3. 3
Cybersecurity is the collection of:
[Tools + policies + concepts + actions + best
practices + strategies]
required to protect the cyber environment, and is important to:
[individual users + organizations + communities
+ companies + states]
5. Forms of Cyber Threats.
Malware.
- Viruses
- Worms
- Trojan horses
- Keyloggers and spyware
- Backdoor rootkitsages
- Adware and cookies
- Etc.
5
DoS attacks.
DNS security.
- DNS spoofing
- DNS poisoning (chaining)
Copyrighted content
Child pornography
Surveillance.
Censorship.
Bugs. OpenSSL Heartbleed bug 2014
7. Cybercrime.
• The annual cost of cybercrime to the global economy could
have reached a maximum of USD 575 billion.
• Lack of global standards of cybercrime forms = those
threats may or may not be considered cybercrime
depending on the laws that are applied.
7
8. Cybercrime [Case Studies].
8
• In 2014, Suicide cases that were reportedly caused by cyber bullying in the
USA=17, Canada=18 and Sweden=19. Harassment, cyber-bullying increase
the risk of suicide amongst children by up to nine times.
• In 2014, Almost 200 private pictures of celebrities were leaked and
disseminated on social media after they were allegedly obtained via a security
breach of Apple's cloud services suite iCloud.
9. Cybercrime [Case Studies, MENA].
• In 2013, Carbanak is cybercrime process developed by a multinational gang
of cybercriminals with the objective of stealing money rather than data. [2~4
months, 30 countries including Morocco, US$1 billion loss in total].
• In 2012, United Arab Emirates’ Rakbank, and Oman’s Bank of Muscat lost
US$ 45 million through another global cybercrime attack employing fraudulent
ATM withdrawals during a 10-hour attack.
• In 2013, Lebanese banking computer network systems were also found to be
infected by a Gauss virus designed to capture data.
9
10. 10
[Cyberterrorism]
Unlawful attacks and threats of attack against
computers, networks, and the information stored
therein when done to intimidate or coerce a
government or its people in furtherance of political
or social objectives.
11. Cyberterrorism [Case Studies].
11
France 2013
Passing an anti-terror law allows authorities in France to punish
inciters of terrorism on the Internet with a five-year prison
sentence and a fine up to €45 000 EUR.
Egypt 2015
ISIS has utilized the Internet by publishing videos of beheading
hostages on social media to gain publicity and outreach.
12. 12
[Cyberwarfare]
The use of computer technology to disrupt the
activities of a state or organization, especially the
deliberate attacking of information systems for
strategic or military purposes.
.
13. Cyberwarfare.
13
• Traditional wars have expanded to include acts of cyber warfare
using cyber arms.
• It relies heavily on software programmers, hackers, and network
experts.
• Major difference between a traditional and cyber war is the scale
and outreach.
• It can easily turn global rather than remaining between two states.
14. Cyberwarfare[Case Studies].
14
• USA and the Israeli army targeting the Iranian nuclear centers by
STUXNET warm.
• Russia was the source of DoS attacks against Estonia in April 2007.
• Syrian Electronic Army (SEA) has engaged in attacks against anti-
government websites.
• KSA warns on cyber defense as Shamoon resurfaces in 2017.
• A hacker group (GOP) from North Korea leaked a release of
confidential data from the film studio Sony Pictures in 2014.
15. Computer Emergency Response Teams
CERTs
A team consists of trained and certified experts that are able to
conduct cyber forensics, quickly identify the source of an attack,
and mitigate as much risk as possible, particularly to data and other
valuable resources.
15
16. Functions of CERTs.
16
- Responding to cyber incidents by gathering, analyzing, and
disseminating relevant information, as well as taking any
emergency measures.
- Assessing risk levels and forecasting possible cyber security
threats. This proactive approach is usually the main task of a
computer security incident prevention team (CSIP) team.
- Capacity building and networking. This task involves
developing guidelines, best practice manuals and curricula to
be used for training and awareness purposes.
17. CERT/CIRT Constituency could be:
17
q An army
q National Security
q A Police
q Universities
q Banks
q Heath System
q ISP
q Telcos
q Grids Power
q Ministry of Finance
q Software Companies
q Etc.
18. CERTs around the world.
18
• First CERT was established at Carnegie Mellon University in 1988
in response to the Morris worm incident.
• Over 250 CERTs have been established around the world.
• All the MENA national CERTs are run by organizations that are
affiliated to governments or are directly run by governments.
Egypt, Oman, UAE, Sudan, Qatar, Tunis, Algeria, Morocco, KSA.
20. Legislations & Policies.
20
• 2001, European Convention on Cybercrime (CoC).
• 2011, Commonwealth Cybercrime Initiative was launched.
• 2007, ITU established a Global Cybersecurity Agenda as a
framework for international cooperation to enhance security on the
Internet.
21. Laws & Legislations [in MENA].
21
• 2006, Yemen established Electronic Transaction Protection Law.
• 2006, UAE established Law on Prevention of Information Technology
Crimes and the Law on Electronic Commerce and Transaction.
• 2007, KSA enforced the Anti Cyber-Crime Law as well as the
Electronic Transaction Protection Law.
• 2007, Sudan issued E-crime Law along with the Informatics Offense.
• Algeria had issued Law 09-04 for preventing and fighting cyber
crimes.
22. Policies & Strategies [in MENA].
22
• CERTs: Providing support in response to computer, network, and
related cybersecurity incidents.
• CSIRTs: Establishment specializing in the financial and other
sectors became a priority.
• ITU: Arab Regional Development Forum is taking the lead in
organizing different programs.
• ESCWA: leading activities to provide a basis for the harmonization
of legal and regulatory frameworks for cyberlaw model directives
for the region.