It has been estimated that the global earnings of Cyber Criminals will equal or exceed the GDP of the UK sometime in the 2022/23 window. If this was the capability of a country they would be joining the G8! Clearly, we are losing the Cyber War hands down, and the time has long passed when we might ignore the threat scenarios surrounding us.
In this lecture we examine global networks from home and office through the ‘last mile,’ and on to national and international networks to identify the key vulnerabilities and points of potential ingress. We identify the cyber risks as escalating as we approach the periphery of all forms of network. For the most part, the core/carrier networks are virtually unassailable physically as they are dominated by terrestrial and undersea optical fibre cables.
Throughout the ‘carrier’ network levels the difficulty of physical interception, encryption, routing, and path diversity employed renders them secure in the extreme. Attackers, therefore, tend to focus on the exploitation of people, devices, services, home, and office appliances, and latterly, a poorly engineered IoT.
In reality, we are expanding the attack surface of the planet exponentially without due caution or care in the most exposed sectors and locations. And so, we explore potential tech and operational solutions for the future.
NOTE: This lecture is one of a series that has examined technology design and deployment, devices and the IoT, people fallibility, deviousness, internal and external threats.
In class; RED and BLUE Team Exercises have also been conducted in support of the complete Cyber Security Package to date.
In this lecture is the final session of an extensive wireless course delivered over several weeks at the University of Suffolk. So, by way of ‘rounding-off’ the series, we chart the progression of wireless/radio communication from the first spark transmitters through Carrier -Wave Morse, AM, FM, DSSC, SSB to digital systems along with the use of LW, MW, SW, VHF, UHF and Microwaves. Whilst we focus on Electro-Magnetic-Waves from 30kHz through 300GHz, we also mention optical, ultrasonic, and chemical communication as additional modes.
Our examinations detail the distinct genetic trails of 1, 2, 3G, and 4, 5G, the approximate development cycles/timeline along with distinctive changes in design thinking. We then postulate that 6 and 7G are likely to form a new line of development with 6G probably realised without any towers or any conventional cellular structure. In this context we also point out that there are no digital radios today, only traditional analogue designs with ‘strap-on-modems’ at the transmitter and receiver. Perhaps more radically, we suggest that it is time to adapt fully digital designs that allow for the eradication of the established bands and channels mode of operation.
We also chart the energy hungry progression of systems from 1 through 5G where tower installations are now consuming in excess of 10kW due to the extensive signal processing employed. This immediately debunks any notion of another step in the direction of more bandwidth, lower latency, greater coverage with >20x more towers (than 4G) and >250Bn power hungry smart devices. In short: we propose that 5G is the last of the line and the realisation of 6G demands new thinking and new modes that lead us away from W and mW to µW and nW wireless designs.
Whilst most of the technology required for 6G is available up to 300GHz, there remains one big channel in respect of the growing number of antennas per device and platform. Even for 3 - 5G + WiFi + BlueTooth space is at a premium in mobile devices and fractal antennas have not lived up to their promise too integrate all of these into one wideband structure. However, at 100GHz and above, antennas/dipoles become less than chip size and can see 10s included as phased arrays. But this all needs further work!
Throughout this lecture, we provide examples, demonstrations, and mind-experiments to support our assertions.
"Demystifying a world of the weird and unexpected"
In just over 100 years our understanding of reality, nature, and the world about us has transited from the simple, linear and causal, to the complex, non-linear, and confounding. As a species, we now understand something of the scale of the problems we face and the limitations of our innate abilities. In addition, our mathematical and digital computing frameworks do not scale to match the challenges of climate change, global warming, or the economics of sustainability.
‘Quantum Computing is analogue/probabilistic and not digital’
The stark reality is; We will never understand the human brain, the true nature of cancer, chemistry, biology, life, and the complexities of the environment using today’s tools. Building bigger and better digital computers does not scale to meet these challenges, and is untenable in the longer term! For sure, AI can help us formulate new enlightenments, but it still isn’t enough. We occupy a quantum universe that cannot be decoded and understood by us or our linear machines, no matter how many or how big! A Quantum universe demands Quantum Computers to realize deep understandings.
