Post on 30-Aug-2014
description
transcript
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 1 | 16 –
CYBER SECURITY the challenge of the nearest future
Nikola Schmidt
1. Introduction
Cyber security is a discipline which is hardly understandable for broad public even thou it
covers daily problems we face when using our personal computers. On the one hand we know
that some worms are destroyed by our antivirus’ shields perfectly every day and we are informed
about this incident by small window on our monitor. We do not worry about possible
consequences of infection, if so we put the computer to IT “hospital” and predict that those
“geeks” will cure it. On the other hand there are highly dangerous worms which are capable to
shut down electrical networks or control devices on gas pressure stations and those are capable to
do immediate injuries or consecutive damages or run chain of incidents such as shutting down
critical infrastructure of modern society.
2. The origin of cyber security discipline
2.1. Background of the networks and its security
In 2002 Hungarian physicist wrote a book about networks. Not about a computers
network only, but the first book about networking discipline itself. This work begun the journey
to uncover how everything in the world is connected (social relations, computer networks,
biological systems etc.) and how these networks behave, what rules are applied to networks and
what characteristics it has on a physical basis (Barabási, 2002). The most important outcome is
that everything what looks decentralized or chaotic tends to be organized, also the computer
networks. The most important outcome from the research is that chaotic nodes in the network
tend to create centers and then subsequently influence the other. Sometimes it is colloquially
called small business waves. Hence when scientists assigned to create a first communication
network as a US governmental task, the Arpanet created in 1969, to fulfill the primordial
achievements could not be successful challenge because those principles matters. The task was to
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 2 | 16 –
create a decentralized communication network durable for possible nuclear attack on a major
part of it. The network had to survive attack on the major part and be still capable to
communicate between two arbitrary nodes. The problem is that networks tend to create centers
and those are more vulnerable than the rest. The task could not be achieved in the sense of
perfectly decentralized network, but early after this experiment the Internet was created with
present sensitive attributes, mainly with the consecutive character of center based.
Cyber security is very young discipline which does not enjoy the same popularity as
some of the other security related disciplines. At the very beginning the most important problem
of cyber security is its own inviolability for broad public. Apple has been winning on the market
last years because of their philosophy how to design the devices. They focus on simplicity and
easy-to-use approach. This approach is highly complicated for broad acceptance of cyber related
security issues because it does not push people to think about security settings in their own
computer (or any other settings), consumers are satisfied when having everything prepared and
set in default. Steve Jobs said that good application is the one which works well without any
needed settings (Kahney, 2009). Because of the fact that this approach seems to be successful,
the world will not be more secure, but more vulnerable.
2.2. The origin of a problem on the side of the public
Cyber threats are hard to understand for any person who has never faced a virus
destroying their data and following reconstruction of a hard drive. In the first years of personal
computers the viruses were moving from computer to computer on diskettes, the first media used
for data transfer. As the data were transferred very slowly because everybody should copy it
personally, also the antiviruses were distributed very slowly. We could say that this world was
highly separated as the persons using computers and sharing data on diskettes were separated.
Hence the networks and their centers reflected more the social relations instead of nowadays
nods relations on the Internet network. The idea of spreading out to the world a virus which
could be a threat to the world peace was something unimaginable just one and half decade ago.
But it is not today.
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 3 | 16 –
Almost all the computers are connected to the Internet and most of them use some
centralized services such as Facebook or Gmail. Those centers represent most vulnerable parts of
the Internet network. More and more people want more standardized systems, minimum of
settings and easy-to-use operating systems what is highly understandable. They would like to
create some valuable outputs using their computers. Have well configured computer full of
tweaks and nice icons is not a value which they seek for. Hence the computer must be simple as
possible and provide maximum of simply accessible services. But this world which is
approaching will be more vulnerable than before and all those go-easy people will be a part of
the world which will arise. As the computers are more connected and more other devices are
synchronized and connected with whole local networks and new kids are more educated in
hacking those networks the more vulnerable world is. At this point governments matters.
