Cyber Warfare vs. Hacking (in English)


Published on

What is the difference between a hacking attack and a cyberwar attack? What do current militaries consider an attack vs. exploitation or just «normal operations»? Kevin will present an overview on the cyber warfare topic and the current understanding of Advanced Persistent Threats in the context of cyber defense.

Referent: Kevin Kirst

Published in: Technology, Business
1 Comment
  • Mediafire Download :
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber Warfare vs. Hacking (in English)

  1. 1. Cyber Security Warfare RealitiesKevin KirstPwC Switzerland
  2. 2. Agenda• Background• Cyber Warfare• National Cyber Investments• The ComponentsPwC• Recent Activity• Why hasn’t it happened yet?2One Security
  3. 3. My BackgroundUS Military Officer (Pacific Area of Operations)• Comms & IT Infrastructure• Military Satellites• Cyber OperationsPwCKPMG• DoD ConsultingBooz Allen Hamilton• DoD Cyber Threat Intelligence & OperationsPwC Switzerland• OneSecurity – Cyber SecurityOne Security3Oktober 2012
  4. 4. Background“The use of electronic means makes it possible to steal large quantitiesof data at once or within a short time. Such cases of sophisticatedelectronic espionage are regularly recorded.”-Federal Intelligence Services Switzerland 2013PwC“The FIS has clear indications that the authorities of various countrieshave been directly or indirectly involved in cyber attacks.”-Federal Intelligence Services Switzerland 2013One Security4
  5. 5. Federal Intelligence Services 2013PwCOne Security5Cyber Threats
  6. 6. What is cyber warfare?PwCOne Security6Oktober 2012
  7. 7. Who is investing in Cyber?PwCOne Security7
  8. 8. ChinaPwCOne Security8
  9. 9. APT1: Unit 61398 (2013)PwCOne Security9
  10. 10. Cyber Warfare componentsComputer Network Operations (CNO)• Computer Network Exploitation (CNE)• Computer Network Defense (CND)• Computer Network Attack (CNA)PwCOne Security10Exploit to Attack?“Any cyber operation that results in death or significant damage toproperty qualifies as an armed attack.” –Talinn Manual
  11. 11. The Tallinn Manual• States may not knowingly allow cyber infrastructure located intheir territory to be used for acts that adversely affect other States.• States may be responsible for cyber operations directed against otherStates, even though those operations were not conducted by thesecurity agencies. (i.e. hacktivist)PwC• The International Group of Experts agreed that cyber operations thatmerely cause inconvenience or irritation do not qualify as usesof force.• States may respond to unlawful cyber operations that do not rise tothe level of a use of force with countermeasures.• A State that is the victim of a cyber “armed attack” may respond byusing force. The force may be either cyber or kinetic.One Security11Oktober 2012
  12. 12. Activity Quick LookRecent Activity:PwCOne Security12
  13. 13. Why hasn’t it happened yet?PwCOne Security13Oktober 2012ObfuscationDefinitionsAttributionConfidence
  14. 14. These are easier to respond too….and to usePwCOne Security14Oktober 2012Obfuscation DefinitionsAttribution Confidence
  15. 15. Conclusion“....the risk of misattribution and escalation is real, and we always haveto consider the broad foreign policy implications of our actions.”- Michael Daniel, White House Cybersecurity CoordinatorPwCOne Security15
  16. 16. Questions?PwCOne Security16
  17. 17. PwC’s Cyber Security ServicesCurrent Service Offerings:• Cyber Threat Assessment• Cyber Intelligence AssessmentPwC• Cyber Stress Tests17
  18. 18. Antoine BerthautAvenue Giuseppe-Motta 501211 GenèveDirect: +41 58 792 usRobert MetcalfAvenue Giuseppe-Motta 501211 GenèveDirect: +41 58 792 KochBirchstrasse 160Postfach, 8050 ZürichDirect: +41 58 792 GreifBirchstrasse 160Postfach, 8050 ZürichDirect: +41 58 792 MautoneBirchstrasse 160Postfach, 8050 ZürichDirect: +41 58 792 MuellerAvenue avenue C.-F. -Ramuz 45Case postale, 1001 LausanneDirect: +41 58 792