CYBER SECURITY IN E-GOVERNENCE ICT INFRASTRUCTURE. Workshop on e-municipalites YASHADA, PUNE 31st Jan 2015

Transcription

1 CYBER SECURITY IN E-GOVERNENCE ICT INFRASTRUCTURE Workshop on e-municipalites YASHADA, PUNE 31st Jan 2015

2 99-1 Principle (Roughly) 99% of the attacks are thwarted by basic hygiene and some luck DO Think before you click etcetera Up-to-date anti-virus, firewall and site advisor BUT Some new attacks may get through. However, attacker may only use your machine to attack others and not attack you per se. Will not prevent data loss by merchants and other servers. However, still have safety in numbers. Attackers can steal a lot of account numbers but can exploit much fewer. 1% of the attacks are difficult and expensive to defend or detect For most individuals We are simply not an attractive enough target. For the US Department of Defense and its contractors A huge target. Current score: 50-1 in favor of attackers (roughly) For companies in less sensitive businesses A serious threat to be taken seriously 2/13/2015 Division Name (2) 2

3 Virtually all industries experience cyber attacks, but some are serious targets 3 2/13/2015 Division Name (3)

4 Malicious code and sustained scans are the most common cyber attacks 4 2/13/2015 Division Name (4)

5 . Cyber-safety include: What is Cyber-safety? Cyber-safety Threats Consequences of Inaction Cyber-safety Actions Cyber-safety at Home &Work Campus Cybersafety Services 2/13/2015 Division Name (5) 5

6 Cyber Systems In Information Technology space 1. Real time Voice Communication & Processing 2. Online Data Communication & Processing 3. Video Communication & Processing 4. Industrial Control Systems 5. E-Governance systems

7 What is E-Governance? E-governence is a continuous optimization of service delivery and Governance by transforming internal and external relationships through technology, internet and new media external relationships government <-> citizen government <-> business internal relationships government <-> government government <-> employees all relationships are bidirectional can be within a country or border-crossing

8 Governance V/S Information Availability Governance INFORMATION AVAILABILITY 8

9 Advantages efficiency gains in terms of costs: same services at lower total costs, e.g. unique information collection using co-ordinated notions and administrative instructions less re-encoding of information by electronic information exchange less contacts functional task sharing concerning information management, information validation and application development (distributed information systems) in terms of quantity: more services at same total cost, e.g. all services are available at any time, from anywhere and from any device integrated service delivery in terms of speed: same services at same total cost in less time reduction of waiting and travel time direct interaction with competent government body real time feedback for the user

10 E-governance: a structural reform process ICT is only a means by which a result may be obtained Electronic exchange of information once collected and validated, information is stored, managed and exchanged electronically to avoid transcribing and reentering it manually electronic information exchange can be initiated by the institution that disposes of information the institution that needs information the institution that manages the interoperability framework electronic information exchanges take place on the base of a functional and technical interoperabilty framework that evolves permanently but gradually according to open market standards, and is independent from the methods of information exchange

11 Traditional Governance Vs E Governance Use of Resources Low High Infrastructure Fragmented Integrated Cost of Service High Low Speed of Service Months/Days Hours/Minute ROI Low High Transparency Low High Participation Low High 11

12 Requirements for good E-Gov services Readiness Convenience - Service that everyone can use : Whoever - easy services to use : Whenever, wherever Reliability - Service that is always usable : Whenever Security - Service that is secured - make private information in secure

13 What is the data life cycle? Personal information should be managed as part of the data used by the organization Protection of personal information should consider the impact on each phase 13

14 High Level E-Governance Implementation Systems Architecture Strategic Business Processes Operational Business Processes Service Delivery Portal Decision Support System Management Information System Content Management System Applications Content / Doc. Repositories / Data warehouses 14

15 Information as Resource: implications protection of information security, integrity and confidentiality of government information will be ensured by integrating ICT measures with structural, organizational, physical, personnel screening and other security measures according to agreed policies personal information is only used for purposes compatible with the purposes of the collection of the information personal information is only accessible to authorized institutions and users according to business needs, legislative or policy requirement the access authorisation to personal information is granted by an independent institution, after having checked whether the access conditions are met the access authorizations are public

16 A Massive Concentration of Resources Also a massive concentration of risk expected loss from a single breach can be significantly larger concentration of users represents a concentration of threats Ultimately, you can outsource responsibility but you can t outsource accountability.

17

18 CYBER-SAFETY THREATS some common cyber-safety threats and the problems they can cause... Viruses Viruses infect computers through attachments and file sharing. They delete files, attack other computers, and make your computer run slowly. One infected computer can cause problems for all computers on a network. Hackers Hackers are people who trespass into your computer from a remote location. They may use your computer to send spam or viruses, host a Web site, or do other activities that cause computer malfunctions. Identity Thieves People who obtain unauthorized access to your personal information, such as Social Security and financial account numbers. They then use this information to commit crimes such as fraud or theft. Spyware Spyware is software that piggybacks on programs you download, gathers information about your online habits, and transmits personal information without your knowledge. It may also cause a wide range of other computer malfunctions. 2/13/2015 Division Name (18) 18

19 Cyber Threat Evolution Virus Malicious Code (Melissa) Identity Theft (Phishing) Breaking Web Sites Advanced Worm / Trojan (I LOVE YOU) Organised Crime Data Theft, DoS / DDoS /13/2015 Division Name (19)

20 Comparison of Threat agents % 17 % < 1% External Internal Partner External Internal Partner 2/13/2015 Division Name (20) 20

