- Home
- About Us & Project Introduction
- What Are "Cyber Security" and "Cyber Attack"?
- Why Does Cyber Security Matter?
- International and Local Cooperation on Cyber Attacks
- Simple Steps Towards Enhanced Cyber Security
- Educating the Public
- Video Reviews & Useful Resources
- Bibliography
- Acknowledgements
International and Local (Singapore) co-operation on Cyber Attacks
International Efforts
International Organisations
The open nature of the internet makes preventing cyber attacks difficult, as such, effective international cooperation would be cruxial in the years to come.
Several international organisations have already been working on this area, and have a significant role to play in contributing to the cyber defence of its Members.
The United Nations
The International Telecommunication Union (ITU) – a UN specialized agency –have launched a Global Cyber security Agenda in 2007. Its aim is to provide all nations a template on how to handle cyber crime, such as in the tracing of internet data. In doing so, countries would be less likely to offend one another, and hopefully, work together to fight the challenges posed against cyber security.
The Council of Europe
In this convention, participating countries would recieve a fix set of definitions to follow. These definitions act as guidelines for all countries, to tell them what is to be considered outside of the law and what is within. The Council of Europe also advices countries on how to handle criminals who have broken the law according to their difinitions. The goal of this convention is to try to unify countries all over the world in the cyber context, so that all countries would adhere to the same rules, reducing the possibility of any misunderstanding, and encouraging countries to work together to catch cyber criminals.
NATO
NATO, the North Atlantic Treaty Organisation have delved into two different initiatives the CCDCoE and the CDMA:
The Cooperation Cyber Defense Center of Excellence (CCDCoE)
The CCDCoE could be alikened to a teacher, who teaches his class (NATO or invited nations) things about cyber defence. Firstly, the teacher would provide ground rules and expectations for all his students. Similarly, the CCDCoE would provide the Alliance with cyber-defence related rules, regulations and articles. It would also hold trainings and teaching courses to teach members of the Alliance, and provide assistance and guidance to nations which are under cyber-attack. Like a proffesor in the university, the CCDCoE would conduct research and studies on how to better protect the Alliance against cyber-attacks, besides its role in guidince member nations.
The Cyber Defense Management Authority (CDMA):
One could call this the counter terrorist force within NATO, just that this is in the cyber sence. The duty of the CDMA is to be a inter-alliance support group in cyber defence. It's main aim is to ensure that all member nations would be ready and capable to support one another in time of crises. While alliance nations are still in the development stage to attain this final goal, the CDMA would be the group responding to cyber attacks done against member nations. Rapid-Reaction Teams are created for this purpose and are available for the service of all member nations.
The Budapest Convention
This was the first international treaty aiming
to address cyber crime amongst nations. Created by The Council of Europe, the
convention aimed to increase cooperation amongst nations in the cybercrime
arena, as well as setting defined standards and rules across the board for all
nations to adhere to. As of October 2010, 30 countries have signed, ratified and
aceeded to the convention, while another 16 countries have signed it
only.
The International Conference on Cyber Security (ICCS)
Organised by the Federal Bureau of Investigation in conjuction with Fordham University, this conference has already been held thrice, in 2009, 2010, and earlier this year (2012) from the 9th to the 12th of January. The conference invites distinguished speakers in the fields related to cybersecurity, and brings these great minds together for panel discussions,exhuibitions, presentations, and also presenting networking opportunities for the men at the forefronts of various nations’ cyber security. In reply to theincreased demand to heighten awareness of the issue of cyber security,additional events, the Law Enforcement Workshop (LEW) and the Cyber Security Tutorial(CST), were hosted in 2010 and 2012.
Local Efforts
In Singapore, where all team members of this project currently reside, the government has taken measures to beef up the nation's defences in the face of new threats on the digital frontier. While the country has not experienced co-ordinated cyber attacks on a large scale, Singapore's reliance on the internet for commerce and communication creates a necessity for securing our networks and computers. As it is always, prevention is better than cure.
The following is a brief outline of measures taken to enhance Singapore's cyber defence capibilities:
1. $70m for Masterplan 2 starting from 2008 - 2013
The government of Singapore has invested a hefty $70 milion dollars into risk assessment, vulnerability analysis and reduction, authentication and technology assessment for government agencies. Also, funds would be used for intellectual capital development - this includes cyber security awareness of Internet users, development of professional skills and the promotion of research & development in information security.
2. SingCERT (Computer Emergency Response Team)
An organization dedicated to incident response, SingCERT is a national organization that would be called in during largescale cyber attacks on Singapore in order to investigate the cause of, and put an end to the cyberattack. SingCERT as a specialized team, can be the watchful eye of Singapore's networks.
3. Unique co-operation between business and government
As Deputy Prime Minister, Mr Teo Chee Hean has said, "the fast changing nature of cyber security threats means no country or organisation can plan and implement responses in silos." Today, Singapore remains the only country with a strong co-operation between the business and government with regards specifically to information-sharing and analysis in cyber attack incidents. The anual GovWare seminars bring together experts from the commercial world and the government to share their knowledge and learn from one another. Pat Clawson, Chairman & CEO of Lumension has praised Singapore for "creating a truly national effort" in dealing with cybersecurity issues.
