Iftach Ian Amit | April 2011               Cyber[Crime|War]               Connecting the Dots               Iftach Ian Ami...
Iftach Ian Amit | April 2011                                          The Disclaimer                       This is “hacker...
Iftach Ian Amit | April 2011                                                     Agenda                   • Who am I?     ...
Iftach Ian Amit | April 2011                                                     Who Am IAll rights reserved to Security A...
Iftach Ian Amit | April 2011               This is NOT going to beAll rights reserved to Security Art ltd. 2002-2010   5
Iftach Ian Amit | April 2011               This is NOT going to beAll rights reserved to Security Art ltd. 2002-2010   5
Iftach Ian Amit | April 2011    Picking up where we left off               At least as far as last year’s research is conc...
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   7
Iftach Ian Amit | April 2011                                                     Boss, is this                            ...
Iftach Ian Amit | April 2011                                                     Boss, is this                            ...
Iftach Ian Amit | April 2011                                                       Boss, is this                          ...
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   8
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   8
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   8
Iftach Ian Amit | April 2011       Final ly de-       classif ied...         (on p  ublic          dom   ain)             ...
Iftach Ian Amit | April 2011                         Hungry yet?                                                     That ...
Iftach Ian Amit | April 2011                Question 1: What is this?All rights reserved to Security Art ltd. 2002-2010   10
Iftach Ian Amit | April 2011               Question 1: What is this?All rights reserved to Security Art ltd. 2002-2010   11
Iftach Ian Amit | April 2011               Perceptions may be deceiving...                                  War           ...
Iftach Ian Amit | April 2011                                  War                              Crime             •      Go...
Iftach Ian Amit | April 2011                                                     CyberWar               “Cyberwarfare, (al...
Iftach Ian Amit | April 2011        It did                 not happen yet                               Estonia being an e...
Iftach Ian Amit | April 2011        It did                  not happen yet                                 RSA    being an...
Iftach Ian Amit | April 2011        It did                  not happen yet                                 RSA    being an...
Iftach Ian Amit | April 2011This is not the only way!                                     Neither is this...              ...
Iftach Ian Amit | April 2011                 Many faces of how CyberWar is perceived...                                   ...
Iftach Ian Amit | April 2011     We’ll focus on current players:                                                     And n...
Iftach Ian Amit | April 2011                                                     USA             •       Thoroughly docume...
Iftach Ian Amit | April 2011                                                     Russia                   •       GRU (Mai...
Iftach Ian Amit | April 2011                                                     China                   •       PLA (Peop...
Iftach Ian Amit | April 2011                                                     Iran                   • Telecommunicatio...
Iftach Ian Amit | April 2011                                                     Israel                   •       This is ...
Iftach Ian Amit | April 2011                                                     Israel                   •       This is ...
Iftach Ian Amit | April 2011                                                     Israel                   •       This is ...
Iftach Ian Amit | April 2011                             CyberWar - AttackHighly selective targeting ofmilitary (and criti...
Iftach Ian Amit | April 2011                             CyberWar - AttackHighly selective targeting ofmilitary (and criti...
Iftach Ian Amit | April 2011                             CyberWar - AttackHighly selective targeting ofmilitary (and criti...
Iftach Ian Amit | April 2011                        CyberWar - Defense             •      Never just military             ...
Iftach Ian Amit | April 2011                                                     CyberCrimeAll rights reserved to Security...
Iftach Ian Amit | April 2011                                                                              Criminal Boss   ...
Iftach Ian Amit | April 2011                        CyberCrime - Attack             •       Channels: web, mail, open serv...
Iftach Ian Amit | April 2011         CyberCrime - target locationsAll rights reserved to Security Art ltd. 2002-2010   29
Iftach Ian Amit | April 2011               CyberCrime - Locations                                                     Majo...
Iftach Ian Amit | April 2011                CyberCrime - AmmunitionAll rights reserved to Security Art ltd. 2002-2010   31
Iftach Ian Amit | April 2011                CyberCrime - Ammunition                                                     =≈...
Iftach Ian Amit | April 2011                CyberCrime - Ammunition                                                     =≈...
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   32
Iftach Ian Amit | April 2011                  CyberCrime - DefenseAll rights reserved to Security Art ltd. 2002-2010   33
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011                  CyberCrime - Defense             •       Anti [ Virus | Malware | Spyware | ...
Iftach Ian Amit | April 2011               How do these connect?                         Claim: CyberCrime is being used t...
Iftach Ian Amit | April 2011                          History - Revisited...       Estonia        You read all about it.  ...
Iftach Ian Amit | April 2011                          History - Revisited...       Israel                                 ...
Iftach Ian Amit | April 2011                          History - Revisited...       Israel                                 ...
Iftach Ian Amit | April 2011                Mid-east crime-war links        ARHack                Hacker forum by day     ...
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   38
Iftach Ian Amit | April 2011   Political postAll rights reserved to Security Art ltd. 2002-2010   38
Iftach Ian Amit | April 2011   Political post                                                 Buying/Selling cards for 1/2...
Iftach Ian Amit | April 2011   Political post                                                 Buying/Selling cards for 1/2...
Iftach Ian Amit | April 2011                          History - Revisited...       Georgia        More interesting...     ...
Iftach Ian Amit | April 2011                Russian Crime/State Dillema                                                   ...
Iftach Ian Amit | April 2011                                                                        Russian               ...
Iftach Ian Amit | April 2011                                                                          Russian             ...
Iftach Ian Amit | April 2011                                                                          Russian             ...
Iftach Ian Amit | April 2011                                                                          Russian             ...
Iftach Ian Amit | April 2011                                                                          Russian             ...
Iftach Ian Amit | April 2011                         Remember Georgia?                   •       Started by picking on the...