‘Quantum Computers will not replace our digital computers
In this multi-media talk we open the ‘quantum kimono of reality’ to explain the what, how, and when, of Quantum Machines and the implications for the future.
The past 25 years have seen a move toward the convergence of telephone and computer onto a single network. Whilst the telephone network enjoyed a unique and isolated development (and growth) of dedicated circuit switching for near 200 years, computing more naturally ventured into ethernet (packet switching) and on to the internet in just 55years.
So different are these networking concepts that it was originally thought they could never converge. But as the internet grew to outgun the old fixed telephone network and new mobile working, it became economically and technologically clear that convergence (VOIP) was possible and most likely would be transformational.
Having ‘fixed’ the conundrum of real-time communication using uncontrolled packets that introduce variable latency, a new ‘monster’ reared - cybersecurity! Telephone and mobile nets never suffered ‘hacker attacks’ to the same degree as the PC dominated world and so new provisions had to be made. These came in the form of end-to-end packet encryption and layered link encryption with constraints on the number of end-to-end and node-to-node hops.
Today, telephone calls mostly pass through a portion of the internet, PN, PVN, with a shrinking number still originating and terminating at old analog and digital local loops with circuit switches. By and large, the core network is ‘super secure’ and it is in the new digital and old analogue periphery where the major risks reside. Within the next decade the full transformation to all-digital, packet switching, should be complete.
As per the internet; people, insider, malware, Denial of Service (DoS and DDoS) and other forms of attack persist, but the defences developed to combat these are formidable. In this lecture we address the attack scenarios and the defences to date and highlight some of the lesser-known/advertised approaches of both the defenders and the attackers.
We are engaged in a war the like of which we have never seen or experienced before. Our enemies are invisible and relentless; with globally dispersed forces working at all levels and in all sectors of our societies. They are better organised, resourced, motivated, and adaptive than any of our organisations or institutions, and they are winning. This war is also one of paradox!
“The cost to many nations is now on a par with their GDP”
“No previous war has seen so many suffer so much to (almost) never retaliate”
“We are up against attackers who operate as a virtual (ghost-like) guerrilla army”
“No state can defend its population and organisations, and they stand alone - isolated and exposed”
“A real army/defence force would rehearse and play all day and very occasionally engage in warfare. We, on the other hand, are at war every day but never play, war-game, or anticipate new forms of attack”
To turn this situation around we need to understand our enemies and adopt their tactics and tools as a part of our defence strategy. We also have to be united, and organised so the no one, and no organisation, stands alone. We also have to engage in sharing attack data, experiences and solutions.
All this has to be supported by wargaming, and anticipatory solutions creation.
The good news is; we have better, and more, people, machines, networks, facilities, and expertise than our enemies. All it requires is the embracing of advanced R&D, leadership, sharing, and orchestration on a global scale.
Industries 1.0, 2.0 (and most of) 3.0, saw manufacturing and construction using natural materials readily extracted, refined, amalgamated, machined, and molded. In general, these exhibited fixed mechanical, electrical, and chemical properties. However, the latter stages of Industry 3.0 embraced synthetics exhibiting superior properties to afford new degrees of freedom in the design of structures and products.
Today Industry 4.0 sees further advances with metamaterials, dynamic coatings, controllable properties, and additive manufacturing. Embedded smarts have also made communication between components, products and structures possible under the guise of the IoT. Adaptable materials with a degree of self-repair are also opening the door to further freedoms and less material use. In combination, these represent a big step toward sustainable societies with highly efficient ReUse, RePurposing, and Recycling (3R).
At the leading edge, we are now realising active surfaces that can reflect, absorb, or amplify wireless signals, offer programmable colour, and integral energy storage. But amongst a growing list of possibilities, it is integral sensing & communication that may define this new era. In this presentation, we look at these advances in the context of smart design, cities & societies.
