SlideShare a Scribd company logo

Is Cyber-offence the New Cyber-defence

Jim Geovedi
Jim Geovedi

This document discusses cyber warfare and defense strategies. It argues that a purely defensive cyber posture poses risks, and that principles of conventional warfare suggest taking the fight to adversaries through counterattacks in cyberspace when necessary. It provides examples of historical cyber attacks and discusses Indonesia's growing reliance on information technology as well as challenges in ensuring cyber security given vulnerabilities in its networks and systems. The document advocates developing proactive security strategies and treating skilled hackers as a potential national security resource rather than just a threat.

News & Politics
1 of 35
Download to read offline
Is Cyber-offence the New Cyber-defence? Jim Geovedi National Defence Information Technology Seminar 2010
Background
Cyber-warfare • Government warfare conducted over the Internet. • Actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption. • Cyber-warfare is a relatively new type of weaponry with various effects on the target. It doesn't have any limitations of use and can achieve most of the goals set. 3
Cyber-defence • Purely defensive posture poses significant risks. • If we apply the principle of warfare to the cyber-domain, the defence of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to do counter-attack. • In warfare, the notion of counter-attack is extremely powerful. 4
Cyber-attack • Definition: e compromise of targets without destruction or disruption, but rather through covert means, for the purposes of accessing information or modifying it or preparing such access for future use in exploitation or attack. • A serious cyber-attack is almost unavoidable. It is cheaper and easier for a foreign country or a terrorist group than a physical attack. • Cyber-attack could result in military response. Attackers or terrorists could gain access to the digital controls for the nation's utilities, power grids, air traffic control systems and power plants. 5
Revenge vs. Justice • In warfare, revenge is appealingly straightforward. • Treating the whole thing as a military problem is easier than working within the legal system. • In peacetime, justice in cyberspace can be difficult (and dangerous). • It can be hard to figure out who is attacking you, and it can take a long time to make them stop. • It can be even harder to prove anything in court. Anyone accused of a crime deserves a fair trial. 6
Various Case Histories
In 1982, computer code stolen from a Canadian company by Soviet spies cause a Soviet gas pipeline to explode. e code had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion.
In the 2006 war against Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Force, (IDF) intelligence estimates that several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel has attached growing importance to cyber-tactics, and has become, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development operations in Israel, where local hires are often veterans of the IDF's elite computer units.
In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. e largest part of the attacks were coming from Russia and from official servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted.
On March 28, 2009, a cyber spy network, dubbed GhostNet, using servers mainly based in China has tapped into classified documents from government and private organisations in 103 countries, including the computers of Tibetan exiles, but China denies the claim.
In December 2009 through January 2010, a cyber attack, dubbed Operation Aurora, was launched from China against Google and over 20 other companies. Google said the attacks originated from China and that it would "review the feasibility" of its business operations in China following the incident. According to Google, at least 20 other companies in various sectors had been targeted by the attacks. McAfee spokespersons claim that "this is the highest profile attack of its kind that we have seen in recent memory."
In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. e worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyber-warfare.
Cyber-warfare Readiness in Indonesia
Indonesia’s ICT • Indonesia’s Information Communication Technology (ICT) grow rapidly and enter all sectors of human life. • Indonesia’s central bank raised its 2011 economic growth forecast to as much as 6.5% from an earlier forecast of as much as 6% as consumer spending accelerates1. • Indonesia has adopted ICT as a tool for governance and development. Its national ICT vision: “to bring into reality a modern information society, prosperous and high competitive, with strong supported by ICT”. 1. Novrida Manurung, Indonesia Raises 2011 Economic Growth Forecast to 6%-6.5%. Retrieved on 7 November 2010 from http://www.businessweek.com/news/ 2010-03-11/indonesia-raises-2011-economic-growth-forecast-to-6-6-5-.html 15
http://www.cablemap.info/
.co.id — 2,042 of which 500 single ip and 1,542 mass defacements
.go.id — 2,932 of which 1,071 single ip and 1,861 mass defacements
.net.id — 83 of which 31 single ip and 52 mass defacements
ere has been a high volume of detections in Asia, and Iran (52.2%), Indonesia (17.4%)  and India (11.3%) seem to have been particularly hard hit, compared to, say, the USA (0.6%), ranked 11th in our statistics.
Defence Strategy & Tactics • Reactive behaviour. It reacts upon with the appropriate response by increasing the awareness on weakness. • ere will be always several successful penetrations at the beginning. • Planned behaviour. Appropriate security planning well thought of and implemented appropriately. • e plan can’t cover all scenarios. • Proactive behaviour. Concentrates on identifying and covering its own potential weaknesses. • Needs highly skilled people and very tight security system in place. 23
Security Aspects • Security is based on 3 aspects: people, process and technology. As process and technology are developed by people, human resources are the key to cyber-security defines initiative. 24
Cyber-attack Methodology 25 Vulnerability Examination IntrusionProfiling Attack Initiation Covering Tracks 1 2 3 4 5 Information Gathering Intelligence Survey and Scouting Perimeter Mapping Asset Identification Vulnerability Analysis Exploitation Planning Exploitation Propagation
Hackers as National Security Resource
Hacker Motivations 29 MONEY ENTERTAINMENT EGO CAUSE ENTRANCE TO SOCIAL GROUP STATUS
Indonesia IT Salary 2008/2009
Local Hacker Community • Kecoak Elektronik • Hackerlink • Antihackerlink • Jasakom • ECHO • Binus Hacker • etc. 32
Conclusion • Government must understand how important computers are to defending the nation. • Playing defence is often more difficult than playing offence. • Computer-savvy patriots are required to defend the country from spies, terrorists, and other criminals. • e local hacker community is our ally, and we need to pay attention to what they're doing out there. 35