Iftach Ian Amit | April 2011                                          Georgia - cont.All rights reserved to Security Art l...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   •       Six (6) ne...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   •       Six (6) ne...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   •       Six (6) ne...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   •       Six (6) ne...
Iftach Ian Amit | April 2011                                          Georgia - cont.All rights reserved to Security Art l...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   • Final nail in th...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   • Final nail in th...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   • Final nail in th...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   • Final nail in th...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   • Final nail in th...
Iftach Ian Amit | April 2011                                          Georgia - cont.                   • Final nail in th...
Iftach Ian Amit | April 2011                          History - Revisited...       Iran        2009 Twitter DNS hack attri...
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   46
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   46
Iftach Ian Amit | April 2011               Iran-Twitter connecting dots                   • Twitter taken down December 18...
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   48
Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010   48
Iftach Ian Amit | April 2011                   Iran-Twitter - Ashiyane                   • Ashiyane was using the same pro...
Iftach Ian Amit | April 2011               On [Crime|War] training                                                     Ash...
Iftach Ian Amit | April 2011               On [Crime|War] training                                                     Ash...
Iftach Ian Amit | April 2011               On [Crime|War] training                                                     Ash...
Iftach Ian Amit | April 2011               Wargames targets includes:All rights reserved to Security Art ltd. 2002-2010   51
Iftach Ian Amit | April 2011               Back to [Crime|War] Links:      What else happened on the 18th?All rights reser...
Iftach Ian Amit | April 2011               Back to [Crime|War] Links:      What else happened on the 18th?All rights reser...
Iftach Ian Amit | April 2011               Back to [Crime|War] Links:      What else happened on the 18th?All rights reser...
Iftach Ian Amit | April 2011               Back to [Crime|War] Links:      What else happened on the 18th?All rights reser...
Iftach Ian Amit | April 2011               Back to [Crime|War] Links:      What else happened on the 18th?                ...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                             AshiyaneAll rights reserved to...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                                                           ...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                                                     Iran  ...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                                                     Iran  ...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                                                     Iran  ...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                                                     Iran  ...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                                                     Iran  ...
Iftach Ian Amit | April 2011         Mapping Iran’s [Crime|War]                                                     Iran  ...
Iftach Ian Amit | April 2011                             Iran - the unspokenAll rights reserved to Security Art ltd. 2002-...
Iftach Ian Amit | April 2011                             Iran - the unspoken                   • StuxnetAll rights reserve...
Iftach Ian Amit | April 2011                             Iran - the unspoken                   • Stuxnet                  ...
Iftach Ian Amit | April 2011                          History - Revisited...       China                   • Great Chinese...
Iftach Ian Amit | April 2011                      China ...connecting the dots                       January 12th - Google...
Iftach Ian Amit | April 2011                     China ...connecting the dots.                January 12th - Adobe gets ha...
Iftach Ian Amit | April 2011                   China ...connecting the dots...                           Problem: Attacks ...
Iftach Ian Amit | April 2011                  China ...connecting the dots....All rights reserved to Security Art ltd. 200...
Iftach Ian Amit | April 2011                  China ...connecting the dots....                       The China move:All ri...
Iftach Ian Amit | April 2011                  China ...connecting the dots....                       The China move:      ...
Iftach Ian Amit | April 2011                    Anecdote - a                                             professor in one ...
Iftach Ian Amit | April 2011                    Anecdote - a                                             professor in one ...
Iftach Ian Amit | April 2011                    Anecdote - a                                             professor in one ...
Iftach Ian Amit | April 2011                    Anecdote - a                                             professor in one ...
Iftach Ian Amit | April 2011                          History - Revisited...        Spain                   • You are on t...
Iftach Ian Amit | April 2011                        Spain ...connecting the dots                       3 People arrested b...
Iftach Ian Amit | April 2011                        Spain ...connecting the dots                       On July 2010, Slove...
Iftach Ian Amit | April 2011                  Spain ...connecting the dots....?All rights reserved to Security Art ltd. 20...
Iftach Ian Amit | April 2011                  Spain ...connecting the dots....?                Closure is still far on thi...
Iftach Ian Amit | April 2011                  Spain ...connecting the dots....?                Closure is still far on thi...
Iftach Ian Amit | April 2011               How does APT fit here?           RSA                   • Infection vector: Flash...
Iftach Ian Amit | April 2011                           APT ...connecting the dots           Compared to what we just revie...
Iftach Ian Amit | April 2011                     APT ...connecting the dots....?All rights reserved to Security Art ltd. 2...
Iftach Ian Amit | April 2011                     APT ...connecting the dots....?                                        In...
Iftach Ian Amit | April 2011                     APT ...connecting the dots....?                                          ...
Iftach Ian Amit | April 2011                     APT ...connecting the dots....?                                          ...
Iftach Ian Amit | April 2011                     APT ...connecting the dots....?                                          ...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)All rights reserved to Securi...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)All rights reserved to Securi...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)All rights reserved to Securi...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)All rights reserved to Securi...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)All rights reserved to Securi...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)All rights reserved to Securi...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)All rights reserved to Securi...
Iftach Ian Amit | April 2011                                          The Future (Ilustrated)                             ...
Iftach Ian Amit | April 2011                                                     Summary                                 G...
Iftach Ian Amit | April 2011                                                     Summary                                 G...
Iftach Ian Amit | April 2011                                                     Summary                                  ...
Iftach Ian Amit | April 2011                                                        Thanks!                               ...
