cyber terrorism
TRANSCRIPT
COMBATING CYBER TERRORISM
THROUGH AN EFFECTIVE SYSTEM OF CYBER SECURITY COOPERATION
DR TUGHRAL YAMIN ASSOCIATE DEAN CENTRE FOR INTERNATIONAL PEACE &
STABILITY (CIPS) NATIONAL UNIVERSITY FOR SCIENCES TECHNOLOGY (NUST)
ISLAMABAD tughralyamin.wordpress.com www.islamabadcalling.com
COUNTER TERRORISM EXPERTS CONFERENCE 13-14 OCTOBER 2015
CENTER OF EXCELLENCE DEFENSE AGAINST
TERRORISM
MAIN POINTS OF MY PRESENTATION
• TERRORISM IS CONSIDERED ILLEGAL ACTIVITY INTERNATIONALLY, REGIONALLY & NATIONALLY
• CYBERSPACE IS INCREASINGLY BEING USED FOR TERRORIST ACTIVITIES
• VERY LITTLE CYBER SECURITY COOPERATION AMONG NATIONS, GROUPS & ALLIANCES ON ISSUES RELATED TO CYBER SECURITY
TERRORISM
C
Y
B
E
R
S
P
A
C
E
CYBER COOP
DEFINITION OF TERRORISM
TO CAUSE OR SPREAD TERROR IN PURSUIT OF POLITICAL AIMS THROUGH UNAUTHORIZED USE OF VIOLENCE & INTIMIDATION
SOURCE: US DEPARTMENT OF STATE COUNTRY REPORTS ON TERRORISM 2012
TERRORIST ACTS
• BOMBING
• HIJACKING
• ARSON
• KIDNAPPING
• ASSAULT
• MURDER
• THEFT
• SABOTAGE
UNSC RESOLUTIONS TO COMBAT TERRORISM
• UNSCR 1267 (1999) • UNSCR 1373 (2001) • UNSCR 1456 (2003) • UNSCR 1535 (2004) • UNSCR 1540 (2004) • UNSCR 1566 (2004) • UNSCR 1617 (2005) • UNSCR 1624 (2005) • UNSCR 2178 (2013)
INTERNATIONAL TREATIES ON TERRORISM
• SOUTH ASIAN ASSOCIATION FOR REGIONAL COOPERATION REGIONAL CONVENTION (SAARC) ON SUPPRESSION OF TERRORISM (1987)
• ARAB CONVENTION ON THE SUPPRESSION OF TERRORISM (1998) • TREATY ON COOPERATION AMONG STATES MEMBERS OF THE
COMMONWEALTH OF INDEPENDENT STATES (CIS) IN COMBATING TERRORISM (1999)
• CONVENTION OF THE ORGANIZATION OF THE ISLAMIC CONFERENCE (OIC) ON COMBATING INTERNATIONAL TERRORISM (1999)
• ORGANIZATION OF AFRICAN UNITY (AU) CONVENTION ON THE PREVENTION AND COMBATING OF TERRORISM (1999)
• INTER-AMERICAN CONVENTION AGAINST TERRORISM (2002) • ASSOCIATION OF SOUTHEAST ASIAN NATIONS (ASEAN)
CONVENTION ON COUNTER TERRORISM (2007)
INTERNET & THE REVOLUTION IN MILITARY AFFAIRS
GENERAL
COLONEL MAJOR CAPTAIN SOLDIER
INTERNET HAS INCREASED THE TERRORIST OUTREACH
TERRORIST
MASTERMIND
SYMPATHISERS
RECRUITS
FINANCIERS
CYBER TERRORISM, CYBER WARFARE & CYBER WARFARE
• CYBER TERRORISM – BY NON STATE ACTORS
• CYBER CRIME – BY CRIMINALS
• CYBER WARFARE – AMONG STATES
CYBER TERRORISM
CYBER CRIME
CYBER WARFARE
USE OF INTERNET BY TERRORISTS
• RADICALIZATION & RECRUITMENT
• PROPAGANDA & HATE SPEECH
• FUND RAISING & TRANSFEREING OF FUNDS
• MEANS OF COMMUNICATION
• TRAINING & PLANNING
RECRUITMENT, TRAINING, PROPAGANDA & COMMUNICATION VIA
THE INTERNET • EXTREMISTS USE CHAT
ROOMS, DEDICATED SERVERS, WEBSITES & SOCIAL NETWORKING TOOLS
• YOUTUBE CHANNELS & FACEBOOK PAGES OF EXTREMIST SUPPORTERS MOTIVATE & TRAIN YOUNG PEOPLE FOR TERRORIST ACTIVITY
• THESE ALSO PROVIDE A MEANS FOR COMMUNICATION BETWEEN LONE WOLF ACTORS & LARGER ORGANIZED NETWORKS OF TERRORISTS
FUND RAISING
• SOLICITING DONATIONS ON THE INTERNET
• ONLINE DONATIONS FROM RELIGIOUS & IDEOLOGICAL GROUPS
