Title | KEAMANAN INFORMASI DAN INTERNET |
---|---|
Author | R. Indrajit |
Pages | 100 |
File Size | 9.4 MB |
File Type | |
Total Downloads | 27 |
Total Views | 728 |
Special Presenta�on on KEAMANAN INFORMASI DAN INTERNET Konsep – Prinsip – Strategi – Implementasi – Tata Kelola Prof. Richardus Eko Indrajit Execu�ve Chairman of ID‐SIRTII eko@idsir�i.or.id www.EkoIndrajit.com Apa yang harus DILAKUKAN ? Apa yang harus DILAKUKAN ? Apa yang harus DILAKUKAN...
Accelerat ing t he world's research.
KEAMANAN INFORMASI DAN INTERNET Richardus Eko Indrajit
Related papers
Download a PDF Pack of t he best relat ed papers
Special Presenta�on on
KEAMANAN INFORMASI DAN INTERNET Konsep – Prinsip – Strategi – Implementasi – Tata Kelola
Prof. Richardus Eko Indrajit Execu�ve Chairman of ID‐SIRTII
eko@idsir�i.or.id www.EkoIndrajit.com
Apa yang harus DILAKUKAN ?
Apa yang harus DILAKUKAN ?
Apa yang harus DILAKUKAN ?
Apa yang harus DILAKUKAN ?
Apa yang harus DILAKUKAN ?
Apa yang harus DILAKUKAN ?
Fenomena LAMA, Perilaku BARU
Anak pertama lahir Anak gadis dimarahin orang tua Suami bertengkar dengan istri Komputer dan telpon rusak Pegawai naik pangkat Pergi ke toilet di tempat publik Silaturahmi keluarga saat hari raya dan lain sebagainya
FUNGSI VERTIKAL : pengambilan keputusan
Fungsi Strategis TI
FUNGSI HORISONTAL: transaksi
Prinsip Pemanfaatan Teknologi Informasi #1 TI sebagai penunjang kegiatan operasional atau transaksional – Mengirimkan uang antar bank – Memesan karcis pesawat – Mengambil mata kuliah per semester – Membeli pulsa telepon – Mengak��an peralatan elektronik dan lain sebagainya
Prinsip Pemanfaatan Teknologi Informasi #2 TI sebagai penunjang proses pengambilan keputusan – Menyimpan dan mengorganisasikan data – Mengolah dan merepresentasikan data – Membuat laporan berkala maupun ad‐hoc – Menjalankan skenario dan simulasi kompleks – Mengelola informasi dan pengetahuan dan lain sebagainya
Prinsip Pemanfaatan Teknologi Informasi #3 TI sebagai penunjang ak�vitas komunikasi dan kolaborasi – Mengirimkan dokumen dan berkas digital – Melakukan pembicaraan lintas batas – Menjalankan ak�vitas kooperasi virtual – Mengunduh data dari beragam sumber – Mengunggah informasi ke berbagai tempat dan lain sebagainya
Kenyataan Tak Terabaikan Dunia nyata dan dunia cyber telah saling berkonvergensi saling melengkapi Ak�vitas kegiatan sehari‐hari terjadi di kedua dunia tersebut Jumlah interaksi antar individu dan ins�tusi/organisasi meningkat secara signifikan Jenis teknologi semakin beragam dan manusiawi Potensi melakukan kegiatan intelijen berbasis digital semakin besar (e.g. sudah dijalankan)
Agenda for Today Cyber‐6: Revisi�ng the Global Trend on Internet The Roles of ID‐SIRTII in the Na�on Holis�c Approach on Comba�ng Cyber Crime
Agenda for Today Cyber‐6: Revisi�ng the Global Trend on Internet The Roles of ID‐SIRTII in the Na�on Holis�c Approach on Comba�ng Cyber Crime
Knowledge Domain: The Cyber Six
Cyber Space Cyber Law
Cyber Threat
Cyber Crime
Cyber A�ack Cyber Security
1 Cyberspace. A reality community between PHYSICAL WORLD and ABSTRACTION WORLD 1.4 billion of real human popula�on (internet users) Trillion US$ of poten�al commerce value Billion business transac�ons per hour in 24/7 mode
Internet is a VALUABLE thing indeed. Risk is embedded within. 17
Informa�on Roles Why informa�on? – It consists of important data and facts (news, reports, sta�s�cs, transac�on, logs, etc.) – It can create percep�on to the public (market, poli�cs, image, marke�ng, etc.) – It represents valuable assets (money, documents, password, secret code, etc.) – It is a raw material of knowledge (strategy, plan, intelligence, etc.)
