Diese Präsentation wurde erfolgreich gemeldet.

cyber security and impact on national security (3)

5

Teilen

Nächste SlideShare
Riot
Riot
Wird geladen in …3
×
2 von 53
2 von 53

Weitere Verwandte Inhalte

cyber security and impact on national security (3)

  1. 1. CYBER WARFARE & NATIONAL SECURITY: IMPLICATIONS AND CHALLENGES DR TUGHRAL YAMIN ASSOCIATE DEAN CIPS, NUST
  2. 2. AIM TO HIGHLIGHT THE STRUCTURAL & POLICY SHORTCOMINGS WITH REGARDS TO CYBER SECURITY IN THE OVERALL FRAMEWORK OF PAKISTAN’S NATIONAL SECURITY
  3. 3. NATIONAL SECURITY CONCEPT • NATIONAL SECURITY CALLS UPON A GOVERNMENT, ALONG WITH ITS PARLIAMENT TO PROTECT THE STATE AND ITS CITIZENS AGAINST ALL KIND OF THREATS THROUGH A VARIETY OF POWER PROJECTION MEANS, SUCH AS – POLITICAL POWER – DIPLOMATIC INFLUENCE – ECONOMIC CAPACITY – MILITARY MIGHT • MANY COUNTRIES INCLUDING PAKISTAN ARROGATE THE RESPONSIBILITY OF COORDINATING NATIONAL SECURITY MATTERS TO THE NATIONAL SECURITY COUNCIL (NSC) SLICES OF NATIONAL SECURITYTERRITORIAL POLITICAL ECONOMIC ENERGY & NATURAL RESOURCES HOMELAND HUMAN ENVIRONMENTAL CYBER FOOD
  4. 4. ESSENTIAL ELEMENTS OF A COMPREHENSIVE SECURITY FRAMEWORK • STRONG LEADERSHIP TO PROVIDE – VISION – ACROSS THE BOARD COORDINATION • CLEAR CUT POLICY & STRATEGY WITH PRECISE MISSION STATEMENT • ADEQUATE FUNDS & HUMAN/MATERIAL RESOURCES • UNAMBIGIOUS SET OF LAWS & LAW ENFORCEMENT CAPACITY LEADERSHIP RESOURCES POLICY & STRATEGY LAWS
  5. 5. CYBER SECURITY REFERS TO PROTECTION OF OFFICIAL AND PERSONAL COMPUTER AND DATA PROCESSING INFRASTRUCTURE AND OPERATING SYSTEMS (OS) FROM HARMFUL INTERFERENCE, FROM OUTSIDE OR INSIDE THE COUNTRY INVOLVES NOT ONLY NATIONAL DEFENSE & HOMELAND SECURITY BUT ALSO LAW ENFORCEMENT
  6. 6. CYBER WARFARE & CYBER ATTACKS DEFINITION AN INTERNET-BASED CONFLICT INVOLVING ATTACKS ON THE ADVERSAY’S INFORMATION & INFORMATION SYSTEMS PURPOSE OF CYBER ATTACKS DEFACE WEBSITES DISABLE NETWORKS DIRUPT/ DISABLE ESSENTIAL SERVICES STEAL OR ALTER DATA CRIPPLE FINANCIAL SYSTEMS
  7. 7. MANIFESTATION OF CYBER ATTACK • SECURITY BREACHES • ECONOMIC LOSSES • PSYCHOLOG ICAL TRAUMA • PHYSICAL DAMAGE DISRUPTION OF COMPUTER SYSTEMS – LONG DOWN TIME FEAR & PANIC FLIGHT KNEEJERK REACTION SMALLSCALE ID THEFTS MASSIVE DATA BREACHES FRAUD LARGESCALE MONETARY THEFT
  8. 8. HOW CAN CYBER ATTACKS HURT NATIONAL SECURITY? CYBER ATTACKS CAN: • PARALYSE THE GOVERNMENT’S DECISION MAKING SYSTEMS • CRIPPLE A NATION’S CRITICAL INFRASTRUCTURE • CAUSE MASSIVE PANIC & TRIGGER INADVERTENT WARS PARALYSIS COLLAPSE PANIC
  9. 9. TYPES OF CYBER ATTACKS • VIRUSES • WORMS • TROJAN HORSES SYNTACTIC ATTACKS • MISLEADING INFORMATION TO DISTRACT OR COVER OWN TRACKS SEMANTIC ATTACKS
  10. 10. CYBER TARGETS • PERSONAL COMPUTERS • COMPUTER NETWORKS MANAGING THE INFORMATION SYSTEMS OF ORGANIZATIONS, BUSINESSES, FINANCIAL INSTITUTIONS ETC • CRITICAL INFRASTRUCTURE (VITAL ASSETS OF A NATION – VIRTUALLY/PHYSICALLY) CONTROLLED BY SUPERVISORY CONTROL & DATA ACQUISITION (SCADA) CRITICAL INFRASTRUCTURE COMPUTER NETWORKS PERSONAL COMPUTERS
  11. 11. HOW DOES A TYPICAL CYBER ATTACK TAKES PLACE? MALICIOUS ACTS ORIGINATING FROM AN ANONYMOUS SOURCES HACKING INTO A SUSCEPTIBLE SYSTEM TO EITHER • STEAL • ALTER OR • DESTROY A SPECIFIED TARGET