• ONLINE DONATIONS TO CHARITIES & NGOs WITH QUESTIONABLE CREDENTIALS
• INTERNET FRAUD & CYBERCRIME
CYBER SECURITY & CYBER SECURITY COOPERATION
CYBER SECURITY
• THE BODY OF TECHNOLOGIES, PROCESSES & PRACTICES DESIGNED TO PROTECT NETWORKS, COMPUTERS, PROGRAMS AND DATA FROM ATTACK, DAMAGE OR UNAUTHORIZED ACCESS
CYBER SECURITY COOPERATION
• AMONG COUNTRIES, GROUPS & ALLIANCE SYSTEMS IS NOT – UNIFORM OR STANDARDISED
– IN SOME CASES IT IS ENTIRELY MISSING
THE POSITION OF THE UN SECRETARY GENERAL ON CYBER SECURITY
“THE INTERNET IS A PRIME EXAMPLE OF HOW TERRORISTS CAN BEHAVE IN A TRULY TRANSNATIONAL WAY; IN RESPONSE, STATES NEED TO THINK AND FUNCTION IN AN EQUALLY TRANSNATIONAL MANNER”
BAN KI-MOON
SECRETARY-GENERAL OF THE UN
UN POSITION ON CYBER SECURITY COOPERATION
• IN 2013, THE UN GROUP OF GOVERNMENTAL EXPERTS (GGE), COMPRISING FIFTEEN COUNTRIES INCLUDING THE US, RUSSIA & CHINA REACHED A LANDMARK AGREEMENT
• THAT THE SAME INTERNATIONAL LEGAL PRINCIPLES, SUCH AS THE UN CHARTER AND THE LAW OF STATE RESPONSIBILITY, THAT HAVE PROMOTED PREDICTABILITY AND STABILITY BETWEEN STATES DURING CONFLICT IN THE KINETIC SPACE APPLY EQUALLY IN CYBERSPACE
CYBER COOPERATION AMONG REGIONAL GROUPS/ALLIANCES
• ASEAN REGIONAL FORUM
• AFRICAN UNION
• ARAB LEAGUE
• ECOWAS
• ENISA
• NATO
• SCO
CYBER EUROPE • EU AGENCY FOR NETWORK & INFORMATION SECURITYY (ENISA) FACILITATES THE
PROCESS OF PLANNING, CONDUCTING & EVALUATING PAN EUROPEAN CYBER CRISIS COOPERATION EXERCISES
• AS PER THE NEW POLICY PLAN OF THE EUROPEAN COMMISSION, ENISA SUPPORTS EU-WIDE CYBER SECURITY PREPAREDNESS EXERCISES AS ONE OF THE MAIN ACTIONS OF THE DIGITAL AGENDA FOR EUROPE
• ENISA’S NEW PROPOSED MANDATE ALSO HIGHLIGHTS THE IMPORTANCE OF CYBER SECURITY PREPAREDNESS EXERCISES IN ENHANCING TRUST & CONFIDENCE IN ONLINE SERVICES ACROSS EUROPE
• IN THIS CONTEXT, ENISA ALSO FACILITATES THE PROCESS OF PLANNING, CONDUCTING AND EVALUATING PAN-EUROPEAN EXERCISES
• IT HAS ORGANISED & CONDUCTED EXERCISES SUCH AS: – CYBER EUROPE 2010. 1ST PAN EUROPEAN EXERCISE ON CRITICAL INFORMATION
INFRASTRUCTURE PROTECTION (CIIP), WAS ORGANISED BY EU MEMBER STATES WITH THE SUPPORT FROM ENISA AND THE JOINT RESEARCH CENTRE (JRC) IN NOVEMBER 2010
– CYBER EUROPE 2012. 2ND PAN EUROPEAN CYBER SECURITY EXERCISE, WITH AMBITIOUS OBJECTIVES TO DEVELOP TRUST & COOPERATION OF KEY ACTORS IN EUROPE IN THE AREA OF CIIP
– CYBER EUROPE 2014. 3RD PAN EUROPEAN EXERCISE ORGANIZED BY ENISA WITH EU MEMBER STATES AND EUROPEAN FREE TRADE ASSOCIATION (EFTA) COUNTRIES WAS THE LARGEST & MOST COMPLEX EXERCISE ORGANISED IN EUROPE
• ENISA ALSO ORGANIZES WITH THIRD COUNTRIES JOINT ACTIVITY LIKE THE EU-US CYBER ATLANTIC EXERCISE
NATO
CYBER DEFENCE
GOVERNANCE
NORTH ATLANTIC TREATY COUNCIL
DEFENCE POLICY & PLANNING COMMITTEE IN REINFORCED FORMAT
NATO CYBER DEFENCE MANAGEMENT BOARD
NATO COMPUTER INCIDENT RESPONSE TEAM
NATO CYBER SECURITY PLAN • INTEGRATES CYBER DEFENCE CONSIDERATIONS INTO NATO
