Infowarcon 2014 ME Cyber wars v13

1,148 views

Published on

Infowarcon 2014 Tennessee Conference Middle East Cyber Wars v13

Published in: Education, News & Politics
1 Comment
3 Likes
Statistics
Notes
  • @ Jorge Sebastiao please enble the download
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
1,148
On SlideShare
0
From Embeds
0
Number of Embeds
48
Actions
Shares
0
Downloads
0
Comments
1
Likes
3
Embeds 0
No embeds

No notes for slide

Infowarcon 2014 ME Cyber wars v13

  1. 1. Jorge Sebastiao Nashville TN, USA Middle East Cyber-wars V1.3
  2. 2. Agenda New World order It’s different Asymetrical Resourceful Tribal Physical Q&A 2
  3. 3. New World world order
  4. 4. Middle East+++
  5. 5. New World world order Offensive
  6. 6. Evolving Maturities… Maturity and Capabilities • Brazil • Canada • Italy • Sweden • Netherlands • Finland • Japan • Australia • Pakistan • Saudi Arabia • UAE • South Africa • India • South Korea • North Korea • Germany • Turkey • Taiwan • Estonia • Iran • France • UK • Israel • USA • China • Russia
  7. 7. National CISRT  Oman (also OIC CERT)  Malaysia (Impact)  Iran  UAE  Qatar  Saudi Arabia  Bahrain  Kuwait  Turkey  Egypt  Pakistan  India  Cyprus 7
  8. 8. 1980s 1990s 2000s 2010s1960s-70s Hardware Software Networking Cyber Evolution Timeline Mainframe Private/limited Limited Internet PCs Mobile DevicesDistributed Computing Everything networked Timesharing Productivity Everything as a Service Cloud Simple Viruses & Worms Social Engineering APT Widespread Viruses & Worms Local Area Networks Social Networksemail eCommerce BotnetsTrojan Horses It just got more complicated… Internet of Things State Sponsored Market places
  9. 9. Glass house of Critical Infrastructures
  10. 10. They always get through Firewalls IDS IPS Anti-Virus Content Hackers Cybercrime Cyber terrorism Now What?Cyber espionage Cyber war DLP
  11. 11. It’s different • Support Jihad • Hack for Money funding • Disrupt Critical Infrastructure • Cyber weapons Development • Experience, Training, Recruiting • Online alliances
  12. 12. Powerful cyber attack: propaganda • Old fashioned • Media • Some faked in English papers • Abu Ghraib photos • On-going Videos • Real political damage
  13. 13. Blurred Lines
  14. 14. Connecting the …
  15. 15. War and Cyber war • Olympic Games • Stuxnet • Duqu/Flame/Gauss • Shamoon • “Stuxnet a mistake…
  16. 16. Stuxnet 3 years without a trace… • Target • Type Nuclear Plant • Victim Iran • Motivation Destroy Centrifuges • Compromise • Social Engineering – Memory Stick • Vector SCADA Systems • Vulnerability Windows/Siemens • Response • Disclosure Jun 2010 • Iran Replaces 1000 Centrifuges • Win/Siemens Patches 16
  17. 17. Flame May 2012 - 2+ Years
  18. 18. Flame • ME Espionage • Sabotage • Size/Modularity • Gaming Language • Obfuscation??? • Repurposed
  19. 19. Duqu/Flame/Gauss Scope
  20. 20. Shamoon Aug 12 • Holiday gift • Targets – Saudi Aramco, 32K machines – Ragas, 2 weeks downtime • Major Disruption • Could have been a lot worse • After effects of response persist
  21. 21. Warfare • Attack – Israeli stock exchange – El airlines – several banks – posting of stolen Israeli credit cards • Retaliation – posting personal information 100 of • Saudis • Egyptians • Syrians
  22. 22. Mahdi Attack Jul 12 • Data-stealing Trojan • social engineering • Records – Keystrokes – Screen shots – Audio – Steal text & image files
  23. 23. Drone Loss • key logger virus infected American Predator & Reaper • Sep 2013- Iranian officials completed decoding the surveillance data & software extracted from CIA Drone “… the CIA's "lost" stealth drone to an intact landing inside hostile territory by exploiting a navigational weakness long-known to the US military, …” Iran Hijacked US Drone, Says Iranian Engineer: [HSEC-1.10; Date: 15-Dec-2011; Source: http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer DHS Open Source Enterprise Daily Cyber Report, 16-Dec- 2011, Unclassified.
  24. 24. US Banks under DDOS attack
  25. 25. Iran Attack by team Jul 2013
  26. 26. Iran Attack by team Jul 2013
  27. 27. Iran 4th Largest Cyber Army • Thecnological envelope, protect critical infrastructure • Stop and foil attacks • Separate communications network • Attack capability • Cyber Commander short Dead
  28. 28. Syrian Electronic Army • Turkey May 2013 –coordinated with Anonymous, attacked Prime Minister’s official website, access to staff email, passwords, & phone numbers. • Marjor attack against USA organizations • Head 19 years old
  29. 29. Syriam Electronic Army • Headed by 19 years old • Names disclused • Shutdown of VICE
  30. 30. Syria & Palestine & Israel • Israel subject to major attack • Under the radar • Israel Carmel Tunnel Security Camera CCTV System, 8 hours shudown of road • Haifa water infrastructure
  31. 31. Somalia
  32. 32. Indonesia source of attacks
  33. 33. India Pakistan Egypt Saudi Arabia UAE Kuwait Qatar Bahrain 60m 12m 6m 4.7m 1.7m 0.8m 0.3m 0.2m Critical Infrastructure cable cuts
  34. 34. Mutual on-going attacks • DDOS • Defacements • Privacy Disclusre • Financial Sector Attacks
  35. 35. Defending 60-100Gbps DDOS
  36. 36. Arms Race • US • Israel • Turkey • Iran • Saudi Arabia • UAE • Pakistan • India
  37. 37. 18 Critical Infrastructure Sectors
  38. 38. Think outside the box 38
  39. 39. Creative Weapons 39
  40. 40. All about Risk
  41. 41. Failure on P>D+R 41
  42. 42. What all about how fast you run?
  43. 43. Questions

×