Internet Governance & Security !through the CyberGeoPolitics Viewpoint

OSIPP Guest Lecturer/ Special Appointed Reseacher!Kunihiro Maeda

Global Governance Studies@OSSIP 2015.01.05

Vo.2 ”The countermeasure of Cyber Attack against 2020 Tokyo Olympics”

kunihiro.maeda@mac.com

2

Internet Governance & Security through the CyberGeoPolitics viewpoint

16:20-17:50 18:00-19:30

2012/12/15 Talk about “GeoPolitics and Cyber-GeoPolitics”

Discussion about “Choke Points”

2013/1/5 Lecture about “Mega sport event and Terrorism”

Discussion about “Cyber Terrorism and 2020 Olympics”

セキュリティの三大要素 - CIA triad -

3

情報セキュリティは、JIS Q 27002（すなわちISO/IEC 27002）によって、情報の機密性、完全性、可用性を維持することと定義されている。それら三つの性質の意味は次のとおりである。機密性 (confidentiality): 情報へのアクセスを認められた者だけが、その情報にアクセスできる状態を確保すること完全性 (integrity): 情報が破壊、改ざん又は消去されていない状態を確保すること可用性 (availability): 情報へのアクセスを認められた者が、必要時に中断することなく、情報及び関連資産にアクセスできる状態を確保することこれら三つを、英語の頭文字を取って、情報のCIAということもある。!

JIS Q 27001 では、これらを次のとおりに定義している。これらは、ISO/IEC 27001 の定義を翻訳したものである。ここで、エンティティとは、団体などを指す。情報セキュリティ (information security): 情報の機密性、完全性および可用性を維持すること。さらに、真正性、責任追跡性、否認防止および信頼性のような特性を維持することを含めてもよい。機密性 (confidentiality): 許可されていない個人、エンティティ又はプロセスに対して、情報を使用不可又は非公開にする特性完全性 (integrity): 資産の正確さ及び完全さを保護する特性可用性 (availability): 許可されたエンティティが要求したときに、アクセス及び使用が可能である特性

情報セキュリティの用語

4

リスク (risk): 何かしらの損失を発生させる事態や状況への可能性。また、考えられる脅威を分析した結果として認識される損失発生の可能性（リスク因子）を指すこともある。リスクの分析をリスク分析という。 脆弱性 (vulnerability): リスクを発生させる原因。 脅威 (threat): 脆弱性を利用 (exploit) して、リスクを現実化させる手段。自然災害も含まれる。 インシデント (incident): 発生する可能性の高い脅威。 対抗策 (countermeasure): 脅威がリスクを現実化することを抑止（最小化）しようとする手段。対策ともいう。!!Risk is the likelihood that something bad will happen that causes harm to an informational asset (or the loss of the asset). A vulnerability is a weakness that could be used to endanger or cause harm to an informational asset. A threat is anything (man-made or act of nature) that has the potential to cause harm.

JIS Q 27001 では、これらを次のとおりに定義している。これらは、ISO/IEC 27001 の定義を訳したものである。

リスク (risk): 事象の発生確率と事象の結果との組合せ。 脆弱性 (vulnerability): 一つ以上の脅威がつけこむことができる、資産または資産グループがもつ弱点。 脅威 (threat): システムまたは組織に損害を与える可能性があるインシデントの潜在的な原因。 情報セキュリティインシデント (information security incident): 望まない単独もしくは一連の情報セキュリティ事象、または予期しない単独もしくは一連の情報セキュリティ事象であって、事業運営を危うくする確率および情報セキュリティを脅かす確率が高いもの。リスク対応 (risk treatment): リスクを変更させるための方策を、選択および実施するプロセス。

An Overall Framework for Security - GAO -

5http://www.gao.gov/new.items/d04321.pdf

Credibility - CIA triad -

6

Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. The model is also sometimes referred to as the AIC triad (availability, integrity and confidentiality) to avoid confusion with the Central Intelligence Agency. The elements of the triad are considered the three most crucial components of security.

In this context, confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people.

情報セキュリティの3大基本理念であるConfidentiality、Integrity、Availabilityの略。現在ではC.I.A.の3つにさらに管理統制、利便性の2つを追加した状態をセキュリティの指針としている例もある。

基はOECD（経済協力開発機構）が策定したセキュリティガイドラインで示されていたもの。C.I.A.はそれぞれ機密性、保全性、可用性という邦訳が付与され、情報セキュリティを推進または評価する際に、これら3つの視点から検討し均等に対策を施すことで全体としてセキュアな情報システムの構築をしていくための指針である。それぞれの定義としては、機密性が情報が組織や個人によって定められたルールどおりに保護できること。保全性は、情報の正確性や完全性が維持されること。可用性は、システムを必要に応じて利用・制御ができることとなる。これに対しそれぞれの脅威としては、機密性が情報漏えいやなりすまし、著作権侵害。保全性は不正アクセスや誤動作などがあり、可用性は不正アクセスやDoS攻撃、ウイルスや天災といった項目が挙げられる。

