THE ROLE OF ICT DEPLOYMENT FOR NATIONAL SECURITY A presentation by: Abdul-Hakeem B. D. Ajijola ajijola@consultancyss.com, ajijola@gmail.com 18 May 2010 ENIGERIA @ the 2010 CONFERENCE Shehu Musa Yar’adua Centre, Abuja 18 May, 2010 1 FOOD FOR THOUGHT • In the 21st Century knowledge is arguably the single most important factor of socioeconomic power, production and development • The management of intellectual capital is one of the most critical success factors of society in its quest for survival and dominance • Knowledge is about people 2 NATIONAL SECURITY • “In the past, national security was understood, or more appropriately, misunderstood to be the sole job of the defense forces on the national frontiers and of the police inside the country. Today we know that national security now assumes a wider dimension than ever before to include EVERYTHING that threatens peace and tranquility in the society.” A. Mohammed 3 NATIONAL SECURITY POLICY FORMULATION National Defence Council General Security Appraisal Committee National Security Council President Intelligence Community Committee Joint Intelligence Board Monday, 13 April 2015 ICT & NATIONAL SECURITY • Pooling and inter-connectivity of the resources base of security agencies – Central to this, is the importance of sharing intelligence and other collaborative measures – Intelligence managing process encourages the systematic exploitation of intelligence from diverse sources • National Security must become Information Technology (IT) driven 5 LEVERAGE ICT’S IN THE NATIONAL SECURITY PROCESS Need for proper coordination Minimize duplication of effort and mishandling of information Information sharing Effective integration of data possible where trusted databases exist Secure Circulation of Intelligence Products Keep all abreast of trends and developments If the maneuver forces cannot respond adequately to the intelligence provided then the efforts of the intelligence providers are in vain If good intelligence is not available the decisionmakers and security force only act blindly Monday, 13 April 2015 NATIONAL SECURITY CHALLENGES • Consolidating our democratic gains – Stability in the polity and political process • • Economic development and stability – Transnational organized crime – Financial crime and economic sabotage • – Vandalization of pipelines• and oil bunkering • – Drugs and related crimes – Human Trafficking • • Upsurge and promotion of divisive and parochial sentiments – Ethnicity, religious intolerance and bigotry Increasing level of insecurity in the country – Proliferation of illegal weapons – Proliferation of small arms – Activities of militia groups Civil emergencies Natural disasters Epidemics, extreme weather conditions etc Poverty, inequality, poor governance, global trends e.g. financial crisis 7 ADDRESSING NATIONAL SECURITY CHALLENGES • Growing sophistication in security challenges especially the transnational nature of most and advances in technology have more than ever before underscored the importance of multi-sectoral, holistic and integral approach in intelligence management A. Mohammed 8 CHALLENGES OF ICT IN NATIONAL SECURITY • ICT can abet and/ or be the object of crime and criminals • ICT’s facilitate “traditional” crimes and spawn new types of crimes and criminal activity • The ICT security problem is growing in importance due to several trends – Volume: The rapidly increasing quantity of computerized data stored and transmitted over communication networks – Value: The increasing value of the data, both as a marketable commodity and as representative of value, for example, as in an electronic funds transfer or an automated stock exchange transaction – Privacy Issues: An increasing quantity of personal information is being collected, 9 stored, and transmitted CHALLENGE OF CAPACITY GROWTH Subscriber Data At A Glance • 2001 (Year 2008 - February 2010) – Connected Lines 866,782 Installed 140,000,000 Telephone Lines 120,000,000 100,000,000 80,000,000 60,000,000 40,000,000 20,000,000 0 – Mobile (GSM) 266,461 Jan '09 (8 years) – Active Lines 65,514,537 – Installed Capacity 117,292,815 Active Lines, – Mobile (GSM) 58,286,444 75,934,2 07 • Feb '10 (13 months later) – Active Lines 75,934,207 – Installed Capacity 148,835,470 – Mobile (GSM) 67,851,706 Capacity , 148,835,• 470 Jan '09 Jun '09 Aug '09 Sep '09 Oct '09 Nov '09 Dec '09 Jan '10 Feb '10 160,000,000 10 CHALLENGE OF PERCEPTION: INTERNET CRIME COMPLAINT CENTRE 2008 Internet Crime Complaint Centre Report 1% 1% 1% 1% 1% 3% 1% United States of America United Kingdom Nigeria 8% Canada China 11% South Africa Ghana Spain 72% Italy Romania 11 CHALLENGE OF PERCEPTION: MATTERS ARISING • Do we have the capacities achieve our #3 rating – Bandwidth, available equipment, support infrastructure (PHCN), maintenance and human – the report is specific to the US only == 93% of complainants came from the US – Nigeria 419 Scam is now category of crime