For millennia we have crafted artifacts from bulk materials that we have progressively refined to produce ever more precision tools and products. Latterly, we have crossed a critical threshold where our abilities now eclipse Mother Nature. For example; the smallest transistors in production today have feature sizes down to 2nm which is smaller than a biological virus ~20 - 200nm. The implications for ITC, AI, Robotics, and Production are ever more profound as we approach, and most likely undercut, the scale of the atom ~ 0.1-0.4nm. Not only does this open the door to new technologies, it sees new and remarkable capabilities. So, in this presentation we look at this new Tech Horizon spanning robotics to quantum computing and sensory technologies, and how they will help us realise sustainable futures germane to Industry 4.0, 5.0, and beyond.
Throughout our education and life we are mostly given a ‘soda-straw’ view of Maths, Physics, Chemistry, Biology, HealthCare, Business and Commerce that conditions us to ‘one concept at a time’ thinking. This is rife in Government and Politics, Industry and Health, and it has been extremely powerful in a now past slow paced and disconnected world. In fact, the speciation of disciplines, topics and problems has largely been responsible for the acceleration and prominence of human progress.
However; in a connected/networked, highly mobile, and tech driven world this simple and narrow minded view is insufficient and dangerous. In common parlance we refer to ‘unintended consequences’ whilst in complex system theory would use the term ‘emergent behaviours’. In brief; education, health, crime, productivity, GDP creation, social cohesion and stability cannot be considered independent variables/properties. They are all related and interdependent. For example; when politicians decide to starve the education system of funds for very young children the impact shows up in health, crime and the economy some 10 - 30 years later!
By analogy; all of this is true of our technologies, industries, lives, and the prospect of sustainable societies. Robots, AI, AL, and Quantum Computing do not stand alone in isolation, they have complementary roles. In this Public Lecture we devote an hour to thinking more holistically what these technologies bring to the party in the context of industry, health, society, sustainable societies and global warming. We then devote a further hour to discussion and debate.
In the context of Global Warming we make the following overriding observations:
“Panic is a poor substitute for thinking”
“Tech is the only exponential capability we enjoy”
“Technology is never a threat, but humans always are”
“Uncertainty always prescribes the precautionary principle”
From the begging of the industrial revolution, we have built systems and machines on the basis that people will just have to learn about the interface and adjust accordingly. And so the skill of the individual craftsman was overtaken and subverted by the expertise of the ‘operator,’ production line, and mass production enabling us all to do more-and-more with less-and-less, to raise living standards, the health and wealth of individuals and nations.
In effect, we bent humanity into technology to meet the specific needs (and will) of the machines, but to the greater benefit of humanity! But now we stand at the cusp of a new era with AI and Robotics are able to adapt to our individual and most specific needs. That is: machines bend to meet our needs; to empower us as individuals and organisations to do and achieve ever more.
But their remains one last bastion of inconvenience centered on ID and security - often referred to as ‘Password Hell’. We are all awash with multiple Cards, Licences, Visas, Passports, Badges, Codes, PINs, Passwords, User Names, IDs, Log-On, Log-In, Entry, and Exit Protocols! And so it is time to get all of this out of the domain of the human and into the realm of our machines! Today we are in the process of migrating from a nightmare past of our own design, into a biometric world where machines will recognise us and grant us access automatically. And at the fringe some young populations are already being chipped exactly in the same way our pets have been chipped for the past decades.
Apart from the obvious advantage of not having to carry any money or ID of any kind, there is the assurance of extra safety, security and health support wherever we happen to be. It is not available right now, but beyond an ID Chip, we can easily embed, or provide links to, our medical record into the same technology. We, and not just our devices and possessions, also become a part of the IoT!
Of course, for many, they see the threat of a looming dystopian future aka Hollywood! But this will be a choice between convenience and greater security versus what we have today - but that choice has to remain ours! In this presentation we look at the widening spectrum of technologies available and the need to concatenate widely different techniques to exceed the accuracy of DNA and other human/biological parameters
In this lecture is the final session of an extensive wireless course delivered over several weeks at the University of Suffolk. So, by way of ‘rounding-off’ the series, we chart the progression of wireless/radio communication from the first spark transmitters through Carrier -Wave Morse, AM, FM, DSSC, SSB to digital systems along with the use of LW, MW, SW, VHF, UHF and Microwaves. Whilst we focus on Electro-Magnetic-Waves from 30kHz through 300GHz, we also mention optical, ultrasonic, and chemical communication as additional modes.