Upcoming SlideShare
Loading in...5
×

Ian Iftach Amit - Cyber[Crime|War] - Connecting The Dots

1,150

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,150
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
54
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ian Iftach Amit - Cyber[Crime|War] - Connecting The Dots

  1. 1. Iftach Ian Amit | April 2011 Cyber[Crime|War] Connecting the Dots Iftach Ian Amit VP Consulting, Security Art Board Member - CSA Israel IL-CERT Dreamer DC9723All rights reserved to Security Art ltd. 2002-2010 www.security-art.com
  2. 2. Iftach Ian Amit | April 2011 The Disclaimer This is “hacker” me, and my own personal opinion only. This has got nothing to do with work stuff. The “work” me is often suited and talks in acronyms and industry best practices stuff.All rights reserved to Security Art ltd. 2002-2010 2
  3. 3. Iftach Ian Amit | April 2011 Agenda • Who am I? • CyberWar [Attack | Defense] • CyberCrime [Attack | Defense] • History revisited • Connecting the dots... • FutureAll rights reserved to Security Art ltd. 2002-2010 3
  4. 4. Iftach Ian Amit | April 2011 Who Am IAll rights reserved to Security Art ltd. 2002-2010 4
  5. 5. Iftach Ian Amit | April 2011 This is NOT going to beAll rights reserved to Security Art ltd. 2002-2010 5
  6. 6. Iftach Ian Amit | April 2011 This is NOT going to beAll rights reserved to Security Art ltd. 2002-2010 5
  7. 7. Iftach Ian Amit | April 2011 Picking up where we left off At least as far as last year’s research is concerned...All rights reserved to Security Art ltd. 2002-2010 6
  8. 8. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 7
  9. 9. Iftach Ian Amit | April 2011 Boss, is this supposed to be on the internet?All rights reserved to Security Art ltd. 2002-2010 7
  10. 10. Iftach Ian Amit | April 2011 Boss, is this supposed to be on the internet? I thi is fr nk t his pow om erpo myAll rights reserved to Security Art ltd. 2002-2010 7 int!
  11. 11. Iftach Ian Amit | April 2011 Boss, is this supposed to be on the internet? We probably need to call someone... I thi is fr nk t his pow om erpo myAll rights reserved to Security Art ltd. 2002-2010 7 int!
  12. 12. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 8
  13. 13. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 8
  14. 14. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 8
  15. 15. Iftach Ian Amit | April 2011 Final ly de- classif ied... (on p ublic dom ain) The initia “trace” o l r lo- jack used track dow to n the thief...All rights reserved to Security Art ltd. 2002-2010 8
  16. 16. Iftach Ian Amit | April 2011 Hungry yet? That was just the appetizer...All rights reserved to Security Art ltd. 2002-2010 9
  17. 17. Iftach Ian Amit | April 2011 Question 1: What is this?All rights reserved to Security Art ltd. 2002-2010 10
  18. 18. Iftach Ian Amit | April 2011 Question 1: What is this?All rights reserved to Security Art ltd. 2002-2010 11
  19. 19. Iftach Ian Amit | April 2011 Perceptions may be deceiving... War CrimeAll rights reserved to Security Art ltd. 2002-2010 12
  20. 20. Iftach Ian Amit | April 2011 War Crime • Government / state • Private • Official backing • Semi-official backing (org. crime) • Official resources • Financing • Official resources • Expertise? • Self financing? • Exploits/Vulns? • Established expertise (in- house + outsourced) • Market for exploitsAll rights reserved to Security Art ltd. 2002-2010 13
  21. 21. Iftach Ian Amit | April 2011 CyberWar “Cyberwarfare, (also known as cyberwar and Cyber Warfare), is the use of computers and the Internet in conducting warfare in cyberspace.” WikipediaAll rights reserved to Security Art ltd. 2002-2010 14
  22. 22. Iftach Ian Amit | April 2011 It did not happen yet Estonia being an exception? “There is no Cyberwar”All rights reserved to Security Art ltd. 2002-2010 15
  23. 23. Iftach Ian Amit | April 2011 It did not happen yet RSA being an exception? “There is no Cyberwar”All rights reserved to Security Art ltd. 2002-2010 15
  24. 24. Iftach Ian Amit | April 2011 It did not happen yet RSA being an exception? “There is no Cyberwar”All rights reserved to Security Art ltd. 2002-2010 15
  25. 25. Iftach Ian Amit | April 2011This is not the only way! Neither is this... But civilian are always at stake!All rights reserved to Security Art ltd. 2002-2010 16
  26. 26. Iftach Ian Amit | April 2011 Many faces of how CyberWar is perceived... From McAfee’s “Virtual Criminology Report” Image caption: “countries developing advanced offensive cyber capabilities”All rights reserved to Security Art ltd. 2002-2010 17
  27. 27. Iftach Ian Amit | April 2011 We’ll focus on current players: And no, here size does NOT matter...All rights reserved to Security Art ltd. 2002-2010 18
  28. 28. Iftach Ian Amit | April 2011 USA • Thoroughly documented activity around cyberwar preparedness as well as military/government agencies with readily available offensive capabilities • Massive recruiting of professional in attack/defense for different departments: • USCC (United States Cyber Command - includes AirForce, Marines, Navy and Army service components) • NSA • Other TLA’s...All rights reserved to Security Art ltd. 2002-2010 19
  29. 29. Iftach Ian Amit | April 2011 Russia • GRU (Main Intelligence Directorate of the Russian Armed Forces) • SVR (Foreign Intelligence Service) • FSB (Federal Security Services) • Center for Research of Military Strength of Foreign Countries • Several “National Youth Associations” (Nashi)All rights reserved to Security Art ltd. 2002-2010 20