Credibility - CIA triad -

7

情報セキュリティの3大基本理念であるConfidentiality、Integrity、Availabilityの略。現在ではC.I.A.の3つにさらに管理統制、利便性の2つを追加した状態をセキュリティの指針としている例もある。

基はOECD（経済協力開発機構）が策定したセキュリティガイドラインで示されていたもの。C.I.A.はそれぞれ機密性、保全性、可用性という邦訳が付与され、情報セキュリティを推進または評価する際に、これら3つの視点から検討し均等に対策を施すことで全体としてセキュアな情報システムの構築をしていくための指針である。それぞれの定義としては、機密性が情報が組織や個人によって定められたルールどおりに保護できること。保全性は、情報の正確性や完全性が維持されること。可用性は、システムを必要に応じて利用・制御ができることとなる。これに対しそれぞれの脅威としては、機密性が情報漏えいやなりすまし、著作権侵害。保全性は不正アクセスや誤動作などがあり、可用性は不正アクセスやDoS攻撃、ウイルスや天災といった項目が挙げられる。

システムダウン情報改竄

情報漏洩

Confidentiality - CIA triad -

8

Confidentiality is roughly equivalent to privacy. Measures undertaken to ensure confidentiality are designed to prevent sensitive information from reaching the wrong people, while making sure that the right people can in fact get it: Access must be restricted to those authorized to view the data in question. It is common, as well, for data to be categorized according to the amount and type of damage that could be done should it fall into unintended hands. More or less stringent measures can then be implemented according to those categories.

Sometimes safeguarding data confidentiality may involve special training for those privy to such documents. Such training would typically include security risks that could threaten this information. Training can help familiarize authorized people with risk factors and how to guard against them. Further aspects of training can include strong passwords and password-related best practices and information about social engineering methods, to prevent them from bending data-handling rules with good intentions and potentially disastrous results.

A good example of methods used to ensure confidentiality is an account number or routing number when banking online. Data encryption is a common method of ensuring confidentiality. User IDs and passwords constitute a standard procedure; two-factor authentication is becoming the norm. Other options include biometric verification and security tokens, key fobs or soft tokens. In addition, users can take precautions to minimize the number of places where the information appears and the number of times it is actually transmitted to complete a required transaction. Extra measures might be taken in the case of extremely sensitive documents, precautions such as storing only on air gapped computers, disconnected storage devices or, for highly sensitive information, in hard copy form only.

Integrity - CIA triad -

9

Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle. Data must not be changed in transit, and steps must be taken to ensure that data cannot be altered by unauthorized people (for example, in a breach of confidentiality). These measures include file permissions and user access controls. Version control maybe used to prevent erroneous changes or accidental deletion by authorized users becoming a problem. In addition, some means must be in place to detect any changes in data that might occur as a result of non-human-caused events such as an electromagnetic pulse (EMP) or server crash. Some data might include checksums, even cryptographic checksums, for verification of integrity. Backups or redundancies must be available to restore the affected data to its correct state.

Availability - CIA triad -

10

Availability is best ensured by rigorously maintaining all hardware, performing hardware repairs immediately when needed and maintaining a correctly functioning operating system environment that is free of software conflicts. It’s also important to keep current with all necessary system upgrades. Providing adequate communication bandwidth and preventing the occurrence of bottlenecks are equally important. Redundancy, failover, RAID even high-availability clusters can mitigate serious consequences when hardware issues do occur. Fast and adaptive disaster recovery is essential for the worst case scenarios; that capacity is reliant on the existence of a comprehensive disaster recovery plan (DRP). Safeguards against data loss or interruptions in connections must include unpredictable events such as natural disasters and fire. To prevent data loss from such occurrences, a backup copy may be stored in a geographically-isolated location, perhaps even in a fireproof, waterproof safe. Extra security equipment or software such as firewalls and proxy servers can guard against downtime and unreachable data due to malicious actions such as denial-of-service (DoS) attacks and network intrusions.

Example of Threats

11

Example of Threats

12

Confidenciallity Integrity Availability Terrorist’

personaTerrorist’purpose

Terrorist’method

Hard-ware

Software

Data

Infrastructure

Critical Infrastructure Attack and Protection

1313http://www.dhs.gov/critical-infrastructure-sectors

Critical Infrastructure Attack and Protection

14

Incidents happened in London Olympics

15

Incidents happened in London Olympics

16

12 strategic cyber risks realized in

23 strategic cyber risks identified

UK appealed strong attitude against terrorism

17

Financial Times(2013) Sep 29, 2013 “UK becomes first state to admit to offensive cyber attack capability”!

