2. Asymmetric Warfare
“There is a war out there, old friend - a World
War... and it’s not about whose got the most
bullets; it’s about who controls the information.”
“Sneakers” (1992)
3. ..dewasa ini perang siber telah menjadi strategi untuk
menimbulkan kerugian yang berdampak strategis terhadap
suatu negara..
Perkembangan teknologi informasi dan komunikasi juga menciptakan
peperangan berbasis jaringan yang mengandalkan keunggulan
informasi, sekaligus mampu melaksanakan perang diranah digital
ataupun ruang siber. Dampak yang ditimbulkan dapat menjadikan
situasi keamanan dunia yang mengkhawatirkan,..
....
Dari aspek pertahanan, ruang siber telah menjadi domain kelima yang
dapat dijadikan sebagai medan peperangan, selain medan perang
darat, laut, udara dan ruang angkasa. Penggunaan sistem, peralatan,
dan platform berbasis internet cenderung semakin meluas yang
berpotensi menjadi kerawanan.
(Buku Putih Pertahanan Indonesia, 2015)
4. “Cyber”
Cyberspace (Dunia Maya)
Suatu “wadah” global, dimana di dalamnya
merupakan suatu “alam” berisi informasi digital yang
terdiri dari jaringan teknologi dan komunikasi maupun
infrastruktur yang saling terkait, termasuk di dalamnya
internet, jaringan telekomunikasi, sistem komputer,
pengolah data dan pengendalinya.
(Diolah dari berbagai sumber)
5. What is Cyber Warfare ?...
Cyber Warfare is:
Non Traditional Warfare (part of Asymmetric Warfare)
New Asymmetric Warfare method, conducted by
exploitation of IT facilities and capabilities
Threat all aspects of the global system security,
characteristics, forms, kinds and threat dimention,
developed largely and complicated, covered all of
human life aspects
Use cyberspace as a media
Targeting information systems or infrastructures
which are not protected
(Laksma (Purn) Ir.Iwan Kustiyawan,MM, Cyber Threat & Cyber War, IDU, 2015)
6. What is Cyber Warfare ?...
Cyber Warfare Systems are completed by :
Equipments, tools and high technology facilities
Weaponization
Cyber Warriors (State & Non State)
Goals/Objectives as interests
Attacks result in a physical effect that will eventually affect the
National interests
Legal system & ethics impacts
Cyber Warfare will become...
Big Threat... also Big Challenge
favorite kind of Asymmetric Warfare
the Future of Warfare
(Laksma (Purn) Ir.Iwan Kustiyawan,MM, Cyber Threat & Cyber War, IDU, 2015)
7. Cyber War
Cyber War (Perang Siber) adalah suatu tindakan
pemaksaan kepada satu pihak untuk mengikuti
kehendak pihak yang lain dimana tindakan tersebut
terjadi di dunia maya, namun memiliki dampak di dunia
nyata.
(Diolah dari berbagai sumber)
Information Operations
(Joint Publication 3-13, 27 November 2012)
8. Why Cyber War?
Today’s critical infrastructure networks are key targets
for cyber attack because they have grown to the point
where they run the command and control systems,
manage the logistics, enable the staff planning and
operations, and are the backbone of the intelligence
capabilities.
More importantly today, most command and control
systems, as well as the weapon systems themselves,
are connected to the Global Information Grid or have
embedded computer chips.
(Andress, Jason & Steve Winterfield, Cyber Warfare : Techniques, Tactics and Tools for
Security Practitioners, 2nd Edition, Elsevier Inc, Massachusetts, 2014)
9. Simple, easier and cheaper by exploiting IT’s vulnerabilities and
quality of human resources.
Can be done by anyone, anytime and anywhere, supported by
universal freedom.
Low risk with big impact.
Cyber activities control and law enforcements are still limited.
Complicated consideration about space, time, distance and other
reasons.
Able to support many kinds of interests.
Start and finish, objectives and targets are physically in real space.
