rl-internet protection and safety
TRANSCRIPT
INTERNET PROTECTION & SAFETY
Rudi LumantoID-SIRTII/CC
APJII Open Policy Meeting 30/5/2016 - Swiss Belhotel , Batam
1
CONTENTS
• About ID-SIRTII/CC
• Understanding Threat Landscape
• Protecting National Network
2 Rudi Lumanto - APJII-OPM May 2016
ABOUT ID-SIRTII/CC
www.idsirtii.or.id3 Rudi Lumanto - APJII-OPM May 2016
ABOUT ID-SIRTII/CC
4 Rudi Lumanto - APJII-OPM May 2016
ID-SIRTII/CC PROFILE
RnD
Chair
DataCenterand
Applica1on
Monitoringand
Opera1on
ExternalCollabora1on
Educa1onand
Socializa1on
5 Rudi Lumanto - APJII-OPM May 2016
CYBER SIX OF INTERNET
A"ack
Vulnerability
Threat
Cyberspace
Cyberthreat
Cybera.ackCyberSecurity
CyberCrime
CyberLaw
Cyberespionage
CyberDefence
CyberWar
SosmedOpini
SosmedSecurity
SosmedWar
Cyber Six Principle
6 Rudi Lumanto - APJII-OPM May 2016
Threat❖ Anything that can disrupt the operation, functioning, integrity or
availability of information system
❖ Stand alone threats
❖ Threat arise without any connection to other system, ex: virus, password cracker
❖ Human threat
❖ Connection/Network threats
❖ Threat arise because of connection to other system
7 Rudi Lumanto - APJII-OPM May 2016
Malware threats
40 thousands to 140 thousands of infected machines in just two month (7-9/2013)
Top Countries infected worldwide (2015-1-6)
8 Rudi Lumanto - APJII-OPM May 2016
Threat EvolutionAttack Sophistication vs Intruder Technical Knowledge
9 Rudi Lumanto - APJII-OPM May 2016
Seven year old
11minutestohackwifi
10 Rudi Lumanto - APJII-OPM May 2016
University student❖ Harvard University student who
emailed a bomb threat around campus
❖ he was using anonymous web browser Tor to hide his identity
❖ he also reportedly used a service called Guerrilla Mail that creates temporary and anonymous email addresses for free.
11 Rudi Lumanto - APJII-OPM May 2016
Threat location
12 Rudi Lumanto - APJII-OPM May 2016
from threat to attack
13 Rudi Lumanto - APJII-OPM May 2016
From threat to attack
HANYA MASALAH WAKTU
ANCAMAN SERANGANLubang Penghubung
Vulnerabilities14 Rudi Lumanto - APJII-OPM May 2016
Vulnerability❖ Weakness in the design, configuration or implementation and
management of a computer system that renders it susceptible to a threat
❖ ISO 27005 definition
❖ A weakness of an asset or group of assets that can be exploited by one or more threats
❖ IETF RFC 2828 definition
❖ A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy
15 Rudi Lumanto - APJII-OPM May 2016
Vulnerability❖ What is the current threat environment?
❖ Organizations are realizing that traditional vulnerability-based risk management strategies are failing due to the massive number of zero-day vulnerabilities in an ever evolving and expanding technology industry.
❖ CVE and OSVDB presented their vulnerability statistics
❖ percentage (5%) of vulnerabilities in any piece of software. They only know about a very small .This means that we are running systems with 95% zero-day vulnerabilities.
16 Rudi Lumanto - APJII-OPM May 2016
Total protection ?
Theonlytrulysecuresystemisonethatispoweredoff,castinablockofconcreteandsealedinalead-linedroomwitharmedguards-andeventhenIhavemydoubts(EugeneH.Spafford)
17 Rudi Lumanto - APJII-OPM May 2016
Indonesia 2015
18 Rudi Lumanto - APJII-OPM May 2016
INTERNET PROTECTIONany countermeasure taken to protect asset from threats and attacks
Assets is anything that have a value in the organization. Ex: data and information, user or people, infrastructure or media (hardware/software)
19Rudi Lumanto - APJII-OPM May 2016
OBJECT OF PROTECTION
20Rudi Lumanto - APJII-OPM May 2016
COUNTERMEASURE
Meningkatkan kesadaran akan ancaman (security mindset)
Memperbaiki perlindungan terhadap aset nasional
Membangun daya resiliensi dan Strateginya
21 Rudi Lumanto - APJII-OPM May 2016
Comprehensive Security Management Process : Plan-Protect-Respond
Risk Management Disaster Recovery
22 Rudi Lumanto - APJII-OPM May 2016
SCOPE OF PROTECTION
Cyber Security
Global Scope Economic value
Cyber Crime
Cyber Defense
Strategic Scope State Sovereignty value
Cyber War
Kemenko polhukam Kemenhan
Kemenkominfo Kepolisian
Both have same function, like brakes in the car cyber space will slow down or go fast.
But different object of protection
23 Rudi Lumanto - APJII-OPM May 2016
PROTECTING ZONE
CapacityBuilding
Policy&LegalFramework
Organiza;onalstructure
Technical&opera;onalmeasures
Interna;onalcoopera;on Building
Safe&SecureCyber
Environment
State sovereignty zone
Economic zone
24Rudi Lumanto - APJII-OPM May 2016
PROTECTING LEVEL
Law/Regula*on
StrategicLevelorganiza*on
Tac*callevelorganiza*on
Opera*onallevelorganiza*on
DomainClassifica*on(Cri*calInfrastructure)
INTE
RN
ATIO
NA
L C
OO
PE
RAT
ION
CA
PAC
ITY
BU
ILD
ING
ME
AS
UR
E A
ND
CO
NTR
OL
Melakukan monitoring, analisa, report : NATIONAL CERT, SECTORAL CERTs, SOC, National Cyber Capacity Building Committee, Security Awareness Promotion Committee etc
Menyusun dan menjalankan strategi, program dan rencana aksi : National Cyber Defense Coordination Team, Cyber Intelligent
Merumuskan kebijakan dan strategi, prioritas dan kordinasi nasional: National Cyber Defense Council, Cyber Security Office etc
25 Rudi Lumanto - APJII-OPM May 2016
Capacity Building through Empowering people
§ APCERTDrillTest§ OICCERTDrillTest§ ACIDDrillTrace
Interna'onalDrillTest:
§ CyberJawara§ CyberSeaGames
Compe''on:
Na'onalDrillTest:§ Id-SIRTII/CCDrillTest§ AmazingTrace
26 Rudi Lumanto - APJII-OPM May 2016
Capacity Building through Empowering people
HostCyberSEAGames2015
ItisASEANcyber-securityteamcompe66on.ItpitsteamsfromalloverASEANMemberStates(AMS)tocompeteinaseriesCapturetheFlagcompe66ons.
27 Rudi Lumanto - APJII-OPM May 2016
Capacity Building through Empowering people
§ SecurityAssessment§ DataProtec2on§ Monitoring&Incident
Handling§ NetworkForensic§ DataProtec2on§ PerimeterSecurity§ WirelessSecurity§ WorkshopDataCenter
SecuritywithOSSoCware
PublicTrainingTopics:
TrainingPar1cipant:
§ DigitalForensic§ DNSSecurity§ AndroidMalwareAnalyzing§ SecureProgramming§ Server&WebSecurity§ NetworkRou2ngMul2plaHorm
OSPF*
28 Rudi Lumanto - APJII-OPM May 2016
29Rudi Lumanto - APJII-OPM May 2016