Pe scurt:
Ascultă Radio Romania ActualităţiAscultă Live Acum: REPORTERII ACTUALITATII Joi, 23 Septembrie

Cele mai citite

Articole recente



Radu Dobrițoiu

13 Mai 2019
Vizualizari: 2408
Comentează add

5G-Era will dominate the near future and high-speed data transmissions will impose new standards of life, but also cyber security.

Cyber Security in the "5G-Era"



RADIO ROMANIA NEWS "Euroatlantica" Producer, Radu Dobriţoiu: Cyber defense has become a priority for Euro-Atlantic security, in an age dominated by high technology and increasingly evolving communications capabilities. 5G-Era will dominate the near future and high-speed data transmissions will impose new standards of life, but also cyber security. NATO has created a dedicated cyber defense division and the European Union is seeking to reinforce its cyber security rules to combat the growing threat posed by cyberattacks and to take advantage of the opportunities offered by the new digital era. European leaders believe that cyber security reform is one of the main issues to be solved on the way to the completion of the EU's single digital market. Special guests: Cătălin Aramă, General Director of National Cyber Security Incident Response Center, CERT-RO, and Ioan -Cosmin Mihai, Vice-President of Romanian Association for Information Security Assurance (RAISA). Theme: "Cyber Security in the 5G-Era". 

Radu Dobriţoiu: Mr. Cătălin Aramă, CERT-RO Romanian National Cyber Security Incident Response Center has recently launched a unique phone number for reporting cybersecurity incidents - 1911. How many other states in the European Union have such a service? 

Cătălin Aramă: I will start by saying that cyber security, as you put it in your preamble, is a hot topic, is a topic on the table, mentioned widely, from the political to the technical area. Indeed, being a topic of such great relevance, which ultimately implies protection of citizens, business, state, refers to the single market, digital single market, which almost overlaps with the single market and, after as you have seen over the recent period of time, more and more measures are being taken on cyber security and protection. An answer to your question is the initiative with a unique phone number which, of our knowledge, can be called from all networks in Romania, since at the moment it is an initiative in Romania. Of course, each EU Member State has a cyber security incidents response center and, as of recently, an authority to implement provisions of the directive to ensure high level of network security. In Romania, authority is National Center for Response to Cyber Security Incidents, as well as a unique European contact point. So the answer to your question is that it is an initiative that brings CERT-RO closer to citizens, companies, and those with security concerns.

Radu Dobriţoiu: That's exactly why I asked you because of course there are centers similar to yours in the European Union, but I haven’t heard of such emergency numbers for cyberattacks in the European Union and, from that perspective, Romania is a pioneer, because it has taken a step forward, because these cyber incidents can affect not only institutions or companies, but even individuals may report serious incidents in the area of cyber-defense.

Cătălin Aramă: Yes. Of course, we had alerting systems before. There was a day phone call line, same like in all cyber security response centers, we had an email address, printed documents to fill in, all out of which information was automatically taken over by specialists, who analyzed and resolved or coordinated the incident. Now, though, we thought of taking one step further. And as the recent phones calls have shown us, I think our target has been reached, because we've come close to the most vulnerable link in this chain, the human link, indeed most phone calls have been given by individuals who reported incidents.So far they've been doing this on social media like Facebook or Twitter, and they've been reporting to us, but this has proven an increase in the number of reports. Basically, the aim was to encourage incident reporting.

Radu Dobriţoiu: Does this help you?

Cătălin Aramă: It helps and I will explain why. Because reporting a cyber security incident does not just involve having assistance, support from CERT-RO. It involves providing enough information and if this information demonstrate that the reported incident is indeed real and poses a threat, CERT-RO turns this into an alert which subsequently is disseminated on all channels  ...

Radu Dobriţoiu: An alert also for important institutions in the defense sector.

Cătălin Aramă: Certainly, and it can save other entities that can fall victim to such an incident. We are talking here about economic operators (…) where the impact of a cyberattack would exceed the threshold of impact upon population (…).

Radu Dobriţoiu: There is this interface with the emergency number, but do you think that big companies and institutions should designate a contact person to communicate with you (…) and do you think the law could be improved, as we have the personal data protection law, where each institution has a special-designated person to deal with this issue.

