Cyberwar Update2010

2,481 views
2,408 views

Published on

A lot has happened since the last Cyberwar presentation was posted. This Update2010 includes Iranian cyberwar, South Korea and US Gov attacks, Twitter outage, and the China Google attacks

Published in: Technology
1 Comment
3 Likes
Statistics
Notes
  • Please help me ADD TO>>>> FAVORITES! <<<<<PLEASE! http://www.slideshare.net/rosana65/estilo-de-vida-la-seguridad-en-la-pc

    Thanks Thank you, thank you very much!
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
2,481
On SlideShare
0
From Embeds
0
Number of Embeds
51
Actions
Shares
0
Downloads
118
Comments
1
Likes
3
Embeds 0
No embeds

No notes for slide
  • Cyberwar Update2010

    1. 1. Cyberwar update. 2010 <ul><li>Richard Stiennon </li></ul><ul><li>Chief Research Analyst </li></ul><ul><li>IT-Harvest </li></ul><ul><li>Blog: ThreatChaos.com </li></ul><ul><li>twitter.com/stiennon </li></ul>
    2. 2. <ul><li>Blog: www.ThreatChaos.com </li></ul><ul><li>twitter.com/cyberwar </li></ul>
    3. 3. Threat hierarchy <ul><li>Information Warfare </li></ul><ul><li>CyberCrime </li></ul><ul><li>Hactivism </li></ul><ul><li>Vandalism </li></ul><ul><li>Experimentation </li></ul>Increasing Threat
    4. 4. Threat hierarchy is a time line! <ul><li>Information Warfare </li></ul><ul><li>CyberCrime </li></ul><ul><li>Hactivism </li></ul><ul><li>Vandalism </li></ul><ul><li>Experimentation </li></ul>1998 1998 1998 1998 1999 2000 2004 2008
    5. 5. Sun Tzu on Spies “ Only a brilliant ruler or a wise general who can use the highly intelligent for espionage is sure of great success.”
    6. 6. Allen Dulles on Sun Tzu “ It is no wonder that Sun Tzu's Book is a favorite of Mao Tse-Tung and is required reading For Chinese Communist tacticians” -A.W. Dulles, The Craft of Intelligence
    7. 7. A Chinese Communist Tactician “ Sun Tzu is a grand strategist without parallel in history” - Chai Yuqui, Nanjing Army Command Academy, Speaking at 6 th annual international conference on Sun Tzu and the Art of War, 2004, Beijing
    8. 8. Chinese Thinking <ul><li>Wang Qingsong, Modern Military-Use High Technology, 1993 </li></ul><ul><li>Zhu Youwen, Feng Yi,and Xu Dechi, Information War Under High Tech Conditions1994 </li></ul><ul><li>Li Qingshan, New Military Revolution and High Tech War, 1995 </li></ul><ul><li>Wang Pufeng, InformationWarfare and the Revolution in Military Affairs, Beijing: 1995; </li></ul><ul><li>Zhu Xiaoli and Zhao Xiaozhuo, The United States and Russia in the New Military Revolution,1996; </li></ul><ul><li>Li Qingshan, New Military Revolution and High Tech War, 1995 </li></ul><ul><li>Dai Shenglong and Shen Fuzhen, Information Warfare and Information Security Strategy, 1996 </li></ul><ul><li>Shen Weiguang, On New War 1997 </li></ul>
    9. 9. From Decoding the Virtual Dragon -Timothy Thomas “ Network confrontation technology — intercepting, utilizing, corrupting, and damaging the enemy’s information and using false information, viruses, and other means to sabotage normal information system functions through computer networks.” -General Xu Xiaoyan, the former head of the Communications Department of the Chinese General Staff. 2004
    10. 10. A prediction “ If Xu’s suggestions were accepted, then one might expect to see more active reconnaissance and intelligence activities on the part of the PLA(as seems to be occurring!)” That exclamation point is Thomas’s.
