Gohsuke Takama /          , Meta Associates, 2011   11                                       http://www.slideshare.net/goh...
about…                 ✴ Gohsuke Takama                       ✴ Meta Associates (http://www.meta-associates.com/)         ...
A                           AttacksFriday, November 4, 2011
"what happened in the last 2 years"                    •      OperationAurora, ShadyRAT,     ,      ...                   ...
"what happened in the last 2 years"                    •      OperationAurora, ShadyRAT,             ,            ...     ...
"whom targeted, why"                      http://paulsparrows.wordpress.com/category/security/cyber-attacks-timeline/Frida...
"whom targeted, why"                    •                   ,                    •      Sony PSN, Sony                    ...
"Stuxnet"Friday, November 4, 2011
"Anonymous"                            http://www.youtube.com/watch?v=2Tm7UKo4IBc                           http://www.you...
"know your enemy: techniques"                    •      phishing            •   website spoofing                    •      ...
"emerging attack techniques"                    •      malware:                                 ,                    •    ...
"know your enemy: techniques"                              http://www.ipa.go.jp/security/vuln/newattack.htmlFriday, Novemb...
"layer approach"                                •examle: OSI modelFriday, November 4, 2011
"a security layer model "                                 7 Psychological       ,                                 6 Custom...
"a security layer model "                                 7 Psychological       ,       Human Factor              6 Custom...
"attacks vs. counter measures "                             APT, espionage, phishing,   Psychological                     ...
"spoofing, phishing & targeted attack"                            /                   1Friday, November 4, 2011
"cybercrime, cyber espionage & identity "                    ✴ APT,                     •                   =             ...
"cybercrime, cyber espionage,                           primary target = individual identity"Friday, November 4, 2011
B                           BehaviorFriday, November 4, 2011
"social change on Internet"                               2000                    •                    •                  ...
"social change on Internet"                               2001                    •                            •          ...
Friday, November 4, 2011
"real world vs. social data world"Friday, November 4, 2011
"disseminate motives"                           Law, Market, Norm, ArchitectureFriday, November 4, 2011
"disseminate motives"                           Law, Market, Norm, ArchitectureFriday, November 4, 2011
"disseminate motives"                           Law, Market, Norm, ArchitectureFriday, November 4, 2011
"disseminate motives"                           Law, Market, Norm, Architecture                                           ...
"disseminate motives"                           Law, Market, Norm, Architecture              $Money                       ...
"disseminate motives"                           Law, Market, Norm, Architecture                                        Pow...
"disseminate motives"                           Law, Market, Norm, Architecture                                        Pow...
"disseminate motives"                           Law, Market, Norm, Architecture                                        Pow...
"disseminate motives"                           Autocracy, Crime, Extremism, Hacker                                       ...
I                           IdentityFriday, November 4, 2011
"Identity"                           entity, identity, relationship                                   me = entity         ...
Identification & Authentication          Identity             Identification          Authentication   Authorization        ...
Identification & Authentication          Identity             Identification                     Authentication   Authorizat...
"Identity"                            Erik H. Erikson                                 1967                                ...
"Identity"                           me{Attributes} * t→Friday, November 4, 2011
"Identity"                           me{Attributes} * t→Friday, November 4, 2011
AxBxI                            = WTF?Friday, November 4, 2011
"state of security methodology"                    ✴                                   (F/W)                     •(       ...
"perspective for counter strategy"                              set basic security measures:                    ✴         ...
"perspective for counter strategy"                                      be creative:                    ✴ counter social e...
"perspective for counter strategy"                     be creative: Counter Social Engineering                    •       ...
"perspective for counter strategy"                                be creative: Soft Power                    •         Sof...
Friday, November 4, 2011
references                    •      CEOs - the new corporate fraudstersds http://www.iol.co.za/                          ...
references                    •      28 Nation States With Cyber Warfare Capabilities http://                           je...
references                    •                                                             -- DEFCON CTF                 ...
references                    •       Computer virus hits US Predator and Reaper drone fleet http://                       ...
references                    •                                                       http://                           ww...
