The art of war teaches us not to rely on the likelihood of the enemy’s not coming , but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have make our own position unassailable.

The Art of WarSun Tzu

RELEVANCE OF

CYBER SECURITY

THE I T ROAD MAPTHE I T ROAD MAPTHE I T ROAD MAPTHE I T ROAD MAP

ORG RESTRUCTURINGOF ARMY : PHASE II

IW- OFFENSIVE

ORG & INFO DISSEMINATION SYSTEMS

ORG RESTRUCTURINGOF ARMY : PHASE I

IW- DFENSIVE

CIDSS – TEST BED

LOGISTIC NWCOMD ITI (CITI)

SETTING UP AIIT

ASTROID PHASE - I

IW- PROTECTIVE

IW – AWARENESS DRIVE

M/S – ARMY WIDE

BACK BONE IIFOR INFO SUPER HIGHWAY

FULL ITLITERACY

ARTRAN

MIS – ALL CORPS

BACK BONE IFOR INFO SUPER HIGHWAY

ASTROID

IT IN CIVIC ACTION

MIS – CORPS PILOT PROJECT

ARMY INTRANET UP TO COMD HQ

IT ROAD MAP : 2008

2006

2002

1998

2008

2004

2000

TO GIVE YOU AN OVERVIEW OF TO GIVE YOU AN OVERVIEW OF

CYBER SECURITYAND ACQUAINT YOU CYBER SECURITYAND ACQUAINT YOU

WITH CYBER SECURITY INITIATIVES WITH CYBER SECURITY INITIATIVES

AT DIFFERENT LEVELSAT DIFFERENT LEVELS

TO GIVE YOU AN OVERVIEW OF TO GIVE YOU AN OVERVIEW OF

CYBER SECURITYAND ACQUAINT YOU CYBER SECURITYAND ACQUAINT YOU

WITH CYBER SECURITY INITIATIVES WITH CYBER SECURITY INITIATIVES

AT DIFFERENT LEVELSAT DIFFERENT LEVELS

• THREATS AND TARGETS

• FUNDAMENTALS AND TECHNIQUES

• INITIATIVES

• NATIONAL AND ARMY

• MCTE

• UNIT LEVEL

• IMPLEMENTATION OF CYBER SECURITY

CYBER SECURITY

CYBER SECURITY INTEGRATES & COORD POLICIES & PROCEDURES, OPS, PERS & TECHNOLOGY, TO PROTECT & DEFEND INFO & INFO SYS.

ELECTRONIC INFO IS VULNERABLEELECTRONIC INFO IS VULNERABLE

EVESDROPPING MANIPULATION

STEALING DESTRUCTION

DENIAL

CHARACTERISTICS OF CYBER THREATS

• No international boundaries

• Low cost

• Detection avoidance

• Inadequate laws

SECURITY THREATS

SECURITY “THREAT” IS :- PASSIVE (DISCLOSURE OF INFO)

OR ACTIVE (DESTRUCTION, CORRUPTION OF

RESOURCE, INTERRUPTION OF SERVICE) eg. FILE REMOVED OR FILE REPLACED BY JUNK

PASSIVE THREATS

Hi! ?

Hi!

Network

Hi!

Sender

Recipient

IntruderHi!

SOURCE

ATTACKER

DESTINATION

ACTIVE THREATS

ACTIVE THREATSACTIVE THREATSThe unauthorised use of a device attached to

a communication facility to alter transmitting data or control signals or to generate spurious data or control signals

Modification, Removal Of Data

Denial of Message Service

Masquerade

Comn Centres

AccountingDistribution

OPERATIONS, COMNSPLANNING , COMD AND CONTROL

NETWORKS & SUPPORT PROCESSES

SYSTEMS & PEOPLE

COMPONENTS& SOFTWARE

The

“Attackers”

Aiming Points

The

“Attackers”

