Overview of ITU Cybersecurity Activities

“NGN Migration Strategies and

Access Modernization”

26 May 2011
Dhaka
Sameer Sharma

Senior Advisor
ITU Regional Office for Asia and the Pacific

1
 Agenda

 Why Cybersecurity?
 Role of ITU in Cybersecurity
 Global Cybersecurity Agenda
 Technical Assistance for Members
 Conclusions

2
Why Cybersecurity?
 With more than 2 billion people connected to Internet, ICT is
driving force for today‟s economic growth
 Misuse of advances in technology and absence of truly global
and multi-stakeholder strategies to address the global
challenge, are threatening the collective benefits we as
citizens of the information society should obtain
 Financial losses run into billions of dollars both from fraud on
Internet and cost of rebuilding networks that suffered cyber
attacks
 Cybersecurity and cyber-peace are the most critical concerns
of modern information age

3
 Global Cybersecurity Threats

 Malware (Trojans, Botnets, Worms, etc)

 Insider Threats (Rogue Employees, Unskilled Employees or
Careless employees)
 Vulnerability Exploitations
 Mobile Devices (USB Devices, External Drives, Mobile Phones)
 Social Networking
 Social Engineering
 0-Day Exploits
 Cloud Security
 Industrial Espionage
http://insidetech.monster.com/benefits/articles/8056-the-top-10-
information-security-threats-of-2010
Global Cybersecurity Challenges

 Constant evolution of the nature of cyber-threats

 Vulnerabilities in software and hardware
applications and services
 Low entry barriers and increasing sophistication
of the types of cybercrime committed
 Loopholes in current legal frameworks
 Absence of appropriate organizational structures
 Inadequate cooperation among the various
stakeholders

6
Global Cybersecurity Cooperation
The lack of cybersecurity is
global problem that cannot be
solved by any single entity alone!

The world is faced with the challenging

task of developing harmonized and
comprehensive strategies
at the global and international level
and implementing these with the various
relevant national, regional, and
international stakeholders
in the countries

7
Role of ITU in Cybersecurity
Cybersecurity: ITU Strategic Direction
Cybersecurity – One of the Top Priorities of ITU

WSIS Action Line C5:

Building confidence and security in use of ICTs
 A fundamental role of ITU, following the World Summit
on the Information Society and outcome of the 2006
ITU PP Conference, is to build confidence and security
in the use of ICTs
 At the WSIS, world leaders and governments
designated ITU to facilitate the implementation of WSIS
Action Line C5, “Building confidence and security in the
use of ICTs”
 In this capacity, ITU is seeking consensus on a
framework for international cooperation in cybersecurity
to reach a common understanding of cybersecurity
threats among countries at all stages of economic
development

9
ITU Development Programs (2011-14)

Information and communication infrastructure

Programme 1 and technology development

Cybersecurity, ICT Applications and IP-

IP-based
Programme 2
network--related issues
network

Programme 3 Enabling Environment

Programme 4 Capacity Building and digital inclusion

Least developed countries, countries in special need,

Programme 5 emergency telecommunications and climate change adaptation
 Resolution 45 (Rev. Hyderabad, 2010)
Mechanisms for enhancing cooperation on cybersecurity, including
countering and combating spam

 Organize, with TSB, meetings of Member States, Sector in

conjunction with Programme 2 and based on member
contributions, and in collaboration Members and other
appropriate relevant stakeholders to discuss ways and means to
enhance cybersecurity;
 Carry out studies on strengthening the cybersecurity of
developing countries based on a clear identification of their needs
protection of children and youth;
 Support Member States' initiatives regarding mechanisms for
enhancing cooperation on cybersecurity;
 Assist the developing countries in enhancing their states of
preparedness to ensure a high and effective level of security for
their critical telecommunication/ICT infrastructures;
 Assist Member States in the establishment of an appropriate
framework between the developing countries allowing rapid
response to major incidents, and propose action plan to increase
protection
ITU Global Cybersecurity Agenda
GCA: From Strategy to Action

1. Legal Measures 2. Technical and

ITU Toolkit for Cybercrime Legislation Procedural Measures
ITU Publication on Understanding ITU Standardization Work
Cybercrime: A Guide for Developing ICT Security Standards Roadmap
Countries ITU-R Security Activities
Global ITU-T Study Group 17
Cybersecurity ITU-T Study Group 2
Agenda (GCA)
3. Organizational Structures
ITU-IMPACT Collaboration
National CIRT establishment 5. International Cooperation
ITU High-Level Expert Group (HLEG)
ITU-IMPACT Collaboration
ITU Cybersecurity Gateway
4. Capacity Building
ITU‟s Child Online Protection (COP)
ITU National Cybersecurity/CIIP Self-Assessment Tool Collaboration with UNICEF, UNODC,
ITU Toolkit for Promoting a Culture of Cybersecurity UNICRI, UNICITRAL and UNDIR
ITU Botnet Mitigation Toolkit and pilot projects

IMPACT Training and Skills Development Centre

IMPACT Research Division

13
13
 1. Legal Measures
Summary of objective:

 Harmonization of legal frameworks and the

elaboration of strategies for the development of
cybercrime legislation that
is globally applicable
and interoperable with
existing national/regional
legislative measures.

