Safety & Security: Cyber Security



Similar documents
Actions and Recommendations (A/R) Summary

Subject: Critical Infrastructure Identification, Prioritization, and Protection

December 17, 2003 Homeland Security Presidential Directive/Hspd-7

Cyber Incident Annex. Cooperating Agencies: Coordinating Agencies:

CYBER SECURITY GUIDANCE

Computer Network Security & Privacy Protection

SECURE CYBERSPACE FEBRUARY 2003

U.S. Cyber Security Readiness

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

Cyber Incident Annex. Federal Coordinating Agencies. Coordinating Agencies. ITS-Information Technology Systems

Cyber-Secure Video & Clean Code Technology For Securing SCADA and Contol Networks. KUSA - An American ECO Engineering Company

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Privacy and Security in Healthcare

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW TECHNOLOGY AND TELECOM COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES

The Comprehensive National Cybersecurity Initiative

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

Preventing and Defending Against Cyber Attacks November 2010

DHS, National Cyber Security Division Overview

Defending Against Data Beaches: Internal Controls for Cybersecurity

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Priority III: A National Cyberspace Security Awareness and Training Program

How To Write A National Cybersecurity Act

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

Business Continuity for Cyber Threat

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education

Preventing and Defending Against Cyber Attacks October 2011

Korea s s Approach to Network Security

Cyber Security Research and Development: A Homeland Security Perspective

INFRAGARD.ORG. Portland FBI. Unclassified 1

Confrontation or Collaboration?

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

What legal aspects are needed to address specific ICT related issues?

Business-Facilitati on Steering Group APEC CYBERSECURITY STRATEGY

An Overview of Large US Military Cybersecurity Organizations

STATEMENT OF JOSEPH M. DEMAREST, JR. ASSISTANT DIRECTOR CYBER DIVISION FEDERAL BUREAU OF INVESTIGATION

Preventing and Defending Against Cyber Attacks June 2011

Information Technology Cyber Security Policy

Legislative Language

Why Cybersecurity Matters in Government Contracting. Robert Nichols, Covington & Burling LLP

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

GAO. CRITICAL INFRASTRUCTURE PROTECTION DHS Leadership Needed to Enhance Cybersecurity

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

WRITTEN TESTIMONY OF

Cyber Security Strategy

Comparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills

H. R SEC DIRECTORATE FOR INFORMATION ANALYSIS AND INFRA STRUCTURE PROTECTION.

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy

Online International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN , Volume-III, Issue-IV, July-Aug 2013

Lessons from Defending Cyberspace

Homeland Security Presidential Directive/HSPD-5 1

National Cyber Security Policy -2013

U. S. Attorney Office Northern District of Texas March 2013

El Camino College Homeland Security Spring 2016 Courses

The Battlefield. critical infrastructure:

The Strategic Importance, Causes and Consequences of Terrorism

Legislative Language

GAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement

TEXAS HOMELAND SECURITY STRATEGIC PLAN : PRIORITY ACTIONS

S AN ACT. To codify an existing operations center for cybersecurity.

An Overview of Cybersecurity and Cybercrime in Taiwan

Statement for the Record. Dr. Andy Ozment Assistant Secretary, Cybersecurity and Communications U.S. Department of Homeland Security

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, February 12, 2013

Protecting Organizations from Cyber Attack

Training Courses Catalog 2015

Oil & Gas Industry Towards Global Security. A Holistic Security Risk Management Approach.

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

Managed Security Services

U.S. Department of Energy Office of Inspector General Office of Audits & Inspections. Evaluation Report

One Hundred Thirteenth Congress of the United States of America

Some Thoughts on the Future of Cyber-security

S. ll IN THE SENATE OF THE UNITED STATES

Standards for Security Categorization of Federal Information and Information Systems

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections. Evaluation Report

Public Private Partnerships and National Input to International Cyber Security

DIVISION N CYBERSECURITY ACT OF 2015

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

HOMELAND SECURITY INTERNET SOURCES

Cybersecurity and Corporate America: Finding Opportunities in the New Executive Order

FINAL // FOR OFFICIAL USE ONLY. William Noonan

Cybersecurity Primer

Enterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security

TITLE III INFORMATION SECURITY

Cyber security Country Experience: Establishment of Information Security Projects.

Cyber Security Strategy of Georgia

Research Note Engaging in Cyber Warfare

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

Thank you for your very kind introduction.