Cătălin Aramă: Sure. Let me explain how the system works in a few words. This is a secondary legislation that is currently being developed, because the NIS Directive (Directive on security of network and information systems, n.a.) is in fact a framework  for cooperation and a framework to ensure this common level of security. Details of how, in what way, what level are left to EU Member States, because order and security are under the sovereignty of each state.

Radu Dobriţoiu: As in NATO.

Cătălin Aramă: Exactly.

Radu Dobriţoiu: I remind you that cyber security is managed at Alliance level, but each NATO Member State ensures its own cyber security measures on its territory.

Cătălin Aramă: Yes. The European Union comes with Baseline, a framework which, as I said, is based on cooperation and high level guarantee and mechanisms to counteract security incidents. Returning to these major operators, they are not just essential service providers, they are also digital service providers (…) and this secondary legislation we are talking about implies some reporting criteria. The difference is that from now on, incident reporting for this category is mandatory, is no longer a volunteer act.

Radu Dobriţoiu: That's the idea.

Cătălin Aramă: And then, when you cross the threshold and fall under the NIS Directive, you will automatically be enrolled in a register. Signing up to it obviously involves contact persons and reporting rules. So the answer is, Yes it will be so. As I was saying, initiation of the report /../ can be done by phone number, but more data will be required automatically afterwards because these service providers and digital service providers are responsible for the security of their computer system. In the present case, they are responsible for further responsibility on the service or product, aimed at protecting the citizen.

Radu Dobriţoiu: Another question in this field, to clarify the subject as well as possible. In the future, do you think that by law these entities you have mentioned will also have certain obligations to provide access or information when requested or even access to a database to work together in the event of larger incidents?

Cătălin Aramă: Cyber security and addressing cyber security means cooperation and trust. We go further than that. By the links we have and the mechanisms we are moving forward, we intend more than reporting the incident as only an obligation. This collaboration framework also involves discussing alerts. And alerts are important. When you get to an incident, some phases have already passed and things have already happened. That is precisely why we have collaborative mechanisms by which we always keep in touch. And I would like to mention the project by which we have laid the foundations of this unique number. It is a European-funded project which, in addition to the technical part, the Call Center, involved endowment of this center. Our intention, this year…

Radu Dobriţoiu: Call Center endowment  ...

Cătălin Aramă: We want to obtain a unique number that can be called from all networks (…). Through this project, we have also developed a collaborative platform that will be aimed precisely at the exchange of information between these operators and the national and sectoral CERT.

Radu Dobriţoiu: Mr. Ioan-Cosmin Mihai, we are at the beginning of the 5G-Era. South Korea is the first country where 5 G networks cover the national territory. Global development is exponential. What will be the implementation and use of 5G on a large scale, both in terms of technologies and potential cyber threats?

Ioan-Cosmin Mihai: 5G networks are supposed to connect billions of systems and devices, including in critical sectors such as energy, transport, banking or health. In other words, these 5G networks will be a fundamental structure on which a broad range of essential services will be based. From this point of view, any 5 G network vulnerability could be exploited to compromise both the digital infrastructure and the systems that are connected by this technology, with the risk of causing very serious damage. And we have two categories of damage: one: affecting services with cyberattacks and two: data exfiltration in targeted attacks, for spying, or for put this data on the market. And I can come up with two examples. If we are talking about damaging services through cyberattacks, I would like to make an analogy with an attack that happened at the end of 2016 and which is considered to date the most powerful cyberattack in history that has succeeded in affecting systems and services of companies such as Netflix, Twitter or CNN. In this attack, over one million devices have been compromised and used, most of them being surveillance cameras, devices that have a rather precarious cyber security level. Well, if we're going back to 5G technology, we're talking about billions of connected systems. If millions of such devices are compromised and involved in a cyberattack, this could have a devastating effect, especially in critical sectors.

Radu Dobriţoiu: Let's say for example a power outage in Ukraine can generate chaos on a whole city and a wider area, or even a country, leading to, say, an extremely sensitive institution like the Cernavodă Nuclear Power Plant, and so on. So, the impact can be hard to predict, and often these attacks may not be determined, or seen, or anticipated with great precision.

