Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Cyber security from military point of view
1. Cyber security from military
point of view
Chişinău - 2013
chief of e-Transformation service
lieutenant-colonel Alexandru BURUC
Peace really does not exist in the Information Age.
Lt. gen. Kenneth Minihan
The advanced capability of the threat has increased
the risk. Understanding the risk allows employment
of defensive measures to mitigate the risk – “Risk
will always be present
2. In modern language, a shooting war is called
kinetic warfare, where “kinetics” is concerned with the
relationship between the motion of bodies and its
causes.
Recall Clarke’s definition of cyber warfare:
“actions by a nation-state to penetrate another
nation’s computers or networks for the purposes of
causing damage or disruption.”
1. Can activity in cyberspace have kinetic
consequences such as property damage and loss of
lives?
2. Does it have to qualify as an act of war?
Warfare: Cyber and Otherwise
3. 3
THE CHANGE
• Combined capabilities have helped attackers
create weapon systems
Soldier + Rifle + Bullets = (This is a WEAPON SYSTEMS)
• Cyber
– State Sponsored, Script Kiddies, Paid Staff
– Laptop, Desktop, Mobile devices
– Metasploit, Backtrak, PoisonIvy, Mpack, other RAT
• Hacker + Laptop + Metasploit = WEAPON SYSTEM
• Attackers, Adversaries, Cyber terrorist are now employing
TTP (Transition to Practice)
5. Although many people may think that the military’s only vulnerability is to
command and control systems, it is important to realize that the Department of
Defense uses IT systems for a number of functions, in both
peace and war.
• Commercial transactions;
• Payrolls;
• Sensitive research data;
• Intelligence;
• Operational plans;
• Procurement sensitive source selection data;
• Health records;
• Personnel records;
• Weapons systems maintenance records;
• Logistics operations etc.
Global open
Communications
Backbone
Military
infrastructure
Closed foreign
infrastructure
7. Wardens Rings
• The focus is to attack Centers of Gravity
– The Estonian, Georgian attacks
– Utilized TTP (Transition to Practice)
• Rings
– Leadership (Defaced Ministry of Defense, Finance, etc)
– Organic/System Essentials
– Infrastructure (DDoS against ISP and Wardialing to lock up
POTS network)
– Population (News Media)
– Fielded Military Forces
8. • forecast of a growing use of military cyber
operations due their major effectiveness and lower
costs;
• Geopolitical situation of the Republic of Moldova;
• The growing use of cyber capabilities to achieve
strategic goals (James Clapper);
• Threats are more diverse, interconnected, and viral
than at any time in history;
Major cyber threats for military
9. SUPORTING AREAS
National defence
authorities
Internal security
authorities
Crisis management
arrangement
Basic security in
every
organisation
DIPLOMACY
TECHNOLOGY
EDUCATION
LEGISLATION
WAREXTREMISMCRIMINALITYACCIDENTS
CRITICAL SISTEMS
INDIVIDUALS
REGULAR ORGANISATIONS
CYBERSPACE
CONFIDENTIALITY INTEGRITY AVAILABILITY
THREATS
Cyber security – Concept
10. Activities in cyber security domain
• Collaboration with institutions that are involved in
national defence system;
• Implementing PKI technology;
• Use of e-learning platform (ilias) to bring up military
personnel;
• Participacion in national and international
applications such as Combined Endeavor, Rapid
Trident, Vest 2013;
• PARP (Planning and Review Process). One of the
aim of PARP is to Enhance/Develop capabilities for
protecting critical national defence communication
and information systems.
11. • attack is Global medium: Maritime, Air,
Space, Cyber;
• Relied upon for business globalization;
• More nations, organizations, economies at
risk;
• Rapid capability development, deliberate
legal and global agreement on how to
“Address Cyber Attacks”;
• Some believe there is “No Cyber War”
– Ask Estonia, Brazil, Canada, South Africa,
Malaysia .
CONTESTED COMMONS
12. CONCLUSIONS
• Cyber attacks are serious threat to the
defence sector of the Republic of Moldova
and other states.
• The nature of the Internet makes cyber
attacks powerful,difficult to counter, and
difficult to attribute.
• Treaties and legal frameworks have not kept
pace with the threat.