View
1.420
Download
1
Category
Preview:
Citation preview
CYBER WARFARE & NATIONAL SECURITY: IMPLICATIONS AND CHALLENGES
DR TUGHRAL YAMIN
ASSOCIATE DEAN CIPS, NUST
AIM
TO HIGHLIGHT THE STRUCTURAL & POLICY SHORTCOMINGS WITH REGARDS TO CYBER SECURITY IN THE OVERALL FRAMEWORK OF
PAKISTAN’S NATIONAL SECURITY
NATIONAL SECURITY
CONCEPT • NATIONAL SECURITY CALLS UPON A
GOVERNMENT, ALONG WITH ITS PARLIAMENT TO PROTECT THE STATE AND ITS CITIZENS AGAINST ALL KIND OF THREATS THROUGH A VARIETY OF POWER PROJECTION MEANS, SUCH AS
– POLITICAL POWER
– DIPLOMATIC INFLUENCE
– ECONOMIC CAPACITY
– MILITARY MIGHT
• MANY COUNTRIES INCLUDING PAKISTAN ARROGATE THE RESPONSIBILITY OF COORDINATING NATIONAL SECURITY MATTERS TO THE NATIONAL SECURITY COUNCIL (NSC)
SLICES OF NATIONAL SECURITY TERRITORIAL
POLITICAL
ECONOMIC
ENERGY & NATURAL RESOURCES
HOMELAND
HUMAN
ENVIRONMENTAL
CYBER
FOOD
ESSENTIAL ELEMENTS OF A COMPREHENSIVE SECURITY FRAMEWORK
• STRONG LEADERSHIP TO PROVIDE – VISION – ACROSS THE BOARD
COORDINATION
• CLEAR CUT POLICY & STRATEGY WITH PRECISE MISSION STATEMENT
• ADEQUATE FUNDS & HUMAN/MATERIAL RESOURCES
• UNAMBIGIOUS SET OF LAWS & LAW ENFORCEMENT CAPACITY
LEADERSHIP
RESOURCES
POLICY & STRATEGY
LAWS
CYBER SECURITY
REFERS TO PROTECTION OF OFFICIAL AND PERSONAL COMPUTER AND DATA PROCESSING INFRASTRUCTURE AND OPERATING SYSTEMS (OS) FROM HARMFUL INTERFERENCE, FROM OUTSIDE OR INSIDE THE COUNTRY
INVOLVES NOT ONLY NATIONAL DEFENSE & HOMELAND SECURITY BUT ALSO LAW ENFORCEMENT
CYBER WARFARE & CYBER ATTACKS
DEFINITION
AN INTERNET-BASED CONFLICT INVOLVING ATTACKS ON THE ADVERSAY’S INFORMATION & INFORMATION SYSTEMS
PURPOSE OF CYBER ATTACKS
DEFACE WEBSITES
DISABLE NETWORKS
DIRUPT/ DISABLE ESSENTIAL SERVICES
STEAL OR ALTER DATA
CRIPPLE FINANCIAL SYSTEMS
MANIFESTATION OF CYBER ATTACK
• SECURITY BREACHES
• ECONOMIC LOSSES
• PSYCHOLOGICAL TRAUMA
• PHYSICAL DAMAGE
DISRUPTION OF
COMPUTER SYSTEMS –
LONG DOWN TIME
FEAR & PANIC
FLIGHT
KNEEJERK REACTION
SMALLSCALE ID THEFTS
MASSIVE DATA
BREACHES
FRAUD
LARGESCALE MONETARY
THEFT
HOW CAN CYBER ATTACKS HURT NATIONAL SECURITY?
CYBER ATTACKS CAN:
• PARALYSE THE GOVERNMENT’S DECISION MAKING SYSTEMS
• CRIPPLE A NATION’S CRITICAL INFRASTRUCTURE
• CAUSE MASSIVE PANIC & TRIGGER INADVERTENT WARS
PARALYSIS
COLLAPSE PANIC
TYPES OF CYBER ATTACKS
• VIRUSES
• WORMS
• TROJAN HORSES SYNTACTIC
ATTACKS
• MISLEADING INFORMATION TO DISTRACT OR COVER OWN TRACKS
SEMANTIC
ATTACKS
CYBER TARGETS • PERSONAL COMPUTERS • COMPUTER NETWORKS
MANAGING THE INFORMATION SYSTEMS OF ORGANIZATIONS, BUSINESSES, FINANCIAL INSTITUTIONS ETC
• CRITICAL INFRASTRUCTURE (VITAL ASSETS OF A NATION – VIRTUALLY/PHYSICALLY) CONTROLLED BY SUPERVISORY CONTROL & DATA ACQUISITION (SCADA)
CRITICAL INFRASTRUCTURE
COMPUTER NETWORKS
PERSONAL COMPUTERS
HOW DOES A TYPICAL CYBER ATTACK TAKES PLACE?
MALICIOUS ACTS ORIGINATING FROM AN ANONYMOUS SOURCES HACKING INTO A SUSCEPTIBLE SYSTEM TO EITHER • STEAL • ALTER OR • DESTROY A SPECIFIED
TARGET
WHO CAN LAUNCH CYBER ATTACKS?