Related activities/initiatives:

 ITU Cybercrime Legislation

Resources
 Capacity building and training
 Regional workshops and events

14
 Examples of Recent Initiatives

ITU Toolkit for Cybercrime Legislation

aimed at providing countries with sample
legislative language and reference material
that can assist in the establishment of
harmonized cybercrime laws and
procedural rules.

ITU Publication on Understanding

Cybercrime: A Guide for Developing
Countries provides a comprehensive
overview of the most relevant topics
linked to the legal aspect of cybersecurity
and cybercrime

 www.itu.int/ITU-D/cyb/cybersecurity/legislation.html
15
2. Technical and Procedural Measures

Summary of objective:

 Development of strategies for the

establishment of globally accepted security
protocols, standards, minimum security
criteria and accreditation schemes for
hardware and software applications and
systems
Related activities/initiatives:

 ITU Standardization Work

 ITU-T Study Group 17
 ICT Security Standards Roadmap
promoting collaboration between
regional/ international organizations and
standards bodies
 ITU Radiocommunications security
activities
 IMPACT Collaboration services, etc.
 Country direct assistance activities
16
Role of ITU-T

 Plenipotentiary Resolution 130 (2006),

Strengthening the role of ITU in building
confidence and security in the use of information
and communication technologies – Instructs
Director of TSB to intensify work in study groups,
address threats & vulnerabilities, collaborate, and
share information
 Plenipotentiary Resolution 149 (2006), Study of
definitions and terminology relating to building
confidence and security in the use of information
and communication technologies - Instructs
Council to study terminology

17
ITU-T Global Initiatives: Cybersecurity
WTSA--08 Res. 50 “Cybersecurity”
WTSA

 Resolved to prepare, in building upon the information base

associated with the ICT Security Standards Roadmap and
the ITU-D efforts on cybersecurity, … the worldwide
harmonization of strategies and approaches in this
critically important area;
WTSA--08 Res. 52 “Countering and combating spam”
WTSA
 Instructed TSB Director to continue to cooperate with the
Secretary-General's initiative on cybersecurity and with
the BDT .. in relation to any item concerning
cybersecurity in accordance with Res. 45 (Doha, 2006).

WTSA-08 Res. 58 “National Compute Incident

WTSA-
Response Teams”
 Instructed TSB Director … to facilitate collaboration
between national CIRTs, such as capacity building and
exchange of information, within an appropriate
framework.

18
Cybersecurity Study Group Activities in
ITU-T (Standardization)
 ITU standardization activities are organized under “Study
Groups” that focus on different topic areas (e.g.,security,
access & transport networks, multimedia, signalling,
numbering, naming and addressing, tariffs, IP and NGN).
 These compose a unique forum for public-private partnerships
 Cooperation and collaborative activities exist with many
organizations and forums, including regional telecom
forums, IETF, ISO,IEC, ETSI, etc.
 Examples of specific ITU-T activities related to
cybersecurity and Child Online Protection include:
 Study Group 17 – Security has primary focus on
communication security and is the Lead Study Group on
security for ITU-T
 Study Group 2 – Operational aspects of service provision and
telecommunication management works on harmonizing
numbering resources for child helplines

19
 ITU-R : Cybersecurity Initiatives
 Radio spectrum global frequency management is increasingly
important for building confidence and security and creating an
enabling environment in the use of ICTs.
 ITU-R plays a central role in facilitating complex
intergovernmental negotiations needed to develop legally binding
agreements between sovereign states in an increasingly „unwired‟
world.
 Mobile handheld devices are widely used by children and young
people and therefore merit extra attention when it comes to
security.
 Some examples of ongoing activities include:
 Recommendation ITU-R M.1457 “Security mechanism
incorporated in IMT-2000”
 Recommendation ITU-R M.1645 “Framework and overall
objectives of the future development of IMT-2000 and systems
beyond IMT-2000”
 Recommendation ITU-R M.1223 “Evaluation of security
mechanism for IMT-2000”
 Recommendation ITU-R M.1078
“Security principles for IMT-2000”

20
3. Organizational Structures
Summary of objective:

 Elaboration of global strategies for

the creation of appropriate national
and regional organizational structures
and policies on cybercrime, watch,
warning and incident response,
generic and universal identity system
Related activities/initiatives:

 IMPACT collaboration related

services
 Development of national
computer incident response
teams (CIRTs) and related
training
 Capacity building and training
 Regional workshops and events
 Country Specific assistance