Ioan-Cosmin Mihai: Yes, especially as we are talking about systems which are connected in the critical sectors. In addition to this impact caused by cyberattacks, we also have another risk, namely data exfiltration. We will have more and more smart devices to connect to the internet ... Think that we already have smart TVs, we may have different smart household appliances…

Radu Dobriţoiu: We will have self-driving vehicles which will be guided on their way by this network developed in the fifth generation of data transmissions.

Ioan-Cosmin Mihai: And all this equipment distributes certain data to the Internet class servers. Someone could browse this data, have access to these data, correlated with our name or our IP address – so with a private character – so you realize that there is a vulnerability, those who have access to our data can have an image of our profile: when we are at home, when we leave, when we use the car, what routes we use and so on ...I can give you a simple example, they are smart vacuum cleaners that transmit various data in Cloud and we can control them with applications from mobile phones. These smart vacuum cleaners have the mapping function of the apartment. In other words, they get a clear picture of where the walls are, where the furniture is...

Radu Dobriţoiu: The doors, the balcony, the windows ...and if this apartment has an alarm system, also ordered via 5G, it will probably also have access to the alarm system protection. I mean everything...

Cătălin Aramă: We talk about their interconnection.  As long as you've managed to get data from one part of this interconnection chain, you can find all kinds of data.

Radu Dobriţoiu: The future will bring smart refrigerators and cooking machines and all the things in a household can be ordered at one time if someone has access without you being home to ... The idea is the following: comfort is developing, technology is being developed, but at the same time, the level of vulnerability of man, in general and of institutions, also increases.

Cătălin Aramă: Yes, there are a lot of vulnerabilities of these connected systems or maybe 5G networks and we must not forget that digital infrastructures are interconnected and transnational, and cyber threats are cross-border. So any vulnerability in a 5G-type network in a Member State could affect the whole European Union. For this reason, a high level of cyber security should be ensured through concerted action, both at national and European level.

Radu Dobriţoiu: The CERT-RO report, Mr Aramă, is a complex one, but I would like you to briefly refer to it, because you are the institution responsible for cyber security incidents.

Cătălin Aramă: Certainly, the CERT-RO report for 2018 has delayed to appear this year. Actually, it's going to appear this month, for a very objective reason. CERT-RO has begun to change the way it analyzes data in a practical and proactive manner. Until now, the data we have analyzed came from most of the international feeds and reflected the implications of some Romanian systems, Romanian IPs, in the context of internationally identified cyberattacks; we are currently particularly interested to see how we are attacked, what the systems are and why we are attacked. That is why at CERT-RO we have developed a system of mechanisms by which we analyze data about the attacked Romanian IPs and systems besides those involved in the attacks. It is a change in the way we look at things, but it has brought us a lot of new elements right now. In this way, we have identified types of attacks that have disappeared, we have identified new categories of attack, and all of these data are being prepared and developed. I was talking about an attempt to increase the operational capacity of CERT-RO, we have a plan, a project called 'Early Warning System of Romania', by which we will multiply the category of methods aiming to collect data on the national cyber space.

Radu Dobriţoiu: Report marks another strategy for dealing with incidents, perhaps with a broader view.

Cătălin Aramă: Yes. We know very clearly, a reverse of the medal for good and broadband access of Romania's Internet is the fact that the resources here are often used by people who are not Romanian citizens as a source, as a base for attacks in ...

Radu Dobriţoiu: To launch operations ...

Cătălin Aramă: To launch operations, really. But at the same time, there are attacks that target computer systems in Romania, and here, I am sorry to say, there is still a large, slightly decreasing number from 87 to almost 80 percent of the total IP- identifying vulnerable systems, that is, systems that are outdated, that are not properly configured or lacking protection solutions. And this is again a component of digital education, a very important thing that I am reminding every time, because digital education has this component of cyber security education and can save us from many unpleasant things.

Radu Dobriţoiu: Mr. Ioan-Cosmin Mihai, so we enter the 5G era with fast steps. What can we do to protect ourselves better, because Mr. Aramă has mentioned these vulnerabilities which primarily have as their entry gateway computer literacy, digital education. What can a random person do, because 5G covers from Smart TV and smart vacuum cleaner to the machine that can be controlled with the help of an interaction or a cyberattack? We are talking about people, how can people defend themselves against these threats that will occur with the 5G era?

