KEAMANAN INFORMASI DAN INTERNET Ppt keracunan makanan
Special
Presenta�on
on
KEAMANAN
INFORMASI
DAN
INTERNET
Konsep
–
Prinsip
–
Strategi
–
Implementasi
–
Tata
Kelola
Prof.
Richardus
Eko
Indrajit
indrajit@post.harvard.edu
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Fenomena
LAMA,
Perilaku
BARU
Anak
pertama
lahir
Anak
gadis
dimarahin
orang
tua
Suami
bertengkar
dengan
istri
Komputer
dan
telpon
rusak
Pegawai
naik
pangkat
Pergi
ke
toilet
di
tempat
publik
Silaturahmi
keluarga
saat
hari
raya
dan
lain
sebagainya
FUNGSI VERTIKAL : pengambilan keputusan
Fungsi
Strategis
TI
FUNGSI HORISONTAL: transaksi
Prinsip
Pemanfaatan
Teknologi
Informasi
#1
TI
sebagai
penunjang
kegiatan
operasional
atau
transaksional
– Mengirimkan
uang
antar
bank
– Memesan
karcis
pesawat
– Mengambil
mata
kuliah
per
semester
– Membeli
pulsa
telepon
– Mengak��an
peralatan
elektronik
dan
lain
sebagainya
Prinsip
Pemanfaatan
Teknologi
Informasi
#2
TI
sebagai
penunjang
proses
pengambilan
keputusan
– Menyimpan
dan
mengorganisasikan
data
– Mengolah
dan
merepresentasikan
data
– Membuat
laporan
berkala
maupun
ad-‐hoc
– Menjalankan
skenario
dan
simulasi
kompleks
– Mengelola
informasi
dan
pengetahuan
dan
lain
sebagainya
Prinsip
Pemanfaatan
Teknologi
Informasi
#3
TI
sebagai
penunjang
ak�vitas
komunikasi
dan
kolaborasi
– Mengirimkan
dokumen
dan
berkas
digital
– Melakukan
pembicaraan
lintas
batas
– Menjalankan
ak�vitas
kooperasi
virtual
– Mengunduh
data
dari
beragam
sumber
– Mengunggah
informasi
ke
berbagai
tempat
dan
lain
sebagainya
Kenyataan
Tak
Terabaikan
Dunia
nyata
dan
dunia
cyber
telah
saling
berkonvergensi
saling
melengkapi
Ak�vitas
kegiatan
sehari-‐hari
terjadi
di
kedua
dunia
tersebut
Jumlah
interaksi
antar
individu
dan
ins�tusi/organisasi
meningkat
secara
signifikan
Jenis
teknologi
semakin
beragam
dan
manusiawi
è
Potensi
melakukan
kegiatan
intelijen
berbasis
digital
semakin
besar
(e.g.
sudah
dijalankan)
Knowledge
Domain:
The
Cyber
Six
Cyber
Space
Cyber
Law
Cyber
Threat
Cyber
Crime
Cyber
A�ack
Cyber
Security
1
Cyberspace.
A
reality
community
between
PHYSICAL
WORLD
and
ABSTRACTION
WORLD
1.4
billion
of
real
human
popula�on
(internet
users)
Trillion
US$
of
poten�al
commerce
value
Billion
business
transac�ons
per
hour
in
24/7
mode
Internet
is
a
VALUABLE
thing
indeed.
Risk
is
embedded
within.
15
Informa�on
Roles
Why
informa�on?
– It
consists
of
important
data
and
facts
(news,
reports,
sta�s�cs,
transac�on,
logs,
etc.)
– It
can
create
percep�on
to
the
public
(market,
poli�cs,
image,
marke�ng,
etc.)
– It
represents
valuable
assets
(money,
documents,
password,
secret
code,
etc.)
– It
is
a
raw
material
of
knowledge
(strategy,
plan,
intelligence,
etc.)
What
is
Internet
?
A
giant
network
of
networks
where
people
exchange
informa�on
through
various
different
digital-‐based
ways:
Email
Mailing
List
Website
Cha�ng
Newsgroup
Blogging
E-‐commerce
E-‐marke�ng
E-‐government
“… what is the value of internet ???”
2
Cyberthreat.
n
The trend has increased in
an exponential rate mode
n
Motives are vary from
recreational to criminal
purposes
n
Can caused significant
economic losses and
political suffers
n
Difficult to mitigate
web defacement
Threats
are
there
to
stay.
Can’t
do
so
much
about
it.
