2. DEFINITION
• Any virtual conflict initiated as a politically motivated attack on an enemy's computer and
information systems.
• Any action of a nation-state to penetrate another nation’s computer networks with the purpose of
causing some sort of damage by stealing or altering classified data to undermine networks,
websites and services.
METHODS
• Espionage and/or security breaches: disable networks, software, computers or the Internet to
steal or acquire classified information from rival institutions or individuals for military,
political or financial profit.
• Sabotage: the use of the internet by one nation state to disrupt online communications systems
of another nation state, fuel, power and transportation infrastructures and generally its
operations and equipment
• Attacks on SCADA networks and NC
3. CYBERWARFARE AND ACTUALITY
Russia against Estonia in 2007
Iran against United States of America in 2012
• U.S.A 's financial institutions came under a sustained cyber attack through servers located around the world.
• Obama 's aggressive response. Assembled a coalition of 120 nations that voluntarily agreed to choke off the Iranian attacks and they passed
through their national network.
• America’s first sustained use of cyber weapons.
• U.S.A ordered increasingly attacks on the computer systems that run Iran’s main nuclear enrichment facilities.
• Obama is setting a global cyber security.
• U.S.A proposes ''The Cyber security and Internet Freedom Act of 2011'' and ''The National Strategy for Trusted Identities in Cyberspace
(NSTIC)'' .
• Granting President Barack Obama the authority to shut down the internet in the country in the event of a cyber attack and the second one
promote online trusted identity technologies.
• The first cyber - attack in recent history.
• An attack with political expediency.
• Estonia confers some of its territories to Russia due to Tartu Treaty in 1920 and Russia recognizes the Independent
State of Democratic Estonia.
• Their conflict continue regarding their frontiers.
• In 2007 governmental websites of Estonia, the biggest Mass Media and two of the most powerful Banks related to
telecommunication were attached by continuous - enumerated visits.
• Estonia supports that their conflict with Russia remains active and they are threaten by the Internet.
• But the guilty of Russia has not proved yet .
• Russia against Ukraine in 2008 and Poland .
4. Hama's cyber attack to Israel.
• Israel has deflected 44 million cyber-attacks on government websites.
• Israel avoid to name the responsible for this attack but in response in 2012 Israel hit an office building in downtown Gaza City used by the
television stations of Hamas and an Internet, computer services company which was also damaged, cutting connection to subscribers because
Israel claimed that it was the source of cyber attack's.
CONCLUSIONS
• Cyber warfare is a conventional warfare that threats the global economy with long-term damages.
• Economical impact: its damage can rise up to 200 billion Euro.
• The new terrorism with limited cost and great effectiveness.
• The new force of suppression that reinforce nation's power and their ability in negotiations in order to achieve their goals.
• Defense policy : cyber actions in order to unleashed their attach against their opponents by using the technology and information and not at
all they do not aim at eradicating these practices.
• Self defense: States protect their territories but rises concerns regarding the legitimacy and the limitation of the potential uncontrolled
reaction of States.
• Counterattacks influence the international relations and violates in some cases the human right.
5. CYBERCRIME IN GREECE
According to the latest report from Symantec data breaches increased by 67% in 2013 compared with 2012, ranking our country in
43th position in the field of cyber-threats. In 2013, Greece showed slight downward trend in terms of overall image in the sector of
online threats (Internet Security Threat), winning the 43th in the world rankings, while 2012 was the 42nd. One of the most important
countries of origin of targeted cyber attacks and online attacks during the first half of 2012 has been Greece, according to the
periodic report of the U.S. cybersecurity firm Symantec.
Specifically, in individual areas Greece was last year ranked 30th worldwide at the level of junk and malicious e-mail (spam) with
0.7% of the total messages "spam" internationally, and in 2012 Greece was in 29th place. In the activity of malicious code in 2013
the country was ranked 58th in the world rankings (with 0.2% of the total) while the 2014 was in 54th position. In hosting malicious
websites (phishing hosts), Greece was in 63rd place worldwide (from 60th in 2012), while the malware through e-mail was on
average about one in 719 (compared to a 392 which is the average worldwide).
THE CYBERATTACK RATE IN GREECE COMPARED WITH OTHER COUNTRIES
Our country, along with Poland (3.26%) were the major European countries, sources of such attacks over the internet.
