Cyberterrorism
Dr Ian Brown, OII
(with thanks to Lilian Edwards)
Outline
  Definitions - vandalism, crime, terrorism

  and war
 The insecurity of the Internet and how to
  fix it
 The p...
Cyber graffiti
    Tipping Point report

    found that in 8 years to
    2007, >100k domains
    defaced
    Sometimes po...
Cyber fraud
  Phishing (Symantec found 166,248

  unique messages 2H 2006)
 Denial of Service extortion (Symantec
  foun...
Digital Pearl Harbour
  Exercise conducted by US Naval War

  College & Gartner July 2002
 3-day simulated attack on CNI...
Cyber terror
    “Terrorists get better returns from much simpler

    methods such as car bombs. Cyberterror is too
    ...
Cyber war
  Disabling Critical National Infrastructure

  (Estonia, May 2007)
 For political/military/economic espionage...
Estonia May 2007
    Attacks on Estonian finance, media and govt

    websites by Russian-linked groups.
    “Complexity a...
China TITAN RAIN
    Incursions into DoD, German chancellory, Whitehall,

    NASA, Lockheed Martin…
    “Chinese attacke...
Fixing Internet insecurity
  Incentives are key: for more secure

  software, networks and banks (House of
  Lords, 2007)...
Proportionality of state
responses
  Lawful access

 Data retention
 “Glorification” of terrorism
References
    Juliette Bird (2006) Terrorist Use of the Internet, The Second International

    Scientific Conference on...
Upcoming SlideShare
Loading in...5
×

Cyberterrorism

4,258

Published on

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
4,258
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
260
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cyberterrorism

  1. 1. Cyberterrorism Dr Ian Brown, OII
  2. 2. (with thanks to Lilian Edwards)
  3. 3. Outline Definitions - vandalism, crime, terrorism  and war  The insecurity of the Internet and how to fix it  The proportionality of state responses to terrorist Internet use
  4. 4. Cyber graffiti Tipping Point report  found that in 8 years to 2007, >100k domains defaced Sometimes politically  motivated - c.f. UN site 12/8/07: “HACKED BY KEREM125 M0STED AND GSY THAT IS CYBERPROTEST HEY ]SRAIL AND USA DONT KILL CHILDREN AND OTHER PEOPLE PEACE FOR EVER NO WAR”
  5. 5. Cyber fraud Phishing (Symantec found 166,248  unique messages 2H 2006)  Denial of Service extortion (Symantec found 6m bots 2H 2006)  The organised criminal economy (custom virus writers, bot herders, mules, dupes); identities for sale $14-$18
  6. 6. Digital Pearl Harbour Exercise conducted by US Naval War  College & Gartner July 2002  3-day simulated attack on CNI with attackers given $200m, 5 years planning, access to state-level intelligence  Local, temporary attacks could be successful; sustained, national attacks would not
  7. 7. Cyber terror “Terrorists get better returns from much simpler  methods such as car bombs. Cyberterror is too low key: not enough dead bodies result, and attacks are too complex to plan and execute.” (Bird 2006) Reality is use for communications, research  (CBNR info poor - Stenersen 2007), propaganda, recruitment and belonging (Labi 2006 and Shahar 2007), tactical intel (US Army 2005)
  8. 8. Cyber war Disabling Critical National Infrastructure  (Estonia, May 2007)  For political/military/economic espionage (China, widely publicised 2007)
  9. 9. Estonia May 2007 Attacks on Estonian finance, media and govt  websites by Russian-linked groups. “Complexity and coordination was new… series  of attacks with careful timing using different techniques and specific targets” (NATO) Arbor Networks monitored 128 distinct attacks,  with 10 lasting over 10 hours and reaching 90Mbps
  10. 10. China TITAN RAIN Incursions into DoD, German chancellory, Whitehall,  NASA, Lockheed Martin… “Chinese attackers are using custom Trojan horse  software targeted at specific government offices, and it is just walking through standard defences. Many government offices don’t even know yet that they are leaking information. 99% of cases are probably still not known.” (NATO) “Intrusion detection systems react to obvious signatures  such as lots of traffic from one IP address – so onion routing and botnets are used to disguise the origin of intrusions.” (Sommer)
  11. 11. Fixing Internet insecurity Incentives are key: for more secure  software, networks and banks (House of Lords, 2007)  CNI must be very firmly separated from public Internet  Limits to use of COTS software?
  12. 12. Proportionality of state responses Lawful access   Data retention  “Glorification” of terrorism
  13. 13. References Juliette Bird (2006) Terrorist Use of the Internet, The Second International  Scientific Conference on Security and Countering Terrorism Issues, Moscow State University Institute for Information Security Issues, October 2006. Nadya Labi (2006) Jihad 2.0, Atlantic Monthly pp.102—107, July/August 2006.  Chief Judge Stein Schjolberg (2007) Terrorism in Cyberspace - Myth or reality?  June 2007. Available at http://www.cybercrimelaw.net/1-2007.html Yael Shahar (2007) The Internet as a Tool for Counter-Terrorism, Patrolling and  Controlling Cyberspace, Garmisch-Partenkirchen, April 2007. Anne Stenersen (2007) Chem-bio cyber-class – Assessing jihadist chemical and  biological weapons, Jane’s Intelligence Review, 1 September 2007. US Army (2005) Army Regulation 530–1, Operations Security (OPSEC), 19 April  2007.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×