Session F1 Alparslan Kuloglu - American-Turkish Council
Session F1 Alparslan Kuloglu - American-Turkish Council
Session F1 Alparslan Kuloglu - American-Turkish Council
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
BEWARE<br />
01010010101010101010101010101010101010101010<br />
010101010100101010101010101010101<br />
CYBER<br />
01010101010101010100101010101010101010101010<br />
1010101100101010<br />
SECURITY<br />
010101010010001001010101010101010101010101010101010101010101010<br />
010101010010001001010101010101010101010101010101010<br />
010101010101010100101010101010101010101010101010101010<br />
OR<br />
1010101011010101010101010010010101010101010101001010101010101010101010<br />
0101010101010110010101010101001010101010101010101010<br />
E AWARE<br />
010101010101010100101010010101010101010101001010<br />
101010101010101010101010101010101010101100101010<br />
1/18
HACKER ATTACKS<br />
Estonia Computers Blitzed (2007)<br />
MOSCOW, May 18 — The computer attacks, apparently<br />
originating in Russia, first hit the Web site of Estonia’s<br />
prime minister on April 27, the day the country was<br />
mired in protest and violence. The president’s site went<br />
down, too, and soon so did those of several<br />
departments in a wired country that touts its paperless<br />
government and likes to call itself E-stonia.<br />
“If you have a missile attack against, let’s say, an airport,<br />
it is an act of war,” a spokesman for the Estonian<br />
Defense Ministry, Madis Mikko, said. “If the same result<br />
is caused by computers, then how else do ytou describe<br />
that kind of attack”<br />
2/18
CYBER ATTACKS ON U.S. FEDERAL SITES<br />
U.S. Blames China’s Military<br />
Directly for Cyberattacks<br />
WASHINGTON, May 6,2013 - The Obama administration<br />
on Monday explicitly accused China’s military of<br />
mounting attacks on <strong>American</strong> government computer<br />
systems and defense contractors, saying one motive<br />
could be to map “military capabilities that could be<br />
exploited during a crisis.”<br />
http://www.nytimes.com/2013/05/07/world/asia/us-accuses-chinas-military-in-cyberattacks.html<br />
pagewanted=all&_r=0<br />
3/18
STUXNET<br />
Iran was hit by<br />
Stuxnet worm in 2010<br />
Iran was subjected to cyber attacks<br />
on June 2010 when its nuclear<br />
facility in Natanz was infected by<br />
Stuxnet, a cyber worm, no one<br />
claimed responsibility for its<br />
inception.<br />
4/18
ISRAEL-PALESTINE CONFLICT<br />
Military activities are<br />
responded by cyber<br />
attacks.<br />
Ex.: Israel-Palestine conflict (2012)<br />
When Israel began airstrikes into Gaza - Anonymous<br />
hackers have retaliated with millions of hacking efforts<br />
on Israeli government and private business sites,<br />
intermittently taking hundreds offline, defacing some<br />
with anti-Israel messages, deleting Web databases<br />
for others and dumping thousands of citizen’s<br />
usernames and passwords online.<br />
5/18
BOTNET FOR RENT<br />
BOTNET FOR RENT<br />
It appears the group of cyber attackers who recently went<br />
after Twitter and Baidu are running a for-rent botnet.<br />
Research by Seculert has found that the group, known as<br />
the Iranian Cyber Army, which crashed both Twitter and<br />
Baidu by tampering with DNS (Domain Name System)<br />
records and caused users to be redirected to another<br />
website, may also be running a botnet. Seculert found a<br />
page where people can rent the botnet - simply by detailing<br />
what they'd like to attack.<br />
6/18
CYBER ATTACK DEMONSTRATION<br />
A person can hijack a<br />
plane with an Android<br />
phone<br />
"Hack in the Box security conference in<br />
Amsterdam"<br />
7/18
CYBER ATTACKS INCIDENTS<br />
8/18
DAMAGE ASSESSMENT<br />
388 Billion – The total bill for cybercrime<br />
in 24 countries…<br />
Ø $114bn – Direct cash costs of cybercrime<br />
Ø $274bn – Victims valued the time lost to cybercrime<br />
Cybercrime is bigger<br />
than…<br />
Ø The global black market in marijuana, cocaine,<br />
and heroin combined ($288bn)<br />
Ø At $388bn, cybercrime is more than 100 times<br />
the annual expenditures of UNICEF ($3.65bn)<br />
Cyber Crime Study, Ponemon Institute, 2011<br />
