Testing Online Defenses
Global leaders meet to share best practices against cyber attacks
UNIPATH STAFF
Sometimes the most exhaustive of cyber defenses fail to account for the simplest of cyber attacks. A good example of this lapse in security is spear phishing.
Disguised as everyday emails, this type of cyber attack tricks users into giving up sensitive information such as usernames, passwords and credit card information.
Viruses, spyware and other malware are spread in emails with attachments, or — if a system routinely blocks attachments — bad actors will include links in emails to entice users to visit malicious websites.
To foil these and other assaults on the critically important cyber sector, an international group of cyber security professionals shared defensive strategies at the Central Region Cybersecurity Conference (CRCC).
Held in April 2018 near Washington, D.C., this year’s CRCC included participants from Bahrain, Egypt, Iraq, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, the United Arab Emirates and the United States.
The event also included representation from U.S. Africa Command and military observers from Angola, Botswana, Burkina Faso, Djibouti, Kenya, Nigeria and Morocco. Co-hosting the event with U.S. Central Command (CENTCOM) was the U.S. Department of State.
“Every partner represented at this conference has something to contribute to strengthen our collective cyber security efforts,” said CENTCOM Deputy Commander Lt. Gen. Charles Q. Brown.
The CRCC is an opportunity for military, academic, government and industry experts to examine cyber threats that impact national security. For three days, the conference fostered relationships among information and communications technology leaders, focusing on testing and evaluation to shore up defenses against cyber attacks. The relationships developed during the conference can help support regional stability and enable organizations to recover more quickly and with less damage when an incident occurs.
No sector of society has been spared from attack: Banks, universities, hospitals, power plants and military installations have all been targeted.
“People are waking up more to these threats that we face across the world,” said Deputy Assistant Secretary Robert Strayer of the U.S. Department of State’s Cyber and International Communications and Information Policy. He shared recent initiatives to protect U.S. government networks and critical infrastructure and to work with partners to increase cyber security.
“We need a collective defense mentality,” Strayer said.
To overcome vulnerabilities, international collaboration is key, said Iraqi Staff Maj. Gen. Mahdi Yasir Zubaidi, director of military communications for the Ministry of Defense. “We have many mutual threats in cyber security,” Maj. Gen. Mahdi told Unipath. “If we take the fight against Daesh as an example, it took a committed international community to come together and destroy the terrorists in Iraq. It was very successful.”
The same global effort is required for cyber security, he explained, and conferences like the CRCC help open channels of communication with partners.
He was pleased this year’s event included tabletop exercises, as well as participation from African militaries. This allowed for a broad international group of cyber security leaders to analyze indicators of spear phishing attacks.
“We need to expand the knowledge with our partners and our neighbors so that we all become stronger,” Maj. Gen. Mahdi said.
Humans over hardware
There is no shortage of technical tools and hardware designed to foil cyber attacks, but human oversight and understanding remain critical.
“We’ve got to have well-trained personnel that understand the network as well as cyber security and are able to not just protect and defend against threats but react to threats as well,” said U.S. Maj. Gen. Mitchell Kilgo, then director of CENTCOM’s Command, Control, Communications and Computer Systems Directorate.
This was a common challenge many of the participants discussed throughout the conference. Cyber security professionals are in demand worldwide, and competitive salaries and attractive compensation packages are required, explained Dr. Sherif Hashem, vice president for cyber security at Egypt’s National Telecom Regulatory Authority (NTRA).
Leaders need to account for this in their cyber strategies to ensure a talent pool of cyber experts with up-to-date training, Dr. Hashem said. In Egypt, the NTRA sponsored an advanced cyber security training program that led to the certification of 179 professionals from 38 entities in Egypt. Not only did it improve technical expertise, but the program provided an important relationship-building opportunity.
“Creating professional linkages among them is key,” said Dr. Hashem. Waiting until an incident occurs is not the time to start building relationships or trust, he explained.
But recruiting and maintaining a pool of highly trained technical professionals is far from the only challenge. Ordinary computer users must be properly educated and trained so they don’t fall victim to phishing scams and other common threats. User policies must be created and enforced to govern the online space in which users operate, Gen. Kilgo said.
Cyber successes
In the 2017 Global Cybersecurity Index report, Oman ranked fourth worldwide regarding its commitment and advances in cyber security among 193 member countries of International Telecommunication Union (ITU). Other Middle Eastern countries topping the global list were Egypt, which ranked 14th, and Qatar, which ranked 25th.
Dr. Salim Sultan Al Ruzaiqi, chief executive officer of the Sultanate of Oman’s Information Technology Authority, explained that his country focuses on a national strategy that clearly defines roles and requires strong private-public partnerships. Awareness campaigns to educate the public are also part of Oman’s strategy, as are regional and international partnerships.
“We are going to face more challenges as the power of technology increases,” Dr. Al Ruzaiqi said.
One way the country works to improve preparedness is by conducting national drills with stakeholders within the sultanate and with its ITU Arab Regional Cybersecurity Centre. The center is hosted by the Information Technology Authority and managed by Oman’s Computer Emergency Response Team. The Cybersecurity Center conducts drills with 22 Arab countries to help improve resiliency and incident response.
Khalid Sadiq Al-Hashmi, assistant undersecretary for Qatar’s Cyber Security Sector, said his country has achieved much by adopting international best practices and customizing them for the needs of Qatar.
Way forward
Brig. Gen. Robert Mansour, chief of operational section for the Lebanese Armed Forces G3 Signal Directorate, told Unipath that countries must be equipped to cooperate to thwart attacks.
“The coming war will not be with bullets; it will be with bits and bytes,” Brig. Gen. Mansour said.
Information sharing is essential for success, as well as awareness of cyber security issues among the population. Preparedness and readiness will help minimize risks. “Cyber attacks are not limited to a certain region. These threats are borderless,” he said.
This was Brig. Gen. Mansour’s first time attending the CRCC, and he found the presentations and tabletop exercise useful. He said the information helped participants brainstorm new ideas and strategies and facilitated sharing best practices among military, government, industry and academic cyber security professionals.
Lebanon is creating a national cyber security strategy that will set the framework for cooperation and coordination. Meanwhile the military and other sectors are taking other critical steps. In 2018, the Lebanese Armed Forces activated their security operations center and network operations center — complementary efforts to ensure uninterrupted, safe network service.
Mohammad Al-Tura, chief of the information technology sector for Kuwait’s Communication & Information Technology Regulatory Authority, presented Kuwait’s 2017 to 2020 national cyber security strategy. The plan focuses on safeguarding Kuwait’s national interests and promoting a culture of cyber security within the public and private sectors.
One of the challenges is to ensure policies are forward thinking and account for advances in technology such as cloud computing and the popularity of internet-enabled devices. “We don’t want policies that will kill innovation,” Al-Tura said.
IMPORTANCE OF THE HUMAN FACTOR
- Personnel are the most likely vector of attack.
- System-user training is key to inhibiting cyber enemies.
- A well-trained cyber force is key.
LESSONS FROM THE TABLETOP EXERCISE
- Increase collaboration and engagements to improve interoperability, information sharing and operations.
- Create more multilateral cyber exercises.
- Build more partnerships with the private sector.
BENEFITS OF CONNECTING CYBER CENTERS
- Improved awareness and shared practices.
- More timely notification of threat activity.
- Reduced risk through cooperative partnerships.
Comments are closed.