At the end of this lesson, the student should be able to: Define cyberterrorism and cyberwarfare; Identify five types of cyber attacks and understand the damage that cyber attacks can inflict; Discuss several recent examples of cyber attacks; Identify and explain the roles of two organizations involved in defending US cyberspace. Counterintelligence 2
“The use of computer networks to shut down critical infrastructure (such as energy, transportation, government operations) or to coerce or intimidate a government or civilian population.” (Source: Center for Strategic and International Studies) Cyber Threats 3
Information war “The use of computers and other devices to attack an enemy’s information systems as opposed to an enemy’s armies or factories.” (Source: American Heritage New Dictionary) Cyber Threats 4
Trojan Horse: A computer program that conceals harmful code. A Trojan horse usually masquerades as a useful program that a user would wish to execute. Virus: A program that infects computer files, usually executable programs, by inserting a copy of itself into the file. These copies are usually executed when the infected file is loaded into memory, allowing the virus to affect other files. Unlike a computer worm, a virus requires human involvement (usually unwitting) to propagate. Cyber Threats 5
Phishing: Using emails and websites designed to look like those of legitimate businesses/government agencies to deceive internet users into disclosing personal data, e.g. bank and financial account information and passwords. DoS (Denial of Service): A method of attack from a single source that denise system access to legitimate users by overwhelming the target computer with messages and blocking legitimate traffic. It can prevent a system from being able to exchange data with other systems of use the internet. Cyber Threats 6
Distributed Denial of Service (DDoS): A variant of the DoS attack that uses a coordinated attack from a distributed system of computers rather than from a single source. It often makes use of worms to spread to multiple computers that can then attack the target. Counterintelligence 7
Titan Rain (2003+) Series of coordinated attacks on US computers Thought to be Chinese in origin NASA, Lockheed Martin, and other vital organizations penetrated Counterintelligence 8
Estonia, April 2007 DDoS attack against Estonian banks, media and government Coincided with major civil unrest by Russian nationals Cyber Threats 9
GhostNet Chinese cyberespionage network At least 103 countries penetrated Searches computers and emails, then turns on webcams and microphones to record any conversations within range Counterintelligence 10
Created in 2006 Housed within DHS “responsible for enhancing the security, resiliency, and reliability of the nations cyber and communications infrastructure” Counterintelligence 12
Created in June 2009 Began operations in May 2010 Part of the US Strategic Command, involving military units from the US Army, Navy, Air Force and Marines Directed by General Keith B. Alexander (also head of NSA) Cyber Threats 13
Plans, coordinates, integrates,synchronizes and conductsactivities to: Direct the operations and defense of specified DoD information networks Prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.Counterintelligence 14
Spy Museum Interviews: http://spymuseum.org/from- spy/spycast November 1, 2009 interview features Melissa Hathaway, former senior director for cyberspace for the National Security Council June 15, 2009 interview features Dr. Terry Gudaitis, former CIA operations officer and president of cyber intelligence company Cyveillance www.DHS.gov/Cyber } for more on securing www.OnGuardOnline.gov } shared cyber networks Cyber Threats 15
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.