Targets

Targets in the Cyber Environment

Business Planning

APPLICATIONSAPPLICATIONS

DATABASESDATABASES

OPERATING SYSTEMSOPERATING SYSTEMS

NETWORK SERVICESNETWORK SERVICES

The IT Infrastructure – Weak Points

Security Breaches

… Some Statistics

“Insider” Breaches

Installation/use of unauthorized software

Infection of company equipment

Use of company computing resources for illegal or illicit communications

Abuse of computer access controls

Physical theft, sabotage or intentional destruction of computing equipment

Fraud

% of respondents experiencing these breaches in the past 12 months

0% 10% 20% 30% 40% 50% 60% 70% 80%

Survey2000Information Security

73%

70%

63%

58%

42%

13%

“Outsider” Breaches

Viruses/Trojans/Worms

Denial-of-service

Exploits related to active program scripting

Attacks related to protocol weaknesses

Attacks related to insecure passwords

Attacks on bugs in Web servers

% of respondents experiencing these breaches in the past 12 months

0% 10% 20% 30% 40% 50% 60% 70% 80%

73%

37%

26%

25%

37%

24%

Survey2000Information Security

Recent Security Breaches

US Office of Surface Mining Hewlett Packard Company Cruise Missile Command and Control programs (US

Navy) Arab Academy for science and technology and

Maritime Transport Panasonic Fax Machines UK Nokia Corporation NEC Corporation (Japan) Compaq Computer Corporation

Sites hit in March 2001

937 breaches(…just the ones

which were reported…)

Source : www.attrition.org

…And this is what they did

US NAVY SITE

COMPAQ SITE

PANASONIC SITE

OFFENSIVE TOOLS AND TECHNOLOGIES

CYBER TOOLS FOR ATTACKCYBER TOOLS FOR ATTACK

• Hacking / Cracking tools

• Virus Programs

• Sniffers , Trojan horses

• Auditing Tools (SATAN)

– L0PHT-Crack – Back Orifice 2000– Netbus– NetScan Pro– Jack the Ripper– Happy Hacker Suite

Hacking Tools

The Problem

How to carry the trust which we have in the paper based world into the realm of cyber space ?

In the paper based society, we ;

Write a letter on letter head and sign it.

WHICH ENSURES the identity of an individual or application

AUTHENTICATION

Security in Paper Media…1

We sign in front of the witness

WHICH ENSURESthat information cannot be manipulated

Ref:Ref:Sub: Sub: Sir,Sir,

This is with yourThis is with yourRef vide -------Ref vide -----------------------------------------------

XYZSignatureSignature

INTEGRITY

Security in Paper Media…2

Put the letter in an envelope and seal it

WHICH ENSURES that information is kept private and intact

CONFIDENTIALITY

Security in Paper Media…3

Send information by Certified mail

WHICH ENSURES that information can not be disowned

NON REPUDIATION

Security in Paper Media…4

DEFENSIVE TOOLS AND TECHNOLOGIES

• FIREWALLS

• ANTI VIRUS

• IDS

• VPN

• PKI

AUTHENTICATIONVerification of originator

NONREPUDIATIONUndeniable proofof participation

AVAILABILITYAssured access byauthorised users

CONFIDENTIALITYProtection from

unauthorised disclosure

INTEGRITYProtection from

unauthorised change

ELEMENTS OF CYBER SECURITY

RESTORATIONProtection,Detection

& Reaction capabilities

What Is A Firewall Device that connects networks (internal and/or external with varying levels of trust)

Used to implement and enforce a Security PolicySecurity Policy regarding communication between

those networks

Untrusted Networks & ServersTrusted Networks Firewall

Router

Internet

Intranet

Public Accessible Servers & Networks

Trusted Users

Untrusted Users

Server Segment

PCs SERVERS

WAN / WAN / INTRANETINTRANET

HQ XYZ CORPSHQ ABC CORPS

MOBILE USER

FIREWALL

Placing a Firewall

ROUTER

SWITCH

ROUTER

PCs SERVERS

WANWAN

SWITCH

ROUTER

ROUTER

FIREWALLANTI

VIRUS

MOBILE USER

……Virus Protection

HQ XYZ CORPS

HQ ABC CORPS

PCs SERVERS

WANWAN

SWITCH

ROUTER

ROUTER

FIREWALLANTI

VIRUS

IDS

HQ XYZ CORPS OFFICE 2

MOBILE USER

Intrusion Detection Systems

EXTERNALATTACK

ALERT!ATTACK

DETECTED

RECORD SESSION

TERMINATE SESSION

ALERT!ATTACK

DETECTED

EMAIL/LOG/

REPORT

RECONFIGUREFIREWALL/

ROUTER

INTERNALATTACK

ALERT

RECORD SESSIONSEND EMAIL

LOG SESSION

REAL TIME WATCHDOG

EMAIL/LOG/

REPORT

Virtual Private Networks

• Joins networks spread over a geographical expanse.

