לוחמת סייבר – איום הסייבר המדינתי

Slides:

Advertisements

Similar presentations

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.

Advertisements

POSSIBLE THREATS TO DATA

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Agenda COBIT 5 Product Family Information Security COBIT 5 content

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Security Controls – What Works

Security+ Guide to Network Security Fundamentals

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Stephen S. Yau CSE , Fall Security Strategies.

PROJECT ON information system audit

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

1 Kyung Hee University Prof. Choong Seon HONG Network Control.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Cyber Threats Scenarios and Defense Model Principles ASSOCHAM Cyber Security Conference April 2011 Presented by Dr. Nimrod Kozlovski, Chairman,

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Information Systems Security Operations Security Domain #9.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &

Chapter 13 Understanding E-Security. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES Security in Cyberspace Conceptualizing Security.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

Scott Charney Cybercrime and Risk Management PwC.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Secure  Message interception (confidentiality)  Message interception (blocked delivery)  Message interception and subsequent replay  Message.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Safe’n’Sec IT security solutions for enterprises of any size.

IS3220 Information Technology Infrastructure Security

Information Management System Ali Saeed Khan 29 th April, 2016.

Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.

Jeff Warnock COSC 352 Indiana University of Pennsylvania Spring 2010.

Welcome to the ICT Department Unit 3_5 Security Policies.

UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday.

Surveillance and Security Systems Cyber Security Integration.

Clouding with Microsoft Azure

Principles Identified - UK DfT -

CS457 Introduction to Information Security Systems

Blackboard Security System

Data and database administration

Security and Encryption

امنیت شبکه علی فانیان

The University of Adelaide, School of Computer Science

Security week 1 Introductions Class website Syllabus review

Mohammad Alauthman Computer Security Mohammad Alauthman

IT Management Services Infrastructure Services

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Presentation transcript:

לוחמת סייבר – איום הסייבר המדינתי ד"ר נמרוד קוזלובסקי, עו"ד

תוכן המצגת בהחלט אפשר לשתק מדינה בהתקפה דיגיטלית משולבת מקרי בוחן להתקפות סייבר מודל האיום תשתיות קריטיות בהודו כמקרה בוחן תפישת סייבר לאומית שינוי פרדיגמת אבטחת המידע איך צריכה חברה להיערך? בהחלט אפשר לשתק מדינה בהתקפה דיגיטלית משולבת (סגן שר ההגנה האמריקני לשעבר גורדון אינגלנד, מתוך 'גלובס', 14/2/2012)

Critical Infrastructure מקרי בוחן- תקריות סייבר לאומיות Greece Interception Georgia dDoS Brazil Critical Infrastructure Iran Stuxnet COMODO Certification Theft Australia Hacking Korea GPS manipulation 2005 2007 2008 2009 2009 2010 2010 2011 Estonia dDoS China Ghostnet China DNS Redirection NSDQ Interception RSA Algorithm Theaft ©All Right Reserved to Altal Security Ltd., 2011.

איומים- מודל האיום Threat Cycles Intrusion Purpose Enablers Internal External IT Infrastructure management Engineering network Through Information Infrastructure Focused damage or Mass damage Theft/ Manipulation/ Injection/ Deletion Immediate/ Trigger-based Human Fault Technology Fault Organization Process-Based Faulty 4 ©All Right Reserved to Altal Security Ltd., 2011.

Critical Infrastructure Threats and security model איומים- מודל האיום Critical Infrastructure Threats and security model Threats Attacks Destruction Corruption Removal Disclosure Interruption 8 Security Dimensions Access Control Authentication Non-Repudiation Data Confidentiality Data Integrity Availability Privacy Management Plane Control Plane Security Layers End-user Plane Application Security Services Security Infrastructure Vulnerabilities Planes Communication Security 5 ©All Right Reserved to Altal Security Ltd., 2011.

Critical infrastructure האיומים בשרשרת האספקה Control and access Manufacturer Enemy/ Competitor/ Hostile entity OEM Shipment and Supply Integrator/ Managed Services Enforcement Critical infrastructure network State/ Stakeholders/ Intrusion destination

א-סימטריה בין התוקף למותקף תקיפות ע"י טכנולוגיה פשוטה, זמינה וזולה Personal computer intrusion Remote network intrusion External impersonation Unintentional Data Leakage Data Mining Network Social Engineering Hardware/ Software Burying Commuter and Storage Theft Copy by Internals

איום ההטמנה, פעילות "מתחת למכ"ם" Impersonation of legit activity in all layers Not necessarily immediate effect Not necessarily Identifiable destruction Action Personal computer intrusion Remote network intrusion Code Embed/ Manipulation Purpose Monitoring Threat Computer and Storage Theft Data Mining Mapping and analysis Destruction Voice Interception Traffic redirection Unintentional Data Leakage Network Social Engineering Hardware Hiding Data Interception Re-transmission on existing infrastructure Future control External impersonation Copy by Internals Communication Re-transmission via RF Focused Blockings ©All Right Reserved to Altal Security Ltd., 2011.

