1 / 22

Cooperative Cyber Defence Centre of Excellence

Cooperative Cyber Defence Centre of Excellence. Peeter Lorents Research and Development Branch Chief 3.03.2010. Disclaimer. “This briefing is a product of the CCD COE. It does not represent the opinions or official policies of NATO and is designed to provide an independent position.“.

loyal
Télécharger la présentation

Cooperative Cyber Defence Centre of Excellence

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cooperative Cyber Defence Centre of Excellence Peeter Lorents Research and Development Branch Chief 3.03.2010 UNCLASSIFIED

  2. Disclaimer “This briefing is a product of the CCD COE. It does not represent the opinions or officialpolicies of NATO and is designed to provide an independent position.“ UNCLASSIFIED

  3. Outline • Cyber Society • Estonia as an Example of an Early Cyber Society • Cyber Attacks against Estonia (2007) • Lessons Learned from the Estonian Case • The CCD COE: • Structure, • Mission and Tasks, • Major Events. UNCLASSIFIED

  4. Cyber-Society A cyber society is a society where computerized information transfer and information processing is (near) ubiquitous and where the normal functioning of this society (including control) is severely degraded or altogether impossible if the computerized systems no longer function correctly. UNCLASSIFIED

  5. Estonia as an Example of an Early Cyber Society (I) • The financial sector in Estonia (which is equivalent to the blood circulation in the human body) is almost fully computerized. The following facts are a good illustration of this claim: • 98% of all bank transactions are completed via electronic means (on-line payments, credit card use, signing up for new bank services on-line etc). • 88% of all income tax declarations were entered on-line in 2008 and 17% of those on the first day of the declaration period. In 2009, the number of first day declarations rose 43%. UNCLASSIFIED

  6. Estonia as an Example of an Early Cyber Society (II) • The exchange of information is also largely facilitated by computer systems: • major newspapers are represented on-line • some key information forums are only available on-line • medical records available to doctors via a national information system • school grades, homework assignments and messages to and from parents are implemented in an e-school system • Estonian police and courts use an e-case system, which allows for easy sharing of information about criminals UNCLASSIFIED

  7. Estonia as an Example of an Early Cyber Society (III) • Leadership and management of the society is strongly reliant on computer systems: • government holds paperless e-cabinet meetings • local and state elections offer both manual and an electronic vote option UNCLASSIFIED

  8. Remarks • This is not merely using „electronic gadgets“ but information transmitting, processing, storing etc. with computers in order to ensure the running of critical processes at the national level! • Therefore, many (if not all) of these services should be considered critical information infrastructure and any attacks against them should be viewed in the context of national security. • In most cases, attacks against these systems have a tangible effect on ordinary citizens, who can no longer get access to the services they need. • This (the Estonian case) illustrates the dangers of over-dependence between human society and computer networks. UNCLASSIFIED

  9. Cyber-Weapons, Cyber-War • IT-systemsthatare created for destruction or for paralyzing of other IT-systems, including cyber-systems are cyber-weapons. The use ofcyber-weapons for obtaining the political objectivesis a cyber-war. Johannes Kert (1959) Carl von Clausewitz (1780-1831) Examples: Estonia (2007), Georgia (2008). UNCLASSIFIED

  10. Cyber Attacks against Estonia(2007). Nature of the Attack • DoS attacks, some DDoS • Defacement attacks • E-mail and comment spam • Targets: government web sites, news portals • Calls to attack Estonia in the Internet: • Сегодня, проводитсяграндиознаяDoS-атаканасайтихправительстваhttp://www.riik.ee/et/ооуществитьэтолегко - заходим в Пуск - Стандартные - команднаястрока, в открывшемсяокнепишем : ping -n 5000 -l 1000 http://www.riik.ee • наэтовыпотратите 5 мегабайтисходящеготрафика. UNCLASSIFIED

  11. SomeDefensive Actions • Cooperation and coordination • betweenthe public and private sector with nations and • international organizations • Network configuration • filtering • increasing bandwidth • blocking access • white-listing • Information sharing and media coverage UNCLASSIFIED

  12. Lessons Learned from the Estonian Case • Importance of Internal Cooperation • Network of leaders and specialists • Public and private sector cooperation • Proactive defence • Importance of International Cooperation • Cooperation is key for effective defence • There are nophysical borders inthe cyberspace • The cyberspace has be protected like air, sea or land • Defence is a sum of political, legal, technical, … measures UNCLASSIFIED

  13. The Cooperative Cyber Defence Centre of Excellence is • A multinationally manned and sponsored entity currently comprised of 7 Sponsoring Nations • Germany, Italy, Latvia, Lithuania, Slovak Republic, Spain and Estonia • joiningprocess with: Turkey,Hungary, USA • Accredited as a NATO COE (Oct 28th 2008) • Directed and tasked by a Multinational Steering Committee of Sponsoring Nations • actively receives additional NATO requests via Supreme Allied Command of Transformation UNCLASSIFIED

  14. Cooperative Cyber Defence Centre of Excellence is NOT • Part of NATO Command or Force Structure • funded from NATO Common budget • 24/7 NATO Operational Incident Handling Center nor Multinational Computer Emergency Response Team working on behalf of Sponsoring Nations • Group of hackers or “Cyber Warriors” UNCLASSIFIED

  15. Mission To enhance the capability,cooperation and information sharingamong NATO, NATO nations and Partners in cyber defence by virtue of education, research&development, lessons learned, consultation. UNCLASSIFIED

  16. Command& Control Steering Committee AnnualBudget New SponsoringNations Programme ofWork (POW) ContributingParticipants UNCLASSIFIED

  17. Organization Director Chief of Staff Legal and Policy Training and Doctrine Research and Development Administration Administration Branch Assistant BranchAssistant BranchAssistant Scientist Senior Analysts StaffOfficers Scientists Personnel Scientist Senior Analysts Assistants Assistants ITC Budget Public Affairs Security UNCLASSIFIED Vacancies *VNC

  18. Relationships Steering Committee NATO Inputto POW by Syncronizationof POW • NATO Entities • HQ SACT • NATO CDMB • NCIRC • NC3A Tasks & Budget • Other NATO COE-s • COE-DAT • C2 COE Cooperationwith “Bridge” between • Other entities • National CERTs • Academia • Private Sector • International Org. Products & Services • Nations • NATO • Non-NATO • Customers • NATO • SponsoringNations • ContributingParticipants UNCLASSIFIED

  19. Principles of Cooperationin CCD COE Work UNCLASSIFIED

  20. Plans for 2010 Legal and Policy • Legal Project • Policy Project Strategy and Concepts • Concept and Strategy Development • Cyber Defence Glossary • Cyber Defence in Multiple Futures Projects • Cyber Defence in NNEC Environment Tactical Environment • Intelligent Cyber Defence Methods • Cyber Defence Monitoring Solutions • Botnet Mitigation • Introductory Course in IT Systems Attacks and Defence • Forensics and Investigation Capability UNCLASSIFIED

  21. Plans for 2010 (Cont.) Critical Information Infrastructure Protection • Cyber Defence Simulations • Security Methodologies • CCD COE – Sweden Cyber Defence Exercise Supporting Activities • CCD COE Educational and Training Plan • Cyber Defence Lessons Learned • NATO Cyber Defence Exercise • Development of a Cyber Lab Conferences • NATO Cyber Defence Workshop – 26-27 MAY 2010 • CCD COE Annual Conference (CCD COE Conference on Cyber Conflict – C6) – 15-18 JUN 2010 Consultations UNCLASSIFIED

  22. http://www.ccdcoe.org UNCLASSIFIED

More Related