Cyber Infrastructure Protection 2015 Cyber Security: a good defense is a cooperative international...

Cyber Infrastructure Protection 2015

Cyber Security: a good defense is a cooperative

international deterrence capability

By:Haidar Chamas & Tarek Saadawi

City University of New YorkCenter for Information Networking

and Telecommunications (CINT)

All Rights Reserved 2015 1Center for Information Networking and

Telecommunications

All Rights Reserved 2015 2

Introduction and Background Cyber Security threats and challenges

New Cyber Security threat: Weaponized Internet

Proposed International Cyber Union Model ICU Structure Regional models International Cooperation and Trust Building

Automated Intelligent deterrence capability Conclusion

Outline

Center for Information Networking and Telecommunications


Global communication infrastructure accessible virtually from anywhere by anyone to share, exchange, or to download information online.

This infrastructure supports important commercial assets for conducting electronic transactions globally.

What is Cyberspace?



Protection mechanisms for the information that is stored or transported through cyberspace.

What is Cyber Security?



Exploiting system vulnerabilities Steal, misuse, or alter your information and credentials Own your system; create backdoor to install malicious code or malware

Growing Malware development Community Rise in attack tools complexities and resources Increase in malware code ≈ Increase in automation and acceleration of

attacks Determined Intelligent and sophisticated cyber criminals Improved processes and complexity

Makes it difficult for individuals to counter measure attacks

Rising market values for identity theft and stolen data Market Value…driven by Demand for types of data stolen

Type of Cybersecurity threats



The President, in Sep. 2015 said that Cybercrimes are: becoming the norm increasing in complexity and

sophistication presenting us with new challenges

Cyber-crimes and Cyber-threats



“NYPD computer system under daily attacks”Daily News, April 2009

The Internet Kill Switch: A Bill in draft mode proposes that the President of the USA “May declare a cyber-security emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal government or United States critical infrastructure information system or network” Network World, April 2009

Cyber Security Balancing Act: Government IT Pros face growing threats--- and compliance requirements Information Week, April 2009

“US is under cyber attack virtually all the time, every day”Secretary of Defense, Robert Gates, CBS 60 Minutes, April 2009

“Pentagon’s Computers invaded – design features of F-35 Jetfighter gleaned”

Wall Street Journal, April 2009

Headlines from CIP 2009 conference



Experian (T-Mobile) 15 million records

Donald Trump Hotels Ashley Madison

37 million records 10 thousand government officials

Office of Personal Management (OPM) 22 million records

Anthem health care 80 million records

Headlines from CIP 2015 Conference



CIP’15 cyberattacks headlines are not different from those in CIP’09;

they have increased five-fold, are more sophisticated, bolder, and becoming a threat to

global peace.

new game plan: think smarter, out of the box, and build a

global collaborative effort to effectively combat cyber-

threats.Center for Information Networking and

Telecommunications


International deterrence capability Laws and cooperation

The right tools that: Remedy user errors Ensure policies, implementations,

configurations are carried out correctly Protect sensitive data Provide relevant deterrence thru education

What is missing?



President Obama issued EO 13636 in 2013 to: take specific steps to improve information sharing with the

private sector raise the level of cybersecurity across our critical infrastructure enhance privacy and civil liberties

NIST released cybersecurity framework in response to President Obama EO to:

ensure America’s economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet.

The President’s Executive Order



Mr. Ash Carter indicated that the DoD Cyber Strategy sets clear and specific objectives for the DoD to achieve over the next five years and beyond. Primary missions include:

1. DoD must defend its own networks, systems, and information

2. DoD must prepare and be ready to operate in an environment where access to the Internet is contested

Secretary of the Defense DoD Cyber Strategy 2015



World Community under Threat

World Peace

CrosshairIn the Center for Information Networking and

Telecommunications


We are entering a new phase of cyber-threats and cyber-attacks having global impact on relations and economy increasing in complexity and sophistication presenting new challenges in detecting and

mitigating threats utilizing anonymous actors for hire expanding into military and weapons domains

New Threats: Weaponized and Militarized use of the Internet



Wanabee Hackers Organized Crime

Terrorists

Internal/External Agent

The Bad Guys with a mission

Hactivists


TOP

Secr

et

Trade

Secret

$$$


Exceptional Access channels: Law Enforcement channels and tapping tools Back Doors

Remote Access support: SOFTWARE MAINTENANCE Updates Technical support

Products & Marketing data collection

Using The Good Guys communication Channels



The world community needs to establish an International Cyber Union that will provide leadership in combating cyber threats. The ICU objectives are to promote cyber cooperation and data sharing on

attacks and mitigation, establish a set of cyber policies and laws, and collaborate on technology research and education.

