A perspective for counter strategy against cybercrime and cyber espionage
Upcoming SlideShare
Loading in...5
×
 

A perspective for counter strategy against cybercrime and cyber espionage

on

  • 1,059 views

 

Statistics

Views

Total Views
1,059
Views on SlideShare
1,058
Embed Views
1

Actions

Likes
1
Downloads
13
Comments
0

1 Embed 1

http://a0.twimg.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    A perspective for counter strategy against cybercrime and cyber espionage A perspective for counter strategy against cybercrime and cyber espionage Presentation Transcript

    • Gohsuke Takama / , Meta Associates, 2011 9 http://www.slideshare.net/gohsuket
    • about…✴ Gohsuke Takama ✴ Meta Associates (http://www.meta-associates.com/) ✴founder & president, connector, analyst, planner ✴ local organizer of security conferences: BlackHat Japan, PacSec ✴ liaison of security businesses: Patch Advisor, SecWest ✴ organizer of tech entrepreneur / startup support events ✴ independent tech journalist for over 10 years ✴ for security news: http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/ ✴ Privacy International (London, UK http://www.privacyinternational.org/) ✴advisory board member ✴ Computer Professionals for Social Responsibility (http://cpsr.org/) ✴Japan chapter founding supporter
    • "what happened in the last 2 years"• OperationAurora, ShadyRAT, ...• Stuxnet• (MENA) *new• Wikileaks *new• Sony PSN• Anonymous *new• Indira Gandhi
    • "what happened in the last 2 years"• OperationAurora, ShadyRAT, ... = = APT (Advanced Persistent Threat)• Stuxnet = SCADA• *new=• Wikileaks *new = :• Sony PSN: 3 = DDoS, ,• Anonymous *new = +• Indira Gandhi =
    • "what happened in the last 2 years" infra attack: SCADA Supervisory Control And Data Acquisition
    • "whom targeted, why"• ,• Sony PSN, Sony• ,•• :
    • "whom targeted, why"http://paulsparrows.wordpress.com/category/security/cyber-attacks-timeline/
    • "spoofing, phishing & targeted attack"/ 1
    • "cybercrime, cyber espionage, primary target = individual"
    • "know your enemy: techniques"• phishing • website spoofing• targeted phishing • content altering• trojan • XSRF• spyware • XSS• keylogger • code injection• rootkit • IP hijacking• botnet DDoS • rogue WiFi AP • sniffer
    • "know your enemy: techniques" http://www.ipa.go.jp/security/vuln/newattack.html
    • "know your enemy: not just techniques"•• who are they?• disseminate characters• disseminate motives
    • "disseminate characters"•••••••••
    • "disseminate characters"
    • "disseminate characters"https://us.mcafee.com/en-us/local/html/identity_theft/NAVirtualCriminologyReport07.pdf
    • "disseminate characters"how cyber criminals lure talents?
    • "disseminate characters" http://www.youtube.com/watch?v=2Tm7UKo4IBchttp://www.youtube.com/watch?v=kZNDV4hGUGw
    • "disseminate characters"• =• =• =• =• : →CEO 26%• = Lulzsec, TeaMp0isoN• = Th3J35t3r, On3iroi• = Anonymous• vs
    • "disseminate motives"• ,•• hacktivism,•
    • "disseminate motives"Law, Market, Norm, Architecture
    • "disseminate motives"Law, Market, Norm, Architecture
    • "disseminate motives"Law, Market, Norm, Architecture
    • "disseminate motives"Law, Market, Norm, Architecture - - J-SOX - - ( ) - - - - : -
    • "disseminate motives"• , = Power• = Money• hacktivism, = Ideology• = Control
    • "disseminate motives" Power, Money, Ideology, Control Power$Money Ideology - - - - Control
    • "disseminate motives" Autocracy, Crime, Extremism, Hacker Power Autocratic Government Organized Extremist$Money Crime Hacktivist Ideology : - Hacker - Cracker - - Control
    • "disseminate motives" Autocracy, Crime, Extremism, Hacker Power Autocratic Government Infra APT Disruption Organized Extremist$Money Crime Hacktivist Ideology Theft Hacktivism Fraud Lulz : - Hacker - Cracker - - Control
    • "social change on Internet" 2000•• • • • •
    • "social change on Internet" 2001• •• •• •• • • • • • • • (Wiki ) • / • • • 3D •
    • "real world vs. social data world"
    • "real world vs. social data world" :
    • "emerging attack techniques"• malware: ,• VM , bios• : VNC, Spycam,• spyware : keylogger, GPS logger• sabotage ware : Stuxnet• USB =• DDoS: JavaScript (LOIC) ($8/h~),
    • "layer approach" •examle: OSI model
    • "a security layer model " 7 Psychological ,Human Factor 6 Custom (Habit) , 5 Operation 4 Content Intangibles 3 OS/Application 2 Hardware Tangibles 1 Physical