SMTP relay
root access
information leakage
virus infection
theft
spamming
hoax
sql injection
phishing
intrusion
malware distribution
trojan horse
malicious software
spoofing
Dos/DDoS
botnet
worms
open proxy
password cracking
blended attack
18
Interna�onal
Issues
What
Does
FBI
Say
About
Companies:
–
–
–
–
–
91%
have
detected
employee
abuse
70%
indicate
the
Internet
as
a
frequent
a�ack
point
64%
have
suffered
financial
losses
40%
have
detected
a�acks
from
outside
36%
have
reported
security
incidents
Source:
FBI
Computer
Crime
and
Security
Survey
2001
Professions
Threat
Knowledge
Threats
So�ware
Tools
Threat
Vulnerabili�es-‐dBase
Threat
Hacking-‐dBase
Threat
Underground
Economy
Growing
Vulnerabili�es
Incidents and Vulnerabilities Reported to CERT/CC
4500
2500
“Through 2008, 90 percent of
successful hacker attacks
will exploit well-known software
vulnerabilities.”
”
2000
- Gartner*
3500
3000
140,000
120,000
100,000
80,000
60,000
1500
1000
40,000
500
20,000
0
0
1995
1996
1997
1998
1999
Vulnerabilities
2000
2001
2002
2003
2004
Security Incidents
*
Gartner
“CIO
Alert:
Follow
Gartner’s
Guidelines
for
Upda�ng
Security
on
Internet
Servers,
Reduce
Risks.”
J.
Pescatore,
February
2003
**
As
of
2004,
CERT/CC
no
longer
tracks
Security
Incident
sta�s�cs.
Total Security Incidents
Total Vulnerabilities
4000
160,000
Poten�al
Threats
Unstructured
Threats
w
w
w
Insiders
Recrea�onal
Hackers
Ins�tu�onal
Hackers
Structured
Threats
w
w
w
Organized
Crime
Industrial
Espionage
Hack�vists
Na�onal
Security
Threats
w Terrorists
w Intelligence
Agencies
w Informa�on
Warriors
3
Cybera�ack.
Too
many
a�acks
have
been
performed
within
the
cyberspace.
Most
are
triggered
by
the
cases
in
the
real
world.
The
eternal
wars
and
ba�les
have
been
in
towns
lately.
Estonia
notorious
case
has
opened
the
eyes
of
all
people
in
the
world.
A�ack
can
occur
any�me
and
anyplace
without
no�ce.
Internet
and
Crimes
MENINGKAT
SIGNIFIKAN
!!!
ID-‐SIRTII
Monitoring
Analysis
Case
#1
Case
#2
Case
#3
Case
#4
Case
#5
A�acks
Sophis�ca�on
Auto
Coordinated
Tools
Cross site scripting
“stealth”” / advanced
scanning techniques
High
packet spoofing denial of service
Intruder
Knowledge
sniffers
sweepers
GUI
Staged
distributed
attack tools
www attacks
automated probes/scans
back doors
network mgmt. diagnostics
disabling audits
hijacking
sessions
burglaries
exploiting known vulnerabilities
Attack
Sophistication
password cracking
self-replicating code
password guessing
Low
1980
1985
1990
1995
2005
Vulnerabili�es
Exploit
Cycle
Novice Intruders
Use Crude
Exploit Tools
Crude
Exploit Tools
Distributed
Automated
Scanning/Exploit
Tools Developed
Widespread Use
of Automated
Scanning/Exploit
Tools
Advanced
Intruders
Discover New
Vulnerability
#
Of
Incidents
Time
Highest Exposure
Intruders
Begin
Using New
Types
of Exploits
File
Management
Microsoft Excel
URL
Management
URL
Directory
Traversal
Management
Directory Traversal
Mailing
List
Management
Email Reply
Live
Camera
Management
Java Applet
Surveillance
Camera
Management
Web Monitor
Security
Camera
Management
Sony
Mul�ple
Camera
Management
Multi Frame
4
Cybersecurity.
Lead
by
ITU
for
interna�onal
domain,
while
some
standards
are
introduced
by
different
ins�tu�on
(ISO,
ITGI,
ISACA,
etc.)
“Your
security
is
my
security”
–
individual
behavior
counts
while
various
collabora�ons
are
needed
Educa�on,
value,
and
ethics
are
the
best
defense
approaches.
