Cyber security assocham

Cyber Threats as a National Concern

Cyber Threats Scenarios and Defense Model Principles

ASSOCHAM Cyber Security ConferenceApril 2011

Presented by Dr. Nimrod Kozlovski, Chairman, [email protected], +972 544 336056

©All Right Reserved to Altal Security Ltd., 2011.

Evolution of Cyber Attacks

EstoniadDoS

BrazilCritical

Infrastructure

GeorgiadDoS

IranStuxnet

ChinaGhostnet

ChinaDNS

Redirection

GreeceInterception


2005 2007 2008 2009 2009 2010 2010 2011

NSDQInterception

COMODOCertification

Theft

AustraliaHacking

KoreaGPS

manipulation

RSAAlgorithm

Theaft

Stealth Mode of Operation


Hardware Hiding

Code Embed/ Manipulation

Destruction

Monitoring

Mapping and analysis

Traffic redirection

Re-transmission on existing

infrastructure

Communication Re-transmission via

RF

Voice Interception

Future control

Focused Blockings

Data Interception

PurposeThreat

Computer and Storage

Theft

Personal computer intrusion

Remote network intrusion

Data Mining

Network Social

Engineering

Copy by Internals

External impersonation

Unintentional Data Leakage

Action

Not necessarily

immediate effect

Impersonation of legit

activity in all layers

Not necessarily Identifiable destruction

Closed-Garden Networks(Military, Gov)

Critical Infrastructure(Power, Nuclear)

Targeting Infrastructures


Industrial Open Infrastructure(Water, Transportation, Telecom)

Interconnectivity

Complexity

Openness

Telecom Case Study - Threat Scenarios

Government &

Military Seniors

Location

Spotting for

assassination

HLR Take

Down

Smart

phones

attack

Traffic

redirection

(Add-on +

RF)

Citizens

redirection

by SMS to

planned

terror site“integrator”

gains access to

Network

Typology

documentation VSAT

Block

Hiding hardware

on core equipment

to enable

retransmission of

traffic to a close

apartment


Civil Infrastructure - National Challenges

Requires National Involvement

National Level Threat Analysis

Synchronization Technology Development

Efficient Enforcement

Human Resource SecurityPhysical Security

Logical Access Controls

Vendors & procurementLegal Interception (LI) Security

Architecture Secured by design

Telecom ArchitectureAudit and Control

Network Certification

Traditional passive protection (Enterprise-Based)

Critic on Traditional Defense


Security Structure does not dramatically change (but upgraded)

Network security Structure and security standards are known

Does not consider up-to-date attack scenarios

Technologies are not tailored to be compatible with new threat model

Perimeter

Trusted User

Protected Asset

Known (standard) Infrastructure

National Interest not in focus

IT oriented security technologies

IntegrativePro-ActiveShared

Inter-sector information sharing (Private-Public sharing model)

Distributed sensors system (connecting the ‘dots’)

Shared monitoring and analytics of incidents

Traps/ Honey-pots

Initiate attacks to identify reaction

Research vulnerabilities of Target systems

Hiding capabilities in target systems

Integrated cross- sectors analysis

Integrated incentive structure for defense

One coordinating entity for all sectors

Central incident response ”brain”Monitor patterns/Profiles

Emerging Security Paradigm


IntegrativePro-ActiveShared

Altal – Security Operations & R&D


Development

Telecom Security Compliance Management

Telco Firmware Integrity

Electronic Seamless Segregation

Massive TrafficAnomaly detection

Thanks.

Altal Israel____________________________________________________

Dr. Nimrod Kozlovski Chairman [email protected] +972 544336056

Netanel (Nati) Davidi, CEO [email protected] +972 525406775

Altal India____________________________________________________

Dr. D.K. Ghosh, Board Member [email protected] +981 1264849

Avi Gutgold, Country Manager [email protected] +919 953780090