OUTLINE

The Strategic Roles of Indonesia ICT Indonesia ICT Numbers and Facts Three Dimensions of Cyber Threat Cases of Cyber Warfare/Attack Is Indonesia Under Attack??? Obstacles and Challenges of Indonesia National Cyber Security Six Priorities Strategy of Indonesia National Cyber Security Conclusion
2

THE STRATEGIC ROLES OF ICT FOR INDONESIA

ICT is an important infrastructure for citizens

ICT is a trigger for economic growth and productivity

ICT is a strategic sector and Government valuable assets

INDONESIA IS THE 4TH LARGEST MOBILE SUBSCRIBERS

Jumlah Pelanggan Telepon Seluler Dunia - 2011

1st
986 Juta

2nd
893 Juta

With 249 million subscribers in 2011, Indonesia is the 4th largest mobile market in the world.

3rd
290 Juta

4th
249 Juta

5th
244 Juta

6th
236 Juta

China

India

USA

Indo

Brazil

Rusia

China

India

USA

Indonesia

Brazil

Russia

sources: cia.gov (last updated April 2013)

4

INDONESIA IS THE 8TH LARGEST INTERNET USERS

Jumlah Pengguna Internet Dunia - 2011

1st
538 Juta

In 2011, the number of internet users in Indonesia is around 55 million. Internet users in Indonesia also are highly social and active. Indonesia is the 3rd largest facebook users and the 5th largest twitter users in the world.

2nd
245 Juta

3rd
137 Juta

4th
101 Juta

5th
88 Juta

6th
67 Juta

7th
67 Juta

8th
55 Juta

9th
52 Juta

10th
52 Juta

China

USA

India

Japan

Brazil

Rusia

Germany

Indonesia

UK

France

China

USA

India

Japan

Brazil

Russia

Germany

Indonesia

UK

France

sources: internetworldstats.com (last updated April 2013)

5

THREE DIMENSIONS OF CYBER THREAT/ATTACK

Cyber threat/attack can be divided into three dimensions. These threats potentially destroying the economy and destabilize the country's security.
6

Social/ Cultural Attack

Sources: Indonesia National ICT Council, DETIKNAS 2013

CASES OF CYBER WARFARE/ATTACK

Russia-Georgia Cyber warfare 2008

Wikileaks
And many more...
7

STUXNET Estonia Cyber Attack 2007

IS INDONESIA UNDER ATTACK???

Over the last three years, Indonesia was attacked 3,9 millions in cyber space. (Sources: Minister of ICT, April 3rd, 2013). During January-October 2012, The most attacked website is Government websites/domain: go.id (Sources: ID-SIRTII, 2012).

Sources: ID-SIRTII

Sources: Detikinet, 2013

OBSTACLES AND CHALLENGES OF INDONESIA NATIONAL CYBER SECURITY

Lack of Awareness in Information Security

Vision of Cyber Security not Intregated

Cyber Law and Policy not Completed

Quantity and Quality of Information Security Human Resources are Limited

Obstacles and Challenges of National Cyber Security

Governance and Organization of National Cyber Security not Synergized

Application, Data and Infrastructure of Information Security not Integrated

ICT Critical Infrastructure Protection Mechanisms and Standards not exist

Weakness of Coordination and Cooperation between Agency

Sources: Indonesia National ICT Council, DETIKNAS 2013

Indonesia National Cyber Security Conceptual Framework (INCS)

Leadership International Cooperation Technical and Procedural Organization Structures Shared responsibilities Security Strategic Level Capacity Building Availability Integrity Confidentiality

Partnership

Security Tactical Level

Control

Security Operational Level Risk Management

Execute

Legal

Direct

Sources: Indonesia National ICT Council, Detiknas 2012

10

10

10

SIX PRIORITY STRATEGIES OF INDONESIA NATIONAL CYBER SECURITY

Security and Sovereignty in Indonesia Cyber Space

Strengthening Policies and Regulations

Establishment of Governance and Organization

Critical Infrastructur e Protection

Implementat ion of System and Technology

Capacity Building for Human Resources

International Collaboration and Cooperation

Sources: Indonesia National ICT Council, DETIKNAS 2013

11

PRIORITY I: STRENGTHENING POLICIES AND REGULATIONS

POLICIES & REGULATIONS RELATED TO INFORMATION SECURITY IN INDONESIA

Telecommunication Act No. 36/1999
Information Transaction Electronic Act No. 11/2008 Implementation Of Telecommunications Government Regulation No. 52/2000 Organizational structure of information security Ministerial Regulation PM 17/PER/M.KOMINFO
National Act:2 Government Regulation:1 Ministerial Regulation:2 Ministerial Decree:2 Ministerial Letter:3

