VIENNA MODEL UNITED NATIONS CLUB
|
|
- Christine Powers
- 8 years ago
- Views:
Transcription
1 VIENNA MODEL UNITED NATIONS CLUB STUDY GUIDE APRIL SESSION 2013 CYBER SECURITYAND CYBER WARFARE 1
2 INTRODUCTION With anever-increasingnumber of technological improvements and the expansion of online services in the past two decades, the issue of cybersecurity has rapidly moved to the top of the agenda in national and international politics. Nowadays it is an issue not only relevant to the private sector and the individual consumer, but especially to all sorts of state actors. The term cyber security covers everything from cyber crime to cyber warfare; everything from the mischief an adolescent hacker can do to an individual s computer to the risk that skilled individuals could from cyber space critically disrupt or destruct a digital infrastructure. Cyber warfare, cyber terrorism, cyber espionage and cyber activism challenge the existing technological capabilities, the nature of the free internet and the modes of cooperation in the international system. Moreover, they cause huge losses for businesses and the economy as a whole and manage to steal sensitive data of government organisations. Some analysts have labelled cyber attacks as the war in the fifth dimension or fifth domain. Beyond land, sea, air and space the cyber world has become a new hot-spot for a variety of conflicts between companies and between governments. Simultaneously, others have called it the new cold war implying on the one hand the vast potential for serious confrontations between certain countries, most notably China and the U.S., and on the other hand the deliberate omissions to explicitly single out the states responsible for cyber attacks in order to avoid direct confrontations and a diplomatic impasse. Nonetheless, cyber security has certainly become a serious concern in international politics and was addressed at several conferences where lawmakers and key stakeholders from the private sector have become increasingly involved in the debates about how to tackle the threats stemming from malpractice in the digital world. The topic was also an integral part of the Douville G-8 summit agenda in Still the most important discussions have taken place on a bilateral basis so far. Thus there remains the need to find a solution on a multilateral basis in order to find international agreements that allow to deal with the issue appropriately and that provide the necessary legally binding provisions for state and non-state actors operating in the global cyberspace. The targets of cyber attacks From the government agencies to the International Olympic Committee and news media - nearly anything can or has already fallen prey to cyber attacks.even well protected security infrastructure such as the Pentagon seems to be vulnerable as has been revealed by a massive cyber attack in 2008 and in 2011 when approximately 24,000 files were abstracted. Apart from high profile breaches against industrial, financial and governmental targets, it is small companies, which have increasingly become the victims of targeted cyber attacks due to the fact that their security measures can often be considered rudimentary compared to those of large enterprises. The main goal of attacks against the private sector is to gain intellectual property (industrial espionage), whereas attacks against government agenciesaim for strategic intelligence, sensitive security data or in general the disruption or destruction of private and publicnetworks. Alternatively, cyber attacks in the form of so-called hacktivism (e.g. Anonymous)have also become a new way of protest and civil disobedience. An EU study conducted by the European Network and Information Security Agency analyzed more than 140 reports from the security industry and other organizations. It concluded that the top threats could be categorized in 6 areas: mobile computing, social technology, critical 2
3 infrastructure, trust infrastructure (defined as any information system that provides strong authentication and aims at establishing a trusted, secure connection between two end points. ), cloud computing and big data. Furthermore, it pointed out that particularly the threats to trust infrastructure and mobile computing are on the rise. Typical targets of cyber attacks include electrical grids, telecommunication systems, web servers, enterprise information systems, media corporations and newspapers (lately for instance France 24 and the NYT), banks, corporations in the technology sector but also in the construction sector or even agriculture, satellite systems, pipelines, air traffic control systems, water systems, ministries and other organizations affiliated with governments as well as non-governmental organizations. If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology. Bruce Schneier (American computer security specialist) Prominent cyber attacks The Original Logic Bomb:in 1982 a computer control system stolen from a Canadian company by Soviet spies caused a Soviet gas pipeline to explode. The code for the control system had been previously modified by the CIA, which had been tipped off, to include a logic bomb, i.e. a piece of code that changes the workings of a system, which changed the pump speeds to cause the explosion. An air force secretary describe d it as the most monumental non-nuclear explosion and fire ever seen from space. Titan Rain: the name given by the FBI to a series of coordinated attacks on American computer systems since 2003ongoing for at least three years. It was discovered that several sensitive private and public computer networks were infiltrated by the hackers, such as those at Lockheed Martin and NASA. Not only was military intel and classified data stolen, but also thousands of zombified machines, i.e. computers infiltrated by malicious software that can be activated later, were left behind. Titan Rain is considered the largest state-sponsored cyberattacks in history, said to have been organized or supported by the Chinese government. Cyberattacks on Estonia: a series of well-planned cyber attacks began on 27 April 2007 and swamped websites of Estonian organizations, including Estonian parliament, banks, ministries and broadcasters, amid the country s row with Russia about the relocation of a Soviet statue. Due to the sophistication of the attacks it was claimed that the Russian government had assisted in orchestrating the attacks. Among others Nashi, a nominally independent pro- Kremlin youth group, has taken responsibility for the incident. Some argue that it may have been the second-largest instance of state-sponsored cyber attack, following Titan Rain. Stuxnet: in 2010 the Stuxnet worm temporarily knocks out some 1000 centrifuges at Iran s Natanz nuclear facility, causing considerable delay to that country s