Protection of Critical Infrastructure

Transcription

1 Prtectin f Critical Infrastructure Speaker: Mindaugas Razbadauskas Cmmunicatins Regulatry Authrity f the Republic f Lithuania 4-5 th Octber Belgrad Slide 1 f 22

2 Critical Infrastructure Prtectin Critical Infrastructure (CI) means an asset, system r part theref lcated in Member States which is essential fr the maintenance f vital scietal functins, health, safety, security, ecnmic r scial well-being f peple, and the disruptin r destructin f which wuld have a significant impact in a Member State as a result f the failure t maintain thse functins; Slide 2 f 22

3 The Plicy Cntext Cmmunicatin n Critical Infrastructure Prtectin (CIP) in the Fight against Terrrism COM (2004) 702 final Green Paper n a Eurpean Prgramme fr Critical Infrastructure Prtectin (EPCIP) COM (2005) 576 final Cmmunicatin n Eurpean Prgramme fr Critical Infrastructure Prtectin (EPCIP) COM(2006) 786 Directive (2008/114/EC) n the identificatin and designatin f Eurpean critical infrastructures and the assessment f the need t imprve their prtectin Cmmunicatin n Critical Infrmatin Infrastructure Prtectin Prtecting Eurpe frm large scale cyber-attacks and disruptins: enhancing preparedness, security and resilience COM (2009) 149 Slide 3 f 22

4 Critical infrastructure sectr list Energy Infrmatin, Cmmunicatin Technlgies, ICT Infrmatin system and netwrk prtectin Instrumentatin autmatin and cntrl systems (SCADA etc.) Internet Prvisin f fixed telecmmunicatins Prvisin f mbile telecmmunicatins Radi cmmunicatin and navigatin Satellite cmmunicatin Bradcasting Water Fd Health Financial Public & Legal Order and Safety Civil administratin Transprt Chemical and nuclear industry Space and Research Slide 4 f 22

5 Critical Infrmatin Infrastructure Prtectin The ICT sectr is vital fr all segments f sciety 60 % f citizens regularly using the Internet 94 % f enterprises having access t the Internet 37 % f citizens using e-cmmercial service 30 % f citizens and 72 % f enterprises using the Internet fr interactin with public authrities 32 % f citizens using the Internet fr internet banking Accrding Eurstat statistics ICT is underpinning platfrm f ther critical infrastructures Transprt Energy Financial Etc Slide 5 f 22

6 Critical Infrmatin Infrastructure Prtectin Threats f critical infrmatin infrastructures: Man-made attacks (Terrrism, Cyber-Attacks (DS, DDS, Spam..) ) Natural disaster (lightning, fld, hurricane, earthquake ) Technical failures (hardware, sftware, cables damage especially transcntinental cables damage ) Sftware vulnerability (virus, wrm, trjan...) Human errr (cnfiguratin errr ) Slide 6 f 22

7 Lithuania Brief verview f cuntry situatin Territry: km² Inhabitants: 3,5 mil. 1 majr fixed line peratr 3 GSM peratrs 109 ISPs 149 % mbile penetratin Highest fiber penetratin (18%) in Eurpe 59.3 % Internet Penetratin Slide 7 f 22

8 Lithuania s Internet infrastructure resilience survey The main pririty f the Lithuanian survey is t evaluate the resilience f the natinal Internet netwrk infrastructure. Tasks: - t set up a scheme f Lithuania s intercnnectins, t identify directins f the internatinal gateway, the ttal bandwidth and the speed rate; - t identify critical ndes in Lithuania, a vilatin f which culd affect the functinality f the Internet; Peridic cllectin f data since 2007; Slide 8 f 22

9 Survey methdlgy Cllected infrmatin frm ISPs: ISP autnmus system number (ASN) Intercnnectins links ISP name (ASN) Technical cnnectin type Cnnectin speed rate Cnnectin type IXP lcatins Respnsible fr IT and security emplyees cntacts Slide 9 f 22

