Securitatea informationala si serviciile speciale in Germania

După  semnarea Tratatului de la Versailles din 1919 apărarea germană  dorea cu ardoare să-şi îmbunătăţească  sistemul de comunicaţie  prin achiziţionarea unei maşinării destinată iniţial pieţii. Nu a durat mult până când armata germană şi-a inventat un model propriu de maşinărie cu care avea să transmită mesaje codate. În 1928 a fost achiziţionată de armată iar în 1933 de forţele aeriene.

„Enigma”Inventată de germanul   Arthur Scherbius pentru companiile comerciale care doreau să-şi stabilească

un sistem codat de comunicaţie , maşina electrică pe rotor “Enigma” a fost repede construită de germani pentru transmiterea de mesaje codate. Piesele componente ale mașinii “Enigma” erau: 1. tastatura, care fusese împrumutată de la mașinile de scris obișnuite; 2. placa cu lămpi, o lampă în locul fiecărei taste care se aprindea în momentul în care tasta era acționată și punea în lumină litera inscripționată pe ea; 3. placa comutatoarelor pe care se aflau prizele, una pentru fiecare literă, fiecare conectată de celelalte; 4. trei rotoare detașabile, fiecare dispunând de un set format din 26 de contacte, câte unul pentru o literă; 5. roata fixă, cu o formă identică cu a rotoarelor dar care nu se putea detașa și care avea un set de 26 de contacte grupate în perechi; 6. baterie pentru alimentarea circuitelor. Deşi germanii credeau ca mesajele codate nu vor putea fi descifrat de inamici , maşina a fost reconstruită şi de polonezi care au oferit-o spărgătorilor de coduri britanici pentru a descifra semnalele  Germaniei în timpul celui de-al Doilea Război Mondial.

Maşina “Enigma” permitea  unui operator să tasteze un mesaj  care apoi era bătut după înţeles  de 3 sau 5 rotiţe zimţate care arătau litere diferite din alfabet. Cel care primea mesajul trebuia să cunoască foarte bine  mecanismul acestor rotiţe pentru a putea descifra mesajul. După ceva timp germanii au îmbunătăţit   maşina adăugându-I un rotor cu circuit electric.

SpărgătoriiÎn 1931 britanicii întâmpinau probleme în a descifra codul  “Enigmei”, dar nici francezii nu reuşiseră

încă. Doar după ce biroul polonez de descifrare a dat mai multe detalii , britanicii au reuşit să descifreze o parte din coduri. Polonezii, datorită legăturilor cu industria germană, au reuşit să facă o maşină identică cu cea a germanilor cu   care au reuşit să citească mesajele armatei germane între 1933 şi 1938.

“Enigma” nu a fost de la început foarte eficientă. Doar în 1941 munca depusă pentru a descifra codurile şi-a arătat efectele. În primăvara anului 1941  britancii au descifrat planurile armatei germane de a invada Grecia, însă  nu au avut ocazia să exploateze această informaţie deoarece nu aveau suficientă fortă militară pentru a opri invadarea.  În mai, britanicii, descifrând mesajele codate ale italienilor , au ajutat flota admiralului Cunningham să-I învingă pe italieni în bătălia de la Matapan.

Scurtarea războiuluiÎn  1942  germanii au introdus a patra rotiţă la maşinile “Enigma” de pe vasele germane pentru a spori

securitatea  mesajelor secrete. Rezulatatul au fost maşinile “Triton” sau “Shark”, cum le denumiseră britanicii.  Timp de aproape un an după ce germanii au îmbunătăţit maşinăriile, britanicii nu au putut să descifreze nici măcar un cod, asta ducând la şanse tot mai mari de înfrângere pentru Aliaţi în Atlantic.

Datorită mesajelor descifrate, cel de-al Doilea Război Mondial a fost scurtat. Faptul că britancii ştiau orice mişcare pe care armata germană o făcea i-a ajutat să-l ţină departe de Egipt pe generalul german Erwin Rommel, chiar dacă nu în 1941, ci un an mai târziu când l-au oprit în Gazela.