Recommended

Cyber Security
Cyber SecurityCyber Security
Cyber SecuritySai Chandra Chittuluri
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber SecurityStephen Lahanas
 
Software Vulnerabilities
Software VulnerabilitiesSoftware Vulnerabilities
Software Vulnerabilitiesamiable_indian
 
Types Of Computer Crime
Types Of Computer CrimeTypes Of Computer Crime
Types Of Computer CrimeAlexander Zhuravlev
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeSanket Gogoi
 
Malicious software
Malicious softwareMalicious software
Malicious softwarerajakhurram
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber CrimeGaurav Patel
 
Cybersecurity Issues and Challenges
Cybersecurity Issues and ChallengesCybersecurity Issues and Challenges
Cybersecurity Issues and ChallengesTam Nguyen
 

Recommended

Cyber Security
Cyber SecurityCyber Security
Cyber SecuritySai Chandra Chittuluri
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber SecurityStephen Lahanas
 
Software Vulnerabilities
Software VulnerabilitiesSoftware Vulnerabilities
Software Vulnerabilitiesamiable_indian
 
Types Of Computer Crime
Types Of Computer CrimeTypes Of Computer Crime
Types Of Computer CrimeAlexander Zhuravlev
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeSanket Gogoi
 
Malicious software
Malicious softwareMalicious software
Malicious softwarerajakhurram
 
Typology of Cyber Crime
Typology of Cyber CrimeTypology of Cyber Crime
Typology of Cyber CrimeGaurav Patel
 
Cybersecurity Issues and Challenges
Cybersecurity Issues and ChallengesCybersecurity Issues and Challenges
Cybersecurity Issues and ChallengesTam Nguyen
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismAltacit Global
 
Professional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringProfessional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringLemi Orhan Ergin
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hackingmsolis0710
 
Hacking
HackingHacking
HackingSitwat Rao
 
Programming for Problem Solving
Programming for Problem SolvingProgramming for Problem Solving
Programming for Problem SolvingSukhendra Singh
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismShivam Lohiya
 
Electronic Transaction Act 2063 (ETA 2063)
Electronic Transaction Act 2063 (ETA 2063)Electronic Transaction Act 2063 (ETA 2063)
Electronic Transaction Act 2063 (ETA 2063)Krishna Pandey
 