Our examinations detail the distinct genetic trails of 1, 2, 3G, and 4, 5G, the approximate development cycles/timeline along with distinctive changes in design thinking. We then postulate that 6 and 7G are likely to form a new line of development with 6G probably realised without any towers or any conventional cellular structure. In this context we also point out that there are no digital radios today, only traditional analogue designs with ‘strap-on-modems’ at the transmitter and receiver. Perhaps more radically, we suggest that it is time to adapt fully digital designs that allow for the eradication of the established bands and channels mode of operation.
We also chart the energy hungry progression of systems from 1 through 5G where tower installations are now consuming in excess of 10kW due to the extensive signal processing employed. This immediately debunks any notion of another step in the direction of more bandwidth, lower latency, greater coverage with >20x more towers (than 4G) and >250Bn power hungry smart devices. In short: we propose that 5G is the last of the line and the realisation of 6G demands new thinking and new modes that lead us away from W and mW to µW and nW wireless designs.
Whilst most of the technology required for 6G is available up to 300GHz, there remains one big channel in respect of the growing number of antennas per device and platform. Even for 3 - 5G + WiFi + BlueTooth space is at a premium in mobile devices and fractal antennas have not lived up to their promise too integrate all of these into one wideband structure. However, at 100GHz and above, antennas/dipoles become less than chip size and can see 10s included as phased arrays. But this all needs further work!
Throughout this lecture, we provide examples, demonstrations, and mind-experiments to support our assertions.
"Demystifying a world of the weird and unexpected"
In just over 100 years our understanding of reality, nature, and the world about us has transited from the simple, linear and causal, to the complex, non-linear, and confounding. As a species, we now understand something of the scale of the problems we face and the limitations of our innate abilities. In addition, our mathematical and digital computing frameworks do not scale to match the challenges of climate change, global warming, or the economics of sustainability.
‘Quantum Computing is analogue/probabilistic and not digital’
The stark reality is; We will never understand the human brain, the true nature of cancer, chemistry, biology, life, and the complexities of the environment using today’s tools. Building bigger and better digital computers does not scale to meet these challenges, and is untenable in the longer term! For sure, AI can help us formulate new enlightenments, but it still isn’t enough. We occupy a quantum universe that cannot be decoded and understood by us or our linear machines, no matter how many or how big! A Quantum universe demands Quantum Computers to realize deep understandings.
‘Quantum Computers will not replace our digital computers
In this multi-media talk we open the ‘quantum kimono of reality’ to explain the what, how, and when, of Quantum Machines and the implications for the future.
The past 25 years have seen a move toward the convergence of telephone and computer onto a single network. Whilst the telephone network enjoyed a unique and isolated development (and growth) of dedicated circuit switching for near 200 years, computing more naturally ventured into ethernet (packet switching) and on to the internet in just 55years.
So different are these networking concepts that it was originally thought they could never converge. But as the internet grew to outgun the old fixed telephone network and new mobile working, it became economically and technologically clear that convergence (VOIP) was possible and most likely would be transformational.
Having ‘fixed’ the conundrum of real-time communication using uncontrolled packets that introduce variable latency, a new ‘monster’ reared - cybersecurity! Telephone and mobile nets never suffered ‘hacker attacks’ to the same degree as the PC dominated world and so new provisions had to be made. These came in the form of end-to-end packet encryption and layered link encryption with constraints on the number of end-to-end and node-to-node hops.
Today, telephone calls mostly pass through a portion of the internet, PN, PVN, with a shrinking number still originating and terminating at old analog and digital local loops with circuit switches. By and large, the core network is ‘super secure’ and it is in the new digital and old analogue periphery where the major risks reside. Within the next decade the full transformation to all-digital, packet switching, should be complete.
As per the internet; people, insider, malware, Denial of Service (DoS and DDoS) and other forms of attack persist, but the defences developed to combat these are formidable. In this lecture we address the attack scenarios and the defences to date and highlight some of the lesser-known/advertised approaches of both the defenders and the attackers.