Risk
Management
Aspect
Threats
Exploi
t
Vulnerabilities
Protect
against
Controls
Expose
Reduce
Risk
Assets
Met
by
Have
Security
Requirements
Asset
Values
Impact on
Organisation
Strategies
for
Protec�on
Protecting Interactions
Protecting Information
Protecting Infrastructure
Physical
Security
Checklist
Informa�on
Security
Checklist
Mandatory
Requirements
“Cri�cal
infrastructures
are
those
physical
and
cyber-‐
based
systems
essen�al
to
the
minimum
opera�ons
of
the
economy
and
government.
These
systems
are
so
vital,
that
their
incapacity
or
destruc�on
would
have
a
debilita�ng
impact
on
the
defense
or
economic
security
of
the
na�on.”
Agriculture
&
Food,
Banking
&
Finance,
Chemical,
Defense
Industrial
Base,
Drinking
Water
and
Wastewater
Treatment
Systems,
Emergency
Services,
Energy,
Informa�on
Technology,
Postal
&
Shipping,
Public
Health
&
Healthcare,
Telecommunica�ons,
Transporta�on
Systems
Informa�on
Security
Disciplines
Physical
security
Procedural
security
Personnel
security
Compromising
emana�ons
security
Opera�ng
system
security
Communica�ons
security
a
failure
in
any
of
these
areas
can
undermine
the
security
of
a
system
Best
Prac�ce
Standard
BS7799/ISO17799
1
Information
Security Policy
10
Security
Organisation
Compliance
2
9
Bus. Continuity
Planning
8
Integrity
Confiden�ality
Asset
Classification
Controls
3
Informa�on
System
Development &
Maint.
7
Access
Controls
Personnel
Security
Availability
Communication
& Operations
Mgmt
Physical
Security
6
5
4
These
Two
Guys
…..
versus
5
Cybercrime.
n
Globally defined as INTERCEPTION,
INTERRUPTION, MODIFICATION, and
FABRICATION
n
Virtually involving inter national
boundaries and multi resources
n
Intentionally targeting to fulfill
special objective(s)
n
Convergence in nature with
intelligence efforts.
Crime
has
inten�onal
objec�ves.
Stay
away
from
the
bull’s
eye.
Type
of
A�acks
Malicious
Ac�vi�es
Mo�ves
of
Ac�vi�es
1.
2.
3.
4.
Thrill
Seekers
Organized
Crime
Terrorist
Groups
Na�on-‐States
6
Cyberlaw.
n
Difficult to keep updated as
technology trend moves
n
Different stories between the
rules and enforcement efforts
n
Require various infrastructure,
superstructure, and resources
n
Can be easily “out-tracked” by
law practitioners
Cyberlaw
is
here
to
protect
you.
At
least
playing
role
in
mi�ga�on.
The
Crime
Scenes
IT as a Tool
IT as a Storage Device
IT as a Target
First
Cyber
Law
in
Indonesia.
Range of penalty:
Rp 600 million - Rp 12 billion (equal to US$ 60,000 to US$ 1,2 million)
6 to 12 years in prison (jail)
starting from
25 March 2008
Picture: Indonesia Parliament in Session
Main
Challenge.
ILLEGAL
“… the distribution of
illegal materials within
the internet …”
ILLEGAL
“… the existence of
source with illegal
materials that can be
accessed through
the internet …”
Two
Way
Rela�onship
Real
World
“Physical War””
Cyber
Space
“Virtual War””
Two
Way
Rela�onship
Real
World
relate
relate
real interaction
real transaction
real resources
real people
flow of information
flow of product/services
flow of money
Cyber
Space
Two
Way
Rela�onship
Ethics
Law
Real
World
Cyber
Space
Rule of Conduct
Mechanism
Cyber Law
“Ruling Cyber Space interaction with Real World Penalty”
”
Classic
Defini�on
of
War
WAR is here to stay…
“Can Cyber Law alone
become the weapon
for modern defense
against 21st century
Cyber Warfare & Cyber
Crime?”
