Cyber Security: The Strategic View
By: Kah-Kin Ho, Head of Cyber Security Business Development Threat Response, Intelligence and Development (TRIAD)
This session begins by giving an overview of how Cisco sees the challenges and opportunities of cyber security for the Government which include areas such as recent development on applicability of International Law to Cyber conflict, the evolving role of the Government as the legitimate security provider, Public-Private Partnership issues, and the evolving technical, social and political threat landscape. Cisco recognizes that cyber security begins at the policy level and translates through to the operational and system level. We will discuss why an intelligence-led network-centric approach that focuses on enforcing policy, enhancing situational awareness, and providing the insight necessary to tackle threats before they impact information and infrastructure assets is key to Cyber Security.
3. Associated Press Twitter Account Attack
AP Twitter account hacked
Perpetrated by the Syrian Electronic Army.
Same group also successfully
attacked:
60 Minutes
BBC
CBS
NPR
9. DDoS Attacks on Banks
• Can mask wire fraud before, during, or after
• Overwhelm bank personnel
• Prevent transfer notification to customer
• Prevent customer from reporting fraud
Costly disruption of service, or…?
18. Can Cyber Operation amount to an Armed Attack?
NATO Article 5 of Washington Treaty
The Parties agree that an armed attack against one or more of them in
Europe or North America shall be considered an attack against them all
and consequently they agree that, if such an armed attack occurs, each
of them, in exercise of the right of individual or collective self-defence
recognised by Article 51 of the Charter of the United Nations will assist the
Party or Parties so attacked by taking forthwith, individually and in concert
with the other Parties, such action as it deems necessary, including the
use of armed force, to restore and maintain the security of the North
Atlantic area. Any such armed attack and all measures taken as a result
thereof shall immediately be reported to the Security Council. Such
measures shall be terminated when the Security Council has taken the
measures necessary to restore and maintain international peace and
security.
19. 191919191919191919191919
International Law on Conflict (Cyber)
Two distinct bodies of law – jus ad bellum, jus in bello
Interest started more than a decade ago, lost momentum after
9/11 event, picked up after Estonia (2007) and Georgia (2008)
31. Security Support Operations
Current SSO Presence in
the Following Regions:
• California
• Texas
• Ohio
• Idaho
• China
• Ukraine
• UK
• Canada
• India
• Australia
Languages: Arabic, Farsi/Persian, Hebrew, Syriac, Urdu, Bengali, Gujarati, Gurmukhi, Hindi, Marathi, Sinhala, Tamil, Thai, Chinese, Japanese,
Korean, Belarusian, Bulgarian, Kazakh, Macedonian, Russian, Ukrainian, Greek, Armenian, Georgian, Basque, Catalan, Croatian, Czech, Danish,
Dutch, English, Estonian, Filipino, Finnish, French, German, Hungarian, Icelandic, Indonesian, Italian, Malay, Norwegian, Polish, Portuguese,
Romanian, Slovak, Slovene, Spanish, Swedish, Turkish, Vietnamese
32.
33.
34.
35.
36.
37. Context Inspection
Aunt Jenny
234 Any St.
Anytown, CA
From:
Aunt Jenny
234 Any St.
Anytown, CA
From:
• Where’s it coming from?
• How many others have seen it?
• How new is it?
• Who owns the package?
• What else have they sent us?
• Is the sender even a real
person?