Abstract
This chapter gives explanation on theoretical framework of the national security policy and strategy. Moreover, it analyzes selected countries approaches to cyber security in national policy and how countries build their capacities to face with risks, and address objectives in some cyber security policies. Also, in this chapter are described different sorts and sources of cyber threats, techniques of cyber attacks and frequently used tools (software and hardware) by cyber attackers. In addition, according with Symantec's and Kaspersky's annual report about Internet security threats for 2014, were analyzed the most important cyber threats and attacks during 2013. Furthermore, the chapter shows organization structure of cyber security system of Montenegro, statistical analysis of users activities in cyber space and cyber incidents that happened in Montenegro during 2014.
TopIntroduction
In informatics age, where online communication has become the norm, internet users are facing increased number of threats and becoming the targets of cyber-attacks. We are witnesses of the global phenomenon of the rise of threats based on the main aspects of globalization (e.g. ICT) and security threats in the age of globalization are in connection with different dimensions of globalization (economic, political, cultural, ICT, ecological).
Cyber security threats are one of the biggest challenges for national security systems, because they tend to destroy economic and national security in the 21st century.
There are many reasons which contribute to the rise of cyber security threats, such as growing dependence of information technologies, interconnections of critical infrastructures and different weaknesses in some sectors (government, industry, financial system, etc.).
While cyber criminals continue to develop and make their techniques more advanced, they are also shifting targets focusing, for example, on theft of financial information, business espionage and accessing government information.
As it was stated by Stevens (2012), in contemporary time we have huge prevalence of information communications technologies, and what is paradoxically it became a symbol of the “uncertainty and irreversibility of the patterns of global emergence” (Stevens, 2012, p.1).
Importance of cyberspace for national security, has expressed US President Barack Obama in his speech in May 2009, saying that it is ironic to have technologies which at the same time could support world development and being misused for the world destruction.
Cyber security has strategic and tactical dimensions in national security, because it affects all levels of society. The cyber threats and their performance techniques are continuously evolving, and it represents threats to data security, electronic systems and personal privacy, what makes challenging tasks for states to response on them.
Some of the past occurred cyber-attacks (Estonia and Georgia), were directed on different organizations including parliaments, banks, ministries, newspapers, and broadcasters and even the effects were localized to those countries, they do show what a cyber-attack can produce (Miklaucic, M. & Brewer, 2013).
There could be expectations that danger will grow in a future and cyber-attacks will be able to destroy state infrastructure, what could directly threaten citizens and significantly block state system under attack.
Expectations from the states are to be prepared and to work on their own capacities for cyber protection and for response on cyber threats, and in addition to that, it is necessary to adapt comprehensive national security policy and strategy.
The term cyberspace covers enormous field of the technology and networks, including Internet, telecommunications networks, computer systems and processors in critical industries. The usage of the term cyberspace also refers to the virtual environment of information and interactions between people. The globally interconnected and interdependent cyberspace is main sphere which provide support for modern society, the world economy, civil infrastructure, public safety and national security.
As some experts stressed, cyberspace protection requires strong vision and leadership, as well as changes in priorities, policies, technologies, education, laws and international agreements (Branon, 2014). Confronting to cyber threats require strong commitment of all actors to be innovative and adopt efficient technologies that can be adequate to contribute on enhancing national security, the global economy and individual freedoms.
Cyber threats and challenges can causes significant effects for the states, and it force them to find new solutions, to develop tools and mechanisms for prevention and response, and also to adapt adequate security policy for cyber threats.
The thesis of chapter is that states have different approaches towards cyber security policy, and if it is guided by security sector reform and national security policy development, than states are mainly concentrated on institutional building and resources improvement. That is shown on the case study of Montenegro.
Key Terms in this Chapter
Passive Attack: An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, its data, or its operations.
Cyberspace: The interdependent network of information technology infrastructures, which includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
Malicious Code: Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.
Attack: An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity.
Vulnerability: A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard.
Risk: The potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular vulnerability, with the associated consequences.
National Security: Protection and safety of the political, economic and other interests and values of the state.
Data Breach: The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
Threat Agent: An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities.
Security Policy: Set of rules, guidelines and procedures represented in official security documents that define way in which state will protect its own national security interests.
Botnet: A collection of computers compromised by malicious code and controlled across a network.
Cybersecurity: The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation.
Threat Assessment: The product or process of identifying or evaluating entities, actions, or occurrences, whether natural or man-made, that have or indicate the potential to harm life, information, operations, and/or property.
Risk Assessment: The product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.
Vulnerability Assessment and Management: Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.
Asset: A person, structure, facility, information, and records, information technology systems and resources, material, process, relationships, or reputation that has value.
Risk Management: The process of identifying, analysing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken.
Security: Condition of absence of danger and threat or functions and activities on protection.
Security Sector Reform: Concept which promote reform or building of the state security institutions, legislation and system for democratic control.
Globalization: Process of expansion, deepening and accelerating global interdependence in all aspects of modern life (economy, politic, ICT, etc.).
Denial of Service: An attack that prevents or impairs the authorized use of information system resources or services.
Confidentiality: A property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information.
Cyber Infrastructure: The information and communications systems and services composed of all hardware and software that process, store, and communicate information, or any combination of all of these elements: Processing includes the creation, access, modification, and destruction of information. Storage includes paper, magnetic, electronic, and all other media types. Communications include sharing and distribution of information.
Availability: The property of being accessible and usable upon demand.
Integrity: The property whereby information, an information system, or a component of a system has not been modified or destroyed in an unauthorized manner.
Incident: An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the consequences.
Antivirus Software: A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralizing the malicious code.
Threat: A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), individuals, other organizations, or society.
Critical Infrastructure: The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters.
Security Strategy: Strategic, overall and systematic approach for developing, applying, and coordinating the instruments of national power to achieve objectives that contribute to national security.