2.3. The origin of the problem on the side of governments
Governments are not only responsible for broad public health but will be in the near
future also responsible for security of personal computers which can disturb whole country for
hours or days just because of connected to the infected Facebook. Governments are also
responsible for wide variety of public services such as water or electricity supply. Those services
are consumed today by implication, but the computers running the chain of machines which
provides such services are vulnerable as well. Disturbing those machines could have strategic or
symbolic background. Contemporary attacks against states are rare but they are targeting
computers within state which could harm state interests (Nazario, 2010).
Taking down the air defense by cyber related weapons during the air attack of Syria by
Israel in 2007 was strategic approach per se (Fulghum, Wall, & Butler, 2007). In this case the
target and the attacker or source of the attack was clear. Israel attacked Syria to support its own
air strike and prevent the collateral damage. This type of cyber-attack could be classified as
military one with no confuses.
A virus called Stuxnet which was found more than one year after launch was probably
scheduled to take down centrifuges in Iran because more than half of affected computers where
in Iran (Geers, 2011). The most problematic issue on Stuxnet is firstly unknown origin, secondly
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 4 | 16 –
that it affected thousands of computers around the world because this worm was designed to
maliciously manipulate common commercial software and thirdly, one whole year nobody knew
that it exists and operating on the Internet (Falkenrath, 2011). The question which arises at this
point is whether the commercial companies will cooperate or will be forced to cooperate with
governments when they are not the origin of the threat but only a pathway between adversaries.
It is not only this question which raises a dilemma to be resolved in the future. Stuxnet is just an
evidence that malicious half megabyte could harm highly sensitive systems such as nuclear one
with unknown origin. This fact must interest governments.
2.4. The origin of cyber-security discipline
Department of Defense in US named cyber dimension as a military domain like land, sea,
air and space in the Quadrennial Defense Review Report (DoD, 2010). Cyber space had been
more understood as a tool than the whole domain before. Politics and the public had to be
convinced that the threat is serious and the attacker could be a clever individuality rather than a
strong state (Geers, 2011). This fact has been proved several times. For instance we can
remember the attack of Mafia Boy (Barabási, 2002; Geers, 2011), a fifteen years old kid who
smashed the network of the most important commercial giants like eBay or Yahoo for hours or
days and cause injuries counted in millions of dollars. He did it from the home computer.
Mentioned cyber-attack of Syria by Israel or Stuxnet are well chosen examples to demonstrate
that the attacks by state to harm another state exist and could be evaluated on military level.
Mafia Boy taught us that there is no age limit of hackers who could harm world security.
We should fairly say that such discipline on the political level has been finding its place
during the last years. The first straight forward cyber threat analysis center was established in
Tallinn, Estonia in 2008. It is named NATO Cooperative Cyber Defence Centre of Excellence
(CCD COE). It does not belong under NATO command nor funded by NATO, but provides wide
analytic products to NATO nations on independent basis and funded by the nations directly.
CCD COE was established “to enhance the capability, cooperation and information sharing
among NATO, NATO nations and partners in cyber defence by virtue of education, research and
development, lessons learned and consultation. (CCDCOE, 2011)” On the level of IT specialists
the beginning could be placed into the year of 1995 when the first standards of the computer
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 5 | 16 –
security was written (Bosworth & Kabay, 2002). Those standards are the first wide accepted
standardized methods which should be followed in accordance to defend personal computers
against external threat.
On the other hand in the year of 2010 we can find eight governmental agencies analyzing
and facing cyber-attacks to United States (Joubert, 2010). US administration have been finding a
way how to tackle with cyber threats. Hence Clinton’s administration put emphasis on the cyber
threat in Presidential Decision Directive/NSC-63 in 1998 which was focused on securing critical
infrastructure of the nation state. This directive was superseded by Homeland Security
Presidential Directive-7 on 17th
December 2003 (DHS, 2008). In the same year US
administration created The National Strategy to Secure Cyberspace (TheWhiteHouse, 2003).