  12. 12. WHO CAN LAUNCH CYBER ATTACKS? • STATE ACTORS • NON STATE ACTORS • CRIMINALS • HACKTIVISTS • FREELANCERS • KID IN THE BASEMENT • INSIDERS
  13. 13. PROBLEMS WITH CYBER RESPONSES NO RULES OF ENGAGEMENT PROBLEM IN DETERMINING A PROPORTIONATE RESPONSE DIFFICULTY IN ATTRIBUTION
  14. 14. BROAD SPECTRUM OF CYBER ATTACKS
  15. 15. US CYBER SECURITY AGENCIES • OFFICE OF THE CYBER SECURITY COORDINATOR • DEPARTMENT OF HOMELAND SECURITY (DHS) • NATIONAL SECURITY AGENCY (NSA) • CYBER COMMAND (CYBERCOM)
  16. 16. DEPARTMENT OF HOMELAND SECURITY (DHS)
  17. 17. NATIONAL SECURITY AGENCY (NSA)
  18. 18. LEVEL AUSTRALIA UK STRAT CYBER SECURITY POLICY & COORD COMMITTEE (LEAD AGENCY: THE ATTORNEY GENERAL’S DEPARTMENT) FUNCTION: INTERDEPARTMENTAL COMMITTEE THAT COORDS DEVELOPMENT OF CYBER SECURITY POLICY FOR THE GOVT OFFICE OF THE CYBER SECURITY (OCS) FUNCTION: PROVIDES STRAT LEADERSHIP & COHERENCE ACROSS ALL DEPTS OF THE GOVT TAC CYBER SECURITY OPERATIONS CENTRE (UNDER DEFENCE SIGNALS DIRECTORATE) FUNCTION: PROVIDES GOVET WITH ALL SOURCE CYBER SITREP CYBER SECURITY OPS CENTRE (CSOC) FUNCTION: ACTIVELY MONITORS THE HEALTH OF CYBERSPACE & COORDS INCIDENCE RESPONSE OP CERT AUSTRALIA GOVCERTUK
  19. 19. PM OFFICE/ CABINET SECY (PMO/ CAB SEC) MINISTRY OF HOME AFFAIRS (MHA) MINISTRY OF EXTERNAL AFFAIRS (MEA) MINISTRY OF DEFENCE (MOD) MINISTRY OF COMMON INFO TECHNOLOGY (MCIT) NON GOVT ORGANISATION (NGO) NATIONAL SECURITY COUNCIL (NSC) NATIONAL CYBER COORD CENTRE (NCCC) AMBASSADORS & MINISTERS TRI SERVICE CYBER COMMAND DEPARTMENT OF INFORMATION TECHNOLOGY (DIT) CYBER SECURITY AND ANTI HACKING ORGANISATION (CSAHO) National Technical Research Org (NTRO) Directorate of Forensic Science (DFS) Defence Attaches Army (MI) Department of Telecom (DoT) Cyber Society of India (CySI) National Critical Info Infrastructure Protection Centre(NCIIPC) National Disaster Mgt Authority (NDMA) Joint Secretary (IT) Navy (NI) Indian Computer Emergency Response Team CERT-IN Centre of Excellence for Cyber Security Research & Development In India (CECSRDI) Joint Intelligence Group (JIG) Central Forensic Science Lab (CFSLs) Air Force (AFI) Education Research Network (ERNET) Cyber Security of India(CSI) National Crisis Management Committee (NCMC) Intelligence Bureau (IB) Def Info Assurance & Research Agency (DIARA) Informatics Center (NIC) National Cyber Security of India (NCS) Research & Analysis Wing (RAW) Defence Intelligence Agency (DIA) Centre for Development of Advanced Computing C-DAC Cyber Attacks Crisis Management Plan of India (CACMP) Multi Agency Center (MAC) Defence Research Dev Authority (DRDO) Standardisation, Testing and Quality Certification (STQC) National Information Board (NIB) CYBER SECURITY HIERARCHY IN INDIA