Cybersecurity PowerPoint Presentation Slides
Cybersecurity PowerPoint Presentation Slides Cybersecurity PowerPoint Presentation Slides
Cybersecurity PowerPoint Presentation Slides SlideTeam
 
Lecture 14 - Scope Rules
Lecture 14 - Scope RulesLecture 14 - Scope Rules
Lecture 14 - Scope RulesMd. Imran Hossain Showrov
 
HACKING
HACKINGHACKING
HACKINGShubham Agrawal
 
Cyber espionage
Cyber espionageCyber espionage
Cyber espionageharshitakhandelwal26
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
 
Create a software key logger
Create a software key logger Create a software key logger
Create a software key logger GiralFaurel
 
Cyber law
Cyber lawCyber law
Cyber lawAHSSAN AKHTAR
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat ModelingNarudom Roongsiriwong, CISSP
 
Cyber crime - What is and types.
Cyber crime - What is and types.Cyber crime - What is and types.
Cyber crime - What is and types.Niloy Biswas
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 
Software security
Software securitySoftware security
Software securityRoman Oliynykov
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
Hacking Trust
Hacking TrustHacking Trust
Hacking TrustJim Geovedi
 
Internet Worms
Internet WormsInternet Worms
Internet WormsJim Geovedi
 

More Related Content

What's hot

Professional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringProfessional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringLemi Orhan Ergin
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hackingmsolis0710
 
Programming for Problem Solving
Programming for Problem SolvingProgramming for Problem Solving
Programming for Problem SolvingSukhendra Singh
 
Electronic Transaction Act 2063 (ETA 2063)
Electronic Transaction Act 2063 (ETA 2063)Electronic Transaction Act 2063 (ETA 2063)
Electronic Transaction Act 2063 (ETA 2063)Krishna Pandey
 
Cybersecurity PowerPoint Presentation Slides
Cybersecurity PowerPoint Presentation Slides Cybersecurity PowerPoint Presentation Slides
Cybersecurity PowerPoint Presentation Slides SlideTeam
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
 
Create a software key logger
Create a software key logger Create a software key logger
Create a software key logger GiralFaurel
 
Cyber crime - What is and types.
Cyber crime - What is and types.Cyber crime - What is and types.
Cyber crime - What is and types.Niloy Biswas
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 

What's hot (20)

Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Professional Code of Ethics in Software Engineering
Professional Code of Ethics in Software EngineeringProfessional Code of Ethics in Software Engineering
Professional Code of Ethics in Software Engineering
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hacking
 
Hacking
HackingHacking
Hacking
 
Programming for Problem Solving
Programming for Problem SolvingProgramming for Problem Solving
Programming for Problem Solving
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Electronic Transaction Act 2063 (ETA 2063)
Electronic Transaction Act 2063 (ETA 2063)Electronic Transaction Act 2063 (ETA 2063)
Electronic Transaction Act 2063 (ETA 2063)
 
Cybersecurity PowerPoint Presentation Slides
Cybersecurity PowerPoint Presentation Slides Cybersecurity PowerPoint Presentation Slides
Cybersecurity PowerPoint Presentation Slides
 
Lecture 14 - Scope Rules
Lecture 14 - Scope RulesLecture 14 - Scope Rules
Lecture 14 - Scope Rules
 
HACKING
HACKINGHACKING
HACKING
 
Cyber espionage
Cyber espionageCyber espionage
Cyber espionage
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
 
Create a software key logger
Create a software key logger Create a software key logger
Create a software key logger
 
Cyber law
Cyber lawCyber law
Cyber law
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
 
Cyber crime - What is and types.
Cyber crime - What is and types.Cyber crime - What is and types.
Cyber crime - What is and types.
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control
 
Software security
Software securitySoftware security
Software security
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 

Viewers also liked

Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverJim Geovedi
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundJim Geovedi
 
Hacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionHacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionJim Geovedi
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
 
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipJim Geovedi
 
Professional Hackers
Professional HackersProfessional Hackers
Professional HackersJim Geovedi
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank JobJim Geovedi
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log ManagementJim Geovedi
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour ruleJim Geovedi
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony SecurityJim Geovedi
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingJim Geovedi
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Jim Geovedi
 