What is Internet ? A giant network of networks where people exchange informa�on through various different digital‐based ways:
Email
Mailing List
Website
Cha�ng
Newsgroup
Blogging
E‐commerce
E‐marke�ng
E‐government
“… what is the value of internet ???“
2 Cyberthreat.
The trend has increased in an exponential rate mode Motives are vary from recreational to criminal purposes Can caused significant economic losses and political suffers Difficult to mitigate web defacement
Threats are there to stay. Can’t do so much about it.
SMTP relay root access
information leakage
virus infection theft spamming
hoax
sql injection
phishing
intrusion
malware distribution trojan horse
malicious software
spoofing
Dos/DDoS
botnet
worms
open proxy
password cracking
blended attack
20
Interna�onal Issues What Does FBI Say About Companies: – – – – –
91% have detected employee abuse 70% indicate the Internet as a frequent a�ack point 64% have suffered financial losses 40% have detected a�acks from outside 36% have reported security incidents
Source: FBI Computer Crime and Security
Survey 2001
Professions Threat
Knowledge Threats
So�ware Tools Threat
Vulnerabili�es‐dBase Threat
Hacking‐dBase Threat
Underground Economy
Growing Vulnerabili�es Incidents and Vulnerabilities Reported to CERT/CC 4500
2500
“Through 2008, 90 percent of successful hacker attacks will exploit well-known software vulnerabilities.” ”
2000
- Gartner*
3500 3000
140,000 120,000 100,000 80,000 60,000
1500 1000
40,000
500
20,000
0
0 1995
1996
1997
1998
1999
Vulnerabilities
2000
2001
2002
2003
2004
Security Incidents
* Gartner CIO Alert: Follow Gartner’s Guidelines for Upda�ng Security on Internet Servers, Reduce Risks.” J. Pescatore, February 2003 ** As of 2004, CERT/CC no longer tracks Security Incident sta�s�cs.
Total Security Incidents
Total Vulnerabilities
4000
160,000
Poten�al Threats
Unstructured Threats
Insiders Recrea�onal Hackers Ins�tu�onal Hackers
Structured Threats
Organized Crime Industrial Espionage Hack�vists
Na�onal Security Threats Terrorists Intelligence Agencies Informa�on Warriors
3 Cybera�ack. Too many a�acks have been performed within the cyberspace. Most are triggered by the cases in the real world. The eternal wars and ba�les have been in towns lately. Estonia notorious case has opened the eyes of all people in the world.
A�ack can occur any�me and anyplace without no�ce.
Internet and Crimes
MENINGKAT SIGNIFIKAN !!!
ID‐SIRTII Monitoring Analysis
Case #1
Case #2
Case #3
Case #4
Case #5
A�acks Sophis�ca�on
Auto Coordinated
Tools
Cross site scripting ” / advanced stealth”
High
scanning techniques packet spoofing denial of service
Intruder Knowledge
sniffers sweepers GUI
Staged
distributed attack tools www attacks automated probes/scans
back doors network mgmt. diagnostics
disabling audits
hijacking sessions
burglaries
exploiting known vulnerabilities
Attack Sophistication
password cracking self-replicating code password guessing
Low 1980
1985
1990
1995
2005
Vulnerabili�es Exploit Cycle
Novice Intruders Use Crude Exploit Tools
Crude Exploit Tools Distributed
Automated Scanning/Exploit Tools Developed Widespread Use of Automated Scanning/Exploit Tools
Advanced Intruders Discover New Vulnerability # Of Incidents
Time
Highest Exposure
Intruders Begin Using New Types of Exploits
File Management
Microsoft Excel
URL Management
URL
Directory Traversal Management
Directory Traversal
Mailing List Management
Email Reply
Live Camera Management
Java Applet
Surveillance Camera Management
Web Monitor
Security Camera Management
Sony
Mul�ple Camera Management
Multi Frame
4 Cybersecurity. Lead by ITU for interna�onal domain, while some standards are introduced by different ins�tu�on (ISO, ITGI, ISACA, etc.) Your security is my security” – individual behavior counts while various collabora�ons are needed
Educa�on, value, and ethics are the best defense approaches.