• STATE ACTORS
• NON STATE ACTORS
• CRIMINALS
• HACKTIVISTS
• FREELANCERS
• KID IN THE BASEMENT
• INSIDERS
PROBLEMS WITH CYBER RESPONSES
NO RULES OF ENGAGEMENT
PROBLEM IN DETERMINING A PROPORTIONATE RESPONSE
DIFFICULTY IN ATTRIBUTION
BROAD SPECTRUM OF CYBER ATTACKS
US CYBER SECURITY AGENCIES
• OFFICE OF THE CYBER SECURITY COORDINATOR
• DEPARTMENT OF HOMELAND SECURITY (DHS)
• NATIONAL SECURITY AGENCY (NSA)
• CYBER COMMAND (CYBERCOM)
DEPARTMENT OF HOMELAND SECURITY (DHS)
NATIONAL SECURITY AGENCY (NSA)
LEVEL AUSTRALIA UK
STRAT CYBER SECURITY POLICY & COORD COMMITTEE (LEAD AGENCY: THE ATTORNEY GENERAL’S DEPARTMENT) FUNCTION: INTERDEPARTMENTAL COMMITTEE THAT COORDS DEVELOPMENT OF CYBER SECURITY POLICY FOR THE GOVT
OFFICE OF THE CYBER SECURITY (OCS) FUNCTION: PROVIDES STRAT LEADERSHIP & COHERENCE ACROSS ALL DEPTS OF THE GOVT
TAC CYBER SECURITY OPERATIONS CENTRE (UNDER DEFENCE SIGNALS DIRECTORATE) FUNCTION: PROVIDES GOVET WITH ALL SOURCE CYBER SITREP
CYBER SECURITY OPS CENTRE (CSOC) FUNCTION: ACTIVELY MONITORS THE HEALTH OF CYBERSPACE & COORDS INCIDENCE RESPONSE
OP CERT AUSTRALIA GOVCERTUK
PM OFFICE/ CABINET SECY (PMO/ CAB SEC)
MINISTRY OF HOME AFFAIRS (MHA)
MINISTRY OF EXTERNAL AFFAIRS (MEA)
MINISTRY OF DEFENCE (MOD)
MINISTRY OF COMMON INFO TECHNOLOGY (MCIT)
NON GOVT ORGANISATION (NGO)
NATIONAL SECURITY COUNCIL (NSC)
NATIONAL CYBER COORD CENTRE (NCCC)
AMBASSADORS & MINISTERS
TRI SERVICE CYBER COMMAND
DEPARTMENT OF INFORMATION TECHNOLOGY (DIT)
CYBER SECURITY AND ANTI HACKING ORGANISATION (CSAHO)
National Technical Research Org (NTRO)
Directorate of Forensic Science (DFS)
Defence Attaches
Army (MI) Department of Telecom (DoT)
Cyber Society of India (CySI)
National Critical Info Infrastructure Protection Centre(NCIIPC)
National Disaster Mgt Authority (NDMA)
Joint Secretary (IT) Navy (NI) Indian Computer Emergency Response Team CERT-IN
Centre of Excellence for Cyber Security Research & Development In India (CECSRDI)
Joint Intelligence Group (JIG)
Central Forensic Science Lab (CFSLs)
Air Force (AFI) Education Research Network (ERNET)
Cyber Security of India(CSI)
National Crisis Management Committee (NCMC)
Intelligence Bureau (IB)
Def Info Assurance & Research Agency (DIARA)
Informatics Center (NIC)
National Cyber Security of India (NCS)
Research & Analysis Wing (RAW)
Defence Intelligence Agency (DIA)
Centre for Development of Advanced Computing C-DAC
Cyber Attacks Crisis Management Plan of India (CACMP)
Multi Agency Center (MAC)
Defence Research Dev Authority (DRDO)
Standardisation, Testing and Quality Certification (STQC)
National Information Board (NIB)
CYBER SECURITY HIERARCHY IN INDIA
US
FOC
US
ON
IT S
ECU
RIT
Y
COMPUTERS/ICT FORM THE FOUNDATION OF US ECONOMY AND DRIVE THE TECHNOLOGICAL CHANGE THAT ALLOWS SMALL AND MEDIUM-SIZED BUSINESSES TO COMPETE IN THE GLOBAL MARKETPLACE
ECONOMIC GROWTH IS THREATENED BY A CORRESPONDING GROWTH IN CYBER THREATS
INCREASING DATA BREACHES, THEFT OF INTELLECTUAL PROPERTY THROUGH CYBER MEANS, AND CYBER ATTACKS ARE RESULTING IN REAL COSTS AND CONSEQUENCES FOR THE AMERICAN ECONOMY
US GOVERNMENT IS TAKING ACTIONS TO BETTER PREPARE ITSELF, ITS ECONOMY, AND THE NATION AS A WHOLE TO DEFEND AGAINST GROWING CYBER THREATS
CYBER THREATS POSE ONE OF THE GRAVEST NATIONAL SECURITY DANGERS TO THE US
US BUDGETARY STRATEGY FOR CYBERSECURITY
SEVERAL BUDGETARY, PROGRAMMATIC &
LEGISLATIVE STRATEGIES TO IMPROVE THE CYBERSECURITY
INFRASTRUCTURE AND COMBAT GROWING
CYBER THREAT DOMESTICALLY AND
GLOBALLY
UPDATED CYBERSECURITY LEGISLATIVE PROPOSAL THAT WILL PROVIDE THE FEDERAL GOVERNMENT
AND PRIVATE SECTOR THE NECESSARY TOOLS TO IMPROVE NATIONAL
CYBERSECURITY
IN FY 2016, THE PRESIDENT'S BUDGET
PROPOSES $14 BILLION IN CYBERSECURITY FUNDING FOR CRITICAL INITIATIVES
AND RESEARCH
US STRATEGIC INVESTMENTS IN CYBER SECURITY
DHS TO LEAD IMPLEMENTATION
OF THE CONTINUOUS
DIAGNOSTICS & MITIGATION
(CDM)
NATIONAL CYBERSECURITY
PROTECTION SYSTEM BETTER
KNOWN AS EINSTEIN
CYBERSECURITY CROSS-AGENCY PRIORITY GOAL
AND IMPLEMENT POSTWIKILEAKS
SECURITY IMPROVEMENTS ON CLASSIFIED
NETWORKS, PURSUANT TO E.O.