Wireless Hotspot Security
Wireless Hotspot SecurityWireless Hotspot Security
Wireless Hotspot SecurityJim Geovedi
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsJim Geovedi
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobetJim Geovedi
 

Viewers also liked (20)

Hacking Trust
Hacking TrustHacking Trust
Hacking Trust
 
Internet Worms
Internet WormsInternet Worms
Internet Worms
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to Discover
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers Playground
 
Hacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionHacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT Connection
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)
 
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
 
Professional Hackers
Professional HackersProfessional Hackers
Professional Hackers
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank Job
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log Management
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour rule
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony Security
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite Hacking
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
 
Wireless Hotspot Security
Wireless Hotspot SecurityWireless Hotspot Security
Wireless Hotspot Security
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry Birds
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social Media
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobet
 

Similar to Is Cyber-offence the New Cyber-defence

Securing Indian Cyberspace Shojan
Securing Indian Cyberspace ShojanSecuring Indian Cyberspace Shojan
Securing Indian Cyberspace ShojanShojan Jacob
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityDominic Karunesudas
 
Department of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in CyberspaceDepartment of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in CyberspaceDepartment of Defense
 
D20110714cyber
D20110714cyberD20110714cyber
D20110714cybernitay123
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information SecuritySimoun Ung
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...David Sweigert
 
Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber WarfareAmit Anand
 
Cyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri LankaCyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri LankaEvan Pathiratne
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalLeslie Lee
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxglendar3
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxtodd581
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyShiva Bissessar
 

Similar to Is Cyber-offence the New Cyber-defence (20)

Securing Indian Cyberspace Shojan
Securing Indian Cyberspace ShojanSecuring Indian Cyberspace Shojan
Securing Indian Cyberspace Shojan
 
Cyber-what?
Cyber-what?Cyber-what?
Cyber-what?
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
 
DoD Cyber Strategy
DoD Cyber StrategyDoD Cyber Strategy
DoD Cyber Strategy
 
Department of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in CyberspaceDepartment of Defense Strategy for Operating in Cyberspace
Department of Defense Strategy for Operating in Cyberspace
 
D20110714cyber
D20110714cyberD20110714cyber
D20110714cyber
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
 
Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber Warfare
 
Cyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri LankaCyber security , an Analysis of State Security in Sri Lanka
Cyber security , an Analysis of State Security in Sri Lanka
 
114-116
114-116114-116
114-116
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam Segal
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptx
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 

Recently uploaded

Geostrategic significance of South Asian countries.ppt
Geostrategic significance of South Asian countries.pptGeostrategic significance of South Asian countries.ppt
Geostrategic significance of South Asian countries.pptUsmanKaran
 
12042024_First India Newspaper Jaipur.pdf
12042024_First India Newspaper Jaipur.pdf12042024_First India Newspaper Jaipur.pdf
12042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
11042024_First India Newspaper Jaipur.pdf
11042024_First India Newspaper Jaipur.pdf11042024_First India Newspaper Jaipur.pdf
11042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
16042024_First India Newspaper Jaipur.pdf
16042024_First India Newspaper Jaipur.pdf16042024_First India Newspaper Jaipur.pdf
16042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Power in International Relations (Pol 5)
Power in International Relations (Pol 5)Power in International Relations (Pol 5)
Power in International Relations (Pol 5)ssuser583c35
 
Political-Ideologies-and-The-Movements.pptx
Political-Ideologies-and-The-Movements.pptxPolitical-Ideologies-and-The-Movements.pptx
Political-Ideologies-and-The-Movements.pptxSasikiranMarri
 
lok sabha Elections in india- 2024 .pptx
lok sabha Elections in india- 2024 .pptxlok sabha Elections in india- 2024 .pptx
lok sabha Elections in india- 2024 .pptxdigiyvbmrkt
 
Emerging issues in migration policies.ppt
Emerging issues in migration policies.pptEmerging issues in migration policies.ppt
Emerging issues in migration policies.pptNandinituteja1
 