(Laksma (Purn) Ir.Iwan Kustiyawan,MM, Cyber Threat & Cyber War, IDU, 2015)
Why Cyber War?
10. Forms
•Serangan pada beragam sasaran-sasaran sipil yang
menyebabkan kerusakan fisik.
•Gangguan dan serangan pada infrastruktur informasi
nasional kritis yang menyebabkan kerusakan fisik.
•Gangguan dan serangan pada sasaran-sasaran militer
dalam teritorial kedaulatan negara.
•Gangguan dan serangan pada sasaran-sasaran militer
di luar teritorial kedaulatan negara.
(Kol Dr. Arwin DW Sumari, Dynamics of Cyber Warfare, IDU, 2015)
11. Forms
•Penyisipan perangkat serangan tidak aktif (dormant)
seperti kuda troya atau bom logika yang mungkin
disiapkan untuk penyerangan.
•Aktivitas kriminal dan spionase industri.
•Penggunaan persenjataan ganda, seperti
pengumpulan intelijen, penggalian (probe)
kerawanan-kerawanan keamanan, dan uji penetrasi.
•Kampanye media propaganda, penyalahgunaan dan
pengubahan wajah (defacement) situs-situs resmi.
(Kol Dr. Arwin DW Sumari, Dynamics of Cyber Warfare, IDU, 2015)
14. Forms (in Indonesia)
• Serangan dalam bentuk malware, botnet dan trojan
•Fake server dan fake application (server palsu dan
aplikasi palsu)
• Serangan dalam media jejaring sosial
• Serangan di perangkat bergerak (mobile)
(Kol Dr. Arwin DW Sumari, Dynamics of Cyber Warfare, IDU, 2015)
16. Anticipation & Countermeasure
“. . . it’s now clear this cyber threat is one of the
most serious economic and national security
challenges we face as a nation,”
Obama said, adding, “. . . we’re not as prepared
as we should be, as a government or as a
country”
(Remarks by president Barrack Obama on Securing Our Nation’s Cyber
Infrastructure, 2010)
17. Anticipation & Countermeasure
Detection, Early Warning and Alert System
Countermeasure
Needs :
Policy & Decision
Mechanism & Procedure
Target & Method
Command & Control
Weapons : Tools & Equipment as Logical, Physical, and
Psychological Weapons
(Laksma (Purn) Ir.Iwan Kustiyawan,MM, Cyber Threat & Cyber War, IDU, 2015)
19. Anticipation & Countermeasure
• Treat cyberspace as an “operational domain” as the
rest of the military does the ground, air, or sea.
• implement new security concepts to succeed there.
• partner with other agencies and private sector.
• build relationships with international partners.
• develop new talent to spur new innovation in how
the military might fight and win in this space.
(Singer, PW & Allan Friedman, Cybersecurity And Cyberwar : What Everyone Needs to
Know, Oxford University Press, New York, 2014)
25. The internet allows an attacker to attack from anywhere on the planet.
Risks caused by poor security knowledge and practice :
Identity Theft
Monetary Theft
Legal Ramifications (for yourself and companies)
Termination if company policies are not followed
According to www.SANS.org, the top vulnerabilities available for a cyber
criminal are :
Web Browser
IM Clients
Web Applications
Excessive User Rights
Importance of Security
28. Relevansi dengan Dunia Usaha
• Manusia adalah rantai terlemah dari sistem pengamanan
informasi.
• Menambah wawasan teknologi informasi dan melaksanakan
user awareness training yang berkelanjutan akan menambah
keamanan informasi.
• Pengamanan informasi sangat membutuhkan peran aktif dari
seluruh karyawan, investasi terhadap teknologi security akan
terbuang percuma jika tidak didukung dengan kesadaran
karyawan dalam menjaga aset informasi.
• Perlunya juga tata kelola yang baik dari manajemen yaitu
dengan menerapkan kebijakan dan prosedur pengamanan
informasi.