not always committed by Nigerian’s – Many people are involved: Who are they? • Cyber crime is replacing cultism in our higher education institutions – Boys: 419 letter scams – Girls: online prostitution • Does perception matter? • Perception is reality! – All must doing something 12 CHALLENGE OF CYBERSPACE • Cyberspace is an environment that does not exist in the normal physical sense, but exists as a bio-electronic ecosystem where people, systems along with abstract concepts, including software, interact with each other, which are usually underpinned by an electronic infrastructure – Cyberspace is not borderless; • however, the borders are seamless to the end user – Every country has its own cyberspace which is defined by its national infrastructure – Perpetrators of cyber-crime carry out their activities in an apparently seamless environment, law enforcement is constrained by 13 issues of jurisdiction MOBILE SYSTEMS • Advances mobile “smart phones” capabilities are making them ubiquitous and indispensible tools of modern life • Double edged sword – National Security can leverage them – National Security be • Implication: compromised by them • These devices empower people with knowledge – information which is not always true • Secure/ encrypted devices are available for the security conscious • China has tried to comprehensively monitor Internet communications with unverified success 14 CLOUD COMPUTING • Many applications and activities are moving off the standing/ standard computer onto server farms accessible through the Internet • Implications: • Cheaper information appliances which do not require the PC size or processing power • Challenge will be providing security and ubiquitous connectivity to access information sitting in the “cloud” 15 HIGH-SPEED COMMUNICATIONS LINKS • Increasingly robust connectivity infrastructure and cheaper computers are developing the ability to provide usage opportunities “anytime, anywhere” • Implication: • Can Government monitor infrastructure it does not own? • High associated costs? • Such links needed for growth 16 GAMING: A TREND TO WATCH • Massively multiplayer and other online game experience is gaining popularity among young people • Social Networking • Simulations for Defense Training • Implication: • Games offer an opportunity for increased social interaction and civic engagement among youth • Games can be time wasters for otherwise productive youth • Online-Games have triggered Murder and Divorce in South 17 Korea LISTSERV’S: WEAPONS OF MASS MOBILIZATION • NAIJA IT Professionals Forum Discussion List Naija_IT_Professionals@yahoogroups.com • MoveOn.org: Leveraging email as a petition to a hundred or so friends calling on Congress to censure Clinton and "move on." – Initially ignored MoveOn.org used the list of email addresses to arrange for supporters to make personal visits to congressional field offices – The Obama Campaign leveraged the MoveOn.org phenomena 18 • • • • TEXT MESSAGING: NEW POLITICAL TOOL? Demonstrations in Iran organized by leveraging SMS, e-mail and Twitter Seoul, South Korea: Rapidly circulated Text Messages facilitated spontaneous rally of 400 students gathered to protest the severe pressures they must endure for the nation's highly competitive college-entrance exam Lebanon: Anti-Syria protest were organized through e-mail and text messaging drawing together 1 million demonstrators to demand the withdrawal of Syrian troops and the resignation of the government Recent Historical Technology Antecedents: – Television helped bring down the Berlin Wall – Fax machine helped protesters organize during Tiananmen Square protests – Webcast of the Death of Nena in Iran, 2009 the 19 SMS: THE POOR PERSON'S INTERNET • Text messaging has been fomenting what some experts call a "mobile democracy." – Unmonitored and cheap – Underground channel for succinct uncensored speech – Demonstrators use it to mobilize protests, dodge authorities, and fire off political spam – Helps to engineer collective action at unprecedented speed • Philippines in 2002: Black-clad protesters, summoned together by a single line passed from phone to phone: – "Go 2 EDSA [an acronym for a Manila street]. Wear Blck,“ – Eventually helped topple President Estrada 20 SMS: ADVOCACY AND MOBILIZATION • South Korean President Roh Moo Hyun may not have been elected without the help of the Internet and SMS – "You might not trust what is coming out of the TV, but you take it seriously when the message comes from a friend." • December, 12,000 Chinese workers went on strike against a supplier of Wal-Mart. – Not part of a union, mobilized through SMS • Kuwait, women mobilized in record numbers to rally for the right to vote – Protests were more effective because text messaging allowed Kuwaiti demonstrators to pull young people out of school and into the streets • Nigeria Miss World pageant in 2002 protests had text messaging elements 21 CRITICAL