    • "attacks vs. counter measures " APT, espionage, phishing,Psychological social engineering ? spoofing, pharming, accustomed best practice, Custom phishing spam, XSS, XSRF, awareness, CIRT, PKI, spyware, ID spoof/theft digital ID, SSL certificate DoS, spam, ransom-ware, routing, filtering, policy, Operation sabotage-ware audit, CIRT sniffing, spyware, spam, encryption, filtering, Content alteration content-scan, host IDS OS/ DoS, vuln exploit, 0day, Firewall, network IDS, IPS, Application rootkit, botnet anti-virus, OS/app patch direct access, tampering, perimeter guard, anti- Hardware alteration tampering, hard seal lock pick, break in, surveillance, perimeter Physical vandalism alarm, armed guard
    • "state of security methodology"✴ •( + )✴ •= ( )✴ PKI = DigiNotar✴ = •( )✴ =
    • "perspective for counter strategy" set basic security measures:✴ prevention, detection, response✴✴✴ : 100%✴ :✴ (APT )✴ PET (Privacy Enhancing Technology )✴ PIA (Privacy Impact Assessment )
    • "perspective for counter strategy" be creative:✴✴ soft power • • PR deflective PR✴ social intelligence ( )✴ counter social engineering • •
    • "perspective for counter strategy" be creative: Learn Attack Technique• •• = CTF (Capture The Flag) • • DEFCON CTF CTF •
    • "perspective for counter strategy" be creative: Soft Power• Soft Power = 1990 Joseph Nye• Hard Power•• http://en.wikipedia.org/wiki/Soft_power• /••
    • "perspective for counter strategy" be creative: Soft Power
    • "perspective for counter strategy" be creative: Social Intelligence•• • hacktivism • • Twitter, Facebook, IRC, Weibo, RenRen
    • "perspective for counter strategy"be creative: Counter Social Engineering••• • •• • ( )
    • "perspective for counter strategy" be prepared: Simulation Exercise✴• TableTop Exercise = •• Functional Exercise = • •• FullScale Exercise = • •
    • references• CEOs - the new corporate fraudstersds http://www.iol.co.za/ sundayindependent/ceos-the-new-corporate-fraudstersds-1.1144649• PwC Survey Says: Telecoms Are Overconfident About Security http:// www.readwriteweb.com/cloud/2011/09/pwc-survey-says-telecoms-are-o.php• Cyber attack led to IGI shutdown http://www.indianexpress.com/news/ cyber-attack-led-to-igi-shutdown/851365/• Anonymous announces global plans http://www.digitaltrends.com/ computing/video-anonymous-announces-global-plans/• ANONYMOUS - OPERATION PAYBACK - Sony Press Release http:// www.youtube.com/watch?v=2Tm7UKo4IBc• Operation Payback - Anonymous Message About ACTA Laws, Internet Censorship and Copyright http://www.youtube.com/watch? v=kZNDV4hGUGw• Anonymous: Message to Scientology http://www.youtube.com/watch? v=JCbKv9yiLiQ• Anonymous http://www.atmarkit.co.jp/ fsecurity/special/161dknight/dknight01.html
    • references• 28 Nation States With Cyber Warfare Capabilities http:// jeffreycarr.blogspot.com/2011/09/27-nation-states-with-cyber-warfare.html• Far East Research http://scan.netsecurity.ne.jp/archives/52017036.html• CVE-2011-0611 : Adobe Flash Player SWF Memory Corruption Vulnerability http://www.youtube.com/watch?v=DP_rRf468_Y• MYBIOS. Is BIOS infection a reality? http://www.securelist.com/en/analysis/ 204792193/MYBIOS_Is_BIOS_infection_a_reality• McAfee Virtual Criminology Report 2007 http://us.mcafee.com/en-us/local/ html/identity_theft/NAVirtualCriminologyReport07.pdf• Google Zeitgeist http://blog.f-secure.jp/ archives/50630539.html• "The Tragedies in Oslo and on Utøya island" Speech held by King Harald V http://www.kongehuset.no/c27262/nyhet/vis.html?tid=92959
    • references• -- DEFCON CTF http://scan.netsecurity.ne.jp/archives/52002536.html• PET http://www.soumu.go.jp/denshijiti/pdf/ jyumin_p_s3.pdf• PIA http://www.soumu.go.jp/denshijiti/pdf/jyumin_p_s2.pdf• http:// jp.reuters.com/article/topNews/idJPJAPAN-21406320110527• GIE http://d.hatena.ne.jp/ukky3/20110829/1314685819• Diginotar Black.Spook http://blog.f-secure.jp/archives/50626009.html
    • references• Computer virus hits US Predator and Reaper drone fleet http:// arstechnica.com/business/news/2011/10/exclusive-computer-virus-hits- drone-fleet.ars• F-Secure: Possible Governmental Backdoor found, MD5 hashes ("case R2D2") http://www.f-secure.com/weblog/archives/00002249.html• State-sponsored spies collaborate with crimeware gang | The Unholy APT- botnet union http://www.theregister.co.uk/2011/09/13/ apt_botnet_symbiosis/• NISC 10 7 http://www.nisc.go.jp/ conference/seisaku/index.html#seisaku27