uranium enrichment programme. Allegedly the highly sophisticated worm was plantedmanually by a flash driver into at least one computer connected to the network. In June 2012, The New York Times reports that the U.S. and Israel developed the worm. Flame: another complex malware responsible for data loss incidents at Iran s oil ministry in It was allegedly developed by the U.S. and Israeli governments to collect intelligence about Iran s computer networks that would facilitate future cyberattacks on computers used in that country s nuclear fuel enrichment program. It was also planted manually into the network. DDoS attacks on U.S. banks: the U.S. accuses Iran of staging a massive wave of denial-ofservice attacks against U.S. financial institutions in Defense Secretary Leon Panetta warns of cyber threats against critical infrastructure and calls for new protection standards. Korean cyber war: Already in 2009 and 2011 North Korea has been blamed for cyber raids against South Korean organizations. On 15 March, North Korea s KCNA news agency accused the US and its allies of large-scale hacking attacks on its internet servers. Later in 3
4 Marcharound 32,000 South Korean computers at banks and broadcasters were affected by a cyber attack. Even though the attack could be traced back to a Chinese IP address officials emphasized that this did not reveal who was behind the attack, as hackers can route their attacks through addresses in other countries to obscure their identities. North Korea is suspected to have staged the attack amid rising tensions on the Korean peninsula. International agreements International law regarding real warfare developed within a 150 years. This raises the question whether these regulations could be used in matters of online-warfare. A genuine legal framework, a jus ad bellum and jus in bello, is still missing for cyber warfare. The Working Group on Internet Governance, established by the United Nations based on a recommendation from the World Summit on the Information Society, was initiated to agree upon the future Internet Governance. Technical, policy, economic, institutional, as well as legal perspectives were taken into consideration. Two different approaches dominated the debates at the summit. Whereas one side argued for the development of genuine cyber-law since speed and volume of Internet cross-border communication hinders the enforcement of existing legal rules, the other side argued that the Internet is in fact not conceptually different from previous telecommunication technologies. Consequently, existing legal rules could be applied to the Internet and as far as global regulation is concerned, the most efficient option would be the harmonization of national laws, resulting in the establishment of one set of equivalent rules at the global level. The Working Group has fulfilled its duty to give recommendations for the next World Summit on the Information Society. But unfortunately a consensus regarding concrete measures could not be found. For the time being, bilateral agreements are the most common solution for cyber security regulations, like the new security pact of the UK with India. A group of international lawyers, working in conjunction with the International Committee of the Red Cross and the US Cyber Command, has now published a book on the subject. The group of experts was invited to draw up the handbook by NATO s Co-operative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, where the centre was established in 2008 following a wave of cyber-attacks on the Baltic state from inside Russia. The experts explained that existing laws broadly apply to cyberspace. The Tallinn manual contains 95 black letter rules. However, it is no official NATO document or policy but an advisory manual. Among other things it stipulates that cyber attacks led by governments must avoid sensitive civilian targets such as hospitals, dams, dykes and nuclear power stations. The manual also states that hacktivists who participate in online attacks during a war can be legitimate targets even though they are civilians. The manual suggests proportionate countermeasures against cyber attacks carried out by a state are permitted. Such measures cannot involve the use of force, however, unless the original cyber-attack resulted in death or significant damage to property. Rule seven of the manual also states that if an online operation originates from a government network, "it is not sufficient evidence for attributing the operation to that state but is an indication that the state in question is associated with the operation". Furthermore, it says that, in accordance with Geneva conventions, attacks on certain key civilian sites are outlawed, for instance hospitals and medical units, which are also protected under rules governing traditional warfare. International Involvement United Nations: At the UN level the International Telecommunication Union, is a specialized agency, is responsible for issues that concern information and communication technologies. Its main task include coordinating the shared global use of the radio spectrum, promoting international 4
5 cooperation in assigning satellite orbits, improving telecommunication infrastructure and assisting in the development and coordination of worldwide technical standards. Following an initiative by the Malaysian Prime Minister a comprehensive public-private partnership against cyber threat led to the creation of the International Multilateral Partnership Against Cyber Threats, the first United Nations-backed cybersecurity alliance. Since 2011, after signing a cooperation agreement at the World Summit on the Information Society, IMPACT serves as the cybersecurity executing arm of the International Telecommunication Union. IMPACT is tasked with the responsibility of providing cyber security assistance and support to ITU s 193 Member States and also to other organisations within the UN system. IMPACT was massively supported with resources coming from the industry giants such as Kaspersky Lab and Symantec Corporation. United States of America: The new United States military strategy makes explicit that a cyber attack is a casus belli for a traditional act of war. William J. Lynn, former U.S. Deputy Secretary of Defense, states that as a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain in warfare which has become just as critical to military operations as land, sea, air, and space. In 2012 the then Secretary of Defense Leon E. Panetta warned of the possibility of a cyber- Pearl Harbor. Furthermore, he stressed that the US won t succeed in preventing a cyberattack through improved defenses alone. The new Secretary of Defense Chuck Hagel has promised to prioritise cyber security at the Pentagon. President Barack Obama declared America's digital infrastructure to be a strategic