OUTLINE

 The Strategic Roles of Indonesia ICT

 Indonesia ICT Numbers and Facts
 Three Dimensions of Cyber Threat
 Cases of Cyber Warfare/Attack
 Is Indonesia Under Attack???
 Obstacles and Challenges of Indonesia National Cyber
Security
 Six Priorities Strategy of Indonesia National Cyber Security
 Conclusion

2
THE STRATEGIC ROLES OF ICT FOR INDONESIA

ICT is an important ICT is a trigger for economic ICT is a strategic sector and
infrastructure for citizens growth and productivity Government valuable assets

3
 INDONESIA IS THE 4TH LARGEST MOBILE SUBSCRIBERS
Jumlah Pelanggan Telepon Seluler Dunia - 2011

1st
986 Juta 2nd With 249 million
893 Juta subscribers in 2011,
Indonesia is the 4th
largest mobile market in
the world.

3rd 4th
290 Juta
5th 6th
249 Juta 244 Juta 236 Juta

China India USA Indo Brazil Rusia

China India USA Indonesia Brazil Russia

sources: cia.gov (last updated April 2013)

4
 INDONESIA IS THE 8TH LARGEST INTERNET USERS
Jumlah Pengguna Internet Dunia - 2011
1st
538 Juta
In 2011, the number of internet users in Indonesia is around 55 million.
Internet users in Indonesia also are highly social and active. Indonesia is the
3rd largest facebook users and the 5th largest twitter users in the world.

2nd
245 Juta

3rd
137 Juta 4th 5th
101 Juta
88 Juta
6th 7th 8th 9th 10th
67 Juta 67 Juta
55 Juta 52 Juta 52 Juta

China USA India Japan Brazil Rusia Germany Indonesia UK France

China USA India Japan Brazil Russia Germany Indonesia UK France

sources: internetworldstats.com (last updated April 2013)

5
 THREE DIMENSIONS OF CYBER THREAT/ATTACK
Cyber
threat/attack can
be divided into
three dimensions.
Social/
These threats
Cultural
Attack potentially
destroying the
economy and
destabilize the
country's security.
Sources: Indonesia National ICT Council, DETIKNAS 2013

6
CASES OF CYBER WARFARE/ATTACK

Russia-Georgia
Cyber warfare 2008 Wikileaks

And many
STUXNET more...
Estonia Cyber Attack 2007
7
IS INDONESIA UNDER ATTACK???
Over the last three years,
Indonesia was attacked 3,9
millions in cyber space.
(Sources: Minister of ICT, April
3rd, 2013).
During January-October 2012, Sources: ID-SIRTII

The most attacked website is

Government websites/domain:
go.id (Sources: ID-SIRTII,
2012).

Sources: Detikinet, 2013

8
 OBSTACLES AND CHALLENGES OF INDONESIA
NATIONAL CYBER SECURITY
Vision of Cyber
Security not
Intregated
Lack of
Awareness in Cyber Law and
Information Policy not
Security Completed

Obstacles and
Quantity and Quality of
Challenges Governance and Organization
of National Cyber Security not
Information Security Human
Resources are Limited
of Synergized
National Cyber
Security
Application, Data and Weakness of
Infrastructure of Coordination and
Information Security not Cooperation between
Integrated ICT Critical Infrastructure Agency
Protection Mechanisms and
Standards not exist

Sources: Indonesia National ICT Council, DETIKNAS 2013

 Indonesia National Cyber Security
Conceptual Framework (INCS)
Leadership
Security Strategic Level

Shared responsibilities
International Cooperation
Technical and Procedural

Organization Structures

Capacity Building

Confidentiality
Availability
Direct

Integrity
Partnership

Legal
Security Tactical Level
Control

Security Operational Level

Risk Management
Execute

Sources: Indonesia National ICT Council, Detiknas 2012

10 10
10
 SIX PRIORITY STRATEGIES OF INDONESIA NATIONAL
CYBER SECURITY

Security and Sovereignty in Indonesia Cyber Space

Strengthe- Establishment Implementat Capacity International

Critical
ning Policies of Governance ion of System Building for Collaboration
Infrastructur
and and and Human and
e Protection
Regulations Organization Technology Resources Cooperation

