• Like

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Cyber Terror ICT Conference

  • 1,692 views
Uploaded on

Mapping connections between CyberCrime and CyberTerrorism groups. …

Mapping connections between CyberCrime and CyberTerrorism groups.
Reviewing mitigation factors on the nation-state level and international treaties and strategies that will thwart terrorism and state sponsored cyber offense.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,692
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
97
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Cyber[Crime|Terror]Links between crime and terror on the cyber front: analysis and mitigation strategies
    Iftach Ian Amit
    VP Business Development, Security Art
    Board Member - CSA Israel
    IL-CERT Dreamer
  • 2. 2
    So, I heard that crime has something to do with state?
    You heard right...
  • 3. 3
  • 4. 4
  • 5. 5
    Hungry yet?
    That was just the appetizer...
  • 6. 6
    CyberWar
    “Cyberwarfare, is the use of computers and the Internet in conducting warfare in cyberspace.”
    Wikipedia
  • 7. 7
    It did not happen yet
    Being an exception
    Estonia
    Georgia
    Titan Rain
    India
    Google
    Adobe
  • 8. 8
    Many faces of how CyberWar is perceived...
    From McAfee’s “Virtual Criminology Report 2009”
    Image caption:
    “countries developing advanced offensive cyber capabilities”
  • 9. 9
    CyberWar - Attack
    Highly selective targeting of military (and critical) resources
    In conjunction with a kinetic attack
    OR
    Massive DDOS in order to “black-out” a region, disrupt services, and/or push political agenda (propaganda)
  • 10. 10
    CyberWar - Defense
    Never just military
    Targets will be civilian
    Physical and logical protections = last survival act
    Availability and Integrity of services
    Can manifest in the cost of making services unavailable for most civilians
  • 11. 11
    CyberCrime
    11
  • 12. 12
    You want money, you gotta play like the big boys do...
  • 13. 13
    CyberCrime - Ammunition
    =≈ APT
  • 14. 14
  • 15. 15
    CyberCrime - Defense
    Anti [ Virus | Malware | Spyware | Rootkit | Trojan ]
    Seriously?
    Firewalls / IDS / IPS
    Seriously?
    Brought to you by the numbers 80, 443, 53...
    SSL...
  • 16. 16
    How do these connect?
    Claim: CyberCrime is being used to conduct CyberWar/Terror
    Proof: Let’s start with some history...
  • 17. 17
    History - Revisited...
    Israel
    Operation Orchard
    Source: Der Spiegel
    September 6th, 2007
    Source: http://en.wikipedia.org/wiki/Operation_Orchard
  • 18. 18
    Cast-Led, 2nd Lebanon war
    Israeli
    All attacks on
    targets
    Arabic
    are Attributed to
    Hacktivists
    18
  • 19. 19
    Mid-east crime-war links
    ARHack
    Hacker/Political forum by day
    Cybercrime operations by night
  • 20. 20
    Political post
    Buying/Selling cards for 1/2 their balance
    Selling 1600 visa cards
  • 21. 21
    History - Revisited...
    Iran
    2009 Twitter DNS hack attributed to Iranian activity.
    Political connections are too obvious to ignore (elections)
    Timing was right on:
  • 22. 22
  • 23. 23
    Iran-Twitter connecting dots
    Twitter taken down December 18th 2009
    Attack attributed eventually to agroup named “Iranian Cyber Army”
    Until December 2009 there was no group known as “Iranian Cyber Army”...
    BUT - “Ashiyane” (Shiite group) is from the same place as the “Iranian Cyber Army”
  • 24. 24
  • 25. 25
    Iran-Twitter - Ashiyane
    Ashiyane was using the same pro-Hezbolla messages that were used on the Twitter attack with their own attacks for some time...
    AND the “Iranian Cyber Army”is an active group on the Ashiyane forums www.ashiyane.com/forum
    Let’s take a look at how Ashiyane operates...
  • 26. 26
    On [Crime|Terror] training
    Ashiyane forums WarGames
    26
  • 27. 27
    Wargames targets includes:
    27
  • 28. 28
    Back to [Crime|Terror] Links:
    What else happened on the 18th?
    Additional targets- Baidu taken down
    with the same MO (credentials)
  • 29. 29
    Mapping Iran’s [Crime|Terror]
    More recently:
    Iranian Cyber Army expanding
    into the “Crime” business
    Along with the cybercrime
    “honeypot” tactics…
  • 30. 30
    Mapping Iran’s [Crime|Terror]
    Iran Iraq
    US
    DDoS
    Site Defacement
    Ashiyane
    Botnet Herding
    Credit Card Theft
    $$
    UK
    Crime
    War
    Iranian Cyber Army
    Strategic Attacks
    US
    CN
  • 31. 31
    The Future(Ilustrated)
    CLOUDS
  • 32. 32
    Deterrence
    An attack agains one or more states, shall be considered an attack against all member states, who agree, to exercise their right to assist the attacked party, including the right to use armed forces.
    NATO Article 5 - abridged
    Think: Article 5 for the Cyber Commons!
  • 33. 33
    Attribution?
    Technical - not feasible
    Political - should be obvious
    Defending state?
    Should have the responsibility to “clean up” its portion of the Cyber Commons in order to enable a sustainable economic and civil environment.
  • 34. 34
    Summary
    Good
    Bad
    Formal training on cybersecurity by nations
    Commercialdevelopment of malware still reigns
    Ugly
    Good meet Bad: money changes hands, less tracks to cover, criminal ops already creating the weapons and are linked to terrorist organizations...
  • 35. 35
    Summary
    The Future
    Lack of legislation and cooperation on multi-national level is creating de-facto “safe haven” for cybercrime. <- FIx this! (see article 5 suggestions)
    Treaties and anti-crime activities may prove to be beneficial. <- nukes? (i.e. treaties...)
  • 36. 36
    Thanks!
    www.security-art.com
    iamit@security-art.com
    twitter.com/iiamit
    blog.security-art.com