CYBER STATE Threats, Opportunities and the Future of Cyber Strategy at a National Level Presented for: the Organization of American States Caribbean Telecommunications Union 9th Ministerial Strategic Seminar (Cyber Security) Thursday, December 8, 11
May 11, 2015
CYBER STATEThreats, Opportunities and the Future of Cyber Strategy at a National Level
Presented for:
the Organization of American States Caribbean Telecommunications Union
9th Ministerial Strategic Seminar (Cyber Security)
Thursday, December 8, 11
Iftach Ian Amit
VP Consulting at Security-Art
16 years in the Security Industry
Cyber Defense at the Israeli Air-Force
Founding member - the Penetration Testing Execution Standard
SME for NATO’s Cyber Commons Strategy 2011 (CCD-COE)
Thursday, December 8, 11
AgendaReview of the current state of Cyber Threats at a national level
Linking criminal efforts to state interests
National readiness - where are we?
Creating Cyber Capabilities - the right way
eGovernance
Partnerships
Public-Private
Thursday, December 8, 11
Cyber ThreatsLocality
Global
Regional
Local
Thursday, December 8, 11
Cyber Threats
Criminals
Hacktivists
Terrorists
Threat CommunitiesLocality
Global
Regional
Local
Thursday, December 8, 11
Cyber Threats
Criminals
Hacktivists
Terrorists
Threat Communities Approach Vectors
Public Internet
Communication Infrastructure
Private Networks
Locality
Global
Regional
Local
Thursday, December 8, 11
Cyber Threats
Criminals
Hacktivists
Terrorists
Threat Communities Approach Vectors
Public Internet
Communication Infrastructure
Private Networks
Locality
Global
Regional
Local
Thursday, December 8, 11
Cyber Threats
Criminals
Hacktivists
Terrorists
Threat Communities Approach Vectors
Public Internet
Communication Infrastructure
Private Networks
Locality
Global
Regional
Local
Assets
$
Public Opinion
Critical Infrastructure
Thursday, December 8, 11
Cyber Threats
Criminals
Hacktivists
Terrorists
Threat Communities Approach Vectors
Public Internet
Communication Infrastructure
Private Networks
Locality
Global
Regional
Local
Assets
$
Public Opinion
Critical Infrastructure
Thursday, December 8, 11
Quick Summary:
Crime and War are
NOT FAIR
Deal with it!
Thursday, December 8, 11
CyberCrime
Thursday, December 8, 11
A-Symmetrical conflict
Crime enterprises are operating like global businesses
Legislation is behind ==> more freedom to run fraud
Law enforcement success is only at the low-end (small fish)
Defensive mechanisms focus on post-infection
Thursday, December 8, 11
Hacktivists
Thursday, December 8, 11
Links (crime-hacktivists)?
Thursday, December 8, 11
Links (crime-hacktivists)?
Thursday, December 8, 11
Links (crime-hacktivists)?
Thursday, December 8, 11
Cyber Terrorists
Much more disperse
Local
Regional
International
Focus on recruiting
Both physical actions, as well as Cyber actions
Thursday, December 8, 11
Thursday, December 8, 11
Thursday, December 8, 11
Thursday, December 8, 11
Thursday, December 8, 11
Links (crime-hacktivists-terror)
Thursday, December 8, 11
Links (crime-hacktivists-terror)
Thursday, December 8, 11
13
Russian Government
Crime
ESTDom RBN
HostFresh
UkrTeleGroup
ESTDomains
McColo
Atrivo
Thursday, December 8, 11
13
Russian Government
Crime
ESTDom RBN
HostFresh
UkrTeleGroup
ESTDomains
McColo
Atrivo
Hosted by
Thursday, December 8, 11
13
Russian Government
Crime
ESTDom RBN
HostFresh
UkrTeleGroup
ESTDomains
McColo
Atrivo
Hosted byCustomer
Thursday, December 8, 11
13
Russian Government
Crime
ESTDom RBN
HostFresh
UkrTeleGroup
ESTDomains
McColo
Atrivo
Hosted byCustomerNetwork provider
Thursday, December 8, 11
13
Russian Government
Crime
ESTDom RBN
HostFresh
UkrTeleGroup
ESTDomains
McColo
Atrivo
Hosted byCustomerNetwork provider
Thursday, December 8, 11
National Readiness?
More focus on eGovernance
Financial systems are still exposed
Critical Infrastructure is behind a “feel good” solution
Capability building is lacking a strategic goal!
Lack of Intelligence and correlation of data
Thursday, December 8, 11
eGovernanceDeveloping outreach is great, efficient and transparent
Remember to THREAT MODEL when providing services
Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)
Thursday, December 8, 11
eGovernanceDeveloping outreach is great, efficient and transparent
Remember to THREAT MODEL when providing services
Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)
Thursday, December 8, 11
eGovernanceDeveloping outreach is great, efficient and transparent
Remember to THREAT MODEL when providing services
Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)
Thursday, December 8, 11
eGovernanceDeveloping outreach is great, efficient and transparent
Remember to THREAT MODEL when providing services
Threat communities may surprise you (examples: Mexico, Colombia, Russia, South Korea)
Thursday, December 8, 11
Public-Private Partnerships
You don’t own the Internet
A lot of critical infrastructure and communication is privately owned or privately operated.
Symbiotic relationships are a MUST! (See US CyberStorm III)
Advantage (state): Access to more raw information, early warning
Advantage (private sector): More accessibility, broadening threat community detection and intelligence (readiness)
Thursday, December 8, 11
Global Partnerships
Model after the CERT community
Global intelligence on threat communities
Early warning
Sample sharing
Proactive defense and incident handling
Helps to bypass legal/political issues
Thursday, December 8, 11
Strategic ApproachStart from the basics
No - advanced offensive capabilities come LAST!
Build an intelligence and correlation infrastructure
Early warning, feeds from multiple sources (open and closed)
Remember social media!
Defense is not a reactive practice. Push forward, place yourself in “enemy” territory
Thursday, December 8, 11
Strategic ApproachOffensive capability building
Coupled with the defensive requirements
Focused on what is needed - not what everyone else is using...
Working alone == FAIL. Establish partnerships, work on international legislation on crime/war treaties
NATO article 5 for the cyber commons?
Thursday, December 8, 11
Questions?
Thank you!
Iftach Ian Amit
VP Consulting, Security-Art
www.iamit.org/blog
Thursday, December 8, 11