Succesul ” Enigmei”  a avut nevoie mereu de ajutor complementar dar faptul că Aliaţii au ţinut secretă maşinăria până în 1947 arată cât de mult a însemnat pentru ei.

INTRODUCERERezistand unui secol turbulent si violent, Germania este in prezent unul dintre liderii mondiali ai

guvernelor liberal democratice, dar pentru sistemul național de informații si agentiile de securitate, depasirea mostenirii lasate de rolul lor in cele doua razboaie mondiale s-a dovedit a fi o adevarata provocare.

In timpul secolului al XIX-lea si in Primul Razboi Mondial, Abwehr-ul german a fost una dintre agentiile de informatii de succes. Abwehr-ul a mentinut una dintre cele mai mari retele de spionaj si a facut progrese enorme in tehnologia de spionaj, criptare si SIGINT. In timpul celui de al doilea Razboi Mondial, Abwehr-ul a participat in multe operatiuni, in special in recrutarea de agenti dubli care s-au infiltrat in sistemele militare aliate.

Dupa cel de-al doilea Razboi Mondial, Germania a fost impartita in doua țari separate. Germania de Est, sub influența sovietica, a organizat un serviciu de informații puternic, cunoscut sub numele de STASI. In 1989, dupa caderea regimului comunist, a inceput procesul de reunificare a Germaniei. Dupa eforturi de

decenii pentru a vindeca ranile nazismului, guvernul german a trebuit sa abordeze mostenirea opresiva de agentiilor fostului guvernul est-german. Dupa reunificarea Germaniei, liderii guvernului au stabilit o campanie extrem de mediatizata de restructurare si reforma a sistemelor de informații nationale re-emergente si agentiilor de securitate, comunitatea de informatii germana de azi  incercand in mod activ sa se distanteze de predecesorii sai.

Prima  agentie de informatii  a Germaniei este Bundesnachrichtendienst (BND), (Federal Intelligence Service, Serviciul Federal de Informații) si se ocupa atat de informatii interne cat si externe. Face parte din Biroul cancelarului federal si activeaza in sediul guvernului german. BND gestioneaza o retea substantiala HUMINT la nivel mondial si conduce  un sistem radio extins de supraveghere si semnalare, atat in Germania cat si in intreaga Europa, lucrand in cooperare cu alte agentii de securitate, in special cu Poliția Federala.

 BND colecteaza informatii relevante pentru localizarea si urmarirea in justitie a grupurilor teroriste, traficantii de droguri, spalarii de bani si comercianți ilegali de arme. In conformitate cu dreptul international, BND efectueaza operatiuni de informatii menite sa previna proliferarea tehnologiei  si  materialelor nucleare.

Sistemul de informații militare este coordonat de catre structuri departamentale ale Ministerului Apararii. Agentia de informatii militare esteNachrichtenwesen Amt der Bundeswehr (ANBw), care coordoneaza operatiunile diferitelor ramuri de informatii militare si faciliteaza schimbul de informatii vitale cu agentiile civile in cadrul comunitatii de informatii germane. ANBw evalueaza, in primul rand, puterea militara, teatrele de operatii si pozitia politica de militara a altor state.

Abschirmdienst Militaerischer (MAD), Serviciul militar de Securitate, are in responsabilitate operatiunile de contraspionaj. Un department din MAD colecteaza informatii cu privire la operatiunile informative straine si evalueaza sistemele de securitate destinate protecției informațiilor clasificate.

Ministerul de Interne din Germania administreaza agentiile civile de informatii. Insarcinati cu colectarea si analiza informatiilor interne si informatiilor de securitate, principalele agentii civile germane sunt Sicherheit Bundesamt für in der Informationstechnik (BSI), Oficiul Federal pentru securitatea in tehnologia informatiei, si Bundesamt für Verfassungsschutz (BFV), Biroul Federal pentru Protectia Constitutiei. BSI este responsabil pentru securitatea tehnologiei informationele guvernamentale, conduce supravegherea rețelelor de Internet si obține informatii privind infractiunile prin internet.