This strategy was created to establish a communication and organizational framework for cyber
security related agencies and to raise the competitiveness in this domain. According to this
National Strategy several exercises like Cyberstorm I&II were conducted to prepare all related
capabilities for possible cyber-attack (Geers, 2011; Joubert, 2010).
3. Environment prepared for cyber attack
3.1. Events involved in cyber security related situations
I mentioned that according to Barabási’s theory of networks all nodes within chaotic
organization tend to organize itself. More detailed explanation using better example is the fact
that not all of the websites are equally important, not all people are equally important, so not all
people are under same surveillance for instance. All people around the world connect to different
web servers or looking for partners according their preferences. This behavior primarily creates
more visited sites and less visited sites. The amount of visitors makes the site important, rising
visitors raises the position of the site on search engines. If we take into consideration for instance
the Facebook, 800 million of users is a high number. But the most important number is that 400
million connect every day (Facebook, 2011). This fact make Facebook the best place for
distribution any malicious software; it is a center of social network between people provided by
the Internet network and the Facebook service. If the users were not permitted to use Facebook
in work on sensitive computers connected to sensitive local networks, they would be infected
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 6 | 16 –
differently. For example in 2008 the military computer situated in Middle East was infected by a
virus transferred on USB flash disk instead of direct attack through Internet (Lemos, 2010).
According to this article almost 50% of US companies have been infected by USB flash disks
simply because of the fact that the computers at homes are not under surveillance of experienced
administrators as those computers in companies. But they are used with the same USB sticks in
the same date by inexperienced users.
Firstly, people tend to make their lives comfortable. Most of them do not want to be
computer geeks, so they will choose the simplest, beautiful, functioning and accessible solutions.
Those are not solutions requiring participation on security issues. Secondly, employer cannot
force their employees to not use their home situated computers just because prevention. Thirdly,
there will be always equipment such as USB sticks which will be capable to transfer malicious
software over firewalls by human mistake or there will be always security holes in firewalls in
direct connection. Hence human and him/her performance influencing him/her reliability cannot
be changed significantly and will be the most used method to attack computers because the
reliability only change the probability of error. It means that according to Zeno’s paradox with
Achilles and turtle there will be always a portion of possible error. For attacker using zombie
computers or botnets (see chapter 3.2 below) a small portion of error is a huge hole. Facebook
with almost one billion of users must be incredible bait for any hacker trainees and stolen data of
100 million users last year is the evidence (BBC, 2010). The fact that the data were not probably
abused but only stolen by unknown hacker and provided to public by torrent1 is the evidence of
her/him exhibitionism or demonstration of power. Power of individuality and this power matters.
3.2. Cyber-attack targets and weapons
There are three basic forms of possible cyber-attack regarding what the hacker want to
do. The first targets confidentiality of data, second targets integrity of information and third
targets availability of computers – DoS attack – Denial of Service (Geers, 2011). Confidentiality
of data means stealing of sensitive information and using them for not mentioned purposes of
their owners. By this attack the hackers are able to create whole ghost networks, also called
1 Torrent is technology for downloading of files which cannot be deleted from internet, because they are situated on thousands of
computers in dozens of instances. Torrent tracker only track the availability of parts of the file and distribute it to downloaders from downloaders
who already downloaded the particular part.
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 7 | 16 –
botnets, which are capable to do the final attack over any target, but without possible reversal
disclosure of the attacker (Nazario, 2010). Integrity of information is less known but also highly
problematic. Hackers are changing the data by the way of their own intention. It could consist of
changing the data on website for particular time or redirect domains to malicious websites. It
includes also stealing of key data for criminal or military purposes like sabotage. The third form
of attack influences availability of computers or services their usually provide and includes well
known DoS attack. DoS consists mainly of huge amount of digital requests from botnets to one
particular server and causes shutting down of the server by overflowing its capacity. When
conducted in chain it could harm whole farms of servers and taking down some key services
such as air defense in Syria before air strike of Israel (Geers, 2011). It is important to emphasize
here that DoS attack cannot be simply closed preventively by firewalls, because closing the port
by firewall is a response of the server. Hence also restricted access creates response of the server
and response takes processor computing time.