Homeland Open Security Technology HOST Program

Network Security Threat Matrix May 2004

DeltaV System Cyber-Security

OCIE Technology Controls Program

No. 33 February 19, The President

Transcription:

Introduction to Homeland Security Chapter 5 Part III Safety & Security: Cyber Security Information Security and National Network Infrastructure Security Information Security: Techniques used to protect information assets from deliberate or inadvertent unauthorized acquisition, damage, disclosure, manipulation, modification, loss, or use Information Security and National Network Infrastructure Security Network Infrastructure Security: Protection of the physical infrastructure of data networks and peripherals such as fiber optic cables, routers, switches, and servers that allow data in digital format to be transferred from one location to another one or process it to meet user demands 1

Terrorism and the Proliferation of Information Transfer Alfred Toffler, socio-economist, cited that the world (most notably the industrialized world powers) is experiencing a shift in the basis of its economy This new economy, referred to as the Third Wave by Toffler, is one based primarily on the transfer of information Terrorism and the Proliferation of Information Transfer Due to this evolution from an industry based economy to that of an information transfer based economy, there will be subsequent changes in the means by which society lives, works, and communicates Most importantly, there will be a great increase of reliance on computers, the networks that link them together, and the sources that power them Terrorism and the Proliferation of Information Transfer Computers already control and regulate everything from household appliances to satellites, air conditioning systems to nuclear power plants. 2

Terrorism and the Proliferation of Information Transfer We must ask ourselves: Is this shift in the basis of our economy without a cost? Will this high-technology reliant way of life bring about new threats? What will terrorism be like in the info-age and how will it evolve? Terrorism and the Proliferation of Information Transfer With access to the World Wide Web, and personal computers, individuals across the globe possess the means to gain access to highly specific (often private) information By taking advantage of computers, and the information systems that connect them, terrorists now pose a threat on a new front-- cyberspace Terrorism and the Proliferation of Information Transfer Through the use of computers, terrorists can now: Gather intelligence Communicate globally Communicate globally Spread their hate via WWW 3

Terrorism and the Proliferation of Information Transfer Moderately-skilled terrorists can steal valuable information and employ information warfare in order to cause violence and terror in cyberspace This terror caused in cyberspace has the potential to cross over into the real world with catastrophic results, depending on the type of cyber-weapon used and the tactical applications of its purveyor Information Security and National Network Infrastructure Security Hacking: The gaining of unauthorized access to computer systems for the purposes of stealing or corrupting data; also known as cracking Information Security and National Network Infrastructure Security Hacking Incidents: 1980s: 6 teenagers gain access to the Los Alamos National Laboratory computer system 2 plead guilty to 2 counts of making harassing phone calls 1997: Ehud Tenenbaum, AKA The Analyzer hacked into several US computer systems, including military ones Received 18 mos. in prison, served 8 4

Information Security and National Network Infrastructure Security Hacking Incidents (cont.): 2001-2002: Gary McKinnon, AKA Solo, accused of cracking into 97 US military and NASA computers US claims $700,000 in damage Currently undergoing extradition proceeding in the UK Information Security and National Network Infrastructure Security Hacking Incidents (cont.): 7 MAR 2011 China launched a hacking attack on the South Korean Defense Ministry s computer system Obtained confidential information about the ministry s plan to buy the U.S.-made Global Hawk reconnaissance drone S. Korea reports over 2K hacking attempts per year; most from China Information Security and National Network Infrastructure Security Hacking Incidents (cont.): 7 MAR 2011 The French Finance Ministry confirmed it suffered a cyber attack in December from hackers targeting documents related to the French presidency of the G-20 and international economic affairs Attackers were professional and organized Attack was the first in its size and scope against France with 150 ministry computers hacked and several documents pirated 5

Three Styles of Terrorism Conventional Terrorism Technoterrorism Cyber y Terrorism Conventional Terrorism: Essentially the use of violence or threat of violence (intimidation/coercion) directed (normally) toward innocent people in order to attain a particular (often political) goal Conventional terrorists use bombs, guns, and other conventional weapons in their attacks Normally, their attacks are aimed at innocent civilians, although their targets also include high profile individuals and buildings In nearly all cases, targets are SYMBOLIC! Conventional Terrorism An Example 1983 bombing of the USMC headquarters in Beirut, Lebanon Suicide bombing (conventional weapon) that left 241 military personnel dead, and several hundred others injured (high profile symbolic target) Resulting media frenzy negatively influenced public opinion regarding US policy in Lebanon US ground forces were subsequently withdrawn from the area (desired effect) 6

