Cyberterrorism
   A case study for Emergency Management




Ricardo A. Reis, Security Officer




                     &
 ...
Presentation Developed By:

          Ricardo A. Reis
      ricardo.areis@unifesp.br
      ricardo.areis@gmail.com
CCO, Fe...
Cyberterrorism



Prepare, Plan and Stay in Business
Cyberterrorism
                                   Prepare, Plan and Stay in Business




  Cyber Terrorism is defined as:
...
Cyberterrorism
                              Prepare, Plan and Stay in Business




  Emergency management is defined as:
...
Cyberterrorism
                            Prepare, Plan and Stay in Business



 EMERGENCY MANAGEMENT

         LIFE CYCL...
Cyberterrorism
                                            Prepare, Plan and Stay in Business





    Case Study

    Bo...
Cyberterrorism
                                 Prepare, Plan and Stay in Business





    Case Study

            quot;...
Cyberterrorism
                                         Prepare, Plan and Stay in Business




    Cyberterrorism & Botne...
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
              Prepare, Plan and Stay in Business




quot;We have seen offers that will allow a
customer to...
Cyberterrorism
                                     Prepare, Plan and Stay in Business



    PREVENTION/MITIGATION
    ...
Cyberterrorism
                                   Prepare, Plan and Stay in Business





    PREPAREDNESS
    
      De...
Cyberterrorism
                                 Prepare, Plan and Stay in Business



    RESPONSE

    
      Establish...
Cyberterrorism
                                    Prepare, Plan and Stay in Business





    RECOVERY
    
      If ne...
Cyberterrorism
                   Prepare, Plan and Stay in Business




       A SIMULATED ?

Distributed Denied of Servi...
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
                   Prepare, Plan and Stay in Business




        !!! REAL LIFE !!!

Distributed Denied of ...
Cyberterrorism
Prepare, Plan and Stay in Business
Cyberterrorism
                                            Prepare, Plan and Stay in Business




The main targets have be...
Cyberterrorism
                                               Prepare, Plan and Stay in Business


NUMBER’S
Attacks Destin...
Cyberterrorism
                                                 Prepare, Plan and Stay in Business


Attacks           Dat...
Cyberterrorism
                                               Prepare, Plan and Stay in Business


Attacks          Date

...
Cyberterrorism
                                               Prepare, Plan and Stay in Business




Attacks          Band...
Cyberterrorism
                Prepare, Plan and Stay in Business




BOTNET’S Command and Control
Cyberterrorism
            Prepare, Plan and Stay in Business




Shadow SERVER Project
Cyberterrorism
            Prepare, Plan and Stay in Business




Shadow SERVER Project
Cyberterrorism
                                      Prepare, Plan and Stay in Business





    PREVENTION/MITIGATION ( ...
Cyberterrorism
      Prepare, Plan and Stay in Business




Questions ?
Cyberterrorism
   A case study for Emergency Management




Ricardo A. Reis, Security Officer




                     &
 ...
Upcoming SlideShare
Loading in...5
×

CyberTerrorism - A case study for Emergency Management

5,793
-1

Published on

“The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.”
by Kevin G. Coleman

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
5,793
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
392
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