  20. 20. USFOCUSONITSECURITY COMPUTERS/ICT FORM THE FOUNDATION OF US ECONOMY AND DRIVE THE TECHNOLOGICAL CHANGE THAT ALLOWS SMALL AND MEDIUM-SIZED BUSINESSES TO COMPETE IN THE GLOBAL MARKETPLACE ECONOMIC GROWTH IS THREATENED BY A CORRESPONDING GROWTH IN CYBER THREATS INCREASING DATA BREACHES, THEFT OF INTELLECTUAL PROPERTY THROUGH CYBER MEANS, AND CYBER ATTACKS ARE RESULTING IN REAL COSTS AND CONSEQUENCES FOR THE AMERICAN ECONOMY US GOVERNMENT IS TAKING ACTIONS TO BETTER PREPARE ITSELF, ITS ECONOMY, AND THE NATION AS A WHOLE TO DEFEND AGAINST GROWING CYBER THREATS CYBER THREATS POSE ONE OF THE GRAVEST NATIONAL SECURITY DANGERS TO THE US
  21. 21. US BUDGETARY STRATEGY FOR CYBERSECURITY SEVERAL BUDGETARY, PROGRAMMATIC & LEGISLATIVE STRATEGIES TO IMPROVE THE CYBERSECURITY INFRASTRUCTURE AND COMBAT GROWING CYBER THREAT DOMESTICALLY AND GLOBALLY UPDATED CYBERSECURITY LEGISLATIVE PROPOSAL THAT WILL PROVIDE THE FEDERAL GOVERNMENT AND PRIVATE SECTOR THE NECESSARY TOOLS TO IMPROVE NATIONAL CYBERSECURITY IN FY 2016, THE PRESIDENT'S BUDGET PROPOSES $14 BILLION IN CYBERSECURITY FUNDING FOR CRITICAL INITIATIVES AND RESEARCH
  22. 22. US STRATEGIC INVESTMENTS IN CYBER SECURITY DHS TO LEAD IMPLEMENTATION OF THE CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) NATIONAL CYBERSECURITY PROTECTION SYSTEM BETTER KNOWN AS EINSTEIN CYBERSECURITY CROSS-AGENCY PRIORITY GOAL AND IMPLEMENT POSTWIKILEAKS SECURITY IMPROVEMENTS ON CLASSIFIED NETWORKS, PURSUANT TO E.O. 13587 $582 MILLION
  23. 23. US PRESIDENT’S BUDGET FY 2016 OUTREACH TO PRIVATE SECTOR SHAPING THE FUTURE CYBER ENVIRONMENT NATIONAL SECURITY AND CYBER THREATS $149 MILLION $243 MILLION $514 MILLION
  24. 24. CYBERCOM XXXX TO BE BROUGHT TO FULL STRENGTH US DEPARTMENT OF DEFENSE BUDGET FEDERAL CIVILIAN CYBER CAMPUS $227 MILLION TO FUND THE 1ST PHASE OF CONSTRUC TION CYBER INTELLIGENCE INTEGRATION, ANALYSIS & PLANNING WITHIN THE FEDERAL GOVERNMENT $35 MILLION
  25. 25. 2015 US CYBERSECURITY LEGISLATIVE PROPOSAL THREE CENTRAL ELEMENTS AIM AT ENSURING NATIONAL SECURITY, WHILE ALSO PROTECTING THE PERSONAL DATA AND PRIVACY OF CITIZENS BY: • FACILITATING GREATER VOLUNTARY SHARING OF CYBER THREAT INFORMATION BETWEEN THE GOVERNMENT AND PRIVATE SECTOR • INCENTIVIZING FURTHER DEVELOPMENT OF INFORMATION SHARING AND ANALYSIS ORGANIZATIONS TO IMPROVE THE VOLUNTARY SHARING OF CYBER THREAT INFORMATION WITHIN THE PRIVATE SECTOR AND BETWEEN THE PRIVATE SECTOR AND THE GOVERNMENT. PROTECTS THE PRIVACY OF AMERICANS BY REQUIRING PRIVATE ENTITIES THAT SHARE VOLUNTARILY UNDER THE PROPOSAL'S AUTHORITY, TO COMPLY WITH CERTAIN PRIVACY RESTRICTIONS, SUCH AS REMOVING UNNECESSARY PERSONAL INFORMATION IN ORDER TO QUALIFY FOR LIABILITY PROTECTION ESTABLISH DATA BREACH STANDARDS • ESTABLISHING A SINGLE FEDERAL STANDARD FOR NOTIFYING INDIVIDUALS IN A TIMELY, CONSISTENT WAY WHEN PRIVATE SECTOR DATA BREACHES OCCUR; THIS HELPS BUSINESSES AND CONSUMERS BY SIMPLIFYING AND STANDARDIZING THE EXISTING PATCHWORK OF 47 STATE LAWS THAT CONTAIN DATA BREACH REPORT REQUIREMENTS INTO ONE FEDERAL STATUTE. THIS IS PART OF OUR COMMITMENT TO BALANCE SECURITY AND PRIVACY, ENSURING CITIZENS RECEIVE TIMELY INFORMATION ON THEIR DATA IN THE EVENT OF A BREACH. THIS WILL: – PROVIDE A SINGLE THRESHOLD FOR NOTIFICATION – ESTABLISH DEADLINES FOR NOTIFICATION OF CYBER INCIDENTS
