Jason Healy - Atlantic Council - Keynote Address: The sophisticated threat – yesterday, today and tomorrow
Upcoming SlideShare
Loading in...5
×
 

Jason Healy - Atlantic Council - Keynote Address: The sophisticated threat – yesterday, today and tomorrow

on

  • 147 views

Jason Healy delivered the presentation at the 2014 ADM Cyber Security Summit. ...

Jason Healy delivered the presentation at the 2014 ADM Cyber Security Summit.

The 2014 ADM Cyber Security Summit focused on “Combatting Emerging and increasingly sophisticated cyber threats” both domestically and internationally, and showcased relevant organisational case studies and supporting research from academia.

For more information about the event, please visit: http://www.informa.com.au/cybersecuritysummit14

Statistics

Views

Total Views
147
Views on SlideShare
147
Embed Views
0

Actions

Likes
1
Downloads
15
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Jason Healy - Atlantic Council - Keynote Address: The sophisticated threat – yesterday, today and tomorrow  Jason Healy - Atlantic Council - Keynote Address: The sophisticated threat – yesterday, today and tomorrow Presentation Transcript

    • Sophisticated Threats: Yesterday, Today and Tomorrow Jason Healey June 2014 jhealey@atlanticcouncil.org Twitter: @Jason_Healey
    • Computer Network Vulnerabilities Hardware Leakage Software Leakage Deliberate Penetration Accidental Disclosure Physical Attack Modify at Factory Look Familiar?
    • Hardware Leakage Software Leakage Deliberate Penetration Accidental Disclosure Physical Attack Modify at Factory Written in 1969 ….
    • State-Sponsored Cyber Espionage? • “Espionage over networks can be cost-efficient, offer nearly immediate results, and target specific locations … insulated from risks of internationally embarrassing incidents” Heard this Lately?
    • State-Sponsored Cyber Espionage • “Espionage over networks can be cost-efficient, offer nearly immediate results, and target specific locations … insulated from risks of internationally embarrassing incidents” Written in 1988 ….
    • Advanced Persistent Threat • “Extensive resources in money, personnel, and technology” • “Adept in circumventing physical and procedural safeguards” • “Patient and motivated” • “Capable of exploiting a successful attack for maximum long-term gain” Look Familiar?
    • Advanced Persistent Threat • “Extensive resources in money, personnel, and technology” • “Adept in circumventing physical and procedural safeguards” • “Patient and motivated” • “Capable of exploiting a successful attack for maximum long-term gain” Look Familiar? From 1991 ….
    • The Threat … from 1997 Look familiar? From President’s Commission on Critical Infrastructure Projection (PCCIP Report) 1997
    • The Threat … from 1997 Look familiar? JTF-CND Commander’s Presentation to DSB Summer Study, 2000
    • Bad Guys Finish First • “Few if any contemporary computer security controls have prevented a [red team] from easily accessing any information sought.” Heard this Lately?
    • Bad Guys Finish First Lt Col Roger Schell (USAF) in 1979 • “Few if any contemporary computer security controls have prevented a [red team] from easily accessing any information sought.”
    • Back to the Future All Over Again “…the only cyberwar raging is inside the U.S. government where Washington lawyers and policymakers, military leaders, and official hackers battle over the value and legality of network attack.” Washington Post, 1999 “Attention to security gimmicks results in overlooking serious weaknesses.” Schell, 1979 “The market does not work well enough to raise the security of computer systems at a rate fast enough to match the apparent growth in threats to systems.” Computers at Risk, 1991 “Government and commercial computer systems are so poorly protected today they can essentially be considered defenseless - an Electronic Pearl Harbor waiting to happen.” Schwartau, 1991
    • TODAY
    • Adversary Groups on Left Which Industry Each Targets on Right CrowdStrike Annual Report 2013
    • Everyone, Everywhere, All Ways, and Always Russia china usa Organized crime – israel – france – UK - IndIa… •Titan Rain •Night Dragon •Shadows in the Cloud •Putter Panda – Unit 61486 •Unit 61938 •Estonia, Georgia, Ukraine •Buckshot Yankee •Energetic Bear •Snake •Stuxnet, Flame •Xkeyscore •TAO •Bull Run
    • Everyone, Everywhere, All Ways, and Always Russia china usa Organized crime – israel – france – UK - IndIa… •Titan Rain •Night Dragon •Shadows in the Cloud •Putter Panda – Unit 61486 •Unit 61938 •Estonia, Georgia, Ukraine •Buckshot Yankee •Energetic Bear •Snake •Stuxnet, Flame •Xkeyscore •TAO •Bull Run To companies like Microsoft or Google, all of these are ‘attackers’ and so all are adversaries. If you belong to a SIGINT organization, you are APT too!
    • What Has Changed? Some Important Trends 1. Rise of the professionals 2. Fed by power of the free/stolen market 3. More aggressive attacks and espionage 4. Real national security attacks 5. Attacks aren’t just by the “bad guys” anymore 6. Scope and scale of attacks
    • What Has Not Changed? Some Important Trends 1. Basic computer vulnerabilities 2. Basic categories of threat 3. Identities of low- and high-end threat 4. General fecklessness of defense 5. Dynamics of cyber conflict 6. Relationship of offense to defense (O>D) 7. Truly destructive attacks are still “five years away”
    • WHAT COMES TOMORROW?
    • Tomorrow… • The conventional answer: • Maybe our “five-year clock” finally runs out – Being hurried perhaps more by our increasing vulnerability than ability or intent of adversaries – We can discuss in Q&A – But first, the unconventional answer
    • Great News! Security is Getting Better! Whether in detection, control, or prevention, we are notching personal bests … - Dan Geer, 2014 Time Effectiveness Improvement of Defense Tipping Point? 2014
    • Bad News! We’re Still Losing and at a Faster Rate! O>D Whether in detection, control, or prevention, we are notching personal bests but all the while the opposition is setting world records. - Dan Geer, 2014 Time Effectiveness Improvement of Defense 2014 Improvement of Offense http://geer.tinho.net/geer.rsa.28ii14.txt
    • Or Is It Exponentially Worse? Time Effectiveness Improvement of Defense 2014 Improvement of Offense
    • Can This Last Forever? Time Effectiveness Improvement of Defense Tipping Point? 2014 Improvement of Offense
    • O>D O>>D Time Effectiveness Tipping Point 20xx When There Are More Predators Than Prey “Somalia” “Wild West”
    • THIS HAS BEEN VERY NEGATIVE, SO TO END ON A POSITIVE NOTE…
    • QUESTIONS? jhealey@atlanticcouncil.org Twitter: @Jason_Healey Cyber Statecraft Initiative • International conflict, competition and cooperation in cyberspace •Our goal is Saving Cyberspace •Publications (all at our website, atlanticcouncil.org) • Public and Private Events 1. History of cyber conflict 2. Future of cyber conflict 3. Systemic cyber risks 4. Public sector-centric strategy 5. Sustainable cyberspace