As he has written, "the new entity (SISTA(Singapore Infocomm Technology Security Authority)) will be responsible for operational IT security development and implementation at the national level." Indeed, SITSA will consult for strategic government projects concerning national security; strengthen Singapore’s information and communications infrastructure; developing technology as well as providing advice on developments in security threats; and overseeing Singapore’s planning, preparedness and response to major external cyber attacks.
Quick Reference:
Artene Diana. (2011, October 25). International cyber security through co-operation. economics, managemnet, and financial markets.. Retrieved from http://www.iccs.fordham.edu/
Clawson, P. (2009, October 8). A page from singapore’s cybersecurity playbook. Retrieved from
http://blog.lumension.com/2249/a-page-from-singapores-cybersecurity-playbook/
Council of Europe. (n.d.). Convention on cybercrime. Retrieved from
http://conventions.coe.int/treaty/en/reports/html/185.htm
Council of Europe's Official Website. (n.d.). Cybercrime. Retrieved from
http://www.coe.int/t/DGHL/cooperation/economiccrime/cybercrime/default_en.asp
McGee, J. (2011, July 08). Nato and cyber defense: A brief overview and recent events. Retrieved from http://csis.org/blog/nato-and-cyber-defense-brief-overview-and-recent-events
MYRLI, S. (2009). 173 dscfc 09 e bis - nato and cyber defence. Retrieved from http://www.nato-pa.int/default.Asp?SHORTCUT=1782
Infocomm Development Authority Singapore. (2010, April 05). Infocomm Security Masterplan 2 (MP2). Retrieved from http://www.ida.gov.sg/Programmes/20060925100740.aspx?getPage [Additional resource: http://www.ida.gov.sg/doc/News%20and%20Events/News_and_Events_Level2/20080417090044/MR17Apr08MP2.pdf]
SingCERT. (n.d.) About SingCERT. Retrived from http://www.singcert.org.sg/index.php?option=com_content&view=article&id=16&Itemid=43
Singapore Global Dialogue. (2011, September 11). DPM Teo Chee Hean Opens the Singapore Global Dialogue. Retrieved from http://www.singaporeglobaldialogue.com/2011/Newsroom/MediaReleases-Sub.jsp?pressReleaseID=7
Clawson, P. (2009, October 20). Taking a Page From Singapore's Cybersecurity Playbook. Retrieved from http://threatpost.com/en_us/blogs/taking-page-singapores-cybersecurity-playbook-102009
International Organisations
The open nature of the internet makes preventing cyber attacks difficult, as such, effective international cooperation would be cruxial in the years to come.
Several international organisations have already been working on this area, and have a significant role to play in contributing to the cyber defence of its Members.
The United Nations
The International Telecommunication Union (ITU) – a UN specialized agency –have launched a Global Cyber security Agenda in 2007. Its aim is to provide all nations a template on how to handle cyber crime, such as in the tracing of internet data. In doing so, countries would be less likely to offend one another, and hopefully, work together to fight the challenges posed against cyber security.
The Council of Europe
In this convention, participating countries would recieve a fix set of definitions to follow. These definitions act as guidelines for all countries, to tell them what is to be considered outside of the law and what is within. The Council of Europe also advices countries on how to handle criminals who have broken the law according to their difinitions. The goal of this convention is to try to unify countries all over the world in the cyber context, so that all countries would adhere to the same rules, reducing the possibility of any misunderstanding, and encouraging countries to work together to catch cyber criminals.
NATO
NATO, the North Atlantic Treaty Organisation have delved into two different initiatives the CCDCoE and the CDMA:
The Cooperation Cyber Defense Center of Excellence (CCDCoE)
The CCDCoE could be alikened to a teacher, who teaches his class (NATO or invited nations) things about cyber defence. Firstly, the teacher would provide ground rules and expectations for all his students. Similarly, the CCDCoE would provide the Alliance with cyber-defence related rules, regulations and articles. It would also hold trainings and teaching courses to teach members of the Alliance, and provide assistance and guidance to nations which are under cyber-attack. Like a proffesor in the university, the CCDCoE would conduct research and studies on how to better protect the Alliance against cyber-attacks, besides its role in guidince member nations.
The Cyber Defense Management Authority (CDMA):
One could call this the counter terrorist force within NATO, just that this is in the cyber sence. The duty of the CDMA is to be a inter-alliance support group in cyber defence. It's main aim is to ensure that all member nations would be ready and capable to support one another in time of crises. While alliance nations are still in the development stage to attain this final goal, the CDMA would be the group responding to cyber attacks done against member nations. Rapid-Reaction Teams are created for this purpose and are available for the service of all member nations.