  26. 26. US POLICY TO MODERNIZE LAW ENFORCEMENT AUTHORITIES • ENSURE LAW ENFORCEMENT HAS THE TOOLS TO INVESTIGATE, DISRUPT & PROSECUTE CYBERCRIME • ALLOW PROSECUTION FOR THE SALE OF BOTNETS • ENABLE LAW ENFORCEMENT TO PROSECUTE THE OVERSEAS SALE OF STOLEN FINANCIAL INFORMATION LIKE CREDIT CARD AND BANK ACCOUNT NUMBERS • EXPANDS FEDERAL LAW ENFORCEMENT AUTHORITY TO DETER THE SALE OF SPYWARE USED TO STALK OR COMMIT ID THEFT • COURTS TO BE GIVEN THE AUTHORITY TO SHUT DOWN BOTNETS ENGAGED IN DISTRIBUTED DENIAL OF SERVICE ATTACKS AND OTHER CRIMINAL ACTIVITY
  27. 27. INTERNATIONAL CYBER BUDGETS
  28. 28. INDIA’S CYBER-SECURITY BUDGET ‘WOEFULLY INADEQUATE’: EXPERTS • INDIA'S CYBER-SECURITY BUDGET WAS MORE THAN DOUBLED LAST YEAR. YET, IT IS “WOEFULLY INADEQUATE” IN THE WAKE OF REVELATIONS MADE BY US NATIONAL SECURITY AGENCY CONTRACTOR EDWARD SNOWDEN AND INCREASING CYBER-ATTACKS ON GOVERNMENT INFRASTRUCTURE, ACCORDING TO EXPERTS. • IN 2014-15, THE DEPARTMENT OF IT HAS SET ASIDE RS 116 CRORE FOR CYBER SECURITY. THE COUNTRY HAS PROPOSED TO SET UP A NATIONAL CYBER COORDINATION CENTRE (NCCC) WITH A SEPARATE BUDGET OF RS 1,000 CRORE. THE COORDINATION CENTRE IS STILL AWAITING CABINET CLEARANCE. “ALLOCATION IS WOEFULLY INADEQUATE GIVEN SNOWDEN'S REVELATIONS - WE NEED AT LEAST 10 TIMES THAT AMOUNT,” SAID SUNIL ABRAHAM, EXECUTIVE DIRECTOR AT CENTER FOR INTERNET AND SOCIETY. THE ECONOMIC TIMES 28 JANUARY 2015
  29. 29. CYBER SECURITY ARCHITECTURE & COORD MECHANISM CYBER SECURITY POLICY CYBER LAW CYBER EMERGENCY RESPONSE SLOW PROGRESS LITTLE OR NO PROGRESS SURROUNDED BY CONTROVERSY LITTLE PROGRESS CYBER FUNDS ????????? WHITHERCYBERSECURITYINPAKISTAN?
  30. 30. WHO IS RESPONSIBLE FOR CYBER SECURITY IN PAKISTAN? NO DESIGNATED LEAD AGENCY MULTIPLE STAKEHOLDERS GOVERNMENT INDUSTRY ACADEMIA CIVIL SOCIETY PUBLIC
  31. 31. CYBERSECURITY STAKEHOLDERS GOVERNMENT • CABINET COMMITTEE ON NATIONAL SECURITY • NATIONAL SECURITY COUNCIL (NSA: LTG N.K. JANJUA) • SENATE COMMITTEE ON DEFENCE (CHAIR: SEN. M.H. SAYED) • SENATE COMMITTEE ON TECH & IT (CHAIR: SEN. SHAHI SAYED) • NA STANDING COMMITTEE ON TECH & IT (CHAIR: CAPT SAFDAR) • MINISTRY OF DEFENCE • MINISTRY OF INTERIOR • MINISTRY OF FOREIGN AFFAIRS • MINISTRY OF IT • JS HQ • INTELLIGENCE AGENCIES PUBLIC • PAKISTAN SOFTWARE HOUSES ASSOCIATION (PASHA) • INTERNET SERVICE PROVIDERS ASSOCIATION OF PAKISTAN (ISPAK) • PAKISTAN INFORMATION SECURITY ASSOCIATION (PISA) • E COMMERCE ENTREPRENEURS • DIGITAL RIGHTS ACTIVISTS (BOLO BHI) • SOCIAL MEDIA ACTIVISTS • ORDINARY CITIZENS
  32. 32. SENATE COMMITTEE FOR DEFENCE ACTION PLAN FOR CYBER SECURE PAKISTAN (JULY 2013) • POINT 1. RELEVANT LEGISLATION TO PRESERVE, PROTECT AND PROMOTE PAKISTAN’S CYBER SECURITY • POINT 2. CYBER SECURITY THREAT TO BE ACCEPTED AND RECOGNIZED AS NEW, EMERGING NATIONAL SECURITY THREAT BY THE GOVERNMENT OF PAKISTAN, SIMILAR TO THREATS LIKE TERRORISM AND MILITARY AGGRESSION • POINT 3. ESTABLISH A NATIONAL COMPUTER EMERGENCY RESPONSE TEAM (PKCERT). • POINT 4. ESTABLISH A CYBER-SECURITY TASK FORCE WITH AFFILIATION WITH MINISTRY OF DEFENCE, MINISTRY OF IT, MINISTRY OF INTERIOR, MINISTRY OF FOREIGN AFFAIRS, MINISTRY OF INFORMATION AND OUR SECURITY ORGANIZATIONS PLUS RELEVANT AND LEADING PROFESSIONALS FROM THE PRIVATE SECURITY SO THAT PAKISTAN CAN TAKE STEPS TO