INFRASTRUCTURE • “those physical and cyber-based systems essential to the minimum operations of the economy and government.” Former US President Bill Clinton – Banking and Finance; – Electrical Power Systems; – Emergency and Security Services; – Gas and Oil Production, Storage and transportation; – Information and Communication; – Transportation; – Water Supply System; • Not all parts of a critical infrastructure are critical • Infrastructure interdependencies can be more critical than the specific infrastructure itself 22 Worms Web application attacks Drive-by downloads Malware Social Engineering Single Point of failure Targeted DoS Natural disasters Denial of Service Viruses Phising Vulnerable servers Relying too much on one person Unprepared for security incidents Lack of documentation Bandwidth exhaustion Power cuts High privileged accounts Privilege creep Disgruntled employees Authentication & Privilege attacks Connection downtime weak passwords Password Insecure server rooms Insecure network points Unprotected end points Hardware loss Attacks on physical systems Inappropriate password policy Network monitoring Internal attack Removable media USB devices Storage theft Laptop theft E-MAIL Security Threats SECURITY CHALLENGES Malicious Internet Content WIKIPEDIA AND INTELLIPEDIA • An online tool that claims to reveal the identity of organizations that edit Wikipedia pages has revealed that the CIA was involved in editing entries. – Wikipedia Scanner allegedly shows that workers on the agency's computers made edits to the page of Iran's president http://news.bbc.co.uk/2/hi/6947532.stm • The CIA and other U.S. intelligence agencies have created a computer system that uses software from a popular Internet encyclopedia site to gather content on sensitive topics from analysts across the spy community, part of an effort to fix problems that plagued prewar estimates on Iraq – The system, dubbed Intellipedia because it is built on opensource software from Wikipedia, was launched earlier this year. – It already is being used to assemble intelligence reports on Nigeria and other subjects, according to U.S. intelligence officials who on Tuesday discussed the initiative in detail for the first time, Los Angeles Times reports 24 http://english.pravda.ru/world/americas/01-11-2006/85315-Wikipedia%20encyclopedia%20Wikipedi-0 21ST CENTURY WARFARE • One of the realities of modern warfare is that computers are as important as tanks – computer control the tanks. The U.S. military has created a new group, called Cyber Command, to supporting the information and communications systems of the military forces, and in extreme situations, get involved in a battle by attacking enemy networks – President Obama's nominee to head the Pentagon's new Cyber Command said the division would primarily focus on its defensive role… http://www.esecurityplanet.com/news/article.php/3876796/CyberCommand-Nominee-Says-Focus-Is-Security-Coordination.htm 25 CYBER ESPIONAGE • Economic espionage: Theft of secrets stored in digital files affects competitiveness • Infrastructure attacks: Assault against Critical Infrastructure threaten whole populations • The concept of protecting Nigeria’s “territorial integrity” must now include Nigeria’s cyber space Monday, 13 April 2015 “GHOSTNET” A vast Chinese cyber-espionage network, codenamed GhostNet, has penetrated 103 countries and infects at least a dozen new computers every week, according to researchers http://www.telegraph.co.uk/news/worldnews/asia/china/5071124/Chinas-global-cyberespionage-network-GhostNet-penetrates-103-countries.html Perpetrators searched China allegedly through the strategically contents of targeted 1,295 those computers computers in & other systems 103 countries on the local network Perpetrators remotely activated cameras & recording devices: Recording meetings Major “powers” are believed to have Cyber Espionage Networks & already have military “divisions” dedicated to cyber based warfare • Son of GhostNet: China-based hacking targets India government http://arstechnica.com/security/news/2010/04/son-of-ghostnet-china-based-hackingtargets-india-government.ars Monday, 13 April 2015 LESSONS FROM 9-11 • Disruptions to financial services were due to: – Loss of life – 70% of the civilians killed worked in financial services; – Damage to telecoms & power – the telecoms of 34,000 business & homes were cut off; – Physical facilities of several key market participants were destroyed; – Access restrictions in the aftermath. • Back-up facilities: Some firms: – Had no back-up facilities; – Back-up facilities were too small; – Back-up facilities were too close & thus inaccessible or affected by the same damaged infrastructure; – Acquired links from different providers, but the providers used the same paths or switches for their traffic. • Need for business continuity plans Testimony28of the USA-General Accounting Office at the USA House of