21
 ITU-IMPACT Collaboration
IMPACT is the physical home for the GCA, providing expertise and facilities
for all ITU Member States to address global cyber-threats

Global Response Centre (GRC)

Threat information aggregation and dissemination expert collaboration

Training & Skill Development

Security skills training for Member States

Security Assurance & Research

International benchmarks for Member States Collaborative research on
cyber-threats.
PARTNERS

Centre for Policy and International Co-operation

Advisory services on cybersecurity policy and regulations for Member States

22
4. Capacity Building
Summary of Objective:

 Development of global strategies to

facilitate human and institutional
capacity building across all relevant
aspects of cybersecurity

Related Activities/Initiatives:

 ITU National Cybersecurity/ CIIP

Self-Assessment Tool
 ITU Toolkit for Promoting a
Culture of Cybersecurity
 ITU Botnet Mitigation
Toolkit and pilot projects
 IMPACT Training and Skills
Development Centre
 IMPACT Research Division
 Capacity building and training for
all pillars in the GCA
 Targeted workshops and events 23
Examples of Some Ongoing Initiatives
ITU National Cybersecurity/CIIP Self–
Assessment Tool aimed at assisting
governments in examining existing national
policies, procedures, norms, institutions and
other elements necessary for formulating
security strategies in an ever-changing ICT
environment.

The Cybersecurity Guide for Developing

Countries a basic and easy-to-use information
resource which provides an initial understanding
of the different dimensions of cybersecurity, and
some possible solutions scenarios.
ITU Regional Cybersecurity Forums
8 regional cybersecurity events held in 2007 and
2008 in all regions.
ITU Regional Cybersecurity Forum for Africa and Arab States
held in Tunisia, 4-5 June 2009

 www.itu.int/ITU-D/cyb/events/
24
5. International Cooperation
Summary of Objective:
 Development of proposals to enhance
international dialogue on issues that
pertain to cybersecurity and enhance
cooperation and coordination across all
relevant activities
Related Activities/Initiatives:
 ITU Secretary-General High Level
Expert Group (HLEG) deliverables
 ITU-International Multilateral
Partnership Against
Cyber Threats (IMPACT) collaboration
 ITU Cybersecurity Gateway
 World Telecommunication and Policy
Forum WTPF 2009 opinions (Opinion
1: Internet–related public policy
issues)
 Regional cybersecurity forums

25
 ITU has been working with some COP members to develop
initial sets of guidelines for the different stakeholders.

Guidelines for parents, guardians and

Guidelines for industry educators
Children’s Charities’ Coalition on Children’s Charities’ Coalition on Internet
Internet Safety (CHIS) Safety (CHIS)
GSM Association University of Edinburgh, United Kingdom
European Broadcasting Union (EBU) Insafe Network
INTERPOL European Network and Information
AfrISPA Security Agency (ENISA)
Telecom Italia European Commission’s Safer Internet
Vodafone programme
Cyber Peace Initiative

Guidelines for policy-makers

Guidelines for children
Children’s Charities’ Coalition on Internet
Telefónica
Safety (CHIS)
Children’s Charities’ Coalition on
United Nations Interregional Crime and
Internet Safety (CHIS)
Justice Research Institute (UNICRI)
Save the Children
International Centre for Missing and
INTERPOL
Exploited Children (ICMEC)
Child Helpline International (CHI)
INTERPOL

http://www.itu.int/cop
Technical Assistance for Members
 ITU and Cybersecurity in Asia-
Asia-Pacific

Policy Bhutan Indonesia

related

Pacific CIRT
CIRT Afghanistan, Bangladesh,
Bhutan, Maldives, Nepal

CLMV Ministerial
Sub Theme
Forums Regional Forum Regional Forum on Ministerial
on Cybersecurity, Cybersecurity, Regional Forum Sub Theme
on Cybersecurity,
Seminars Vietnam Australia
India
ABBMN

2007 2008 2009 2010

ITU-UNODC Asia
ITU- Asia--Pacific Regional Workshop on
Asset Recovery and Cyber Crime
21 –23 September 2011, Republic of Korea

Objective

 Building capacity and information exchange

between prosecutors, legislators, ICT policy
makers and technical experts in the area of
Asset Recovery and Cybercrime

Target Audience

 Prosecutors, Legislators, Judges, Policy

Makers and Regulators
Conclusions
 Cybersecurity and cyber-peace are the most critical
concerns of modern information age
 To build trust, confidence and security in the use of
ICTs, ITU has undertaken concrete measures
 Global Cybersecurity Agenda (GCA)
 Child Online Protection (COP)
 Global standardization activities
 Capacity building, training, direct assistance to
countries
 CIRT Assessment of Bangladesh to be published soon

30
 Thank You!
For more information see the ITU website at:
www.itu.int/cybersecurity/

E mail: sameer.sharma@itu.int

International
Telecommunication
Union