COMBAT THIS NEW EMERGING THREAT AND FORMULATE CYBER SECURITY STRATEGY FOR PAKISTAN. • POINT 5. UNDER THE OFFICE OF THE CHAIRMAN JOINT CHIEFS OF STAFF COMMITTEE, AN INTER- SERVICES CYBER COMMAND SHOULD BE ESTABLISHED TO COORDINATE CYBER SECURITY AND CYBER DEFENCE FOR THE PAKISTAN ARMED FORCES. • POINT 6. WITHIN THE FRAMEWORK OF SAARC, PAKISTAN SHOULD TAKE THE INITIATIVE TO INITIATE TALKS AMONG THE 8-MEMBER STATES PARTICULARLY INDIA TO ESTABLISH ACCEPTABLE NORMS OF BEHAVIOR IN CYBER SECURITY AMONG THE SAARC COUNTRIES SO THAT THESE COUNTRIES ARE NOT ENGAGED IN CYBER WARFARE AGAINST EACH OTHER. • POINT 7. SPECIAL MEDIA WORKSHOPS ON CYBER SECURITY AWARENESS
  33. 33. NATIONAL CYBER SECURITY COUNCIL BILL (INTRODUCED 14.04.2014) • WITHIN SIXTY DAYS OF THE ENACTMENT OF THIS ACT, THE SENATE STANDING COMMITTEE ON DEFENCE SHALL CONSTITUTE THE NATIONAL CYBER SECURITY COUNCIL • NO ACT OF THE COUNCIL SHALL BE INVALID BY REASON ONLY OF THE EXISTENCE OF ANY VACANCY AMONG ITS MEMBERS OR ANY DEFECT IN ITS CONSTITUTION DISCOVERED AFTER SUCH ACT OR PROCEEDING OF THE COUNCIL: PROVIDED THAT AS SOON AS SUCH DEFECT HAS BEEN DISCOVERED, THE MEMBER SHALL NOT EXERCISE THE FUNCTIONS OR POWERS OF HIS MEMBERSHIP UNTIL THE DEFECT HAS BEEN RECTIFIED • THE COUNCIL SHALL MEET AT LEAST ONCE IN EACH QUARTER OF A YEAR • THE COUNCIL MAY FROM TIME TO TIME DELEGATE ONE OR MORE OF ITS FUNCTIONS AND POWERS TO ONE OR MORE OF ITS MEMBERS, HOWEVER, UNDER NO CIRCUMSTANCE SHALL BE FURTHER DELEGATED. • DECISIONS OF THE COUNCIL SHALL BE TAKEN BY A MAJORITY OF THE MEMBERS. • SAVE AS PROVIDED HEREIN, THE TERMS AND CONDITIONS OF SERVICE OF THE MEMBERS OF THE COUNCIL SHALL BE SUCH AS MAY BE PRESCRIBED. • CHAIR. CHAIRMAN SENATE STANDING COMMITTEE ON DEFENCE • MEMBERS – FEDERAL GOVT (21) – PRIVATE SECTOR (9)
  34. 34. MANDATE OF THE NATIONAL CYBER SECURITY COUNCIL • DEVELOP POLICY, RENDER ADVICE, CONDUCT RESEARCH AND ESTABLISH START UP INITIATIVES • ESTABLISH A NATIONAL CYBER SECURITY STRATEGY WHICH MAY BE UPDATED FROM TIME TO TIME, AS AND WHEN DEEMED APPROPRIATE, BUT NOT LATER THAN EVERY THREE YEARS • ESTABLISH AN INTERNATIONAL CYBER SECURITY STRATEGY WHICH MAY BE UPDATED FROM TIME TO TIME, AS AND WHEN DEEMED APPROPRIATE BUT NOT LATER THAN EVERY THREE YEARS • UNDERTAKE INITIATIVES AS PROVIDED FOR UNDER SECTION 6; • DEVELOP AND DRAFT POLICY, GUIDELINES AND GOVERNANCE MODELS RELATED TO EVER EMERGING CYBER SECURITY THREATS; • ADVISE AND MAKE RECOMMENDATIONS TO THE SENATE AND THE NATIONAL ASSEMBLY, JUDICIARY AND ALL MINISTRIES, DEPARTMENTS AND BRANCHES OF GOVERNMENT ON POLICY AND LEGISLATION WITH RESPECT TO CYBER SECURITY; • MONITOR LEGISLATION AND PROVIDE ADVICE AND RECOMMENDATIONS WITH THE OBJECTIVE OF ENSURING THAT LEGISLATION REFLECTS INTERNATIONAL BEST PRACTICES WITH RESPECT TO CYBER SECURITY; • ADVISE AND MAKE RECOMMENDATIONS TO GOVERNMENT DEPARTMENTS ON MECHANISMS TO IMPLEMENT POLICIES RELATED TO CYBER SECURITY AND MONITOR AND HAVE PERFORMANCE AUDIT CONDUCTED THEREOF; • MAKE RECOMMENDATIONS TO THE GOVERNMENT FOR ADOPTION EITHER THROUGH POLICIES AND REGULATORY MEANS OF STANDARDIZATION, HARMONIZATION AND ACCREDITATION WITH REGARDS TO CRITICAL INFORMATION INFRASTRUCTURE; • COORDINATE AND CONSULT WITH ALL REPRESENTATIVE STATE AND NON-STATE ACTORS ON IMPLEMENTATION OF POLICIES, INITIATIVES AND LEGISLATION ON CYBER SECURITY; • FACILITATE COMMUNICATIONS BETWEEN THE GOVERNMENT AND PRIVATE SECTOR ENTITIES, ACADEMIA, CYBER SECURITY EXPERTS THROUGH MULTI-STAKEHOLDER MEETINGS HELD WITH SUCH FREQUENCY AS DETERMINED NECESSARY BY THE COUNCIL;
