The German Government is developing a major programme to protect its computer networks and supply systems. A new institution - the National Cyber Defence Centre (Nationales Cyber-Abwehrzentrum) – will be responsible for detecting potential threats, analysing them and coordinating the necessary measures to disable the threat. In addition, a National Cyber Security Council will be established.
Defending Germany’s infrastructure from direct cyber attacks has become routine for the Government’s IT specialists. According to experts, Germany suffers four to five such attacks every day. Bearing in mind that much of Germany’s military coordination, water resource management, electricity, nuclear power and banking is among the systems managed by computers, the risks of such attacks are clear.
Next to the threat of terrorism and the advancing capabilities of some rogue states to use ballistic missiles, cyber-attacks on strategic networks were seen as a growing threat to security.
“By now the internet has become a critical infrastructure”, said the Minister of Internal Affairs, Thomas de Maizière, during his introduction of the new Cyber Security Strategy for Germany. “If this infrastructure fails, it will be very critical for Germany. Like electricity and water - we are dependent on it and rely on it to work.” The web needs to be available, to be free and to be safe, the minister emphasized.
Four to five Trojan attacks per day
“Germany is under permanent cyber-attack”, says Hartmut Isselhorst of the Federal Office for Information Security. The government agency will be the decision-making body for the National Cyber Defence Centre, which will go into effect beginning April 1st. Isselhorst believes that Germany is faced with “highly professional hackers with sufficient resources.”
He explains that the required ingredients to launch the kind of targeted malware e-mail attacks his department has been dealing with, can be easily acquired. The attacks may be led by individual perpetrators or government bodies, such as foreign intelligence agencies, “…The attacks can be used for espionage or sabotage purposes. Stuxnet has made this quite clear, “he says. Stuxnet was a malware that was used last year to target industrial facilities in Iran.
He believes the current situation not only calls for the development of a proper cyber defence strategy but also of a body that can protect the system and detect possible threats ahead of time.
De Maizère plans a National Cyber Defence Centre
The term “Cyber War” was introduced into NATOs’ new strategic concept during the recent Lisbon Summit. Next to the threat of terrorism and the advancing capabilities of some rogue states to use ballistic missiles, cyber-attacks on strategic networks were seen as a growing threat to security.
"By now the internet has become a critical infrastructure. If this infrastructure fails, it will be very critical for Germany."
The German government has been discussing a possible security strategy to protect important data networks form such attacks. De Maizère sees this task in the hands of the new National Cyber Defence Centre. Under the command of the Federal Office for Information Security, the centre will be a network of relevant government bodies working together to improve protection against cyber attacks. Ranging from the Bundesamt für Verfassungsschutz (BfV), Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (BBK), Bundeskriminalamt (BKA), Bundespolizei (BPOL), Zollkriminalamt (ZKA), Bundesnachrichtendienst (BND) and the Bundeswehr, all important government defence, security and emergency services will be represented in the Centre.
The key idea of the Centre is prevention – safety provisions can be best ensured by effective early warning and preventative action. Thus the Centre strives towards a mutual, uniform and safe network infrastructure for the German federal administration.
Threats from across the Globe
The defence centre plans to collaborate with similar facilities in the United States and other European countries. Last year the US launched its own cyber defence centre, the United States Cyber Command (USCYBERCOM). US cyber strategists have since established the source of several of the more recent attacks. According to General Keith Alexander, director of USCYBERCOM, the Chinese are responsible for many attacks on western infrastructure and the recent attack on the main power grid of the US. The only way for a successful defence against crime and espionage on the web, is a proactive strategy.
The Cyber Security Strategy presented by the Minister of Internal Affairs, Thomas de Maizière states that: “Cyber space comprises all global information infrastructures that are accessible through the internet and go beyond territorial boundaries”. Serious attacks in this space can mean considerable impairments to the foundations of the livelihood of society. The availability of cyber space and the integrity, authenticity, and confidentiality of the data it contains has become an existential question of the 21st century.
Centres of Cyber Security
The new threat of cyber war has led to the creation of numerous centres geared towards detecting threats and protecting vulnerable networks from targeted cyber attacks. These include:
- Joint Task Force-Computer Network Defense (JTF-CND), US Armed Forces, 1998. Since 2010 known as USCYBERCOM.
- National Cyber Security Division (NCSD), US Department of Homeland Security, Washington, 2003.
- Joint Functional Component Command – Network Warfare (JFCC-NW), US Armed Forces, Fort Meade, Maryland, 2005. Since 2010 known as USCYBERCOM.
- Cooperative Cyber Defence Centre of Excellence (CCDCOE), NATO, Tallin (Estonia), 2008.
- Agence nationale de la sécurité des systèmes d´information (ANSSI), French government, Paris, 2009.
- United States Cyber Command (USCYBERCOM), US Armed Forces, Fort Meade, Maryland, 2010.
- Nationales Cyber-Abwehrzentrum, Germany, 2011.
- Defence Cyber Operations Group, UK Ministry of Defence, to be announced.
please REGISTER to leave a comment.
0 Comments