Cisco Public 1 © 2011 Cisco and/or its affiliates. All rights reserved.

Securing Cyberspace : A Military Perspective Sqn Ldr Arif Shouqi (Retd) National Security and Defense

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 2

“Just as in the 19th century we had to secure the seas for our national safety and prosperity, and in the 20th century we had to secure the air, in the 21st century we also have to secure our advantage in cyber space”

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 3

• Basic definitions and principles of cyber security

• Vulnerabilities and examples

• Sample study (Tactical Communication Systems)

• Conclusion

• Things to keep in mind when designing/choosing products and technology

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 4

Risk = Vulnerability x Probability x Impact

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 5

• Availability

• Confidentiality

• Integrity

• Authentication & Access Control

• Non-repudiation

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 6

H

U

M

A

N

S

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 7

7 * Data from US Secret Service

25 Years old, eastern European looking lady

MIT Graduate

Cyber Threat Analyst with the Naval Warfare College

10 years of work experience

Address of Blackwater, the infamous US contractor

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 8

8

• 300 Linkedin/FB connections in 1 month

• Senior officers in Joint Chiefs of Staff

• CIO of the National Security Agency

•Intelligence Director of the US Marines

•Chief of staff for the U.S. House of Representatives

•Serving soldiers in Iraq and Afghanistan, some of whom sent her

snaps with GPS co-ordinates in them

•Job offers with Lockheed, Northrop

•And of course, dozens of dinner offers to discuss employment

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 9

• Mission critical

• Vulnerabilities are plenty

• Threats are plenty

• Security is only beginning to evolve

Risk = Vulnerability x Probability x Impact

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 10

H

U

M

A

N

S

NETWORK

OS Transport

OS Infra

Application

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 11

Source : Cornell University, Zhou et al

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 12

• The malicious node participates in a route but simply drops some of the data packets.

• The malicious node transmits falsified route updates.

• The malicious node could potentially replay stale updates.

• The malicious node reduces the TTL (time-to-live) field in the IP header so that the packet never reaches the destination.

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 13

• Success of the network depends upon trust

• Trust is established by Authentication and Encryption

• Key management and distribution is a glaring weakness

• A tactical system without trust can be worse than not having one

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 14

• A tactical Communication System is sure to be attacked

• ….is full of vulnerabilities

• Impact is catastrophic

……what can we say about the risk?

Risk = Vulnerability x Probability x Impact

Thank you.