590 likes | 863 Views
The art of war teaches us not to rely on the likelihood of the enemy’s not coming , but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have make our own position unassailable. The Art of War Sun Tzu. RELEVANCE OF
E N D
The art of war teaches us not to rely on the likelihood of the enemy’s not coming , but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have make our own position unassailable. The Art of War Sun Tzu
RELEVANCE OF CYBER SECURITY
THE I T ROAD MAP IT ROAD MAP : 2008 IW- OFFENSIVE M/S – ARMY WIDE ORG RESTRUCTURING OF ARMY : PHASE II BACK BONE II FOR INFO SUPER HIGHWAY FULL IT LITERACY BACK BONE I FOR INFO SUPER HIGHWAY IW- DFENSIVE ORG RESTRUCTURING OF ARMY : PHASE I ARTRAN MIS – ALL CORPS CIDSS – TEST BED ASTROID IT IN CIVIC ACTION LOGISTIC NW COMD ITI (CITI) 2008 1998 2006 2002 2004 2000 ORG & INFO DISSEMINATION SYSTEMS SETTING UP AIIT ASTROID PHASE - I MIS – CORPS PILOT PROJECT IW- PROTECTIVE ARMY INTRANET UP TO COMD HQ IW – AWARENESS DRIVE
AIM TO GIVE YOU AN OVERVIEW OF CYBER SECURITYAND ACQUAINT YOU WITH CYBER SECURITY INITIATIVES AT DIFFERENT LEVELS
SCOPE • THREATS AND TARGETS • FUNDAMENTALS AND TECHNIQUES • INITIATIVES • NATIONAL AND ARMY • MCTE • UNIT LEVEL • IMPLEMENTATION OF CYBER SECURITY
CYBER SECURITY CYBER SECURITY INTEGRATES & COORD POLICIES & PROCEDURES, OPS, PERS & TECHNOLOGY, TO PROTECT & DEFEND INFO & INFO SYS.
PROTECTION OF INFO ASSETS ELECTRONIC INFO IS VULNERABLE EVESDROPPING MANIPULATION STEALING DESTRUCTION DENIAL
CHARACTERISTICS OF CYBER THREATS • No international boundaries • Low cost • Detection avoidance • Inadequate laws
SECURITY THREATS • SECURITY “THREAT” IS :- • PASSIVE (DISCLOSURE OF INFO) OR • ACTIVE(DESTRUCTION, CORRUPTION OF RESOURCE, INTERRUPTION OF SERVICE) eg. FILE REMOVED OR FILE REPLACED BY JUNK
Intruder ? PASSIVE THREATS Hi! Hi! Hi! Sender Network Hi! Recipient
ACTIVE THREATS SOURCE DESTINATION ATTACKER
ACTIVE THREATS The unauthorised use of a device attached to a communication facility to alter transmitting data or control signals or to generate spurious data or control signals Modification, Removal Of Data Denial of Message Service Masquerade
Targets in the Cyber Environment OPERATIONS, COMNS PLANNING , COMD AND CONTROL Comn Centres The “Attackers” Targets Accounting Distribution Business Planning NETWORKS & SUPPORT PROCESSES The “Attackers” Aiming Points SYSTEMS & PEOPLE COMPONENTS & SOFTWARE
APPLICATIONS DATABASES OPERATING SYSTEMS NETWORK SERVICES The IT Infrastructure – Weak Points
Security Breaches … Some Statistics
Survey2000 Information Security “Insider” Breaches % of respondents experiencingthese breaches in the past 12months 0% 10% 20% 30% 40% 50% 60%70% 80% 73% Installation/use of unauthorized software 70% Infection of company equipment 63% Use of company computing resources forillegal or illicit communications 58% Abuse of computer access controls 42% Physical theft, sabotage or intentionaldestruction of computing equipment 13% Fraud
Survey2000 Information Security “Outsider” Breaches % of respondents experiencingthese breaches in the past 12months 0% 10% 20% 30% 40% 50% 60%70% 80% 73% Viruses/Trojans/Worms 37% Denial-of-service 37% Exploits related to active program scripting 26% Attacks related to protocol weaknesses 25% Attacks related to insecure passwords 24% Attacks on bugs in Web servers
Recent Security Breaches Sites hit in March 2001 • US Office of Surface Mining • Hewlett Packard Company • Cruise Missile Command and Control programs (US Navy) • Arab Academy for science and technology and Maritime Transport • Panasonic Fax Machines UK • Nokia Corporation • NEC Corporation (Japan) • Compaq Computer Corporation 937breaches (…just the ones which were reported…) Source : www.attrition.org
…And this is what they did US NAVY SITE COMPAQ SITE PANASONIC SITE
CYBER SECURITY OFFENSIVE TOOLS AND TECHNOLOGIES
CYBER TOOLS FOR ATTACK • Hacking / Cracking tools • Virus Programs • Sniffers , Trojan horses • Auditing Tools (SATAN)
Hacking Tools • L0PHT-Crack • Back Orifice 2000 • Netbus • NetScan Pro • Jack the Ripper • Happy Hacker Suite INTERNET
The Problem How to carry the trust which we have in the paper based world into the realm of cyber space ?
Security in Paper Media…1 • In the paper based society, we ; • Write a letter on letter head and sign it. AUTHENTICATION WHICH ENSURES the identity of an individual or application
Ref: Sub: Sir, This is with your Ref vide ------- -------------------- XYZ Signature Security in Paper Media…2 • We sign in front of the witness INTEGRITY WHICH ENSURES that information cannot be manipulated
Security in Paper Media…3 • Put the letter in an envelope and seal it CONFIDENTIALITY WHICH ENSURES that information is kept private and intact
Security in Paper Media…4 • Send information by Certified mail NON REPUDIATION WHICH ENSURES that information can not be disowned
CYBER SECURITY DEFENSIVE TOOLS AND TECHNOLOGIES • FIREWALLS • ANTI VIRUS • IDS • VPN • PKI
ELEMENTS OF CYBER SECURITY AUTHENTICATION Verification of originator NONREPUDIATION Undeniable proof of participation AVAILABILITY Assured access by authorised users RESTORATION Protection, Detection & Reaction capabilities CONFIDENTIALITY Protection from unauthorised disclosure INTEGRITY Protection from unauthorised change
What Is A Firewall • Device that connects networks (internal and/or external with varying levels of trust) • Used to implement and enforce a Security Policy regarding communication between those networks Untrusted Networks & Servers Firewall Trusted Networks Untrusted Users Internet Router Intranet Server Segment Public Accessible Servers & Networks Trusted Users
FIREWALL WAN / INTRANET Placing a Firewall MOBILE USER ROUTER ROUTER SWITCH PCs HQ ABC CORPS HQ XYZ CORPS SERVERS
ANTI VIRUS WAN ……Virus Protection MOBILE USER FIREWALL ROUTER ROUTER SWITCH HQ ABC CORPS PCs HQ XYZ CORPS SERVERS
WAN IDS Intrusion Detection Systems MOBILE USER FIREWALL ANTI VIRUS ROUTER ROUTER SWITCH PCs HQ XYZ CORPS SERVERS OFFICE 2
REAL TIME WATCHDOG INTERNAL ATTACK RECONFIGURE FIREWALL/ ROUTER ALERT EXTERNAL ATTACK ALERT! ATTACK DETECTED RECORD SESSION SEND EMAIL LOG SESSION EMAIL/ LOG/REPORT EMAIL/ LOG/REPORT ALERT! ATTACK DETECTED TERMINATE SESSION RECORD SESSION
Virtual Private Networks • Joins networks spread over a geographical expanse. • Provides a data tunnel through a public network. • Ensures the data which passes through it is encrypted. • Effective means of confidentiality through Internet.
Virtual Private Networks DATA ENCRYPTION TUNNEL
Replace letterhead & signature on original document AUTHENTICATION INTEGRITY Ref: Sub: Sir, NON REPUDIATION This is with your Ref vide ------- -------------------- XYZ Signature Replace Envelope CONFIDENTIALITY Security Requirements Cryptographic digital signature Encryption
Requires a shared key between the two parties Decryption Encryption Key Key + + Algorithm Algorithm Symmetric Cryptography
Asymmetric Cryptography Requires a key pair between the two parties Decryption Encryption Public Key Private Key + + Algorithm Algorithm
Common e-Security Technologies Authentication Integrity Non- repudiation Confidentiality ü Anti-virus ü ü Firewalls ü ü Access Control ü Encryption ü ü ü ü Public Key Infrastructure BCP - v1.0 - 04/99
INITIATIVES NATIONAL AND ARMY LEVEL
NATIONAL LEVEL INFORMATION TECHNOLOGY ACT • CERTIFYING AUTHS - FOR LICENCING, CERTIFYING & MONITORING USE OF DIGITAL SIGNATURES • CYBER REGULATIONS ADVISORY COMMITTEE • PENALTIES & ADJUDICATION • TO CURB CMPTR CRIMES • ADJUDICATING OFFRS • CYBER REGULATIONS APPELLATE TRIBUNAL (HEADED BY HIGH COURT JUDGE)
ARMY LEVEL SALIENT FEATURES : CYBER SECURITY POLICY • Covers all types of computer systems in the army • Safeguarding of Classified and Sensitive Unclassified Info • Networking of Info Stores • Nomination and duties of System Security Administrator • Periodic review of Safeguards • Internet access • Dial up access • Security of WAP • Use of commercially available off the shelf security software • Backups • Handling of TOP SECRET software
INITIATIVES MCTE TESEC ACSE
TASKS • Knowledge centre on Cyber Security and Converging Technologies • Undertake pilot studies and projects • Adaptation of technology • Monitoring of outsourced pilot projects • Advice on evaluation, induction, testing & R&D • Interaction with trade, industry, academia & other agencies
CYBER SECURITY IMPLEMENTATION UNIT LEVEL