  30. 30. Iftach Ian Amit | April 2011 China • PLA (People’s Liberation Army) • Homework: read the Northrop Grumman report... • General Staff Department 4th Department - Electronic Countermeasures == Offense • GSD 3rd Department - Signals Intelligence == Defense • Yes... Titan Rain...All rights reserved to Security Art ltd. 2002-2010 21
  31. 31. Iftach Ian Amit | April 2011 Iran • Telecommunications Infrastructure co. • Government telecom monopoly • Iranian Armed ForcesAll rights reserved to Security Art ltd. 2002-2010 22
  32. 32. Iftach Ian Amit | April 2011 Israel • This is going to be very boring... Google data only :-( • IDF (Israel Defense Forces) add cyber-attack capabilities. • C4I (Command, Control, Communications, Computers and Intelligence) branches in Intelligence and Air-Force commands • Staffing is mostly homegrown - trained in the army and other government agencies. • Mossad? (check out the jobs section on mossad.gov.il...)All rights reserved to Security Art ltd. 2002-2010 23
  33. 33. Iftach Ian Amit | April 2011 Israel • This is going to be very boring... Google data only :-( • IDF (Israel Defense Forces) add cyber-attack capabilities. • C4I (Command, Control, Communications, Computers and Intelligence) branches in Intelligence and Air-Force commands • Staffing is mostly homegrown - trained in the army and other government agencies. • Mossad? (check out the jobs section on mossad.gov.il...)All rights reserved to Security Art ltd. 2002-2010 23
  34. 34. Iftach Ian Amit | April 2011 Israel • This is going to be very boring... Google data only :-( • IDF (Israel Defense Forces) add cyber-attack capabilities. • C4I (Command, Control, Communications, Computers and Intelligence) branches in Intelligence and Air-Force commands • Staffing is mostly homegrown - trained in the army and other government agencies. • Mossad? (check out the jobs section on mossad.gov.il...)All rights reserved to Security Art ltd. 2002-2010 23
  35. 35. Iftach Ian Amit | April 2011 CyberWar - AttackHighly selective targeting ofmilitary (and critical)resources In conjunction with a kinetic attackAll rights reserved to Security Art ltd. 2002-2010 24
  36. 36. Iftach Ian Amit | April 2011 CyberWar - AttackHighly selective targeting ofmilitary (and critical)resources In conjunction with a kinetic attack ORAll rights reserved to Security Art ltd. 2002-2010 24
  37. 37. Iftach Ian Amit | April 2011 CyberWar - AttackHighly selective targeting ofmilitary (and critical)resources In conjunction with a kinetic attack OR Massive DDOS in order to “black-out” a region, disrupt services, and/or push political agenda (propaganda)All rights reserved to Security Art ltd. 2002-2010 24
  38. 38. Iftach Ian Amit | April 2011 CyberWar - Defense • Never just military • Targets will be civilian • Physical and logical protections = last survival act • Availability and Integrity of services • Can manifest in the cost of making services unavailable for most civiliansAll rights reserved to Security Art ltd. 2002-2010 25
  39. 39. Iftach Ian Amit | April 2011 CyberCrimeAll rights reserved to Security Art ltd. 2002-2010 26
  40. 40. Iftach Ian Amit | April 2011 Criminal Boss Under Boss Trojan Provider and Manager Trojan Command and Control Attackers Crimeware You want Toolkit Owners Trojan distribution in legitimate website money, you Campaign Manager Campaign Manager Campaign Manager gotta play like the big boys do... Affiliation Affiliation Affiliation Network Network Network Stolen Data Reseller Stolen Data Reseller Stolen Data ResellerAll rights reserved to Security Art ltd. 2002-2010 27 Figure 2: Organizational chart of a Cybercrime organization
  41. 41. Iftach Ian Amit | April 2011 CyberCrime - Attack • Channels: web, mail, open services • Targeted attacks on premium resources • Commissioned, or for extortion purposes • Carpet bombing for most attacks • Segmenting geographical regions and market segments • Secondary infections through controlled outposts • Bots, infected sitesAll rights reserved to Security Art ltd. 2002-2010 28
  42. 42. Iftach Ian Amit | April 2011 CyberCrime - target locationsAll rights reserved to Security Art ltd. 2002-2010 29
  43. 43. Iftach Ian Amit | April 2011 CyberCrime - Locations Major Cybercrime group locationsAll rights reserved to Security Art ltd. 2002-2010 30
  44. 44. Iftach Ian Amit | April 2011 CyberCrime - AmmunitionAll rights reserved to Security Art ltd. 2002-2010 31
  45. 45. Iftach Ian Amit | April 2011 CyberCrime - Ammunition =≈ APTAll rights reserved to Security Art ltd. 2002-2010 31
  46. 46. Iftach Ian Amit | April 2011 CyberCrime - Ammunition =≈ APTAll rights reserved to Security Art ltd. 2002-2010 31
  47. 47. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 32
  48. 48. Iftach Ian Amit | April 2011 CyberCrime - DefenseAll rights reserved to Security Art ltd. 2002-2010 33
  49. 49. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ]All rights reserved to Security Art ltd. 2002-2010 33
  50. 50. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously?All rights reserved to Security Art ltd. 2002-2010 33
  51. 51. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously?All rights reserved to Security Art ltd. 2002-2010 33
  52. 52. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously?All rights reserved to Security Art ltd. 2002-2010 33
  53. 53. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously? • Firewalls / IDS / IPSAll rights reserved to Security Art ltd. 2002-2010 33
  54. 54. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously? • Firewalls / IDS / IPS • Seriously?All rights reserved to Security Art ltd. 2002-2010 33