13587
$582 MILLION
US PRESIDENT’S BUDGET FY 2016
OUTREACH TO PRIVATE SECTOR
SHAPING THE FUTURE CYBER ENVIRONMENT
NATIONAL SECURITY
AND CYBER THREATS
$149 MILLION
$243 MILLION
$514 MILLION
CYBERCOM
XXXX
TO BE
BROUGHT TO FULL
STRENGTH
US DEPARTMENT OF DEFENSE BUDGET
FEDERAL CIVILIAN CYBER
CAMPUS
$227 MILLION TO FUND THE 1ST
PHASE OF CONSTRUC
TION
CYBER INTELLIGENCE INTEGRATION,
ANALYSIS & PLANNING WITHIN
THE FEDERAL GOVERNMENT
$35 MILLION
2015 US CYBERSECURITY LEGISLATIVE PROPOSAL
THREE CENTRAL ELEMENTS AIM AT ENSURING NATIONAL SECURITY, WHILE ALSO PROTECTING THE PERSONAL DATA AND PRIVACY OF CITIZENS BY: • FACILITATING GREATER VOLUNTARY SHARING OF CYBER THREAT INFORMATION BETWEEN THE GOVERNMENT AND PRIVATE SECTOR • INCENTIVIZING FURTHER DEVELOPMENT OF INFORMATION SHARING AND ANALYSIS ORGANIZATIONS TO IMPROVE THE VOLUNTARY SHARING OF CYBER THREAT INFORMATION WITHIN THE PRIVATE SECTOR AND BETWEEN THE PRIVATE SECTOR AND THE GOVERNMENT. PROTECTS THE PRIVACY OF AMERICANS BY REQUIRING PRIVATE ENTITIES THAT SHARE VOLUNTARILY UNDER THE PROPOSAL'S AUTHORITY, TO COMPLY WITH CERTAIN PRIVACY RESTRICTIONS, SUCH AS REMOVING UNNECESSARY PERSONAL INFORMATION IN ORDER TO QUALIFY FOR LIABILITY PROTECTION ESTABLISH DATA BREACH STANDARDS • ESTABLISHING A SINGLE FEDERAL STANDARD FOR NOTIFYING INDIVIDUALS IN A TIMELY, CONSISTENT WAY WHEN PRIVATE SECTOR DATA BREACHES OCCUR; THIS HELPS BUSINESSES AND CONSUMERS BY SIMPLIFYING AND STANDARDIZING THE EXISTING PATCHWORK OF 47 STATE LAWS THAT CONTAIN DATA BREACH REPORT REQUIREMENTS INTO ONE FEDERAL STATUTE. THIS IS PART OF OUR COMMITMENT TO BALANCE SECURITY AND PRIVACY, ENSURING CITIZENS RECEIVE TIMELY INFORMATION ON THEIR DATA IN THE EVENT OF A BREACH. THIS WILL:
– PROVIDE A SINGLE THRESHOLD FOR NOTIFICATION – ESTABLISH DEADLINES FOR NOTIFICATION OF CYBER INCIDENTS
US POLICY TO MODERNIZE LAW ENFORCEMENT AUTHORITIES
• ENSURE LAW ENFORCEMENT HAS THE TOOLS TO INVESTIGATE, DISRUPT & PROSECUTE CYBERCRIME • ALLOW PROSECUTION FOR THE SALE OF BOTNETS • ENABLE LAW ENFORCEMENT TO PROSECUTE THE OVERSEAS SALE OF STOLEN FINANCIAL INFORMATION LIKE CREDIT CARD AND BANK ACCOUNT NUMBERS • EXPANDS FEDERAL LAW ENFORCEMENT AUTHORITY TO DETER THE SALE OF SPYWARE USED TO STALK OR COMMIT ID THEFT • COURTS TO BE GIVEN THE AUTHORITY TO SHUT DOWN BOTNETS ENGAGED IN DISTRIBUTED DENIAL OF SERVICE ATTACKS AND OTHER CRIMINAL ACTIVITY
INTERNATIONAL CYBER BUDGETS
INDIA’S CYBER-SECURITY BUDGET ‘WOEFULLY INADEQUATE’: EXPERTS
• INDIA'S CYBER-SECURITY BUDGET WAS MORE THAN DOUBLED LAST YEAR. YET, IT IS “WOEFULLY INADEQUATE” IN THE WAKE OF REVELATIONS MADE BY US NATIONAL SECURITY AGENCY CONTRACTOR EDWARD SNOWDEN AND INCREASING CYBER-ATTACKS ON GOVERNMENT INFRASTRUCTURE, ACCORDING TO EXPERTS.
