Adapting To The Age Of Anonymous

•Download as PPTX, PDF•

1 like•908 views

Joshua Corman gave a presentation about adapting to Anonymous in the age of chaotic actors. He began by providing background on himself and his research interests. He then discussed understanding Anonymous by deconstructing it and looking at its rise, different sects, and levels of involvement. Corman addressed adapting to Anonymous by looking at escalation risks and the need for improved security strategies. He concluded by discussing the possibility of building a better version of Anonymous that is focused on positive goals.

Technology Health & Medicine

Adapting to the Age of Anonymous
SOURCE Barcelona - November 17, 2011
Joshua Corman
Director of Security Intelligence
@joshcorman
http://cognitivedissidents.wordpress.com/

©2011 Akamai

About Joshua Corman
Director of Security Intelligence for Akamai Technologies
•Former Research Director, Enterprise Security [The 451 Group]
•Former Principal Security Strategist [IBM ISS]

Industry Experience
•Expert Faculty: The Institute for Applied Network Security (IANS)
•2009 NetworkWorld Top 10 Tech People to Know
•Co-Founder of “Rugged Software” www.ruggedsoftware.org

Things I’ve been researching
•Compliance vs Security
•Disruptive Security for Disruptive Innovations
•Chaotic Actors
•Espionage
•Security Metrics

2 ©2011 Akamai

Agenda

• Understanding Anonymous in under 7 minutes

• Deconstructing Anonymous

• Adapting to Anonymous

• Building a Better Anonymous?

©2011 Akamai

Understanding Anonymous:
The Rise of the Chaotic Actor

Joshua Corman
@joshcorman
Director of Security Intelligence
Akamai Technologies

2011 FlashTalks powered by PechaKucha

©2011 Akamai

Paradox Slide/Deliberate Disinformation

©2011 Akamai

http://www.csoonline.com/article/682511/the-rise-of-the-chaotic-actor-understanding-anonymous-and-ourselves
©2011 Akamai

Some men just want to see the world burn…

9 ©2011 Akamai

Lots & Lots of Anonymous Sects

10 ©2011 Akamai

Your Headline Here (in Title Caps)

11 ©2011 Akamai

You Choose Your Own Level of Involvement

12 ©2011 Akamai

Anonymous* Unmasked? [*Alleged]

©2011 Akamai

You Choose Your Own Level of Involvement

14 ©2011 Akamai

You Choose Your Own Level of Involvement

15 ©2011 Akamai

False Flags: Adaptive Persistent Adversaries

“Anonymous is God’s gift to the Chinese” – CISO

©2011 Akamai

Cyber-Neo-McCarthyism

I am not now…
…nor have I ever
been…
…a member of
Anonymous.
©2011 Akamai

Building a Better Anonymous…

20 ©2011 Akamai

Building a Better Anonymous…

21 ©2011 Akamai

The easy answers Suggested Background

©2011 Akamai

Joshua Corman
@joshcorman

23 ©2011 Akamai

PANEL: Whoever Fights Monsters…

©2011 Akamai

Operation Payback
(Anonymous Takes Center Stage)

August-December 2010
Initial Targets
• MPAA
• RIAA
• Intellectual Property Offices
In December, switched to WikiLeaks “defense”
• Financial services: PayPal, Mastercard, Visa
• Public personas: Lieberman, Palin
• Others: Lawyers, security researchers
Stats:
• 1k-3k attackers in IRC
• 1500 copies of LOIC in Hivemind (# in IRC/2)
• 1.5 Gbps peak attack traffic (# in IRC/2)
• 750 Mbps sustained traffic (# in IRC/4)

©2011 Akamai

False Cover: Criminal and State Actors

“Anonymous is God’s gift to the Chinese” – CISO

©2011 Akamai

DDoS is Legion

74% of surveyed
companies experienced
one or more DDoS attacks
in the past year, 31% of
these attacks resulting in
service disruption.1

1 Forrester Research

©2011 Akamai

Some of my data

600
• Typical Attack Size: 3-10 Gbps
500
• Large Attack Size: 100-200 Gbps
400

Number of Attacks
• Attacks are originating from all geographies
and are moving between geographies
300
during the attack

200

100

0
2009 2010 2011

©2011 Akamai

July 4th – 7th 2009 DDoS Attack
400,000 Korean Bots Attack Key U.S. Government Web Sites

Times Above
Agency – PROTECTED Peak Traffic Normal Traffic
U.S. Government Customer 1 124 Gbps 598x
U.S. Government Customer 2 32 Gbps 369x
U.S. Government Customer 3 9 Gbps 39x
U.S. Government Customer 4 9 Gbps 19x
U.S. Government Customer 5 2 Gbps 9x
U.S. Government Customer 6 1.9 Gbps 6x
New U.S. Government Customer 0.7 Gbps SITE DOWN
before Akamai

