Overview of ITU Cybersecurity Activities

Transcription

1 Overview of ITU Cybersecurity Activities Workshop on NGN Regulation & Migration Strategies 13 & 15 October 2010 New Delhi, India Sameer Sharma Senior Advisor ITU Regional Office for Asia and the Pacific 1

2 Why Cybersecurity? With more than 1 billion people connected to Internet, ICT is driving force for today s economic growth ICT is the most important tool to meet 2015 targets of MDG Misuse of advances in technology and absence of truly global and multi-stakeholder strategies to address the global challenge, are threatening the collective benefits we as citizens of the information society should obtain Financial losses run into billions of dollars both from fraud on Internet and cost of rebuilding networks that suffered cyber attacks Cybersecurity and cyber-peace are the most critical concerns of modern information age WTISD 2009 Theme: Protecting Children in Cyberspace 2

3 Global Cybersecurity Threats Malware (Trojans, Botnets, Worms, etc) Insider Threats (Rogue Employees, Unskilled Employees or Careless employees) Vulnerability Exploitations Mobile Devices (USB Devices, External Drives, Mobile Phones, etc) Social Networking Social Engineering 0-Day Exploits Cloud Security Industrial Espionage information-security-threats-of-2010

4 Security Architecture & Dimensions

5 Security Threats in Multimedia Communications - Example

6 Security Threats in Mobile Communications - Example

7 Global Cybersecurity Issues Minimal Availability of Resources (Financial, Human or Technological) Availability of a central coordination bodies within a country or region Availability of solid Legislation and Enforcement Infrastructures National and International Cooperation on Cybersecurity and Cybercrime Legislations Harmonized approach to Cybersecurity issues within country or region Clearly defined National Critical Information Infrastructures and their protection strategy International Agreements on Cybersecurity and Cybercrime Clearly defined Human Capacity Building strategy Clarity of Regulatory Framework and Mechanisms

8 Issues and Challenges Constant evolution of the nature of cyber-threats Vulnerabilities in software and hardware applications and services Low entry barriers and increasing sophistication of the types of cybercrime committed Loopholes in current legal frameworks Absence of appropriate organizational structures Inadequate cooperation among the various stakeholders Global problem that cannot be solved by any single entity (country or organization) alone Challenging task to develop harmonized and comprehensive global strategies at the international level and implement these with the relevant national, regional, and international stakeholders in the countries 8

9 Cybersecurity: ITU Strategic Direction Cybersecurity One of the Top Priorities of ITU WSIS Action Line C5: Building confidence and security in use of ICTs A fundamental role of ITU, following the World Summit on the Information Society (WSIS) and outcome of the 2006 ITU PP Conference, is to build confidence and security in the use of ICTs At the WSIS, world leaders and governments designated ITU to facilitate the implementation of WSIS Action Line C5, Building confidence and security in the use of ICTs In this capacity, ITU is seeking consensus on a framework for international cooperation in cybersecurity to reach a common understanding of cybersecurity threats among countries at all stages of economic development 9

10 ITU Development Programs( ) Programme 1 Information and communication infrastructure and technology development Programme 2 Programme 3 Cybersecurity, ICT Applications and IP based network related related issues Information and communication infrastructure and technology development Programme 4 Capacity Building and digital inclusion Programme 5 Least developed countries, countries in special need, emergency telecommunications and climate change adaptation

11 RESOLUTION 45 (Rev. Hyderabad, 2010) Mechanisms for enhancing cooperation on cybersecurity, including countering and combating spam Organize, with TSB, meetings of Member States, Sector in conjunction with Programme 2 and based on member contributions, and in collaboration Members and other appropriate relevant stakeholders to discuss ways and means to enhance cybersecurity; Carry out studies on strengthening the cybersecurity of developing countries based on a clear identification of their needs protection of children and youth; Support Member States' initiatives regarding mechanisms for enhancing cooperation on cybersecurity; Assist the developing countries in enhancing their states of preparedness to ensure a high and effective level of security for their critical telecommunication/ict infrastructures; Assist Member States in the establishment of an appropriate framework between the developing countries allowing rapid response to major incidents, and propose action plan to increase protection; Cooperate with the Secretary-General's initiative on cybersecurity, and with the other ITU Sectors in accordance with its mandate; Report results of implementation of this resolution to next WTDC

12 Global Cybersecurity Cooperation The lack of cybersecurity is global problem that cannot be solved by any single entity alone! The world is faced with the challenging task of developing harmonized and comprehensive strategies at the global and international level and implementing these with the various relevant national, regional, and international stakeholders in the countries 12