http://www.ft.com/intl/cms/s/0/9ac6ede6-28fd-11e3-

ab62-00144feab7de.html

UK becomes first state to admit to offensive cyber attack

18

http://www.ft.com/intl/cms/s/0/9ac6ede6-28fd-11e3-

ab62-00144feab7de.html

IT利活用セキュリティ総合戦略推進部会（一部抜粋）

19

2020年オリンピック・パラリンピック東京大会等に関する閣僚会議（抜粋）

2020

NEW THEAT from the future

2121

Munich massacre by Black September at Munich Olympic 1972

2222

The Munich massacre was an attack during the 1972 Summer Olympics in Munich, West Germany, on eleven Israeli Olympic team members, who were taken hostage and eventually killed, along with a German police officer, by the Palestinian group Black September. Shortly after the crisis began, they demanded 234 prisoners jailed in Israel and the German-held founders of the Red Army Faction (Andreas Baader and Ulrike Meinhof) be released. Black September called the operation "Iqrit and Biram", after two Palestinian Christian villages whose inhabitants were expelled by the Haganah in 1948. German neo-Nazis apparently gave the attackers logistical assistance. Police officers killed five of the eight Black September members during a failed rescue attempt. They captured the three survivors, who West Germany later released following a Lufthansa airliner hijacking. Mossad responded to the release with Operation "Spring of Youth" and Operation "Wrath of God", systematically tracking down and killing Palestinians suspected of involvement in the massacre.

21 Hours at Munich William Holden (Actor), Shirley Knight (Actor), William A.

Graham (Director)

Munich: Eric Bana (Actor), Geo!rey Rush (Actor), Steven Spielberg (Director,

Producer)

24 hours at Munich’s key fact is “Messaging”

2323

Mega sport events and Cyber Terrorism(Hacktivism)

24

http://www.reuters.com/article/2014/02/26/us-worldcup-brazil-hackers-idUSBREA1P1DE20140226

Cyber Activism/“Hacktivism”

2525

Cyber Activism/“Hacktivism”

2626

“自爆テロは路上犯罪より投票行動に似ている。”　

Many popular ideas about terrorists and why they seek to harm us are fueled by falsehoods and misinformation. Leading politicians and scholars have argued that poverty and lack of education breed terrorism, despite the wealth of evidence showing that most terrorists come from middle-class, and often college-educated, backgrounds. In What Makes a Terrorist, Alan Krueger argues that if we are to correctly assess the root causes of terrorism and successfully address the threat, we must think more like economists do.

Krueger is an influential economist who has applied rigorous statistical analysis to a range of tough issues, from the minimum wage and education to the occurrence of hate crimes. In this book, he explains why our tactics in the fight against terrorism must be based on more than anecdote and speculation. Krueger closely examines the factors that motivate individuals to participate in terrorism, drawing inferences from terrorists' own backgrounds and the economic, social, and political conditions in the societies from which they come. He describes which countries are the most likely breeding grounds for terrorists, and which ones are most likely to be their targets. Krueger addresses the economic and psychological consequences of terrorism. He puts the terrorist threat squarely into perspective, revealing how our nation's sizeable economy is diverse and resilient enough to withstand the comparatively limited effects of most terrorist strikes. And he calls on the media to be more responsible in reporting on terrorism.

Cyber Activism/“Hacktivism”

2727http://www.foreignaffairsj.co.jp/essay/201205/Benkler.htm

2828

http://www.foreignaffairs.com/articles/137382/yochai-benkler/hacks-of-valor

Why Anonymous Is Not a Threat to National Security

Over the past year, the U.S. government has begun to think of Anonymous, the online network phenomenon, as a threat to national security. According to The Wall Street Journal, Keith Alexander, the general in charge of the U.S. Cyber Command and the director of the National Security Agency, warned earlier this year that “the hacking group Anonymous could have the ability within the next year or two to bring about a limited power outage through a cyberattack.” His disclosure followed the U.S. Department of Homeland Security’s release of several bulletins over the course of 2011 warning about Anonymous. Media coverage has often similarly framed Anonymous as a threat, likening it to a terrorist organization. Articles regularly refer to the Anonymous offshoot LulzSec as a "splinter group," and a recent Fox News report uncritically quoted an FBI source lauding a series of arrests that would "[chop] off the head of LulzSec.”

This is the wrong approach. Seeing Anonymous primarily as a cybersecurity threat is like analyzing the breadth of the antiwar movement and 1960s counterculture by focusing only on the Weathermen. Anonymous is not an organization. It is an idea, a zeitgeist, coupled with a set of social and technical practices. Diffuse and leaderless, its driving force is “lulz” -- irreverence, playfulness, and spectacle. It is also a protest movement, inspiring action both on and off the Internet, that seeks to contest the abuse of power by governments and corporations and promote transparency in politics and business. Just as the antiwar movement had its bomb-throwing radicals, online hacktivists organizing under the banner of Anonymous sometimes cross the boundaries of legitimate protest. But a fearful overreaction to Anonymous poses a greater threat to freedom of expression, creativity, and innovation than any threat posed by the disruptions themselves. (to be continued….)

Hacks of Valor | Foreign A!airs by Yochai Benkler

YOUR INTELLIGENCE REPORT: HYPOTHESIS

29

Confidenciallity Integrity Availability Terrorist’

personaTerrorist’purpose

Terrorist’method

Hard-ware

Software

Data

Infrastructure

BACKGROUND& COUNTERMEASURE

3030Your name: ID number: