cyber security , an analysis of state security in sri lanka
TRANSCRIPT
Cyber Security , An Analysis of State Security in Sri Lanka
The Thesis High Level Overview National Security
Cyber Security in the 21st Century
SL Cyber Security
Agenda
1. Background 2. Importance of Study 3. Definitions 4. International Incidents and Local Incidents 5. Preparedness Levels 6. Concluding Remarks
The Snowden Effect
• The Economist speculated that "the big consequence" of the "Snowden Effect“ will be that "countries and companies will erect borders of sorts in cyberspace.
• In Forbes, the effect was seen as evidenced by a rare bipartisan movement in the U.S. Congress: "a divided, intransigent Congress seems nearly united over the idea that the massive domestic intelligence gathering system that grew after 9/11 has simply gone too far."
`
Definitions of Cyber Terrorism • “Cyber Terrorism is the premeditated use of disruptive activities,
or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives. ”
• Cyber Terrorism is limited to actions by individuals, independent groups, or organizations. Any form of cyber warfare conducted by governments and states would be regulated and punishable under international law.
• Examples are ,– hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, Denial-of-service attacks, or terroristic threats made via electronic communication.
International Incidents • The Baltic state of Estonia was target to a massive denial-of-service attack that
ultimately rendered the country offline and shut out from services dependent on Internet connectivity for three weeks in the spring of 2007. The infrastructure of Estonia including everything from online banking and mobile phone networks to government services and access to health care information was disabled for a time. The tech-dependent state was in severe problem and there was a great deal of concern over the nature and intent of the attack.
• During the Russia-Georgia War, on 5 August 2008, three days before Georgia launched its invasion of South Ossetia, the websites for OSInform News Agency and OSRadio were hacked.
• In October 2007, the website of Ukrainian president Viktor Yushchenko was attacked by hackers. A radical Russian nationalist youth group, the Eurasian Youth Movement, claimed responsibility.
Local Incidents
• In 1998, ethnic Tamil guerrillas swamped Sri Lankan embassies with 800 e-mails a day over a two-week period. The messages read "We are the Internet Black Tigers and we're doing this to disrupt your communications." Intelligence authorities characterized it as the first known attack by terrorists against a country's computer systems.
• In May 2009 SRI LANKA Army's official news wing, (www.army.lk) has been illegally hacked by suspected Tiger terrorists
Other Countries – State of Preparedness
• The Chinese Defense Ministry confirmed the existence of an online defense unit in May 2011. Composed of about thirty elite internet specialists, the so-called "Cyber Blue Team," or "Blue Army," is officially claimed to be engaged in cyber-defense operations, though there are fears the unit has been used to penetrate secure online systems of foreign governments.
• May 2011 Israeli Prime Minister Benjamin Netanyahu announced the establishment of the National Internet Defense Taskforce, charged with developing tools to secure vital Israeli online infrastructure. "The main responsibility of the taskforce will be to expand the state's ability to defend vital infrastructure networks against cybernetic terrorist attacks perpetrated by foreign countries and terrorist elements
• The US Department of Defense (DoD) charged the United States Strategic Command with the duty of combating cyber terrorism. This is accomplished through the Joint Task Force-Global Network Operations, which is the operational component supporting USSTRATCOM in defense of the DoD's Global Information Grid. This is done by integrating GNO capabilities into the operations of all DoD computers, networks, and systems used by DoD combatant commands, services and agencies.
Other Countries – State of Preparedness
National Cyber Security Strategies in the World
Other Countries – State of Preparedness
EU Moving Towards a Combined Strategy .
The Strategy is accompanied by the technical legislative proposal by the European Commission's Directorate General Connect to strengthen the security of information systems in the EU. This will encourage economic growth as people's confidence in buying things online and using the Internet will be strengthened. The Strategy is offering clear priorities for the EU international cyberspace policy:
1. Freedom and openness: The strategy will outline the vision and principles on applying the EU core values and fundamental rights in cyberspace.
2. The laws, norms and EU's core values apply as much in the cyberspace as in the physical world: The responsibility for a more secure cyberspace lies with all players of the global information society, from citizens to governments.