Risk Management Aspect
Threats
Exploi t
Vulnerabilities
Protect against
Controls
Expose
Reduce
Risk
Assets
Met by
Have
Security Requirements
Asset Values
Impact on Organisation
Strategies for Protec�on
Protecting Interactions
Protecting Information
Protecting Infrastructure
Physical Security Checklist
Informa�on Security Checklist
Mandatory Requirements Cri�cal infrastructures are those physical and cyber‐ based systems essen�al to the minimum opera�ons of the economy and government. These systems are so vital, that their incapacity or destruc�on would have a debilita�ng impact on the defense or economic security of the na�on.” Agriculture & Food, Banking & Finance, Chemical, Defense Industrial Base, Drinking Water and Wastewater Treatment Systems, Emergency Services, Energy, Informa�on Technology, Postal & Shipping, Public Health & Healthcare, Telecommunica�ons, Transporta�on Systems
Informa�on Security Disciplines Physical security Procedural security Personnel security Compromising emana�ons security Opera�ng system security Communica�ons security a failure in any of these areas can undermine the security of a system
Best Prac�ce Standard
BS7799/ISO17799
1
Information Security Policy
10
Security Organisation
Compliance
2
9
Bus. Continuity Planning 8
Integrity
Confiden�ality
Asset Classification Controls
3
Informa�on
System Development & Maint.
7
Access Controls
Personnel Security
Availability
Communication & Operations Mgmt
Physical Security 6
5
4
These Two Guys …..
versus
5 Cybercrime.
Globally defined as INTERCEPTION, INTERRUPTION, MODIFICATION, and FABRICATION Virtually involving inter national boundaries and multi resources Intentionally targeting to fulfill special objective(s) Convergence in nature with intelligence efforts. Crime has inten�onal objec�ves. Stay away from the bull’s eye.
Type of A�acks
Malicious Ac�vi�es
Mo�ves of Ac�vi�es 1. 2. 3. 4.
Thrill Seekers Organized Crime Terrorist Groups Na�on‐States
6 Cyberlaw.
Difficult to keep updated as technology trend moves Different stories between the rules and enforcement efforts Require various infrastructure, superstructure, and resources Can be easily out-tracked” by law practitioners
Cyberlaw is here to protect you. At least playing role in mi�ga�on.
The Crime Scenes
IT as a Tool
IT as a Storage Device
IT as a Target
First Cyber Law in Indonesia.
Range of penalty: Rp 600 million - Rp 12 billion (equal to US$ 60,000 to US$ 1,2 million) 6 to 12 years in prison (jail)
starting from
25 March 2008
Picture: Indonesia Parliament in Session
Main Challenge.
ILLEGAL … the distribution of illegal materials within the internet …”
ILLEGAL “… the existence of source with illegal materials that can be accessed through the internet …”
Agenda for Today Cyber‐6: Revisi�ng the Global Trend on Internet The Roles of ID‐SIRTII in the Na�on Holis�c Approach on Comba�ng Cyber Crime
The Background It all starts from the hacking incident to the Na�onal Elec�on System in 2004: WHO should response to the NATIONAL LEVEL ICT incident ?
HACKED !!!