Oficiul Federal pentru Apararea Constitutiei (BFV) evalueaza riscurile generate de diverse grupuri extremiste. Agentia desfasoara operatiunile de supraveghere si infiltrare in grupurile extremiste pentru a aduna informatii despre organizare, resurse financiare, arme si planuri de actiune, misiunea sa fiind de  monitorizare a extremistilor si gruparilor paramilitare care reprezinta o potentiala amenintare pentru interesele nationale.

Germania participa in multe operatiuni de informatii internationale, inclusiv masuri globale anti-terorism.

In ultimii ani, comunitatea de informatii germana a devenit una dintre principalele surse de informatii asupra organizatiilor extremiste politice si grupuri subversive in intreaga Europa.

Elementele de culegere a informațiilor sunt fortele, mijloacele si sistemele utilizate pentru a observa, supraveghea, identifica, inregistra si comunica date si informatii referitoare la fapte, evenimente, situatii si conditii.

Informatiile culese de acestea provin din mai multe tipuri de surse, numite si discipline de culegere, astfel:

-      Informatii din surse acustice (ACINT) sunt informatii provenite din culegerea si procesarea fenomenelor acustice. Datorita naturii originii sunetului ACINT vizeaza in primul rand miscarea si informatiile derivate din aceasta.

-      Informatii din surse umane (HUMINT) sunt o categorie de informatii derivata din informatiile culese si asigurate de sursele umane. HUMINT au valoare particulara in confirmarea sau completarea IMINT si SIGINT.

-      Informatii obtinute din imagini (IMINT) sunt informatii din imaginile obtinute de senzorii care pot fi dispusi pe sol, pe mare sau pe platforme aeriene

 /spatiale. Informatia transmisa de o imagine este clara, concisa, fara echivoc si in cele mai multe cazuri este folosita pentru confirmarea informatiilor din alte surse.

-      Informatii cu privire la caracteristicile tintei (MASINT) reprezinta informatiile stiintifice si tehnice derivate din analiza datelor obtinute de la senzori cu scopul identificarii caracteristicilor distincte asociate cu sursa, pentru a facilita identificarea ulterioara.

-      Informatii din surse deschise (OSINT) reprezinta informatiile derivate din informatiile publice disponibile si informatiile neclasificate cu distribuire sau acces public limitat.

-      Informatii culese prin radar (RADINT) sunt informatii obtinute prin utilizarea radarului ca instrument de detectie, precum identificarea si localizarea unei tinte care poate fi recunoscuta sau nu, pe o anumita directie si la o anumita distanta sau simpla detectare a miscarii unei tinte.

-      Informatii obtinute din mediul electromagnetic (SIGINT) reprezinta informatiile obtinute prin interceptarea si procesarea semnalelor electromagnetice si cuprinde informatiile obtinute din comunicatii (COMINT) si informatiile obtinute din non-comunicatii (ELINT).

Informatii obtinute prin analizarea echipamentelor tehnice/ tehnologice (TEHINT) reprezinta informatiile cu privire la dezvoltarile tehnologice, care au, sau eventual pot sa aiba, o aplicare practica in scopuri militare.

Cunoasterea capabilitatilor si limitarilor activitații agențiilor de informații de catre comandantii, planificatorii si operatorii de la toate esaloanele este obligatorie, pentru a sti ce sa ceara si ce sa astepte de la sistem, modul de angajare al capabilitatilor acestuia, modul de compensare a cerintelor cu resursele si riscurile identificate.

The Federal Office for Information Security (BSI) is a federal agency with the mission to promote IT security in Germany. It is the central IT security service provider for the German government but also offers services to IT manufacturers, as well as private and commercial users.