national asset. Therefore in May 2010 the Pentagon established the US Cyber Command (USCYBERCOM) to defend American military networks and built up capabilities for offensive moves against other networks. In June 2012 the New York Times reported that President Obama had ordered the cyber attack on Iranian nuclear enrichment facilities. President Obama last fall signed a classified directive that requires an imminent or ongoing threat of an attack that could result in death or damage to national security before a military cyber-action can be taken to thwart it. Senior administration officials stress that under the new Obama directive, they would use law enforcement or diplomatic means before turning to military cyber warfare. The order does not alter the rules for intelligence agencies covert use of cyber-operations. The United States has already used cyber attacks for tactical advantage in Afghanistan. There have also been lots of other cyber warfare activities regarding the US. For example in 1982, a computer control system stolen from a Canadian company by Soviet spies caused a Soviet gas pipeline to explode. The code for the control system had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion. According to the NYT the US was also involved in developing Stuxnet to attack Iran. Currently, the main opponent in cyber warfare are said to be Chinese state and non-state actors where most attacks on American systems originate from. An American computer security company reported in March 2009 that it had detected 128 acts of cyberagression per minute coming from Internet addresses in China. The Department of Defense was the main target of these attacks. United Kingdom: In February the UK signed a new security pact with India as a countermeasure against the Chinese cyber-threat. The United Kingdom has also set up a cyber-security and operations centre based in Government Communications Headquarters (GCHQ). The UK government's National Security Strategy of 2010 is titled A Strong Britain in an Age of Uncertainty. It outlines threats facing the United Kingdom, and defences against these threats. It also emphasizes the risks posed by cyber warfare. There are also lots of cyber 5
6 warfare activities regarding the UK. In the most famous one the MI6 repeatedly infiltrated an Al Qaeda website and replaced the recipe for a pipe bomb with the recipe for making cupcakes. People s Republic of China: Most reports about China s cyber warfare capabilities are not confirmed by the Chinese government. Nevertheless China continues to be held responsible for a string of cyber-attacks on a number of public and private institutions in the United States, India, Russia, Canada, France, Taiwan and Japan. US security experts claim a 12-story office building outside of Shanghai is the headquarters of a hacking unit in China established to attack international computer networks. Beijing has rejected the allegations, calling the reports unreliable. The Chinese government denies any involvement in cyber-spying campaigns. Instead the government maintains the position that China is not the threat but rather the victim of an increasing number of cyber-attacks. Official data showed that more than one million IP addresses were under control by overseas sources. A government report released in March 2011 indicates that more than 4600 Chinese government Web-sites had their content modified by hackers in 2010, an increase of 68 percent over the previous year. A list of the top 100 viruses infecting computers world-wide at the beginning of 2011also revealed that in every single case China was the most affected country. Yet, nearly all these viruses originated in China. The Chinese government has attempted to impose greater control over internal networks, both to suppress domestic opposition and to block penetration from outside the country. It has surrounded the country with a Great Firewall, also referred as the Golden Shield Project, which is an Internet censorship and surveillance project operated by the Ministry of Public Security. It is estimated that between 30,000 and 50,000 Internet police are employed in this project. Russian Federation: Cyber warfare in Russia includes allegations of denial of service attacks, hacker attacks, dissemination of disinformation over the internet, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, and persecution of cyberdissidents. It has been claimed that Russian security services organized a number of denial of service attacks as a part of their cyber-warfare against other countries as Estonia or Georgia. Russia has been accused of attacking Georgian government websites in 2008 to accompany their military bombardment. Russia is also believed to have rapidly advanced its IT sector. Still Russia is often overlooked as a significant player in the global software industry. Russia produces 200,000 scientific and technology graduates each year. This is as many as India, which has five times the population. However, since 2012 Russia has also stepped up its campaign for a globally binding treaty on cyber security. The rather controversial proposal for a U.N. convention to crack down on Internet crime and terrorism should define information warfare as a threat to international security and should urge countries to maintain a balance between fundamental human rights and the effective counteraction of terrorist use of the information space. France: In 2009 France created the French Network and Information Security Agency (FNISA) to provide a national watchdog on the government s sensitive networks that would detect and respond to cyber attacks. Since then, little has been exposed about the disposition of French cyber security until March 2011, when the French finance ministry announced that it had suffered a cyber attack during the Paris G20 summit. The attack targeted documents relating to the summit and other economic issues. In August 2011, France announced its intentions to 6
7 build network warfare capabilities. Cyber warfare specialists under the General Directorate of Armament (DGA) demonstrated their capabilities in September 2011 using a communications mini-drone to simulate an attack on a national communications satellite. Personnel dedicated to France s cyber warfare capabilities include 130 engineers and researchers with links to French universities, as well as US and UK cyber experts who provide advice to other French departments on improving their organic network securities. The DGA intends to grow these numbers by 30 per year for the next 30 years. A major focus of the DGA is currently to develop secure networks for the French Naval Forces, including Naval Aircraft, by implementing an intranet. Further reading [Al Jazeera World : Fighting in the Fifth Dimension] 7
Cybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.
