Cyber-warfare • Government warfare conducted
over the Internet. • Actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption. • Cyber-warfare is a relatively new type of weaponry with various eﬀects on the target. It doesn't have any limitations of use and can achieve most of the goals set. 3
Cyber-defence • Purely defensive posture
poses significant risks. • If we apply the principle of warfare to the cyber-domain, the defence of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to do counter-attack. • In warfare, the notion of counter-attack is extremely powerful. 4
Cyber-attack • Definition: e compromise
of targets without destruction or disruption, but rather through covert means, for the purposes of accessing information or modifying it or preparing such access for future use in exploitation or attack. • A serious cyber-attack is almost unavoidable. It is cheaper and easier for a foreign country or a terrorist group than a physical attack. • Cyber-attack could result in military response. Attackers or terrorists could gain access to the digital controls for the nation's utilities, power grids, air traﬃc control systems and power plants. 5
Revenge vs. Justice • In
warfare, revenge is appealingly straightforward. • Treating the whole thing as a military problem is easier than working within the legal system. • In peacetime, justice in cyberspace can be diﬃcult (and dangerous). • It can be hard to figure out who is attacking you, and it can take a long time to make them stop. • It can be even harder to prove anything in court. Anyone accused of a crime deserves a fair trial. 6
In 1982, computer code stolen
from a Canadian company by Soviet spies cause a Soviet gas pipeline to explode. e code had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion.
In the 2006 war against
Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Force, (IDF) intelligence estimates that several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel has attached growing importance to cyber-tactics, and has become, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development operations in Israel, where local hires are often veterans of the IDF's elite computer units.
In April 2007, Estonia came
under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. e largest part of the attacks were coming from Russia and from oﬃcial servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted.
On March 28, 2009, a
cyber spy network, dubbed GhostNet, using servers mainly based in China has tapped into classified documents from government and private organisations in 103 countries, including the computers of Tibetan exiles, but China denies the claim.
In December 2009 through January
2010, a cyber attack, dubbed Operation Aurora, was launched from China against Google and over 20 other companies. Google said the attacks originated from China and that it would "review the feasibility" of its business operations in China following the incident. According to Google, at least 20 other companies in various sectors had been targeted by the attacks. McAfee spokespersons claim that "this is the highest profile attack of its kind that we have seen in recent memory."
In September 2010, Iran was
attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. e worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyber-warfare.
Indonesia’s ICT • Indonesia’s Information
Communication Technology (ICT) grow rapidly and enter all sectors of human life. • Indonesia’s central bank raised its 2011 economic growth forecast to as much as 6.5% from an earlier forecast of as much as 6% as consumer spending accelerates1. • Indonesia has adopted ICT as a tool for governance and development. Its national ICT vision: “to bring into reality a modern information society, prosperous and high competitive, with strong supported by ICT”. 1. Novrida Manurung, Indonesia Raises 2011 Economic Growth Forecast to 6%-6.5%. Retrieved on 7 November 2010 from http://www.businessweek.com/news/ 2010-03-11/indonesia-raises-2011-economic-growth-forecast-to-6-6-5-.html 15
ere has been a high
volume of detections in Asia, and Iran (52.2%), Indonesia (17.4%) and India (11.3%) seem to have been particularly hard hit, compared to, say, the USA (0.6%), ranked 11th in our statistics.
Defence Strategy & Tactics •
Reactive behaviour. It reacts upon with the appropriate response by increasing the awareness on weakness. • ere will be always several successful penetrations at the beginning. • Planned behaviour. Appropriate security planning well thought of and implemented appropriately. • e plan can’t cover all scenarios. • Proactive behaviour. Concentrates on identifying and covering its own potential weaknesses. • Needs highly skilled people and very tight security system in place. 23
Security Aspects • Security is
based on 3 aspects: people, process and technology. As process and technology are developed by people, human resources are the key to cyber-security defines initiative. 24
Conclusion • Government must understand
how important computers are to defending the nation. • Playing defence is often more diﬃcult than playing oﬀence. • Computer-savvy patriots are required to defend the country from spies, terrorists, and other criminals. • e local hacker community is our ally, and we need to pay attention to what they're doing out there. 35