IP-based network security Ministerial Regulation No. 16/PER/M.KOMINFO/10/2010 CA Supervisory Board ad hoc team Ministerial Decree No. 197/KEP/M.KOMINFO/05/2010 Information security coordination team Ministerial Decree No. 33/KEP/M.KOMINFO/04/2010 Web server security Ministry Letter

Wifi Security Ministry Letter Guidelines for the use of ISO 27001 Ministry Letter

POLICIES & REGULATIONS RELATED TO INFORMATION SECURITY IN INDONESIA (2)

Criminal cases related to cyber crime in Indonesia could also be punished with:
Criminal Procedural Law Codex (UU KUHAP), Pornography Act (UU Antipornografi No. 44/2008), Copyright Act (UU Hak Cipta No. 19/2002), Consumer Protection Act (UU Perlindungan Konsumen No. 8/1999).

14

POLICIES & REGULATIONS FRAMEWORK

e-Commerce; Trademark/Domain; Privasi dan keamanan di internet (Privacy and Security on the internet); Hak cipta (Copyright); Pencemaran nama baik (Defamation); Pengaturan isi (Content Regulation); Penyelesaian Perselisihan (Dispel Settlement). Infrastruktur TIK Kritis Nasional (ICT Critical Infrastructure)
International Law Enforcement Cooperation
15

Scope of Cyber Security Laws:

Prescribe Jurisdiction

Enforcement Responsibility Substantive Law

Procedural Law Prosecutorial Authority

Sources: Indonesia National ICT Council, Detiknas 2012

PRIORITY II: ESTABLISHMENT OF GOVERNANCE AND ORGANIZATION

THE CONCEPT OF NCS ORGANIZATION STRUCTURE

The Concept of Indonesia NCS organization structure consists of multiorganization. INCS organization contains of skilled, proficient, and experienced employees with prosperous information security knowledge inside their parts of specialization.
Sources: Indonesia National ICT Council, DETIKNAS 2013

17

COMPARISON OF CYBER SECURITY ORGANIZATION

Level Strategic Australia Cyber Security Policy and Coordination Committee (Lead Agency: The Attorney-Generals Department) Function: interdepartmental committee that coordinates the development of cyber security policy for the Australian Government. Tactical Cyber Security Operations Centre (CSOC) (Under Directorate: Defense Signals Directorate) Function: provides the Australian Government with all-source cyber situational awareness and an enhanced ability to facilitate operational responses to cyber security events of national importance. Operational CERT Australia UK Office of Cyber Security (OCS) function: to provide strategic leadership for and coherence across Government; Indonesia Undefined

Cyber Security Operations Centre (CSOC) Function: actively monitor the health of cyber space and co-ordinate incident response; to enable better understanding of attacks against UK networks and users; to provide better advice and information about the risks to business and the public. GovCertUK

Undefined

ID-SIRTII GovCert ID-Cert

18

INDONESIA NATIONAL CYBER SECURITY ORGANIZATION STRUCTURE FRAMEWORK

Sources: Indonesia National ICT Council, DETIKNAS 2013

19

ORGANIZATION MAPPING RECOMENDATION

Coordinator
Coordination

KEMENKOPOLHUKAM

Sources: Indonesia National ICT Council, DETIKNAS 2013

Homeland Security
Protect cyberspace environment

Intelligence
Preventive and capacity building

Defense
Protect militer cyberspace environment

Law Enforcement
Investigation and Prosecution of criminal in cyberspace

KEMKOMINFO

BIN

LEMSANEG KEMDIKBUD

KEMHAN

TNI

POLRI

KEJAKSAAN

Coordinator-Incident Response Team

Gov-Cert

ID-ACAD-CSIRT

ID CERT

...... 20

PRIORITY III: CRITICAL INFRASTRUCTURE PROTECTION

DEFINITION OF NATIONAL ICT CRITICAL INFRASTRUCTURES

ICT Critical National Infrastructures are assets, services, objects in the form of phyical or logical that involving the livelihood of many people, national interests and/or revenue of country that are strategic, in case of threats and attacks cause more loss of lives, destabilizing political, social, cultural and national economy as well as the sovereignty of the nation. (DETIKNAS, 2013) Criteria of the National Critical ICT Infrastructure must fulfill one, some or all of the following characteristics:
Threats and attacks resulted in disaster/many lost lives. Threats and attacks result in chaos in the national society. Threats and attacks cause disruption of governmental operation. Threats and attacks resulting in the loss of reputation, income and state sovereignty.