STRUCTURES & PLANNING PROCESSES IN ORDER TO PERFORM NATO’S CORE TASKS OF COLLECTIVE DEFENCE & CRISIS MANAGEMENT
• FOCUS ON PREVENTION, RESILIENCE & DEFENCE OF CRITICAL CYBER ASSETS TO NATO AND ALLIES
• DEVELOP ROBUST CYBER DEFENCE CAPABILITIES & CENTRALISE PROTECTION OF NATO’S OWN NETWORKS
• DEVELOP MINIMUM REQUIREMENTS FOR CYBER DEFENCE OF NATIONAL NETWORKS CRITICAL TO NATO’S CORE TASKS
• PROVIDE ASSISTANCE TO THE ALLIES TO ACHIEVE A MINIMUM LEVEL OF CYBER DEFENCE AND REDUCE VULNERABILITIES OF NATIONAL CRITICAL INFRASTRUCTURES
• ENGAGE WITH PARTNERS, INTERNATIONAL ORGANISATIONS, THE PRIVATE SECTOR & ACADEMIA
SHANGHAI COOPERATION ORGANISATION (SCO) STANCE ON CYBER SECURITY
• THE PRIMARY FOCUS OF SCO IS COUNTER TERRORISM
• IT CONSIDERS INFORMATION AND CYBER SECURITY A UNIVERSAL CONCERN OF THE INTERNATIONAL COMMUNITY, WITH PRIVACY OF CITIZENS AND NATIONAL SOVEREIGNTY BEING VIOLATED ON A LARGE SCALE IN THE CYBER WORLD
• RUSSIAN RESOLUTION ON THE DEVELOPMENTS IN THE FIELD OF INFORMATION & TELECOMMUNICATIONS IN THE CONTEXT OF INTERNATIONAL SECURITY (1998) ADOPTED WITHOUT A VOTE BY UN GENERAL ASSEMBLY RESOLUTION 53/70
• SINCE THEN THERE HAVE BEEN ANNUAL RESOLUTIONS CALLING FOR THE VIEWS OF UN MEMBER STATES ON THE ISSUE OF INFORMATION SECURITY
• IN JUNE 2009, AN AGREEMENT AMONG THE GOVERNMENTS OF SCO MEMBER STATES ON COOPERATION IN THE FIELD OF ENSURING INTERNATIONAL INFORMATION SECURITY WAS CONCLUDED AT YEKATERINBURG
• ON 12 SEPTEMBER 2011, FOUR MEMBERS OF THE SCO SUBMITTED A DRAFT INTERNATIONAL CODE OF CONDUCT FOR INFORMATION SECURITY TO THE UN GENERAL ASSEMBLY
• IN 2015, AN EXPANDED GROUP OF SIX MEMBERS SUBMITTED A NEW DRAFT TO THE UN GENERAL ASSEMBLY
SCO ON CYBER SECURITY • IN SEPTEMBER 2011, CHINA, TOGETHER WITH RUSSIA,
TAJIKISTAN AND UZBEKISTAN, SUBMITTED TO THE 66TH SESSION OF THE UN GENERAL ASSEMBLY AN “INTERNATIONAL CODE OF CONDUCT FOR INFORMATION SECURITY,” WHICH ATTRACTED INTERNATIONAL ATTENTION & PROMOTED THE FORMULATION PROCESS OF SUCH NORMS & RULES
• IN JANUARY 2015 CHINA, KAZAKHSTAN, KYRGYZSTAN, RUSSIA, TAJIKISTAN, AND UZBEKISTAN, THE SIX MEMBERS OF SCO, PROPOSED AN UPDATED DRAFT OF INTERNATIONAL CODE OF CONDUCT FOR INFORMATION SECURITY TO THE UN
• THE DRAFT CALLED ON NATIONS TO FURTHER DISCUSS THE TOPIC UNDER THE UN FRAMEWORK AND REACH AT AN EARLY DATE AN AGREEMENT ON INTERNATIONAL CODE OF CONDUCT TO REGULATE INFORMATION AND CYBERSPACE ACTIVITIES.
PROPOSED CYBER SECURITY COOPERATION AMONG REGIONAL
GROUPS
ASIA PACIFIC HUB
CENTRAL ASIAN HUB
SOUTH ASIAN HUB
CYBER SECURITY INTERNATIONAL
HUB
CYBER SECURITY COOPERATION AMONG GROUPS
ADVANTAGES IN REGIONAL COOPERATION
• TRUST BUILDING
• SYNERGY IN JOINT COUNTER TERRORISM
• SHARING OF BEST PRACTICES
• ISOLATING TERRORISTS
• ELIMINATING THE POSSIBILITY OF ATTACKS ON CRITICAL INFRASTRUCTURE
PROBLEMS IN REGIONAL CYBER SECURITY COOPERATION
DIFFERING:
• FOREIGN POLICY OBJECTIVES
• NATIONAL CYBER SECURITY PREFERENCES
• ALLIANCE BIASES
• PERCEPTIONS ABOUT INTERNET GOVERNANCE, CENSORSHIP ETC
THANK YOU FOR YOUR KIND ATTENTION