Presentation is loading. Please wait.

Presentation is loading. Please wait.

Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism

Published byJuan Short Modified over 10 years ago

Similar presentations

Presentation on theme: "Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism"— Presentation transcript:

1 Countermeasures against Cyber-terrorist Attacks on Critical Infrastructure
Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism Busan, Republic of Korea. 16-19 October 2007

2 Agenda Introduction Cyber-terrorist Critical infrastructure
Cyber-terrorist Attacks Countermeasures Conclusion

3 Introduction The information technology revolution has changed the way business is transacted, government operates, and national defense is conducted. Those functions now depend on an interdependent network of critical information infrastructures. Protection of these systems is essential to the telecommunications, energy, financial services, manufacturing, water, transportation, health care, and emergency services sectors.

4 How the world responses ?
In recent years, large amount of information security incidents have caused a great lost to many countries, and the occurrence of such incidents is now on the rise, indicating that information system and network have become the major targets in future war and conflict. This stresses the need for cooperation between governments and the private sectors and international cooperation in identifying , preventing , and mitigating cyber-attacks and terrorist misuse of cyber space.

5 Super Powers The USA: Critical Infrastructure Protection Program The UK: Centre for the of National Infrastructure The ASEAN Region ARF: ASEAN Regional Forum (ARF) Statement on Cooperation in Fighting Cyber Attack and Terrorist Misuse of Cyber Space

6 Cyber-terrorists ? The confrontation of information has become an important strategy. Terrorist groups ,with tactical and strategic support of enemy states, have indepth technological understanding of their targets, strong motives, and the capability to launch joint attack by using various tactics and technologies.

7 Critical infrastructures
Critical infrastructures are those physical and cyber-based systems essential to the minimum operations of the economy and government. They include, but are not limited to, telecommunications, energy, banking and finance, transportation, water systems and emergency services, both governmental and private.

8 Many of the nation's critical infrastructures have historically been physically and logically separate systems that had little interdependence. As a result of advances in information technology and the necessity of improved efficiency, however, these infrastructures have become increasingly automated and interlinked. These same advances have created new vulnerabilities to equipment failure, human error, weather and other natural causes, and physical and cyber attacks.

9 Cyber confrontation system
Cyber defense Cyber attack Computer viruses Viruses Trojan horse Trojan horse complex Network structure Operating system Application program Data Personnel Hiding Sniffing Password guessing Promote authority Attack system Network intrusion detection Network intrusion deception

10 Cyber-terrorist Attacks
Main Types of Cyber Attacks 1 System destructive type: Destroy the opponent’s computer and network systems by means of sending computer viruses and logic bombs to paralyze the opponent’s national command and control system. 2 Information misleading type: Modify the functions of the opponent’s computer and network systems by means of sending false information to them to mislead the opponent’s flow of decision-making and command and control. 3 Comprehensive type: Make comprehensive use of system destruction and information misleading and combine them with other means of information warfare to multiply the destruction of the opponent’s command and control system.

11 How to counter ? Mainstream protection techniques Encryption
Digital signature Access control: various levels on system & network Verification exchange: data source & id verification Loophole scanning and detection Intrusion detection, response and restore Anti-info leakage and electromagnetic solidification Security analysis and simulation Etc.

12 The lack of powerful general countermeasures means that attacks on computer systems and networks will continue to increase in the future. A shift in attackers from amateurs to professionals will continue as basic countermeasures become more effective at deterring amateurs. Among the countermeasures currently available, education, legal responses, backups, access controls, and honeypots will remain important in the future. But patches, encryption, intrusion detection, computer forensics, honeypots, simple active network defense, backtracing, and deception will increase in importance as technical details of their implementation are worked out. Despite their weaknesses, countermeasures do help protect systems since they have raised the necessary level of sophistication required by an attacker to succeed.

13 Suggested countermeasure
Response: We shall develop a system for responding to a significant infrastructure attack while it is underway, with the goal of isolating and minimizing damage. Reconstitution: For varying levels of successful infrastructure attacks, we shall have a system to reconstitute minimum required capabilities rapidly. Education and Awareness: There shall be Vulnerability Awareness and Education Program within both the government and the private sector to sensitize people regarding the importance of security and to train them in security standards, particularly regarding cyber systems.

14 Research and Development: government-sponsored research and development in support of infrastructure protection shall be coordinated, take into account private sector research, and be adequately funded to minimize our vulnerabilities on a rapid but achievable timetable. Intelligence: The Intelligence Community shall develop and implement a plan for enhancing collection and analysis of the foreign threat to our national infrastructure, to include but not be limited to the foreign cyber/information warfare threat. International Cooperation: There shall be a plan to expand cooperation on critical infrastructure protection with like-minded and friendly nations, international organizations and multinational corporations.

15 Conclusion It has long been the policy to assure the continuity and viability of critical infrastructures. Nations will take all necessary measures to swiftly eliminate any significant vulnerability to both physical and cyber attacks on our critical infrastructures, including especially our cyber systems.

16 Since the targets of attacks on our critical infrastructure would likely include both facilities in the economy and those in the government, the elimination of our potential vulnerability requires a closely coordinated effort of both the government and the private sector. To succeed, this partnership must be genuine, mutual and cooperative.

17 While the world is being leaded into the Information Age, at the same time our nations have become uniquely dependent on information technology -- computers and the global network that connect them together. This dependency has become a clear and compelling threat to our economic well-being, our public safety, and our national security.

18 So,when we make the construction plan of the information system and network, we should give enough consideration to the security issues beforehand, rather than take damage control measures afterwards. And that an effective fight against cyber-attacks and terrorist misuse of cyber space requires increased , rapid and well-functioning regional and international cooperation.

19 Thank You

Download ppt "Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism"

Similar presentations

Role of WMO in Natural Disaster Risk Reduction Ivan Obrusník, Czech Hydrometeorological Institute Role of WMO in Natural Disaster Risk Reduction Ivan Obrusník,

Role of WMO in Natural Disaster Risk Reduction Ivan Obrusník, Czech Hydrometeorological Institute Role of WMO in Natural Disaster Risk Reduction Ivan Obrusník,
Human Security Act of 2007 Protect life, liberty, and property from acts of terrorism. Condemn terrorism as inimical and dangerous to the national security.

Human Security Act of 2007 Protect life, liberty, and property from acts of terrorism. Condemn terrorism as inimical and dangerous to the national security.
STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
PARTNERSHIPS OF GOVERNMENTAL AND NON-GOVERNMENTAL ORGANIZATIONS (ASSOCIATIONS) IN THE SPHERE OF TOURISM: RUSSIAN AND FOREIGN EXPERIENCE Moscow, Russian.

PARTNERSHIPS OF GOVERNMENTAL AND NON-GOVERNMENTAL ORGANIZATIONS (ASSOCIATIONS) IN THE SPHERE OF TOURISM: RUSSIAN AND FOREIGN EXPERIENCE Moscow, Russian.
Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.

Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy.

A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy.
Christopher Cotter Chief Summit NJ Fire Dept. & Int’l. Assoc. of Fire Chiefs Representative Chief Summit NJ Fire Dept. & Int’l. Assoc. of Fire Chiefs.

Christopher Cotter Chief Summit NJ Fire Dept. & Int’l. Assoc. of Fire Chiefs Representative Chief Summit NJ Fire Dept. & Int’l. Assoc. of Fire Chiefs.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.

Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.

Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Critical Infrastructure Protection (and Policy) H. Scott Matthews March 25, 2004.

Critical Infrastructure Protection (and Policy) H. Scott Matthews March 25, 2004.

Similar presentations

Ads by Google