Representatives GOVERNMENT COMBATING CYBER CRIME • Executive (ONSA): – DfC – CERT – Cyber-Forensics – Other initiatives • Legislature: – Draft legislation on Cyber Security and Information Protection Agency • Judiciary: • Review the Evidence Act of the Federal Republic of Nigeria –Make provisions for cyber-crimes –Enable electronic evidence to be admissible 29 in court ECONOMIC AND FINANCIAL CRIMES COMMISSION (EFCC) WWW.EFCCNIGERIA.ORG • Smart software to identify origin and take down scam emails – Over 800 fraudulent email addresses have been identified and shut down – EFCC is fine tuning security modalities and upon full deployment, the capacity to take down fraudulent emails will increase to 5,000 monthly • All Telco’s, ISP & Cyber café’s must register their IP details • October 2008: fifty-eight (58) persons arraigned in connection with advance fee fraud (419-emails) • July 2006 had raided 40 Cyber-café’s, seized 200 Computers as well as impounded 15 Server and Interrogated 5 ISP’s. 5 people had been prosecuted with 2 convictions • Innovative collaboration to reach the youth Maga (Victim) No Need Pay http://www.youtube.com/watch?v=EGCnl6O6bnE • Member G8 24/7 network 30 OTHER PLAYERS COMBATING CYBER CRIME • UNODC: Capacity Building and Software • ITU: Cyber Security Work Program to Assist Developing Countries http://www.itu.int/ITU-D/cyb/cybersecurity • OIC: Computer Emergency Response Team http://www.oiccert.org/index.html • NGO: Internet Safety, Security and Privacy Initiative for Nigeria (ISSPIN) Campaign http://www.pinigeria.org/isspin – Maga (Victim) No Need Pay (original) http://www.youtube.com/watch?v=EGCnl6O6bnE – Maga (Victim) No Need Pay (remix) http://www.facebook.com/pages/Cobhams-Emmanuel-Asuquo/94090705068?ref=nf • Professional Associations: Information Systems Security Association (ISSA) Abuja https://www.issa.org/Chapters/ChapterDirectory.html?Latitude=9.066667&Longitude=7.483333 • Collaboration: Microsoft, National Universities Commission, Association of Vice Chancellors of Nigerian Universities, Osun State University, Paradigm Initiative Nigeria (PIN) 31 ICT & THE NATIONAL SECURITY ESTABLISHMENT MATTER ARISING • • • • • • • • • • • Sharing of Best Practices must become the norm Piecemeal reform is difficult and often ineffective Change management process are required Significant and consistent investment Customization of interactions based on user needs require new skill sets and work ethic Creatively tap into new information sources e.g. online Foster partnership, cooperation and collaboration by all stakeholders Minimize silos of information Embrace change Public Private partnerships • The Private Sector owns the infrastructure Cyber Forensics capabilities? 32 BE SAFE BE SMART TODAY Cyber-security starts with you protecting yourself Face book/ Twitter generation – putting your life on a billboard The first to secure, understand and apply information wins Monday, 13 April 2015 WAY FORWARD CERT COMPUTER EMERGENCY RESPONSE TEAM CSIRT COMPUTER SECURITY INCIDENT RESPONSE TEAM http://www.oic-cert.org 34 CERT SERVICES Reactive Services • Alerts & Warnings • Incident Handling • Incident analysis • Incident response support • Incident response coordination • Incident response on site • Vulnerability Handling • Vulnerability analysis • Vulnerability response • Vulnerability response coordination Monday, 13 April 2015 Proactive Services • Announcements • Technology Watch • Security Audits or Assessments • Configuration & Maintenance of Security • Development of Security Tools • Intrusion Detection Services • SecurityRelated Information Dissemination Artefact Handling • Artefact analysis • Artefact response • Artefact response coordination Security Quality Management Risk Analysis • Continuity & Disaster Recovery • Security Consulting • Awareness Building • Education/ Training • Product Evaluation or Certification Establish National Security Sector CERT National CERTs National Security & Sub-Sector CERTs CERTs in • National Security National entities Security • Stakeholders Institutions Develop & implement CERT • National Policy Security • National Security entities • Security entities Institutions •Monday, Stakeholders 13 April 2015 Global CERTs CONCLUSION • Knowledge Mobilisation: Attitude Predicated on Knowledge develops mankind, societies and economies –Trends in ICTs require that National Security establishment embrace, deploy, exploit and defend ICT –Knowledge and information are the bedrock of development • The user base is evolving and the National Security establishment and its operatives must evolve also: –Combining solutions and not simply running after technology – combinations of hi-tech, low-tech and no-tech –National Security operatives are inherently knowledge workers – Must be empowered accordingly • National Security like ICT’s are about people 37 Thank you, for your attention ajijola@consultancyss.com Or ajijola@gmail.com 38