Prof.  Richardus  Eko  Indrajit  Chairman  of  ID-­‐SIRTII  and  APTIKOM    indrajit@post.harvard.edu    www.eko-­‐indrajit.com  

Global  Security  Trends  :  Technology,  Business,  and  Social  Perspec�ve  First  Public  Disclosure  of  A�ack  Analysis  on  Indonesia  Internet  Infrastructure  

Special  Presenta�on  on  

About  ID-­‐SIRTII  and  APTIKOM  

  The  Na�onal  CSIRT/CERT  of  Indonesia  (quasi  government  ins�tu�on)  

  Conduc�ng  traffic  monitoring  and  log  management  of  the  country’s  internet  infrastructure  

  Coordina�ng  more  than  300  ISPs  all  over  the  na�on  

  Responsible  for  safeguarding  internet  infrastructure  used  by  mission  cri�cal  ins�tu�ons  

  Associa�on  of  IT  colleges  and  universi�es  in  Indonesia  

  Consist  of  750  higher-­‐learning  ins�tu�ons  (more  than  1,500  study  programs)  

  Approximately  600,000  ac�ve  student  body,  with  50,000  graduates  per  year  

  Join  collabora�on  for  curriculum  development  and  shared-­‐resources/services  ini�a�ves  

“  building  public  awareness  on  internet  security  “  

ID-­‐SIRTII  Monitoring  Analysis  

Two  Way  Rela�onship  

Cyber  Space  

Real  World  

““Physical War”” ““Virtual War””

Two  Way  Rela�onship  

relate   relate  

Cyber  Space  

Real  World  

real interaction real transaction real resources

real people

flow of information flow of product/services

flow of money

Two  Way  Rela�onship  

Cyber  Space  

Real  World  Ethics

Law Rule of Conduct

Mechanism

Cyber Law

““Ruling Cyber Space interaction with Real World Penalty””

Classic  Defini�on  of  War  

WAR is here to stay… ““Can Cyber Law alone become the weapon for modern defense against 21st century Cyber Warfare & Cyber Crime?””

impact  

Two  Way  Rela�onship  

Cyber  Space  

impact  

Real  World  

Two  Way  Rela�onship  

Cyber  Space  

Real  World  

           

Poli�cal  Incidents  

           

Interna�onal  Events  

           

Published  Books  

           

Training  Materials  

           

Pirated                  Tools  

           

Community  of  Interests  

threaten

attack

crime

blackmail

destroy

penetrate

destroy disrupt terminate

ruin mess up

Two  Way  Rela�onship  

Real  World  

           

Personal              Blogs  

           

Ci�zen  Journalism  

           

Anonymous  Interac�on  

           

Phishing  and  Forgery  

           

Campaign  and  Provoca�on  

           

Communi�es  Reviews  

Cyber  Space  

sue

investigate

suspect

sabotage

inspect examine

spy gossip

justify

perceive

condemn

The  Paradox  of  Increasing  Internet  Value  

internet    users  

transac�on  value  

interac�on  frequency  

communi�es  spectrum  

usage  objec�ves  

+   +   +   +   =  

The  Internet  Value  

threats  

it  means…  

a�acks   crimes  

Internet  Security  Issues  Domain  

INTERNET  SECURITY  

TECHNICAL  ISSUES  

BUSINESS  ISSUES  

SOCIAL  ISSUES  

   Internet  is  formed  through  connec�ng  a  set  of  digital-­‐based  physical  technology  that  follows  a  good  number  of  standards  and  protocols     All  technical  components  (hardware  and  so�ware)  interact  to  each  other  within  a  complex  dependent…  

   It  is  a  part  of  business  system  as  transac�ons  and  interac�ons  are  being  conducted  accordingly     As  technology  mimic,  enable,  drive,  and  transform  the  business,  internet  dependency  is  high     For  the  ac�vi�es  that  rely  on  �me  and  space  –  where  resources  and  processes  can  be  digitalized  -­‐  the  network  is  the  business  

   What  are  interac�ng  in  the  net  are  real  people,  not  just  a  bunch  of  “intellectual  machines”  –  by  the  end  of  the  day,  human  mind,  characters,  behaviors,  and  values  ma�er     It  is  not  an  “isolated  world”  that  does  not  have  any  rela�onship  with  the  real  physical  world  