• IN 2014-15, THE DEPARTMENT OF IT HAS SET ASIDE RS 116 CRORE FOR CYBER SECURITY. THE COUNTRY HAS PROPOSED TO SET UP A NATIONAL CYBER COORDINATION CENTRE (NCCC) WITH A SEPARATE BUDGET OF RS 1,000 CRORE. THE COORDINATION CENTRE IS STILL AWAITING CABINET CLEARANCE. “ALLOCATION IS WOEFULLY INADEQUATE GIVEN SNOWDEN'S REVELATIONS - WE NEED AT LEAST 10 TIMES THAT AMOUNT,” SAID SUNIL ABRAHAM, EXECUTIVE DIRECTOR AT CENTER FOR INTERNET AND SOCIETY.
THE ECONOMIC TIMES 28 JANUARY 2015
CYBER SECURITY ARCHITECTURE
& COORD MECHANISM
CYBER SECURITY POLICY
CYBER LAW
CYBER EMERGENCY RESPONSE
SLOW PROGRESS
LITTLE OR NO PROGRESS
SURROUNDED BY CONTROVERSY
LITTLE PROGRESS
CYBER FUNDS ?????????
WH
ITH
ER C
YB
ER S
ECU
RIT
Y IN
PA
KIS
TAN
?
WHO IS RESPONSIBLE FOR CYBER SECURITY
IN PAKISTAN?
NO DESIGNATED
LEAD AGENCY
MULTIPLE STAKEHOLDERS
GOVERNMENT INDUSTRY ACADEMIA
CIVIL SOCIETY PUBLIC
CYBERSECURITY STAKEHOLDERS
GOVERNMENT • CABINET COMMITTEE ON NATIONAL
SECURITY • NATIONAL SECURITY COUNCIL (NSA: LTG N.K. JANJUA) • SENATE COMMITTEE ON DEFENCE (CHAIR: SEN. M.H. SAYED) • SENATE COMMITTEE ON TECH & IT (CHAIR: SEN. SHAHI SAYED) • NA STANDING COMMITTEE ON TECH &
IT (CHAIR: CAPT SAFDAR) • MINISTRY OF DEFENCE • MINISTRY OF INTERIOR • MINISTRY OF FOREIGN AFFAIRS • MINISTRY OF IT • JS HQ • INTELLIGENCE AGENCIES
PUBLIC • PAKISTAN SOFTWARE HOUSES
ASSOCIATION (PASHA)
• INTERNET SERVICE PROVIDERS ASSOCIATION OF PAKISTAN (ISPAK)
• PAKISTAN INFORMATION SECURITY ASSOCIATION (PISA)
• E COMMERCE ENTREPRENEURS
• DIGITAL RIGHTS ACTIVISTS (BOLO BHI)
• SOCIAL MEDIA ACTIVISTS
• ORDINARY CITIZENS
SENATE COMMITTEE FOR DEFENCE
ACTION PLAN FOR CYBER SECURE PAKISTAN (JULY 2013)
• POINT 1. RELEVANT LEGISLATION TO PRESERVE, PROTECT AND PROMOTE PAKISTAN’S CYBER
SECURITY
• POINT 2. CYBER SECURITY THREAT TO BE ACCEPTED AND RECOGNIZED AS NEW, EMERGING NATIONAL SECURITY THREAT BY THE GOVERNMENT OF PAKISTAN, SIMILAR TO THREATS LIKE TERRORISM AND MILITARY AGGRESSION
• POINT 3. ESTABLISH A NATIONAL COMPUTER EMERGENCY RESPONSE TEAM (PKCERT).
• POINT 4. ESTABLISH A CYBER-SECURITY TASK FORCE WITH AFFILIATION WITH MINISTRY OF DEFENCE, MINISTRY OF IT, MINISTRY OF INTERIOR, MINISTRY OF FOREIGN AFFAIRS, MINISTRY OF INFORMATION AND OUR SECURITY ORGANIZATIONS PLUS RELEVANT AND LEADING PROFESSIONALS FROM THE PRIVATE SECURITY SO THAT PAKISTAN CAN TAKE STEPS TO COMBAT THIS NEW EMERGING THREAT AND FORMULATE CYBER SECURITY STRATEGY FOR PAKISTAN.
• POINT 5. UNDER THE OFFICE OF THE CHAIRMAN JOINT CHIEFS OF STAFF COMMITTEE, AN INTER-SERVICES CYBER COMMAND SHOULD BE ESTABLISHED TO COORDINATE CYBER SECURITY AND CYBER DEFENCE FOR THE PAKISTAN ARMED FORCES.