The Greece was in eighth place worldwide between countries of origin of cyber attacks, with the first U.S. (31.27% and 9,859 attacks),
while the top ten consecutive complement Japan (17.78%), Malaysia (10.99% ), China (10.89%), Taiwan (9.97%), Singapore (5%),
Britain and Pakistan (1%). Regarding the target countries of line (on-line) attacks, in the main series were the: U.S., Britain, Japan,
France and Australia.
6. Use of Internet in Greece:
• 53.6% households with Internet Access
• 96.2% of them have broadband connection
55.1% access the Internet
55.5% use the PC
7. Internet Literacy in Greece
Penultimate position in Europe with online literacy just over 20%
Famous Cyberattacks in Greece
1. Anonymous attack the servers of Greece’s Finance Ministry
Activists associated with Anonymous targeted the servers of Greece's Finance Ministry for the third time this year in April, in
an effort to draw attention to the government’s plans to fight against tax evasion. The cyber-attack was triggered by the Greek
government's decision to track household bank accounts, credit cards and telephone lines in order to catch tax evaders and force
them to declare their tax statements. To them, you are just economic indicators, deficits and balance sheets -- but there are no
indicators for misery, a statement by Anonymous said on a finance ministry website. Anonymous launched Operation Greece in
January 2012 after the Greek government agreed to much-debated austerity measures in return for a bailout from Europe, and
also signed the controversial Anti-Counterfeiting Trade Agreement. We watch every day your government abolishing the
constitution and institutions of the country, said a statement announcing the cyber-attack. We watch them delivering the country
to the IMF and the bankers, Anonymous wrote. The Republic in Greece has died.
8. 2. Hacker group says attacks Greek official websites
(Reuters) - The Hactivist hacker group Anonymous said it had taken down a number of Greek government websites on Monday, on the
eve of a visit by German Chancellor Angela Merkel that is likely to be met by angry protests. Several government websites appeared to
go down briefly late on Monday, including those of the Citizens Protection Ministry, the police and the Ministry of Justice. A message
appeared saying: "The page cannot be found". Police could not confirm who was responsible for the attack, which Anonymous claimed in
a series of Tweets on the social media site Twitter. In a message posted on YouTube, the group criticized the huge security operation that
police plan for Tuesday to contain protests against Merkel, comparing the government to the military junta that ruled Greece from 1967 to
1974.
3. Anonymous attack Athens Court
With this message “Anonymous” hacked on Thursday the webpage of Athens Court of Appeal. Hactivist group Anonymous posted on
Wednesday a video on YouTube warning the Greek government of their intention to launch a cyber-attack on state websites beginning
on June 15th in retaliation to the shutdown of public broadcaster ERT and the dismissal of more than 2,650 employees. “The Greek
government continues its tactics to dismiss people who have children. This is unacceptable” stated the Guy Fawkes-masked figure in the
Anonymous YouTube video. “You must know that now you are our goal” adds the video and warns of a cyber-attack on June 15.The
video concludes by stating that “we will not forgive nor forget, expect us Greek government”.
4. Hackers attack website of Greek police
Greek police reported on Saturday evening a cyber attack on their website after the publication of reports of the arrest of eight members
of the far-right party. Police raided a number of offices of the party after the killing by neo-Nazis of an anti-fascist activist in Piraeus.
5. Sony Admits Hackers Attacked Greek Unit.
Sony has confirmed that hackers penetrated the company's servers in Greece, exposing the usernames, passwords, e-mails and
phone numbers of 8,500 people. The hack affects users of Sony BMG Greece, and Sony said it discovered the attack on Sunday,
according to Dow Jones Newswires
6. Greece: Possible Hacking Attack on Election Day?
A video by user BrutalTruthOps on Dailymotion shows reportedly a message by Anonymous #OpGreece, who warn about an
online attack on Sunday evening May 6, 2012, implying that their target will be the country's election results system.
http://www.dailymotion.com/video/xqjtlb_opgreece-elections-6-of-may-2012_news
9. 7.Case KATIA
English IT Professor.
He made electronic attack from Crete to foreign large banking organization.
Interception of information, CSE price change, defamation of the Organization online.
Police find him and arrest him in Crete.
Damage: Invaluable disaster to the banking organization.
8. Interception of confidential data and debiting of accounts
25 year old young man invaded the servers and the call center of big European bank. Interception of confidential
data and debiting of accounts. Order large quantities of toilet paper, flowers and condoms with the logo of the
bank! Issued European arrest and was arrested in Ioannina.