We are engaged in a war the like of which we have never seen or experienced before. Our enemies are invisible and relentless; with globally dispersed forces working at all levels and in all sectors of our societies. They are better organised, resourced, motivated, and adaptive than any of our organisations or institutions, and they are winning. This war is also one of paradox!
“The cost to many nations is now on a par with their GDP”
“No previous war has seen so many suffer so much to (almost) never retaliate”
“We are up against attackers who operate as a virtual (ghost-like) guerrilla army”
“No state can defend its population and organisations, and they stand alone - isolated and exposed”
“A real army/defence force would rehearse and play all day and very occasionally engage in warfare. We, on the other hand, are at war every day but never play, war-game, or anticipate new forms of attack”
To turn this situation around we need to understand our enemies and adopt their tactics and tools as a part of our defence strategy. We also have to be united, and organised so the no one, and no organisation, stands alone. We also have to engage in sharing attack data, experiences and solutions.
All this has to be supported by wargaming, and anticipatory solutions creation.
The good news is; we have better, and more, people, machines, networks, facilities, and expertise than our enemies. All it requires is the embracing of advanced R&D, leadership, sharing, and orchestration on a global scale.
Industries 1.0, 2.0 (and most of) 3.0, saw manufacturing and construction using natural materials readily extracted, refined, amalgamated, machined, and molded. In general, these exhibited fixed mechanical, electrical, and chemical properties. However, the latter stages of Industry 3.0 embraced synthetics exhibiting superior properties to afford new degrees of freedom in the design of structures and products.
Today Industry 4.0 sees further advances with metamaterials, dynamic coatings, controllable properties, and additive manufacturing. Embedded smarts have also made communication between components, products and structures possible under the guise of the IoT. Adaptable materials with a degree of self-repair are also opening the door to further freedoms and less material use. In combination, these represent a big step toward sustainable societies with highly efficient ReUse, RePurposing, and Recycling (3R).
At the leading edge, we are now realising active surfaces that can reflect, absorb, or amplify wireless signals, offer programmable colour, and integral energy storage. But amongst a growing list of possibilities, it is integral sensing & communication that may define this new era. In this presentation, we look at these advances in the context of smart design, cities & societies.
For millennia we have crafted artifacts from bulk materials that we have progressively refined to produce ever more precision tools and products. Latterly, we have crossed a critical threshold where our abilities now eclipse Mother Nature. For example; the smallest transistors in production today have feature sizes down to 2nm which is smaller than a biological virus ~20 - 200nm. The implications for ITC, AI, Robotics, and Production are ever more profound as we approach, and most likely undercut, the scale of the atom ~ 0.1-0.4nm. Not only does this open the door to new technologies, it sees new and remarkable capabilities. So, in this presentation we look at this new Tech Horizon spanning robotics to quantum computing and sensory technologies, and how they will help us realise sustainable futures germane to Industry 4.0, 5.0, and beyond.
Throughout our education and life we are mostly given a ‘soda-straw’ view of Maths, Physics, Chemistry, Biology, HealthCare, Business and Commerce that conditions us to ‘one concept at a time’ thinking. This is rife in Government and Politics, Industry and Health, and it has been extremely powerful in a now past slow paced and disconnected world. In fact, the speciation of disciplines, topics and problems has largely been responsible for the acceleration and prominence of human progress.
However; in a connected/networked, highly mobile, and tech driven world this simple and narrow minded view is insufficient and dangerous. In common parlance we refer to ‘unintended consequences’ whilst in complex system theory would use the term ‘emergent behaviours’. In brief; education, health, crime, productivity, GDP creation, social cohesion and stability cannot be considered independent variables/properties. They are all related and interdependent. For example; when politicians decide to starve the education system of funds for very young children the impact shows up in health, crime and the economy some 10 - 30 years later!
By analogy; all of this is true of our technologies, industries, lives, and the prospect of sustainable societies. Robots, AI, AL, and Quantum Computing do not stand alone in isolation, they have complementary roles. In this Public Lecture we devote an hour to thinking more holistically what these technologies bring to the party in the context of industry, health, society, sustainable societies and global warming. We then devote a further hour to discussion and debate.