21 2/13/2015 Division Name (21) Functional/Operational security Specifications

22 Taxonomy of Threat Confidentiality Fear of loss of control over data Will the sensitive data stored remain confidential? Will it compromises leak confidential client data Will the provider itself be honest and won t peek into the data? Integrity How do I know that the cloud provider is doing the computations correctly? How do I ensure that the cloud provider really stored my data without tampering with it? 22

23 Taxonomy of Threat Privacy issues raised via massive data mining Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients Increased attack surface Entity outside the organization now stores and computes data, and so Attackers can now target the communication link between cloud provider and client Cloud provider employees can be phished

24 Information Security Management INFORMATION SECURITY Confidentiality Integrity Availability Authenticity People Process Technology Security Policy Regulatory Compliance User Awareness Program Access Control Security Audit Incident Response Encryption, PKI Firewall, IPS/IDS Antivirus 2/13/2015 Division Name (24) 24

25 Security Measures for e-government Management Technology Human Resource Task Balance Access Control Access Control Authentication Encryption Non-repudiation Lawa & Regulations Education Integrity National Collaboration Research & Development Physical Security Ubiquitous Government Escot Service Backup & ER Gate Control

26 Security is one of the most difficult task to implement in computing. Different forms of attacks in the application side and in the hardware components. Attacks with catastrophic effects only needs one security flaw to succeed 2/13/2015 Division Name (26)

27 Cyber Security Objectives INTEGRITY authenticity AVAILABILITY access CONFIDENTIALITY disclosure (27) 27

28 Solutions for e-govenrnance Security ESM File Security VPN Intrusion Tracking System Backup Authentication Encryption Security

29 Threat Model A threat model helps in analyzing a security problem, design mitigation strategies, and evaluate solutions Steps: Identify attackers, assets, threats and other components Rank the threats Choose mitigation strategies Build solutions based on the strategies From [5] 2/13/2015 Division Name (29) 29

30 Threat Model Basic components Attacker modeling Choose what attacker to consider insider vs. outsider? single vs. collaborator? Attacker motivation and capabilities Attacker goals Vulnerabilities / threats From [5] 2/13/2015 Division Name (30) 30

31 Attacker Capability: Outside attacker What? Listen to network traffic (passive) Insert malicious traffic (active) Probe cloud structure (active) Launch DoS Goal? Intrusion Network analysis Man in the middle Cartography From [5] 2/13/2015 Division Name (31) 31

32 Defenders: Need New Doctrine OLD: Cyberspace is a supporting infrastructure NEW: Cyberspace is a war-fighting domain on par with land, sea, air and space OLD: It s all defense, no attack back or preemptive attack NEW: All s fair in war OLD: Defend the entire network to the same degree NEW: Defend selectively and dynamically OLD: Blame and harass the end user NEW: The user is part of the solution OLD: Defend against yesterday s attacks NEW: Be proactive, get ahead of the curve, future-proof 2/13/2015 Division Name (32)

33 Governance System Optimization Target Goal Points of Optimality OUTPUTS A TECH 1 TECH INPUTS 2/13/2015 Division Name (33) 33

34 Most security breaches occur as the result of human intent or error 2/13/2015 Division Name (34) 34

35 Cyber Forensics to Analyze the incident

36 Cyber Forensic Process

37 Each organization s security model is supported by infrastructure The Security Products marketplace is a broad and growing one, 2/13/2015 Division Name (37)

38 2/13/2015 Division Name (38)

39 COMPUTER DATA NETWORK SECURITY Indigenous Next Generation Network Security Solutions Gigi Joseph, From ECIL Computer Division,BARC.

40 Secure Network Access System (SNAS) Versions Network Interfaces Max. Supported endpoints SpotLight 6 * 1 Gbps < 250 MoonLight 2 * 10 Gbps 6 * 1 Gbps < 1000 SunLight 4 * 10 Gbps 6 * 1 Gbps < /13/2015 Division Name (40)

41 Integrated Threat Management Appliance (ITMA) 2/13/2015 (41)

42 ENCRYPTION PRODUCTS 1. Two way Radio Encryption 2. Voice, Data, Fax Encryption on PSTN, Satellite & IP 3. Off line File and Message Encryption 4. STSU (Encryption for Voice, Data, SMS for CDMA Network) 5. Bulk Encryption Equipment- E1, STM-1 & IP Interfaces 6. Next generation Bulk Encryption Unit (NGBEU)

43 Summary The number of bad actors and the sophistication of cyber security threats is continually increasing The effects of cyber security attacks on businesses and governments are increasing in impact and cost An understanding of threats to your enterprise, and of your current security capabilities and gaps that must be filled, is imperative Become familiar with security standards, regulations, available capabilities and infrastructure NOW to meet your enterprise objectives, and to protect your stakeholders interests Failure is not when we fall down, but when we fail to get up February 13, /13/2015 Division Name (43)

44 Managing Security Solutions : Enterprise Security Management fire-wall IDS VPN Simple & Easy DATABASE NMS MANAGEMENT CONSOLE SERVICE CENTER CORE SERVER MANAGED NODE (SERVER) MANAGEMENT CONSOLE SERVICE CENTER MANAGED NODES (Client) MANAGED NODES (Client) Hard Work Behind 2/13/2015 Division Name (44)

45 THANK YOU 2/13/

46 Contact K V SURESH, Senior DGM, Business Systems Division, ECIL Hyderabad kvsuresh@ecil.co.in Phone: ,

47 Bio data Name :K V Suresh Education: BE (Electronics & Communication) from Karnataka University 1978 Working: Business Systems Division of ECIL Hyderabad Experience: 34 years in Computers & Communications Current assignment: Network Gateway Security Products Development 2/13/2015 Division Name (47)