  55. 55. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously? • Firewalls / IDS / IPS • Seriously? • Brought to you by the numbers 80, 443, 53...All rights reserved to Security Art ltd. 2002-2010 33
  56. 56. Iftach Ian Amit | April 2011 CyberCrime - Defense • Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously? • Firewalls / IDS / IPS • Seriously? • Brought to you by the numbers 80, 443, 53... • SSL...All rights reserved to Security Art ltd. 2002-2010 33
  57. 57. Iftach Ian Amit | April 2011 How do these connect? Claim: CyberCrime is being used to conduct CyberWar Proof: Let’s start with some history...All rights reserved to Security Art ltd. 2002-2010 34
  58. 58. Iftach Ian Amit | April 2011 History - Revisited... Estonia You read all about it. Bottom line: civilian infrastructure was targeted Attacks originated mostly from civilian networksAll rights reserved to Security Art ltd. 2002-2010 35
  59. 59. Iftach Ian Amit | April 2011 History - Revisited... Israel Operation Orchard September 6th, 2007 Source: Der Spiegel Source: http://en.wikipedia.org/wiki/ Operation_OrchardAll rights reserved to Security Art ltd. 2002-2010 36
  60. 60. Iftach Ian Amit | April 2011 History - Revisited... Israel Operation Orchard September 6th, 2007 Source: Der Spiegel Source: http://en.wikipedia.org/wiki/ Operation_OrchardAll rights reserved to Security Art ltd. 2002-2010 36
  61. 61. Iftach Ian Amit | April 2011 Mid-east crime-war links ARHack Hacker forum by day Cybercrime operations by nightAll rights reserved to Security Art ltd. 2002-2010 37
  62. 62. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 38
  63. 63. Iftach Ian Amit | April 2011 Political postAll rights reserved to Security Art ltd. 2002-2010 38
  64. 64. Iftach Ian Amit | April 2011 Political post Buying/Selling cards for 1/2 their balanceAll rights reserved to Security Art ltd. 2002-2010 38
  65. 65. Iftach Ian Amit | April 2011 Political post Buying/Selling cards for 1/2 their balance Selling 1600 visa cardsAll rights reserved to Security Art ltd. 2002-2010 38
  66. 66. Iftach Ian Amit | April 2011 History - Revisited... Georgia More interesting... Highly synchronized Kinetic and Cyber attacks Targets still mostly civilian Launched from civilian networksAll rights reserved to Security Art ltd. 2002-2010 39
  67. 67. Iftach Ian Amit | April 2011 Russian Crime/State Dillema Micronnet McColo Atrivo Eexhost ESTDomains RBN RealHostAll rights reserved to Security Art ltd. 2002-2010 40
  68. 68. Iftach Ian Amit | April 2011 Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFreshAll rights reserved to Security Art ltd. 2002-2010 41
  69. 69. Iftach Ian Amit | April 2011 Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted byAll rights reserved to Security Art ltd. 2002-2010 41
  70. 70. Iftach Ian Amit | April 2011 Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by CustomerAll rights reserved to Security Art ltd. 2002-2010 41
  71. 71. Iftach Ian Amit | April 2011 Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer Network providerAll rights reserved to Security Art ltd. 2002-2010 41
  72. 72. Iftach Ian Amit | April 2011 Russian Crime Government ESTDomains ESTDom RBN Atrivo McColo UkrTeleGroup HostFresh Hosted by Customer Network providerAll rights reserved to Security Art ltd. 2002-2010 41
  73. 73. Iftach Ian Amit | April 2011 Remember Georgia? • Started by picking on the president... flood http www.president.gov.ge flood tcp www.president.gov.ge flood icmp www.president.gov.ge • Then the C&C used to control the botnet was shut down as: • Troops cross the border towards Georgia • A few days of silence...All rights reserved to Security Art ltd. 2002-2010 42
  74. 74. Iftach Ian Amit | April 2011 Georgia - cont.All rights reserved to Security Art ltd. 2002-2010 43
  75. 75. Iftach Ian Amit | April 2011 Georgia - cont. • Six (6) new C&C servers came up and drove attacks at additional Georgian sites www.president.gov.ge os-inform.com www.parliament.ge www.kasparov.ru apsny.ge hacking.ge mk.ru news.ge newstula.info tbilisiweb.info skandaly.ru newsgeorgia.ruAll rights reserved to Security Art ltd. 2002-2010 43
  76. 76. Iftach Ian Amit | April 2011 Georgia - cont. • Six (6) new C&C servers came up and drove attacks at additional Georgian sites www.president.gov.ge os-inform.com www.parliament.ge www.kasparov.ru apsny.ge hacking.ge mk.ru news.ge newstula.info tbilisiweb.info skandaly.ru newsgeorgia.ru • BUT - the same C&C’s were also used for attacks on commercial sites in order to extort them (botnet- for-hire) Additional sites attacked: •Porn sites •Carder forums •Adult escort services •Gambling sites •Nazi/Racist sites •Webmoney/Webgold/etc…All rights reserved to Security Art ltd. 2002-2010 43
  77. 77. Iftach Ian Amit | April 2011 Georgia - cont. • Six (6) new C&C servers came up and drove attacks at additional Georgian sites www.president.gov.ge os-inform.com www.parliament.ge www.kasparov.ru apsny.ge hacking.ge mk.ru news.ge newstula.info tbilisiweb.info skandaly.ru newsgeorgia.ru • BUT - the same C&C’s were also used for attacks on commercial sites in order to extort them (botnet- for-hire) Additional sites attacked: •Porn sites •Carder forums •Adult escort services •Gambling sites •Nazi/Racist sites •Webmoney/Webgold/etc…All rights reserved to Security Art ltd. 2002-2010 43