3. Developing cyber security capacity building: The EU will engage with international partners and organisations, the private sector and civil society to support global capacity building in third countries. It will include improving access to information and to an open Internet, and preventing cyber threats.
4. Fostering international cooperation in cyberspace issues: To preserve open, free and secure cyberspace is a global challenge, which the EU will address together with the relevant international partners and organisations, the private sector and civil society.
Sri Lanka Computer Emergency Readiness Team (CERT)
Reshan Dewapura (Head of SL Central IT Body / ICTA ) made the following five practical proposals to overcome cyber crime in Sri Lanka:-
1. We have to recognise that it is the responsibility of the government to ensure that national networks are secure and have not been penetrated. To achieve this, the nation’s cyber activities need to be coordinated on both the institutional, district and provincial levels. And this has to be led by the Apex Agency of Cyber Security in Sri Lanka, SLCERT.2.
Centralised bodies such as Sri Lanka CERT, Law Enforcement Agencies and the Legislature should focus on areas where it has particular competence, such as protecting critical infrastructure and coordinating legal structures, as well as regulating and working with business, consumer protection privacy, and anti-terrorism.3.
The national security policy would need to be extended to include a cyber security agenda that covers the length and breadth of the country, in order to take the message to the people that cyber security is compatible with individual rights, privacy and freedom of speech.
Sri Lanka Computer Emergency Readiness Team (CERT)
4.
This national security and defense policy can be used for furthering Sri Lanka’s cyber security agenda; this policy must also ensure that military operations and civilian missions are protected against cyber attacks. Cyber defence should be made an active capability of the country as a whole; it is crucial that Sri Lanka takes advantage of the overlaps it shares with its powerful Asian neighbours to coordinate activities between our countries.
5. Establish Public Private Partnerships – It is essential for governments to cooperate with the private sector, as the majority of web infrastructure is in private hands. All developed nations have identified this and are working closely with the private sector, and the private sector in return should reciprocate equally.”
Sri Lanka Computer Emergency Readiness Team (CERT) - Actual State
• Citizens
Citizens who use emails, social media and many web applications such as e-banking are misled and duped by people who have malicious and financial intents.
• Government Organizations 1. Information Security (IS) Audit. IS audits on your IT systems should be carried out every
6 months, at the very minimum.2. Sri Lanka CERT|CC conducted a web security workshop/seminar for government 3. Ensure your website is compliant with Sri Lanka Government web standards. 4. Ensure that your web developer or the party responsible for maintain the website
comply with Information Security checklist.5. Ensure that your organization has adopted, implemented and conforming to the
Information Security Policy which has been approved by the Cabinet of Ministers through the eGovernment Policy.
6. Information Security Management Systems (ISMS) certificate
Concluding Remarks
1. Resources and attention given to Sri Lankan Cyber Security sector is very less compared with neighboring countries.
2. The appointed body to secure the country from such threats are severely understaffed, and comparatively has limited technical knowledge compared to privet sector specialists.
3. Cyber Security is the least secure of the security bodies in Sri Lanka (Compared with Army , Navy Air force & Police)
Thank You !
Bibliography for Research 1. Westcott N. (2008) , “Digital Diplomacy: The Impact of the Internet on International
Relations” , Oxford Internet Institute, Research Report 16
2. Nissenbaum H (2005) , “Where Computer Security Meets National Security” , Ethics and Information Technology , New York University
3. Edith Cowan University (2010) , “International Relations and Cyber Attached Official and Unofficial Disclosure” , Australian Information Security Welfare Conference
4. Nye J S (2010), “Cyber Power”, Harvard Kennedy School
5. Graham E (2010) , “Cyber Threats and Law of War” , Journal of Security Law and Policy”
6. Herzog J (2011) , “Revisiting Estonian Cyber Attacks: Digital Threats and Multinational Responses” , Journal of Strategy Security
7. Cavelty M (2013) , “ From Cyber Bombs to Political Fallout: Threat Representations with an Impact in the Cyber Security Disclosure” , International Studies Review