relevance of cyber security
DESCRIPTION
The art of war teaches us not to rely on the likelihood of the enemy’s not coming , but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have make our own position unassailable. The Art of War Sun Tzu. RELEVANCE OF - PowerPoint PPT PresentationTRANSCRIPT
The art of war teaches us not to rely on the likelihood of the enemy’s not coming , but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have make our own position unassailable.
The Art of WarSun Tzu
RELEVANCE OF
CYBER SECURITY
THE I T ROAD MAPTHE I T ROAD MAPTHE I T ROAD MAPTHE I T ROAD MAP
ORG RESTRUCTURINGOF ARMY : PHASE II
IW- OFFENSIVE
ORG & INFO DISSEMINATION SYSTEMS
ORG RESTRUCTURINGOF ARMY : PHASE I
IW- DFENSIVE
CIDSS – TEST BED
LOGISTIC NWCOMD ITI (CITI)
SETTING UP AIIT
ASTROID PHASE - I
IW- PROTECTIVE
IW – AWARENESS DRIVE
M/S – ARMY WIDE
BACK BONE IIFOR INFO SUPER HIGHWAY
FULL ITLITERACY
ARTRAN
MIS – ALL CORPS
BACK BONE IFOR INFO SUPER HIGHWAY
ASTROID
IT IN CIVIC ACTION
MIS – CORPS PILOT PROJECT
ARMY INTRANET UP TO COMD HQ
IT ROAD MAP : 2008
2006
2002
1998
2008
2004
2000
TO GIVE YOU AN OVERVIEW OF TO GIVE YOU AN OVERVIEW OF
CYBER SECURITYAND ACQUAINT YOU CYBER SECURITYAND ACQUAINT YOU
WITH CYBER SECURITY INITIATIVES WITH CYBER SECURITY INITIATIVES
AT DIFFERENT LEVELSAT DIFFERENT LEVELS
TO GIVE YOU AN OVERVIEW OF TO GIVE YOU AN OVERVIEW OF
CYBER SECURITYAND ACQUAINT YOU CYBER SECURITYAND ACQUAINT YOU
WITH CYBER SECURITY INITIATIVES WITH CYBER SECURITY INITIATIVES
AT DIFFERENT LEVELSAT DIFFERENT LEVELS
• THREATS AND TARGETS
• FUNDAMENTALS AND TECHNIQUES
• INITIATIVES
• NATIONAL AND ARMY
• MCTE
• UNIT LEVEL
• IMPLEMENTATION OF CYBER SECURITY
CYBER SECURITY
CYBER SECURITY INTEGRATES & COORD POLICIES & PROCEDURES, OPS, PERS & TECHNOLOGY, TO PROTECT & DEFEND INFO & INFO SYS.
ELECTRONIC INFO IS VULNERABLEELECTRONIC INFO IS VULNERABLE
EVESDROPPING MANIPULATION
STEALING DESTRUCTION
DENIAL
CHARACTERISTICS OF CYBER THREATS
• No international boundaries
• Low cost
• Detection avoidance
• Inadequate laws
SECURITY THREATS
SECURITY “THREAT” IS :- PASSIVE (DISCLOSURE OF INFO)
OR ACTIVE (DESTRUCTION, CORRUPTION OF
RESOURCE, INTERRUPTION OF SERVICE) eg. FILE REMOVED OR FILE REPLACED BY JUNK
PASSIVE THREATS
Hi! ?
Hi!
Network
Hi!
Sender
Recipient
IntruderHi!