• POINT 6. WITHIN THE FRAMEWORK OF SAARC, PAKISTAN SHOULD TAKE THE INITIATIVE TO INITIATE TALKS AMONG THE 8-MEMBER STATES PARTICULARLY INDIA TO ESTABLISH ACCEPTABLE NORMS OF BEHAVIOR IN CYBER SECURITY AMONG THE SAARC COUNTRIES SO THAT THESE COUNTRIES ARE NOT ENGAGED IN CYBER WARFARE AGAINST EACH OTHER.
• POINT 7. SPECIAL MEDIA WORKSHOPS ON CYBER SECURITY AWARENESS
NATIONAL CYBER SECURITY COUNCIL BILL (INTRODUCED 14.04.2014)
• WITHIN SIXTY DAYS OF THE ENACTMENT OF THIS ACT, THE SENATE STANDING COMMITTEE ON DEFENCE SHALL CONSTITUTE THE NATIONAL CYBER SECURITY COUNCIL
• NO ACT OF THE COUNCIL SHALL BE INVALID BY REASON ONLY OF THE EXISTENCE OF ANY VACANCY AMONG ITS MEMBERS OR ANY DEFECT IN ITS CONSTITUTION DISCOVERED AFTER SUCH ACT OR PROCEEDING OF THE COUNCIL: PROVIDED THAT AS SOON AS SUCH DEFECT HAS BEEN DISCOVERED, THE MEMBER SHALL NOT EXERCISE THE FUNCTIONS OR POWERS OF HIS MEMBERSHIP UNTIL THE DEFECT HAS BEEN RECTIFIED
• THE COUNCIL SHALL MEET AT LEAST ONCE IN EACH QUARTER OF A YEAR • THE COUNCIL MAY FROM TIME TO TIME DELEGATE ONE OR MORE OF ITS
FUNCTIONS AND POWERS TO ONE OR MORE OF ITS MEMBERS, HOWEVER, UNDER NO CIRCUMSTANCE SHALL BE FURTHER DELEGATED.
• DECISIONS OF THE COUNCIL SHALL BE TAKEN BY A MAJORITY OF THE MEMBERS. • SAVE AS PROVIDED HEREIN, THE TERMS AND CONDITIONS OF SERVICE OF THE
MEMBERS OF THE COUNCIL SHALL BE SUCH AS MAY BE PRESCRIBED. • CHAIR. CHAIRMAN SENATE STANDING COMMITTEE ON DEFENCE • MEMBERS
– FEDERAL GOVT (21) – PRIVATE SECTOR (9)
MANDATE OF THE NATIONAL CYBER SECURITY COUNCIL
• DEVELOP POLICY, RENDER ADVICE, CONDUCT RESEARCH AND ESTABLISH START UP INITIATIVES • ESTABLISH A NATIONAL CYBER SECURITY STRATEGY WHICH MAY BE UPDATED FROM TIME TO TIME, AS AND WHEN
DEEMED APPROPRIATE, BUT NOT LATER THAN EVERY THREE YEARS • ESTABLISH AN INTERNATIONAL CYBER SECURITY STRATEGY WHICH MAY BE UPDATED FROM TIME TO TIME, AS
AND WHEN DEEMED APPROPRIATE BUT NOT LATER THAN EVERY THREE YEARS • UNDERTAKE INITIATIVES AS PROVIDED FOR UNDER SECTION 6; • DEVELOP AND DRAFT POLICY, GUIDELINES AND GOVERNANCE MODELS RELATED TO EVER EMERGING CYBER
SECURITY THREATS; • ADVISE AND MAKE RECOMMENDATIONS TO THE SENATE AND THE NATIONAL ASSEMBLY, JUDICIARY AND ALL
MINISTRIES, DEPARTMENTS AND BRANCHES OF GOVERNMENT ON POLICY AND LEGISLATION WITH RESPECT TO CYBER SECURITY;
• MONITOR LEGISLATION AND PROVIDE ADVICE AND RECOMMENDATIONS WITH THE OBJECTIVE OF ENSURING THAT LEGISLATION REFLECTS INTERNATIONAL BEST PRACTICES WITH RESPECT TO CYBER SECURITY;
• ADVISE AND MAKE RECOMMENDATIONS TO GOVERNMENT DEPARTMENTS ON MECHANISMS TO IMPLEMENT POLICIES RELATED TO CYBER SECURITY AND MONITOR AND HAVE PERFORMANCE AUDIT CONDUCTED THEREOF;
• MAKE RECOMMENDATIONS TO THE GOVERNMENT FOR ADOPTION EITHER THROUGH POLICIES AND REGULATORY MEANS OF STANDARDIZATION, HARMONIZATION AND ACCREDITATION WITH REGARDS TO CRITICAL INFORMATION INFRASTRUCTURE;
• COORDINATE AND CONSULT WITH ALL REPRESENTATIVE STATE AND NON-STATE ACTORS ON IMPLEMENTATION OF POLICIES, INITIATIVES AND LEGISLATION ON CYBER SECURITY;
