3IntroductionThe information technology revolution has changed the way business is transacted, government operates, and national defense is conducted.Those functions now depend on an interdependent network of critical information infrastructures.Protection of these systems is essential to the telecommunications, energy, financial services, manufacturing, water, transportation, health care, and emergency services sectors.
4How the world responses ? In recent years, large amount of information security incidents have caused a great lost to many countries, and the occurrence of such incidents is now on the rise, indicating that information system and network have become the major targets in future war and conflict.This stresses the need for cooperation between governments and the private sectors and international cooperation in identifying , preventing , and mitigating cyber-attacks and terrorist misuse of cyber space.
5Super PowersThe USA: Critical Infrastructure Protection ProgramThe UK: Centre for the of National InfrastructureThe ASEAN RegionARF: ASEAN Regional Forum (ARF) Statement on Cooperation in Fighting Cyber Attack and Terrorist Misuse of Cyber Space
6Cyber-terrorists ?The confrontation of information has become an important strategy. Terrorist groups ,with tactical and strategic support of enemy states, have indepth technological understanding of their targets, strong motives, and the capability to launch joint attack by using various tactics and technologies.
7Critical infrastructures Critical infrastructures are those physical and cyber-based systems essential to the minimum operations of the economy and government.They include, but are not limited to, telecommunications, energy, banking and finance, transportation, water systems and emergency services, both governmental and private.
8Many of the nation's critical infrastructures have historically been physically and logically separate systems that had little interdependence. As a result of advances in information technology and the necessity of improved efficiency, however, these infrastructures have become increasingly automated and interlinked.These same advances have created new vulnerabilities to equipment failure, human error, weather and other natural causes, and physical and cyber attacks.
10Cyber-terrorist Attacks Main Types of Cyber Attacks1 System destructive type: Destroy the opponent’s computer and network systems by means of sending computer viruses and logic bombs to paralyze the opponent’s national command and control system.2 Information misleading type: Modify the functions of the opponent’s computer and network systems by means of sending false information to them to mislead the opponent’s flow of decision-making and command and control.3 Comprehensive type: Make comprehensive use of system destruction and information misleading and combine them with other means of information warfare to multiply the destruction of the opponent’s command and control system.
11How to counter ? Mainstream protection techniques Encryption Digital signatureAccess control: various levels on system & networkVerification exchange: data source & id verificationLoophole scanning and detectionIntrusion detection, response and restoreAnti-info leakage and electromagnetic solidificationSecurity analysis and simulationEtc.
12The lack of powerful general countermeasures means that attacks on computer systems and networks will continue to increase in the future. A shift in attackers from amateurs to professionals will continue as basic countermeasures become more effective at deterring amateurs.Among the countermeasures currently available, education, legal responses, backups, access controls, and honeypots will remain important in the future. But patches, encryption, intrusion detection, computer forensics, honeypots, simple active network defense, backtracing, and deception will increase in importance as technical details of their implementation are worked out.Despite their weaknesses, countermeasures do help protect systems since they have raised the necessary level of sophistication required by an attacker to succeed.
13Suggested countermeasure Response: We shall develop a system for responding to a significant infrastructure attack while it is underway, with the goal of isolating and minimizing damage.Reconstitution: For varying levels of successful infrastructure attacks, we shall have a system to reconstitute minimum required capabilities rapidly.Education and Awareness: There shall be Vulnerability Awareness and Education Program within both the government and the private sector to sensitize people regarding the importance of security and to train them in security standards, particularly regarding cyber systems.
14Research and Development: government-sponsored research and development in support of infrastructure protection shall be coordinated, take into account private sector research, and be adequately funded to minimize our vulnerabilities on a rapid but achievable timetable.Intelligence: The Intelligence Community shall develop and implement a plan for enhancing collection and analysis of the foreign threat to our national infrastructure, to include but not be limited to the foreign cyber/information warfare threat.International Cooperation: There shall be a plan to expand cooperation on critical infrastructure protection with like-minded and friendly nations, international organizations and multinational corporations.
15ConclusionIt has long been the policy to assure the continuity and viability of critical infrastructures. Nations will take all necessary measures to swiftly eliminate any significant vulnerability to both physical and cyber attacks on our critical infrastructures, including especially our cyber systems.
16Since the targets of attacks on our critical infrastructure would likely include both facilities in the economy and those in the government, the elimination of our potential vulnerability requires a closely coordinated effort of both the government and the private sector. To succeed, this partnership must be genuine, mutual and cooperative.
17While the world is being leaded into the Information Age, at the same time our nations have become uniquely dependent on information technology -- computers and the global network that connect them together. This dependency has become a clear and compelling threat to our economic well-being, our public safety, and our national security.
18So,when we make the construction plan of the information system and network, we should give enough consideration to the security issues beforehand, rather than take damage control measures afterwards.And that an effective fight against cyber-attacks and terrorist misuse of cyber space requires increased , rapid and well-functioning regional and international cooperation.