Cybersecurity & International Relations Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey. Cybersecurity & IR This part of the IWOSI aims to link the Information
More informationCybersecurity. Canisius College
Cybersecurity Introduction In the year 2013, cybersecurity is a relevant issue on both the most personal level and the global level. Never has humanity had access to such a vast array of information. Never
More informationHarmful Interference into Satellite Telecommunications by Cyber Attack
Kobe and QM Symposium on International Law "Diversity of Transnational Criminal Justice" Harmful Interference into Satellite Telecommunications by Cyber Attack 10 April 2015 Yuri Takaya Research Fellow/Lecturer,
More informationCyberterror. Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states.
Cyberterror Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states. What are terrorists main uses of cyberspace? How does cyberterror
More informationThe main object of my research is :
The main object of my research is : «War» I try to analyse the mutual impacts between «new wars» and the evolution of the international system More especially my research is about what we call»cyber-war«or»cyber-conflicts«is
More informationResearch Note Engaging in Cyber Warfare
Research Note Engaging in Cyber Warfare By: Devin Luco Copyright 2013, ASA Institute for Risk & Innovation Keywords: Cyber War, Cyber Warfare, Cyber Attacks, Cyber Threats Abstract This research note defines
More informationCyber defence in the EU Preparing for cyber warfare?
Preparing for cyber warfare? SUMMARY In recent years, cyber attacks on a serious scale have become a matter of concern to states, due to the threat they can pose to national security, but also a potential
More informationUNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. June 15th, 2015
UNCLASSIFIED Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI June 15th, 2015 This document was prepared by The Institute for National Security Studies (INSS) Israel and The Cyber Security Forum
More informationCyber Diplomacy A New Component of Foreign Policy 6
Cyber Diplomacy A New Component of Foreign Policy 6 Assistant Lecturer Dana DANCĂ, PhD. candidate Titu Maiorescu University, Bucharest dana.danca@yahoo.com Abstract Nowadays, the boundary between virtual
More informationESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM
Information & Security: An International Journal Valentyn Petrov, vol.31, 2014, 73-77 http://dx.doi.org/10.11610/isij.3104 ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY
More informationCybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU
Cybersecurity Global status update Dr. Hamadoun I. Touré Secretary-General, ITU Cybercrime takes a toll on the global economy - Online fraud, identity theft, and lost intellectual property; - On governments,
More informationTrends Concerning Cyberspace
Section 2 Trends Concerning Cyberspace 1 Cyberspace and Security Owing to the information technology (IT) revolution in recent years, information and communication networks such as the Internet are becoming
More informationthe Council of Councils initiative
Author: Andrea Renda, Senior Research Fellow, Centre for European Policy Studies May 3, 2013 Editor's note: This brief is a feature of the Council of Councils initiative, gathering opinions from global
More information"Cyber War or Electronic Espionage - Active Defense or Hack Back" David Willson Attorney at Law, CISSP Assess & Protect Corporate Information
"Cyber War or Electronic Espionage - Active Defense or Hack Back" David Willson Attorney at Law, CISSP Assess & Protect Corporate Information Iran Georgia France Estonia Attacks on Nations UK Belgium South
More informationOffensive capabilities
Chapter 5 5 Beyond signals intelligence: Offensive capabilities 5.1 Introduction Documents released by German magazine Der Spiegel provide a much richer picture of the offensive activities of the NSA and
More informationNATO & Cyber Conflict: Background & Challenges
NATO & Cyber Conflict: Background & Challenges Dr. Sean Lawson Department of Communication University of Utah [Full citation: Lawson, Sean. (2012) NATO & Cyber Conflict: Background & Challenges. Presented
More informationThe Cyber Security Challenge: What Can be Done?
