News
& Events

Specialized symposium (Cybersecurity) in cooperation with the Ministry of Defense

05-06-2024

• Sheikha Tamader Khaled Al-Ahmad Al-Jaber Al-Sabah: Cybersecurity is a strategic element for protecting assets in the oil and gas sector • Integration of advanced technology and continuous training has become a necessity to detect cyber threats and protect sensitive data The Public Relations and Petroleum Media Department at the Ministry of Oil organized a specialized symposium this morning, Wednesday, June 5, 2024, in the theater of the Oil Sector Complex, entitled (Cybersecurity), in which Colonel M/ Abdul Rahman Al-Shatti from the Cyber ​​Operations Directorate - Ministry of Defence, lectured, and was attended by a number of employees. Information Systems Center, technical, economic, administrative and financial affairs staff at the Ministry of Oil, guests from the Central Agency for Information Technology, the Communications and Information Technology Authority, the Ministry of Electricity, Water and Renewable Energy, the Kuwait Institute for Scientific Research, the Organization of Arab Petroleum Exporting Countries (OAPEC), and media professionals. At the beginning of the specialized symposium, the Director of Public Relations and Petroleum Media at the Ministry of Oil, Sheikha Tamadur Khaled Al-Ahmad Al-Jaber Al-Sabah, said that cybersecurity in the oil and gas sector is considered a vital and sensitive issue given the strategic importance of this sector and its great impact on the global economy. She pointed out that with the increasing reliance on technology in oil and gas operations, cybersecurity has become an urgent necessity to protect this vital industry, and this requires close integration between advanced technology, advanced security strategies, and continuous training for employees. She stated that the development of cybersecurity in Kuwait represents an important aspect of the state’s strategy to protect its vital infrastructure and sensitive information, and Sheikha Tamadur Khaled Al-Ahmad Al-Jaber Al-Sabah called for the necessity of integrating state ministries and agencies in confronting security challenges in the fields of technology, stressing the importance of using technologies such as artificial intelligence and learning. Automated threats to quickly detect and respond, analyze anomalous patterns, and protect sensitive data with encryption. In addition, Colonel M/ Abdul Rahman Al Shatti from the Cyber ​​Operations Directorate - Ministry of Defense gave a visual presentation on cybersecurity, during which he reviewed the definition of cyberspace, its components and importance, its impact on the national and military levels, understanding the impact and actions that threat elements can achieve in cyberspace, and the ability to evaluate And cyber risk management. During the symposium, the symposium reviewed an introduction to cyberspace and its importance, the elements of cyber threat, their capabilities and methods of operation, the characteristics of operations in cyberspace, the assessment and management of cyber risks, and the study and analysis of previous cyber attacks. He said that cyberspace is a global, man-made environment, formed as a result of the interconnection of communications and information technology infrastructure networks, which contains: communications and computer networks, including independent or separate networks, communications towers, sea and land cables, computer systems, and data that is stored and processed. In it and transmitted through it, and about its importance, he said that it is considered possible for individuals and military, security and civil institutions to provide their electronic services and access them from inside and outside the geographical borders of the state. Types of cyberspace Colonel M/ Abdul Rahman Al Shatti stated that cyberspace is diversifying into national, institutional and personal cyberspace, noting that with the expansion of electronic services and the heavy reliance on cyberspace, its security has become an integral part of national security. He explained that cyberspace defense operations are procedures, tasks and activities carried out by the state, institution and individuals to ensure the confidentiality, integrity and availability of its networks, systems and data, and to prevent threat elements from achieving their goals therein. He pointed out that threat elements in cyberspace are concentrated in armies or groups supported by states to carry out espionage or theft operations, national hackers to carry out modification, deprivation or destruction operations, terrorist groups to carry out sabotage operations, gangs and cybercriminals to carry out business disruption operations, as well as organizations and activists who carry out Through recruitment, terrorism, or luring operations, and finally internal elements in the state to carry out intellectual demolition or deception operations. He discussed the capabilities and methods of cyber threat elements (cyber weapons), saying that they are concentrated in a data scanner/destroyer program, ransomware/data theft programs, sabotage programs, BOTs programs, remote control programs, and the keylogger program. He said that the threat elements' operations methods include exploiting human weaknesses and vulnerabilities, or what is known as social engineering, such as fraudulent emails, fraudulent text messages, fraudulent communications, and impersonation of official websites. He stated that the characteristics of operations in cyberspace are the ease of access to targets across international borders without restrictions, the ease of concealing the source of attacks using VPN services and servers, the ease of concealing the source of attacks - the TOR network, the ease of concealing the source of attacks and public or government networks, and the ease of obtaining weapons and tools. Cyber, asymmetric impact - small force and limited effort offset by large impact. Threat elements Colonel Staff Colonel M/ Abdul Rahman Al-Shatti reviewed the characteristics of operations in cyberspace in the long planning time compared to the implementation time, which goes through three stages of preparation, information gathering and decision-making procedures, which take from hours to months, executing the mission and gaining a foothold, which takes a few seconds, and finally Achieving the desired effect (physical/virtual/cognitive), which takes from hours to months. He said that threat actors are always looking for loopholes and weaknesses to exploit, such as human, technological and procedural vulnerabilities. He stated that measuring risk management consists of determining the degree of probability of the act causing the risk occurring, determining the severity of the expected impact if the expected act occurs, determining the degree of risk according to the schedule, and following the organization’s fixed SOP orders for dealing with degrees of risk. He stated that reducing cyber risks is represented by governance, risk assessment and management, measuring compliance and commitment, physical security, installing protection devices and programs, technical standards, managing definitions, and managing security vulnerabilities and challenges, as well as the necessity of providing skilled technical personnel in managing internal threats, awareness and training. He reviewed examples of cyber attack operations, such as the destructive (Shamoon 1) program, which struck Aramco’s internal network, where the Cyber ​​Army was sent an electronic response message containing the (Shamoon 1) program, so that the victim opened the message and attachments, and the program was implanted in the devices and succeeded in spreading throughout the Aramco network. Within a specific period of time, the program deleted the data of 30,000 computers and disabled them from working. He also reviewed an example of a cyberattack process, the STUXNET sabotage program, where he said that the beginning is with advanced cyber groups belonging to countries, as maintenance companies dealing with the facility plant the malicious program in the corporate network, and the sabotage program is transferred via a computer or USB connection, and then the sabotage program is transferred to systems. Control and change some numbers in the PLC related to the facility, then the temperature rises due to changing some numbers and then the facility explodes. He concluded that cyberspace is a global, man-made environment, formed as a result of the interconnection of communications and information technology infrastructure networks, and is considered the main enabler of electronic services and digital transformation. Cyberspace security has become an integral part of national security, and protecting it is a duty, especially in light of the expansion of electronic services and adoption. Big on him. Cyber ​​defense operations are procedures, tasks and activities carried out by the state, institution and individuals to ensure the confidentiality, integrity and availability of its networks, systems and data, and to prevent threat elements from achieving their goals therein. Armies and groups supported by states and internal threat elements are considered the most dangerous cyber threat elements. Cyber ​​threat elements use social media, and digital weapons are used in disinformation operations. Colonel M/ Abd al-Rahman al-Shatti concluded his speech by saying: “Leaders and officials must begin to constantly evaluate cyber risks and threats and work to reduce and manage them. Defense and cyber security operations are everyone’s responsibility and not the responsibility of cyber security departments or information systems only.”