ARF DEFENSE OFFICIALS' DIALOGUE 13TH ARF SECURITY POLICY CONFERENCE REGIONAL CYBER SECURITY CHALLENGES DIR. NEBUCHADNEZZAR ALEJANDRINO CHIEF, CYBERSECURITY DIVISION DEPARTMENT OF NATIONAL DEFENSE P H I L I P P I N E S

I

5 DOMAINS OF MILITARY OPERATIONS

ADDRESS BAR SPOOFING ADVANCED PERSISTENT THREATS ADWARE ARBITRARY COMMAND EXECUTION ARRAY INTEGER OVERFLOWS BACKDOORS BLENDED THREATS BUFFER OVERFLOWS CODE INJECTIONS COOKIE DISCLOSURES CROSS SITE REQUEST FORGERY CROSS SITE SCRIPTING DATA AGGREGATION ATTACKS DATA EXFILTRATION DENIAL OF SERVICE DIRECTORY TRAVERSALS DNS POISONING FILE OVERWRITE FORCED TWEET FORMAT STRINGS FRANKENMALWARE HEAP OVERFLOWS INFORMATION DISCLOSURES KEYLOGGERS LOCAL FILE INCLUSIONS LOCAL STACK BUFFER OVERFLOW MALWARE MAN IN THE BROWSER ATTACKS MAN IN THE MIDDLE ATTACKS NULL BYTE INJECTION OPEN REDIRECTION PRIVILEGE ESCALATIONS REMOTE CODE INJECTION REMOTE CODE EXECUTION REMOTE COMMAND EXECUTIONS REMOTE STACK BUFFER OVERFLOW ROOTKITS SCAREWARE SHELL UPLOADS SPYWARE SQL INJECTIONS STACK POINTER UNDERFLOW TOJAN-DOWNLOADERS TROJANS VIRUSES WORMS MALVERTISING CRIMEVERTISING HTTP PARAMETER POLLUTION VECTORS OF ATTACK ARBITRARY FILE DOWNLOADS DNS CHANGES

BLOODLESS NO BOUNDARIES ACCESSIBLE ASSYMMETRICAL ANONIMITY ATTRIBUTION PROBLEM CHEAP CHARACTERISTICS OF CYBER ATTACK

No.Country Internet Users by 2016 Internet Penetration % Population Internet Speed (MBps) 1China721,434, %1,382,323, India462,124, %1,326,801, U.S.286,942, %324,118, Japan115,111, %126,323, Russia102,258, %143,439, Indonesia53,236, %260,581, Viet Nam49,063,76252%94,444, Philippines44,478, %102,250, South Korea43,274, %50,503, Pakistan34,342, %192,826, TOP 10 ARF’S INTERNET USER PENETRATION & INTERNET SPEED

ARF COUNTRIES AVERAGE INTERNET SPEED No.Country Internet Speed (MBps) PopulationInternet Users Internet Penetration % 1 South Korea ,503,93343,274, % 2 Japan ,323,715115,111, % 3 U.S ,118,787286,942, % 4 Singapore 13.95,696,5064,699, % 5 Canada ,286,37832,120, % 6 Russia ,439,832102,258, % 7 Thailand 9.368,146,60929,078, % 8 New Zealand 9.34,565,1854,078, % 9 Australia 8.224,309,33020,679, % 10 Mongolia 7.03,006,4441,069, % 11 Malaysia 5.230,751,60221,090, % 12 Sri Lanka 4.820,810,8166,087, % 13 China 4.11,382,323,332721,434, % 14 Indonesia ,581,10053,236, % 15 Viet Nam 3.894,444,20049,063,76252% 16 Cambodia 3.315,827,2411,756, % 17 Philippines ,250,13344,478, % 18 India 2.81,326,801,576462,124, % 19 Brunei ,874310, % 20 Bangladesh ,910,86421,439, % 21 Myanmar 2.154,363,4261,353, % 22 LaoPDR 2.16,918,3671,087, % 23 Pakistan ,826,50234,342, % 24 Timor-Leste 2.01,211,24514, % 25 Papua New Guinea 1.27,776,115906, %

ACTUAL CYBER ATTACKS REPORTED ISRAEL vs IRAN US vs IRAN AND OTHERS…

The Stuxnet virus cost an estimated US$1 million to create and the former CIA Director Michael Hayden said “it was sophisticated enough to have required the backing of one or more nation states”. STUXNET ONLY COST US$ 1M

“A nation with less wealth can now compete with a nation of more wealth”!

REVOLUTION IN MILITARY AFFAIRS

II

Complexity of threats Dilemma of attribution State and non-state actors No common understanding of “cyber” terminology Public-Private sector cooperation GLOBAL & REGIONAL CHALLENGES OF COMMON INTEREST

Insufficient R&D Unavailability of expertise Public awareness Civil liberties Political unity GLOBAL & REGIONAL CHALLENGES OF COMMON INTEREST

Varying development and priorities ASEAN way GLOBAL & REGIONAL CHALLENGES OF COMMON INTEREST

Permanent Coordinating Mechanism Establish a Robust ASEAN-CERT Security of the ASEAN Secretariat SOLUTIONS TO GLOBAL AND REGIONAL CHALLENGES

Create a Cyber Security Hub of Excellence Creation of a “Cyber-Secured Zone” Increase Public Awareness and Civil Liberties’ Protection SOLUTIONS TO GLOBAL AND REGIONAL CHALLENGES

Enhance Defense Cooperation and Law Enforcement Agree a Common Position on Responsible State Behavior Further Strengthen International Cooperation SOLUTIONS TO GLOBAL AND REGIONAL CHALLENGES

MACTAN CEBU DECLARATION Connected ASEAN: Enabling Aspirations 12th ASEAN TELMIN (Telecommunications & Information Technology Ministers Meeting) 16 November 2012 – Mactan, Cebu, Philippines.

MACTAN CEBU DECLARATION Connected ASEAN: Enabling Aspirations 1. International and regional collaboration 2.“Conducive, safe, secured, and trusted environment 3. Safe and secured fixed and mobile broadband. 4. Promotion of a secure online environment

5.Facilitating robust and resilient information infrastructure 6.Best practices on data protection 7.ASEAN CERT Collaboration MACTAN CEBU DECLARATION Connected ASEAN: Enabling Aspirations

III

CENTER FOR STRATEGIC AND INTERNATIONAL STUDIES

HACKMAGEDDON - INFORMATION SECURITY TIMELINES AND STATISTICS WWW. HACKMAGEDDON.COM

ZONE-H UNRESTRICTED INFORMATION ZONE-H.ORG/ARCHIVE/

LIVE ATTACK MAPS DIGITAL ATTACK MAP CHECKPOINT THREATCLOUD

ARF DEFENSE OFFICIALS' DIALOGUE 13TH ARF SECURITY POLICY CONFERENCE THANK YOU DIR. NEBUCHADNEZZAR ALEJANDRINO CHIEF, CYBERSECURITY DIVISION DEPARTMENT OF NATIONAL DEFENSE P H I L I P P I N E S