The Budapest Convention
This was the first international treaty aiming
to address cyber crime amongst nations. Created by The Council of Europe, the
convention aimed to increase cooperation amongst nations in the cybercrime
arena, as well as setting defined standards and rules across the board for all
nations to adhere to. As of October 2010, 30 countries have signed, ratified and
aceeded to the convention, while another 16 countries have signed it
only.
The International Conference on Cyber Security (ICCS)
Organised by the Federal Bureau of Investigation in conjuction with Fordham University, this conference has already been held thrice, in 2009, 2010, and earlier this year (2012) from the 9th to the 12th of January. The conference invites distinguished speakers in the fields related to cybersecurity, and brings these great minds together for panel discussions,exhuibitions, presentations, and also presenting networking opportunities for the men at the forefronts of various nations’ cyber security. In reply to theincreased demand to heighten awareness of the issue of cyber security,additional events, the Law Enforcement Workshop (LEW) and the Cyber Security Tutorial(CST), were hosted in 2010 and 2012.
Local Efforts
In Singapore, where all team members of this project currently reside, the government has taken measures to beef up the nation's defences in the face of new threats on the digital frontier. While the country has not experienced co-ordinated cyber attacks on a large scale, Singapore's reliance on the internet for commerce and communication creates a necessity for securing our networks and computers. As it is always, prevention is better than cure.
The following is a brief outline of measures taken to enhance Singapore's cyber defence capibilities:
1. $70m for Masterplan 2 starting from 2008 - 2013
The government of Singapore has invested a hefty $70 milion dollars into risk assessment, vulnerability analysis and reduction, authentication and technology assessment for government agencies. Also, funds would be used for intellectual capital development - this includes cyber security awareness of Internet users, development of professional skills and the promotion of research & development in information security.
2. SingCERT (Computer Emergency Response Team)
An organization dedicated to incident response, SingCERT is a national organization that would be called in during largescale cyber attacks on Singapore in order to investigate the cause of, and put an end to the cyberattack. SingCERT as a specialized team, can be the watchful eye of Singapore's networks.
3. Unique co-operation between business and government
As Deputy Prime Minister, Mr Teo Chee Hean has said, "the fast changing nature of cyber security threats means no country or organisation can plan and implement responses in silos." Today, Singapore remains the only country with a strong co-operation between the business and government with regards specifically to information-sharing and analysis in cyber attack incidents. The anual GovWare seminars bring together experts from the commercial world and the government to share their knowledge and learn from one another. Pat Clawson, Chairman & CEO of Lumension has praised Singapore for "creating a truly national effort" in dealing with cybersecurity issues.
As he has written, "the new entity (SISTA(Singapore Infocomm Technology Security Authority)) will be responsible for operational IT security development and implementation at the national level." Indeed, SITSA will consult for strategic government projects concerning national security; strengthen Singapore’s information and communications infrastructure; developing technology as well as providing advice on developments in security threats; and overseeing Singapore’s planning, preparedness and response to major external cyber attacks.
Quick Reference:
Artene Diana. (2011, October 25). International cyber security through co-operation. economics, managemnet, and financial markets.. Retrieved from http://www.iccs.fordham.edu/
Clawson, P. (2009, October 8). A page from singapore’s cybersecurity playbook. Retrieved from
http://blog.lumension.com/2249/a-page-from-singapores-cybersecurity-playbook/
Council of Europe. (n.d.). Convention on cybercrime. Retrieved from
http://conventions.coe.int/treaty/en/reports/html/185.htm
Council of Europe's Official Website. (n.d.). Cybercrime. Retrieved from
http://www.coe.int/t/DGHL/cooperation/economiccrime/cybercrime/default_en.asp
McGee, J. (2011, July 08). Nato and cyber defense: A brief overview and recent events. Retrieved from http://csis.org/blog/nato-and-cyber-defense-brief-overview-and-recent-events
MYRLI, S. (2009). 173 dscfc 09 e bis - nato and cyber defence. Retrieved from http://www.nato-pa.int/default.Asp?SHORTCUT=1782
Infocomm Development Authority Singapore. (2010, April 05). Infocomm Security Masterplan 2 (MP2). Retrieved from http://www.ida.gov.sg/Programmes/20060925100740.aspx?getPage [Additional resource: http://www.ida.gov.sg/doc/News%20and%20Events/News_and_Events_Level2/20080417090044/MR17Apr08MP2.pdf]
SingCERT. (n.d.) About SingCERT. Retrived from http://www.singcert.org.sg/index.php?option=com_content&view=article&id=16&Itemid=43
Singapore Global Dialogue. (2011, September 11). DPM Teo Chee Hean Opens the Singapore Global Dialogue. Retrieved from http://www.singaporeglobaldialogue.com/2011/Newsroom/MediaReleases-Sub.jsp?pressReleaseID=7
Clawson, P. (2009, October 20). Taking a Page From Singapore's Cybersecurity Playbook. Retrieved from http://threatpost.com/en_us/blogs/taking-page-singapores-cybersecurity-playbook-102009