Technoterrorism: Like conventional terrorism, uses conventional weapons (i.e. bombs, guns, etc.) to destroy its targets Unlike conventional terrorism, its immediate targets are not humans Technoterrorism targets are the physical structures that make up the high-tech infrastructure: Electrical grids Telecommunications hubs Information networks Technoterrorism (cont.) The effectiveness of a technoterrorist s attack is entirely reliant on the public s dependence on the high-tech infrastructure assaulted For example, the difference between a technoterrorist bombing an aviation communications center in Tanzania vice that same act in New York City Technoterrorism (cont.) The size of the technoterrorist group does not have to be large in order to operate efficiently and effectively Lastly, technoterrorist groups don t necessitate much funding, due to the nature of their weapons and ready access to their normally stationary targets 7

Cyber Terrorism: The use of computing resources to intimidate or coerce others via the medium of cyberspace Cyber terrorists, like technoterrorists, generate violence/intimidate/coerce by manipulating and destroying high-tech assets Cyber Terrorism vs. Technoterrorism The major difference between cyber terrorists and technoterrorists: Cyberterrorists damage/destroy computer and telecommunications systems from within their software and programming using computers Technoterrorists damage/destroy the physical structures that house these systems. Cyber Terrorism (cont.) Depending on how cyber terrorists apply their weapons, they can also create real world effects through the violence that they create in cyberspace (similar to the technoterrorist) 8

Cyber Terrorism Weapons The cyber terrorist has several softwarebased weapons that can be employed anywhere in cyberspace at any time Viruses Malicious programs that attach themselves to host programs and force the computer to perform actions not intended by its operator Trojan Horses Programs that perform a normal function (i.e. a downloadable internet browser), but secretly release a destructive secondary program upon their entry into the computer Cyber Terrorism Weapons (cont.) Worms Programs developed to travel across a network and perform simple tasks (i.e. data collection) When programmed maliciously, they have the ability to destroy information as viruses do, but they also have the ability to replicate themselves and spread across an entire computer network independently Sniffers Programs that hide themselves on a host network and collect information Cyber Terrorism Weapons (cont.) Electro-magnetic pulse weapons (EMP s) EMP s are weapons that generate a large electro-magnetic pulse that destroys electronics and computer systems in a given area, but does not disrupt the physical surroundings in the area of the systems These can be built from parts available at electronic parts stores and hobby stores. 9

Cyber Terrorism vs. Conventional Terrorism & Technoterrorism The cyber terrorist has several advantages over conventional terrorists and technoterrorists: Global reach The absence of physical harm encountered in the other styles of terrorism The ability to operate totally independently Less physical evidence involved in committing their crimes Cyber Terrorism vs. Conventional Terrorism & Technoterrorism When compared to one another, these three styles of terrorism share similarities: Causing the suffering of innocent victims Use of violence/intimidation/coercion to attain a goal Though, when observed more closely, the means, targets, tactics and cost of the three distinct styles differ greatly Cyber Terrorism vs. Conventional Terrorism & Technoterrorism Since none of the styles of terrorism are mutually exclusive in their tactical applications, they can be applied in conjunction with one another Applications of terrorism are only limited to the creativity of the terrorist or terrorists employing them 10

Information Security and National Network Infrastructure Security DHS acts as the coordinating body of the US govt. to secure the cyberspace and the network infrastructure of the US Protection is the responsibility of the DHS Office of National Protection and Programs Specifically, the National Cybersecurity Division within the Office of Cyber Security and Communications (CS&C) National Cyber Security Division (NCSD) Mission: Work with public, private, and international entities to secure cyber-space and US cyber assets Strategic Objectives: To build and maintain an effective national cyberspace response system To implement a cyber-risk management program for the protection of critical infrastructure 11

NCSD Programs US Computer Emergency Response Team (US- CERT) Partnership between DHS and the public and private sectors Responsible for: Analyzing and reducing cyber threats and vulnerabilities Disseminating cyber threat warning info Coordinating incident response activities NCSD Programs US-CERT (cont.) Member of the National Cyber Response Coordination Group (NCRCG) Made up of 13 federal agencies NCRCG will help to coordinate federal response to a nationally significant cyberrelated incident US-CERT Tools Cyber Security Preparedness and the National Cyber Alert System Provides technical and nontechnical computer users with: Security Alerts Timely info about current security problems Security Tips Advice on common security topics such as: Privacy E-mail spam Wireless protection 12

