This document discusses cybersecurity and cybercrime. It begins with an introduction explaining that cybercrime is growing rapidly and can have serious financial and other impacts. It then provides some key facts and figures about the scope of cybercrime, including that over 60% of internet users have experienced some form of cybercrime. The document also discusses some of the challenges in combating cybercrime, such as a lack of understanding and reporting. It outlines efforts that have been made to enhance cybersecurity, such as the creation of a national cybersecurity authority, development of policies and laws, and international cooperation.
Gen AI in Business - Global Trends Report 2024.pdf
Esam Abulkhirat's Presentation on Cybersecurity Challenges
1. Mr. Esam Abulkhirat
Deputy General Director
NISSA
ا.اتﺮـــــــــــــــــــــــــ اﳋ اﺑﻮ ﺪي اﳌﻬ ﻋﺼــــــــــــــﺎم
ﻋـــــــــــــــﺎم ﺮﻣﺪ ﺋﺐ
اﳌﻌﻠﻮﻣﺎت وﺳﻼﻣﺔ ﻷﻣﻦ اﻟﻮﻃﻨﯿﺔ اﻟﻬﯿﺌﻮ
2. •Introduction & Overview.
•Why Cybersecurity is Important.
•Kinetics Vs Cyber.
•Challenges & Combating Efforts
•Conclusion.
3.
4. IntroductionIntroduction::
CybercrimeCybercrime is the fastest growing crime in the world with millions ofis the fastest growing crime in the world with millions of
people affected every day. The effects of one successful attack on apeople affected every day. The effects of one successful attack on a
corporation can have farcorporation can have far--reaching implications, including financialreaching implications, including financial
losses at the corporate level, to stock losses and money lost forlosses at the corporate level, to stock losses and money lost for
consumers or stock holders.consumers or stock holders. LawsLaws have been swiftly put into placehave been swiftly put into place
to halt these types of attacks, but criminals find haven in countriesto halt these types of attacks, but criminals find haven in countries
with lax cybercrime laws.with lax cybercrime laws.
5.
6.
7.
8. Crime Space
Security Law
Cyber
The term
“cybercrime” is
usually referred to as
any criminal offense
committed against
or with the use of
a computer or
computer network
A set of activities and
other measures,
technical and non-
technical intended to
protect data,
information and
information systems
from unauthorized
access, use,
disclosure, disruption,
modification and
destruction.
Virtual world of
information
networks. The
global information
space. The digital
era.
is a term used to
describe the legal
issues related to use
of ICTs, particularly
cyberspace
11. FACTS AND FIGURES:FACTS AND FIGURES:
Almost two thirds of all adult web users globally have fallen victimAlmost two thirds of all adult web users globally have fallen victim
to some sort of cybercrime, from spam email scams to having theirto some sort of cybercrime, from spam email scams to having their
credit card details stolen.credit card details stolen. (the(the 20112011 Norton Cybercrime Report: The Human Impact studyNorton Cybercrime Report: The Human Impact study))
InIn 20102010, China, China had the most cybercrime victims, athad the most cybercrime victims, at 8383% of web% of web
users, followed by India and Brazil, atusers, followed by India and Brazil, at 7676% each, and then the US, at% each, and then the US, at
7373%.%.
The study, of overThe study, of over 77,,000000 InternetInternet users foundusers found thatthat 8080% of people% of people
believed the perpetrators would never be brought to justice. Fewerbelieved the perpetrators would never be brought to justice. Fewer
than half ever bother to report the crime to policethan half ever bother to report the crime to police..
12. FACTS AND FIGURES:FACTS AND FIGURES:
CybercrimeCybercrime is worth an estimatedis worth an estimated 105105 billionbillion dollars anddollars and
cybercriminals can earn aroundcybercriminals can earn around 2323,,000000 dollars a weekdollars a week..
(rival computer security firm(rival computer security firm McAfee)McAfee)
SeveralSeveral computer security consulting firms estimate globalcomputer security consulting firms estimate global
financial losses from viruses, worm attacks and other hostilefinancial losses from viruses, worm attacks and other hostile
computercomputer--based attacks to be between $based attacks to be between $1313 and $and $226226
billion.billion.
((the Congressional Research Service)the Congressional Research Service)
“One“One botnetbotnet of one million hosts could conservativelyof one million hosts could conservatively
generate enough traffic to take most Fortunegenerate enough traffic to take most Fortune 500500
companies collectively offline”companies collectively offline”,,
( Jeffrey Carr writes in his book Inside Cyber Warfare).( Jeffrey Carr writes in his book Inside Cyber Warfare).
13. FACTS AND FIGURES:FACTS AND FIGURES:
••The growth rate of cyberspace has been enormous,The growth rate of cyberspace has been enormous,
roughly doubling everyroughly doubling every 100100 days.days.
••Cybercrime in Africa is growing faster than anyCybercrime in Africa is growing faster than any
other continent.other continent.
••Out of the top ten countries in the world with aOut of the top ten countries in the world with a
high level of cybercrime prevalence, Africa is hosthigh level of cybercrime prevalence, Africa is host
to four of these countries (Nigeria, Cameroon,to four of these countries (Nigeria, Cameroon,
Ghana and South Africa).Ghana and South Africa).
••Estimates say that aboutEstimates say that about 8080 percent of PCs in thepercent of PCs in the
African continent are already infected with virusesAfrican continent are already infected with viruses
and other malicious software.and other malicious software.
(World Bank Survey)(World Bank Survey)
19. Mobile worms
on victims’
machines that
buy malicious
apps and steal
via tap-and-pay
NFC Malware that
blocks security
updates to
mobile phones
Mobile phone
Ransomware
“kits” that
allow criminals
without
programming
skills to extort
payments
Covert and
persistent
attacks deep
within and
beneath
Windows
Rapid
development of
ways to attack
Windows 8 and
HTML5
Large-scale
attacks like
Stuxnet that
attempt to
destroy
infrastructure,
rather than
make money
Snowshoe
spamming of
legitimate
products,
spreading out
the sources &
keeping spam
flowing.
further
narrowing of
Zeus-like
targeted attacks
using Citadel
Trojan, difficult
for security
products to
counter
The decline of
online
Hacktivists
Anonymous, to
be replaced by
more politically
committed or
extremist
groups
Malware that
renews a
connection even
after a botnet
has been taken
down, allowing
infections to
grow again
services for $.
“Hacking as a
Service”:
Anonymous in
underground
forums
exchange
malware kits &
development
services for $.
Nation states
and armies will
be more
frequent sources
and victims of
cyberthreats
SMS spam from
infected phones.
20.
21.
22.
23. The Nimitz-class super
carriers are a class of 10
nuclear-powered aircraft
carriers in service with the
US-Navy.
$4.5 billion with
operation costs of
$22 billion a year
The McDonnell Douglas
(now Boeing) F-15 Strike
Eagle is an all-weather
multirole fighter
$100 million (not
including
maintenance), 221-US,
69-Saudia and 61-
S.Korea
The M1 Abrams tank is a
US-third-generation
main battle tank (68.4
tons)
M1A2 cost $8.58 million.
Total estimated cost of
entire M1 tank program
to date $40 billion
The Chinese Army
(2,285,000 soldiers on
active duty) (800,000 on
reserve)
The estimated Chinese
budget for the Army in
2013 is $114.2 billion.
24. •The Cary Titan world’s
fastest super computer
(27 petaflops, 2012).
1 petaflop = Thousand Trillion floating
point operations per second
•Cost $200 million
design and build.
Operation cost 6.5
million a year
•High-end password
cracking desktop attempt
350 billion PW/Sec
•Custom built desktop
PW cracking rig with
25 powerful graphic
cards cost $5000.
•MacBook Pro attempt
40 million/hashes/Sec
using Nvidia 650M GC
•Properly configured cost
$2000 brand new
MacBook Pro.
•Jailbreak Smartphone
with Back-Track (Free
Pen-testing SW); highly
mobile hacker platform used by
any semi-competent hacker.
•Top of the line Droid
(runs Linux)
Smartphone cost
$600.
25. Space of conflict largely separate
from civilians.
Offensive & Defensive
technologies often in rough
balance.
Attribution to adversary
presumed.
Capabilities of non-state actors
relatively small.
Significance of distance large.
National boundaries important.
Clear lines between attacking &
spying as security threats.
Effects reasonably predictable.
Usually declared or observed
explicitly
There are clear International
mechanisms (UN, NATO etc)
Space of conflict is where
civilians live and work.
Offensive & Defensive
technologies largely OUT of
balance.
Attribution hard, slow, uncertain.
Capabilities of non-state actors
relatively large.
Significance of distance minimal.
National boundaries irrelevant.
Attacks & spying hard to
distinguished; no clear line.
Effects hard to predict or control.
Rarely declared or observed
explicitly.
No clear International
mechanisms (IG, ICANN, ITU).
26.
27. Challenges:Challenges:
••lack of understanding, education, training, unclearlack of understanding, education, training, unclear
policies of government.policies of government.
••The fact that the vast majority of cyber crime is notThe fact that the vast majority of cyber crime is not
reported would impact all statistics, as a clearreported would impact all statistics, as a clear
picture cannot be given without all the information.picture cannot be given without all the information.
••Explosion of the Internet.Explosion of the Internet.
28. Efforts:Efforts:
••Creation of National Information Security Authority (NISSA).Creation of National Information Security Authority (NISSA).
••Development of Policies, Legislations & Laws.Development of Policies, Legislations & Laws.
••Building of Computer Security Readiness Team (CERT).Building of Computer Security Readiness Team (CERT).
••Foundation of PKI, CloudFoundation of PKI, Cloud--Sec, MobileSec, Mobile--Sec, NetworkSec, Network--Sec.Sec.
••Cyber security awareness workshops and trainings.Cyber security awareness workshops and trainings.
••International CooperationInternational Cooperation