    11. 11. Shawn Carpenter uncovers Titan Rain <ul><li>An IP address that was attacking Lockheed Martin is recognized </li></ul><ul><li>Open back door leads to next hop of investigation </li></ul><ul><li>Critical documents belonging to Army Research, Nasa, and others </li></ul><ul><li>First military CI, then FBI involvment </li></ul><ul><li>Shawn loses his job and all his leads go cold </li></ul>
    12. 12. Ghost Net Report – March 2009 <ul><li>1,200 computers including ministry and NATO machines </li></ul><ul><li>Looking for attribution </li></ul><ul><li>Attacks on the office of the Dalai Lama </li></ul><ul><li>Joint Strike Fighter Breach April 21, 2009 </li></ul>
    13. 13. Joint Strike Fighter
    14. 14. Dec. 17, 2009 - Drone transmissions in the clear Predator Beast of Kandahar
    15. 15. What is DDoS? <ul><li>Distributed Denial of Service attack: Disabling or destroying an online resource through overwhelming it via too many requests. </li></ul><ul><li>Ping floods </li></ul><ul><li>Get Floods </li></ul><ul><li>Syn Floods </li></ul>
    16. 16. Crowd sourcing applied to DDoS The Orange Revolution
    17. 17. Putin reacts Nashi summer camp ‘07
    18. 18. Estonia April 27th, 2009
    19. 19. Cyber Defcon 1 Georgia: August 8, 2008
    20. 20. Three related attacks, April 2008 <ul><li>CNN </li></ul><ul><li>The Sports Network </li></ul><ul><li>SlideShare </li></ul><ul><ul><li>Take down requests </li></ul></ul><ul><ul><li>5-10 password reset requests/day </li></ul></ul><ul><ul><li>Irate call </li></ul></ul><ul><ul><li>DDoS </li></ul></ul>
    21. 21. Twitter as tool of riot creation <ul><li>Post Iranian election Twitter was used to support virtual riots via DDoS </li></ul>
    22. 22. Twitter escalation Phase 1. Hacking instructions sites. Phase 2. Links to pagereload.com Phase 3. Links to a specially crafted site that opens 15 frames on pagereload.com
    23. 23. The good and the bad of social networks as attack vector Good: Hard to sustain Bad: Way too easy
    24. 24. Summer 2009 <ul><li>US Gov sites and S.Korean Sites </li></ul><ul><li>TCP SYN, UDP, ICMP, Get floods </li></ul><ul><li>Malicious dropper </li></ul><ul><li>200K bots </li></ul>banking.nonghyup.com blog.naver.com ebank.keb.co.kr ezbank.shinhan.com finance.yahoo.com mail.daum.net mail.naver.com mail.paran.com travel.state.gov www.ahnlab.com www.altools.co.kr www.amazon.com www.assembly.go.kr www.auction.co.kr www.chosun.com www.defenselink.mil www.dhs.gov www.dot.gov www.egov.go.kr www.faa.gov www.ftc.gov www.hanabank.com www.hannara.or.kr www.ibk.co.kr www.kbstar.com www.marketwatch.com www.mnd.go.kr www.mofat.go.kr www.nasdaq.com www.ncsc.go.kr www.nsa.gov www.nyse.com www.president.go.kr www.site-by-site.com www.state.gov www.usauctionslive.com www.usbank.com www.usfk.mil www.usps.gov www.ustreas.gov www.voa.gov www.voanews.com www.washingtonpost.com www.whitehouse.gov www.wooribank.com www.yahoo.com
    25. 25. CYXYMU falls afoul of pro-Russian activists. August 2009 <ul><li>FaceBook </li></ul><ul><li>Live Journal </li></ul><ul><li>Blogger.com </li></ul><ul><li>Twitter </li></ul>
    26. 26. Aurora: China vs Google <ul><li>January 12, 2010 Google reveals successful hack against their servers/data </li></ul><ul><li>34 other organizations included in same incident. Adobe, Lockheed Martin, and a law firm suing China. </li></ul><ul><li>Zero day flaw in Internet Explorer is the weapon </li></ul><ul><li>Spear phishing via IM is the delivery vehicle. </li></ul><ul><li>Shades of Haephrati, GhostNet, etc. </li></ul>
    27. 27. Parting thought: <ul><li>History teaches that war begins when governments believe the price of aggression is cheap. </li></ul><ul><li>-Ronald Reagan </li></ul>
    28. 28. Blog: www.threatchaos.com email: [email_address] Twitter: twitter.com/cyberwar

    ×