The cyber terrain

7
The cyber terrain Dr Ian Brown Oxford Internet Institute University of Oxford

description

Presented at cyberwarfare conference in London on 20 Apr 2010

Transcript of The cyber terrain

Page 1: The cyber terrain

The cyber terrainDr Ian Brown

Oxford Internet InstituteUniversity of Oxford

Page 2: The cyber terrain

The Internet architecture

• End systems (PCs, mobile phones)• run applications e.g. Web, e-mail• at “edge of network”

• Access networks• Radio (WiFi, WiMax, 3G)

• ADSL, cable, Ethernet

• Tier 1/2/3 ISPs• Carry data packets between end

systems

• Host servers (Web, e-mail)

client/server

peer-peer

Jim Kurose, Keith Ross (2009) Computer Networking: A Top Down Approach

Page 3: The cyber terrain

Botnets

Source: Damballa, Inc.

Page 4: The cyber terrain

What is “cyberwar”?

“The ‘Korean’ cyber incidents of early July did not rise to the level of an act of war. They were annoying and for some agencies, embarrassing, but there was no violence or destruction... Cybercrime does not rise to the level of an act of war, even when there is state complicity, nor does espionage – [which] are the activities that currently dominate cyber conflict... Estonia and Georgia … came under limited cyber attack as part of larger conflicts with Russia, but in neither case were there casualties, loss of territory, destruction, or serious disruption of critical services. The ‘denial of service’ attacks used against these countries sought to create political pressure and coerce the target governments, but how to respond to such coercion remains an open question, particularly in light of the uncertain attribution and deniability” (Lewis, 2009: 2—3).

“At best, these operations can confuse and frustrate operators of military systems, and then only temporarily. Thus, cyberwar can only be a support function for other elements of warfare” (Libicki, 2009: xiv—xv)

Page 5: The cyber terrain

Deterrence and preemption

• “[W]e need to reengineer the Internet [for] attribution, geolocation, intelligence analysis and impact assessment” –Mike McConnell, 28/2/10

• “[C]aution is necessary when contemplating cyberdeterrence. Attribution, predictable response, the ability to continue attack, and the lack of a counterforce option are all significant barriers… cyberdefense remains the Air Force’s most important activity within cyberspace.” (Libicki, 2009: xix-xx)

Page 6: The cyber terrain

Reducing systemic risk

• Isolate critical systems from public Internet

• Enhance risk management, robustness and continuity planning in Critical National Infrastructure systems

• Use Content Distribution Networks and other load balancing systems to increase performance and resilience of public-facing systems

• Better align private and social incentives in securing systems, esp. on software security

Page 7: The cyber terrain

References

• I. Brown and P. Sommer (forthcoming) Characterising and reducing systemic cybersecurity risks, OECD, Paris

• House of Lords Science and Technology Committee (2007) Personal Internet Security, HL Paper 165, London

• House of Lords European Union Committee (2010) Protecting Europe against large-scale cyber-attacks, HL Paper 68, London

• J. A. Lewis (2009) The "Korean" Cyber Attacks and Their Implications for Cyber Conflict, Center for Strategic and International Studies, Washington, D.C.

• M. C. Libicki (2009) Cyberdeterrence and Cyberwar, RAND Corporation, Santa Monica.