Salient Features of India constitution especially power and functions
Defense, Tech and Internet. The World Changed.
1. Defense, Tech and Internet. The World Changed.
Fernando Tricas Garcı́a
ftricas@unizar.es
Departamento de Informática e Ingenierı́a de Sistemas – Escuela de Ingenierı́a y
Arquitectura – Instituto de Investigación en Ingenierı́a de Aragón – Universidad de
Zaragoza
Zaragoza, 25 de abril de 2023
Defense, Tech and Internet. The World Changed.
2. About me
▶ Currently
▶ Ass. Professor at the University of Zaragoza (Dept. Computer
Science at the Escuela de Ingenierı́a y Arquitectura).
▶ Director of the Catedra Telefónica – Universidad de Zaragoza
de Ciberseguridad.
▶ Just before, ICT management at the University.
▶ Research topics (Instituto de Investigación en Ingenierı́a de
Aragón):
▶ Analysis and synthesis of well-behaved concurrent systems
usign formal methods.
▶ Social Network Analysis in Internet.
Defense, Tech and Internet. The World Changed.
5. STUXNET
2005 (Start of development?) – 2010 (Uncovered)
▶ Israel & USA (unacknowledged),
Operation Olympic Games.
▶ Attack against Iranian nuclear
facilities.
▶ Target: Supervisory Control And
Data Acquisition (SCADA).
▶ Programmable Logic Controllers
(PLC).
▶ Gas centrifuges, for separating
nuclear material.
https://en.wikipedia.org/wiki/Gas_centrifuge
Defense, Tech and Internet. The World Changed.
6. STUXNET
▶ They utilized four zero-day flaws.
▶ Remote Procedure Call (RPC) with no authenication (MS08-067)
▶ LNK/PIF vulnerability. (MS10-046)
▶ A Zero-day bug in the Print Spooler Service
▶ Elevation of privileges holes
▶ Windows machines and Siemens Step7 software.
▶ Collecting on industrial systems and causing the fast-spinning
centrifuges to tear themselves apart.
▶ It can copy files, observe computer screens and keystrokes,
remotely control computer functions ...
Defense, Tech and Internet. The World Changed.
7. STUXNET
Air gapped machines (offline)
▶ A rootkit, responsible for hiding all malicious files and
processes, to prevent detection.
▶ Introduced to the target environment via an infected USB
flash drive
▶ Unexpected commands to the PLC while returning a loop of
normal operation system values back to the users.
Defense, Tech and Internet. The World Changed.
8. STUXNET
Air gapped machines (offline)
▶ A rootkit, responsible for hiding all malicious files and
processes, to prevent detection.
▶ Introduced to the target environment via an infected USB
flash drive
▶ Unexpected commands to the PLC while returning a loop of
normal operation system values back to the users.
Later. . . https://web.archive.org/web/20120104215049/http:
//www.symantec.com/security_response/writeup.jsp?docid=2010-071400-3123-99
Defense, Tech and Internet. The World Changed.
10. When did the Ukraine war start?
Defense, Tech and Internet. The World Changed.
11. When did the Ukraine war start?
https://jsis.washington.edu/news/
cyberattack-critical-infrastructure-russia-ukrainian-power-grid-attacks/
Defense, Tech and Internet. The World Changed.
12. Cyberwarfare
▶ Hybrid warfare (conventional + cyber)
▶ Low-level conventional and special operations.
▶ Offensive cyber and space operations.
▶ Psycological operations (social and traditional media)
▶ From low-intensity to high-intensity depending on
circumstance.
▶ Strategy (General Nikolay Makarov)
▶ Disrupting adversary information systems, including by
introducing harmful software
▶ Defending our own communications and command systems
▶ Working on domestic and foreign public opinion using the
media, Internet and more.
Defense, Tech and Internet. The World Changed.
13. Some keywords
▶ False flag
▶ Concealability, deniability
▶ Governments as malware authors.
▶ Markets
▶ Zero-days. . .
attack or defense?
Defense, Tech and Internet. The World Changed.
16. Recommended reading
▶ Nicole Perlroth. ‘This Is How They Tell Me the World Ends:
The Cyber Weapons Arms’ (February 2021).
▶ Mikko Hypponen. ‘If It’s Smart, It’s Vulnerable’ (August 2,
2022)
More (classical) reading:
▶ Ken Thompson, ‘Reflections on Trusting Trust.’ Turing Award
Lecture. 1984.
https://users.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
▶ Dan Geer. ‘Shared Risk at National Scale.’
https://web.stanford.edu/class/msande91si/www-spr04/slides/geer.pdf
Defense, Tech and Internet. The World Changed.