I wrote earlier about self-indulgence of common computer users. Those are the most
powerful weapon at all. It is not about taking down huge firewall on huge systems by one
sophisticated attempt with logged information what happened to administrator. It is all about an
invisible penetration of security by human mistake (USB sticks with family photos or one
successful chain on Facebook). If hacker targets sufficient amount of people who will be willing
to open malicious emails or copy infected photos to USB stick which they use for work purposes
too, the networks will be vulnerable forever. There are no countable holes in security which
could be covered. There will always be one particular hole for one particular attack for particular
portion of time for one pivotal attack in particular date. The cyber space is under development by
millions of developers constantly. Security matters, but against kids who are in training mode so
far. “If the attacker is careless and leaves a large digital footprint (e.g., his home IP address),
law enforcement may be able to take quick action. If the cyber attacker is smart and covers his
digital tracks, then deterrence, evidence collection, and prosecution become major
challenges.(Geers, 2011, p. 36)”
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 8 | 16 –
4. Answering to cyber threats and attacks
4.1. IPv6 protocol
The first problem is a technical character of the Internet. The communication protocol
IPv4 is old almost as the Internet itself and provides wide amount of identity stealth possibilities.
New protocol IPv6 is under development for years, it is already implemented, but not widely
used. At my own opinion it will be implemented in democratic countries with obstacles because
at first or at last it damages the core principle of the Internet, the anonymity. The only one
forcible technical argument is the limit of IP addresses within IPv4, but this can be solved by
NAT and local networks. Do we really need a fridge connected to the internet on its own IP
address? We can solve it by bridging over NAT in our router by specific ports, hence we do not
need it and we will not early. But when the human being will be covering whole solar system by
technical devices we will need it immediately. It is about perspective in which position we are in
present day. The discussion will be about technical issues but background will be at first political
or security related. It will be governments who will be forced to make a decision, but the
transition will be slow and complicated (Geers & Eisen, 2007).
4.2. Cyber space characteristics
Strategy of deterrence was invented when the USA and the Soviet Union developed
enough powerful weapons to destroy the whole world, the absolute weapon (Brodie et al., 1946).
At this point destroying of an enemy loses its meaningful sense as it endangers the attacker itself.
It created MAD concept of Mutual Assured Destruction (Burchill, 1996). Cyber space has
specific character which could be stressed by Stenley Milgram’s psychological theory of the
authority obedience (Milgram, 1974). Imagine the situation on a scale of two extremes. One
extreme represents the situation when a hacker sitting in front of a computer training what is
possible in cyber space and cannot evaluate the authentic results of his/her behavior because
he/she is not in touch with witnesses of the attacker’s results. For example any shut down of the
electricity over half of the Europe will not provide with the circumstances of car accidents in
cities with pedestrians to the hacker. He/she will not take into consideration the chain of
accidents caused. On the other extreme pushing the Enter key running a huge cyber-attack under
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 9 | 16 –
command of high authority will never be understood by the attacker the same way as the knife in
hand during face-to-face fight. Remember the advertisement about software piracy – you are not
going to steal a car, so how you can steal a movie? Hence on both extremes we have very
different situations, but the psychology works the same way. Today it is commonly known
psychological concept. Cyber space emphasizes its power. However, how should we deter a
possible attack when the circumstances are unknown for the attacker? Who is the attacker?
On the one hand attacker is highly isolated from the victims, especially when the victims
are the result of chain of the causes. On the other hand state is identifiable subject when firing a
rocket, not simply when firing a DoS attack (Geers, 2011). Hacker could be hidden behind
highly sophisticated identity firewalls and proxies. The possibility to be hidden is fact as the
example of Estonia cyber-attack in 2007 showed us (Geers, 2011; Kaminski, 2010; Nazario,
2010). The sources of the attack were botnets in the USA but the ignition of the attack was
moving of the statue of Russian soldier from the center of Tallinn to the city border.
