Launching Assaults in the Virtual World: Cyber Warfare By James McSpadden

Basic definition of cyber-warfare Neta Crawford – “conducting war and inflicting damage to another network by using the internet and computers”

Neta Crawford – “conducting war and inflicting damage to another network by using the internet and computers”

Small time hacking Defacing a website Mafia boy and CNN Managed to create large financial damages His method was called “Denial of Service” and although this is a small time hacking job, the “Denial of service” can do lots of damage

Defacing a website

Mafia boy and CNN

Managed to create large financial damages

His method was called “Denial of Service” and although this is a small time hacking job, the “Denial of service” can do lots of damage

The Yes Men The political agenda Using phony websites and impersonating higher-ups to achieve a political objective Not very harmful to economies but an effective way of getting people to listen

The political agenda

Using phony websites and impersonating higher-ups to achieve a political objective

Not very harmful to economies but an effective way of getting people to listen

The Zapatistas Another group of people who use the internet as a means to fit a political agenda

Another group of people who use the internet as a means to fit a political agenda

More dangerous hackers Hacking in to military installations Issue false orders Obtain classified information Create confusion

Hacking in to military installations

Issue false orders

Obtain classified information

Create confusion

Disabling infrastructure Disabling power, water, fuel, transportation could create mass-panic and HUGE economic damage

Disabling power, water, fuel, transportation could create mass-panic and HUGE economic damage

Disabling infrastructure (cont’d) Possibly the most damaging and most costly Could decimate a population and cost billions

Possibly the most damaging and most costly

Could decimate a population and cost billions

Estonia Hackers damaged government files Used a “denial-of-service” and “bots” Took money from banks

Hackers damaged government files

Used a “denial-of-service” and “bots”

Took money from banks

Moonlight Maze Moonlight Maze refers to a highly classified incident in which U.S. officials accidentally discovered a pattern of probing of computer systems at the Pentagon, NASA, Energy Department, private universities, and research labs that had begun in March 1998 and had been going on for nearly two years.

Moonlight Maze refers to a highly classified incident in which U.S. officials accidentally discovered a pattern of probing of computer systems at the Pentagon, NASA, Energy Department, private universities, and research labs that had begun in March 1998 and had been going on for nearly two years.

The investigation in to Moonlight Maze is still going on…

Eligible Receiver The government test against itself Very surprising information and very scary results about our vulnerabilities

The government test against itself

Very surprising information and very scary results about our vulnerabilities

Titan Rain China’s alleged cyber attack Discovered by Shawn Carpenter Similar to break-ins on Lockheed Martin Millions in damage and top-secret info obtained

China’s alleged cyber attack

Discovered by Shawn Carpenter

Similar to break-ins on Lockheed Martin

Millions in damage and top-secret info obtained

“ The way these intrusions are conducted are certainly consistent with what you would need if you were going to actually carry out cyber warfare” -John Vause (March 11, 2008)

“ The way these intrusions are conducted are certainly consistent with what you would need if you were going to actually carry out cyber warfare”

-John Vause (March 11, 2008)

Electronic Jihad 2.0 “ The latest version of the terrorists ‘software’, Electronic Jihad 2.0, makes it easier than ever to coordinate a denial-of-service attack on a Web site. You simply select the level of bandwidth you wish to use and hit ‘attack,’ and the attack is launched. It's really down to script kiddie level” -John Mello (November, 2007)

“ The latest version of the terrorists ‘software’, Electronic Jihad 2.0, makes it easier than ever to coordinate a denial-of-service attack on a Web site. You simply select the level of bandwidth you wish to use and hit ‘attack,’ and the attack is launched. It's really down to script kiddie level”

-John Mello (November, 2007)

Think about this: Denial-of-service attacks make users unable to log in. With the right people behind the keys, government agents (or entire agencies) could be unable to log in to their respective accounts. Think of an entire government agency unable to issue orders. Without the authority to issue orders, who is to say that an actual military attack could take place without much resistance?

Denial-of-service attacks make users unable to log in.

With the right people behind the keys, government agents (or entire agencies) could be unable to log in to their respective accounts.

Think of an entire government agency unable to issue orders.

Without the authority to issue orders, who is to say that an actual military attack could take place without much resistance?

This may be a big “What If” game…

…but if it happened before why couldn’t it happen again?

With all of this evidence about previous cyber-attacks, their effectiveness and our vulnerabilities, it does not seem unreasonable to believe that the United States may already in another cyber-war. We just do not know who is fighting us.

With all of this evidence about previous cyber-attacks, their effectiveness and our vulnerabilities, it does not seem unreasonable to believe that the United States may already in another cyber-war.

We just do not know who is fighting us.

It’s a lot scarier than you thought isn’t it?

Questions?

I hope you enjoyed my little presentation.