  78. 78. Iftach Ian Amit | April 2011 Georgia - cont. • Six (6) new C&C servers came up and drove attacks at additional Georgian sites www.president.gov.ge os-inform.com www.parliament.ge www.kasparov.ru apsny.ge hacking.ge mk.ru news.ge newstula.info tbilisiweb.info skandaly.ru newsgeorgia.ru • BUT - the same C&C’s were also used for attacks on commercial sites in order to extort them (botnet- for-hire) Additional sites attacked: •Porn sites •Carder forums •Adult escort services •Gambling sites •Nazi/Racist sites •Webmoney/Webgold/etc… BTW - Guess who were the owners of all the Georgian IPSs?(Russia)All rights reserved to Security Art ltd. 2002-2010 43
  79. 79. Iftach Ian Amit | April 2011 Georgia - cont.All rights reserved to Security Art ltd. 2002-2010 44
  80. 80. Iftach Ian Amit | April 2011 Georgia - cont. • Final nail in the coffin:All rights reserved to Security Art ltd. 2002-2010 44
  81. 81. Iftach Ian Amit | April 2011 Georgia - cont. • Final nail in the coffin: • The city of GoriAll rights reserved to Security Art ltd. 2002-2010 44
  82. 82. Iftach Ian Amit | April 2011 Georgia - cont. • Final nail in the coffin: • The city of Gori • DDoS hits all municipal sites August 7th 2008 at 22:00All rights reserved to Security Art ltd. 2002-2010 44
  83. 83. Iftach Ian Amit | April 2011 Georgia - cont. • Final nail in the coffin: • The city of Gori • DDoS hits all municipal sites August 7th 2008 at 22:00 • Complete network disconnect of the district August 8th 06:00All rights reserved to Security Art ltd. 2002-2010 44
  84. 84. Iftach Ian Amit | April 2011 Georgia - cont. • Final nail in the coffin: • The city of Gori • DDoS hits all municipal sites August 7th 2008 at 22:00 • Complete network disconnect of the district August 8th 06:00 • First strike on city August 8th 07:30All rights reserved to Security Art ltd. 2002-2010 44
  85. 85. Iftach Ian Amit | April 2011 Georgia - cont. • Final nail in the coffin: • The city of Gori • DDoS hits all municipal sites August 7th 2008 at 22:00 • Complete network disconnect of the district August 8th 06:00 • First strike on city August 8th 07:30All rights reserved to Security Art ltd. 2002-2010 44
  86. 86. Iftach Ian Amit | April 2011 History - Revisited... Iran 2009 Twitter DNS hack attributed to Iranian activity. Political connections are too obvious to ignore (elections) Timing was right on: Protests by UN Council leadership opposition Decisions in TehranAll rights reserved to Security Art ltd. 2002-2010 45
  87. 87. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 46
  88. 88. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 46
  89. 89. Iftach Ian Amit | April 2011 Iran-Twitter connecting dots • Twitter taken down December 18th 2009 • Attack attributed eventually to cyber-crime/ vigilante group named “Iranian Cyber Army” • Until December 2009 there was no group known as “Iranian Cyber Army”... • BUT - “Ashiyane” (Shiite group) is from the same place as the “Iranian Cyber Army”All rights reserved to Security Art ltd. 2002-2010 47
  90. 90. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 48
  91. 91. Iftach Ian Amit | April 2011All rights reserved to Security Art ltd. 2002-2010 48
  92. 92. Iftach Ian Amit | April 2011 Iran-Twitter - Ashiyane • Ashiyane was using the same pro-Hezbolla messages that were used on the Twitter attack with their own attacks for some time... • AND the “Iranian Cyber Army” seems to be a pretty active group on the Ashiyane forums www.ashiyane.com/forum Let’s take a look at how Ashiyane operates...All rights reserved to Security Art ltd. 2002-2010 49
  93. 93. Iftach Ian Amit | April 2011 On [Crime|War] training Ashiyane forums WarGamesAll rights reserved to Security Art ltd. 2002-2010 50
  94. 94. Iftach Ian Amit | April 2011 On [Crime|War] training Ashiyane forums WarGamesAll rights reserved to Security Art ltd. 2002-2010 50
  95. 95. Iftach Ian Amit | April 2011 On [Crime|War] training Ashiyane forums WarGamesAll rights reserved to Security Art ltd. 2002-2010 50
  96. 96. Iftach Ian Amit | April 2011 Wargames targets includes:All rights reserved to Security Art ltd. 2002-2010 51
  97. 97. Iftach Ian Amit | April 2011 Back to [Crime|War] Links: What else happened on the 18th?All rights reserved to Security Art ltd. 2002-2010 52
  98. 98. Iftach Ian Amit | April 2011 Back to [Crime|War] Links: What else happened on the 18th?All rights reserved to Security Art ltd. 2002-2010 52
  99. 99. Iftach Ian Amit | April 2011 Back to [Crime|War] Links: What else happened on the 18th?All rights reserved to Security Art ltd. 2002-2010 52
  100. 100. Iftach Ian Amit | April 2011 Back to [Crime|War] Links: What else happened on the 18th?All rights reserved to Security Art ltd. 2002-2010 52
  101. 101. Iftach Ian Amit | April 2011 Back to [Crime|War] Links: What else happened on the 18th? Later on - Baidu takedown with the same MO (credentials)All rights reserved to Security Art ltd. 2002-2010 52
  102. 102. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] AshiyaneAll rights reserved to Security Art ltd. 2002-2010 53
  103. 103. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] Site DDoS Defacement Ashiyane Botnet Credit Herding Card TheftAll rights reserved to Security Art ltd. 2002-2010 53
  104. 104. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] Iran US Iraq Site DDoS Defacement Ashiyane Botnet Credit Herding Card Theft $$ UKAll rights reserved to Security Art ltd. 2002-2010 53
  105. 105. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] Iran US Iraq Site DDoS Defacement Ashiyane Botnet Credit Herding Card Theft $$ UK Iranian CyberAll rights reserved to Security Art ltd. 2002-2010 53