Investigation never uncovered who stood behind the attack and an idea of state supported or
directly conducted attack is only a speculation (Nazario, 2010). In the end of the investigation
Prime Minister of Estonia Urmas Paet accused Russia, but no evidence was collected to support
such claim (Wickramarathna, 2009, August 27).
4.3. Deterrence as a possible defense strategy
It is not so simple to deter a state from cyber-attack as the probability of uncovering
attacker after well conducted attack is near to zero. It is possible to deter a hacker who is training
his/her teenage hacking capabilities (Geers, 2011) but as argued in the previous paragraph it is
not possible to deter somebody who is obeyed to authority and know that the curtain of identity
is reliable. The obedience to authority prevails over moral values of persons (Milgram, 1974).
Nevertheless, approaches considering the defense against cyber-attack are mainly focused on
deterrence or defensive attacks with effect of deterrence (Gable, 2010; Geers, 2011; Kaminski,
2010; Libicki & Force, 2009).
Gable (2010) suppose that the deterrence by universal international law is the best way
how to avoid cyber-attacks when there is not feasible prevention. Other authors argue that rise
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 10 | 16 –
and speed of hacking tools development is astonishing (Geers, 2011) and based on the fact that
deterrence is the only way how to avoid cyber-attacks. I argue that we should make difference
between state conducted war and patriotic nation war conducted by private persons who are
powered by their own passion. This was the pivotal question when accusing Russia after the
attack on Estonia.
However, international organizations have made important steps too. Since 2004 OSCE
have been focusing on cyber terrorism as on one of the focal point. NATO has taken several
steps, most important is the agreement on common security policy on cyber defense in Bucharest
on 2008 which was the precedent of creating mentioned CCD COE (Gable, 2010). NATO has
not recognized cyber-attack as clearly military attack. It means that Article V cannot be utilized.
New institution named Critical Information Infrastructure Protection Initiative was established
within European institutional framework. UN Security Council have created several resolutions
since 2001 which addresses cyber terrorism or using cyber space for terrorist attacks and calls
upon international cooperation to tackle it (resolutions: 1373, 1566, 1624).
According to Gable the most important step is the Council of Europe’s enactment of the
Convention on Cybercrime in 2004. He supposes that “The Convention is significant because it
is the first multilateral treaty to address the issues of computer crime and electronic gathering of
evidence related to such crimes. As of July 17, 2009, twenty-six states had ratified the
Convention, and an additional twenty had signed but not ratified it. (Gable, 2010, p. 94)” OSCE
and Interpol reacted positively on this Convention as “providing an important international legal
and procedural standard for fighting cyber-crime.(Ibid)” Those are important steps for possible
deterrence as the international jurisdiction is needed. Also general indication of cyber-attack as
internationally recognized threat and crime is highly important for deterrence, especially against
highly intelligent kids which surpassing the previous generations in computer excellence.
Technology matters too. If the state is prepared for cyber-attack it will be less likely for
cyber terrorists or adversary states to fulfill their intents. Technological deterrence does not lie
only on high capable firewalls as argued above, but it lies also on capability of powerful
retaliation. During such method of defense the question about escalation is highly on place
(Libicki & Force, 2009). If the reaction will not be targeted, but based on unorganized spread out
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 11 | 16 –
of distributed DoS attacks, one has to take into consideration that also the domestic systems can
be harmed. At this point cyber war could grow to level where MAD concept becomes realistic.
Nowadays the power of cyber weapons is maybe not so high, but we can predict simply
following development of human dependency on cyber infrastructure.
However, a distinction needs to me made between non dangerous crime and highly
dangerous threat. Regarding the crime, Europe already established an agency called ENISA –
European Network and Information Security Agency, but its mandate focus strictly to the cyber-
crime and related jurisdiction (ENISA, 2012).
