Abstract
Critical information infrastructure protection (CIIP) has long been an area of concern, from its beginnings with the creation of the Internet to recent high-profile distributed denial-of-service attacks against critical systems. Critical systems rely heavily on information infrastructures; a disruption of the information infrastructure can hinder the operation of critical systems. The developed nations have mature CIIP solutions in place, but these solutions are not always suitable for developing countries, where unique challenges and requirements have to be addressed. Meanwhile, the developing nations are experiencing unprecedented growth of their information infrastructures. However, the lack of national CIIP efforts creates a situation for developing nations to become launch pads for cyber attacks. This paper discusses the need for CIIP in developing nations. It examines the current state and future development of information infrastructures in these nations and outlines a number of CIIP requirements.
Chapter PDF
Similar content being viewed by others
References
Akamai Technologies, State of the Internet, vol. 2(2), Cambridge, Massachusetts (www.akamai.com/stateoftheinternet), 2009.
Akamai Technologies, State of the Internet, vol. 2(3), Cambridge, Massachusetts (www.akamai.com/stateoftheinternet), 2009.
B. Askwith, WARP case study – Experience setting up a WARP, Center for the Protection of the National Infrastructure, London, United Kingdom (www.warp.gov.uk/Index/indexarticles.htm), 2006.
S. Baker, S. Waterman and G. Ivanov, In the Crossfire: Critical Infrastructure in the Age of Cyber War, Technical Report, McAfee, Santa Clara, California, 2010.
BBC News, The cyber raiders hitting Estonia, London, United Kingdom (news.bbc.co.uk/2/hi/europe/6665195.stm), May 17, 2007.
BBC News, Estonia fines man for “cyber war,” London, United Kingdom (news.bbc.co.uk/2/hi/technology/7208511.stm), January 25, 2008.
BBC News, What makes a cyber criminal? London, United Kingdom (news.bbc.co.uk/2/hi/americas/7403472.stm), May 19, 2008.
Cisco Systems, Cisco 2009 Annual Security Report, San Jose, California (www.cisco.com/en/US/prod/collateral/vpndevc/cisco_2009_asr.pdf), 2009.
R. Dacey, Critical Infrastructure Protection: Challenges and Efforts to Secure Control Systems, Testimony before the Subcommittee on Technology Information Policy, Intergovernmental Relations and the Census, House Committee on Government Reform, GAO-04-628T, General Accounting Office, Washington, DC (www.gao.gov/new.items/d04628t.pdf), 2004.
D. Danchev, Coordinated Russia vs Georgia cyber attack in progress, ZDNet, San Francisco, California (blogs.zdnet.com/security/?p=1670), August 11, 2008.
J. Fick, Cyber Crime in South Africa: Investigating and Prosecuting Cyber Crime and the Benefits of Public-Private Partnerships, Technical Report, PriceWaterhouseCoopers, Sunninghill, South Africa (www.coe .int/t/dghl/cooperation/economiccrime/cybercrime/Documents/Reports-Presentations/2079if09pres_JaquiFick_report.pdf), 2009.
Georgia Tech Information Security Center, Emerging Cyber Threats Report for 2009, Georgia Institute of Technology, Atlanta, Georgia (www .gtisc.gatech.edu/pdf/CyberThreatsReport2009.pdf), 2008.
M. Handley and E. Rescorla, Internet Denial-of-Service Considerations, RFC 4732, Internet Engineering Task Force, Fremont, California (www.ietf.org/rfc/rfc4732.txt), 2006.
J. Harrison and K. Townsend, An update on WARPs, ENISA Quarterly Review, vol. 4(4), pp. 13–15, 2008.
R. Heacock, Internet filtering in Sub-Saharan Africa, Technical Report, OpenNet Initiative, Harvard University, Cambridge, Massachusetts (opennet.net/sites/opennet.net/files/ONI_SSAfrica_2009.pdf), 2009.
ICANN, Factsheet: Root server attack on 6 February 2007, Marina del Rey, California (www.icann.org/announcements/factsheet-dns-attack-08mar 07.pdf), 2007.
G. Killcrece, Steps for Creating National CSIRTs, CERT Coordination Center, Carnegie Mellon University, Pittsburgh, Pennsylvania (www.cert .org/archive/pdf/NationalCSIRTs.pdf), 2004.
E. Koivunen, Survey on Certain European CSIRT Teams’ Administration, Operations, Cooperation and Communications, Technical Report, CERT-FI, Helsinki, Finland, 2009.
S. Korns and J. Kastenberg, Georgia’s cyber left hook, Parameters, vol. XXXVIII, pp. 60–76, 2008.
J. Moteff, C. Copeland and J. Fischer, Critical Infrastructures: What Makes an Infrastructure Critical? Report for Congress RL31556, Congressional Research Service, Library of Congress, Washington, DC (www.fas .org/irp/crs/RL31556.pdf), 2003.
MTN Group, MTN reaches the 100 million subscriber milestone, Press Release, Johannesburg, South Africa (www.mtn.com/media/overviewdetail.aspx?pk=381), May 2009.
J. Nazario, Estonian DDoS attacks – A summary to date, Arbor Networks, Chelmsford, Massachusetts (asert.arbornetworks.com/2007/05/estonian-ddos-attacks-a-summary-to-date), May 17, 2007.
J. Richards, Denial-of-service: The Estonian cyberwar and its implications for U.S. national security, International Affairs Review, vol. XVIII(1) (www.iar-gwu.org/node/65), 2009.
S. Song, African undersea cables, Many Possibilities, Durbanville, South Africa (manypossibilities.net/african-undersea-cables), 2010.
South African Department of Communications, Draft Cybersecurity Policy of South Africa, Government Gazette No. 32963, Pretoria, South Africa, 2010.
P. Vixie, G. Sneeringer and M. Schleifer, Events of 21-Oct-2002 (c.root-servers.org/october21.txt), November 24, 2002.
M. West-Brown, D. Stikvoort, K. Kossakowski, G. Killcrece, R. Ruefle and M. Zajicek, Handbook for Computer Security Response Teams (CSIRTs), Handbook CMU/SEI-2003-HB-002, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, 2003.
P. Wolcott, The provision of Internet services in India, in Information Systems in Developing Countries: Theory and Practice, R. Davison, R. Harris, S. Qureshi, D. Vogel and G. de Vreede (Eds.), City University of Hong Kong Press, Hong Kong, China, pp. 253–267, 2005.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ellefsen, I., von Solms, S. (2010). Critical Information Infrastructure Protection in the Developing World. In: Moore, T., Shenoi, S. (eds) Critical Infrastructure Protection IV. ICCIP 2010. IFIP Advances in Information and Communication Technology, vol 342. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16806-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-16806-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16805-5
Online ISBN: 978-3-642-16806-2
eBook Packages: Computer ScienceComputer Science (R0)