  35. 35. • ESTABLISH THE ADVISORY GROUPS AS PROVIDED BY SECTION 10 TO PROVIDE NON BINDING INPUT TO THE NATIONAL CYBER SECURITY COUNCIL ON STRATEGIC PLANS AS AND WHEN CALLED UPON TO DO SO FROM TIME TO TIME; • IN PARTICULAR ADVISE, ASSIST, COLLABORATE AND COORDINATE WITH NATIONAL SECURITY APPARATUS OF THE STATE OF PAKISTAN FOR CONTINUALLY IMPROVING THE STATE OF CYBER SECURITY WITH RESPECT TO ALL ASPECTS AND INTERESTS OF THE STATE; • COORDINATE, COLLABORATE AND CONDUCT EXCHANGES WITH INTERNATIONAL BODIES, FORA AND ENTITIES, INTERALIA, IN CONNECTION WITH THE FUNCTIONS AND POWERS HEREIN; • CAUSE RESEARCH AND DEVELOPMENT TO BE CONDUCTED WITH RESPECT TO KALEIDOSCOPIC CYBER SECURITY THREATS, DEVELOPMENTS, BEST PRACTICES AND INTERNATIONAL LAWS AND OBLIGATIONs; • PROMOTE GENERAL AWARENESS WITH RESPECT TO CYBER SECURITY AWARENESS, PARTICULARLY THE IN-HOUSE ROLE AND RESPONSIBILITY OF INDIVIDUALS, CORPORATE ENTITIES AND ORGANIZATIONS ; • DEVELOP A TEN YEAR AND TWENTY YEAR VISION WITH REGARDS TO CYBER SECURITY; • LEGISLATE AND UPDATE SUCH RULES FOR THE INTERNAL ADMINISTRATION AND OPERATIONS OF THE COUNCIL, ITS PERSONNEL AND ADVISORY GROUPS, AS IT MAY CONSIDER APPROPRIATE FOR CARRYING OUT THE PURPOSES OF THIS ACT; • INCLUSIVELY, COLLABORATE WITH THE CORPORATE ENTITIES, PRIVATE SECTOR, CYBER SECURITY ACADEMIA, PROFESSIONALS, CIVIL SOCIETY AND COMMUNITY TO ACHIEVE THE OBJECTIVES; • THE COUNCIL MAY DELEGATE THE FUNCTIONS AND POWERS TO ANY ONE OR MORE OF THE ADVISORY GROUPS, AS IT DEEMS APPROPRIATE.
  36. 36. 2015 JOINT STATEMENT BY PRESIDENT BARACK OBAMA AND PRIME MINISTER NAWAZ SHARIF CYBERSECURITY • RECOGNIZING THE OPPORTUNITIES AND CHALLENGES PRESENTED BY INFORMATION AND COMMUNICATIONS, TECHNOLOGIES PRESIDENT OBAMA AND PRIME MINISTER SHARIF AFFIRMED THAT INTERNATIONAL COOPERATION IS ESSENTIAL TO MAKE CYBERSPACE SECURE AND STABLE • BOTH LEADERS ENDORSED THE CONSENSUS REPORT OF THE 2015 UN GROUP OF GOVERNMENTAL EXPERTS IN THE FIELD OF INFORMATION AND TELECOMMUNICATIONS IN THE CONTEXT OF INTERNATIONAL SECURITY • THE LEADERS LOOKED FORWARD TO FURTHER MULTILATERAL ENGAGEMENT, AND DISCUSSION OF CYBER ISSUES AS PART OF THE US-PAKISTAN STRATEGIC DIALOGUE
  37. 37. ARCHIT ECTURE POLICY & LAWS FUNDS & RESOURCES AWARENESS & PREPAREDNESS DEVELOPMENT PLAN INTERNATIONAL RELATIONS NATIONAL CYBER SECURITY COUNCIL TO BE MADE PART OF THE NSA PK CERT TO BE ESTABLISHED WITHOUT FURTHER DELAY COMPREHENSIVE CYBER SECURITY POLICY TO COORDINATE & ENSURE ALL CYBER MATTERS WHILE ADDRESSING THE CITIZEN’S RIGHT TO PRIVACY GOVERNMENT SHOULD ALLOCATE ADEQUATE FUNDS & RESOURCES FOR CYBER SECURITY PROPOSALS CYBER SECURITY AWARENESS TO BE CREATED WITHIN THE GOVT, CORPORATE SECTOR, INDUSTRY, PRIVATE BUSINESSES & ACADEMIA •DEVELOP OWN HARDWARE & INFRASTRUCTURE •DEVELOP INDEPENDENT OS FOR THE ARMED FORCES & SECURITY ORGANIZATIONS •IN THE LONGTERM DEVELOP OWN INTERNET •BRING FORTH NATIONAL VIEWPOINT ACCURATELY IN THE UN GGE & OTHER INTERNATIONAL MEETINGS •CONCLUDE CYBER CBMs WITH INDIA (SAARC SUMMIT 2016)