10 Survey methdlgy (example) Slide 10 f 22

11 Survey tls Visualizatin tl (Website) SQL database Slide 11 f 22

12 Result f survey Lithuania s ISPs intercnnectins verview: 109 Lithuania s ISPs 34 ISP autnmus system ~590 intercnnectins ~540 natinal intercnnectins ~170 transit intercnnectins ~370 peering intercnnectins ~50 internatinal intercnnectins ~20 transit intercnnectins ~30 peering intercnnectins Lithuania s ISPs are sufficiently densely intercnnected with each ther Slide 12 f 22

13 Natinal transit cnnectins: Result f survey Transit is an agreement where an ISP agrees t carry traffic n behalf f anther ISP r end user. 170 transit cnnectins in Lithuania s netwrk T identify the main transit ISPs in Lithuania we use this criteria f ISP: Autnmies system number Internatinal transit (Upstream) intercnnectins Natinal transit (Dwnstream) intercnnectins Slide 13 f 22

14 The main transit ISPs in Lithuania Result f survey 3 biggest Lithuania s ISPs (ASN) which prvide natinal and internatinal Internet transit fr ther Lithuania s ISPs Slide 14 f 22

15 Internatinal transit cnnectins: Result f survey 10 ISPs has 13 intercnnects with freign ISPs 3 internatinal intercnnectins with TIER-1 grup ISPs 10 internatinal intercnnectins with TIER-2 grup ISPs Ttal cnnectin bandwidth in 2009 was ~ Gbps Slide 15 f 22

16 Peering cnnectins: Result f survey Peering - is an agreement between ISPs t carry traffic fr each ther and fr their respective custmers. Peering help t avid the redirectin f the natinal traffic thrugh internatinal ISPs. It prvides assumptins t reduce csts and imprves the quality and speed rate f the Internet cnnectin % Internet traffic is initiated in the natinal netwrk ~370 peering intercnnectins in LT netwrk ~20 ASN has mre then 20 peering cnnectins ~80 % all peering cnnectin execute in IXP Slide 16 f 22

17 Lithuania s IXP: Result f survey One biggest and the nly fficial nt-cmmercial Lithuania s IXP. Members f IXP: 24 ISPs (27ASN) Hsting services prviders Gvernment institutins Private big cmpanies And ther netwrks Slide 17 f 22

18 Result f survey IXP value fr Lithuania s Internet netwrk: Peering with IXP (~ 400 (330 in IXP) peering cnnectins) Peering withut IXP (~ 70 peerinng cnnectin) Slide 18 f 22

19 Result f survey Critical ndes were identified: The main Lithuania s transit ISPs ISPs with external intercnnectins with Freign ISPs Internet Exchange Pint Identified ISP as critical ndes Slide 19 f 22

20 Request Respnse Trap Mnitring tls (Future plan) ISP ISP ISP ISP ISP Critical ndes f netwrk infrastructure are influencing well being f whle natinal Internet. ISP And its imprtant t supervise n a natinal level thse ndes and react immediately in case f incidents. Send ntificatin: We are develping a mdel f natinal SMS Internet netwrk infrastructure mnitring Instant messaging (IM) system based n SNMP prtcl ther Other Mnitring system Slide 20 f 21 Slide 20 f 22

21 Lithuania s Internet infrastructure resilience survey Advantage All Intercnnectin map The quantities and types f cnnectins Types f physical cnnectins Ttal internatinal Internet bandwidth Autnmus System Number (ASN) Identify IXP, biggest and imprtant ISPs Identify internatinal gateways Find critical ISPs ISP cntacts Disadvantage Nt invlves Hsting prviders, Netwrk, Telephne, IXP peratrs and ther. Unknwn whse infrastructure are use Nt defined which ISP elements are critical Different technical terms between ISPs Slide 21 f 22

22 Thank yu fr yur attentin! Cmmunicatins Regulatry Authrity f the Republic f Lithuania Algird str. 27A LT Vilnius Slide 22 f 22