15042024_First India Newspaper Jaipur.pdf
15042024_First India Newspaper Jaipur.pdf15042024_First India Newspaper Jaipur.pdf
15042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
13042024_First India Newspaper Jaipur.pdf
13042024_First India Newspaper Jaipur.pdf13042024_First India Newspaper Jaipur.pdf
13042024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...
Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...
Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...The Lifesciences Magazine
 

Recently uploaded (12)

Geostrategic significance of South Asian countries.ppt
Geostrategic significance of South Asian countries.pptGeostrategic significance of South Asian countries.ppt
Geostrategic significance of South Asian countries.ppt
 
12042024_First India Newspaper Jaipur.pdf
12042024_First India Newspaper Jaipur.pdf12042024_First India Newspaper Jaipur.pdf
12042024_First India Newspaper Jaipur.pdf
 
11042024_First India Newspaper Jaipur.pdf
11042024_First India Newspaper Jaipur.pdf11042024_First India Newspaper Jaipur.pdf
11042024_First India Newspaper Jaipur.pdf
 
16042024_First India Newspaper Jaipur.pdf
16042024_First India Newspaper Jaipur.pdf16042024_First India Newspaper Jaipur.pdf
16042024_First India Newspaper Jaipur.pdf
 
Power in International Relations (Pol 5)
Power in International Relations (Pol 5)Power in International Relations (Pol 5)
Power in International Relations (Pol 5)
 
Political-Ideologies-and-The-Movements.pptx
Political-Ideologies-and-The-Movements.pptxPolitical-Ideologies-and-The-Movements.pptx
Political-Ideologies-and-The-Movements.pptx
 
lok sabha Elections in india- 2024 .pptx
lok sabha Elections in india- 2024 .pptxlok sabha Elections in india- 2024 .pptx
lok sabha Elections in india- 2024 .pptx
 
Emerging issues in migration policies.ppt
Emerging issues in migration policies.pptEmerging issues in migration policies.ppt
Emerging issues in migration policies.ppt
 
World Economic Forum : The Global Risks Report 2024
World Economic Forum : The Global Risks Report 2024World Economic Forum : The Global Risks Report 2024
World Economic Forum : The Global Risks Report 2024
 
15042024_First India Newspaper Jaipur.pdf
15042024_First India Newspaper Jaipur.pdf15042024_First India Newspaper Jaipur.pdf
15042024_First India Newspaper Jaipur.pdf
 
13042024_First India Newspaper Jaipur.pdf
13042024_First India Newspaper Jaipur.pdf13042024_First India Newspaper Jaipur.pdf
13042024_First India Newspaper Jaipur.pdf
 
Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...
Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...
Mitochondrial Fusion Vital for Adult Brain Function and Disease Understanding...
 