Tasks of the Federal Office (1) The Federal Office shall promote the security of information technology. To do so, it shall

perform the following tasks: 1. prevent threats to the security of federal information technology; 2. gather and analyse information on security risks and security precautions and provide the results to

other authorities as needed for them to fulfil their tasks or preserve their security interests; 3. studying security risks involved in the use of information technology, and developing security

precautions, especially information technology processes and devices for information technology security (IT security products) as needed by the Federation to fulfil its tasks, including research as part of its legally mandated tasks;

4. developing criteria, procedures and tools to test and evaluate the security of information technology systems or components and to test and evaluate compliance with IT security standards;

5. testing and evaluating the security of information technology systems or components and issuing security certificates;

6. testing information technology systems and components and confirming compliance with IT security standards defined in the Federal Office’s technical guidelines;

7. testing, evaluating and approving information technology systems or components to be used in processing or transmitting official confidential information in accordance with Section 4 of the Security Clearance Check Act (SÜG) in the federal area or by companies in the context of federal contracts;

8. producing key data and operating cryptography and security management systems for federal information security systems used to protect official confidentiality or in other areas at the request of the authorities concerned;

9. providing support and advice on organizational and technical security measures and carrying out technical tests to protect confidential official information in accordance with Section 4 of the Security Clearance Check Act against unauthorized access;

10. developing technical security standards for federal information technology and for the suitability of information technology contractors in special need of protection;

11. making IT security products available to federal bodies; 12. providing support for the federal bodies responsible for the security of information technology,

especially where these bodies undertake advisory or supervisory tasks; support for the Federal Commissioner for Data Protection and Freedom of Information shall take priority and shall be provided in line with the independency granted the Federal Commissioner in carrying out his/her tasks;

13. providing support for a) the police and prosecution authorities in carrying out their legally mandated tasks, b) the authorities for the protection of the Constitution in analysing and evaluating information derived from surveillance of terrorist activities or from intelligence activities as authorized by federal and state law, c) the Federal Intelligence Service in carrying out its legally mandated tasks. This support may be provided only where necessary to prevent or investigate activities directed against the security of information technology or activities carried out using information technology. The Federal Office shall keep a record of requests for support;

14. advising and warning federal and Länder bodies as well as producers, distributors and users with regard to the security of information technology, keeping in mind the possible consequences of the lack of security precautions or of inadequate security precautions;

15. creating appropriate communications structures to recognize crises at an early stage, respond and manage crises and to coordinate efforts to protect critical information infrastructures in cooperation with private industry. (2) The Federal Office may assist the Länder in securing their information technology upon request.

BSI Standarts1:1. BSI Standard 100-1 defines the general requirements for an ISMS. It is completely

compatible with ISO Standard 27001 and moreover takes the recommendations in ISO Standards of the ISO 2700x family into consideration. It provides readers with easily understood and systematic instructions, regardless of which methods they wish to use to implement the requirements.

2. BSI-Standard 100-2: IT-Grundschutz Methodology The IT-Grundschutz Methodology progressively describes (step by step) how information security management can be set up and operated in practice. The tasks of information security management and setting up an security organisation are important subjects in this context. The IT-Grundschutz Methodology provides a detailed description of how to produce a practical security concept, how to select appropriate security safeguards and what is important when implementing the security concept. The question as to how to maintain and improve information security in ongoing operation is also answered.

3. BSI-Standard 100-3: Risk Analysis based on IT-Grundschutz To cover these issues, the BSI has worked out a method of analysing risks that is based on IT-Grundschutz. This approach can be used when companies or public authorities are already working successfully with the IT-Grundschutz Manual and would like to add an additional security analysis to the IT-Grundschutz analysis as seamlessly as possible. There may be different reasons for this:

- the protection requirements of the company or the public authority go beyond the normal measure (high or very high protection requirements).

- the institution operates important components, which are (still) not treated in the IT-Grundschutz Catalogues of the BSI

- the target objects are operated in application scenarios, which are not designated within the framework of the IT-Grundschutz.

4. The BSI Standard 100-4 points out a systematic way to develop, establish and maintain an agency-wide or company-wide internal business continuity management system.