The Cyber Security Challenge: What Can be Done? Swiss Business Associa=on Singapore Grand HyaB, 22 October 2015 Presenta)on by Daniel Stauffacher President, ICT4Peace Founda=on www.ict4peace.org Cybersecurity
More informationRUSSIA CHINA NEXUS IN CYBER SPACE
RUSSIA CHINA NEXUS IN CYBER SPACE E. Dilipraj Associate Fellow, CAPS On May 08, 2015 Russia and China inked an important agreement in the field of cyber security. This bilateral agreement is the latest
More informationA New Obstacle For Cyberinsurance Coverage
Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com A New Obstacle For Cyberinsurance Coverage Law360,
More informationAndrzej Kozłowski Research Fellow Casimir pulaski Foundation. The cyber strikes back the retaliation against the cyberattack
Andrzej Kozłowski Research Fellow Casimir pulaski Foundation The cyber strikes back the retaliation against the cyberattack Road to WARSAW SECURITY FORUM 2015 The growing threat The constant grow of threats
More informationCyber Security Summit China and Cyber Warfare Desmond Ball 25 July 2011
Cyber Security Summit China and Cyber Warfare Desmond Ball 25 July 2011 Notes abstracted from Desmond Ball, China s Cyber Warfare Capabilities, Security Challenges, Vol. 7, No. 2, Winter 2011, pp. 81-103).
More informationConfrontation or Collaboration?
Confrontation or Collaboration? Congress and the Intelligence Community Cyber Security and the Intelligence Community Eric Rosenbach and Aki J. Peritz Cyber Security and the Intelligence Community The
More informationToday s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns
Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns Benjamin GITTINS Ronald KELSON What is cyberspace and why is it so important? US Government Cyberspace
More informationStatement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives
Statement for the Record Richard Bejtlich Chief Security Strategist FireEye, Inc. Before the U.S. House of Representatives Committee on Energy and Commerce Subcommittee on Oversight and Investigations
More informationThe UK cyber security strategy: Landscape review. Cross-government
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape
More informationUNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. April 1st, 2015
UNCLASSIFIED Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI April 1st, 2015 This document was prepared by The Institute for National Security Studies (INSS) Israel and The Cyber Security Forum
More informationSummary. Russian-Dutch Bilateral Seminar
Summary Russian-Dutch Bilateral Seminar "THE ROLE OF NUCLEAR INDUSTRY IN NUCLEAR SECURITY GOVERNANCE: MOVING TO THE 2014 NUCLEAR SECURITY SUMMIT IN THE HAGUE" On September 3, 2013 PIR Center and the Embassy
More informationNATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA
NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies
More informationCyber Security Strategy for Germany
Cyber Security Strategy for Germany Contents Introduction 2 IT threat assessment 3 Framework conditions 4 Basic principles of the Cyber Security Strategy 4 Strategic objectives and measures 6 Sustainable
More information2 Gabi Siboni, 1 Senior Research Fellow and Director,
Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,
More informationGermany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),
Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), General appreciation of the issues of information security Information
More informationNew Battlegrounds: The Future of Cyber Security and Cyber Warfare
New Battlegrounds: The Future of Cyber Security and Cyber Warfare Information and communications technologies are part of daily life. They are helping to revolutionize health and education, transform the
More informationCyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.
Cyber Security Personal and commercial information is the new commodity of choice for the virtual thief, argues Adrian Leppard, Commissioner for City of London Police, as he sets out the challenges facing
More informationCyber-security: legal implications for financial institutions. IAPP Europe Data Protection Intensive 2013
Cyber-security: legal implications for financial institutions IAPP Europe Data Protection Intensive 2013 Vivienne Artz Managing Director and General Counsel, Citi Cyber threat landscape Kris McConkey Director,
More informationThe Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.