Upcoming SlideShare
Loading in …5
×

サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011

1,918 views

Published on

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,918
On SlideShare
0
From Embeds
0
Number of Embeds
54
Actions
Shares
0
Downloads
10
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011

  1. 1. Gohsuke Takama / , Meta Associates, 2011 11 http://www.slideshare.net/gohsuketFriday, November 4, 2011
  2. 2. about… ✴ Gohsuke Takama ✴ Meta Associates (http://www.meta-associates.com/) ✴founder & president, connector, analyst, planner ✴ local organizer of security conferences: BlackHat Japan, PacSec ✴ liaison of security businesses: Patch Advisor, SecWest ✴ security news: http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/ ✴ organizer of tech entrepreneur / startup support events ✴ independent tech journalist for over 10 years ✴ Privacy International (London, UK http://www.privacyinternational.org/) ✴advisory board member ✴ Computer Professionals for Social Responsibility (http://cpsr.org/) ✴Japan chapter founding supporterFriday, November 4, 2011
  3. 3. A AttacksFriday, November 4, 2011
  4. 4. "what happened in the last 2 years" • OperationAurora, ShadyRAT, , ... • Stuxnet, Duqu • Sony PSN • Wikileaks *new • Anonymous *new • (MENA) *new • Indira GandhiFriday, November 4, 2011
  5. 5. "what happened in the last 2 years" • OperationAurora, ShadyRAT, , ... = = APT (Advanced Persistent Threat) • Stuxnet = SCADA • Sony PSN: 3 , DDoS, , • Wikileaks *new = : • Anonymous *new = + • *new= • Indira Gandhi =Friday, November 4, 2011
  6. 6. "whom targeted, why" http://paulsparrows.wordpress.com/category/security/cyber-attacks-timeline/Friday, November 4, 2011
  7. 7. "whom targeted, why" • , • Sony PSN, Sony • , • • :Friday, November 4, 2011
  8. 8. "Stuxnet"Friday, November 4, 2011
  9. 9. "Anonymous" http://www.youtube.com/watch?v=2Tm7UKo4IBc http://www.youtube.com/watch?v=kZNDV4hGUGwFriday, November 4, 2011
  10. 10. "know your enemy: techniques" • phishing • website spoofing • targeted phishing • content altering • trojan • XSRF • spyware • XSS • keylogger • code injection • rootkit • IP hijacking • botnet DDoS • rogue WiFi AP • snifferFriday, November 4, 2011
  11. 11. "emerging attack techniques" • malware: , • VM , bios • : VNC, Spycam, • : keylogger, GPS logger • : Stuxnet • DDoS: JavaScript (LOIC) ($8/h~),Friday, November 4, 2011
  12. 12. "know your enemy: techniques" http://www.ipa.go.jp/security/vuln/newattack.htmlFriday, November 4, 2011
  13. 13. "layer approach" •examle: OSI modelFriday, November 4, 2011
  14. 14. "a security layer model " 7 Psychological , 6 Custom (Habit) , 5 Operation 4 Content 3 OS/Application 2 Hardware 1 PhysicalFriday, November 4, 2011
  15. 15. "a security layer model " 7 Psychological , Human Factor 6 Custom (Habit) , 5 Operation 4 Content Intangibles 3 OS/Application 2 Hardware Tangibles 1 PhysicalFriday, November 4, 2011
  16. 16. "attacks vs. counter measures " APT, espionage, phishing, Psychological social engineering ? spoofing, pharming, accustomed best practice, Custom phishing spam, XSS, XSRF, awareness, CIRT, PKI, spyware, ID spoof/theft digital ID, SSL certificate DoS, spam, ransom-ware, routing, filtering, policy, Operation sabotage-ware audit, CIRT sniffing, spyware, spam, encryption, filtering, Content alteration content-scan, host IDS OS/ DoS, vuln exploit, 0day, Firewall, network IDS, IPS, Application rootkit, botnet anti-virus, OS/app patch direct access, tampering, perimeter guard, anti- Hardware alteration tampering, hard seal lock pick, break in, surveillance, perimeter Physical vandalism alarm, armed guardFriday, November 4, 2011
