Kim-Kwang Raymond Choo, University of SA, Cyberspace - Our New Front Line
-
Upload
department-of-broadband-communications-and-the-digital-economy -
Category
Documents
-
view
53 -
download
2
description
Transcript of Kim-Kwang Raymond Choo, University of SA, Cyberspace - Our New Front Line
Korea-Australia-New Zealand (KANZ) Broadband Summit 2011
Cyber space: Our new front line
Dr Kim-Kwang Raymond Choo
Senior Lecturer / 2009 Fulbright (DFAT Professional) Scholar University of South AustraliaVisiting Researcher ARC Centre of Excellence in Policing and Security, Australian National University
Source: http://www.internetworldstats.com/stats.htm
Cyber space: Our new front line
KANZ Broadband Summit 2011
Cyber space: Our new front line
KANZ Broadband Summit 2011
Digitisation of information
• Lower entry barrier for digitisation of information• Broadband connection, technological innovations, declining cost of electronic
data storage devices, etc …
Cyber space: Our new front line
KANZ Broadband Summit 2011
A world of connectedness
• If Facebook was a country, it would be the 3rd largest in the world
Cyber space: Our new front line
KANZ Broadband Summit 2011
Securing our cyber space
• 360-degree challenge• Cyber threats, top tier
national security priorities (e.g. Australia’s National Security Statement 2008; UK Home Office National Security Strategy 2010)
Cyber space: Our new front line
KANZ Broadband Summit 2011
Cyber threats• Official statistics unlikely to be indicative of the entire
cyber threat landscape
Categorising cyber threats• Syntactic attacks (attacking the hardware/software)• Semantic attacks (attacking the users)• Blended attacks (e.g. Phishing)
Increased variety and volume of cyber attacks inevitable
• Phishing
Blended attacks• Phishing
– Financial loss
• Direct costs
• Indirect costs
• Lost opportunity costs
Semantic attacks (attacking the users)
Some of our findings
– Almost all fraudsters wanted us to ship our merchandise to an address in Nigeria
– “Payment” methods: PayPal, Western Union and Credit Cards
– Nigerian scammers are bullies
– Nigerian scammers know what they want • Small and expensive electronic items
Cyber space: Our new front line
KANZ Broadband Summit 2011
Syntactic attacks (attacking the computers)
• Malware– 2010: > 20 million new malware detected
(McAfee 2011)
• Vulnerabilities– 2010: 8,562 vulnerability disclosures, a
27% increase over 2009 (IBM X-Force 2011)
Strategic disadvantage:
Attacker needs to find only one vulnerability and successfully exploit it to gain access
Cyber space: Our new front line
KANZ Broadband Summit 2011
Cyber attacks more sophisticated and going ‘under the radar’
Cyber space: Our new front line
KANZ Broadband Summit 2011
The way forward• Why are cyber criminals so successful?
• Awareness and education/training• Basic online security
• Getting users to think critically• Maintain current knowledge of latest cyber criminal activities and
best cyber crime prevention measures
• Need for coordinated action by government agencies, researchers and the private sector (Australian Government House of Representatives Standing Committee on Communications 2010, Recommendation 31)
Darwinism: Survival of the fittest
Cyber space: Our new front line
KANZ Broadband Summit 2011
The way forward• Evidence-based policy response • Public Private Partnership (PPP)
• (Appropriately vetted) Volunteer cyber defenders• E.g. Cyber Defense League, an Estonian volunteer organization;
Professional Cyber Defender Programme in Singapore
• Joint user awareness and education initiatives• Joint Research and Development (R&D) initiatives
• E.g. How do we address the technical and operational challenges associated with securing fundamental ICT infrastructure against cyber attack and resultant cyber crime? How do we more accurately identify, analyse and attribute the source of a cyber attack in a timely fashion?
A better prepared society against cyber attacks
Untold riches await those who can design systems that are easy to use, but difficult to exploit