Skip to main content

CYBER WARFARE- international concern


Today cyber security is a major concern for all countries and all nations need to be prepared for a massive attack that will take down their facilities. In traditional war the attacker starts by using air force to target critical systems in the country, this operation will make the enemy out of control of his army and decrease the communication in the country.Technology is changing and I think that cyber-attack going to be the first operation in any traditional war.  If you penetrate their cyberspace first  you will be able to gather very important information that can be used in the war, for example, number of soldiers, number of airports and types of systems used in the army communication etc…
Many countries may feel they are not going to be affected by this type of warfare as they have no political conflicts but this is not true.  For example, the cyber war between Pakistan and India where they used online search engines to identify vulnerable websites in Africa to deface them and transmit  messages regarding the situation in the region.

To protect cyberspace it is very important to create a national strategy for all countries citizens that will include an action plan to protect their cyber borders.   The first thing is identifying what we are looking to protect for example 
hospitals , ministries , governmental institutions, media establishments , personal information and so on.


Next, we apply security standards and best practices to guarantee the confidentiality, integrity and availability of information at these organizations, by conducting a constant audit of the existing information systems.  The audits can be twice a year or more, this will help us to understand if we are vulnerable to cyber-attacks or not.

During the cyber-attack all people are involved, so we need to create a cybersecurity awareness and training program for individuals including the small family.  We can create a kind of cartoons to transmit the information to children’s or movies for parents.  This will raise the security awareness and make them educated about cyber-attack weapons like malwares. Training of technical staff is also important to acquire the knowledge of how to make our systems protected and what kind of threats are facing cyberspace.Vulnerabilities are discovered on a daily bases and this makes the vulnerability assessment and penetration testing an important part of the strategy to make your system as much as possible, free from new bugs discovered in different software packages.  This can be by alerting all citizens of new vulnerabilities via mailing lists and how it is possible to fix these vulnerabilities.

Also Implementing honeypots for catching and detecting infected machines in the national cyberspace and launching a cyber-security community coordination (such as Honeynet project (1), Shadowserver(2), CERT’s (3)) to mitigate malware threats. This coordination can help by learning from other countries experience in defending their cyber boarders. Clean-up services is a very important activity that makes your cyber space safe, we can imagine the number of bot networks existing in the world and they may be used in a cyber-attack at any moment. Removing malwares from infected hosts will mitigate this threat by providing free tools and assistance if they are required by victims.Finally, an important question that many ask is how prepared are 

we for cyber-warfare? 

The answer is that we are finding a very promising situation that needs laws  The and priorities for cyber security cooperation in the international community. Many stakeholders understand the importance of protecting cyber-space to make it clean from malwares and cybercriminals.



Reference:
(1) The Honeynet Project http://www.honeynet.org/
(2) Shadowserver http://www.shadowserver.org/wiki/
(3) CERT-CC http://www.cert.org/ (3)
About Author :
Mourad Ben Lakhoua is an Information Security practitioner.
Admin at www.sectechno.com | info@sectechno.com


Comments

Popular posts from this blog

CIA Triad for- Base of Information security

The essential security principles of confidentiality, integrity, and availability are often  referred to as the  CIA Triad. All security controls must address these principles. These three  security principles serve as common threads throughout the CISSP CBK. Each domain  addresses these principles in unique ways, so it is important to understand them both in  general terms and within each specific domain: Confidentiality is the principle that objects are not disclosed to unauthorized subjects. Integrity is the principle that objects retain their veracity and are intentionally modified by  authorized subjects only. Availability is the principle that authorized subjects are granted timely access to objects  with sufficient bandwidth to perform the desired interaction. Different security mechanisms address these three principles in different ways and offer varying  degrees of support or application of these principl...

10 Steps to Become a Top Information Security Professional: A Comprehensive Guide

In 2024, the demand for skilled information security professionals is higher than ever. As cyber threats continue to evolve, organizations around the globe are in desperate need of experts who can safeguard their critical data and systems. If you're aspiring to become one of the best in the field, you're in the right place. This comprehensive guide outlines ten essential steps to help you build a successful career in information security. From foundational education to advanced certifications, hands-on experience, and continuous learning, we'll cover everything you need to know to excel and stand out in this dynamic industry. Let's embark on your journey to becoming a top-tier information security professional. 1. Foundation in Computer Science Degree : Obtain a degree in computer science, information technology, or a related field. This will provide you with a strong foundational knowledge. Programming : Learn multiple programming languages such as Python, C++, Java, a...

My Article :- હેકર બનવું છે? કઈ રીતે?

મારી ૨ વર્ષ ની કારકિર્દી માં મને કેટલાય  લોકોએ, ખાસ કરીને કોલેજ ના વિદ્યાર્થીઓએ ઘણી વાર પૂછ્યું છે કે "મારે હેકર બનવું છે. તો હું શું કરું? " અને મારા બ્લોગ્સ માં પણ પૂછવામાં આવે છે કે એક સારો હેકર કઈ રીતે બની શકાય? એવું હું શું કરું અથવા તો મારા માં કઈ લાયકત હોવી જોઈએ એક હેકર બનવા માટે? આ પ્રશ્ન નો સંતોષકારક જવાબ આપવા માટે મેં internet પર શોધખોળ કર્યા પછી મને જે કઈ માહિતી મળી તેને હું આજે અહી રજુ કરું છું. મિત્રો, સૌપ્રથમ હેકર કઈ રીતે બનવું એ જાણવા પહેલા એ જાણવું જરૂરી છે કે ખરેખર હેકિંગ શું છે ? અને હેકર કોને કહેવાય. હેકિંગ ની સીધી અને સરળ વ્યાખ્યા નીચે મુજબ છે.  "તમારા કમ્પ્યુટર,નેટવર્ક(ઈન્ટરનેટ કે LAN દ્વારા) કે કોઈ ડીવાઈસ માં (ફોન, ટેબ્લેટ) માં કરવામાં આવતા ગેરકાયદેસર પ્રવેશ અને ઉપયોગ એ હેકિંગ કહેવાય છે."અને હેકિંગ કરતા લોકોને હેકર કહેવાય છે. હવે તમને થશે કે આવું શું કામ કરવું જોઈએ? આ તો ક્રાઈમ છે. તો તમને જણાવી દઉં કે હેકર મુખ્યત્વે ૨ પ્રકારના હોય છે.    વાઈટ હેટ હેકર્સ (એથીકલ હેકર્સ) : ધારો કે તમે તમારો ફેસબુક નો પાસવર્ડ ભૂલી ગયા(ખરેખર ના ભૂલતા ક્યારેય..)કે ત...