NCSD Programs Cyber Cop Portal Coordinates with law enforcement to help capture and convict those responsible for cyber attacks Info sharing and collaboration tool Can be accessed by over 5300 investigators worldwide who are involved in electronic crimes cases Cyberspace Priority 1 A National Cyberspace Security Program Focus on: Rapid identification of malicious cyberspace activity Rapid information exchange regarding malicious cyberspace activity Rapid mitigation of damage done by malicious cyberspace activity Emphasis on public-private partnership Protect privacy and civil liberties Cyberspace Priority 1 (cont.) A National Cyberspace Security Program Identified actions and initiatives 1) Establish a public-private architecture responding to national-level cyber incidents 2) Provide for the development of tactical and strategic analysis of cyber attack vulnerability assessments 3) Encourage the development of a private-sector capability to share a synoptic (same) view of the health of cyberspace 4) Expand the Cyber Warning and Information Network to support the DHS in coordinating crisis management for cyberspace security 13

Cyberspace Priority 1 (cont.) Identified actions and initiatives (cont.) 5) Improve national incident management 6) Coordinate processes for voluntary participation in the development of national public-private continuity and contingency plans for federal systems 7) Exercise cyber security continuity plans for federal systems 8) Improve and enhance public-private info-sharing involving cyber attacks, threats, and vulnerabilities Cyberspace Priority 2 A National Cyberspace Security Threat and Vulnerability Reduction Program An organized cyber attack could endanger the security of the US s critical infrastructure Vulnerabilities: Information assets External support structures Vulnerabilities result from: Weaknesses in technology Improper implementation and oversight of technological products Cyberspace Priority 2 (cont.) A National Cyberspace Security Threat and Vulnerability Reduction Program Identified actions and initiatives 1) Enhance law enforcement s capabilities for preventing and prosecuting cyberspace attacks 2) Create a process for national vulnerability assessments to better understand the potential consequences of threats and vulnerabilities 3) Secure the mechanisms of the Internet, improving protocols and routing 4) Foster the use of trusted digital control systems/supervisory control and data acquisition systems 14

Cyberspace Priority 2 (cont.) Identified actions and initiatives (cont.) 5) Reduce and remediate software vulnerabilities 6) Understand infrastructure interdependencies and improve the physical security of cyber systems and telecommunications 7) Prioritize federal cyber security research and development agendas 8) Assess and secure emerging systems Cyberspace Priority 3 A National Cyberspace Security Awareness and Training Program Many cyber vulnerabilities exist because of lack of awareness on the part of: Computer users System administrators Technology developers Procurement officials Auditors Chief Information Officers (CIOs) Chief Executive Officers (CEOs) Corporate boards Such awareness-based vulnerabilities present serious risks to infrastructure whether or not they exist within the infrastructure itself Cyberspace Priority 3 (cont.) A National Cyberspace Security Awareness and Training Program Identified actions and initiatives 1) Promote a comprehensive national awareness program to empower all Americans, businesses, the general workforce, and the general population to secure their own parts of cyberspace 2) Foster adequate training and education programs to support the nations cyber security needs 3) Increase the efficiency of existing federal cyber security training programs 4) Promote private-sector support for wellcoordinated, widely recognized professional cyber security certifications 15

Cyberspace Priority 4 Securing Governments Cyberspace Govt.s only administer a minority of the nation s critical infrastructure, but govt.s at all levels perform essential functions in: Agriculture Information and telecommunications Food Energy Water Transportation Public health Banking and finance Emergency services Chemicals Defense Postal shipping Social welfare Govt.s need to lead by example in cyberspace security and foster a marketplace for more secure technologies Cyberspace Priority 4 (cont.) Securing Governments Cyberspace Identified actions and initiatives 1) Continuously assess threats and vulnerabilities to federal cyber systems 2) Authenticate and maintain authorized users of federal cyber systems 3) Secure federal wireless local-area networks (LANs) 4) Improve security in govt outsourcing and procurement 5) Encourage state and local govt.s, consider establishing information technology security programs, and participate in info sharing and analysis centers with similar govt.s Cyberspace Priority 5 National Security and International Cyberspace Security Cooperation America s cyberspace links the US to the rest of the world Cyber attacks can quickly come from anywhere Determining source of attacks can be difficult International cooperation required to: Facilitate info-sharing Reduce vulnerabilities Deter malicious actors 16

Cyberspace Priority 5 (cont.) National Security and International Cyberspace Security Cooperation Identified actions and initiatives 1) Strengthen cyber-related intelligence efforts 2) Improve capabilities for attack attribution and response 3) Improve coordination for responding to cyber attacks within the US national security community Cyberspace Priority 5 (cont.) Identified actions and initiatives (cont.) 4) Work w/industry and through international organizations to facilitate dialogue and partnerships among international public and private sectors focused on protecting info infrastructures and promoting global culture of security 5) Foster the establishment of national and international watch-and-warning networks to detect and prevent cyber attacks as they emerge 6) Encourage other nations to accede to Council of Europe Convention on Cyber Crime or to ensure that their laws and procedures are at least as comprehensive 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information