In the context of Global Warming we make the following overriding observations:
“Panic is a poor substitute for thinking”
“Tech is the only exponential capability we enjoy”
“Technology is never a threat, but humans always are”
“Uncertainty always prescribes the precautionary principle”
From the begging of the industrial revolution, we have built systems and machines on the basis that people will just have to learn about the interface and adjust accordingly. And so the skill of the individual craftsman was overtaken and subverted by the expertise of the ‘operator,’ production line, and mass production enabling us all to do more-and-more with less-and-less, to raise living standards, the health and wealth of individuals and nations.
In effect, we bent humanity into technology to meet the specific needs (and will) of the machines, but to the greater benefit of humanity! But now we stand at the cusp of a new era with AI and Robotics are able to adapt to our individual and most specific needs. That is: machines bend to meet our needs; to empower us as individuals and organisations to do and achieve ever more.
But their remains one last bastion of inconvenience centered on ID and security - often referred to as ‘Password Hell’. We are all awash with multiple Cards, Licences, Visas, Passports, Badges, Codes, PINs, Passwords, User Names, IDs, Log-On, Log-In, Entry, and Exit Protocols! And so it is time to get all of this out of the domain of the human and into the realm of our machines! Today we are in the process of migrating from a nightmare past of our own design, into a biometric world where machines will recognise us and grant us access automatically. And at the fringe some young populations are already being chipped exactly in the same way our pets have been chipped for the past decades.
Apart from the obvious advantage of not having to carry any money or ID of any kind, there is the assurance of extra safety, security and health support wherever we happen to be. It is not available right now, but beyond an ID Chip, we can easily embed, or provide links to, our medical record into the same technology. We, and not just our devices and possessions, also become a part of the IoT!
Of course, for many, they see the threat of a looming dystopian future aka Hollywood! But this will be a choice between convenience and greater security versus what we have today - but that choice has to remain ours! In this presentation we look at the widening spectrum of technologies available and the need to concatenate widely different techniques to exceed the accuracy of DNA and other human/biological parameters
The migration of the fundamentally analogue telephone from a circuit switched network to one essential designed for machine communications based on packet switching has not been entirely comfortable. It was not at all obvious that it might work, or indeed, that it might even be possible given the sensitivity of the human ear and mind to artificiality, noise and latency.
After serving humanity for well over 100 years the analogue telephone network and devices have been overtaken by mobile computing devices offering far more facilities and power. So, despite the detailed testing, and charactering of human speech, the design and modelling of device and network abilities, we are saying goodbye to this past.
During to past 40 years a new world has emerge with intelligence and computing power at the edge of networks and not at the core. Layering speech and video on this new ‘internet’ has been a challenge, but now the performance and economics are more than viable. So, in this lecture we trace this history of development and illustrate the tech challenges with a series of audio demonstrations.
In short, we highlight the nature and impact of bandwidth, signal-to-noise ratio, latency, and packet loss through the old analogue to the new digital eras. We also present some ‘off piste’ examples of military and aircraft communications. Throughout we also highlight the key design directions designs, failures and flaws.
Part 1 of this two-part serious was about rethinking and reeducation: ‘Attack Scenarios’ approached the transformation process by getting students to think as if they are attacker so that in Part 2; ‘Defence Scenarios’ they are challenged to get ahead of the game; to anticipate and respond ahead of an attack, by recalling what they did in RED Team mode which gave them the opportunity to design their own criminal empire on screen!
In both Part 1 and Part 2 the detailed discussions occurred in camera and are not for publication or open public access.
We are engaged in an exponentially growing cyber war that we are visibly losing. Within the next 3 years it has been estimated that the global cost will equal, or overtake, the UK GDP, and it is clear that our defences are inadequate and often ineffective. Malware and ransomer-ware continue to extort more money, and cause damage and inconvenience to individuals, organisations and society, whilst hacker groups, criminals and rogue states continue to innovate and maintain their advantage. At the same time, our defences are subverted and rendered ineffective as we operate in a reactive and prescriptive, after the fact, mode with no foresight or anticipation.
