Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Is Cyber-offence the New Cyber-defence?


Published on

honestly, i don't like the 'cyber' hype. oh, well.. the old men prefer that way :-/

Published in: News & Politics
  • Be the first to comment

Is Cyber-offence the New Cyber-defence?

  1. Is Cyber-offence the New Cyber-defence? Jim Geovedi National Defence Information Technology Seminar 2010
  2. Background
  3. Cyber-warfare • Government warfare conducted over the Internet. • Actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption. • Cyber-warfare is a relatively new type of weaponry with various effects on the target. It doesn't have any limitations of use and can achieve most of the goals set. 3
  4. Cyber-defence • Purely defensive posture poses significant risks. • If we apply the principle of warfare to the cyber-domain, the defence of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to do counter-attack. • In warfare, the notion of counter-attack is extremely powerful. 4
  5. Cyber-attack • Definition: e compromise of targets without destruction or disruption, but rather through covert means, for the purposes of accessing information or modifying it or preparing such access for future use in exploitation or attack. • A serious cyber-attack is almost unavoidable. It is cheaper and easier for a foreign country or a terrorist group than a physical attack. • Cyber-attack could result in military response. Attackers or terrorists could gain access to the digital controls for the nation's utilities, power grids, air traffic control systems and power plants. 5
  6. Revenge vs. Justice • In warfare, revenge is appealingly straightforward. • Treating the whole thing as a military problem is easier than working within the legal system. • In peacetime, justice in cyberspace can be difficult (and dangerous). • It can be hard to figure out who is attacking you, and it can take a long time to make them stop. • It can be even harder to prove anything in court. Anyone accused of a crime deserves a fair trial. 6
  7. Various Case Histories
  8. In 1982, computer code stolen from a Canadian company by Soviet spies cause a Soviet gas pipeline to explode. e code had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion.
  9. In the 2006 war against Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Force, (IDF) intelligence estimates that several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel has attached growing importance to cyber-tactics, and has become, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development operations in Israel, where local hires are often veterans of the IDF's elite computer units.
  10. In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. e largest part of the attacks were coming from Russia and from official servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted.
  11. On March 28, 2009, a cyber spy network, dubbed GhostNet, using servers mainly based in China has tapped into classified documents from government and private organisations in 103 countries, including the computers of Tibetan exiles, but China denies the claim.
  12. In December 2009 through January 2010, a cyber attack, dubbed Operation Aurora, was launched from China against Google and over 20 other companies. Google said the attacks originated from China and that it would "review the feasibility" of its business operations in China following the incident. According to Google, at least 20 other companies in various sectors had been targeted by the attacks. McAfee spokespersons claim that "this is the highest profile attack of its kind that we have seen in recent memory."
  13. In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. e worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyber-warfare.
  14. Cyber-warfare Readiness in Indonesia
  15. Indonesia’s ICT • Indonesia’s Information Communication Technology (ICT) grow rapidly and enter all sectors of human life. • Indonesia’s central bank raised its 2011 economic growth forecast to as much as 6.5% from an earlier forecast of as much as 6% as consumer spending accelerates1. • Indonesia has adopted ICT as a tool for governance and development. Its national ICT vision: “to bring into reality a modern information society, prosperous and high competitive, with strong supported by ICT”. 1. Novrida Manurung, Indonesia Raises 2011 Economic Growth Forecast to 6%-6.5%. Retrieved on 7 November 2010 from 2010-03-11/indonesia-raises-2011-economic-growth-forecast-to-6-6-5-.html 15
  17. — 2,042 of which 500 single ip and 1,542 mass defacements
  18. — 2,932 of which 1,071 single ip and 1,861 mass defacements
  19. — 83 of which 31 single ip and 52 mass defacements
  20. ere has been a high volume of detections in Asia, and Iran (52.2%), Indonesia (17.4%)  and India (11.3%) seem to have been particularly hard hit, compared to, say, the USA (0.6%), ranked 11th in our statistics.
  21. Defence Strategy & Tactics • Reactive behaviour. It reacts upon with the appropriate response by increasing the awareness on weakness. • ere will be always several successful penetrations at the beginning. • Planned behaviour. Appropriate security planning well thought of and implemented appropriately. • e plan can’t cover all scenarios. • Proactive behaviour. Concentrates on identifying and covering its own potential weaknesses. • Needs highly skilled people and very tight security system in place. 23
  22. Security Aspects • Security is based on 3 aspects: people, process and technology. As process and technology are developed by people, human resources are the key to cyber-security defines initiative. 24
  23. Cyber-attack Methodology 25 Vulnerability Examination IntrusionProfiling Attack Initiation Covering Tracks 1 2 3 4 5 Information Gathering Intelligence Survey and Scouting Perimeter Mapping Asset Identification Vulnerability Analysis Exploitation Planning Exploitation Propagation
  24. Hackers as National Security Resource
  26. Indonesia IT Salary 2008/2009
  27. Local Hacker Community • Kecoak Elektronik • Hackerlink • Antihackerlink • Jasakom • ECHO • Binus Hacker • etc. 32
  28. Conclusion • Government must understand how important computers are to defending the nation. • Playing defence is often more difficult than playing offence. • Computer-savvy patriots are required to defend the country from spies, terrorists, and other criminals. • e local hacker community is our ally, and we need to pay attention to what they're doing out there. 35