ניסיון לשתק תשתיות מידע ושליטה Closed-Garden Networks (Military, Gov) Critical Infrastructure (Power, Nuclear) Industrial Open Infrastructure (Water, Transportation, Telecom) Interconnectivity Complexity Openness 3 ©All Right Reserved to Altal Security Ltd., 2011.

הודו כמקרה מבחן לאיומי תשתית (טלקום) Government & Military Seniors Location Spotting for assassination HLR Take Down Traffic redirection (Add-on + RF) Citizens redirection by SMS to terror attack Smart phones attack Hiding hardware on core equipment to enable retransmission of traffic to a close apartment “integrator” gains access to Network Topology documentation VSAT Block ©All Right Reserved to Altal Security Ltd., 2011.

תפישת סייבר לאומית Requires National Involvement National Level Threat Analysis Synchronization Technology Development Efficient Enforcement Requires National Involvement Human Resource Security Vendors & procurement Telecom Architecture Physical Security Legal Interception (LI) Security Audit and Control Logical Access Controls Architecture Secured by design Network Certification ©All Right Reserved to Altal Security Ltd., 2011.

ביקורת על שיטת הגנת הסייבר המסורתית הגנה פאסיבית Network security Structure and security standards are known Does not consider up-to-date attack scenarios National Interest not in focus Trusted User IT oriented security technologies Protected Asset Known (standard) Infrastructure Perimeter Security Structure does not dramatically change (but upgraded) Technologies are not tailored to be compatible with new threat model ©All Right Reserved to Altal Security Ltd., 2011.

Source: Bell, Staying Secure

Source: Book Excerpt: Customer Data Integration and Master Data Management for Global Enterprise, Information Management

פרדיגמת האבטחה החדשה Shared Pro-Active Integrative Inter-sector information sharing (Private-Public sharing model) Traps/ Honey-pots Integrated cross- sectors analysis Initiate attacks to identify reaction One coordinating entity for all sectors Distributed sensors system (connecting the ‘dots’) Humint in external R&D arrays Integrated incentive structure for defense Hiding capabilities in target systems Shared monitoring and analytics of incidents Central incident response ”brain” Monitor patterns/Profiles ©All Right Reserved to Altal Security Ltd., 2011.

מן הכוח אל הפועל- סקר איומים על ידי גורם חיצוני התקפות מדינה התקפות מצד גורמי טרור התקפות מצד גורמי פשיעה (כולל שילוב של גורמים פנימיים) התקפות מצד קבוצות מאוגדות (האקטיביסטים) התקפות מצד גורמים חובבניים / קבוצות האקרים

מתודולוגית בדיקה- שלב מכין הגדרת מדיניות הכרת ובחינת מדיניות נוכחית בדיקת התאמה לתקנים ורגולצית אבטחת מידע קביעת רמת סיכון הגדרת סיכוני אבטחת מידע בחינת השפעת הסיכונים על החברה שליטה והגנה בחינת מערכות ניתור, מבדקי הקשחה הדרכת מנהלים, הצפנה ומידור מידע, חסימה ומניעת שירותים

סקר הסיכונים סקר כללי סיכום- המצאת מסמך, מצגת והצגת ממצאי הסקר בחינת והגדרת האיומים הרלוונטיים בחינה כללית של תהליכי העבודה סקר תהליכים סקירה ארכיטקטונית וטכנולוגית של פתרונות IT סקירת פונקציונאליות תהליכית ראיונות- תהליך עסקי/טכנולוגי/אבטחת מידע סיכום- המצאת מסמך, מצגת והצגת ממצאי הסקר בניית תרחישי איום בדיקות נקודתיות

פרויקט מוכנות לאיומי סייבר בתשתית קריטית Information security organizational structure Information Assets Human resources security Physical Security Logical Access Controls User Management Securing Procurement and Test-bed Security management of Vendors Endpoints (Terminals) management Servers Management Databases Management Application Security Smartphone Security Protecting from internet threats Telecom Network Security Change Management procedure/ monitoring Storage & backup security Audit & control – LOGS Management Securing Lawful interception Suggested technologies Risk Management Incident handling Network certification process Forensics method

פרויקט מוכנות לאיומי סייבר בתשתית קריטית