• FACILITATE COMMUNICATIONS BETWEEN THE GOVERNMENT AND PRIVATE SECTOR ENTITIES, ACADEMIA, CYBER SECURITY EXPERTS THROUGH MULTI-STAKEHOLDER MEETINGS HELD WITH SUCH FREQUENCY AS DETERMINED NECESSARY BY THE COUNCIL;
• ESTABLISH THE ADVISORY GROUPS AS PROVIDED BY SECTION 10 TO PROVIDE NON BINDING INPUT TO THE NATIONAL CYBER SECURITY COUNCIL ON STRATEGIC PLANS AS AND WHEN CALLED UPON TO DO SO FROM TIME TO TIME;
• IN PARTICULAR ADVISE, ASSIST, COLLABORATE AND COORDINATE WITH NATIONAL SECURITY APPARATUS OF THE STATE OF PAKISTAN FOR CONTINUALLY IMPROVING THE STATE OF CYBER SECURITY WITH RESPECT TO ALL ASPECTS AND INTERESTS OF THE STATE;
• COORDINATE, COLLABORATE AND CONDUCT EXCHANGES WITH INTERNATIONAL BODIES, FORA AND ENTITIES, INTERALIA, IN CONNECTION WITH THE FUNCTIONS AND POWERS HEREIN;
• CAUSE RESEARCH AND DEVELOPMENT TO BE CONDUCTED WITH RESPECT TO KALEIDOSCOPIC CYBER SECURITY THREATS, DEVELOPMENTS, BEST PRACTICES AND INTERNATIONAL LAWS AND OBLIGATIONs;
• PROMOTE GENERAL AWARENESS WITH RESPECT TO CYBER SECURITY AWARENESS, PARTICULARLY THE IN-HOUSE ROLE AND RESPONSIBILITY OF INDIVIDUALS, CORPORATE ENTITIES AND ORGANIZATIONS ;
• DEVELOP A TEN YEAR AND TWENTY YEAR VISION WITH REGARDS TO CYBER SECURITY; • LEGISLATE AND UPDATE SUCH RULES FOR THE INTERNAL ADMINISTRATION AND OPERATIONS OF
THE COUNCIL, ITS PERSONNEL AND ADVISORY GROUPS, AS IT MAY CONSIDER APPROPRIATE FOR CARRYING OUT THE PURPOSES OF THIS ACT;
• INCLUSIVELY, COLLABORATE WITH THE CORPORATE ENTITIES, PRIVATE SECTOR, CYBER SECURITY ACADEMIA, PROFESSIONALS, CIVIL SOCIETY AND COMMUNITY TO ACHIEVE THE OBJECTIVES;
• THE COUNCIL MAY DELEGATE THE FUNCTIONS AND POWERS TO ANY ONE OR MORE OF THE ADVISORY GROUPS, AS IT DEEMS APPROPRIATE.
2015 JOINT STATEMENT BY PRESIDENT BARACK OBAMA AND PRIME MINISTER NAWAZ SHARIF
CYBERSECURITY • RECOGNIZING THE OPPORTUNITIES AND CHALLENGES PRESENTED
BY INFORMATION AND COMMUNICATIONS, TECHNOLOGIES PRESIDENT OBAMA AND PRIME MINISTER SHARIF AFFIRMED THAT INTERNATIONAL COOPERATION IS ESSENTIAL TO MAKE CYBERSPACE SECURE AND STABLE
• BOTH LEADERS ENDORSED THE CONSENSUS REPORT OF THE 2015 UN GROUP OF GOVERNMENTAL EXPERTS IN THE FIELD OF INFORMATION AND TELECOMMUNICATIONS IN THE CONTEXT OF INTERNATIONAL SECURITY
• THE LEADERS LOOKED FORWARD TO FURTHER MULTILATERAL ENGAGEMENT, AND DISCUSSION OF CYBER ISSUES AS PART OF THE US-PAKISTAN STRATEGIC DIALOGUE
ARCHITECTURE
POLICY & LAWS
FUNDS & RESOURCES
AWARENESS & PREPAREDNESS
DEVELOPMENT PLAN
INTERNATIONAL RELATIONS
NATIONAL CYBER SECURITY COUNCIL TO BE MADE
PART OF THE NSA
PK CERT TO BE ESTABLISHED WITHOUT FURTHER DELAY
COMPREHENSIVE CYBER SECURITY POLICY TO COORDINATE & ENSURE ALL CYBER MATTERS WHILE ADDRESSING THE CITIZEN’S RIGHT TO PRIVACY
GOVERNMENT SHOULD ALLOCATE ADEQUATE FUNDS & RESOURCES FOR CYBER SECURITY
PROPOSALS
CYBER SECURITY AWARENESS TO BE CREATED WITHIN THE GOVT, CORPORATE SECTOR, INDUSTRY, PRIVATE BUSINESSES & ACADEMIA
•DEVELOP OWN HARDWARE & INFRASTRUCTURE •DEVELOP INDEPENDENT OS FOR THE ARMED FORCES & SECURITY ORGANIZATIONS •IN THE LONGTERM DEVELOP OWN INTERNET