13 ITU and Cybersecurity 2002 ITU World Telecommunication Development Conference (WTDC), Istanbul, Turkey put cybersecurity as a priority in ITU-D work programme World Leaders at the World Summit on the Information Society (WSIS) entrusted ITU as sole facilitator for WSIS Action Line C5 Building Confidence and Security in the use of ICTs 2006 ITU Plenipotentiary Conference in Antalya, Turkey put cybersecurity as a priority for the Union (Resolutions and Strategic Plan ITU constitutes a unique global forum to discuss cybersecurity. The ITU Secretary-General has set cybersecurity as a top priority. ITU Membership has been calling for a greater role to be played by ITU in matters relating to cybersecurity through a number of Resolutions, Decisions, Programmes and Recommendations. 13

14 GCA: From Strategy to Action 1. Legal Measures 1. Legal Measures ITU Toolkit for Cybercrime Legislation ITU Publication on Understanding Cybercrime: A Guide for Developing Countries 3. Organizational Structures 3. Organizational Structures ITU-IMPACT Collaboration National CIRT establishment Global Cybersecurity Agenda (GCA) Technical Technical and and Procedural Procedural Measures Measures ITU Standardization Work ICT Security Standards Roadmap ITU-R Security Activities ITU-T Study Group 17 ITU-T Study Group 2 5. International Cooperation 5. International Cooperation 4. Capacity Building 4. Capacity Building ITU National Cybersecurity/CIIP Self-Assessment Tool ITU Toolkit for Promoting a Culture of Cybersecurity ITU Botnet Mitigation Toolkit and pilot projects ITU High-Level Expert Group (HLEG) ITU-IMPACT Collaboration ITU Cybersecurity Gateway ITU s Child Online Protection (COP) Collaboration with UNICEF, UNODC, UNICRI, UNICITRAL and UNDIR IMPACT Training and Skills Development Centre IMPACT Research Division 14

15 1. Legal Measures Summary of objective: Harmonization of legal frameworks and the elaboration of strategies for the development of cybercrime legislation that is globally applicable and interoperable with existing national/regional legislative measures. Related activities/initiatives: ITU Cybercrime Legislation Resources ITU Toolkit for Cybercrime Legislation ITU Publication on Understanding Cybercrime: A Guide for Developing Countries Capacity building and training Regional workshops and events 15

16 Examples of Recent Initiatives ITU Toolkit for Cybercrime Legislation aimed at providing countries with sample legislative language and reference material that can assist in the establishment of harmonized cybercrime laws and procedural rules. ITU Publication on Understanding Cybercrime: A Guide for Developing Countries provides a comprehensive overview of the most relevant topics linked to the legal aspect of cybersecurity and cybercrime 16

17 2. Technical and Procedural Measures Summary of objective: Development of strategies for the establishment of globally accepted security protocols, standards, minimum security criteria and accreditation schemes for hardware and software applications and systems Related activities/initiatives: ITU Standardization Work ITU-T Study Group 17 ICT Security Standards Roadmap promoting collaboration between regional/ international organizations and standards bodies ITU Radiocommunications security activities IMPACT Collaboration services, etc. Country direct assistance activities 17

18 Role of ITU-T Plenipotentiary Resolution 130 (2006), Strengthening the role of ITU in building confidence and security in the use of information and communication technologies Instructs Director of TSB to intensify work in study groups, address threats & vulnerabilities, collaborate, and share information Plenipotentiary Resolution 149 (2006), Study of definitions and terminology relating to building confidence and security in the use of information and communication technologies - Instructs Council to study terminology 18

19 ITU-T Global Initiatives: Cybersecurity WTSA-08 Res. 50 Cybersecurity Resolved to prepare, in building upon the information base associated with the ICT Security Standards Roadmap and the ITU-D efforts on cybersecurity, the worldwide harmonization of strategies and approaches in this critically important area; WTSA-08 Res. 52 Countering and combating spam Instructed TSB Director to continue to cooperate with the Secretary-General's initiative on cybersecurity and with the BDT.. in relation to any item concerning cybersecurity in accordance with Res. 45 (Doha, 2006). WTSA-08 Res. 58 National Compute Incident Response Teams Instructed TSB Director to facilitate collaboration between national CIRTs, such as capacity building and exchange of information, within an appropriate framework. 19

