Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and.

Published byDayna Rose Modified over 9 years ago

Similar presentations

Presentation on theme: "Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and."— Presentation transcript:

1 Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and Technology (KACST)

2 What is Cybersecurity? N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY A very wide-ranging term with no standard definition Cybersecurity is the science of protecting networks, computers, programs and data from attack, damage or unauthorized access. Cybersecurity is the availability, integrity and secrecy of information systems and networks in the face of attacks, accidents and failures. We can divide it into knowing what to do—science of cybersecurity Knowing how to do—engineering of cybersecurity 4/29/20152

3 Types of Attacks N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Man-in-the-middle Malware Denial-of-Service (DoS) Unpatched software Socially engineered attacks … 4/29/20153

4 Cost of Cyber Attacks N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY The UK suffered 44 million cyber attacks in 2011 – the equivalent of 120,000 a day – and such attacks are estimated to cost the country up to £27 billion a year. A global price tag of $338 billion in 2011–Symantec When theft of intellectual property is factored in, the figure soars past $1 trillion-former head of the NSA, General Michael Hayden 4/29/20154

5 Attacks on the Rise N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY CERT-In: 23 in 2004 vs. 22,060 in 2012 Ponemon Institute: 18% increase in successful attacks Ponemon Institute: 26% increase in average cost 4/29/20155

6 Cyber Attacks to Cyber Warfare N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY In the 2006 war against Hezbollah, Israel alleges that cyber warfare was part of the conflict, targeting the Israel Defense Forces (IDF) In September 2007, Israel carried out an airstrike on Syria. U.S. military sources speculated that the Israelis may have used cyber warfare to allow their planes to pass undetected by radar into Syria In September 2010, Iran was attacked by the Stuxnet worm targeting its nuclear facility. May 2013, US DoD accused China’s military of launching cyber attacks against US computer systems Over 120 countries developed strategies to use the Internet as a weapon 4/29/20156

7 HOW MANY ATTACKS? 4/29/20157 N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY  1,385 Defacement  26 in April

8 HOW MANY ATTACKS? 4/29/20158 N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY

9 Tip of the Iceberg N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY 4/29/20159

10 Regin N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Regin is a multi-purpose data collection tool. Multiple versions were found in the wild. Targets: several corporations, institutions, academics, and individuals At least since 2008 4/29/201510

11 Challenges N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Cyber Attacks can be launched at any time and from anywhere Attacks cost next to nothing Successful attacks can be catastrophic Changing Environment: Technology adoption is moving faster than security implementation Shifting Strategies: data in transit (66%) vs. stored data (26.5%) No metrics to measure (in)security 4/29/201511

12 Threats N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Any device that has an IP could be a target to cyber attacks Nation states have the potential to disrupt an enemy’s economy and perhaps reach their strategic objectives without risk to their armed forces “If you want to hit a country severely you hit its power and water supplies. Cyber technology can do this without shooting a single bullet.” Isaac Ben-Israel (Major General Israeli Air Force) 4/29/201512

13 Internet of Things N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Objects and people will be equipped with identifiers Managed and inventoried by computers IBA Research: more than 30 Billion devices by 2020 4/29/201513

14 Internet of Things N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Security firm: Global cyberattack was launched from more than 100,000 everyday appliances Gadgets included routers, televisions and at least one "smart" refrigerator Poorly protected "smart" devices may be easier to infect and control than PC, laptops, or tablets 4/29/201514

15 Internet of Things N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY 4/29/201515

16 Good News N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Tremendous research attention Research Labs Dedicated conferences and workshops Encouraging results * Alomair and Poovendran, U.S. Patent 20,130,145,169, entitled EFFICIENT AUTHENTICATION FOR MOBILE AND PERVASIVE COMPUTING, (IEEE Transactions on Mobile Computing). Speed cycles/byte Energy consumption µJ/bit SHA-like40.1820-30 Our results*0.020.00026 4/29/201516

17 Conclusion N ATIONAL S YMPOSIUM FOR C OMMAND & C ONTROL AND C YBERSECURITY Cyber threats are increasing Attackers are changing strategies continuously Must stay ahead of the game Research, research, and more research 4/29/201517

18 Thank You!

Download ppt "Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and."

Similar presentations

A Local Mean Field Analysis of Security Investments in Networks Marc Lelarge (INRIA-ENS) Jean Bolot (SPRINT) NetEcon 2008.

A Local Mean Field Analysis of Security Investments in Networks Marc Lelarge (INRIA-ENS) Jean Bolot (SPRINT) NetEcon 2008.
James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.

James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.
UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.
Challenge of Nuclear Weapons

Challenge of Nuclear Weapons
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Brian Connett, LCDR, USN US NAVAL ACADEMY

Brian Connett, LCDR, USN US NAVAL ACADEMY
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): cyber warfare is actions by.

Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Network Security of The United States of America By: Jeffery T. Pelletier.

Network Security of The United States of America By: Jeffery T. Pelletier.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
DuWayne Aikins Information Security Forum May 21, 2015 Cyber, A Militarized Domain: What is Means to Texas.

DuWayne Aikins Information Security Forum May 21, 2015 Cyber, A Militarized Domain: What is Means to Texas.
Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.

Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.
Geneva, Switzerland, 15-16 September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.

Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.
Economics of Malware: Epidemic Risk Model, Network Externalities and Incentives. Marc Lelarge (INRIA-ENS) WEIS, University College London, June 2009.

Economics of Malware: Epidemic Risk Model, Network Externalities and Incentives. Marc Lelarge (INRIA-ENS) WEIS, University College London, June 2009.
What is Smart Grid/Metering for electric distribution? Should they be implemented in the US? Presented by: Jeffrey Grodzki, April Romanishan, Cameron Hinkel,

What is Smart Grid/Metering for electric distribution? Should they be implemented in the US? Presented by: Jeffrey Grodzki, April Romanishan, Cameron Hinkel,
Disaster & Smart City in Aging Society – Designing a secure and resilient smart city Smart City and Resiliency Jirapon Sunkpho College of Innovation Thammasat.

Disaster & Smart City in Aging Society – Designing a secure and resilient smart city Smart City and Resiliency Jirapon Sunkpho College of Innovation Thammasat.
Securing Information Systems

Securing Information Systems
A First Course in Information Security

A First Course in Information Security
Mobil e 65% of companies are deploying at least one social software tool. SocialClou d Digital content grew to Over 80% of new apps were distributed or.

Mobil e 65% of companies are deploying at least one social software tool. SocialClou d Digital content grew to Over 80% of new apps were distributed or.

Similar presentations

Ads by Google