•BRING FORTH NATIONAL VIEWPOINT ACCURATELY IN THE UN GGE & OTHER INTERNATIONAL MEETINGS •CONCLUDE CYBER CBMs WITH INDIA (SAARC SUMMIT 2016)
PROPOSED CYBER COMMAND
CYBERCOM
ARMY AIR FORCE NAVY
SECTT
EXAMPLES OF CYBER ATTACKS & THEIR IMPACT ON NATIONAL SECURITY
THE CASE OF ESTONIA (APRIL 2007) • ESTONIA RELOCATED THE BRONZE SOLDIER OF TALLINN, A SOVIET-
ERA GRAVE MARKER TO THE ANNOYANCE OF THE RUSIANS • A SERIES OF CYBER ATTACKS WERE LAUNCHED AGAINST ESTONIA
SWAMPING WEBSITES OF ORGANIZATIONS, INCLUDING THE PARLIAMENT, BANKS, MINISTRIES, NEWSPAPERS AND BROADCAST STATIONS
• DISTRIBUTED DENIAL OF SERVICE (DDOS) LAUNCHED AGAINST THE GENERAL PUBLIC, RANGING FROM SINGLE INDIVIDUALS USING VARIOUS METHODS LIKE PING FLOODS TO EXPENSIVE RENTALS OF BOTNETS USUALLY USED FOR SPAM DISTRIBUTION
• SPAMMING OF BIGGER NEWS PORTALS COMMENTARIES AND DEFACEMENTS INCLUDING THAT OF THE ESTONIAN REFORM PARTY WEBSITE
CYBER & PHYSICAL ATTACK ON GEORGIA • 20 JULY 2008. ZOMBIE COMPUTERS ATTACK GEORGIAN NETWORKS. WEBSITE OF THE
GEORGIAN PRESIDENT SUFFER OVERLOAD & IS TAKEN DOWN FOR 24 HOURS. TRAFFIC DIRECTED AT THE WEBSITE INCLUDED THE PHRASE "WIN+LOVE+IN+RUSIA”.
• 5 AUGUST. GEORGIAN NEW AGENCIES AND TELEVISION STATIONS HACKED.
• 5 AUGUST. TERRORIST ATTACK ON BAKU–TBILISI–CEYHAN PIPELINE SUBJECTED TO A TERRORIST ATTACK NEAR REFAHIYE IN TURKEY COUPLED WITH A SOPHISTICATED COMPUTER ATTACK ON LINE'S CONTROL AND SAFETY SYSTEMS THAT CAUSE AN INCREASE IN PRESSURE AND EXPLOSION.
• 7-8 AUGUST. MANY GEORGIAN INTERNET SERVERS UNDER EXTERNAL CONTROL
• 9 AUGUST. KEY SECTIONS OF GEORGIA'S INTERNET TRAFFIC REROUTED THROUGH SERVERS BASED IN RUSSIA AND TURKEY, WHERE THE TRAFFIC IS EITHER BLOCKED OR DIVERTED. RUSSIAN AND TURKISH SERVERS ARE ALLEGEDLY CONTROLLED BY THE RUSSIAN HACKERS.
• 10 AUGUST. RIA NOVOSTI NEWS AGENCY'S WEBSITE DISABLED FOR SEVERAL HOURS
• 10 AUGUST. MANY ONLINE GEORGIAN SITES SUSPECTED TO BE FAKE
• 11 AUGUST. GEORGIA ACCUSES RUSSIA OF WAGING CYBER WARFARE ON GEORGIAN GOVERNMENT WEBSITES SIMULTANEOUSLY WITH A MILITARY OFFENSIVE
• 14 AUGUST. CEASEFIRE
NORTH KOREAN ATTACK ON SONY PICTURES
• NOVEMBER 24, 2014. CONFIDENTIAL DATA BELONGING TO SONY PICTURES ENTERTAINMENT RELEASED
• DATA INCLUDES PERSONAL INFORMATION ABOUT THE EMPLOYEES AND THEIR FAMILIES, E-MAILS BETWEEN EMPLOYEES, INFORMATION ABOUT EXECUTIVE SALARIES, COPIES OF (PREVIOUSLY) UNRELEASED SONY FILMS, AND OTHER INFORMATION
• HACKERS CALLING THEMSELVES GUARDIANS OF PEACE (GOP) DEMAND CANCELLATION OF PLANNED RELEASE OF THE INTERVIEW, A COMEDY FILM ABOUT A PLOT TO ASSASSINATE NORTH KOREAN LEADER KIM JONG-UN
• US BLAME NORTH KOREA FOR THE HACKING. NORTH KOREANS DENY COMPLICITY. SOME CYBERSECURITY EXPERTS CAST DOUBT ON THE EVIDENCE, ALTERNATIVELY BLAMING CURRENT OR FORMER SONY OFFICIALS FOR THE BREACH
US CYBER ATTACKS AGAINST NORTH KOREA
STUXNET ATTACK • STUXNET, A COMPUTER WORM WAS DISCOVERED IN JUNE 2010 • IT IS DESIGNED TO ATTACK INDUSTRIAL PROGRAMMABLE LOGIC
CONTROLLERS (PLCs) • PLCs ALLOW THE AUTOMATION OF ELECTROMECHANICAL