20 Cybersecurity Study Group Activities in ITU-T (Standardization) ITU standardization activities are organized under Study Groups that focus on different topic areas (e.g.,security, access & transport networks, multimedia, signalling, numbering, naming and addressing, tariffs, IP and NGN). These compose a unique forum for public-private partnerships Cooperation and collaborative activities exist with many organizations and forums, including regional telecom forums, IETF, ISO,IEC, ETSI, etc. Examples of specific ITU-T activities related to cybersecurity and Child Online Protection include: Study Group 17 Security has primary focus on communication security and is the Lead Study Group on security for ITU-T Study Group 2 Operational aspects of service provision and telecommunication management works on harmonizing numbering resources for child helplines 20

21 Specific Cybersecurity Study Group Activities in ITU-T (Standardization) Study Group 17 has primary focus on communication security and is the Lead Study Group on security for ITU-T Work under way under Study Group 17 Questions: Working Party 1: Network and information security Q 1 Telecommunications systems security project Q 2 Security architecture and framework Q 3 Telecommunications information security management Q 4 Cybersecurity Q 5 Countering spam by technical means Working Party 2: Application security Q 6 Security aspects of ubiquitous telecommunication services Q 7 Secure application services Q 8 Telebiometrics Q 9 Service oriented architecture security Working party 3: Identity management and languages Q 10 Identity management architecture and mechanisms Q 11 Directory services, Directory systems, and public-key/attribute certificates Q 12 Abstract Syntax Notation One (ASN.1), Object Identifiers (OIDs) and associated registration Q 13 Formal languages and telecommunication software Q 14 Testing languages, methodologies and framework Q 15 Open Systems Interconnection (OSI) 21

22 Other Cybersecurity Initiatives in ITU-T Correspondence group on exchange of network digital forensics: Trusted exchange of network forensics, including vulnerabilities, has become an increasingly important and rapidly evolving field of cybersecurity. This generally refers to the acquisition, preservation, and exchange of trusted information associated with an incident, event or discovered vulnerability of interest. Draft Recommendation on Traceback use cases and capabilities. These traceback capabilities should help to find ingress point, path, partial path or source of a network event. X.1240-series of Recommendations on technical means for countering spam. A series of published Recommendations and other draft in progress assist in preventing reception of un-solicited information Supplement 5 to ITU-T Recommendation E.164 Guidance with regards to the selection of numbers for helplines for children was approved in May New Draft Recommendation on Specification of an International Numbering Resource for use in the provisioning of International Help lines This calls for easy-to-remember numbers, accessible from all phones to be made available free of charge. Expecting its approval by the end of

23 ITU-R : Cybersecurity Initiatives Radio spectrum global frequency management is increasingly important for building confidence and security and creating an enabling environment in the use of ICTs. ITU-R plays a central role in facilitating complex intergovernmental negotiations needed to develop legally binding agreements between sovereign states in an increasingly unwired world. Mobile handheld devices are widely used by children and young people and therefore merit extra attention when it comes to security. Some examples of ongoing activities include: Recommendation ITU-R M.1457 Security mechanism incorporated in IMT-2000 Recommendation ITU-R M.1645 Framework and overall objectives of the future development of IMT-2000 and systems beyond IMT-2000 Recommendation ITU-R M.1223 Evaluation of security mechanism for IMT-2000 Recommendation ITU-R M.1078 Security principles for IMT

24 ITU-IMPACT Collaboration IMPACT is the physical home for the GCA, providing expertise and facilities for all ITU Member States to address global cyber threats Global Response Centre (GRC) Threat information aggregation and dissemination expert collaboration Training & Skill Development Security skills training for Member States Security Assurance & Research International benchmarks for Member States Collaborative research on cyber threats. PARTNERS Centre for Policy and International Co operation Advisory services on cybersecurity policy and regulations for Member States 24

25 3. Organizational Structures Summary of objective: Elaboration of global strategies for the creation of appropriate national and regional organizational structures and policies on cybercrime, watch, warning and incident response, generic and universal identity system Related activities/initiatives: IMPACT collaboration related services IMPACT Global Response Centre services, etc. Development of national computer incident response teams (CIRTs) and related training, etc. Capacity building and training Regional workshops and events Direct assistance 25