  38. 38. PROPOSED CYBER COMMAND CYBERCOM ARMY AIR FORCE NAVY SECTT
  39. 39. EXAMPLES OF CYBER ATTACKS & THEIR IMPACT ON NATIONAL SECURITY THE CASE OF ESTONIA (APRIL 2007) • ESTONIA RELOCATED THE BRONZE SOLDIER OF TALLINN, A SOVIET- ERA GRAVE MARKER TO THE ANNOYANCE OF THE RUSIANS • A SERIES OF CYBER ATTACKS WERE LAUNCHED AGAINST ESTONIA SWAMPING WEBSITES OF ORGANIZATIONS, INCLUDING THE PARLIAMENT, BANKS, MINISTRIES, NEWSPAPERS AND BROADCAST STATIONS • DISTRIBUTED DENIAL OF SERVICE (DDOS) LAUNCHED AGAINST THE GENERAL PUBLIC, RANGING FROM SINGLE INDIVIDUALS USING VARIOUS METHODS LIKE PING FLOODS TO EXPENSIVE RENTALS OF BOTNETS USUALLY USED FOR SPAM DISTRIBUTION • SPAMMING OF BIGGER NEWS PORTALS COMMENTARIES AND DEFACEMENTS INCLUDING THAT OF THE ESTONIAN REFORM PARTY WEBSITE
  40. 40. CYBER & PHYSICAL ATTACK ON GEORGIA • 20 JULY 2008. ZOMBIE COMPUTERS ATTACK GEORGIAN NETWORKS. WEBSITE OF THE GEORGIAN PRESIDENT SUFFER OVERLOAD & IS TAKEN DOWN FOR 24 HOURS. TRAFFIC DIRECTED AT THE WEBSITE INCLUDED THE PHRASE "WIN+LOVE+IN+RUSIA”. • 5 AUGUST. GEORGIAN NEW AGENCIES AND TELEVISION STATIONS HACKED. • 5 AUGUST. TERRORIST ATTACK ON BAKU–TBILISI–CEYHAN PIPELINE SUBJECTED TO A TERRORIST ATTACK NEAR REFAHIYE IN TURKEY COUPLED WITH A SOPHISTICATED COMPUTER ATTACK ON LINE'S CONTROL AND SAFETY SYSTEMS THAT CAUSE AN INCREASE IN PRESSURE AND EXPLOSION. • 7-8 AUGUST. MANY GEORGIAN INTERNET SERVERS UNDER EXTERNAL CONTROL • 9 AUGUST. KEY SECTIONS OF GEORGIA'S INTERNET TRAFFIC REROUTED THROUGH SERVERS BASED IN RUSSIA AND TURKEY, WHERE THE TRAFFIC IS EITHER BLOCKED OR DIVERTED. RUSSIAN AND TURKISH SERVERS ARE ALLEGEDLY CONTROLLED BY THE RUSSIAN HACKERS. • 10 AUGUST. RIA NOVOSTI NEWS AGENCY'S WEBSITE DISABLED FOR SEVERAL HOURS • 10 AUGUST. MANY ONLINE GEORGIAN SITES SUSPECTED TO BE FAKE • 11 AUGUST. GEORGIA ACCUSES RUSSIA OF WAGING CYBER WARFARE ON GEORGIAN GOVERNMENT WEBSITES SIMULTANEOUSLY WITH A MILITARY OFFENSIVE • 14 AUGUST. CEASEFIRE
  41. 41. NORTH KOREAN ATTACK ON SONY PICTURES• NOVEMBER 24, 2014. CONFIDENTIAL DATA BELONGING TO SONY PICTURES ENTERTAINMENT RELEASED • DATA INCLUDES PERSONAL INFORMATION ABOUT THE EMPLOYEES AND THEIR FAMILIES, E-MAILS BETWEEN EMPLOYEES, INFORMATION ABOUT EXECUTIVE SALARIES, COPIES OF (PREVIOUSLY) UNRELEASED SONY FILMS, AND OTHER INFORMATION • HACKERS CALLING THEMSELVES GUARDIANS OF PEACE (GOP) DEMAND CANCELLATION OF PLANNED RELEASE OF THE INTERVIEW, A COMEDY FILM ABOUT A PLOT TO ASSASSINATE NORTH KOREAN LEADER KIM JONG-UN • US BLAME NORTH KOREA FOR THE HACKING. NORTH KOREANS DENY COMPLICITY. SOME CYBERSECURITY EXPERTS CAST DOUBT ON THE EVIDENCE, ALTERNATIVELY BLAMING CURRENT OR FORMER SONY OFFICIALS FOR THE BREACH
  42. 42. US CYBER ATTACKS AGAINST NORTH KOREA