TeleTrusT is a widespread competence network for IT security comprising members from industry, administration, consultancy and research as well as national and international partner organizations with similar objectives. With a broad range of members and partner organizations TeleTrusT embodies the largest competence network for IT security in Germany and Europe. TeleTrusT provides interdisciplinary fora for IT security experts and facilitates information exchange between vendors, users and authorities. TeleTrusT comments on technical, political and legal issues related to IT security and is organizer of events and conferences. TeleTrusT is a non-profit association, whose objective is to promote information security professionalism, raising awareness and best practices in all domains of information security. TeleTrusT is carrier of the "European Bridge CA" (EBCA; PKI network of trust), the quality seal "IT Security made in Germany" and runs the IT expert certification programs "TeleTrusT Information Security Professional" (T.I.S.P.) and "TeleTrusT Engineer for System Security" (T.E.S.S.). TeleTrusT is a member of the European Telecommunications Standards Institute (ETSI). The association is headquartered in Berlin, Germany.

Unul dintre cele mai mari atacuri cibernetice din istorie s-a petrecut la începutul lunii august, atunci când câţiva hackeri ruşi au furat 1,2 milioane de date, sub formă de identităţi digitale şi parole. Oficiul

1 www.bsi.bund.de/EN/Publications/BSIStandards/BSIStandards_node.html

federal pentru securitate în tehnologia informaţiei (BSI) a făcut imediat un apel către providerii de internet, pentru mai multă siguranţă a datelor.

De atunci însă, autorităţile germane au lucrat la măsuri concrete în acest sens: în viitorul apropiat, va intra în vigoare o nouă legislaţie, prin care sistemele IT ale companiilor vor respecta standarde stricte de securitate. Pentru că şi Germania devine tot mai des victima atacurilor sau a spionajului cibernetic.

Standardele de siguranţă nu mai sunt opţionaleMinistrul federal de Interne, Thomas de Maiziere, a declarat că vizate sunt în special companiile de

telecomunicaţii, transport, asigurări, domeniile sănătate, gastronomie şi providerii de energie. Erori în sistemele IT ale acestor sectoare ar putea avea „urmări grave, dacă nu chiar dramatice pentru întreaga societate”, e de părere de Maiziere.

Noua legislaţie îi va obliga pe întreprinzători să aplice anumite standarde de securitate digitală. „Cine îi pune şi pe alţii în pericol prin utilizarea IT trebuie să-şi asume răspunderea de a-i proteja”, scrie de Maiziere, într-un articol publicat în cotidianul Frankfurter Allgemeine Zeitung. Cu alte cuvinte, implementarea unor standarde de siguranţă în sfera digitală nu va mai fi o chestiune opţională.

Noi locuri de muncă pentru siguranţă în ITStatul, e de părere ministrul de Interne, trebuie să asigure o „centură de siguranţă pentru sistemele IT

cu o infrastructură critică”. Mai mult decât atât, prin această lege a securităţii digitale, sistemele IT din Germania vor fi printre cele mai sigure din lume, spune de Maiziere.

Se preconizează printre altele şi înfiinţarea a câtorva sute de locuri de muncă în plus la Serviciul federal de informaţii interne (BfV), la Oficiul federal de criminalistică (BKA) şi la Oficiul federal pentru securitate în tehnologia informaţiei (BSI). Costurile anuale pentru locurile suplimentare de muncă depăşesc 20 milioane de euro.

Dincolo de proiectul de lege, în această săptămână, Thomas de Maiziere (CDU), împreună cu Ministrul federal al Economiei, Sigmar Gabriel (SPD) şi ministrul Transporturilor, Alexander Dobrindt (CSU) vor prezenta „Agenda digitală 2014-2017”, o serie de măsuri care vizează evoluţiile în domeniul digital.