©2011 Akamai

Thank You!
Barcelona, November 17, 2011
Joshua Corman
@joshcorman
http://cognitivedissidents.wordpress.com/

©2011 Akamai

Matt Johansen, White Hat - Online advertising networks can be a web hacker’s best friend. For mere pennies per thousand impressions (that means browsers) there are service providers who allow you to broadly distribute arbitrary javascript -- even malicious javascript! You are SUPPOSED to use this “feature” to show ads, to track users, and get clicks, but that doesn’t mean you have to abide. Absolutely nothing prevents spending $10, $100, or more to create a massive javascript-driven browser botnet instantly. The real-world power is spooky cool. We know, because we tested it… in-the-wild.

iBanking - a botnet on Android

Source Conference

Stephen Doherty, Symantec - iBanking is a relative newcomer to the mobile malware scene whose use was first identified in August of 2013. The Trojan targets Android devices and can be remotely controlled over SMS and HTTP. iBanking began life as a simple SMS stealer and call redirector, but has undergone significant development since then. iBanking is available for purchase on a private underground forum for between $4k - $5k, with the next release expected to include a 0-day exploit for the Android operating system. This presentation will discuss iBanking - it's capabilities and the reasons for targeting mobile devices.

I want the next generation web here SPDY QUIC

Source Conference

Matt Summers, NCC Group - Web technology has changed a lot in the last 25 years but the underlying transport mechanism has stayed the same. The web we have today was not designed for the plethora of new device types and communication methods but things are changing and you probably don’t even know it. You probably don’t even notice the problem because it is so ingrained. In this presentation we are going to delve into the problems with the web and how we use it today. We will also take an in depth look at the proposed solutions for the next generation web and the implications that come with it.

From DNA Sequence Variation to .NET Bits and Bobs

Source Conference

Mathieu Letourneau, Andrei Saygo, Eoin Ward, Microsoft This talk will present our research project on .Net file clustering based on their respective basic blocks and the parallel that can be made with DNA sequence variation analysis. We implemented a system that extracts the basic blocks on each file and creates clusters based on them. We also developed an IDA plugin to make use of that data and speed up our analysis of .Net files. Andrei Saygo, Eoin Ward and Mathieu Letourneau all work as Anti-Malware Security Engineers in the AM Scan team of Microsoft’s Product Release & Security Services group in Dublin, Ireland.

Extracting Forensic Information From Zeus Derivatives

Source Conference

How to Like Social Media Network Security

Source Conference

Brian Honan, IRISSCERT Social media networks provide individuals and businesses with exciting opportunities to communicate and collaborate with others throughout the world. But with these opportunities come a number of security challenges and risks. This talk will outline how social media networks can pose various threats to businesses, from information leakage, reputational damage, to social engineering profiling, and vectors for enabling compromise of corporate systems. Social media networks also enable the rapid dissemination of news which in the event of an information security breach could either save or destroy an organisations reputation. Understanding and dealing with these challenges will enable companies to like and favourite social media networks in a secure way. Brian Honan is an independent security consultant based in Dublin, Ireland, and is the founder and head of IRISSCERT, Ireland's first CERT. He is a Special Advisor to Europol's Cybercrime Centre (EC3), an adjunct lecturer on Information Security in University College Dublin. He is the author of the book "ISO 27001 in a Windows Environment" and co-author of "The Cloud Security Rules", and regularly speaks at major industry conferences. In 2013 Brian was awarded SC Magazine's Information Security Person of the year for his contribution to the computer security industry.

Wfuzz para Penetration Testers

Source Conference

Security Goodness with Ruby on Rails

Source Conference

Securty Testing For RESTful Applications

Source Conference

Esteganografia

Source Conference

Men in the Server Meet the Man in the Browser

Source Conference

Advanced Data Exfiltration The Way Q Would Have Done It

Source Conference

Are Agile And Secure Development Mutually Exclusive?

Source Conference

Advanced (persistent) binary planting

Source Conference

Similar to Adapting To The Age Of Anonymous

Corman Anonymous Csa Chicago 20120712

elizmmartin

Hacking Google Chrome OS

kosborn

Accessibility of Hacker Tools and the Use of Behavioral Analytics

Tony Gambacorta

Managing content in_a_mobile_worldQuestexConf

20110903 candycaneYusuke Ando

Clobbering the Cloud

SensePost

Metricon5 powell - ddos analytics

Ton Hoang

Emerging Threats and Attack Surfaces

Peter Wood

Similar to Adapting To The Age Of Anonymous (8)

Corman Anonymous Csa Chicago 20120712

Hacking Google Chrome OS

Accessibility of Hacker Tools and the Use of Behavioral Analytics

Managing content in_a_mobile_world

20110903 candycane

Clobbering the Cloud

Metricon5 powell - ddos analytics

Emerging Threats and Attack Surfaces

Recently uploaded

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

When stars align: studies in data quality, knowledge graphs, and machine lear...