IMPACT LEVEL OF CYBER ATTACK

Motivation Actor(s) APT/Nation State Insider Money, Espionage, Skills for Employment, Fame, Entertainment, Hacktivism, Terrorism and War Terrorism Criminals Medium Hacker Groups Hacker Low may result in the costly loss of tangible assets or resources; may violate, harm, or impede an organizations mission, reputation, or interest; may result in human injury. High Impact Level may result in the highly costly loss of major tangible assets or resources; may significantly violate, harm, or impede an organizations mission, reputation, or interest; may result in human death or serious injury.

Noob/Script Kiddy

may result in the loss of some tangible assets or resources may noticeably affect an organizations mission, reputation, or interest.

Sources: Indonesia National ICT Council, DETIKNAS 2013

23

CRITICAL INFRASTRUCTURE SECTORS

Sector Lead Agency

Energi dan Sumberdaya Mineral ICT

Transportasi Kesehatan
Sources: Indonesia National ICT Council, DETIKNAS 2013

Kementerian ESDM Kementerian Kominfo

Kementerian Perhubungan Kementerian Kesehatan Sekretariat Negara/Sekretariat Kabinet Kementerian Keuangan

Pemerintahan Keuangan dan Bank

Agrikultur Pertahanan dan Industri Strategis

Administrasi dan Pelayanan Publik Penegak Hukum Sosial, Budaya dan Agama

Kementerian Pertanian Kementerian Pertahanan, Kementerian BUMN

Kementerian Dalam Negeri, Kementerian Hukum & HAM POLRI, Kejaksaan RI, KPK Kementerian Agama dan Kementerian Sosial
24

PRIORITY IV: IMPLEMENTATION OF SYSTEM AND TECHNOLOGY

LAYERS OF CYBER
Data Application

Host
Internal Network External Network

Implementation of cyber security technologies and processes performed at each layers. Cyber security at every layer is called defense in depth. Defense in Depth strategy is to achieve the main objectives of security, namely Availability, Integrity, Confidentiality (AIC Triad).

IMPLEMENTATION OF DEFENSE IN DEPTH INFORMATION SECURITY

DMZ VPN Logging Auditing Penetration Testing Vulnerability Analysis Firewalls

Proxy
Logging Stateful Packet Inspection Auditing Penetration Testing Vulnerability Analysis

IDS IPS Logging Auditing Penetration Testing Vulnerability Analysis Authentication Antivirus IDS IPS Password Hashing Logging Auditing Penetration Testing Vulnerability Analysis SSO Content Filtering Data Validation Auditing Penetration Testing Vulnerability Analysis Encryption Access Controls Backup Penetration Testing

Vulnerability Analysis

External Network

Network Perimeter

Internal Network

Host

Application

Data

Sources: Jason Andress, 2011 (modified)

NEXT GOVERNMENT TECHNOLOGY IMPLEMENTATION RELATED TO NATIONAL CYBER SECURITY

Government Integrated Data Center

Goverment Secure Network

Government Public Key Infrastructure

28

PRIORITY V: CAPACITY BUILDING FOR HUMAN RESOURCES

BUILDING INTEGRATED AND SUISTAINED HUMAN RESOURCES DEVELOPMENT PROGRAM

Sources: Indonesia National ICT Council, DETIKNAS 2013

CAPACITY BUILDING: AWARENESS

One-way communic ation

Awareness

Two-way interactive communic ation

31

CAPACITY BUILDING: AWARENESS - ONE-WAY

COMMUNICATION

One-way communication (text, multimedia)

Methods

Film, Music, Poster, dll

Object

Wide range, tends to bore, relatively cheap cost and affordable

Effectively

CAPACITY BUILDING: AWARENESS - TWO-WAY

INTERACTIVE COMMUNICATION

Two-way interactive communication (hypermedia)

Methods

FGD, Interactive Workshops, Video Games, e-learning.

Object

Limited range, to be effective in changing the culture of behavior, cost of expensive

Effectively

PRIORITY VI: INTERNATIONAL COLLABORATION AND COOPERATION

MEMBER OF INTERNATIONAL ORGANIZATION

Join, participate, and ratify with international collaboration and cooperation. Currently Indonesia become full member of:
Asia Pacific and APCERT FIRST (Forum for Incident Response and Security Team) of the world. Organisation of the Islamic Conference-CERT (OIC-CERT)

35

CONCLUSIONS
Securing Indonesia Cyberspace is essential to create conducive and sustainability environment. Indonesia Cyberspace has to be secured and sovereigned. Indonesia needs a national cyber security strategy in order to focus on the development cyber security program. National Cyber Security is a very complex problem, collaboration and cooperation with all stakeholders are needed. Organization of Indonesia National Cyber Security (I-NCS) need to be established.
36

Thank You
www.detiknas.org info@detiknas.org 2013

37