Security in the use of ICTs APT-ITU workshop on the International Telecommunications Regulations Bangkok, 6-8 February 2012 Preetam Maloor, ITU Current Proposalsto WCIT regarding theITRs • The 1988 ITR does not contain explicit provisions on security in the use of ICTs – The reference in Article 9 to avoiding technical harm was added in light of the Morris worm, or Internet worm of 2 November 1988. • Some specific proposals have been submitted to CWG-WCIT that are clearly related to Cybersecurity – Adding new articles on security in the use of ICTs – Amending existing articles (e.g. article 8), in order to include security related elements – Making specific references to countermeasures against spam (in line with WTPF Opinion 6) There is no consensus on the proposals ITU’s role and mandate • • • • • • ITU plays an important role in resolving new and emerging issues (PP-10 Resolution 171) and has developed a number of activities with regard to building confidence and security in the use of ICTs Following the World Summit on the Information Society (WSIS), Heads of States and world leaders entrusted ITU to take the lead in coordinating international efforts as the sole Facilitator of Action Line C5, "Building confidence and security in the use of ICTs". Resolutions from PP, WTSA, WTDC call upon more ITU involvement in building confidence and security in the use of ICTs In the Global Cybersecurity Agenda (GCA), ITU promotes international cooperation aimed at proposing strategies for solutions to enhance confidence and security in the use of ICTs ITU-T Study Group 17 is the Lead Study Group for Telecommunication security, and ITU-T Lead Study Group for Identity management ITU-D Study Group 1 Question 22 on Securing information and communication networks: best practices for developing a culture of cybersecurity Global Challenges • The global cyber threat landscape • The definitions • International cooperation and agreed international norms and principles • International standards • The interdependencies Global Challenges -The global cyber threat landscape January 2011 March 2011 June 2011 October 2011 November 2011 • Major cyber intrusion in Defense Research and Development in Canada. Finance Department and Treasury board forced to disconnect from the internet • Hackers penetrate French government computer network • South Korea Defense Network penetrated • RSA Secure ID compromised • Attacks at EU’s Commission and External Action Service • Attacks at Sony. Millions of logins leaked • Attacks at NATO internal network • Attacks at International Monetary Fund (IMF) • Hackers disrupt 51 Malaysian government websites • UK Treasury under sustained cyberattack • Cyber-attacks on UK at disturbing levels • Japan under Heavy Cyber Attack • • • • • • Hackers destroyed a pump used by a US water utility Duqu computer virus Detected by Iran civil defense organization More than 100 Pakistani Government Sites Under Malware attack Thousands of United Nation (UNDP) logins leaked Cyber attacks hit Fujitsu local government system in Japan Largest DDOS attack hit Chinese company Global Challenges -The definitions • There is not yet a globally accepted definition of security in the use of ICTs • IGOs and SDOs have their own definition – ITU-T Recommendation X.1205 • Member States might use different definitions – 2009 US National Infrastructure Protection Plan – Dutch national strategy • Dictionaries provide other definition – Oxford dictionary Global Challenges -International cooperation and agreed international norms and principles • Cyberattacks can originate and strike anywhere around the globe. • There have been calls for: – norms and principles agreed by the international community for acceptable state behavior in cyberspace – international minimum standard of relevant offences internationally imposed – harmonized legal frameworks, where domestic laws contain provisions on international cooperation Cyber threats are inherently international in scope and require multi-stakeholder international cooperation Global Challenges -International standards • Building Security in the use of ICTs require legal, organizational and technical capabilities • Standards can complement the overall efforts, providing interoperability and conformance of security while meeting regulatory constraints of countries and regions • The adoption of common technical standards can also help developing countries and bring them up to speed (bridging the standardization gap) Global Challenges -Interdependencies • Telecom Sector and the Internet are considered as interconnected and interdependent systems • Infrastructures that have been in isolation so far, are being increasingly supported by telecommunication (e.g. industrial automation networks, intelligent transportation systems (ITS), e-government networks) • This paradigm shift of interconnected systems makes ICTs susceptible to cyberattacks of unforeseeable impact Overview of the current situation at national, regional, and international level • The security in the use of ICTs have been an increasing international concern over the past 10 years. • Countries, regional and international organizations started to elaborate and develop Cybersecurity policies and strategies – National efforts (National strategies and plans – e.g. US, UK, Germany, Estonia, Australia, Malaysia, South Korea and Brazil, among others – India and South Africa also started) – Regional and cross regional efforts (EU initiatives, APEC, ASEAN, CoE, ENISA, FIRST, G8, Meridian, NATO, AOS, OECD) – International efforts (IMPACT, IEEE, IEC, ISO, INTREPOL, UNODC)