We have to take into consideration that the recent “successes” of closing down
megaupload.com on 19th
January 2012 or library.nu on 15th
February is the reaction of so called
cyber-crime against intellectual property. Those cases will primarily open a public discussion.
Physical libraries don’t infringe the law while they are renting books, so why it is needed to close
down functional digital distribution system which only has to begin share their revenues with the
authors? This is act of distributors instead of the authors and such criminal law infringement is
highly questionable, because it raises questions whether the law doesn’t need to be reconsidered
regarding new technology possibilities. The second part of cyber related crime is cyber threat,
because its activity threats the society in security issues and at last puts the lives of people under
the threat. There are no questions while human security is in danger. In this case Europe has been
sleeping out of doubt.
4.4. The European approach
On 23rd
November 2001, in the shadow of 9/11 attacks and related consequences, a
conference related to cyber-security and European approach took place in Budapest. The
outcome of the conference was to motivate states in policy development regarding new cyber
related threats such as any computer related fraud, copyright infringements, child pornography or
network security violations. Treaty entered into force on 1st January 2004 (Council-of-Europe,
2012). It is important to note that during the conference the distinction between cyber-crime and
cyber-threat was vague. CCD COE according to the web pages (www.ccdcoe.org) was finally
established in 2008. As mentioned above the consequences of a cyber-attack had been
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 12 | 16 –
underestimated for a long time. The wake-up day for Europe was the attack to Estonia in 2007.
In March 2011 French government was attacked and forced to unplug 10.000 servers (Larive,
2011). Since then the cyber security and cyber threats have been becoming an extremely hot
topic. The Europe realized inherently that there is no strategy, nor defense against any such
attack which could very seriously harm whole society and cause immense injuries.
There is no consent who should take the responsibility under its agenda. It is not clear
whether Council, Commission or EU agencies should be in charge (Larive, 2011). Countries
within EU have their own strategies which aim to mainly same issues, but they hardly cooperate
even though they are stressing on the international cooperation as one of the most important
factor in reaching the success. The other similar factor regarding their strategy is the focus on
personal and individual responsibility of their electronic devices (CzechGov, 2011; DutchGov,
2011; FrenchGov, 2011; GermanGov, 2011). This fact is great news, but as mentioned above
people don’t mind about the security threats in their personal computers as they would like to
feel comfortable at first. It is not time to celebrate since majority of EU members don’t have their
own national strategy to date. This fact is extremely dangerous, there is no reason to postpone
creation of such strategies whereas the consequences of unsecured infrastructure is already
known.
Germans opened their center in June 2011, Czechs doesn’t have such specialized center,
the agenda is established under the Ministry of Defense and located in Brno, but Czechs highly
contribute to the Estonian NATO Center of Excellence. The other countries are going to open or
open their own cyber-security related offices during 2010 or 2011 (ibid.), hence the agenda is
very young and unexperienced. In June 2011 the responsible representative of the EU states met
in Brussels and talked about the shared EU cyber-security policy where Estonian minister of
Defense said that “If we are serious about the possible damage that bombs and bullets can
cause, then we should also give serious consideration to the dangers that can be sent through
global networks, because they can be used to strike at a country’s energy security, and damage
its economy and intellectual property. (Larive, 2011)” It seems that Europe already woke up and
started the cooperation regarding their national cyber-security strategies. The agenda within EU
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 13 | 16 –
is coordinated by a Commissioner Cecilia Malmström. She wanted to expand the competences of
ENISA, but the decision has not been made to date.
Above ENISA EU is preparing an opening of the Cybercrime Center in 2013 which will
have to deal with the most serious cyber-threats. Purpose of the Center is to provide a
functioning body “through which Member States and EU institutions will be able to build
operational and analytical capacity for investigations and cooperation with international
partners. (House-of-Lords, 2011)” This Center will be probably established under Europol
structures and its mandate will be mainly to support the existing centers within the national states
and provide unified measures, support and evaluation for their work as well as training, provide a
special knowledge, capacity for investigation and finally it shall be the body for wide effective
cooperation between involved institutions and national agencies, ENISA including.