Elena Simperl

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

Generating a custom Ruby SDK for your web service or Rails API using Smithy

g2nightmarescribd

Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.

Recently uploaded (20)

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Monitoring Java Application Security with JDK Tools and JFR Events

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

The Art of the Pitch: WordPress Relationships and Sales

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Elevating Tactical DDD Patterns Through Object Calisthenics

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

When stars align: studies in data quality, knowledge graphs, and machine lear...

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Leading Change strategies and insights for effective change management pdf 1.pdf

Epistemic Interaction - tuning interfaces to provide information for AI support

Neuro-symbolic is not enough, we need neuro-*semantic*

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

UiPath Test Automation using UiPath Test Suite series, part 3

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Generating a custom Ruby SDK for your web service or Rails API using Smithy

Adapting To The Age Of Anonymous

2. About Joshua Corman Director of Security Intelligence for Akamai Technologies •Former Research Director, Enterprise Security [The 451 Group] •Former Principal Security Strategist [IBM ISS] Industry Experience •Expert Faculty: The Institute for Applied Network Security (IANS) •2009 NetworkWorld Top 10 Tech People to Know •Co-Founder of “Rugged Software” www.ruggedsoftware.org Things I’ve been researching •Compliance vs Security •Disruptive Security for Disruptive Innovations •Chaotic Actors •Espionage •Security Metrics 2 ©2011 Akamai

30. Operation Payback (Anonymous Takes Center Stage) August-December 2010 Initial Targets • MPAA • RIAA • Intellectual Property Offices In December, switched to WikiLeaks “defense” • Financial services: PayPal, Mastercard, Visa • Public personas: Lieberman, Palin • Others: Lawyers, security researchers Stats: • 1k-3k attackers in IRC • 1500 copies of LOIC in Hivemind (# in IRC/2) • 1.5 Gbps peak attack traffic (# in IRC/2) • 750 Mbps sustained traffic (# in IRC/4) ©2011 Akamai

50. Some of my data 600 • Typical Attack Size: 3-10 Gbps 500 • Large Attack Size: 100-200 Gbps 400 Number of Attacks • Attacks are originating from all geographies and are moving between geographies 300 during the attack 200 100 0 2009 2010 2011 ©2011 Akamai

51. July 4th – 7th 2009 DDoS Attack 400,000 Korean Bots Attack Key U.S. Government Web Sites Times Above Agency – PROTECTED Peak Traffic Normal Traffic U.S. Government Customer 1 124 Gbps 598x U.S. Government Customer 2 32 Gbps 369x U.S. Government Customer 3 9 Gbps 39x U.S. Government Customer 4 9 Gbps 19x U.S. Government Customer 5 2 Gbps 9x U.S. Government Customer 6 1.9 Gbps 6x New U.S. Government Customer 0.7 Gbps SITE DOWN before Akamai ©2011 Akamai

Editor's Notes

Rorschach Test: http://en.wikipedia.org/wiki/Rorschach_testWe see in Anonymous what we WANT to see.. We project. Our perceptions say more about us than they do about the multitude of subgroups/causes in Anonymous.
There isn’t AN anonymous either… there are dozens.It is more of a franchise than an Organization.
http://www.csoonline.com/article/682511/the-rise-of-the-chaotic-actor-understanding-anonymous-and-ourselves
Family Tree IMG SOURCE: http://2.bp.blogspot.com/-XS0av6GQlIE/TheLlBBprTI/AAAAAAAAAIU/f6aABTtPyVE/s1600/tree.jpg
Operation Payback – LOIC-ers
IMG Source: http://eandres.glogster.com/Whitchhunt-/
IMG SOURCE: http://www.toonpool.com/cartoons/Leviathan_41513#img9Two logical outcomes…A Hobbes-ian Leviathan will rise… to police the brand – borne of necessity and convenienceThe Brand will be contaminated and the MoralAnons will fleeThis is Social Contract Theory 101 stuff…Hobbes: The State of Nature is a State of War…Locke: The State of Nature is a State of Inconvenience…
IMG SOURCE: http://www.toonpool.com/cartoons/Leviathan_41513#img9Two logical outcomes…A Hobbes-ian Leviathan will rise… to police the brand – borne of necessity and convenienceThe Brand will be contaminated and the MoralAnons will fleeThis is Social Contract Theory 101 stuff…Hobbes: The State of Nature is a State of War…Locke: The State of Nature is a State of Inconvenience…

Adapting To The Age Of Anonymous

Recommended

Recommended

More Related Content

Similar to Adapting To The Age Of Anonymous

Similar to Adapting To The Age Of Anonymous (8)

More from Source Conference

More from Source Conference (20)

Recently uploaded

Recently uploaded (20)

Adapting To The Age Of Anonymous

Editor's Notes