Two
Way
Rela�onship
Real
World
impact
impact
Cyber
Space
Two
Way
Rela�onship
blackmail
threaten
destroy
attack
mess up
ruin
Real
World
penetrate
crime
destroy
terminate
Poli�cal
Incidents
Interna�onal
Events
Published
Books
Cyber
Space
disrupt
Training
Materials
Pirated
Tools
Community
of
Interests
Two
Way
Rela�onship
justify
suspect
sue
investigate
Real
World
Personal
Blogs
Ci�zen
Journalism
inspect
sabotage
condemn
examine
spy
gossip
Anonymous
Interac�on
Cyber
Space
perceive
Phishing
and
Forgery
Campaign
and
Provoca�on
Communi�es
Reviews
The
Paradox
of
Increasing
Internet
Value
internet
users
+
+
transac�on
value
+
interac�on
frequency
+
communi�es
spectrum
usage
objec�ves
=
The
Internet
Value
it
means…
threats
a�acks
crimes
Internet
Security
Issues
Domain
Internet
is
formed
through
connec�ng
a
set
of
digital-‐
based
physical
technology
that
follows
a
good
number
of
standards
and
protocols
All
technical
components
(hardware
and
so�ware)
interact
to
each
other
within
a
complex
dependent…
TECHNICAL
ISSUES
INTERNET
SECURITY
BUSINESS
ISSUES
SOCIAL
ISSUES
What
are
interac�ng
in
the
net
are
real
people,
not
just
a
bunch
of
“intellectual
machines”
–
by
the
end
of
the
day,
human
mind,
characters,
behaviors,
and
values
ma�er
It
is
not
an
“isolated
world”
that
does
not
have
any
rela�onship
with
the
real
physical
world
It
is
a
part
of
business
system
as
transac�ons
and
interac�ons
are
being
conducted
accordingly
As
technology
mimic,
enable,
drive,
and
transform
the
business,
internet
dependency
is
high
For
the
ac�vi�es
that
rely
on
�me
and
space
–
where
resources
and
processes
can
be
digitalized
-‐
the
network
is
the
business
Technical
Trend
Perspec�ve
the
phenomena…
malicious
code
vulnerabili�es
spam
and
spyware
phishing
and
iden�fy
the�
�me
to
exploita�on
the
efforts…
Intrusion
Preven�on
So�ware
Patches
Firewalls
Malware
Blocking
Encryp�on
and
PKI
An�spyware
Network
Access
Control
An�Virus
Applica�on
and
Device
Control
Web
and
Email
Security
Business
Trend
Perspec�ve
the
context…
Risk
Management
Prac�ces
Cost
Benefit
Analysis
Regulatory
Compliance
Governance
Requirements
Digital
Asset
Management
Standard
and
Policy
Enforcement
the
strategy…
Archiving
and
Reten�on
Management
IT
Audit
Business
Con�ngency
Plan
Chief
Security
Officer
Security
Management
Technology
Compliance
Disaster
Recovery
Center
ISO
Compliance
Standard
Cer�fica�on
Storage
and
Backup
Management
Backup
and
Recovery
Applica�on
and
Device
Control
Social
Trend
Perspec�ve
the
characteris�cs…
Computer
Savvy
Society
Digital
System
Everywhere
Free
World,
Open
Market
the
choices…
policy
vs.
design
enforcement
vs.
culture
Internet
as
New
Fron�er
pressure
vs.
educa�on
reward
vs.
punishment
standard
vs.
self
control
regula�on
vs.
ethical
behavior
Borderless
Geography
top-‐down
vs.
bo�om-‐up
preven�on
vs.
reac�on
The
Core
Rela�onships
People
(Social
Aspects)
Context/Content
Applica�ons
(Business
Aspects)
Technology
(Technical
Aspects)
Converging
Trend
BUSINESS
TECHNICAL
ISSUES
ISSUES
SOCIAL
ISSUES
Internetworking
Dependency
Since
the
strength
of
a
chain
depends
on
the
weakest
link,
then
YOUR
SECURITY
is
MY
SECURITY…
Things
to
Do
1.
2.
3.
4.
5.
6.
7.
8.
Iden�fy
your
valuable
assets
Define
your
security
perimeter
Recognize
all
related
par�es
involved
Conduct
risk
analysis
and
mi�ga�on
strategy
Ensure
standard
security
system
intact
Ins�tu�onalize
the
procedures
and
mechanism
Share
the
experiences
among
others
Con�nue
improving
security
quality
Key
ac�vi�es:
use
the
THEORY
OF
CONSTRAINTS
!
(Find
the
weakest
link,
and
help
them
to
increase
their
security
performance
and
capabili�es…)
Beware
…
Work
Philosophy
Why does a car have BRAKES ???
The car have BRAKES so that it can go FAST … !!!
Why should we have regulation?
Why should we establish institution?
Why should we collaborate with others?
Why should we agree upon mechanism?
Why should we develop procedures?
Why should we have standard?
Why should we protect our safety?
Why should we manage risks?
Why should we form response team?
Thank
You
Prof.