The biggest challenge mentioned in all the above cited national strategies or reports are
the cooperation with the private sector. It holds knowledge and highly specialized professionals
with long-lasting experience which should be used in dealing with any cyber-threats and cyber-
crimes. On the other hand the pace how the cyber world is developing is amazing and building
society dependent on information systems and making all the systems inter connected is a
creation of the threat itself. I doubt whether it is finally possible to fulfill such a mission. First,
the national strategies tend to stand behind of the sovereignty of its state founder indeed, while
the cooperation against cyber-threats must be global – not globally coordinated – or the attacker
will have key advantage. Second, I am convinced that those working within such centralized
security related centers will tend to break the security defense which they are actually working
on. It is not a joke, because strengthening the defense will be their daily occupation, they must
test it somehow. Those people live their parallel lives, hence in the work they will fulfill their
duties with state related honor, at homes their will fulfill their personal related honor. Third, the
cooperation of the private sector is needed of course, on the other hand who can expect that they
will do it for another purpose than their own selfish market oriented advantages? This kind of
cooperation will tend to give a preferential treatment for involved ones. It’s liberally naïve.
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 14 | 16 –
5. Conclusion
This article does not provide such space to describe all mentioned concepts or approaches
in detail, but it should provide with introduction to cyber security concepts with some related
authors arguments. The essence of cyber security is firstly the fact that small amount of people
take care and recognizes it as serious threat, especially the public whose computers are
commonly abused as botnets or modified to zombies; hence they play their role in cyber war
unwittingly. Secondly finding the source of any attack is highly complicated; hence the attack is
usually shadowed by anonymity. Thirdly we can be sure that the threat will be more serious as
the modern society will be more dependent on network infrastructure and new IPv6 will create
new threats after all, new ways of attack, new holes in security and new losses as it will create
new infrastructure no matter on how superior the security will be. Fourthly deterrence is the most
powerful defense, but the contemporary jurisdiction is weak. Internet is the anarchic space par
excellence and jurisdiction is needed, but the essence of internet is freedom of sharing
information what supported democracies and created new ones; hence creating powerful and
sensitive jurisdiction is essential on the following endeavor, but will have to face obstacles.
An attempt for a wisecrack in the end: can we imagine a virus written directly for
Facebook with goal to start DoS attacks at the same second from 500 million computers to shut
down all power plants around the world or fire all nuclear bombs? When we experienced
capability of Stuxnet which was not uncovered for one (!) year, a virus capable to shut down
nuclear centrifuges in Iran, what kind of virus will be written for Facebook? Who will be the first
person solving such attack, a 27 years old billionaire? Cyber space have created series of
unpredictable astonishing surprises, hence there is no more capable field of security research
which could provide us with unpredictable surprise maybe tomorrow.
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 15 | 16 –
Bibliography
1. Barabási, A. L. (2002). Linked: the new science of networks: Perseus Pub.
2. BBC. (2010). Details of 100m Facebook users collected and published Retrieved 28.12.2011, from
http://www.bbc.co.uk/news/technology-10796584
3. Bosworth, S., & Kabay, M. E. (2002). Computer security handbook: John Wiley & Sons.
4. Brodie, B., Dunn, F. S., Wolfers, A., Corbett, P. E., Fox, W. T. R., & Studies, Y. U. I. o. I. (1946). The
absolute weapon: atomic power and world order: Harcourt, Brace and Company.
5. Burchill, S. (1996). Theories of international relations / Scott Burchill and Andrew Linklater with Richard
Devetak, Matthew Paterson and Jacqui True. New York: St. Martin's Press.
6. CCDCOE. (2011). NATO Cooperative Cyber Defence Centre of Excellence Retrieved 28.12.2011, from
http://www.ccdcoe.org/
7. Council-of-Europe. (2012). Budapest convention on cyber-crime. Retrieved from
http://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=185&CM=8&DF=02/06/2010&CL=E
NG.