  43. 43. STUXNET ATTACK • STUXNET, A COMPUTER WORM WAS DISCOVERED IN JUNE 2010 • IT IS DESIGNED TO ATTACK INDUSTRIAL PROGRAMMABLE LOGIC CONTROLLERS (PLCs) • PLCs ALLOW THE AUTOMATION OF ELECTROMECHANICAL PROCESSES SUCH AS THOSE USED TO CONTROL MACHINERY ON FACTORY ASSEMBLY LINES, AMUSEMENT RIDES, OR CENTRIFUGES FOR SEPARATING NUCLEAR MATERIAL • EXPLOITING FOUR ZERO-DAY FLAWS, STUXNET FUNCTIONS BY TARGETING MACHINES USING THE MICROSOFT WINDOWS OPERATING SYSTEM AND NETWORKS, THEN SEEKING OUT SIEMENS STEP7 SOFTWARE • STUXNET IS TYPICALLY INTRODUCED TO THE TARGET ENVIRONMENT VIA AN INFECTED USB FLASH DRIVE • STUXNET COMPROMISED IRANIAN PLCs, COLLECTING INFORMATION ON INDUSTRIAL SYSTEMS AND CAUSING THE FAST- SPINNING CENTRIFUGES TO TEAR THEMSELVES APART, DESTROYING ALMOST ONE-FIFTH OF IRAN'S NUCLEAR CENTRIFUGES
  44. 44. SPOOFING OF AMERICAN DRONE OVERFLYING IRAN • ON 4 DECEMBER 2011 AN AMERICAN RQ170 SENTINEL UAV WAS SPOOFED AND FORCED TO LAND IN EASTERN IRAN • AIRCRAFT WAS DETECTED IN IRANIAN AIRSPACE 225 KILOMETERS (140 MI) FROM THE BORDER WITH AFGHANISTAN • ON 9 DECEMBER 2011, IRAN LODGED A FORMAL COMPLAINT TO THE UN SECURITY COUNCIL OVER THE UAV VIOLATING ITS AIRSPACE • ON 12 DECEMBER 2011, US ADMINISTRATION ASKED IRAN TO RETURN THEIR DRONE. IRANIANS REFUSED.
  45. 45. WHAT IS SPOOFING? • SPOOFING IS THE CREATION OF TCP/IP PACKETS USING SOMEBODY ELSE'S IP ADDRESS • ROUTERS USE THE DESTINATION IP ADDRESS IN ORDER TO FORWARD PACKETS THROUGH THE INTERNET, BUT IGNORE THE SOURCE IP ADDRESS • THAT ADDRESS IS ONLY USED BY THE DESTINATION MACHINE WHEN IT RESPONDS BACK TO THE SOURCE
  46. 46. DATA BREACH – US OFFICE OF THE PERSONNEL MANAGEMENT (OPM) • DATA BREACH STARTING MARCH 2014, AND POSSIBLY EARLIER, NOTICED BY THE OPM IN APRIL 2015 • IN JUNE 2015, OPM ANNOUNCED THAT IT HAD BEEN THE TARGET OF A DATA BREACH EFFECTING THE RECORDS OF AS MANY AS FOUR MILLION PEOPLE. LATER, FBI PUT THE NUMBER AT 18 MILLION. • INFORMATION TARGETED IN THE BREACH INCLUDED PERSONAL INFORMATION SUCH AS SOCIAL SECURITY NUMBERS, AS WELL AS NAMES, DATES AND PLACES OF BIRTH, AND ADDRESSES. • THE HACK ALSO INVOLVED THEFT OF DETAILED BACKGROUND SECURITY- CLEARANCE-RELATED BACKGROUND INFORMATION OF PEOPLE DEPLOYED ON SENSITIVE MISSIONS • ON JULY 9, 2015, THE ESTIMATE OF THE NUMBER OF STOLEN RECORDS INCREASED TO 21.5 MILLION. THIS INCLUDED RECORDS OF PEOPLE WHO HAD UNDERGONE BACKGROUND CHECKS, BUT WHO WERE NOT NECESSARILY CURRENT OR FORMER GOVERNMENT EMPLOYEES. • SOON AFTER, KATHERINE ARCHULETA, THE DIRECTOR OF OPM, AND FORMER NATIONAL POLITICAL DIRECTOR FOR BARACK OBAMA'S 2012 REELECTION CAMPAIGN, RESIGNED
  47. 47. CYBER WARGAME SCENARIO IN A CYBER WARGAME CONDUCTED IN THE US IN JULY 2015 • THE SCENARIO IN THE WAR GAME BEGAN WITH A MAJOR EARTHQUAKE HITTING SOUTHERN CALIFORNIA • FOLLOWED BY A SERIES OF COORDINATED CYBERATTACKS, INCLUDING OIL AND GAS PIPELINE DISRUPTION • INTERFERENCE AT A MAJOR COMMERCIAL PORT IN THE U.K. • ATTACKS ON PENTAGON NETWORKS • A FREEZE ON ACCESS TO CASH AT BANKS AND LONG LINES FOR FOOD AT STORES.
  48. 48. CYBER ATTACKS BY NON STATE ACTORS
  49. 49. CYBER CBMs • CYBER SECURITY IS A NON-CONTERVERSIAL AREA BUT HAS THE POTENTIAL OF CONFLICT • THERE IS NO CYBER SECURITY COOPERATION IN SOUTH ASIA • ISSUE NEEDS TO BE PUT ON THE AGENDA OF THE NEXT SAARC SUMMIT

×