SOURCE
ATTACKER
DESTINATION
ACTIVE THREATS
ACTIVE THREATSACTIVE THREATSThe unauthorised use of a device attached to
a communication facility to alter transmitting data or control signals or to generate spurious data or control signals
Modification, Removal Of Data
Denial of Message Service
Masquerade
Comn Centres
AccountingDistribution
OPERATIONS, COMNSPLANNING , COMD AND CONTROL
NETWORKS & SUPPORT PROCESSES
SYSTEMS & PEOPLE
COMPONENTS& SOFTWARE
The
“Attackers”
Aiming Points
The
“Attackers”
Targets
Targets in the Cyber Environment
Business Planning
APPLICATIONSAPPLICATIONS
DATABASESDATABASES
OPERATING SYSTEMSOPERATING SYSTEMS
NETWORK SERVICESNETWORK SERVICES
The IT Infrastructure – Weak Points
Security Breaches
… Some Statistics
“Insider” Breaches
Installation/use of unauthorized software
Infection of company equipment
Use of company computing resources for illegal or illicit communications
Abuse of computer access controls
Physical theft, sabotage or intentional destruction of computing equipment
Fraud
% of respondents experiencing these breaches in the past 12 months
0% 10% 20% 30% 40% 50% 60% 70% 80%
Survey2000Information Security
73%
70%
63%
58%
42%
13%
“Outsider” Breaches
Viruses/Trojans/Worms
Denial-of-service
Exploits related to active program scripting
Attacks related to protocol weaknesses
Attacks related to insecure passwords
Attacks on bugs in Web servers
% of respondents experiencing these breaches in the past 12 months
0% 10% 20% 30% 40% 50% 60% 70% 80%
73%
37%
26%
25%
37%
24%
Survey2000Information Security
Recent Security Breaches
US Office of Surface Mining Hewlett Packard Company Cruise Missile Command and Control programs (US
Navy) Arab Academy for science and technology and
Maritime Transport Panasonic Fax Machines UK Nokia Corporation NEC Corporation (Japan) Compaq Computer Corporation
Sites hit in March 2001
937 breaches(…just the ones
which were reported…)
Source : www.attrition.org
…And this is what they did
US NAVY SITE
COMPAQ SITE
PANASONIC SITE
OFFENSIVE TOOLS AND TECHNOLOGIES
CYBER TOOLS FOR ATTACKCYBER TOOLS FOR ATTACK
• Hacking / Cracking tools
• Virus Programs
• Sniffers , Trojan horses
• Auditing Tools (SATAN)
– L0PHT-Crack – Back Orifice 2000– Netbus– NetScan Pro– Jack the Ripper– Happy Hacker Suite
Hacking Tools
The Problem
How to carry the trust which we have in the paper based world into the realm of cyber space ?
In the paper based society, we ;
Write a letter on letter head and sign it.
WHICH ENSURES the identity of an individual or application
AUTHENTICATION
Security in Paper Media…1
We sign in front of the witness
WHICH ENSURESthat information cannot be manipulated
Ref:Ref:Sub: Sub: Sir,Sir,
This is with yourThis is with yourRef vide -------Ref vide -----------------------------------------------
XYZSignatureSignature
INTEGRITY
Security in Paper Media…2
Put the letter in an envelope and seal it
WHICH ENSURES that information is kept private and intact
CONFIDENTIALITY
Security in Paper Media…3
Send information by Certified mail
WHICH ENSURES that information can not be disowned
NON REPUDIATION
Security in Paper Media…4
DEFENSIVE TOOLS AND TECHNOLOGIES
• FIREWALLS
• ANTI VIRUS
• IDS
• VPN
• PKI
AUTHENTICATIONVerification of originator
NONREPUDIATIONUndeniable proofof participation
AVAILABILITYAssured access byauthorised users
CONFIDENTIALITYProtection from
unauthorised disclosure
INTEGRITYProtection from
unauthorised change
ELEMENTS OF CYBER SECURITY
RESTORATIONProtection,Detection
& Reaction capabilities
What Is A Firewall Device that connects networks (internal and/or external with varying levels of trust)
Used to implement and enforce a Security PolicySecurity Policy regarding communication between
those networks
Untrusted Networks & ServersTrusted Networks Firewall
Router
Internet
Intranet
Public Accessible Servers & Networks
Trusted Users
Untrusted Users
Server Segment
PCs SERVERS
WAN / WAN / INTRANETINTRANET
HQ XYZ CORPSHQ ABC CORPS
MOBILE USER
FIREWALL
Placing a Firewall
ROUTER
SWITCH
ROUTER
PCs SERVERS
WANWAN
SWITCH
ROUTER
ROUTER
FIREWALLANTI
VIRUS
MOBILE USER
……Virus Protection
HQ XYZ CORPS
HQ ABC CORPS
PCs SERVERS
WANWAN
SWITCH
ROUTER
ROUTER
FIREWALLANTI
VIRUS
IDS
HQ XYZ CORPS OFFICE 2
MOBILE USER
Intrusion Detection Systems
EXTERNALATTACK
ALERT!ATTACK
DETECTED
RECORD SESSION
TERMINATE SESSION
ALERT!ATTACK
DETECTED
EMAIL/LOG/
REPORT
RECONFIGUREFIREWALL/
ROUTER
INTERNALATTACK
ALERT
RECORD SESSIONSEND EMAIL
LOG SESSION
REAL TIME WATCHDOG
EMAIL/LOG/
REPORT
Virtual Private Networks
• Joins networks spread over a geographical expanse.
