (Oceana)? Keep CIS region part of Europe?
ICU Regional Models
Center for Information Networking and Telecommunications
All Rights Reserved 2015 19
ICU Regional ModelAmericas, Africa, RIPE, and AsiaPac
Center for Information Networking and Telecommunications
All Rights Reserved 2015 20
Promote international norms, open, and secure cyberspace Promote peaceful use of cyberspace and outlaw the use of
cyberspace as a weapon or for military gains Ensure a set of cyber policies, laws, and penalties, globally Promote cyber education, legal awareness, and best practices Investigate international cyberattacks as cybercrimes punishable
by laws regardless where the cyber crime is committed Impose appropriate penalties and award financial damages as a
result of cybercrime activity Promote cybersecurity research & standards (technical and
legal)
International Cyber Union:Mission
Center for Information Networking and Telecommunications
ICU Cyber Security Challenges
Security Policy &Administration
Regional Cyber
Laws
Sec
urity
Man
agem
ent
Technology Standards
RegionalInformation Sharing
Education
Local Laws
Tools
All Rights Reserved 2015 21Center for Information Networking and
Telecommunications
All Rights Reserved 2015 22
The Regional Cybersecurity Committee (RCC) Policies and Administration.
Promote global economic and e-commerce activity Improve cybersecurity communications and trust amongst
nations Outlaw use of Internet as weapon or military use
Technical Standardized cyber technology, best practices, education and
training Cyber monitoring, tracking, and identification Mitigation and prevention techniques
Legal Implement Cyber laws Develop global legal awareness Establish standardized Guidelines and penalties
Center for Information Networking and Telecommunications
All Rights Reserved 2015 23
Promote efforts to establish global laws: Cybersecurity laws and guidelines are quiet mature in the US
but they are not widely applicable internationally The Shanghai Cooperation Organization (SCO) in Asia have
highlighted the relationships and cooperation regarding IT, cyber norms, and cyber security as well it signifies the role of information and technology to promote economic and social development for all of mankind
European Union established the Cyber Crime Center (EC3) as the focal point for handling and responding to cybercrimes
ICU Cooperation and Trust building
Center for Information Networking and Telecommunications
All Rights Reserved 2015 24
ICU can play a leading role in promoting an intelligent deterrence capability utilizing existing efforts made by: Standard bodies leading cybersecurity activities: IEEE, ITU,
MITRE, NIST, ACM, and many more Computer Emergency Response Team Centers International cybersecurity consortiums such as defense
techniques of Consortium for Cybersecurity Action (CCA) formed by international agencies and governments to bring together & promote cyber security
Other consortiums: Center for Infrastructure Assurance and Security (CIAS), Cybersecurity Research Consortium (CRC) in the US, India’s Infosec Consortium (IIC), and Europe’s System Security (SYSSEC)
ICU intelligent deterrence capability
Center for Information Networking and Telecommunications
All Rights Reserved 2015 25
Encourage nations to cooperate with CERT centers and to build cybersecurity trust. Utilize ITU’s Global Cybersecurity index (GCI) score
(zero to one) to measure progress made by a nation’s based on five categories: Legal Measures Technical Measures Organizational Measures Capacity Building Cooperation
ICU Information sharing and trust building
Center for Information Networking and Telecommunications
All Rights Reserved 2015 26Center for Information Networking and
Telecommunications
All Rights Reserved 2015 27
Evaluate communication flow Inspect flow, isolate, re-direct, or analyze it Quarantine malicious traffic in real-time Share attack relevant data
Understand fully the behaviors of services and system interactions and develop models that offer: Object level abstraction Role based profile based authentication User dialogue with services via control and data layers Data and Level aware sensitivity Enforceable policies
Threat classification and taxonomy models Study of attack behaviors and countermeasures
Automated Intelligent Systems
Center for Information Networking and Telecommunications
All Rights Reserved 2015 28
We urgently need to establish the ICU to oversee Internet security globally.
Promotes cybersecurity standards and research Establishes minimum set of laws and enforce them
globally Provides a platform for international cooperation
Develop automated intelligent systems to identify and quarantine malicious traffic in real-time
Modeled on behavior of services and system interactions
Conclusion
Center for Information Networking and Telecommunications
top related