Richardus
Eko
Indrajit
Chairman
of
ID-‐SIRTII
and
APTIKOM
indrajit@post.harvard.edu
www.eko-‐indrajit.com
Presenta�on
on
KEAMANAN
INFORMASI
DAN
INTERNET
Konsep
–
Prinsip
–
Strategi
–
Implementasi
–
Tata
Kelola
Prof.
Richardus
Eko
Indrajit
indrajit@post.harvard.edu
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Apa
yang
harus
DILAKUKAN
?
Fenomena
LAMA,
Perilaku
BARU
Anak
pertama
lahir
Anak
gadis
dimarahin
orang
tua
Suami
bertengkar
dengan
istri
Komputer
dan
telpon
rusak
Pegawai
naik
pangkat
Pergi
ke
toilet
di
tempat
publik
Silaturahmi
keluarga
saat
hari
raya
dan
lain
sebagainya
FUNGSI VERTIKAL : pengambilan keputusan
Fungsi
Strategis
TI
FUNGSI HORISONTAL: transaksi
Prinsip
Pemanfaatan
Teknologi
Informasi
#1
TI
sebagai
penunjang
kegiatan
operasional
atau
transaksional
– Mengirimkan
uang
antar
bank
– Memesan
karcis
pesawat
– Mengambil
mata
kuliah
per
semester
– Membeli
pulsa
telepon
– Mengak��an
peralatan
elektronik
dan
lain
sebagainya
Prinsip
Pemanfaatan
Teknologi
Informasi
#2
TI
sebagai
penunjang
proses
pengambilan
keputusan
– Menyimpan
dan
mengorganisasikan
data
– Mengolah
dan
merepresentasikan
data
– Membuat
laporan
berkala
maupun
ad-‐hoc
– Menjalankan
skenario
dan
simulasi
kompleks
– Mengelola
informasi
dan
pengetahuan
dan
lain
sebagainya
Prinsip
Pemanfaatan
Teknologi
Informasi
#3
TI
sebagai
penunjang
ak�vitas
komunikasi
dan
kolaborasi
– Mengirimkan
dokumen
dan
berkas
digital
– Melakukan
pembicaraan
lintas
batas
– Menjalankan
ak�vitas
kooperasi
virtual
– Mengunduh
data
dari
beragam
sumber
– Mengunggah
informasi
ke
berbagai
tempat
dan
lain
sebagainya
Kenyataan
Tak
Terabaikan
Dunia
nyata
dan
dunia
cyber
telah
saling
berkonvergensi
saling
melengkapi
Ak�vitas
kegiatan
sehari-‐hari
terjadi
di
kedua
dunia
tersebut
Jumlah
interaksi
antar
individu
dan
ins�tusi/organisasi
meningkat
secara
signifikan
Jenis
teknologi
semakin
beragam
dan
manusiawi
è
Potensi
melakukan
kegiatan
intelijen
berbasis
digital
semakin
besar
(e.g.
sudah
dijalankan)
Knowledge
Domain:
The
Cyber
Six
Cyber
Space
Cyber
Law
Cyber
Threat
Cyber
Crime
Cyber
A�ack
Cyber
Security
1
Cyberspace.
A
reality
community
between
PHYSICAL
WORLD
and
ABSTRACTION
WORLD
1.4
billion
of
real
human
popula�on
(internet
users)
Trillion
US$
of
poten�al
commerce
value
Billion
business
transac�ons
per
hour
in
24/7
mode
Internet
is
a
VALUABLE
thing
indeed.
Risk
is
embedded
within.
15
Informa�on
Roles
Why
informa�on?
– It
consists
of
important
data
and
facts
(news,
reports,
sta�s�cs,
transac�on,
logs,
etc.)
– It
can
create
percep�on
to
the
public
(market,
poli�cs,
image,
marke�ng,
etc.)
– It
represents
valuable
assets
(money,
documents,
password,
secret
code,
etc.)
– It
is
a
raw
material
of
knowledge
(strategy,
plan,
intelligence,
etc.)
What
is
Internet
?
A
giant
network
of
networks
where
people
exchange
informa�on
through
various
different
digital-‐based
ways:
Mailing
List
Website
Cha�ng
Newsgroup
Blogging
E-‐commerce
E-‐marke�ng
E-‐government
“… what is the value of internet ???”
2
Cyberthreat.
n
The trend has increased in
an exponential rate mode
n
Motives are vary from
recreational to criminal
purposes
n
Can caused significant
economic losses and
political suffers
n
Difficult to mitigate
web defacement
Threats
are
there
to
stay.
Can’t
do
so
much
about
it.