  17. 17. "spoofing, phishing & targeted attack" / 1Friday, November 4, 2011
  18. 18. "cybercrime, cyber espionage & identity " ✴ APT, • = • • : , , • → → → ✴ ( ) • = • •Friday, November 4, 2011 →
  19. 19. "cybercrime, cyber espionage, primary target = individual identity"Friday, November 4, 2011
  20. 20. B BehaviorFriday, November 4, 2011
  21. 21. "social change on Internet" 2000 • • • • • •Friday, November 4, 2011
  22. 22. "social change on Internet" 2001 • • • • • • • • • • • • • • (Wiki ) • / • • • 3D •Friday, November 4, 2011
  23. 23. Friday, November 4, 2011
  24. 24. "real world vs. social data world"Friday, November 4, 2011
  25. 25. "disseminate motives" Law, Market, Norm, ArchitectureFriday, November 4, 2011
  26. 26. "disseminate motives" Law, Market, Norm, ArchitectureFriday, November 4, 2011
  27. 27. "disseminate motives" Law, Market, Norm, ArchitectureFriday, November 4, 2011
  28. 28. "disseminate motives" Law, Market, Norm, Architecture - - - -Friday, November 4, 2011
  29. 29. "disseminate motives" Law, Market, Norm, Architecture $Money - - - -Friday, November 4, 2011
  30. 30. "disseminate motives" Law, Market, Norm, Architecture Power $Money - - - -Friday, November 4, 2011
  31. 31. "disseminate motives" Law, Market, Norm, Architecture Power $Money - - - - ControlFriday, November 4, 2011
  32. 32. "disseminate motives" Law, Market, Norm, Architecture Power $Money Ideology - - - - ControlFriday, November 4, 2011
  33. 33. "disseminate motives" Autocracy, Crime, Extremism, Hacker Power Autocratic Government Infra APT Disruption Organized Extremist $Money Crime Hacktivist Ideology Theft Hacktivism Fraud Lulz : - Hacker - Cracker - - ControlFriday, November 4, 2011
  34. 34. I IdentityFriday, November 4, 2011
  35. 35. "Identity" entity, identity, relationship me = entity me{Attributes}Friday, November 4, 2011
  36. 36. Identification & Authentication Identity Identification Authentication Authorization Credential{Identifier} Validation me{Attributes} me = entityFriday, November 4, 2011
  37. 37. Identification & Authentication Identity Identification Authentication Authorization Credential{Identifier} Validation me{Attributes} me = entity Identity IdentificationFriday, November 4, 2011
  38. 38. "Identity" Erik H. Erikson 1967 Sydney Shoemaker 1963Friday, November 4, 2011
  39. 39. "Identity" me{Attributes} * t→Friday, November 4, 2011
  40. 40. "Identity" me{Attributes} * t→Friday, November 4, 2011
  41. 41. AxBxI = WTF?Friday, November 4, 2011
  42. 42. "state of security methodology" ✴ (F/W) •( + ) ✴ •= ( ) ✴ : 100% • ( ?) ✴ PKI = DigiNotar ✴ = •(Friday, November 4, 2011 )
  43. 43. "perspective for counter strategy" set basic security measures: ✴ , = , ✴ (APT ) ✴ PET ( ) ✴ prevention, detection, response • • •Friday, November 4, 2011
  44. 44. "perspective for counter strategy" be creative: ✴ counter social engineering • • ✴ social intelligence ✴ soft power • • PR deflective PRFriday, November 4, 2011