The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be
More informationCyberspace Situational Awarness in National Security System
Cyberspace Situational Awarness in National Security System Rafał Piotrowski, Joanna Sliwa, Military Communication Institute C4I Systems Department Zegrze, Poland, r.piotrowski@wil.waw.pl, j.sliwa@wil.waw.pl
More informationUNCLASSIFIED. Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI. January 1st, 2015
UNCLASSIFIED Executive Cyber Intelligence Bi-Weekly Report by INSS-CSFI January 1st, 2015 This document was prepared by The Institute for National Security Studies (INSS) Israel and The Cyber Security
More informationCyber Security Strategy of Georgia
Cyber Security Strategy of Georgia 1 1. Introduction The Government of Georgia publishes its Cyber Security Strategy for the first time. Large-scale cyber attacks launched by Russia against Georgia in
More informationWRITTEN TESTIMONY OF
WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you
More informationForeign Affairs and National Security
Foreign Affairs and National Security Objectives: TLW understand and explain the following questions as it relates to the Foreign affairs of the American Government What is foreign policy? What is the
More informationStatement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives
Statement for the Record Richard Bejtlich Chief Security Strategist FireEye, Inc. Before the U.S. House of Representatives Committee on Foreign Affairs Subcommittee on Asia and the Pacific Reviewing President
More informationNATIONAL DEFENSE AND SECURITY ECONOMICS
NATIONAL DEFENSE AND SECURITY ECONOMICS FUTURE DEVELOPMENT OF ECONOMICS OF DEFENSE AND SECURITY ECONOMIC DIMENSION OF CYBERSPACE AS NEW SECURITY THREAT Content of Topic Introduction Basic Concepts Cyberspace
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationInhibition of an Arms Race in Outer Space
Inhibition of an Arms Race in Outer Space Introduction Jinseong Joo The exploration and use of outer space shall be for peaceful purposes and should be carried out for the benefit and in the interest of
More informationCYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES
CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES By Wolfgang Röhrig, Programme Manager Cyber Defence at EDA and Wg Cdr Rob Smeaton, Cyber Defence Staff Officer
More informationARI 26/2013 (Translated from Spanish) 17 September 2013. Cyber cells: a tool for national cyber security and cyber defence
ARI ARI 26/2013 (Translated from Spanish) 17 September 2013 Cyber cells: a tool for national cyber security and cyber defence Thiber Theme 1 Cyber cells are effective tools that enable countries to operate,
More informationEstonia 2007 Cyberattakcs
Estonia 2007 Cyberattakcs 2010 Agenda Background April 2007 What is cyberattack Estonia as an information society Cyberattacks Protection measures used Lessons learned What are we doing - measures Background
More informationPanel 3: Applicability of International Law to Cyberspace & Characterization of Cyber Incidents
Panel 3: Applicability of International Law to Cyberspace & Characterization of Cyber Incidents Catherine Lotrionte and Eneken Tikk, co-chairs Cyber security and the acceptable behavior of state and non-state
More informationWhat is Cyber Liability
What is Cyber Liability Ubiquitous Warfare Espionage Media Operational Data Security and Privacy Tech 1 Data Security and Privacy Data Breach Response Costs Privacy Regulatory Action Civil Litigation INSURABLE
More informationTHE CASE FOR AN INDIA-US PARTNERSHIP IN CYBERSECURITY
DISCUSSION DOCUMENT July 14, 2010 THE CASE FOR AN INDIA-US PARTNERSHIP IN CYBERSECURITY Srijith K Nair EXECUTIVE SUMMARY The rapid development and the increasing reliance on information and communication
More informationCybercrime: risks, penalties and prevention
Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,
More informationNew York State Energy Planning Board. Cyber Security and the Energy Infrastructure
New York State Energy Planning Board Cyber Security and the Energy Infrastructure New York State Division of Homeland Security and Emergency Services Office of Cyber Security Office of Cyber Security Overview
More informationA Community Position paper on. Law of CyberWar. Paul Shaw. 12 October 2013. Author note
A Community Position paper on Law of CyberWar Paul Shaw 12 October 2013 Author note This law and cyberwar paper / quasi-treatise was originally written for a course in a CISO certification curriculum,
More informationCedric Leighton, Colonel, USAF (Ret) Founder & President, Cedric Leighton Associates
Cedric Leighton, Colonel, USAF (Ret) Founder & President, Cedric Leighton Associates What is Cyber Security? The First Cyber Attack The Threat Landscape The Energy Industry as a Target The Legal & Regulatory
More informationA Reluctant Cyber Security Agreement between the US and China
16 November, 2015 A Reluctant Cyber Security Agreement between the US and China Dr. Omair Anas* Three months after the biggest data theft from the American networks, the US and China have agreed to cooperate
More informationQuestion of Cyber security Maria Paek (President)
Question of Cyber security Maria Paek (President) Introduction The words cyber terrorism and cyber security have been floating around media headlines, recently thrust into heavy attention as large-scale
More informationTHE CURRENT GLOBAL THREATS TO CYBERSPACE SECURITY
前 沿 探 索 THE CURRENT GLOBAL THREATS TO CYBERSPACE SECURITY By Lt Col Jose Luis Llagran Bonilla 1 (Ecuador) I. Introduction Cyberspace is an interdependent network of information technology infrastructures
More informationThe FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
More informationUnited States Cyber Security in the 21st Century
United States Cyber Security in the 21st Century Austin Spears 63 Abstract: Highly sophisticated computer attacks are on the rise. Google, United States defense firms, and state governments are just a
More informationAppendix 2 Deterrence as a security concept against cyber threats
Appendix 2 Deterrence as a security concept against cyber threats Sico van der Meer Current situation Cyber threats, also referred to as digital threats, are among the greatest threats currently facing
More informationSTATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION
STATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM COMMITTEE ON JUDICIARY UNITED STATES SENATE ENTITLED:
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationTrends in Malware DRAFT OUTLINE. Wednesday, October 10, 12
Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,
More informationEvolving Uses of Technology: Mobility and Cybersecurity
WHITE PAPER Evolving Uses of Technology: Mobility and Cybersecurity March 2012 Conventional security standards and practices cannot keep up with the frequency and sophistication of attacks. EXECUTIVE SUMMARY
More informationUN Emergency Summit on Cyber Security Topic Abstract
UN Emergency Summit on Cyber Security Topic Abstract Dear Delegates and Moderators, Welcome to the UN Emergency Summit on Cyber Security! Cyber security is one of the most relevant issues in the international
More informationFOREIGN AFFAIRS AND TRADE Australia - Cyber: Reports of Chinese cyber attacks
F-43 FOREIGN AFFAIRS AND TRADE Australia - Cyber: Reports of Chinese cyber attacks Possible Ouestion Why has the Government not confronted China about cyber attacks including on DFAT, such as those aired
More informationSession 9 Cyber threats in the EU s and NATO s new strategic context General Kees Homan: Introduction Political cyber attacks
1 Session 9 Cyber threats in the EU s and NATO s new strategic context General Kees Homan: remarks prepared for the CCADD conference in Paris, September 2014 Introduction Cyberspace has become part of
More informationAdvanced & Persistent Threat Analysis - I
Advanced & Persistent Threat Analysis - I Burak Ekici ekcburak@hotmail.com Department of Computer Engineering, Yaşar University, Turkey. April 21, 2012 Burak Ekici (Dept. of Comp. Eng.) Advanced & Persistent
More informationNetwork security policy issues. Ilias Chantzos, Director EMEA & APJ NIS Summer School 2008, Crete, Greece
Network security policy issues Ilias Chantzos, Director EMEA & APJ NIS Summer School 2008, Crete, Greece 1 Sample Agenda Slide 1 The current threat landscape 2 IT security and policy leadership 3 The EU
More informationTLP WHITE. Denial of service attacks: what you need to know
Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...
More informationPresenter: October 14, 2009 Mr. Takanobu Ito Managing Director, Asia Pacific & Middle East Operations
TeleContinuity The Survivable Cyber Solution Presentation For Presenter: October 14, 2009 Mr. Takanobu Ito Managing Director, Asia Pacific & Middle East Operations 2007 TeleContinuity, Inc.. All Rights
More informationHome Security: Russia s Challenges
Home Security: Russia s Challenges A Russian Perspective Andrei Fedorov * Home security: Russia s challenges Home security and the struggle against terrorism is one of the most crucial issues for the Russian
More informationCyber Confrontation: Hackers Convincing Victory Over the Security Industry
Your texte here. Cyber Confrontation: Hackers Convincing Victory Over the Security Industry Ilia Kolochenko, High-Tech Bridge, CEO Regional Cyber Security Summit 20 th of April 2014 From where does the
More informationODUMUNC 39. Disarmament and International Security Committee. The Future of Cyber Intelligence. By: Joseph Espinoza
ODUMUNC 39 Disarmament and International Security Committee Introduction: In 2014, a security report showed that, on average in the United States, a new and unknown malware variant was being downloaded
More informationCLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS
CLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS NEW YORK Jeremy Feigelson jfeigelson@debevoise.com WASHINGTON, D.C. Satish M. Kini smkini@debevoise.com Renee
More informationSecurity concerns and the desire to reduce fossil fuel emissions have led the United Nations to take up the topic of nuclear power.
Topic 1: Nuclear Power Security concerns and the desire to reduce fossil fuel emissions have led the United Nations to take up the topic of nuclear power. The United Nations is concerned with the spread
More informationCYBER WARFARE AN ANALYSIS OF THE MEANS AND MOTIVATIONS OF SELECTED NATION STATES INSTITUTE FOR SECURITY TECHNOLOGY STUDIES AT DARTMOUTH COLLEGE
CYBER WARFARE AN ANALYSIS OF THE MEANS AND MOTIVATIONS OF SELECTED NATION STATES INSTITUTE FOR SECURITY TECHNOLOGY STUDIES AT DARTMOUTH COLLEGE November 2004 Revised December 2004 Charles Billo Welton
More informationworking group on foreign policy and grand strategy
A GRAND STRATEGY ESSAY Managing the Cyber Security Threat by Abraham Sofaer Working Group on Foreign Policy and Grand Strategy www.hoover.org/taskforces/foreign-policy Cyber insecurity is now well established
More informationPerspectives on Cyber Security Strategies & Tactics
Perspectives on Cyber Security Strategies & Tactics Joshua Schmookler, Passaic County NJ MIS Department Security Administrator Micah Hassinger, Bergen County NJ Communications Director of Information Technology
More informationAs global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended
As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended Global Cybercrime has an estimated cost of US$ 110 Billion per year Every second, 18 adults become a
More informationProtecting Organizations from Cyber Attack
Protecting Organizations from Cyber Attack Cliff Glantz and Guy Landine Pacific Northwest National Laboratory (PNNL) PO Box 999 Richland, WA 99352 cliff.glantz@pnnl.gov guy.landine@pnnl.gov 1 Key Topics
More informationPublic Private Partnerships and National Input to International Cyber Security
Public Private Partnerships and National Input to International Cyber Security 10 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington,
More informationTestimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy
Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy House Committee on Homeland Security Subcommittee on Cybersecurity, Infrastructure
More informationIdentifying Cyber Risks and How they Impact Your Business
10 December, 2014 Identifying Cyber Risks and How they Impact Your Business David Bateman, Partner, K&L Gates, Seattle Sasi-Kanth Mallela, Special Counsel, K&L Gates, London Copyright 2013 by K&L Gates
More informationA Detailed Strategy for Managing Corporation Cyber War Security
A Detailed Strategy for Managing Corporation Cyber War Security Walid Al-Ahmad Department of Computer Science, Gulf University for Science & Technology Kuwait alahmed.w@gust.edu.kw ABSTRACT Modern corporations
More informationTheme: The Growing Role of Private Security Companies in Protecting the Homeland.
