Project Cyber Dawn – Libya© 2011, CSFI All Rights Reserved. UNCLASSIFIED i
Project Cyber Dawn is the result of a collaborative research effort of twenty-one individuals from the USA,Australia, Canada, Egypt, Italy, Tunisia and the UK. The Cyber Security Forum Initiative (CSFI) is a non-profit, worldwide organization with a mission to provide Cyber Warfare awareness, guidance and securitysolutions through collaboration, education, volunteer work and training to assist NATO partners in their common government, military and commercial interests. Today, CSFI is a community of nearly seventhousand cyber security and cyber warfare professionals from governments, militaries, private sector andacademia.Project Cyber Dawn: Libya collates, analyzes and reports on raw data and its interconnections that havebeen harvested from the public domain. Recent events are correlated with known historical data toprovide an in depth view into Libyan Cyber Warfare capabilities and defenses.In light of recent NATO actions to protect Libyan civilians, the primary media focus has been placed onthe elimination of Libyan military equipment that has been, or could be used to suppress and oppress,through the use of lethal force, the civilian population. In this information age, this report provides adetailed look at the information technology status of Libya.Through this analysis, CSFI can help the international community to understand not only Libya‘s potentialto influence the balance of cyberspace, but also the physical repercussions of cyber-attacks originatingfrom, and directed towards Libya. In light of the recent STUXNET virus attack on Siemens producedSupervisory Control And Data Acquisition (SCADA) systems, particular focus is given in later chapters toLibya‘s vulnerabilities to this genre of attack and the risks associated with this.Early on, Project Cyber Dawn: Libya provides a picture of Libya‘s current Internet status with a historicalview of it implementation, current cyber terrain and infrastructure and communications networks anddependencies. Recent civil unrest has been surrounded by outages to Libya‘s Internet connectivity, thetiming of which coincides with heightened civilian casualty reports. A breakdown of known LibyanGovernment websites and their providers are provided. The collective analysis of these informationpoints provides an indication to Libya‘s potential for information gathering and dissemination operationsworldwide and shows recent government efforts to attempt to conceal military efforts against civilians bydeliberately shutting down Internet connectivity to the country. To ensure a continual governmentcontrolled web presence, Libya uses international service providers in it's hosting many of which arelocated in the US.Libya‘s cyber offensive and defensive capabilities clearly show a relative lack of security surroundingmost of Libya‘s network and communications infrastructure, however given the rapid acceleration in ITgrowth, this is expected to become a key focus area in the near future. Although behind in offensivecyber security capabilities, the threat of cyber attacks from, or on behalf of Libya should not be ignored.