You are on page 1of 18

The Philippine Context:

Cyberdefense and Cybersecurity


Engr. Pierre Tito Galla, PECE
Democracy.Net.PH
16 November 2016

CYBERDEFENSE AND CYBERSECURITY


THE PHILIPPINE CONTEXT:

DEFINITIONS

Fundamentals (simplified)
Cyberspace
The domain where
information is exchanged and
processed by electronic
means, including physical
networks, the radio frequency
spectrum, and the internet

Cyberwarfare
Warfare waged using attacks
through and by cyberspace

Cyberterrorism

Cybersecurity
The state of being able to
minimize the depth, scope,
and impact of a cyberattack

Cyberdefense
The state of being able to
minimize the depth, scope,
and impact of cyberwarfare

Terrorism performed using


attacks through and by
cyberspace
3

CYBERDEFENSE AND CYBERSECURITY


THE PHILIPPINE CONTEXT:

THREAT ASSESSMENT

Cyberattack
Modes (targeting)
Directed
Viral

Modes (warhead)
Passive measures
Active measures

Impact
Physical
Socioeconomic
Sociopolitical

Actors
Non-state actors
Nation-states
5

Cyberattack modes
(targeting and warhead)
Directed
Analogous to guided missile
attack (i.e., delivery system,
targeting system, payload)
E.g., Stuxnet malware, DDOS
attack, hack

Viral
Analogous to biological
warfare attack (i.e., vector,
infectivity, lethality)
E.g., Flame espionage
malware

Passive measures
Espionage (infect and
listen)
E.g., Flame espionage
malware

Active measures
Sabotage (code strike)
E.g., Stuxnet malware
destroying nuclear
centrifuges of Iranian
nuclear weapons program in
Natanz

Cyberattack impact
Physical
Damage to physical
infrastructure

Socioeconomic
Societal disruptions,
difficulties in day-to-day
living

Worst Case Scenario


Examples

Case Alpha
Case Bravo
Case Charlie
Case Omega

Sociopolitical
Loss of trust in
government organs
7

Cyberattack actors
Non-state actors
Generic
classification

Group

Suspected/ Confirmed Actions

Terrorist
groups

Currently unidentified

Shamoon malware attack on Saudi ARAMCO

Al-Qaeda

Reportedly developing cyberterrorist capability


against critical infrastructure

ISIS
Dissident
groups

Occupy Wall Street


movement

Suspected of various hacks against US business


infrastructure

Hacktivists

Anonymous, etc

2013 elections DDOS attack, slowing down


transmission of votes by AnonTW

LULZSEC, etc

2016 COMELEC voter registration database hack


compromising at least 50-70M identities by LULZSEC
Philippines (considered 2nd most damaging hack in
history)

Cyberattack actors
Nation-states
Nation-State

Agency/ Unit

Suspected/ Confirmed Actions

China

PLA Unit 61398

2014 hack of Yahoo, compromising 500M accounts


and identies; 2015 cyberattack on US Office of
Personnel Management and other attacks on US
infrastructure

North Korea

Bureau 121

2013 cyberattack on SoKor media and banking firms

Russia

Federal Security Service (FSB);


Ministry of Internal Affairs

2007 cyberattack against Estonia; cyberwarfare


action in parallel with kinetic action in South Ossetia
and Georgia (2008), Ukraine (2015)

Israel

IDF Unit 8200

2008, 2012 cyberattack and cyberespionage against


Iran using Stuxnet and Flame malware

United States

Office of Tailored Access Operations


(NSA); Department of Homeland
Security; US Cyber Command
(USCYBERCOM)

2008, 2012 cyberattack and cyberespionage against


Iran using Stuxnet and Flame malware

Cyberattack actors
Other nation-states reported/ suspected of
possessing cyberwarfare capability
Various degrees of capability (developed; developing;
limited)
NATO members (e.g., UK - via MI6, Germany via Computer Network
Operation Unit under BND, Netherlands, etc)
Ukraine; Brazil
Iran; Vietnam
India; Pakistan

10

CYBERDEFENSE AND CYBERSECURITY


THE PHILIPPINE CONTEXT:

CAPABILITY ASSESSMENT

Existing capability
International law,
Philippine law and
conventions, and codes
policy
None

Constitutional ban on
offensive warfare
No laid-out policy
direction

12

Existing capability
Defense/ military, law
enforcement, government
CEISSAFP, ISAFP, AFP and
DND personnel trained
via joint exercise or
schooling
DICT, CICC (policy and
investigative support;
also leverages NBI, PNP
capabilities)
No point cyberdefense
or cybersecurity unit or
agency

Civilian, non-government,
academia, business
PH-CERT
Philippine IT community;
local hacking community
Cybersecurity businesses
(private sector)
ICT advocacy groups
(policy support; subject
matter expertise)

13

CYBERDEFENSE AND CYBERSECURITY


THE PHILIPPINE CONTEXT:

PROPOSALS

Proposed solutions; status


Policy
Magna Carta for
Philippine Internet
Freedom
Includes provisions to
develop cyberdefense
and cybersecurity policy
and capability (includes
amendments to AFP
Modernization Act)
Status: pending in
Congress

Implementation/
action items
Critical infrastructure
inventory, vulnerability
audit, penetration
testing, and hardening
Development of
cybersecurity mindset
Development of
hardened
infrastructure
15

END.

16

ABOUT DEMOCRACY.NET.PH

About Democracy.Net.PH
About Democracy.Net.PH:
An ICT and civil rights advocacy movement, since 2012 Democracy.Net.PH has been actively
involved in efforts to improve Philippine ICT legislation and policy development, measures to
improve internet connectivity access and penetration, quality of service, cyberdefense and
cybersecurity, in cooperation with international, national, and local government and nongovernment organizations.

About the author:


Engr. Pierre Tito Galla, PECE, is a co-founder and co-convener of Democracy.Net.PH. A
professional electronics engineer with nearly two decades of training and experience in the
ICT sector, Engr. Galla has helped spearhead and push various ICT-related measures, such as
the proposed Magna Carta for Philippine Internet Freedom, the enactment of the
Department of Information and Communications Technology (DICT) law, draft regulations for
quality of service standards for internet connectivity, and cyberdefense, cybersecurity, and
social media policies for the private sector and for national and local government agencies,
the military, and law enforcement.

18

You might also like