Denial of serviceSituation∙ So far in 2014 there have been over 32,000 DDoS attacks in Germany alone. ∙ Virtually every sector is afflicted by DDoS attacks. ∙ The Alliance for Cyber Security14 survey found that over a third of the companies questioned

reported being the target of a DDoS attack on their websites during the past three years. ∙ A quarter of the companies surveyed had suffered DDoS attacks on their network infrastructure. ∙ Since 2013 there has been increased use of reflec tion attacks, whereby the target system is not

attacked directly but rather through the misuse of publicly available Internet services (e.g. DNS15 or NTP16). These involve attackers sending small queries to a public service in the name of their victim. The services then send their replies to the victim’s system. Because the replies are usually a lot larger than the queries, even a small number of attacking systems can do great damage and cripple the victim’s system. In reflection attacks unwitting parties such as the service providers become unwilling accomplices.

∙ To date the largest DDos attack took place in February 2014, involving a bandwidth up to 400 gigabits per second. This attack was based on NTP reflection.

∙ The number of NTP servers in Germany which could be exploited for this kind of attack fell between June 2014 and August 2014 from over 4,000 systems to around 2,500. This was due to information given to the operators by the BSI.

SpamSituation ∙ 2014 saw major growth of around 80 per cent as compared with 2013, bucking the trend of recent

years in which spam volumes had stagnated (see Fig. 2). ∙ Germany is midway down the Top 10 in the global list of spam senders. ∙ 2014 saw a 36 per cent rise

in e-mails with malware in the attachments. ∙ Since the beginning of 2014 a trend towards the generation and sending of pseudorandom malware

variants has been observed. ∙ Criminals increasingly send Office documents as attachments, with malware being downloaded via

macros in these documents.

∙ Due to identity theft spam is increasingly sent via compromised user accounts utilising established e-mail service providers.

MalwareSituation ∙ The total number of PC-based malware variants is now estimated at around the 250 million mark. ∙ In

Germany there are at least one million malware infections a month. ∙ The number of malware variants increases at a rate of about 300,000 a day.

∙ The most c ommon ways of spreading malware are drive-by exploits, spam attachments and botnets. ∙ The most frequently detected malware types are adware and Trojans.

∙ Microsoft Windows is by far the operating system most frequently affected by malware, accounting for around 95 per cent of all instances.

∙ Mobile platforms: at least three million mal ware programs exist for mobile devices such as smartphones or tablets. 98 per cent of these are designed for the Android operating system.

∙ Malware for mobile platforms usually masquer ade as legitimate apps. They are predominantly distributed via alternative app stores or websites rather than official app stores like Google Play, or are installed unwittingly by the users themselves.

∙ Attackers’ deployment of malware is increasingly professional, for instance involving improved methods of concealing the control servers, the use of Twitter channels or Google Docs as com mand-and-control (C&C) servers, as well as the use of cutting-edge encryption techniques such as elliptic curve cryptography to safeguard the communication.

∙ Alongside classical malware which steals data or manipulates online banking activities, ransom ware, malware which blocks access to systems or encrypts user data in order to then extort ‘ransom money’, has become a further everyday tool in the cybercriminal’s arsenal.

Cyber Security Strategy for Germany 1. Protection of critical information infrastructures The protection of critical information

infrastructures is the main priority of cyber security. They are a central component of nearly all critical infrastructures and become increasingly important. The public and the private sector must create an enhanced strategic and organizational basis for closer coordination based on intensified information sharing. To this end, cooperation established by the CIP implementation plan is systematically extended, and legal commitments to enhance the binding nature of the CIP implementation plan are examined. With the participation of the National Cyber Security Council (cf. objective 5), the integration of additional sectors is examined and the introduction of new relevant technologies is 1 German Army 4 considered to a greater extent. Whether and where protective measures have to be made mandatory and whether and where additional powers are required in case of specific threats have to be clarified, too. Furthermore we will examine the necessity of harmonizing rules to maintain critical infrastructures during IT crises.