SMTP relay
root access
information leakage
virus infection
theft
spamming
hoax
sql injection
phishing
intrusion
malware distribution
trojan horse
malicious software
spoofing
Dos/DDoS
botnet
worms
open proxy
password cracking
blended attack
18
Interna�onal
Issues
What
Does
FBI
Say
About
Companies:
–
–
–
–
–
91%
have
detected
employee
abuse
70%
indicate
the
Internet
as
a
frequent
a�ack
point
64%
have
suffered
financial
losses
40%
have
detected
a�acks
from
outside
36%
have
reported
security
incidents
Source:
FBI
Computer
Crime
and
Security
Survey
2001
Professions
Threat
Knowledge
Threats
So�ware
Tools
Threat
Vulnerabili�es-‐dBase
Threat
Hacking-‐dBase
Threat
Underground
Economy
Growing
Vulnerabili�es
Incidents and Vulnerabilities Reported to CERT/CC
4500
2500
“Through 2008, 90 percent of
successful hacker attacks
will exploit well-known software
vulnerabilities.”
”
2000
- Gartner*
3500
3000
140,000
120,000
100,000
80,000
60,000
1500
1000
40,000
500
20,000
0
0
1995
1996
1997
1998
1999
Vulnerabilities
2000
2001
2002
2003
2004
Security Incidents
*
Gartner
“CIO
Alert:
Follow
Gartner’s
Guidelines
for
Upda�ng
Security
on
Internet
Servers,
Reduce
Risks.”
J.
Pescatore,
February
2003
**
As
of
2004,
CERT/CC
no
longer
tracks
Security
Incident
sta�s�cs.
Total Security Incidents
Total Vulnerabilities
4000
160,000
Poten�al
Threats
Unstructured
Threats
w
w
w
Insiders
Recrea�onal
Hackers
Ins�tu�onal
Hackers
Structured
Threats
w
w
w
Organized
Crime
Industrial
Espionage
Hack�vists
Na�onal
Security
Threats
w Terrorists
w Intelligence
Agencies
w Informa�on
Warriors
3
Cybera�ack.
Too
many
a�acks
have
been
performed
within
the
cyberspace.
Most
are
triggered
by
the
cases
in
the
real
world.
The
eternal
wars
and
ba�les
have
been
in
towns
lately.
Estonia
notorious
case
has
opened
the
eyes
of
all
people
in
the
world.
A�ack
can
occur
any�me
and
anyplace
without
no�ce.
Internet
and
Crimes
MENINGKAT
SIGNIFIKAN
!!!
ID-‐SIRTII
Monitoring
Analysis
Case
#1
Case
#2
Case
#3
Case
#4
Case
#5
A�acks
Sophis�ca�on
Auto
Coordinated
Tools
Cross site scripting
“stealth”” / advanced
scanning techniques
High
packet spoofing denial of service
Intruder
Knowledge
sniffers
sweepers
GUI
Staged
distributed
attack tools
www attacks
automated probes/scans
back doors
network mgmt. diagnostics
disabling audits
hijacking
sessions
burglaries
exploiting known vulnerabilities
Attack
Sophistication
password cracking
self-replicating code
password guessing
Low
1980
1985
1990
1995
2005
Vulnerabili�es
Exploit
Cycle
Novice Intruders
Use Crude
Exploit Tools
Crude
Exploit Tools
Distributed
Automated
Scanning/Exploit
Tools Developed
Widespread Use
of Automated
Scanning/Exploit
Tools
Advanced
Intruders
Discover New
Vulnerability
#
Of
Incidents
Time
Highest Exposure
Intruders
Begin
Using New
Types
of Exploits
File
Management
Microsoft Excel
URL
Management
URL
Directory
Traversal
Management
Directory Traversal
Mailing
List
Management
Email Reply
Live
Camera
Management
Java Applet
Surveillance
Camera
Management
Web Monitor
Security
Camera
Management
Sony
Mul�ple
Camera
Management
Multi Frame
4
Cybersecurity.
Lead
by
ITU
for
interna�onal
domain,
while
some
standards
are
introduced
by
different
ins�tu�on
(ISO,
ITGI,
ISACA,
etc.)
“Your
security
is
my
security”
–
individual
behavior
counts
while
various
collabora�ons
are
needed
Educa�on,
value,
and
ethics
are
the
best
defense
approaches.