8. CzechGov. (2011). Cyber security strategy of the Czech Republich for the 2011 – 2015 period.
9. DHS. (2008, 8th September 2008). Homeland Security Presidential Directive 7: Critical Infrastructure
Identification, Prioritization, and Protection Retrieved 28.12.2011, from
http://www.dhs.gov/xabout/laws/gc_1214597989952.shtm
10. DoD. (2010). Quadrennial Defense Review Report: Department of Defense, Washington D.C.
11. DutchGov. (2011). The National Cyber Security Strategy (NCSS), Success through cooperation.
12. ENISA. (2012). European Nework and Information Security Agency Retrieved 16.2.2012, from
http://www.enisa.europa.eu/
13. Facebook. (2011). Official Statistics. Facebook Retrieved 28.12.2011, from
http://www.facebook.com/press/info.php?statistics
14. Falkenrath, R. A. (2011). From Bullets to Megabytes, New York Times, The (NY), p. 31. Retrieved from
http://www.nytimes.com/2011/01/27/opinion/27falkenrath.html?_r=1
15. FrenchGov. (2011). Information systems defence and security - France’s strategy.
16. Fulghum, D. A., Wall, R., & Butler, A. (2007). CYBER-COMBAT'S FIRST SHOT. [Article]. Aviation
Week & Space Technology, 167(21), 28-31.
17. Gable, K. A. (2010). Cyber-Apocalypse Now: Securing the Internet Against Cyberterrorism and Using
Universal Jurisdiction as a Deterrent. [Article]. Vanderbilt Journal of Transnational Law, 43(1), 57-118.
18. Geers, K. (2011). Strategic Cyber Security: NATO CCD COE Publication.
19. Geers, K., & Eisen, A. (2007). IPv6: World Update. Paper presented at the 2nd International Conference on
Information Warfare and Security.
20. GermanGov. (2011). Cyber Security Strategy for Germany.
CYBER SECURITY – the challenge of the nearest future
Article written for course EU after the Cold War taught by George Hays II, 3rd semester IRES, Metropolitan University Prague
– 16 | 16 –
21. House-of-Lords. (2011). European Union Committee - Seventeenth Report The EU Internal Security
Strategy. Retrieved from
http://www.publications.parliament.uk/pa/ld201012/ldselect/ldeucom/149/14902.htm.
22. Joubert, V. (2010). GETTING THE ESSENCE OF CYBERSPACE; A THEORETICAL FRAMEWORK TO
FACE CYBER ISSUES. Paper presented at the Conference on Cyber Conflict Proceedings 2010.
23. Kahney, L. (2009). Inside Steve's Brain: Penguin Group USA.
24. Kaminski, R. T. (2010). ESCAPING THE CYBER STATE OF NATURE: CYBER DETERRENCE AND
INTERNATIONAL INSTITUTIONS. Paper presented at the Conference on Cyber Conflict.
25. Larive, M. (2011). Where does the EU stand on the development of a cybersecurity strategy? Retrieved
16th February, 2012, from http://foreignpolicyblogs.com/2011/09/09/where-does-the-eu-stand-on-the-
development-of-a-cybersecurity-strategy/
26. Lemos, R. (2010). Security's Gaping Hole: USB Flash Drives. Information week Retrieved 28.12.2011,
from http://www.informationweek.com/news/security/client/227300112
27. Libicki, M. C., & Force, P. A. (2009). Cyberdeterrence and cyberwar: RAND.
28. Milgram, S. (1974). Obedience to authority: an experimental view: Harper & Row.
29. Nazario, J. (2010). Politically Motivated Denial of Service Attacks. Arbor Networks, United States.
30. TheWhiteHouse. (2003). The National Strategy to Secure Cyberspace. Washington, DC.
31. Wickramarathna, W. (2009, August 27). Defining cyber terrorism. Online edition of Daily News Retrieved
29.12.2011, from http://www.dailynews.lk/2009/07/27/fea02.asp