2. Secure IT systems in Germany Infrastructure protection requires more security with regard to IT systems used by citizens and small and medium-sized businesses. Users need appropriate and consistent information on risks related to the use of IT systems and on security measures they can take to use cyberspace in a secure manner. We will organize joint initiatives with groups from society to pool information and advice consistently. Furthermore we will examine whether providers may have to assume greater responsibility and make sure that a basic collection of appropriate security products and services are made available to users by providers. We want to provide specific incentives and funds for basic security functions certified by the state (e.g. electronic proof of identity or De-mail) to be used by the vast majority of citizens. To support small and medium-sized businesses in the secure use of IT systems, the Federal Ministry of Economics and Technology has set up a task force on “IT security in industry” with the participation of industry.

3. Strengthening IT security in the public administration The public administration will further enhance the protection of its IT systems. State authorities have to serve as role models for data security. We will create a common, uniform and secure network infrastructure in the federal administration (“federal networks”) as a basis for electronic audio and data communication. We will continue to press ahead with the implementation plan for the federal administration. Should the IT security situation get worse, this plan may be aligned accordingly. Effective IT security requires powerful structures in all federal authorities. For this reason resources must be deployed appropriately at central and local level. To facilitate implementation through uniform action by authorities, joint investments into the Federal Government’s IT security will be made regularly in line with budgetary possibilities. Operational cooperation with the federal Länder,

particularly with regard to CERTs (computer emergency response teams), will be further intensified by the IT planning council.

4. National Cyber Response Centre 5 To optimize operational cooperation between all state authorities and improve the coordination of protection and response measures for IT incidents we will set up a National Cyber Response Centre. It will report to the Federal Office for Information Security (BSI) and cooperate directly with the Federal Office for the Protection of the Constitution (BfV) and the Federal Office of Civil Protection and Disaster Assistance (BBK). Cooperation in the National Cyber Response Centre will strictly observe the statutory tasks and powers of all authorities involved on the basis of cooperation agreements. The Federal Criminal Police Office (BKA), the Federal Police (BPOL), the Customs Criminological Office (ZKA), the Federal Intelligence Service (BND), the Bundeswehr and authorities supervising critical infrastructure operators all participate in this centre within the framework of their statutory tasks and powers. Quick and close information sharing on weaknesses of IT products, vulnerabilities, forms of attacks and profiles of perpetrators enables the National Cyber Response Centre to analyse IT incidents and give consolidated recommendations for action. The interests of the private sector to protect itself against crime and espionage in cyberspace should also be adequately taken into account. At the same time respective responsibilities must be observed. Every stakeholder takes the necessary measures in its remit on the basis of the jointly developed national cyber security assessment and coordinates them with the competent authorities as well as partners from industry and academia. Since security preparedness is best achieved by early warning and prevention, the Cyber Response Centre will submit recommendations to the National Cyber Security Council both on a regular basis and for specific incidents. If the cyber security situation reaches the level of an imminent or already occurred crisis, the National Cyber Response Centre will directly inform the crisis management staff headed by the responsible State Secretary at the Federal Ministry of the Interior.

5. National Cyber Security Council The identification and removal of structural causes for crises are considered an important preventive tool for cyber security. For this reason we want to establish and maintain cooperation within the Federal Government and between the public and the private sector within the responsibility of the Federal Government Commissioner for Information Technology more visible and set up a National Cyber Security Council. The Federal Chancellery and a State Secretary from each the Federal Foreign Office, the Federal Ministry of the Interior, the Federal Ministry of Defence, the Federal Ministry for Economics and Technology, the Federal Ministry of Justice, the Federal Ministry of Finance, the Federal Ministry of Education and Resarch and 6 representatives of the federal Länder will participate. On specific occasions additional ministries will be included. Business representatives will be invited as associated members. Representatives from academia will be involved, if required. The National Cyber Security Council is intended to coordinate preventive tools and the interdisciplinary cyber security approaches of the public and the private sector. The National Cyber Security Council will complement and interlink IT management at federal level and the work of the IT Planning Council in the area of cyber security at a political and strategic level.