• Provides a data tunnel through a public network.

• Ensures the data which passes through it is encrypted.

• Effective means of confidentiality through Internet.

Virtual Private Networks

DATADATAENCRYPTIONENCRYPTION

TUNNELTUNNEL

P K I

Security RequirementsSecurity Requirements

NON REPUDIATION

AUTHENTICATION

CONFIDENTIALITY

INTEGRITY

Replace letterhead

& signature on original document

Replace Envelope

Ref:Ref:Sub: Sub: Sir,Sir, This is with yourThis is with your

Ref vide -------Ref vide -----------------------------------------------

XYZSignatureSignature

Cryptographic digital signature

Encryption

Symmetric Cryptography

Algorithm

+

Requires a shared key between the two parties

+Algorithm

Encryption Decryption

Key Key

Asymmetric Cryptography

Algorithm

+

Requires a key pair between the two parties

+Algorithm

Encryption Decryption

Public Key Private Key

Common e-Security Technologies

Authentication

Confidentiality

Integrity Non-repudiation

Anti-virus

Firewalls

AccessControl

Encryption

Public KeyInfrastructure

BCP - v1.0 - 04/99

CERTIFYING AUTHS - FOR LICENCING, CERTIFYING &

MONITORING USE OF DIGITAL SIGNATURES

CYBER REGULATIONS ADVISORY COMMITTEE

PENALTIES & ADJUDICATION

TO CURB CMPTR CRIMES

ADJUDICATING OFFRS

CYBER REGULATIONS APPELLATE TRIBUNAL (HEADED BY

HIGH COURT JUDGE)

INFORMATION TECHNOLOGY ACT

NATIONAL LEVEL

Covers all types of computer systems in the army

Safeguarding of Classified and Sensitive Unclassified Info

Networking of Info Stores

Nomination and duties of System Security Administrator

Periodic review of Safeguards

Internet access

Dial up access

Security of WAP

Use of commercially available off the shelf security software

Backups

Handling of TOP SECRET software

SALIENT FEATURES : CYBER SECURITY POLICY

ARMY LEVEL

INITIATIVES

TASKS

Knowledge centre on Cyber Security and Converging Technologies

Undertake pilot studies and projects Adaptation of technology Monitoring of outsourced pilot projects Advice on evaluation, induction, testing & R&D Interaction with trade, industry, academia & other

agencies

• Physical Security – Hardware / Software• Anti Virus • Consciousness of staff using e-Media• Storage of classified data• Accounting procedures for print outs• Procedures for copying data• Password protection • Shared folders in LAN environment

7 Top Management Errors that Lead to Computer Security Vulnerabilities

Number 1: Assign untrained people to maintain security and

provide neither the training nor the time to make it possible to do the job.

Number 2: Fail to understand the relationship of information

security to the business problem -- they understand physical security but do not see the consequences of poor information security.

Number 3: Fail to deal with the operational aspects of security:

make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed.

Source: SANS Institute

Resources

…7 Top Management Errors that Lead to Computer Security Vulnerabilities

Number 4: Rely primarily on a firewall.

Number 5: Fail to realize how much money their information and

organizational reputations are worth

Number 6: Authorize reactive, short-term fixes so problems re-

emerge rapidly

Number 7: Pretend the problem will go away if they ignore itSource: SANS

Institute Resources

Mistakes People Make that Lead to Security Breaches

The Five Worst Security Mistakes End Users

Opening unsolicited e-mail attachments without verifying their source and checking their content first.

Failing to install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.

Installing screen savers or games from unknown sources.

Not making and testing backups.

Using a modem while connected through a local area network.

Source: SANS Institute Resources

Six Steps to Cyber Security

• Baselining and Policy Formulation

• Planning and Design of a Secure Architecture

• Training and Education

• Technology and Implementation

• Audit, Monitoring and Forensics

• Validation and Updation of the Process

Security Assessments

Understanding Security Requirements

IT ThreatsIT Vulnerabilities

External & Internal Scenario Changes

Security Audit

Validate Security Policy

Security Policy

Deploy Technology

The Security Model

Training