9. Υπόθεση botnet
20 years old young man has created a global network botnet, which is leased to third. The computer user was a member of the botnet,
by installing a toolbar that appeared credible. The botnet that was responsible for numerous attacks on the websites of foreign
government security (Interpol, FBI, CIA). After analysis of digital traces and coordinated operation, the perpetrator arrested
Applicable Model Again Cybercrime in Greece
The Greek legislation was previously lacking for cybercrimes and there was no provision for the punishment of those who commit so and
judges often do not know how to judge such cases. The Greek government next years will make state law the Treaty of Budapest, the content
of which regulates these cases. Currently the government is ready to adopt the Treaty of Budapest, where with the treaty the government
regulate all cybercrimes. The treaty has been signed by Greece in 2001 in Budapest from 22 European countries, has been edited, it is matter of
time to become state law. Thus, fully harmonized European legislation. At the following link you can see detailed the Treaty of Budapest
for Greece:
http://conventions.coe.int/Treaty/en/Treaties/Html/185.htm
Europe’s decision about Cybercrime in Greece
https://www.europol.europa.eu/content/megamenu/european-cybercrime-centre-ec3-1837
10. Government – Public Sector
Attackers may use different ways to attack utilities and energy companies.
They use wireless and Mobile devices, social media, websites and eServices,
Trojans, vendors, disgruntled employee, removable data.
Top 5 barriers to address Cyber security
Funding – 86%
Increase sophistication of threats – 52%
Inadequate availability of cybersecurity professionals – 46%o Lack of
visibility and influence within the enterprise (state) – 42%
Emerging technologies – 36%
Invaders
Accidents / mistakes
Rogue insider
Malware
Thieves / extortionists
Enemies / terrorists
Mobile Devices and Mobile Applications
1. Hacktivism / Cyber Protests
2. Advanced Persistent Threat (APT)
Hacktivism / Cyber Protests
Advanced Persistent Threat (APT)
Lures
SMShing
Trojan / Malware – key logger, malware
propagation (Facebook)
82% of malware sites are hosted on compromised
systems 55% of data-stealing malware is web-based
11. Importance of cybersecurity
clear strategy required to deal with the many complex and evolving issues
strong cybersecurity strategy is becoming a prerequisite for both the private and public sectors
private sector continues to build cybersecurity capability
government needs to support these efforts with strong regulatory and enforcement frameworks
Costs of cybercrime
difficult to quantify real cybercrime costs to the economy
estimates of international cybercrime ranging from €27 billion to
€400 billion
average cost of a data breach is €2 million per breach
in the UK, the cost of a breach ranged from €200,000 to €6 million last
year
12. Strategies need to
leverage public-private partnerships
reflect the borderless, interconnected and global nature of today’s cyber environment
adapt rapidly to emerging threats, technologies, and business models
are built on a risk based approach
focus on awareness
focus on current cybercrime threats
Hacktivism / Cyber Protests
Attacks in Response to Geo-Political issues
Objectives are primarily to disrupt and / or voice the views of a particular group
Website defacements
Denial of Service attacks (US Banks)
Automated exploit attempts
Disclosure of sensitive information
13. Advanced Persistent Threats
Highly Customized Tools and Intrusion Techniques
Stealthy, Patient attack methods to reduce detection
Focus on high value targets (Mil, Pol, Eco, Intel)
Well funded & staffed, supported by Mil or State Intel
Organizations are targeted for strategic importance
Lures
Several attacks in 2012 were conducted by luring victims to
accept malware or follow a link to an infected site. 92% of all
email Spam contained a Link
Search Engine Poisoning
Google Images – links to source photo
Using web analytics to determine what people are searching for
SPAM & Phishing
Spam is at 66.8% of all global email
Phishing attacks are 1 in every 467 emails
Malware is in 1 out of every 316 emails
Emerging Threats
Terrorists are expected to continue to expand their
technical capabilities which may lead to an increase in
cyber crime and cyber terrorism.
Law Enforcement has little understanding of these
“off the web” networks, how to access them, and the
types of activities being conducted there, including:
CrimeWare
Child Pornography
Trafficking of Drugs,Weapons, Humans
Child Exploitation
Sex Tourism
14. Snowden
Former US National Security Agency contractor. He leaked reams of
information about the NSA’s surveillance operations. He is the source of one of
the worst information leaks in US history. Materials provided by Mr. Snowden
to the media allege the US has conducted widespread and illegal surveillance
of its citizens and other nations.
