Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • The preceding case studies show a direct relationship between political conflicts and increased cyber attack activity. Further, they highlight that this malicious cyber activity can have concrete political and economic consequences. In the Israel/Palestinian conflict, following events such as car bombings and mortar shellings, there were increases in the number of cyber attacks. Subsequent to the April 1, 2001 mid-air collision between an American surveillance plane and a Chinese fighter aircraft, Chinese hacker groups immediately organized a massive and sustained week-long campaign of cyber attacks against American targets.
  • The cyberwar strategy relies on hacking, virus writing, electronic snooping and plenty of good old-fashioned human spying. Much disruption can be unleashed over the Internet, but attackers first need to pry open electronic gates to private and secure networks with well-placed insiders, or at least inside knowledge, before they can be effective. Source: Far Eastern Economic Review , Copyright (c) 2001, Dow Jones & Company, Inc., Thursday, August 16, 2001, Innovation, Cyberwar, Combat on The Web; Charles Bickers in Tokyo
  • ... a Hewlett Packard printer at the Navy's Space and Naval Warfare Systems Command Center (SPAWAR) in San Diego was reportedly reprogrammed to print out additional copies of all documents to a printer in Russia. Domain Name Service (DNS) attacks are ones we have not paid much attention to. The vulnerability at the local level is very high by a malicious insider. Lack of cyber diversity increases the chances of a simple but widely effective attack. Routing Vulnerabilities. Example - Possibly attacking the border gateway protocol (BGP) which routers use to made decisions about where to sent traffic on the Internet. This protocol is vulnerable to information poisoning that could corrupt routing tables. The result of this action would be a very effective Internet 'black hole' where large volumes of information header for destination all over the world would be lost.
  • California Independent System Operator Berkowitz source: Information Warfare: Time to Prepare Cooperation between the government and industry is essential to protecting the nation's information infrastructure.
  • Cyber-Terrorism

    1. 1. <ul><li>Cyberterrorism: The Bloodless War? </li></ul>
    2. 2. The threat of terrorist attacks against U.S. citizens and U.S. interests around the world has become the nation’s most pressing national security issue. … This aggression may include cyber attacks by the terrorists themselves or by targeted nation-states . “ The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.” This broad definition was created by Kevin G. Coleman of the Technolytics Institute. 
    3. 3. <ul><li>Even more likely are cyber attacks by sympathizers of the terrorists, hackers with general anti-US or anti-allied sentiments, or thrill-seekers with no particular political motivation. Cyber Attacks During the War on Terrorism: A Predictive Analysis </li></ul><ul><ul><li>Dartmouth Institute for Security Technology Studies </li></ul></ul>
    4. 4. What Do We Know? <ul><li>Cyber attacks immediately follow physical attacks </li></ul><ul><li>Cyber attacks are increasing in volume, sophistication, and coordination </li></ul><ul><li>Cyber attackers are attracted to high-value targets </li></ul><ul><li>Many, if not most, targets would probably be commercial computer and communications systems </li></ul>
    5. 5. Cyberwar Strategies <ul><li>The basic elements are: </li></ul><ul><ul><li>Hacking </li></ul></ul><ul><ul><li>Virus writing </li></ul></ul><ul><ul><li>Electronic snooping </li></ul></ul><ul><ul><li>Old-fashioned human spying </li></ul></ul><ul><li>Mass disruption can be unleashed over the internet, but </li></ul><ul><li>Attackers first must compromise private and secure networks </li></ul>
    6. 6. Info Warriors are not Scrip Kiddies <ul><li>Funded by foreign military organizations and terrorist groups </li></ul><ul><ul><li>Likely to have more people and deeper pockets </li></ul></ul><ul><li>Can devote more resources – people and time </li></ul><ul><ul><li>They can crack systems that might withstand casual assault </li></ul></ul><ul><li>Likely to be more experienced </li></ul><ul><ul><li>Will use more sophisticated tactics </li></ul></ul><ul><li>Serious IW attackers would not reveal their activities until it is absolutely necessary </li></ul>
    7. 7. Commercial Sector a Key Target <ul><li>Communication systems </li></ul><ul><ul><li>News organizations </li></ul></ul><ul><ul><li>Telephony suppliers </li></ul></ul><ul><li>Corporations </li></ul><ul><ul><li>Component suppliers (boots, food, radios, etc.) </li></ul></ul><ul><ul><li>Civilian consulting companies </li></ul></ul><ul><li>Financial institutions </li></ul><ul><ul><li>Government funds tied up in commercial banks </li></ul></ul><ul><li>Healthcare industry </li></ul><ul><ul><li>Pharmacies, hospitals, clinics </li></ul></ul><ul><ul><li>Drug companies (vaccines, antibiotics) </li></ul></ul>
    8. 8. But Companies Not the Only Targets <ul><li>Power grids </li></ul><ul><ul><li>For 11 days in Feb 2001, a development server at cal-ISO electricity exchange was left connected to the internet and was being quietly hacked </li></ul></ul><ul><li>Transportation systems </li></ul><ul><ul><li>“ A foreign adversary could significantly hinder U.S. Forces in reaching, say, the Persian gulf or Taiwan straits by attacking the computers at commercial harbor facilities used to ship ammunition or the air traffic control system that would be needed to support and airlift personnel and supplies” ( Bruce Berkowitz ) </li></ul></ul><ul><li>Water authorities </li></ul>
    9. 9. Why Use Cyber Warfare? <ul><li>Low barriers to entry – laptops cost a lot less than tanks </li></ul><ul><li>Complex societies are dependent on computers and networks </li></ul><ul><li>Computer disruption has economic, logistical, and emotional effect </li></ul><ul><li>Paralysis caused by computer outages levels the playing field for less-well-equipped countries </li></ul>
    10. 10. What Can We Do? <ul><li>Go on the defensive now </li></ul><ul><ul><li>Educate senior management on risks of cyberwarfare </li></ul></ul><ul><ul><li>Make infosec a top priority </li></ul></ul><ul><ul><li>Beef up your security technology </li></ul></ul><ul><ul><li>Insist on flawless execution: compliance to security standards in all areas </li></ul></ul><ul><li>Work with other companies, government agencies </li></ul><ul><ul><li>NIPC </li></ul></ul><ul><ul><li>IT ISAC </li></ul></ul><ul><ul><li>SAINT </li></ul></ul>
    11. 11. Some Specifics: Be Prepared <ul><li>Maintain high alert & vigilance </li></ul><ul><li>Update OS and applications regularly </li></ul><ul><li>Enforce strong passwords </li></ul><ul><li>“Lock down&quot; systems </li></ul><ul><li>Keep anti-virus software installed and up-to-date </li></ul><ul><li>Employ intrusion detection systems and firewalls </li></ul>
    12. 12. Questions?
    13. 13. <ul><li>Thank you ! </li></ul>