Recently, the European Network and information Security Agency (ENISA) released a report on a cyber security exercise for public bodies conducted across Europe. The exercise named 'Cyber Europe 2010' was aimed at increasing understanding and coordination among countries, on handling cyber incidents.
Over 300 simulated attacks were launched to paralyze Internet connectivity. The attacks resulted in simulated loss of Internet connectivity, and necessitated cooperation between different countries to prevent simulated complete Internet crash. 22 countries participated in the exercise, while 8 countries participated as observers. The exercise was comprised of four main phases: Discovery, Attack, Recovery and Wrap-up.
The discovery phase focused on identification of requisite points of contact. The second phase involved attacks on cross border Internet Interconnection sites. The recovery phase focused on problem resolution. Countries were required to communicate with respective agencies in other countries to restore normal activity. The fourth phase required participating countries to submit a report on cooperation activities. Senders and recipients of injects were predefined.
The senders include Computer Emergency Response Team (CERT), intelligence, media, Web site admins and exercise control centre (EXCON). Injects were either sent to all participants, or all participants in a particular country or only counter crime agencies. An exercise dry run was conducted a couple of months prior to the test to resolve issues related to technicalities of tests. 86% of the participants considered dry run to be very useful.
The Pan-European cyber security exercise identified that around 55% of the countries were not confident, whether they will be able to identify the right point of contact. The agency emphasized on the need to involve private sector in such exercises, regular exercises at national level, exchange of information on lessons identified with other national and international exercises.
Proactive action is required to protect critical infrastructure facilities from cyber-attacks. Professionals qualified in masters of security science must conduct regular evaluation of information infrastructure to identify and weed out vulnerabilities. The report recommends development of national contingency plans and conducting exercises to test these plans. The report suggests further development of point of contacts across countries to ensure protection of critical information infrastructure. ENISA report also encourages further dialogue on the need for Single or multiple points of contact.
The report encourages regular meetings between agencies of different countries during seminars, conferences and exercises to build trust and improve coordination.Organizations must create awareness among employees on different types of Internet-based threats, incident management techniques and cyber security guidelines through regular workshops, training sessions, online degree and e-learning programs.
Educational institutions could collaborate with different stakeholders to develop and update online university degree courses on IT security in accordance with changes in threat profile and skill sets required by IT professionals to deal with such threats. Critical infrastructure facilities face constant threat of sophisticated cyber-attacks. Therefore, it is crucial to evolve robust mechanisms and strategies to protect critical infrastructure and counter such attacks. The mechanisms, procedures and strategies must also be tested for their effectiveness by conducting cyber security exercises at regular intervals.
.prlog.org Apr 25, 2011
Tidak ada komentar:
Posting Komentar