  45. 45. "perspective for counter strategy" be creative: Counter Social Engineering • • • • • • • • ( )Friday, November 4, 2011
  46. 46. "perspective for counter strategy" be creative: Soft Power • Soft Power = 1990 Joseph Nye • Hard Power • • http://en.wikipedia.org/wiki/Soft_power • / •Friday, November 4, 2011
  47. 47. Friday, November 4, 2011
  48. 48. references • CEOs - the new corporate fraudstersds http://www.iol.co.za/ sundayindependent/ceos-the-new-corporate-fraudstersds-1.1144649 • PwC Survey Says: Telecoms Are Overconfident About Security http:// www.readwriteweb.com/cloud/2011/09/pwc-survey-says-telecoms-are-o.php • Cyber attack led to IGI shutdown http://www.indianexpress.com/news/ cyber-attack-led-to-igi-shutdown/851365/ • Anonymous announces global plans http://www.digitaltrends.com/ computing/video-anonymous-announces-global-plans/ • ANONYMOUS - OPERATION PAYBACK - Sony Press Release http:// www.youtube.com/watch?v=2Tm7UKo4IBc • Operation Payback - Anonymous Message About ACTA Laws, Internet Censorship and Copyright http://www.youtube.com/watch? v=kZNDV4hGUGw • Anonymous: Message to Scientology http://www.youtube.com/watch? v=JCbKv9yiLiQ • Anonymous http://www.atmarkit.co.jp/ fsecurity/special/161dknight/dknight01.htmlFriday, November 4, 2011
  49. 49. references • 28 Nation States With Cyber Warfare Capabilities http:// jeffreycarr.blogspot.com/2011/09/27-nation-states-with-cyber-warfare.html • Far East Research http://scan.netsecurity.ne.jp/archives/52017036.html • CVE-2011-0611 : Adobe Flash Player SWF Memory Corruption Vulnerability http://www.youtube.com/watch?v=DP_rRf468_Y • MYBIOS. Is BIOS infection a reality? http://www.securelist.com/en/analysis/ 204792193/MYBIOS_Is_BIOS_infection_a_reality • McAfee Virtual Criminology Report 2007 http://us.mcafee.com/en-us/local/ html/identity_theft/NAVirtualCriminologyReport07.pdf • Google Zeitgeist http://blog.f-secure.jp/ archives/50630539.html • "The Tragedies in Oslo and on Utøya island" Speech held by King Harald V http://www.kongehuset.no/c27262/nyhet/vis.html?tid=92959Friday, November 4, 2011
  50. 50. references • -- DEFCON CTF http://scan.netsecurity.ne.jp/archives/52002536.html • PET http://www.soumu.go.jp/denshijiti/pdf/ jyumin_p_s3.pdf • PIA http://www.soumu.go.jp/denshijiti/pdf/jyumin_p_s2.pdf • http:// jp.reuters.com/article/topNews/idJPJAPAN-21406320110527 • GIE http://d.hatena.ne.jp/ukky3/20110829/1314685819 • Diginotar Black.Spook http://blog.f-secure.jp/archives/50626009.htmlFriday, November 4, 2011
  51. 51. references • Computer virus hits US Predator and Reaper drone fleet http:// arstechnica.com/business/news/2011/10/exclusive-computer-virus-hits- drone-fleet.ars • F-Secure: Possible Governmental Backdoor found, MD5 hashes ("case R2D2") http://www.f-secure.com/weblog/archives/00002249.html • State-sponsored spies collaborate with crimeware gang | The Unholy APT- botnet union http://www.theregister.co.uk/2011/09/13/ apt_botnet_symbiosis/ • NISC 10 7 http://www.nisc.go.jp/ conference/seisaku/index.html#seisaku27 • http://news.livedoor.com/article/detail/5685674/Friday, November 4, 2011
  52. 52. references • http:// www.sakimura.org/2011/06/1124/ • http://ja.wikipedia.org/wiki/ • http://ja.wikipedia.org/wiki/Friday, November 4, 2011

×