PROCESSES SUCH AS THOSE USED TO CONTROL MACHINERY ON FACTORY ASSEMBLY LINES, AMUSEMENT RIDES, OR CENTRIFUGES FOR SEPARATING NUCLEAR MATERIAL
• EXPLOITING FOUR ZERO-DAY FLAWS, STUXNET FUNCTIONS BY TARGETING MACHINES USING THE MICROSOFT WINDOWS OPERATING SYSTEM AND NETWORKS, THEN SEEKING OUT SIEMENS STEP7 SOFTWARE
• STUXNET IS TYPICALLY INTRODUCED TO THE TARGET ENVIRONMENT VIA AN INFECTED USB FLASH DRIVE
• STUXNET COMPROMISED IRANIAN PLCs, COLLECTING INFORMATION ON INDUSTRIAL SYSTEMS AND CAUSING THE FAST-SPINNING CENTRIFUGES TO TEAR THEMSELVES APART, DESTROYING ALMOST ONE-FIFTH OF IRAN'S NUCLEAR CENTRIFUGES
SPOOFING OF AMERICAN DRONE OVERFLYING IRAN
• ON 4 DECEMBER 2011 AN AMERICAN RQ170 SENTINEL UAV WAS SPOOFED AND FORCED TO LAND IN EASTERN IRAN
• AIRCRAFT WAS DETECTED IN IRANIAN AIRSPACE 225 KILOMETERS (140 MI) FROM THE BORDER WITH AFGHANISTAN
• ON 9 DECEMBER 2011, IRAN LODGED A FORMAL COMPLAINT TO THE UN SECURITY COUNCIL OVER THE UAV VIOLATING ITS AIRSPACE
• ON 12 DECEMBER 2011, US ADMINISTRATION ASKED IRAN TO RETURN THEIR DRONE. IRANIANS REFUSED.
WHAT IS SPOOFING?
• SPOOFING IS THE CREATION OF TCP/IP PACKETS USING SOMEBODY ELSE'S IP ADDRESS
• ROUTERS USE THE DESTINATION IP ADDRESS IN ORDER TO FORWARD PACKETS THROUGH THE INTERNET, BUT IGNORE THE SOURCE IP ADDRESS
• THAT ADDRESS IS ONLY USED BY THE DESTINATION MACHINE WHEN IT RESPONDS BACK TO THE SOURCE
DATA BREACH – US OFFICE OF THE PERSONNEL MANAGEMENT (OPM)
• DATA BREACH STARTING MARCH 2014, AND POSSIBLY EARLIER, NOTICED BY THE OPM IN APRIL 2015
• IN JUNE 2015, OPM ANNOUNCED THAT IT HAD BEEN THE TARGET OF A DATA BREACH EFFECTING THE RECORDS OF AS MANY AS FOUR MILLION PEOPLE. LATER, FBI PUT THE NUMBER AT 18 MILLION.
• INFORMATION TARGETED IN THE BREACH INCLUDED PERSONAL INFORMATION SUCH AS SOCIAL SECURITY NUMBERS, AS WELL AS NAMES, DATES AND PLACES OF BIRTH, AND ADDRESSES.
• THE HACK ALSO INVOLVED THEFT OF DETAILED BACKGROUND SECURITY-CLEARANCE-RELATED BACKGROUND INFORMATION OF PEOPLE DEPLOYED ON SENSITIVE MISSIONS
• ON JULY 9, 2015, THE ESTIMATE OF THE NUMBER OF STOLEN RECORDS INCREASED TO 21.5 MILLION. THIS INCLUDED RECORDS OF PEOPLE WHO HAD UNDERGONE BACKGROUND CHECKS, BUT WHO WERE NOT NECESSARILY CURRENT OR FORMER GOVERNMENT EMPLOYEES.
• SOON AFTER, KATHERINE ARCHULETA, THE DIRECTOR OF OPM, AND FORMER NATIONAL POLITICAL DIRECTOR FOR BARACK OBAMA'S 2012 REELECTION CAMPAIGN, RESIGNED
CYBER WARGAME SCENARIO
IN A CYBER WARGAME CONDUCTED IN THE US IN JULY 2015
• THE SCENARIO IN THE WAR GAME BEGAN WITH A MAJOR EARTHQUAKE HITTING SOUTHERN CALIFORNIA
• FOLLOWED BY A SERIES OF COORDINATED CYBERATTACKS, INCLUDING OIL AND GAS PIPELINE DISRUPTION
• INTERFERENCE AT A MAJOR COMMERCIAL PORT IN THE U.K.
• ATTACKS ON PENTAGON NETWORKS • A FREEZE ON ACCESS TO CASH AT BANKS AND LONG
LINES FOR FOOD AT STORES.
CYBER ATTACKS BY NON STATE ACTORS
CYBER CBMs
• CYBER SECURITY IS A NON-CONTERVERSIAL AREA BUT HAS THE POTENTIAL OF CONFLICT
• THERE IS NO CYBER SECURITY COOPERATION IN SOUTH ASIA
• ISSUE NEEDS TO BE PUT ON THE AGENDA OF THE NEXT SAARC SUMMIT
Recommended