Risk
Management
Aspect
Threats
Exploi
t
Vulnerabilities
Protect
against
Controls
Expose
Reduce
Risk
Assets
Met
by
Have
Security
Requirements
Asset
Values
Impact on
Organisation
Strategies
for
Protec�on
Protecting Interactions
Protecting Information
Protecting Infrastructure
Physical
Security
Checklist
Informa�on
Security
Checklist
Mandatory
Requirements
“Cri�cal
infrastructures
are
those
physical
and
cyber-‐
based
systems
essen�al
to
the
minimum
opera�ons
of
the
economy
and
government.
These
systems
are
so
vital,
that
their
incapacity
or
destruc�on
would
have
a
debilita�ng
impact
on
the
defense
or
economic
security
of
the
na�on.”
Agriculture
&
Food,
Banking
&
Finance,
Chemical,
Defense
Industrial
Base,
Drinking
Water
and
Wastewater
Treatment
Systems,
Emergency
Services,
Energy,
Informa�on
Technology,
Postal
&
Shipping,
Public
Health
&
Healthcare,
Telecommunica�ons,
Transporta�on
Systems
Informa�on
Security
Disciplines
Physical
security
Procedural
security
Personnel
security
Compromising
emana�ons
security
Opera�ng
system
security
Communica�ons
security
a
failure
in
any
of
these
areas
can
undermine
the
security
of
a
system
Best
Prac�ce
Standard
BS7799/ISO17799
1
Information
Security Policy
10
Security
Organisation
Compliance
2
9
Bus. Continuity
Planning
8
Integrity
Confiden�ality
Asset
Classification
Controls
3
Informa�on
System
Development &
Maint.
7
Access
Controls
Personnel
Security
Availability
Communication
& Operations
Mgmt
Physical
Security
6
5
4
These
Two
Guys
…..
versus
5
Cybercrime.
n
Globally defined as INTERCEPTION,
INTERRUPTION, MODIFICATION, and
FABRICATION
n
Virtually involving inter national
boundaries and multi resources
n
Intentionally targeting to fulfill
special objective(s)
n
Convergence in nature with
intelligence efforts.
Crime
has
inten�onal
objec�ves.
Stay
away
from
the
bull’s
eye.
Type
of
A�acks
Malicious
Ac�vi�es
Mo�ves
of
Ac�vi�es
1.
2.
3.
4.
Thrill
Seekers
Organized
Crime
Terrorist
Groups
Na�on-‐States
6
Cyberlaw.
n
Difficult to keep updated as
technology trend moves
n
Different stories between the
rules and enforcement efforts
n
Require various infrastructure,
superstructure, and resources
n
Can be easily “out-tracked” by
law practitioners
Cyberlaw
is
here
to
protect
you.
At
least
playing
role
in
mi�ga�on.
The
Crime
Scenes
IT as a Tool
IT as a Storage Device
IT as a Target
First
Cyber
Law
in
Indonesia.
Range of penalty:
Rp 600 million - Rp 12 billion (equal to US$ 60,000 to US$ 1,2 million)
6 to 12 years in prison (jail)
starting from
25 March 2008
Picture: Indonesia Parliament in Session
Main
Challenge.
ILLEGAL
“… the distribution of
illegal materials within
the internet …”
ILLEGAL
“… the existence of
source with illegal
materials that can be
accessed through
the internet …”
Two
Way
Rela�onship
Real
World
“Physical War””
Cyber
Space
“Virtual War””
Two
Way
Rela�onship
Real
World
relate
relate
real interaction
real transaction
real resources
real people
flow of information
flow of product/services
flow of money
Cyber
Space
Two
Way
Rela�onship
Ethics
Law
Real
World
Cyber
Space
Rule of Conduct
Mechanism
Cyber Law
“Ruling Cyber Space interaction with Real World Penalty”
”
Classic
Defini�on
of
War
WAR is here to stay…
“Can Cyber Law alone
become the weapon
for modern defense
against 21st century
Cyber Warfare & Cyber
Crime?”