9/18
BUDGET FOR CYBERSECURITY<br />
12 <br />
10 <br />
8 <br />
6 <br />
Budget (blln. $) <br />
4 <br />
2 <br />
0 <br />
2012 2013 2014 2015 <br />
DoD budget for cyber security<br />
10/18
DoD BUDGET<br />
11/18
HOW DO WE INCREASE AWARENESS<br />
Ø To increase the awereness should we choose to <br />
try radical methods <br />
12/18
HACKER & HACKTIVITS GROUPS<br />
Anonymous Milw0rm Masters Of Deception<br />
LulzSec<br />
Network Crack<br />
Program<br />
TeaMp0isoN<br />
globalHell<br />
RedHack<br />
13/18
HAVELSAN SECURITY SOLUTION HISTORY<br />
HAVELSAN FIREWALL (1998) <br />
Ø HAVELSAN Firewall is soEware based applicaHon designed to provide «IP <br />
Packet filtering», «Intrusion DetecHon», «PrevenHng Denial of Service <br />
ASacks», «Virtual Private Network», «Network Address TranslaHon» and <br />
«AuthenHcaHon Proxy» features. <br />
Ø HAVELSAN Firewall is used by <strong>Turkish</strong> AirForce and <strong>Turkish</strong> General Staff <br />
headquarters. <br />
HAVELSAN GUARD (2001) <br />
Ø Specifically designed network cards provide air gap between outside <br />
network and inner network. OperaHon of this system resembles a diode. <br />
Ø HAVELSAN GUARD is a soEware and hardware based security system <br />
soluHon. <br />
Ø Inner and outer network communicaHon is established with a secure <br />
protocol which is developed by HAVELSAN cryptology engineers. <br />
14/18
HAVELSAN PROFESSIONAL SECURITY SERVICES<br />
Design & Review <br />
Services for Network & <br />
ApplicaOon <br />
PenetraOon Test & <br />
Vulnerability Analysis <br />
Services <br />
PROFESSIONAL <br />
SECURITY <br />
SERVİCES <br />
Monitoring & Patch <br />
Services for Network, <br />
ApplicaOons & Databases <br />
Product Consultancy <br />
15/18
HAVELSAN CYBER IMPROVEMENT PROGRAM (HCIP)<br />
Analysis<br />
Target<br />
Plan &<br />
Implement<br />
3 Dimensional Maturity Evaluation<br />
Ø Understand the Leader’s next 10<br />
Years Vision<br />
Ø Understand the Way of Doing<br />
Business and Stragies<br />
Ø Balance the KPIs<br />
Ø Cost Minimization<br />
Ø Fast Operations<br />
Ø Enterprise Trustworthiness &<br />
Credibility<br />
Ø Define the Correct Security Targets<br />
16/18
HAVELSAN CYBER ROADMAP<br />
TODAY : As an Integrator and<br />
Service Provider :<br />
Ø Professional Security Services<br />
Ø Havelsan Cyber Improvement Program (HCIP)<br />
FUTURE : Developing solutions for :<br />
Ø Cyber Security Operation and Analytics Centers<br />
Ø Product develeopment<br />
Ø SCADA Cyber security Solutions<br />
Ø Network traffic monitoring / network traffic analysis<br />
Ø Detection and logging of critical information transmission.<br />
Ø Advanced Pesistent Threat analysis tools<br />
Ø Malware analysis tools<br />
Ø Data Loss Prevention Software<br />
Ø Cyber Threat Analysis tools<br />
17/18
BEING A TRUSTED COMPANY<br />
READY FOR COLLABORATION<br />
18/18
TURKEY’S CYBER SECURITY ACTIVITIES<br />
• In October 2012, NaHonal Law is published on ExecuHng, <br />
Managing and CoordinaHon of Cybersecurity AcHviHes in <br />
Turkey <br />
• Turkey’s NaHonal Cybersecurity AcHon Plan is prepared <br />
• Rep. of Turkey TransportaHon, Shipping and CommunicaHon <br />
Ministry is leading cybersecurity acHviHes <br />
• In order to test and improve the capabiliHes against cyber <br />
aSacks, naHonal cybersecurity exercise is conducted in 2012 <br />
and 2013. 61 corporaHon is aSacked and analyzed by white <br />
hackers. The exercise is last 17 days. <br />
19/18
HOW SAFE TO RELY ON SERVICES IN THE INTERNET<br />
Ø Firewalls can protect both individual computers <br />
and corporate networks from hosHle intrusion <br />
from the Internet, but can we be protected <br />
from the firewall itself <br />
Ø How about cloud services Are they safe <br />
Ø Linkedin Facebook How far are they logging <br />
internet acHviHes <br />
20/18
IMPORTANCE OF NATIONAL PRODUCTS<br />
• Because of these concerns, naHonal <br />
cybersecurity product development is crucial. <br />
• HAVELSAN is developing naHonal cyber security <br />
products for government, military and other <br />
naHonal corporaHons which have high security <br />
concerns about commercial products <br />
21/18