Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)

735 views

Published on

Presentation made by Mr. Esam Abulkhirat, Deputy DG of NISSA. 28 August 2013, Corenthia Hotel
Tripoli, LIBYA

Published in: Technology, News & Politics
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
735
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
31
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)

  1. 1. Mr. Esam Abulkhirat Deputy General Director NISSA ‫ا‬.‫ات‬‫ﺮ‬‫ـــــــــــــــــــــــــ‬ ‫اﳋ‬ ‫اﺑﻮ‬ ‫ﺪي‬ ‫اﳌﻬ‬ ‫ﻋﺼــــــــــــــﺎم‬ ‫ﻋـــــــــــــــﺎم‬ ‫ﺮ‬‫ﻣﺪ‬ ‫ﺋﺐ‬ ‫اﳌﻌﻠﻮﻣﺎت‬ ‫وﺳﻼﻣﺔ‬ ‫ﻷﻣﻦ‬ ‫اﻟﻮﻃﻨﯿﺔ‬ ‫اﻟﻬﯿﺌﻮ‬
  2. 2. •Introduction & Overview. •Why Cybersecurity is Important. •Kinetics Vs Cyber. •Challenges & Combating Efforts •Conclusion.
  3. 3. IntroductionIntroduction:: CybercrimeCybercrime is the fastest growing crime in the world with millions ofis the fastest growing crime in the world with millions of people affected every day. The effects of one successful attack on apeople affected every day. The effects of one successful attack on a corporation can have farcorporation can have far--reaching implications, including financialreaching implications, including financial losses at the corporate level, to stock losses and money lost forlosses at the corporate level, to stock losses and money lost for consumers or stock holders.consumers or stock holders. LawsLaws have been swiftly put into placehave been swiftly put into place to halt these types of attacks, but criminals find haven in countriesto halt these types of attacks, but criminals find haven in countries with lax cybercrime laws.with lax cybercrime laws.
  4. 4. Crime Space Security Law Cyber The term “cybercrime” is usually referred to as any criminal offense committed against or with the use of a computer or computer network A set of activities and other measures, technical and non- technical intended to protect data, information and information systems from unauthorized access, use, disclosure, disruption, modification and destruction. Virtual world of information networks. The global information space. The digital era. is a term used to describe the legal issues related to use of ICTs, particularly cyberspace
  5. 5. Target Viruses DoS Weapon IPR Spam Accessory Fraud Id-Theft
  6. 6. FACTS AND FIGURES:FACTS AND FIGURES: Almost two thirds of all adult web users globally have fallen victimAlmost two thirds of all adult web users globally have fallen victim to some sort of cybercrime, from spam email scams to having theirto some sort of cybercrime, from spam email scams to having their credit card details stolen.credit card details stolen. (the(the 20112011 Norton Cybercrime Report: The Human Impact studyNorton Cybercrime Report: The Human Impact study)) InIn 20102010, China, China had the most cybercrime victims, athad the most cybercrime victims, at 8383% of web% of web users, followed by India and Brazil, atusers, followed by India and Brazil, at 7676% each, and then the US, at% each, and then the US, at 7373%.%. The study, of overThe study, of over 77,,000000 InternetInternet users foundusers found thatthat 8080% of people% of people believed the perpetrators would never be brought to justice. Fewerbelieved the perpetrators would never be brought to justice. Fewer than half ever bother to report the crime to policethan half ever bother to report the crime to police..
  7. 7. FACTS AND FIGURES:FACTS AND FIGURES: CybercrimeCybercrime is worth an estimatedis worth an estimated 105105 billionbillion dollars anddollars and cybercriminals can earn aroundcybercriminals can earn around 2323,,000000 dollars a weekdollars a week.. (rival computer security firm(rival computer security firm McAfee)McAfee) SeveralSeveral computer security consulting firms estimate globalcomputer security consulting firms estimate global financial losses from viruses, worm attacks and other hostilefinancial losses from viruses, worm attacks and other hostile computercomputer--based attacks to be between $based attacks to be between $1313 and $and $226226 billion.billion. ((the Congressional Research Service)the Congressional Research Service) “One“One botnetbotnet of one million hosts could conservativelyof one million hosts could conservatively generate enough traffic to take most Fortunegenerate enough traffic to take most Fortune 500500 companies collectively offline”companies collectively offline”,, ( Jeffrey Carr writes in his book Inside Cyber Warfare).( Jeffrey Carr writes in his book Inside Cyber Warfare).
  8. 8. FACTS AND FIGURES:FACTS AND FIGURES: ••The growth rate of cyberspace has been enormous,The growth rate of cyberspace has been enormous, roughly doubling everyroughly doubling every 100100 days.days. ••Cybercrime in Africa is growing faster than anyCybercrime in Africa is growing faster than any other continent.other continent. ••Out of the top ten countries in the world with aOut of the top ten countries in the world with a high level of cybercrime prevalence, Africa is hosthigh level of cybercrime prevalence, Africa is host to four of these countries (Nigeria, Cameroon,to four of these countries (Nigeria, Cameroon, Ghana and South Africa).Ghana and South Africa). ••Estimates say that aboutEstimates say that about 8080 percent of PCs in thepercent of PCs in the African continent are already infected with virusesAfrican continent are already infected with viruses and other malicious software.and other malicious software. (World Bank Survey)(World Bank Survey)
  9. 9. Platform
  10. 10. Mobile worms on victims’ machines that buy malicious apps and steal via tap-and-pay NFC Malware that blocks security updates to mobile phones Mobile phone Ransomware “kits” that allow criminals without programming skills to extort payments Covert and persistent attacks deep within and beneath Windows Rapid development of ways to attack Windows 8 and HTML5 Large-scale attacks like Stuxnet that attempt to destroy infrastructure, rather than make money Snowshoe spamming of legitimate products, spreading out the sources & keeping spam flowing. further narrowing of Zeus-like targeted attacks using Citadel Trojan, difficult for security products to counter The decline of online Hacktivists Anonymous, to be replaced by more politically committed or extremist groups Malware that renews a connection even after a botnet has been taken down, allowing infections to grow again services for $. “Hacking as a Service”: Anonymous in underground forums exchange malware kits & development services for $. Nation states and armies will be more frequent sources and victims of cyberthreats SMS spam from infected phones.
  11. 11. The Nimitz-class super carriers are a class of 10 nuclear-powered aircraft carriers in service with the US-Navy. $4.5 billion with operation costs of $22 billion a year The McDonnell Douglas (now Boeing) F-15 Strike Eagle is an all-weather multirole fighter $100 million (not including maintenance), 221-US, 69-Saudia and 61- S.Korea The M1 Abrams tank is a US-third-generation main battle tank (68.4 tons) M1A2 cost $8.58 million. Total estimated cost of entire M1 tank program to date $40 billion The Chinese Army (2,285,000 soldiers on active duty) (800,000 on reserve) The estimated Chinese budget for the Army in 2013 is $114.2 billion.
  12. 12. •The Cary Titan world’s fastest super computer (27 petaflops, 2012). 1 petaflop = Thousand Trillion floating point operations per second •Cost $200 million design and build. Operation cost 6.5 million a year •High-end password cracking desktop attempt 350 billion PW/Sec •Custom built desktop PW cracking rig with 25 powerful graphic cards cost $5000. •MacBook Pro attempt 40 million/hashes/Sec using Nvidia 650M GC •Properly configured cost $2000 brand new MacBook Pro. •Jailbreak Smartphone with Back-Track (Free Pen-testing SW); highly mobile hacker platform used by any semi-competent hacker. •Top of the line Droid (runs Linux) Smartphone cost $600.
  13. 13. Space of conflict largely separate from civilians. Offensive & Defensive technologies often in rough balance. Attribution to adversary presumed. Capabilities of non-state actors relatively small. Significance of distance large. National boundaries important. Clear lines between attacking & spying as security threats. Effects reasonably predictable. Usually declared or observed explicitly There are clear International mechanisms (UN, NATO etc) Space of conflict is where civilians live and work. Offensive & Defensive technologies largely OUT of balance. Attribution hard, slow, uncertain. Capabilities of non-state actors relatively large. Significance of distance minimal. National boundaries irrelevant. Attacks & spying hard to distinguished; no clear line. Effects hard to predict or control. Rarely declared or observed explicitly. No clear International mechanisms (IG, ICANN, ITU).
  14. 14. Challenges:Challenges: ••lack of understanding, education, training, unclearlack of understanding, education, training, unclear policies of government.policies of government. ••The fact that the vast majority of cyber crime is notThe fact that the vast majority of cyber crime is not reported would impact all statistics, as a clearreported would impact all statistics, as a clear picture cannot be given without all the information.picture cannot be given without all the information. ••Explosion of the Internet.Explosion of the Internet.
  15. 15. Efforts:Efforts: ••Creation of National Information Security Authority (NISSA).Creation of National Information Security Authority (NISSA). ••Development of Policies, Legislations & Laws.Development of Policies, Legislations & Laws. ••Building of Computer Security Readiness Team (CERT).Building of Computer Security Readiness Team (CERT). ••Foundation of PKI, CloudFoundation of PKI, Cloud--Sec, MobileSec, Mobile--Sec, NetworkSec, Network--Sec.Sec. ••Cyber security awareness workshops and trainings.Cyber security awareness workshops and trainings. ••International CooperationInternational Cooperation
  16. 16. •Data •APPLICATIONS •NETWORK •HUMAN

×