26 Examples of Ongoing Initiatives for Developing Organizational Structures and Building Incident Management Capabilities Assistance to Developing Countries in the Establishment of Watch, Warning and Incident Response (WWIR) Capabilities Facilitate the deployment of IMPACT s Global Response Centre to Member States Information package sent to all ITU Member States in April 2009 Some 15+ countries confirmed Deployment will start the first week of June Developing National Computer Incident Response Team (CIRT) CIRT Toolkit being developed to assist in the development and implementation of national centers Direct assistance Capacity building and training 26

27 ITU-IMPACT Partner Countries 27

28 4. Capacity Building Summary of Objective: Development of global strategies to facilitate human and institutional capacity building across all relevant aspects of cybersecurity Related Activities/Initiatives: ITU National Cybersecurity/ CIIP Self-Assessment Tool ITU Toolkit for Promoting a Culture of Cybersecurity ITU Botnet Mitigation Toolkit and pilot projects IMPACT Training and Skills Development Centre IMPACT Research Division Capacity building and training for all pillars in the GCA Targeted workshops and events 28

29 Examples of Some Ongoing Initiatives ITU National Cybersecurity/CIIP Self Assessment Tool aimed at assisting governments in examining existing national policies, procedures, norms, institutions and other elements necessary for formulating security strategies in an ever-changing ICT environment. The Cybersecurity Guide for Developing Countries a basic and easy-to-use information resource which provides an initial understanding of the different dimensions of cybersecurity, and some possible solutions scenarios. ITU Regional Cybersecurity Forums 8 regional cybersecurity events held in 2007 and 2008 in all regions. ITU Regional Cybersecurity Forum for Africa and Arab States held in Tunisia, 4-5 June

30 5. International Cooperation Summary of Objective: Development of proposals to enhance international dialogue on issues that pertain to cybersecurity and enhance cooperation and coordination across all relevant activities Related Activities/Initiatives: ITU Secretary-General High Level Expert Group (HLEG) deliverables ITU-International Multilateral Partnership Against Cyber Threats (IMPACT) collaboration ITU Cybersecurity Gateway World Telecommunication and Policy Forum WTPF 2009 opinions (Opinion 1: Internet related public policy issues) ITU s Child Online Protection (COP) initiative Regional cybersecurity forums 30

31 Child Online Protection (COP) Guidelines Draft Guidelines for Children Draft Guidelines for Parents, Guardians and Educators Draft Guidelines for Industry Draft Guidelines for Policy Makers The Draft Child Online Protection Guidelines can be found online at: Note that the Draft Guidelines are currently open for comments (Deadline 30 June 2009) 31

32 Guidelines on COP ITU has been working with some COP members to develop initial sets of guidelines for the different stakeholders. Guidelines for industry Children s Charities Coalition on Internet Safety (CHIS) GSM Association European Broadcasting Union (EBU) INTERPOL AfrISPA Telecom Italia Vodafone Guidelines for policy-makers Children s Charities Coalition on Internet Safety (CHIS) United Nations Interregional Crime and Justice Research Institute (UNICRI) International Centre for Missing and Exploited Children (ICMEC) Child Helpline International (CHI) INTERPOL Guidelines for parents, guardians and educators Children s Charities Coalition on Internet Safety (CHIS) University of Edinburgh, United Kingdom Insafe Network European Network and Information Security Agency (ENISA) European Commission s Safer Internet programme Cyber Peace Initiative Guidelines for children Telefónica Children s Charities Coalition on Internet Safety (CHIS) Save the Children INTERPOL

33 ITU and Cybersecurity in Asia-Pacific Policy related Bhutan Indonesia CIRT Pacific CIRT Afghanistan, Bangladesh, Bhutan, Maldives, Nepal Forums Seminars Regional Forum on Cybersecurity, Vietnam Regional Forum on Cybersecurity, Australia CLMV Ministerial Sub Theme Regional Forum on Cybersecurity, India Ministerial Sub Theme ABBMN

34 Conclusions Cybersecurity and cyber-peace are the most critical concerns of modern information age To build trust, confidence and security in the use of ICTs, ITU has undertaken concrete measures including: Global Cybersecurity Agenda (GCA) Activities that relate to all five pillars of the GCA Child Online Protection (COP) initiative related activities Development of cybersecurity and cybercrime resources and material Anti-spam measures Critical Information Infrastructure Protection (CIIP) related initiatives CERT Assessment and strengthening of CIRTs Fostering enhanced sub-regional, regional and global cooperation Global standardization activities in all the three Sectors of the Union Capacity building, training, direct assistance to countries 34

35 Thank You! For more information see the ITU website at: E mail: sameer.sharma@itu.int International Telecommunication Union