Sources: Indonesia National ICT Council, DETIKNAS 2013

11
PRIORITY I: STRENGTHENING POLICIES AND REGULATIONS
 POLICIES & REGULATIONS RELATED TO INFORMATION
SECURITY IN INDONESIA
Telecommunication Act No. 36/1999
Information Transaction Electronic Act No. 11/2008
Implementation Of Telecommunications Government Regulation No. 52/2000
Organizational structure of information security Ministerial Regulation PM
17/PER/M.KOMINFO
National Act:2 IP-based network security Ministerial Regulation No.
Government Regulation:1 16/PER/M.KOMINFO/10/2010
Ministerial Regulation:2
Ministerial Decree:2 CA Supervisory Board ad hoc team Ministerial Decree No.
Ministerial Letter:3 197/KEP/M.KOMINFO/05/2010
Information security coordination team Ministerial Decree No.
33/KEP/M.KOMINFO/04/2010
Web server security Ministry Letter
Wifi Security Ministry Letter
Guidelines for the use of ISO 27001 Ministry Letter
POLICIES & REGULATIONS RELATED TO INFORMATION
SECURITY IN INDONESIA (2)
Criminal cases related to cyber crime in Indonesia could also
be punished with:
– Criminal Procedural Law Codex (UU KUHAP),
– Pornography Act (UU Antipornografi No. 44/2008),
– Copyright Act (UU Hak Cipta No. 19/2002),
– Consumer Protection Act (UU Perlindungan Konsumen No.
8/1999).

14
POLICIES & REGULATIONS FRAMEWORK
 Scope of Cyber Security Laws: Enforcement Responsibility

International Law Enforcement

– e-Commerce;

Prescribe Jurisdiction
– Trademark/Domain; Substantive Law

Cooperation
– Privasi dan keamanan di internet
(Privacy and Security on the
internet);
– Hak cipta (Copyright); Procedural Law
– Pencemaran nama baik
(Defamation); Prosecutorial Authority

– Pengaturan isi (Content Regulation); Sources: Indonesia National ICT Council, Detiknas 2012

– Penyelesaian Perselisihan (Dispel

Settlement).
– Infrastruktur TIK Kritis Nasional (ICT
Critical Infrastructure)

15
PRIORITY II: ESTABLISHMENT OF GOVERNANCE AND
ORGANIZATION
 THE CONCEPT OF NCS ORGANIZATION STRUCTURE
 The Concept of
Indonesia NCS
organization structure
consists of multi-
organization.
 INCS organization
contains of skilled,
proficient, and
experienced
employees with
prosperous
information security
knowledge inside their
parts of specialization.
Sources: Indonesia National ICT Council, DETIKNAS 2013

17
COMPARISON OF CYBER SECURITY ORGANIZATION
Level Australia UK Indonesia

Strategic Cyber Security Policy and Coordination Committee Office of Cyber Security (OCS) Undefined
(Lead Agency: The Attorney-General’s Department)
function: to provide strategic leadership for
Function: interdepartmental committee that and coherence across Government;
coordinates the development of cyber security policy
for the
Australian Government.

Tactical Cyber Security Operations Centre (CSOC) (Under
Directorate: Defense Signals
Directorate)
Function: provides the Australian Government with
all-source cyber
situational awareness and an enhanced ability to
facilitate operational responses to cyber security
events of national importance.
Cyber Security Operations Centre (CSOC) Undefined
Function: actively monitor the health of cyber
space and co-ordinate incident response; to
enable better understanding of attacks against
UK networks and users; to provide better
advice and information about the risks to
business and the
public.

Operational CERT GovCertUK ID-SIRTII

Australia GovCert
ID-Cert

18
 INDONESIA NATIONAL CYBER SECURITY ORGANIZATION
STRUCTURE FRAMEWORK

Sources: Indonesia National ICT Council, DETIKNAS 2013

19
 ORGANIZATION MAPPING RECOMENDATION
Coordinator
Coordination

KEMENKOPOLHUKAM
Sources: Indonesia National ICT Council, DETIKNAS 2013

Homeland Security Intelligence Defense Law Enforcement

Protect militer cyberspace Investigation and Prosecution of
Protect cyberspace environment Preventive and capacity building
environment criminal in cyberspace

KEMKOMINFO BIN LEMSANEG KEMDIKBUD KEMHAN TNI POLRI KEJAKSAAN

Coordinator-Incident Response Team

Gov-Cert ID-ACAD-CSIRT ID CERT ......

20
PRIORITY III: CRITICAL INFRASTRUCTURE PROTECTION
DEFINITION OF NATIONAL ICT CRITICAL INFRASTRUCTURES

 ICT Critical National Infrastructures are assets, services, objects in

the form of phyical or logical that involving the livelihood of many
people, national interests and/or revenue of country that are
strategic, in case of threats and attacks cause more loss of lives,
destabilizing political, social, cultural and national economy as
well as the sovereignty of the nation. (DETIKNAS, 2013)
 Criteria of the National Critical ICT Infrastructure must fulfill one,
some or all of the following characteristics:
– Threats and attacks resulted in disaster/many lost lives.
– Threats and attacks result in chaos in the national society.
– Threats and attacks cause disruption of governmental operation.
– Threats and attacks resulting in the loss of reputation, income and
state sovereignty.
 IMPACT LEVEL OF CYBER ATTACK

Motivation Actor(s) Impact Level

APT/Nation State • may result in the highly costly loss of major tangible assets or
resources;
High • may significantly violate, harm, or impede an organization’s
Insider
mission, reputation, or interest;
• may result in human death or serious injury.
Money, Terrorism
Espionage,
Skills for Employment,
• may result in the costly loss of tangible assets or resources;
Fame, Criminals
Medium • may violate, harm, or impede an organization’s mission,
Entertainment,
reputation, or interest;
Hacktivism,
Hacker Groups • may result in human injury.
Terrorism and War

Hacker
• may result in the loss of some tangible assets or resources
Low • may noticeably affect an organization’s mission, reputation,
Noob/Script Kiddy or interest.