6. Effective crime control also in cyberspace The capabilities of law enforcement agencies, the Federal Office for Information Security and the private sector in combating cyber crime, also with regard to protection against espionage and sabotage, must be strengthened. To improve the exchange of know how in this area we intend to set up joint institutions with industry with the participation of the competent law enforcement agencies, which will act in an advisory capacity. Projects to support partner countries with structural weaknesses will also serve the aim of combating cyber crime. To face up to the growing challenges of global cyber crime activities we will make a major effort to achieve global harmonization in criminal law based on the Council of Europe Cyber Crime Convention. Furthermore, we will examine whether additional conventions in this area may be necessary at UN level.

7. Effective coordinated action to ensure cyber security in Europe and worldwide In global cyberspace security can be achieved only through coordinated tools at national and international level. At EU level we support appropriate measures based on the action plan for the protection of critical information infrastructures, the extension and moderate enlargement of the mandate of the European Network and Information Security Agency (ENISA) in view of the changed threat situation in ICT and the pooling of IT competences in EU institutions. The EU Internal Security Strategy and the Digital Agenda provide guidance for further activities. We will shape our external cyber policy in such a way that German interests and ideas concerning cyber security are coordinated and pursued in international organizations, such as the United Nations, the OSCE, the Council of Europe, the OECD and NATO. An increasingly multilateral approach

must be brought in line with the necessity of sovereign evaluation and decision-making powers. In this context, a code for state conduct in cyberspace (cyber code) should be established, which is 7 signed by as many countries as possible and includes confidence-building security measures. In the G8 framework we are currently working on intensifying anti-botnet activities. NATO serves as the basis of transatlantic security. Hence, NATO must take cyber security appropriately into account in its entire range of responsibilities. We are in favour of the alliance’s commitment to establishing uniform security standards, which Member States may also use for civilian critical infrastructures on a voluntary basis, as foreseen in NATO’s new Strategic Concept.

8. Use of reliable and trustworthy information technology The availability of reliable IT systems and components must be ensured on a permanent basis. The development of innovative protection plans for improved security which take into account social and economic aspects is strongly supported. To this end, we will continue and intensify research on IT security and on critical infrastructure protection. Furthermore we will strengthen Germany’s technological sovereignty and economic capacity in the entire range of core strategic IT competences, include them in our political strategies and develop them further. Wherever it makes sense, we will pool our resources with those of our partners and allies, particularly in Europe. We are in favour of diversity in technology. Our aim is to use components in critical security areas which are certified against an international recognized certification standard

9. Personnel development in federal authorities Given the strategic importance of cyber security, it must be examined as a priority whether additional staff is necessary in authorities in the interest of cyber security. Furthermore, intensified personnel exchange between federal authorities and appropriate further training measures will enhance interministerial cooperation.

10. Tools to respond to cyber attacks If the state wants to be fully prepared for cyber attacks, a coordinated and comprehensive set of tools to respond to cyber attacks must be created in cooperation with the competent state authorities. We will continue to assess the threat situation regularly and take appropriate protection measures. If necessary, we have to examine whether additional statutory powers must be created at federal or Länder level. Above all, the aims, mechanisms and institutions mentioned above must be internalized through a permanent exercise process with the relevant federal and Länder authorities as well as businesses.

References:

1. www.enisa.europa.eu/media/news-items/german-cyber-security-strategy-2011-1 2. www.teletrust.de/en/startseite/ 3. Managementul strategic al infrastructurilor critice. Accesat pe:

http://www.scritub.com/management/LUCRARE-DE-DISERTATIE-MANAGEME32586.php 4. The State of IT Security in Germany 2014. Accesat pe:

www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Securitysituation/IT-Security-Situation-in-Germany-2014_pdf.pdf?__blob=publicationFile

5. Act to Strengthen the Security of Federal Information Technology of 14 August 2009. Accesat pe: www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/BSI/BSI_Act_BSIG.pdf?__blob=publicationFile