  106. 106. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] Iran US Iraq Site DDoS Defacement Ashiyane Botnet Credit Herding Card Theft $$ UK Iranian Strategic Cyber AttacksAll rights reserved to Security Art ltd. 2002-2010 53
  107. 107. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] Iran US Iraq Site DDoS Defacement Ashiyane Botnet Credit Herding Card Theft $$ UK Iranian Strategic Cyber Attacks US CNAll rights reserved to Security Art ltd. 2002-2010 53
  108. 108. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] Iran US Iraq Site DDoS Defacement Ashiyane Botnet Credit Herding Card Theft $$ UK Crime War Iranian Strategic Cyber Attacks US CNAll rights reserved to Security Art ltd. 2002-2010 53
  109. 109. Iftach Ian Amit | April 2011 Mapping Iran’s [Crime|War] Iran US Iraq Site DDoS Defacement Ashiyane Botnet Credit Herding Card Theft $$ UK Crime War Iranian Strategic Cyber Attacks US CNAll rights reserved to Security Art ltd. 2002-2010 53
  110. 110. Iftach Ian Amit | April 2011 Iran - the unspokenAll rights reserved to Security Art ltd. 2002-2010 54
  111. 111. Iftach Ian Amit | April 2011 Iran - the unspoken • StuxnetAll rights reserved to Security Art ltd. 2002-2010 54
  112. 112. Iftach Ian Amit | April 2011 Iran - the unspoken • Stuxnet • There, I’ve said itAll rights reserved to Security Art ltd. 2002-2010 54
  113. 113. Iftach Ian Amit | April 2011 History - Revisited... China • Great Chinese Firewall doing an OK job in keeping information out. • Proving grounds for many cyber-attackers • Bulletpfoof hosting (after RBN temporary closure in 2008 China provided an alternative that stayed...)All rights reserved to Security Art ltd. 2002-2010 55
  114. 114. Iftach Ian Amit | April 2011 China ...connecting the dots January 12th - Google announces it was hacked by China Not as in the “we lost a few minutes of DNS” hacked... “In mid-December we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google” (David Drummond, SVP @Google)All rights reserved to Security Art ltd. 2002-2010 56
  115. 115. Iftach Ian Amit | April 2011 China ...connecting the dots. January 12th - Adobe gets hacked. By China. “Adobe became aware on January 2, 2010 of a computer secur ity incident involving a sophisticated coordinated attack against corporate network systems managed by Adobe and other companies” (Adobe official blog) Same MO: 0-day in Internet Explorer to get into Google, Adobe and more than 40 additional companiesAll rights reserved to Security Art ltd. 2002-2010 57
  116. 116. Iftach Ian Amit | April 2011 China ...connecting the dots... Problem: Attacks all carry the signs of Cybercrime... Criminal groups attack companies in order to get to their data so they can sell it (whether it was commercial or government data!) US Response: “We look to the Chinese government for an explanation. The ability to operate with confidence in cyberspace is critical in a modern society and economy.” (Hillary Clinton, Secretary of State)All rights reserved to Security Art ltd. 2002-2010 58
  117. 117. Iftach Ian Amit | April 2011 China ...connecting the dots....All rights reserved to Security Art ltd. 2002-2010 59
  118. 118. Iftach Ian Amit | April 2011 China ...connecting the dots.... The China move:All rights reserved to Security Art ltd. 2002-2010 59
  119. 119. Iftach Ian Amit | April 2011 China ...connecting the dots.... The China move: Use of criminal groups to carry out the attacks provides the perfect deniability on espionage connections (just like in the past, and a perfect response to clinton).All rights reserved to Security Art ltd. 2002-2010 59
  120. 120. Iftach Ian Amit | April 2011 Anecdote - a professor in one of the China ... universities linked to the attack connecting the dots.... admitted that the school network is often used to anonymously The China move: relay attacks Use of criminal groups to carry out the attacks provides the perfect deniability on espionage connections (just like in the past, and a perfect response to clinton).All rights reserved to Security Art ltd. 2002-2010 59
  121. 121. Iftach Ian Amit | April 2011 Anecdote - a professor in one of the China ... universities linked to the attack connecting the dots.... admitted that the school network is often used to anonymously The China move: relay attacks Use of criminal groups to carry out the attacks provides the perfect deniability on espionage connections (just like in the past, and a perfect response to clinton). Targets are major US companies with strategic poise to enable state interest espionageAll rights reserved to Security Art ltd. 2002-2010 59
  122. 122. Iftach Ian Amit | April 2011 Anecdote - a professor in one of the China ... universities linked to the attack connecting the dots.... admitted that the school network is often used to anonymously The China move: relay attacks Use of criminal groups to carry out the attacks provides the perfect deniability on espionage connections (just like in the past, and a perfect response to clinton). Targets are major US companies with strategic poise to enable state interest espionage Information sharing at its best: State CrimeAll rights reserved to Security Art ltd. 2002-2010 59
  123. 123. Iftach Ian Amit | April 2011 Anecdote - a professor in one of the China ... universities linked to the attack connecting the dots.... admitted that the school network is often used to anonymously The China move: relay attacks Use of criminal groups to carry out the attacks provides the perfect deniability on espionage connections (just like in the past, and a perfect response to clinton). Targets are major US companies with strategic poise to enable state interest espionage Information sharing at its best: State CrimeAll rights reserved to Security Art ltd. 2002-2010 Win59 - Win