Theme: The Growing Role of Private Security Companies in Protecting the Homeland. Background on terrorist organizations: A global threat, every object is a target, infinite number of targets. Terrorist
More informationThe Implication of TMD System in Japan to China s Security
The Sixth ISODARCO Beijing Seminar on Arms Control October 29-Novermber 1, 1998 Shanghai, China The Implication of TMD System in Japan to China s Security Institute of World Economics & Politics Chinese
More informationAnthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa
SECURING THE DIGITAL DIVIDE: COMBATING CYBERCRIME Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa INTRODUCTION q Given modern
More informationThe virtual battle. by Mark Smith. Special to INSCOM 4 INSCOM JOURNAL
The virtual battle by Mark Smith Special to INSCOM 4 INSCOM JOURNAL For many, the term cyberspace conjures up images of science fiction, the stuff of novels and movies. In fact, in 1994 this was the term
More informationSeoul Communiqué 2012 Seoul Nuclear Security Summit
Seoul Communiqué 2012 Seoul Nuclear Security Summit We, the leaders, gathered in Seoul on March 26-27, 2012, renew the political commitments generated from the 2010 Washington Nuclear Security Summit to
More informationTHE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY
THE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY Juan Cayón Peña, PhD. & Luis Armando García Abstract: The implementation, maintenance, and improvement of a national Cyber defense strategy
More informationCyber Security and the Canadian Nuclear Industry a Canadian Regulatory Perspective
Cyber Security and the Canadian Nuclear Industry a Canadian Regulatory Perspective Terry Jamieson Vice-President Technical Support Branch Canadian Nuclear Safety Commission August 11, 2015 www.nuclearsafety.gc.ca
More informationNational Cyber Threat Information Sharing. System Strengthening Study
Contemporary Engineering Sciences, Vol. 7, 2014, no. 32, 1755-1761 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ces.2014.411235 National Cyber Threat Information Sharing System Strengthening
More informationSTATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE;
STATEMENT OF MR. THOMAS ATKIN ACTING ASSISTANT SECRETARY OF DEFENSE FOR HOMELAND DEFENSE AND GLOBAL SECURITY OFFICE OF THE SECRETARY OF DEFENSE; LIEUTENANT GENERAL JAMES K. MCLAUGHLIN DEPUTY COMMANDER,
More informationEU Cybersecurity: Ensuring Trust in the European Digital Economy
EU Cybersecurity: Ensuring Trust in the European Digital Economy Synthesis of the FIC Breakfast-Debate 15 October 2013, Brussels With the participation of Tunne Kelam Member of the European Parliament'
More informationFive Principles for Shaping Cybersecurity Norms
TRANSPARENCY PROPORTIONALITY HARMONIZATION RISK REDUCTION COLLABORATION Five Principles for Shaping Cybersecurity Norms Contents Introduction 3 Cybersecurity Norms 5 The Role of the Public Sector 6 Cybersecurity
More informationCyber Security and Infrastructure: Problems of Today, Challenges for Tomorrow
Cyber Security and Infrastructure: Problems of Today, Challenges for Tomorrow Herb Lin Computer Science and Telecommunications Board NAE Convocation of Engineering Professional Societies Washington DC
More informationCybersecurity and the Romanian business environment in the regional and European context
KPMG Legal Cybersecurity and the Romanian business environment in the regional and European context Developing a cybersecurity culture for the users of digital and communications systems has become a mandatory
More informationRoles and Responsibilities of Cyber Intelligence for Cyber Operations in Cyberspace
, pp.137-146 http://dx.doi.org/10.14257/ijseia.2014.8.9.11 Roles and Responsibilities of Cyber Intelligence for Cyber Operations in Cyberspace Jung ho Eom Military Studies, Daejeon University, 62 Daehakro,
More informationAttackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only
Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear
More information