Technical  Trend  Perspec�ve  

malicious  code   vulnerabili�es  

spam  and  spyware  

phishing  and  iden�fy  the�  

�me  to  exploita�on  

the  phenomena…  

the  efforts…  

Firewalls  

An�spyware  

An�Virus  

So�ware  Patches  

Web  and  Email  Security  

Malware  Blocking  

Network  Access  Control  

Intrusion  Preven�on  

Applica�on  and  Device  Control  

Encryp�on  and  PKI  

Business  Trend  Perspec�ve  

the  context…  

         

Risk  Management  Prac�ces  

         

Cost  Benefit  Analysis  

         

Regulatory  Compliance  

         

Governance  Requirements  

         

Digital  Asset  Management  

         

Standard  and    Policy  

Enforcement  

the  strategy…  

IT  Audit    Technology  Compliance  

Disaster  Recovery  Center  

Security  Management  

Backup  and  Recovery  

ISO  Compliance  

Storage  and  Backup  Management  

Business  Con�ngency  Plan  

Applica�on  and  Device  Control  

Archiving  and  Reten�on  Management  

Chief  Security  Officer  

Standard  Cer�fica�on  

Social  Trend  Perspec�ve  

the  characteris�cs…  

the  choices…  

     

Computer  Savvy  Society  

     

Digital  System  Everywhere  

     

Free  World,  Open  Market  

     

Borderless  Geography  

     

Internet  as  New  Fron�er  

policy  vs.  design  enforcement  vs.  culture  

regula�on  vs.  ethical  behavior  

preven�on  vs.  reac�on  

top-­‐down  vs.  bo�om-­‐up  

pressure  vs.  educa�on  

standard  vs.  self  control   reward  vs.  punishment  

The  Core  Rela�onships  

People  (Social  Aspects)  

Technology  (Technical  Aspects)  

Context/Content  Applica�ons  (Business  Aspects)  

Converging  Trend  

TECHNICAL  ISSUES  

BUSINESS  ISSUES  

SOCIAL  ISSUES  

Internetworking  Dependency  

Since  the  strength  of  a  chain        depends  on  the  weakest  link,  

           then  YOUR  SECURITY  is  MY  SECURITY…  

Things  to  Do  

1.  Iden�fy  your  valuable  assets  2.  Define  your  security  perimeter    3.  Recognize  all  related  par�es  involved  4.  Conduct  risk  analysis  and  mi�ga�on  strategy  5.  Ensure  standard  security  system  intact  6.  Ins�tu�onalize  the  procedures  and  mechanism  7.  Share  the  experiences  among  others  8.  Con�nue  improving  security  quality  

Key  ac�vi�es:  use  the  THEORY  OF  CONSTRAINTS  !  (Find  the  weakest  link,  and  help  them  to  increase  their  security  performance  and  capabili�es…)  

What  should  we  do?  

  Monitoring  the  dynamic  environment  happening  in  real  world  and  cyber  world?    

  Building  effec�ve  procedures  and  mechanism  among  ins�tu�ons  responsible  for  these  two  worlds?  

  Forming  interna�onal  framework  for  collabora�on  and  coopera�on  to  combat  cyber  crimes?  

  Finding  the  most  fast  and  effec�ve  methodology  to  educate  society  on  cyber  security?  

  Developing  and  adop�ng  mul�-­‐lateral  cyber  law  conven�on?    Ac�ng  like  intelligence  agencies?  Interpol?  Detec�ves?  CSIRTs/CERTs?  ASEAN?  United  Na�ons?  

Lessons  Learned  

  As  the  value  of  internet  increase,  so  does  the  risk  of  having  it  in  our  life.  

  Hackers  and  crackers  help  each  others,  why  shouldn’t  we  collaborate?  

  Enough  talking  and  planning,  start  execu�ng  your  risk  management  strategy…  

Prof.  Richardus  Eko  Indrajit  Chairman  of  ID-­‐SIRTII  and  APTIKOM    indrajit@post.harvard.edu    www.eko-­‐indrajit.com  

Thank  You