Establish appropriate regions and determine their internetworking models in combating international cyber crimes: Regions may utilize the DNS registration model (ARIN, LACNIC, RIPE,

APNIC, AFRNIC) Region may super impose infrastructure and technology access means over

geographical boundaries (Americas, Africa, Europe, Arab States, East Asia & Australia & New Zeeland)

Regions can forge relationships based on their cybersecurity needs

What must be done!



ITU model: Africa, Americas, Arab States, Asia and Pacific,

Common Wealth of Independent States (CIS), and Europe

ICU models to consider? Combine Americas and Greenland? Combine Latin America with N. America? Create an Australia and New Zealand region (Oceana)? Keep CIS region part of Europe?

ICU Regional Models



ICU Regional ModelAmericas, Africa, RIPE, and AsiaPac



Promote international norms, open, and secure cyberspace Promote peaceful use of cyberspace and outlaw the use of

cyberspace as a weapon or for military gains Ensure a set of cyber policies, laws, and penalties, globally Promote cyber education, legal awareness, and best practices Investigate international cyberattacks as cybercrimes punishable

by laws regardless where the cyber crime is committed Impose appropriate penalties and award financial damages as a

result of cybercrime activity Promote cybersecurity research & standards (technical and

legal)

International Cyber Union:Mission


ICU Cyber Security Challenges

Security Policy &Administration

Regional Cyber

Laws

Sec

urity

Man

agem

ent

Technology Standards

RegionalInformation Sharing

Education

Local Laws

Tools


Telecommunications


The Regional Cybersecurity Committee (RCC) Policies and Administration.

Promote global economic and e-commerce activity Improve cybersecurity communications and trust amongst

nations Outlaw use of Internet as weapon or military use

Technical Standardized cyber technology, best practices, education and

training Cyber monitoring, tracking, and identification Mitigation and prevention techniques

Legal Implement Cyber laws Develop global legal awareness Establish standardized Guidelines and penalties



Promote efforts to establish global laws: Cybersecurity laws and guidelines are quiet mature in the US

but they are not widely applicable internationally The Shanghai Cooperation Organization (SCO) in Asia have

highlighted the relationships and cooperation regarding IT, cyber norms, and cyber security as well it signifies the role of information and technology to promote economic and social development for all of mankind

European Union established the Cyber Crime Center (EC3) as the focal point for handling and responding to cybercrimes

ICU Cooperation and Trust building



ICU can play a leading role in promoting an intelligent deterrence capability utilizing existing efforts made by: Standard bodies leading cybersecurity activities: IEEE, ITU,

MITRE, NIST, ACM, and many more Computer Emergency Response Team Centers International cybersecurity consortiums such as defense

techniques of Consortium for Cybersecurity Action (CCA) formed by international agencies and governments to bring together & promote cyber security

Other consortiums: Center for Infrastructure Assurance and Security (CIAS), Cybersecurity Research Consortium (CRC) in the US, India’s Infosec Consortium (IIC), and Europe’s System Security (SYSSEC)

ICU intelligent deterrence capability



Encourage nations to cooperate with CERT centers and to build cybersecurity trust. Utilize ITU’s Global Cybersecurity index (GCI) score

(zero to one) to measure progress made by a nation’s based on five categories: Legal Measures Technical Measures Organizational Measures Capacity Building Cooperation

ICU Information sharing and trust building



Telecommunications


Evaluate communication flow Inspect flow, isolate, re-direct, or analyze it Quarantine malicious traffic in real-time Share attack relevant data

Understand fully the behaviors of services and system interactions and develop models that offer: Object level abstraction Role based profile based authentication User dialogue with services via control and data layers Data and Level aware sensitivity Enforceable policies

Threat classification and taxonomy models Study of attack behaviors and countermeasures

Automated Intelligent Systems



We urgently need to establish the ICU to oversee Internet security globally.

Promotes cybersecurity standards and research Establishes minimum set of laws and enforce them

globally Provides a platform for international cooperation

Develop automated intelligent systems to identify and quarantine malicious traffic in real-time

Modeled on behavior of services and system interactions

Conclusion


Date post:	18-Jan-2016
Category:	Documents
Upload:	duane-ball
View:	219 times
Download:	0 times

Cyber Infrastructure Protection 2015 Cyber Security: a good defense is a cooperative international...

Documents