CyberTerrorism - A case study for Emergency Management

  1. 1. Cyberterrorism A case study for Emergency Management Ricardo A. Reis, Security Officer & Hospital São Paulo
  2. 2. Presentation Developed By: Ricardo A. Reis ricardo.areis@unifesp.br ricardo.areis@gmail.com CCO, Federal University of São Paulo For use by: The International Consortium for Organization Resilience (ICOR)
  3. 3. Cyberterrorism Prepare, Plan and Stay in Business
  4. 4. Cyberterrorism Prepare, Plan and Stay in Business Cyber Terrorism is defined as: “The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.” by Kevin G. Coleman of the Technolytics Institute
  5. 5. Cyberterrorism Prepare, Plan and Stay in Business Emergency management is defined as: “Comprehensive system of policies, practices, and procedures designed to protect people and property from the effects of emergencies or disasters.” Extension Disaster Education Network (EDEN)
  6. 6. Cyberterrorism Prepare, Plan and Stay in Business EMERGENCY MANAGEMENT LIFE CYCLE 1 - PREVENTION/MITIGATION 2 - PREPAREDNESS 3 - RESPONSE 4 - RECOVERY
  7. 7. Cyberterrorism Prepare, Plan and Stay in Business  Case Study Botnet’s is a jargon term for a collection of software robots, or bots, that run autonomously and automatically. They run on groups of zombie computers controlled remotely. This term can also refer to the network of computers using distributed computing software. From Wikipedia, the free encyclopedia
  8. 8. Cyberterrorism Prepare, Plan and Stay in Business  Case Study quot;A botnet is comparable to compulsory military service for windows boxesquot; Stromberg, http://www.honeynet.org/papers/bots/
  9. 9. Cyberterrorism Prepare, Plan and Stay in Business  Cyberterrorism & Botnet's  Distributed Denial-of-Service Attacks  Spamming  Sniffing Traffic  Keylogging  Spreading new malware  Installing Advertisement Addons  Browser Helper Objects (BHOs)  Google AdSense abuse  Attacking IRC Chat Networks  Mass identity theft
  10. 10. Cyberterrorism Prepare, Plan and Stay in Business
  11. 11. Cyberterrorism Prepare, Plan and Stay in Business quot;We have seen offers that will allow a customer to send a million emails for under $100,quot; Henry says. quot;If you send more than 10 million, the price drops to under $80 per million. There's a price war going on, and Nugache is becoming the bargain basement.quot;
  12. 12. Cyberterrorism Prepare, Plan and Stay in Business  PREVENTION/MITIGATION  Compliance with Security Standards ISO 27001/27002  Think in Business Continuity and IT Infrastructure Recovery  Make a Computer Security Incident Response Team  Monitor IT Infrastructure  Internet Bandwidth  DNS Services  WEB Services  EMAIL Services  Pre-Contact with external agency  Upstream ISP  Regional Computer Security Incident Response Team (CSIRT)
  13. 13. Cyberterrorism Prepare, Plan and Stay in Business  PREPAREDNESS  Development and practice of multi-agency coordination and incident command  Development and practice Incident Response Plan
  14. 14. Cyberterrorism Prepare, Plan and Stay in Business  RESPONSE  Established Incident Command  Notify CSIRT  Active Incident Response Plan  Never use 100% of your CSIRT Team  Don't stop Triage Process  Communicate Major Events
  15. 15. Cyberterrorism Prepare, Plan and Stay in Business  RECOVERY  If necessary active Business Recovery Plan  Document the Major Event  Communicate the end of Major Events  Update all Plans
  16. 16. Cyberterrorism Prepare, Plan and Stay in Business A SIMULATED ? Distributed Denied of Service Attack
  17. 17. Cyberterrorism Prepare, Plan and Stay in Business
  18. 18. Cyberterrorism Prepare, Plan and Stay in Business
  19. 19. Cyberterrorism Prepare, Plan and Stay in Business
  20. 20. Cyberterrorism Prepare, Plan and Stay in Business
  21. 21. Cyberterrorism Prepare, Plan and Stay in Business
  22. 22. Cyberterrorism Prepare, Plan and Stay in Business
  23. 23. Cyberterrorism Prepare, Plan and Stay in Business
  24. 24. Cyberterrorism Prepare, Plan and Stay in Business
  25. 25. Cyberterrorism Prepare, Plan and Stay in Business !!! REAL LIFE !!! Distributed Denied of Service Attack
  26. 26. Cyberterrorism Prepare, Plan and Stay in Business
  27. 27. Cyberterrorism Prepare, Plan and Stay in Business The main targets have been the websites of: · the Estonian presidency and its parliament · almost all of the country's government ministries · political parties · three of the country's six big news organisations · two of the biggest banks; and firms specializing in communications
  28. 28. Cyberterrorism Prepare, Plan and Stay in Business NUMBER’S Attacks Destination Address or owner 35 “195.80.105.107/32″ pol.ee 7 “195.80.106.72/32″ www.riigikogu.ee 36 “195.80.109.158/32″ www.riik.ee, www.peaminister.ee, www.valitsus.ee 2 “195.80.124.53/32″ m53.envir.ee 2 “213.184.49.171/32″ www.sm.ee 6 “213.184.49.194/32″ www.agri.ee 4 “213.184.50.6/32″ 35 “213.184.50.69/32″ www.fin.ee (Ministry of Finance) 1 “62.65.192.24/32″ http://asert.arbornetworks.com/2007/05/estonian-ddos-attacks-a-summary-to-date/
  29. 29. Cyberterrorism Prepare, Plan and Stay in Business Attacks Date 21 2007-05-03 17 2007-05-04 31 2007-05-08 58 2007-05-09 1 2007-05-11 http://asert.arbornetworks.com/2007/05/estonian-ddos-attacks-a-summary-to-date/
  30. 30. Cyberterrorism Prepare, Plan and Stay in Business Attacks Date 17 less than 1 minute 78 1 min - 1 hour 16 1 hour - 5 hours 8 5 hours to 9 hours 7 10 hours or more http://asert.arbornetworks.com/2007/05/estonian-ddos-attacks-a-summary-to-date/
  31. 31. Cyberterrorism Prepare, Plan and Stay in Business Attacks Bandwidth measured 42 Less than 10 Mbps 52 10 Mbps - 30 Mbps 22 30 Mbps - 70 Mbps 12 70 Mbps - 95 Mbps http://asert.arbornetworks.com/2007/05/estonian-ddos-attacks-a-summary-to-date/
  32. 32. Cyberterrorism Prepare, Plan and Stay in Business BOTNET’S Command and Control
  33. 33. Cyberterrorism Prepare, Plan and Stay in Business Shadow SERVER Project
  34. 34. Cyberterrorism Prepare, Plan and Stay in Business Shadow SERVER Project
  35. 35. Cyberterrorism Prepare, Plan and Stay in Business  PREVENTION/MITIGATION ( AGAIN !!!!!! )  Compliance with Security Standards ISO 27001/27002 ( Protect your infrastructure and other Companies )  Make a Computer Security Incident Response Team ( Your First Response Team)  Pre-Contact with external agency  Upstream ISP  Regional (CSIRT)
  36. 36. Cyberterrorism Prepare, Plan and Stay in Business Questions ?
  37. 37. Cyberterrorism A case study for Emergency Management Ricardo A. Reis, Security Officer & Hospital São Paulo
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×