• Provides a data tunnel through a public network.
• Ensures the data which passes through it is encrypted.
• Effective means of confidentiality through Internet.
Virtual Private Networks
DATADATAENCRYPTIONENCRYPTION
TUNNELTUNNEL
P K I
Security RequirementsSecurity Requirements
NON REPUDIATION
AUTHENTICATION
CONFIDENTIALITY
INTEGRITY
Replace letterhead
& signature on original document
Replace Envelope
Ref:Ref:Sub: Sub: Sir,Sir, This is with yourThis is with your
Ref vide -------Ref vide -----------------------------------------------
XYZSignatureSignature
Cryptographic digital signature
Encryption
Symmetric Cryptography
Algorithm
+
Requires a shared key between the two parties
+Algorithm
Encryption Decryption
Key Key
Asymmetric Cryptography
Algorithm
+
Requires a key pair between the two parties
+Algorithm
Encryption Decryption
Public Key Private Key
Common e-Security Technologies
Authentication
Confidentiality
Integrity Non-repudiation
Anti-virus
Firewalls
AccessControl
Encryption
Public KeyInfrastructure
BCP - v1.0 - 04/99
CERTIFYING AUTHS - FOR LICENCING, CERTIFYING &
MONITORING USE OF DIGITAL SIGNATURES
CYBER REGULATIONS ADVISORY COMMITTEE
PENALTIES & ADJUDICATION
TO CURB CMPTR CRIMES
ADJUDICATING OFFRS
CYBER REGULATIONS APPELLATE TRIBUNAL (HEADED BY
HIGH COURT JUDGE)
INFORMATION TECHNOLOGY ACT
NATIONAL LEVEL
Covers all types of computer systems in the army
Safeguarding of Classified and Sensitive Unclassified Info
Networking of Info Stores
Nomination and duties of System Security Administrator
Periodic review of Safeguards
Internet access
Dial up access
Security of WAP
Use of commercially available off the shelf security software
Backups
Handling of TOP SECRET software
SALIENT FEATURES : CYBER SECURITY POLICY
ARMY LEVEL
INITIATIVES
TASKS
Knowledge centre on Cyber Security and Converging Technologies
Undertake pilot studies and projects Adaptation of technology Monitoring of outsourced pilot projects Advice on evaluation, induction, testing & R&D Interaction with trade, industry, academia & other
agencies
• Physical Security – Hardware / Software• Anti Virus • Consciousness of staff using e-Media• Storage of classified data• Accounting procedures for print outs• Procedures for copying data• Password protection • Shared folders in LAN environment
7 Top Management Errors that Lead to Computer Security Vulnerabilities
Number 1: Assign untrained people to maintain security and
provide neither the training nor the time to make it possible to do the job.
Number 2: Fail to understand the relationship of information
security to the business problem -- they understand physical security but do not see the consequences of poor information security.
Number 3: Fail to deal with the operational aspects of security:
make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed.
Source: SANS Institute
Resources
…7 Top Management Errors that Lead to Computer Security Vulnerabilities
Number 4: Rely primarily on a firewall.
Number 5: Fail to realize how much money their information and
organizational reputations are worth
Number 6: Authorize reactive, short-term fixes so problems re-
emerge rapidly
Number 7: Pretend the problem will go away if they ignore itSource: SANS
Institute Resources
Mistakes People Make that Lead to Security Breaches
The Five Worst Security Mistakes End Users
Opening unsolicited e-mail attachments without verifying their source and checking their content first.
Failing to install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.
Installing screen savers or games from unknown sources.
Not making and testing backups.
Using a modem while connected through a local area network.
Source: SANS Institute Resources
Six Steps to Cyber Security
• Baselining and Policy Formulation
• Planning and Design of a Secure Architecture
• Training and Education
• Technology and Implementation
• Audit, Monitoring and Forensics
• Validation and Updation of the Process
Security Assessments
Understanding Security Requirements
IT ThreatsIT Vulnerabilities
External & Internal Scenario Changes
Security Audit
Validate Security Policy
Security Policy
Deploy Technology
The Security Model
Training