• • •
•
•
Cyber(space) Incidents 1 IS TV4 attack ‘TV5Monde went black’ (2015) Heartbleed: Wikileaks Revelations ‘worst vulnerability ever’ ‘ secret hacking tools: IoT ’ (2014; in open SSL) (democratic control?, 2017) Great Bank Robbery (Carbanak) ‘ biggest ever cybercrime’ (1 billion dollars, 2015, global)
Cyber(space) Incidents 2 Wanna Cry (2017) : within a day 230.000 Microsoft computers were infected in 150 countries (ransom to be paid in bitcoin crypto currency ; exploit was discovered by NSA and used for cyber weapons; Microsoft also discovered it; released a patch: was often not implemented wide spread of the worm) Petya (2016/17) container terminal of APM (Maersk) in port of Rotterdam stopped to function, among others (worldwide impact!!!!) WannyCry: Initially affected countries
•
• • •
•
• – – 13
Vision: Cyberspace = 5th domain • Cyberspace is a complex , manmade system at global scale, deeply embedded in the four physical domains of land, water, air and space • Characteristics: high speed global connectivity ( individual organizations) – – huge distributed data processing power (including millions of intelligent systems taking autonomously decisions passive information) huge data storage capabilities: we now talk about big & open data – – with almost 3 billion human actors in different roles worldwide – with > 14 billion (intelligent) devices and systems connected • Key assets: cyber activities = IT-enabled 6 activities (!)
Cyber activities of all kind… Basic cyber activities (= IT-enabled activities ) • Communication: sms, email, chat, whatsapp, skype, voip, twittering , … • Information retrieval: news, wheather forcast , public transportation, crises, … • Watching: movies, sporting events, television, youtube , … • Listening: radio, music, spotify , … More advanced cyber activities ‘ Searching ’: google searching, wikipedia , route planning, translating, … • • (Automatic) transacting: e-shopping, e-trading, e-payments, e-procurement, holiday planning, tax returns, e-marketplaces, e-voting, crowd sourcing/funding , … • Social gathering: Facebook, LinkedIn, e-dating, 2 nd love, sexting, gambling , … 15 15 Rating & Ranking: top web-sites, universities , hotels, services, … •
Cyber activities of all kind, cont’d . More advanced cyber activities, cont. • Educating: MOOCs, e-learning, e- coaching … • Monitoring and surveillance activities : sensoring, detecting, using drones, … • Controling critical infrastructures: energy & water supply, transport, chemical processing, flood defence , … • Cyber protesting: activism including fundraising, community building, lobbying, organizing Less favourable cyber activities • Cyber crime (dark markets) : financial fraud, theft, hacking, child pornography, e- espionage, cyber bullying, sale of drugs/guns /…, illegal downloads, … • Cyber warfare: intelligence, defense, attack ~ Cyber Operations: NSA, drones, hacking, attacking, cracking, information warfare … Note : cyber activities provide semantics to data processing (!!!) 16 16
Decomposing cyberspace in layers Technical layer: IT services ~ information security ~ • CIA(A) Socio-tech layer: • cyber activities ~ cyber security ~ personal/business/societal goals Governance layer: • governance & management ~ rules & regulations (for other layers) ~ cyber risk appetite, ethics & compliance - Cyber sub-domains: examples in figure! 17 17
Cyber security struggling As end-user • How to protect my PC? How to educate (my) children? As (board) member of a company • Which specialists, how to organize them? Should we start a SOC? • As decision maker about critical infrastructures How far can we develop the smart grid? What about the cyber security of automated car control? Is distant-control for gas supply/flood defense acceptable?
Cyber security struggling, cont’d • As crisis manager What to do? Who should I contact? Which information to make public? • As police officer What happens in the dark web? Which tools to use for catching the unknown attacker/criminal? • As politician Which rules & regulations to put in place? Which institutions, which responsibilities?
Risk mgt: 1. Risk assessment of cyber activity breaches 2. Reduction of cyber risks to ‘ acceptable levels’ “bowtie diagram” 21 21
3. Taking a set of adequate security measures Balancing preventive and repressive measures in different layers Technical layer: … Socio-tech layer: Governance layer: aligned over all cyber sub-domains • … … • together securing cyberspace = securing the cyber activities of all actors 22 22
Conditio-sine-qua-non for adequate risk management Creating Cyber Situational Awareness in socio-technical layer (cyber activities by people & intelligent systems) technical layer (in terms of IT-processes and -communication) Includes attackers cyber crime (dark web) in short: cyber attacks Creates privacy-security dilemma
Conclusions Cyberspace = space of cyber activities = IT-enabled activities Cyber security (= Securing Cyberspace ) is a societal problem having technical/legal/economical/institutional/international relations/ethical , … perspectives Goal of cyber security: reducing cyber risks to acceptable levels It starts with identification of all relevant cyber risks Level of cyber risks determines what measures are appropriate Everyone can and has to contribute 24 24
• • •
• • • •
• • • •
• •
• • • • • • •
• • • • • • •
• •
• • •
• • • – – • •
• • – –
•
Recommend
More recommend