  124. 124. Iftach Ian Amit | April 2011 History - Revisited... Spain • You are on the map as well! - MARIPOSA • Highly respected 12M bots run by Spanish ringleaders • Slovenian source (developer) • Global distribution • Surprise... very painful to some governments...All rights reserved to Security Art ltd. 2002-2010 60
  125. 125. Iftach Ian Amit | April 2011 Spain ...connecting the dots 3 People arrested by the Spanish Civil Guard in February 2010 Florencio Carro Ruiz (netkairo), Jonathan Pazos Rivera (jonylolente), and Juan Jose Bellido Rios (ostiator) == DDP (Dias de Pesadilla)All rights reserved to Security Art ltd. 2002-2010 61
  126. 126. Iftach Ian Amit | April 2011 Spain ...connecting the dots On July 2010, Slovenian police arrested their “source” (iserdo) who sold the kit to hundreds of additional individuals and governments The FBI called the Slovenian operation “excellent” and “unparalleled” ?!?!All rights reserved to Security Art ltd. 2002-2010 62
  127. 127. Iftach Ian Amit | April 2011 Spain ...connecting the dots....?All rights reserved to Security Art ltd. 2002-2010 63
  128. 128. Iftach Ian Amit | April 2011 Spain ...connecting the dots....? Closure is still far on this one :-(All rights reserved to Security Art ltd. 2002-2010 63
  129. 129. Iftach Ian Amit | April 2011 Spain ...connecting the dots....? Closure is still far on this one :-( Several more governments are involved, and additional “clients” of Isedro (the savior in Slovenian when spelled backwards) are part of open intelligence cases.All rights reserved to Security Art ltd. 2002-2010 63
  130. 130. Iftach Ian Amit | April 2011 How does APT fit here? RSA • Infection vector: Flash vulnerability exploited through Excel file • Persistence: Using Poison Ivy as the trojan • Exfiltration: Pack data in password protected RAR files and upload to FTPAll rights reserved to Security Art ltd. 2002-2010 64
  131. 131. Iftach Ian Amit | April 2011 APT ...connecting the dots Compared to what we just reviewed, that was a SIMPLE attack... Trojan is not even a “commercial” product (free download at http://www.poisonivy-rat.com/)All rights reserved to Security Art ltd. 2002-2010 65
  132. 132. Iftach Ian Amit | April 2011 APT ...connecting the dots....?All rights reserved to Security Art ltd. 2002-2010 66
  133. 133. Iftach Ian Amit | April 2011 APT ...connecting the dots....? Infiltration Social/ physical PhishingAll rights reserved to Security Art ltd. 2002-2010 66
  134. 134. Iftach Ian Amit | April 2011 APT ...connecting the dots....? Persistence, Infiltration C&C Social/ Advanced C&C (p2p, lateral move) physical Simple C&C Phishing (HTTP)All rights reserved to Security Art ltd. 2002-2010 66
  135. 135. Iftach Ian Amit | April 2011 APT ...connecting the dots....? Persistence, Infiltration Exfiltration C&C Social/ Advanced C&C Advanced APT (p2p, lateral move) exfil (dns,VoIP) physical Simple C&C Simple exfil APT?! Phishing (HTTP) (FTP)All rights reserved to Security Art ltd. 2002-2010 66
  136. 136. Iftach Ian Amit | April 2011 APT ...connecting the dots....? Persistence, Infiltration Exfiltration C&C Social/ Advanced C&C Advanced APT (p2p, lateral move) exfil (dns,VoIP) physical Simple C&C Simple exfil APT?! Phishing (HTTP) (FTP)Bottom line: Not a direct state attack - Criminals again...All rights reserved to Security Art ltd. 2002-2010 66
  137. 137. Iftach Ian Amit | April 2011 The Future (Ilustrated)All rights reserved to Security Art ltd. 2002-2010 67
  138. 138. Iftach Ian Amit | April 2011 The Future (Ilustrated)All rights reserved to Security Art ltd. 2002-2010 67
  139. 139. Iftach Ian Amit | April 2011 The Future (Ilustrated)All rights reserved to Security Art ltd. 2002-2010 67
  140. 140. Iftach Ian Amit | April 2011 The Future (Ilustrated)All rights reserved to Security Art ltd. 2002-2010 67
  141. 141. Iftach Ian Amit | April 2011 The Future (Ilustrated)All rights reserved to Security Art ltd. 2002-2010 67
  142. 142. Iftach Ian Amit | April 2011 The Future (Ilustrated)All rights reserved to Security Art ltd. 2002-2010 67
  143. 143. Iftach Ian Amit | April 2011 The Future (Ilustrated)All rights reserved to Security Art ltd. 2002-2010 67
  144. 144. Iftach Ian Amit | April 2011 The Future (Ilustrated) CLOUDSAll rights reserved to Security Art ltd. 2002-2010 67
  145. 145. Iftach Ian Amit | April 2011 Summary Good Bad Formal training on Commercial cybersecurity by development of nations malware still reignsAll rights reserved to Security Art ltd. 2002-2010 68
  146. 146. Iftach Ian Amit | April 2011 Summary Good Bad Formal training on Commercial cybersecurity by development of nations malware still reigns Ugly Good meet Bad: money changes hands, less tracks to cover, criminal ops already creating the weapons...All rights reserved to Security Art ltd. 2002-2010 68
  147. 147. Iftach Ian Amit | April 2011 Summary The Future Lack of legislation and cooperation on multi- national level is creating de-facto “safe haven” for cybercrime. <- Fix this! Treaties and anti-crime activities may prove to be beneficial. <- Translate to politics/law!All rights reserved to Security Art ltd. 2002-2010 69
  148. 148. Iftach Ian Amit | April 2011 Thanks! Q&A iamit@iamit.org pro: iamit@security-art.com twitter: twitter.com/iiamit blog: iamit.org/blogAll rights reserved to Security Art ltd. 2002-2010 70
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×