Ioan-Cosmin Mihai: I would start by presenting what we could do at national level and then conclude with what we can do at the personal level. At national level, we should focus on developing cooperation, trust in good exchange of information and good practices, emphasize education and awareness raising programs, especially for the population, develop skills and research, and we continue to invest in cyber security to increase security. From a personal point of view, we should keep in mind that there are vulnerabilities both of the devices we use, the operating system, the applications installed on various media, such as mobile phones, and we realize that there are many risks associated with cyberspace. That's why I think we should be careful about the operating systems we have installed, update them, protect them with various security solutions, maybe an antivirus program, maybe a firewall if it's not too complicated to have a backup because there are a lot of cyberattacks that manage to compromise the data and we may lose them, and a backup would save us from this problem and let us know as much as possible about ...

Radu Dobriţoiu: So antivirus solutions, a periodic backup to which respective data, probably saved somewhere on an external hard-disk or on a CD, depends on the storage capacity, and, of course, be very careful when we access certain sites or when we receive certain messages, we do not click on that link with ease before seeing where it came from and what it is all about.

Cătălin Aramă: You can report to CERT-RO and you will receive the necessary counseling. In order to enhance the importance of cyber security risk management and to complete what you say, 5G will actually become an engine, it will become a backbone because we are talking about a process to digitize more and more rapidly not only processes in the industrial area, let's say, or in the economic area, we also talk about the relations the citizen has with the state, and this digitization process is complemented by an interconnection of the systems that have so far been built insularly. We will surely end up where organization of democratic processes, such as elections, will also be based on digital infrastructure, on the 5G infrastructure. But, as I say, education is important, because more and more digital services will be on the mobile phone, which is the most unsafe device.

Radu Dobriţoiu: And the most vulnerable.

Cătălin Aramă: Most vulnerable and predisposed to attacks.

Radu Dobriţoiu: For a computer we know what an antivirus means, there are free antivirus solutions that we can install, even some software programs have come to be known, but for the phone it is much more difficult, and that's probably why we should first update our operating system. That would be a basic thing (…) . How important is the legal framework for cyber defense and at what time should these laws be updated?

Cătălin Aramă: In principle, we have the legal framework at the moment, the important step has been taken, secondary legislation will come with norms, thresholds and details, the actual implementation process, detailing the law enforcement process. Norms will obviously be updated following dynamic in this area and a working group is to be formed that will deal especially with this.

Radu Dobriţoiu: We talk about cyber security in the 5G Era. Hybrid war is also felt in cyberspace. Please, very briefly, refer to this challenge to national and also to Euro-Atlantic security. 

Ioan-Cosmin Mihai: In short, there is a new environment, the cyber space in which various attacks with a great impact can be orchestrated. We are talking about state actors who sponsor and manage to develop sophisticated Advanced Persistent Threat (APT) attacks, which can be detected very hard and usually with artificial intelligence solutions.

Cătălin Aramă: Hybrid war has existed at all times. The fact that cyberspace has such a weight in our lives is normal to be used as a battlefield and that is why since the end of last year, there is a command dealing with cyber war, within the Romanian Ministry of Defense. Indeed, the fact that cyberattacks are increasingly complex, sophisticated and developed brings great responsibility from the protecting entities. On one part, the attacker might have a clear goal in mind and focus its efforts on it, but on the other part, in terms of protection, nobody can know exactly where it will attack and then you must be prepared as much possible, so to speak.

Radu Dobriţoiu: To be ready to react fast ...

Cătălin Aramă: At all sorts of requests, for sure.

Radu Dobriţoiu: "Euroatlantica" at the end. We have talked about cyber security in the 5G-Era. Special Guests of the edition were Catalin Arama, General Director of the Romanian National Computer Security Incident Response Team CERT-RO, and Ioan-Cosmin Mihai, Vice-President of Romanian Association for Information Security Assurance (RAISA).

Source:RRA, RADOR.Translated by Miruna Matei


Etichete Exclusiv RadioEmisiunea Euroatlanticaaparare ciberneticasecuritatea ciberneticaera 5Gsecuritate informaticaRadu DobritoiuCatalin AramaIoan Cosmin MihaiNicu Popescusecuritate informaticaCERT-RO

Articole cu teme similare:

Recomandarile editorului:


Candidaţii la preşedinţia Comisiei Europene participã la o dezbatere Eurovision, la Parlamentul European - Video Live