Is Cyber-offence the New Cyber-defence

  • 1. Is Cyber-offence the New Cyber-defence? Jim Geovedi National Defence Information Technology Seminar 2010
  • 3. Cyber-warfare • Government warfare conducted over the Internet. • Actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption. • Cyber-warfare is a relatively new type of weaponry with various effects on the target. It doesn't have any limitations of use and can achieve most of the goals set. 3
  • 4. Cyber-defence • Purely defensive posture poses significant risks. • If we apply the principle of warfare to the cyber-domain, the defence of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to do counter-attack. • In warfare, the notion of counter-attack is extremely powerful. 4
  • 5. Cyber-attack • Definition: e compromise of targets without destruction or disruption, but rather through covert means, for the purposes of accessing information or modifying it or preparing such access for future use in exploitation or attack. • A serious cyber-attack is almost unavoidable. It is cheaper and easier for a foreign country or a terrorist group than a physical attack. • Cyber-attack could result in military response. Attackers or terrorists could gain access to the digital controls for the nation's utilities, power grids, air traffic control systems and power plants. 5
  • 6. Revenge vs. Justice • In warfare, revenge is appealingly straightforward. • Treating the whole thing as a military problem is easier than working within the legal system. • In peacetime, justice in cyberspace can be difficult (and dangerous). • It can be hard to figure out who is attacking you, and it can take a long time to make them stop. • It can be even harder to prove anything in court. Anyone accused of a crime deserves a fair trial. 6
  • 8. In 1982, computer code stolen from a Canadian company by Soviet spies cause a Soviet gas pipeline to explode. e code had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion.
  • 9. In the 2006 war against Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Force, (IDF) intelligence estimates that several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel has attached growing importance to cyber-tactics, and has become, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development operations in Israel, where local hires are often veterans of the IDF's elite computer units.
  • 10. In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. e largest part of the attacks were coming from Russia and from official servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted.
  • 11. On March 28, 2009, a cyber spy network, dubbed GhostNet, using servers mainly based in China has tapped into classified documents from government and private organisations in 103 countries, including the computers of Tibetan exiles, but China denies the claim.
  • 12. In December 2009 through January 2010, a cyber attack, dubbed Operation Aurora, was launched from China against Google and over 20 other companies. Google said the attacks originated from China and that it would "review the feasibility" of its business operations in China following the incident. According to Google, at least 20 other companies in various sectors had been targeted by the attacks. McAfee spokespersons claim that "this is the highest profile attack of its kind that we have seen in recent memory."
  • 13. In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. e worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyber-warfare.
  • 15. Indonesia’s ICT • Indonesia’s Information Communication Technology (ICT) grow rapidly and enter all sectors of human life. • Indonesia’s central bank raised its 2011 economic growth forecast to as much as 6.5% from an earlier forecast of as much as 6% as consumer spending accelerates1. • Indonesia has adopted ICT as a tool for governance and development. Its national ICT vision: “to bring into reality a modern information society, prosperous and high competitive, with strong supported by ICT”. 1. Novrida Manurung, Indonesia Raises 2011 Economic Growth Forecast to 6%-6.5%. Retrieved on 7 November 2010 from http://www.businessweek.com/news/ 2010-03-11/indonesia-raises-2011-economic-growth-forecast-to-6-6-5-.html 15
  • 16.
  • 18.
  • 19. .co.id — 2,042 of which 500 single ip and 1,542 mass defacements
  • 20. .go.id — 2,932 of which 1,071 single ip and 1,861 mass defacements
  • 21. .net.id — 83 of which 31 single ip and 52 mass defacements
  • 22. ere has been a high volume of detections in Asia, and Iran (52.2%), Indonesia (17.4%)  and India (11.3%) seem to have been particularly hard hit, compared to, say, the USA (0.6%), ranked 11th in our statistics.
  • 23. Defence Strategy & Tactics • Reactive behaviour. It reacts upon with the appropriate response by increasing the awareness on weakness. • ere will be always several successful penetrations at the beginning. • Planned behaviour. Appropriate security planning well thought of and implemented appropriately. • e plan can’t cover all scenarios. • Proactive behaviour. Concentrates on identifying and covering its own potential weaknesses. • Needs highly skilled people and very tight security system in place. 23
  • 24. Security Aspects • Security is based on 3 aspects: people, process and technology. As process and technology are developed by people, human resources are the key to cyber-security defines initiative. 24
  • 25. Cyber-attack Methodology 25 Vulnerability Examination IntrusionProfiling Attack Initiation Covering Tracks 1 2 3 4 5 Information Gathering Intelligence Survey and Scouting Perimeter Mapping Asset Identification Vulnerability Analysis Exploitation Planning Exploitation Propagation
  • 26. Hackers as National Security Resource
  • 27.
  • 28.
  • 30. Indonesia IT Salary 2008/2009
  • 31.
  • 32. Local Hacker Community • Kecoak Elektronik • Hackerlink • Antihackerlink • Jasakom • ECHO • Binus Hacker • etc. 32
  • 33.
  • 34.
  • 35. Conclusion • Government must understand how important computers are to defending the nation. • Playing defence is often more difficult than playing offence. • Computer-savvy patriots are required to defend the country from spies, terrorists, and other criminals. • e local hacker community is our ally, and we need to pay attention to what they're doing out there. 35