In any war it is essential to know and understand as much about the enemy as possible, it is also necessary to establish the truth and validity of any situation or development. Doing this in the cyber domain is orders of magnitude more difficult than the real world, but some of the relevant tools are now available or at an advanced stage of development. For example; fully automated fact checkers and truth engines have been demonstrated, whilst situational awareness technologies are commercially available. However, what is missing is some level of context assessment on a continual basis. Without this we will continue to be ‘blind-sided’ by the actions and developments of the attackers as they maintain their element of surprise along every line of innovation.
What do we need? In short ; a Context Engine that continually monitors networks, servers, routers, machines, devices and people for anomalous behaviours that flag pending attacks as behavioural deviations that are generally easy to detect. In the case of attacker groups we have observed precursor events and trends in network activity days ahead of some big offensive. However, this requires a shift in the defenders thinking and operations away for the reactive and short term, to the long term continual monitoring, data collection and analysis in order to establish threat assessments on a real time.
The behavioural analysis of people, networks and ITC, is at the core of our ‘Context Engine’ solution which completes the triangle of: Truth; Situation; Context Awareness to provide defenders with a fuller and transformative picture. Most of the known precursor elements of this undertaken have been studied in some depth, with some behavioural elements identified on real networks and some physical situations. The unknown can only add more accuracy!
Every Industrial revolution has seen the progression from people dominated design, build and production to a higher degrees of automation that has gone hand-in-hand with shortening timescales enabled by ever-more powerful technologies. However, at a fundamental level the process has remained the same, but it is now edging toward a continuum of evolution as opposed to a series of discrete jumps that often trigger company reorganizations. In concert, there is a realization abroad that it is no longer about the biggest, the strongest, the best, or the fittest, it is now all about the survival of the most adaptable.
By and large it is relatively easy to predict when and where tech change will occur and the likely outcomes, in terms of existing and future products and services, but how people, customers, companies and societies will react is an unsolved puzzle. On another plane, competition and threats may well occur outside the sector, from a direction managers are not looking, by entirely new mechanisms, and at a most critical time. These are all challenges indeed!
How to adapt to, and cope with these collective challenges is the focus of this presentation which is illustrated and supported by past and present industrial cases along with the experiences and methodologies of those who have driven/weathered this storm as well as those who failed. Many of the illustrations are automated and there are exemplar movies and segue inserts throughout.
No doubt Aldous Huxley and George Orwell would be pleased to see cameras and surveillance devices everywhere, just as they predicted, but they would then be amazed to find that we buy and install them and become upset if no one is watching! So the Dystopian futures they both predicted and feared are not here yet, but they might just be in the pipeline, and being built a device at a time by us!
Only 70 years ago close observation and surveillance was difficult and very expensive. Today, it is so very cheap, efficient, and everywhere: in our pockets; on our wrists; in our homes, offices, cars, trains, planes; in the streets and on the highways and major roads.
To some degree every country has embraced all the possibilities presented by the technology to make their societies safer and more progressive as organisms, but now here comes AI. Automatic voice, face, finger, eye, action, movement and habit recognition writ large along with all our messages, entertainment, work and recreation patterns monitored 24x7, so inference engines can check if we are good, bad, dangerous, safe, under threat and so on!
Some countries are now employing such technology to judge, sentence, and commit people for criminal acts and ant-social behaviours etc. At this point we have to proceed with care in the recognition that data errors ‘happen’ and human biases can be built in at the birth of such AI systems. Nothing is ever perfect - not people, and certainly not our machines, and we have to progressively drive out bias snd error…
For the vast majority of history the progress of our species and civilisation was limited by a very few artisans - the workers of metal, wood, leather and cloth along with famers and distribution networks. Specifically, the number of skilled blacksmiths determined the rate of sword, knife, lance and armour production, and ultimately the size of empires.
The turning point came in the eaten 1700s when the Royal Navy was expanding to explore and colonies the planer. Nails were the problem with more than 20k required per ship! So this was the first item to be mad automatically, followed by wooden blocks for the rigging. The water mills constructed to power the production therefore mark the start of Industry 1.0 and the growth of the British Empire.