Two
Way
Rela�onship
Real
World
impact
impact
Cyber
Space
Two
Way
Rela�onship
blackmail
threaten
destroy
attack
mess up
ruin
Real
World
penetrate
crime
destroy
terminate
Poli�cal
Incidents
Interna�onal
Events
Published
Books
Cyber
Space
disrupt
Training
Materials
Pirated
Tools
Community
of
Interests
Two
Way
Rela�onship
justify
suspect
sue
investigate
Real
World
Personal
Blogs
Ci�zen
Journalism
inspect
sabotage
condemn
examine
spy
gossip
Anonymous
Interac�on
Cyber
Space
perceive
Phishing
and
Forgery
Campaign
and
Provoca�on
Communi�es
Reviews
The
Paradox
of
Increasing
Internet
Value
internet
users
+
+
transac�on
value
+
interac�on
frequency
+
communi�es
spectrum
usage
objec�ves
=
The
Internet
Value
it
means…
threats
a�acks
crimes
Internet
Security
Issues
Domain
Internet
is
formed
through
connec�ng
a
set
of
digital-‐
based
physical
technology
that
follows
a
good
number
of
standards
and
protocols
All
technical
components
(hardware
and
so�ware)
interact
to
each
other
within
a
complex
dependent…
TECHNICAL
ISSUES
INTERNET
SECURITY
BUSINESS
ISSUES
SOCIAL
ISSUES
What
are
interac�ng
in
the
net
are
real
people,
not
just
a
bunch
of
“intellectual
machines”
–
by
the
end
of
the
day,
human
mind,
characters,
behaviors,
and
values
ma�er
It
is
not
an
“isolated
world”
that
does
not
have
any
rela�onship
with
the
real
physical
world
It
is
a
part
of
business
system
as
transac�ons
and
interac�ons
are
being
conducted
accordingly
As
technology
mimic,
enable,
drive,
and
transform
the
business,
internet
dependency
is
high
For
the
ac�vi�es
that
rely
on
�me
and
space
–
where
resources
and
processes
can
be
digitalized
-‐
the
network
is
the
business
Technical
Trend
Perspec�ve
the
phenomena…
malicious
code
vulnerabili�es
spam
and
spyware
phishing
and
iden�fy
the�
�me
to
exploita�on
the
efforts…
Intrusion
Preven�on
So�ware
Patches
Firewalls
Malware
Blocking
Encryp�on
and
PKI
An�spyware
Network
Access
Control
An�Virus
Applica�on
and
Device
Control
Web
and
Security
Business
Trend
Perspec�ve
the
context…
Risk
Management
Prac�ces
Cost
Benefit
Analysis
Regulatory
Compliance
Governance
Requirements
Digital
Asset
Management
Standard
and
Policy
Enforcement
the
strategy…
Archiving
and
Reten�on
Management
IT
Audit
Business
Con�ngency
Plan
Chief
Security
Officer
Security
Management
Technology
Compliance
Disaster
Recovery
Center
ISO
Compliance
Standard
Cer�fica�on
Storage
and
Backup
Management
Backup
and
Recovery
Applica�on
and
Device
Control
Social
Trend
Perspec�ve
the
characteris�cs…
Computer
Savvy
Society
Digital
System
Everywhere
Free
World,
Open
Market
the
choices…
policy
vs.
design
enforcement
vs.
culture
Internet
as
New
Fron�er
pressure
vs.
educa�on
reward
vs.
punishment
standard
vs.
self
control
regula�on
vs.
ethical
behavior
Borderless
Geography
top-‐down
vs.
bo�om-‐up
preven�on
vs.
reac�on
The
Core
Rela�onships
People
(Social
Aspects)
Context/Content
Applica�ons
(Business
Aspects)
Technology
(Technical
Aspects)
Converging
Trend
BUSINESS
TECHNICAL
ISSUES
ISSUES
SOCIAL
ISSUES
Internetworking
Dependency
Since
the
strength
of
a
chain
depends
on
the
weakest
link,
then
YOUR
SECURITY
is
MY
SECURITY…
Things
to
Do
1.
2.
3.
4.
5.
6.
7.
8.
Iden�fy
your
valuable
assets
Define
your
security
perimeter
Recognize
all
related
par�es
involved
Conduct
risk
analysis
and
mi�ga�on
strategy
Ensure
standard
security
system
intact
Ins�tu�onalize
the
procedures
and
mechanism
Share
the
experiences
among
others
Con�nue
improving
security
quality
Key
ac�vi�es:
use
the
THEORY
OF
CONSTRAINTS
!
(Find
the
weakest
link,
and
help
them
to
increase
their
security
performance
and
capabili�es…)
Beware
…
Work
Philosophy
Why does a car have BRAKES ???
The car have BRAKES so that it can go FAST … !!!
Why should we have regulation?
Why should we establish institution?
Why should we collaborate with others?
Why should we agree upon mechanism?
Why should we develop procedures?
Why should we have standard?
Why should we protect our safety?
Why should we manage risks?
Why should we form response team?
Thank
You
Prof.
Richardus
Eko
Indrajit
Chairman
of
ID-‐SIRTII
and
APTIKOM
indrajit@post.harvard.edu
www.eko-‐indrajit.com