The National Tabulation System
The Founda�on The Founders
National Constitution UU No.36/1999 regarding National Telecommunication Industry Ministry of ICT
Government Regulation No.52/2000
ICT Professional Association
regarding Telecommunication Practices ISP Association
Established on May 2006 as the National CSIRT/CC of Indonesia Minister of ICT Decree No.26/PER/M.KOMINFO/2007 regarding Indonesian Security Incident Response Team on Internet Infrastructure
National Police
General Attorney
Department of Justice
The Mission To provide the society with a secure internet environment
The Major Tasks
Monitoring internet traffic for incident management Managing traffic log files for law enforcement Advising cri�cal infrastructure ins�tu�ons Educa�ng public on informa�on security aspect Conduc�ng training and development effort Running simula�on laboratory and R&D center Genera�ng external and interna�onal collabora�ons
The Main Ac�vi�es
Core Process
Cons�tuents
Monitor Internet Traffic
Analyse Incidents Response and Handle Incidents Deliver Required Log Files
Manage Log Files
Report on Incident Handling Management Process and Research Vital Sta�s�cs
Suppor�ng Ac�vi�es
Educate Public for Security Awareness Assist Ins�tu�ons in Managing Security Provide Training to Cons�tuency and Stakeholders Run Laboratory for Simula�on Prac�ces Establish External and Interna�onal Collabora�ons
Customers
The Cons�tuents
ISPs NAPs IXs sponsor Government of Indonesia
Law Enforcement
ID-SIRTII
Na�onal Security Communi�es
Interna�onal CSIRTs/CERTs
The CERTs Topology
ID-SIRTII (CC) as National CSIRT
Sector CERT
Internal CERT
Vendors CERT
Community CERT
Bank CERT
Telkom CERT
Cisco CERT
A CERT
Airport CERT
SGU CERT
Microsoft CERT
B CERT
University CERT
Police CERT
Oracle CERT
C CERT
GOV CERT
KPK CERT
SUN CERT
D CERT
Military CERT
CIMB CERT
IBM CERT
Lemsaneg CERT
SOE CERT
KPU CERT
SAP CERT
PANDI CERT
SME CERT
Pertamina CERT
Yahoo CERT
Security FIRST
Hospital CERT
Kominfo CERT
Google CERT
Central Bank CERT
Other CERTs
Other CERTs
Other CERTs
ID-CERT
The People Ministry of ICT Directorate of Post & Telecommunication
Inspection Board
Advisory Board
Chairman Vice Chairman
General Secretary
Deputy of Operation and Security
Deputy of Research and Development
Deputy of Data Center, Applications & Database
Deputy of Education and Public Affairs
Deputy of External Collaborations
with 25 Staff Employees
The Technology Covering 80% of total internet traffic within the country …
The Holis�c View
SECURE INTERNET INFRASTRUCTURE ENVIRONMENT
MONITOR - ANALYSIS - YELL - DETECT - ALERT - YIELD People
Process
Technology
Advisory Board
Preventive and Reactive
Traffic Monitoring System
Executive Board
Quality Mngt. System
Log File Management System
STAKEHOLDERS COLLABORATION AND SUPPORT NATIONAL REGULATION AND GOVERNANCE STRONG INSTITUTIONAL RELATIONSHIPS AND COMMITMENT
Interna�onal Link and Partners
MyCERT SingCERT ThaiCERT BrCERT VietnamCERT BangCERT JPCERT/CC KrCERT/CC APCERT FIRST/USA BhutanCERT CamCERT
MMCERT MongCERT
ChinaCERT KirzhistanCERT
IndiaCERT UzbekCERT
AzerbaijanCERT
PhCERT SrilankaCERT
Kiriba�CERT AusCERT
OIC‐CERT
The Headquarter
Ravindo Tower 17th Floor Kebon Sirih Kav. 75 Jakarta 10340, Indonesia
Work Philosophy
Why does a car have BRAKES ???
The car have BRAKES so that it can go FAST … !!!
Why should we have regulation? Why should we establish institution? Why should we collaborate with others? Why should we agree upon mechanism? Why should we develop procedures? Why should we have standard? Why should we protect our safety? Why should we manage risks? Why should we form response team?
Agenda for Today Cyber‐6: Revisi�ng the Global Trend on Internet The Roles of ID‐SIRTII in the Na�on Holis�c Approach on Comba�ng Cyber Crime
Two Way Rela�onship
Real World
Cyber Space
Physical War””
“Virtual War””
Two Way Rela�onship
Real World
relate
relate
real interaction real transaction real resources real people flow of information flow of product/services flow of money
Cyber Space
Two Way Rela�onship
Ethics Law
Real World
Cyber Space
Rule of Conduct Mechanism
Cyber Law Ruling
Cyber Space interaction with Real World Penalty” ”
Classic Defini�on of War
WAR is here to stay… “Can Cyber Law alone become the weapon for modern defense against 21st century Cyber Warfare & Cyber Crime?“
Two Way Rela�onship
Real World
impact
impact
Cyber Space
Two Way Rela�onship
blackmail threaten destroy attack
mess up
ruin