CYBER-SAFETYACTIONS
Install OS/Software Updates
Run Anti-virus Software
Prevent Identity Theft
Turn on Personal Firewalls
Avoid Spyware/Adware
Protect Passwords
Back up Important Files
WAYS TO MITIGATE RISKS
leadership
training / education
continuous monitoring
preparing against sophisticated attacks
keeping systems updated
talent management
disaster recovery planning
properly funding programs
CORE CYBERSECURITY CHALLENGES
Responding to a quickly changing threat landscape
Retaining top cyber talent within government
Creating programs designed to assess risk and protect critical
infrastructure
Educating and raising awareness about cyber programs
Promoting and funding research and development initiatives
CORE CYBERSECURITY OPPORTUNITIES
Developing security policies assuming that your network is always
compromised
Organizing courses for employees as security and technology changes
Sending concise warnings and descriptions of possible threats to
employees
Ensuring continuous monitoring, communication, education,
awareness and assessment as threats change
Collaborating with peers and staying up-to-date on latest trends
15. Best Practice Guidelines
• User Education and Awareness
• Containment is the new Prevention….Compromise is inevitable
• Monitoring Network, Vulnerabilities, and Brand Anti-Virus, Anti-Malware, Device Control
• Data Loss Prevention & Monitoring
• Frequent Risk-Based Security Assessments and Updates
• Aggressive Patching and Software Polling
• Incident Response Procedures
• Social Media / Social Networking Policy
• Establish Shared Situational Awareness
• Establish and Maintain Trust Relationships
• Coordinate Information Sharing between Domestic Constituents
• Integrate Risk Information from the Community
• Collect Information about Computer Security Incidents
• Manage Incidents
• Define Incidents and Threats of National Interest
• Analyze Computer Security Incidents
• Develop an Efficient Workflow Process
• Warn the Community
• Publicize Cyber Security Best Practices
• Support the National Cyber Security Strategy
• Translate Experiences and Information to Improve National Cyber Incident Management and Cyber Policy Development
• Build National Cyber Security Capacity
• Leverage Public Private Partnerships to Enhance Awareness and Effectiveness
• Participate In and Encourage the Development of Information Sharing Groups and Communities
• Assist the National Government in Responding to Incidents in Support of Government Operations
• Assessment of existing systems
• Making cyber security part of risk management process
• Definition of security requirements for vendors & system integrators
• Operation and management of security architecture
• Continuous monitoring of the infrastructure
• Regular analysis of log files
• Regular reevaluation of security architecture
• Continuous threat modeling & risk management
• Development of IT-security policies and processes
• Evaluation and planning of “new” costs
16. FRAMEWORK
Although the new EU strategy for cybersecurity is considered a "step in
the right direction," but receives criticism from experts because of
ambiguity in security of cloud computing.
The European Commission published a new strategy for cybersecurity
in 2013 as an effort to enhance security on the internet.
ENISA successfully provides support to strengthen Europe's capacity
cyber security through actions for prevention and preparedness. Some
examples are
The NIST Framework Process
NIST issued a Request for Information (RFI) in the Federal Register
Afford appropriate protections for privacy and civil liberties –
using the Fair Information Practice Principles
Maintain business confidentiality
Are flexible, repeatable, performance-based, cost-effective, and
technology neutral
Are well-aligned with established performance measures
17. Conclusion
As nations and corporations recognize that their critical infrastructure has integrated sophisticated technologies to provide greater
efficiencies and reliability, they acknowledge the need to effectively manage risks arising from those technologies. Instituting a
national computer security incident management capability can be a very valuable step towards helping nations manage risk and
secure their systems. There is a common need to resist, reduce, and fight cyber threats and respond to attacks.
Greece
The Cyber Security is not a sector which we have to avoid or to ignore. In our country there
is a necessity for development of Cyber Security.
ACTIONS
Military Strategy for cybersecurity
Cyberspace Framework
Policy for cybersecurity
Technical cyber defense action plan development in military.
Technical Security Manual
10day school for cybersecurity
ACTIONS IN PROGRESS
Implement the action plan
Interactive school for cybersecurity.
Updating technical manual for PC
Enable interdisciplinary center of incidents dealing with cybersecurity
Start procedure for drafting the National Strategy for Cybersecurity
«HORIZON 2020»
FORENSICS
DIGITAL SECURITY