Sources: Indonesia National ICT Council, DETIKNAS 2013

23
 CRITICAL INFRASTRUCTURE SECTORS
Sector Lead Agency
Energi dan Sumberdaya Mineral Kementerian ESDM
ICT Kementerian Kominfo
Transportasi Kementerian Perhubungan
Kesehatan Kementerian Kesehatan
Sources: Indonesia National ICT Council, DETIKNAS 2013

Pemerintahan Sekretariat Negara/Sekretariat

Keuangan dan Bank
Agrikultur
Pertahanan dan Industri Strategis
Administrasi dan Pelayanan Publik
Penegak Hukum
Sosial, Budaya dan Agama
Kabinet
Kementerian Keuangan
Kementerian Pertanian
Kementerian Pertahanan,
Kementerian BUMN
Kementerian Dalam Negeri,
Kementerian Hukum & HAM
POLRI, Kejaksaan RI, KPK
Kementerian Agama dan
Kementerian Sosial
24
PRIORITY IV: IMPLEMENTATION OF SYSTEM AND
TECHNOLOGY
LAYERS OF CYBER
 Implementation of
Data
cyber security
technologies and
Application processes
performed at each
layers.
Host
 Cyber ​security at
every layer is called
Internal Network defense in depth.
 Defense in Depth
External Network
strategy is to achieve
the main objectives
of security, namely
Availability, Integrity,
Confidentiality (AIC
Triad).
IMPLEMENTATION OF DEFENSE IN DEPTH INFORMATION
SECURITY
DMZ

VPN
Firewalls
Logging
Proxy IDS
Auditing
Logging IPS Authentication
Penetration
Stateful Packet Logging Antivirus SSO
Testing
Inspection
Vulnerability Auditing IDS Content Filtering Encryption
Auditing
Analysis Penetration IPS Data Validation Access Controls
Penetration Testing
Testing Password Hashing Auditing Backup
Vulnerability
Vulnerability Analysis Logging Penetration Penetration
Analysis Testing Testing
Auditing
Vulnerability Vulnerability
Penetration Analysis Analysis
Testing

Vulnerability
Analysis

External Network Internal

Network Perimeter Network Host Application Data
Sources: Jason Andress, 2011 (modified)
NEXT GOVERNMENT TECHNOLOGY IMPLEMENTATION
RELATED TO NATIONAL CYBER SECURITY

Government
Integrated Data
Center

Goverment Secure
Network

Government Public
Key Infrastructure

28
PRIORITY V: CAPACITY BUILDING FOR HUMAN RESOURCES
 BUILDING INTEGRATED AND SUISTAINED HUMAN
RESOURCES DEVELOPMENT PROGRAM

Sources: Indonesia National ICT Council, DETIKNAS 2013

CAPACITY BUILDING: AWARENESS

Two-way
One-way interactive
communic Awareness communic
ation ation

31
 CAPACITY BUILDING: AWARENESS - ONE-WAY
COMMUNICATION

Wide range, tends

One-way
Film, Music, to bore, relatively
communication
Poster, dll cheap cost and
(text, multimedia)
affordable
Methods Object Effectively
 CAPACITY BUILDING: AWARENESS - TWO-WAY
INTERACTIVE COMMUNICATION

Limited range, to be
Two-way interactive FGD, Interactive effective in changing
communication Workshops, Video the culture of
(hypermedia) Games, e-learning. behavior, cost of
expensive
Methods Object Effectively
PRIORITY VI: INTERNATIONAL COLLABORATION AND
COOPERATION
MEMBER OF INTERNATIONAL ORGANIZATION
Join, participate, and ratify with international collaboration
and cooperation.
Currently Indonesia become full member of:
– Asia Pacific and APCERT FIRST (Forum for Incident
Response and Security Team) of the world.
– Organisation of the Islamic Conference-CERT (OIC-CERT)

35
CONCLUSIONS
Securing Indonesia Cyberspace is essential to create
conducive and sustainability environment.
Indonesia Cyberspace has to be secured and sovereigned.
Indonesia needs a national cyber security strategy in order to
focus on the development cyber security program.
National Cyber Security is a very complex problem,
collaboration and cooperation with all stakeholders are
needed.
Organization of Indonesia National Cyber Security (I-NCS)
need to be established.

36
Thank You
www.detiknas.org
info@detiknas.org
2013

37