Cyber security from military point of view

Cyber security from military

point of view

Chişinău - 2013

chief of e-Transformation service

lieutenant-colonel Alexandru BURUC

Peace really does not exist in the Information Age.Lt. gen. Kenneth Minihan

The advanced capability of the threat has increased

the risk. Understanding the risk allows employment

of defensive measures to mitigate the risk – “Risk

will always be present

In modern language, a shooting war is called kinetic warfare, where “kinetics” is concerned with the relationship between the motion of bodies and its causes.

Recall Clarke’s definition of cyber warfare: “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.”

1. Can activity in cyberspace have kinetic consequences such as property damage and loss of lives?

2. Does it have to qualify as an act of war?

Warfare: Cyber and Otherwise

3

THE CHANGE

• Combined capabilities have helped attackers

create weapon systems

Soldier + Rifle + Bullets = (This is a WEAPON SYSTEMS)

• Cyber– State Sponsored, Script Kiddies, Paid Staff

– Laptop, Desktop, Mobile devices

– Metasploit, Backtrak, PoisonIvy, Mpack, other RAT

• Hacker + Laptop + Metasploit = WEAPON SYSTEM

• Attackers, Adversaries, Cyber terrorist are now employing

TTP (Transition to Practice)

Cyber threat sourse continuum

Although many people may think that the military’s only vulnerability is to

command and control systems, it is important to realize that the Department of

Defense uses IT systems for a number of functions, in both

peace and war.

• Commercial transactions;• Payrolls;• Sensitive research data;• Intelligence;• Operational plans;• Procurement sensitive source selection data;• Health records;• Personnel records;• Weapons systems maintenance records;• Logistics operations etc.

Global open Communications

Backbone

Military

infrastructure

Closed foreign

infrastructure

IT infrastructure domain layers

Wardens Rings

• The focus is to attack Centers of Gravity – The Estonian, Georgian attacks – Utilized TTP (Transition to Practice)• Rings – Leadership (Defaced Ministry of Defense, Finance, etc) – Organic/System Essentials – Infrastructure (DDoS against ISP and Wardialing to lock up

POTS network) – Population (News Media) – Fielded Military Forces

• forecast of a growing use of military cyber operations due their major effectiveness and lower costs;

• Geopolitical situation of the Republic of Moldova;

• The growing use of cyber capabilities to achieve strategic goals (James Clapper);

• Threats are more diverse, interconnected, and viral than at any time in history;

Major cyber threats for military

SUPORTING AREAS

National defence

authorities

Internal security

authorities

Crisis management

arrangement

Basic security in

every

organisation

DIPLOMACY

TECHNOLOGY

EDUCATION

LEGISLATION

WAREXTREMISMCRIMINALITYACCIDENTS

CRITICAL SISTEMS

INDIVIDUALS

REGULAR ORGANISATIONS

CYBERSPACE

CONFIDENTIALITY INTEGRITY AVAILABILITY

THREATS

Cyber security – Concept

Activities in cyber security domain• Collaboration with institutions that are involved in

national defence system;

• Implementing PKI technology;

• Use of e-learning platform (ilias) to bring up military personnel;

• Participacion in national and international applications such as Combined Endeavor, Rapid Trident, Vest 2013;

• PARP (Planning and Review Process). One of the aim of PARP is to Enhance/Develop capabilities for protecting critical national defence communication and information systems.

• attack is Global medium: Maritime, Air,

Space, Cyber;

• Relied upon for business globalization;

• More nations, organizations, economies at

risk;

• Rapid capability development, deliberate

legal and global agreement on how to

“Address Cyber Attacks”;

• Some believe there is “No Cyber War”

– Ask Estonia, Brazil, Canada, South Africa, Malaysia .

CONTESTED COMMONS

CONCLUSIONS

• Cyber attacks are serious threat to the

defence sector of the Republic of Moldova

and other states.

• The nature of the Internet makes cyber

attacks powerful,difficult to counter, and

difficult to attribute.

• Treaties and legal frameworks have not kept

pace with the threat.