The spread of automation through Industry 2, 3 and 4 accelerated and empowered us to do more and more using less and less people, power and materials. Without it we could not support the population of the planet or the lifestyle we enjoy. Remarkably, at no time during this process have we seen mass unemployment, and consistently, more and more jobs have been created. In brief, better production capabilities have seen the creation of better tools, which in turn has led to better productivity and better quality.
The process has been evident in everything hardware, and much of entertainment ,design, and software, with services perhaps the last bastion of human based delivery and support. However; the on-line world and rise of AI are now changing the balance across retail, banking, insurance, accountancy, and services in general.
In a world that appears riven by social media, ill-informed opinion, rumour, and conspiracy theories in preference to facts and established truths, it can be alarming to see scientists, doctors, and engineers challenged by vacuous statements that often hold sway over the hard-won truths of science. Moreover, large numbers of people do not understand the ‘scientific method’ and what makes it so powerful.
Paradoxically, those challenging science and scientists based on their belief systems do so using technologies that can only be furnished by scientific methodologies. For sure; no religion, belief system, great political mind, anarchist, professional protester, or social commentator will produce a TV set, mobile phone, laptop, tablet, supercomputer, MRI Scanner, AI system, or vaccine! But they will criticise, challenge, and be abusive based on their ignorance and inability.
So, this is the world that now influences the minds of young aspiring students, and this presentation is designed to go beyond the simple exposition and statement of the scientific principles and method, to provide an ancient, modern, and forward-looking perspective. It also includes a complex ‘worked example’ to highlight the rigour that must be applied to establish any truth!
We are living through an extraordinary pandemic (CV-19) that has changed all the network norms including the way we work and communicate. An invisible consequence has been the transformation of internet and telecoms traffic promoted by people working from home, restrictions on all travel and a paralysis of almost all social norms. Living and working in isolation for 3 - 5 months has become the new mode for many, and even the most technophobic have had to turned to video conferencing and on-line purchases to ‘survive’
From a network point of view the transition has seen the concentrations of traffic in major cities and towns mutate to the dispersed and disparate working, social and entertainment activities that have found the last mile wanting. Insufficient bandwidth connectivity and resilience have quickly become a prime concern with the overloading of core networks a lesser concern.
Installing new optical links and making the core (undersea and overland long-lines) networks more robust is relatively easy as they are by far the most resilient and secure of our infrastructures. It is the local loop, our last mile, that poses the hard to fix problem. In this session we present tested model solutions based on direct ‘dark-fibre’ to home and office with no electronics, splitters or access points in the field. This is augmented by Mesh-Nets and 4/5G providing temporary bridges for random fibre breaks and cable damage.
CyberCrime represents one of the biggest threats to society and human progress to be encountered in the past 70 years. As a business, it is by far the biggest on the planet with a balance sheet that would see it joining the G8 within the next 3 years given its continued exponential growth. With these criminal activities only attracting sensational reporting in the context of stolen passwords and account details, society soldiers on not understanding the detail and not understanding the growing threat. Attacks are tolerated in much the same way as a snowstorm!
Military, national defense, and security organizations, along with police and government can no longer cope and are in large part unable to defend and protect their citizens. The IT industry and those engaged in Cyber Defence are struggling too and remain in a reactive defense mode - mostly responding after the fact/act! The Dark Side not only enjoy the first-mover advantage, they are unbounded by the Law, Ethics, or indeed any constraints!
There are also rogue states and terrorists plus many other groups also leveraging the openness of societies to attack, and often straying into/exploiting criminal resources! At the same time the defenders tend to be far and few on the ground, generally underfunded and resourced, and often unappreciated and poorly paid/rewarded. For sure, it is time to rethink this arena and change our thinking on how we approach defense.
This lecture is Part 1 of a rethink/reeducation process: ‘Attack Scenarios’ approaches the transformation process by getting students to think as if they are attacker so that in Part 2; ‘Defence Scenarios’ they can get ahead of the game to anticipate and respond ahead of an attack. This they do in RED Team mode with an opportunity to design their own criminal empire on screen!
Our communications history is dominated by fixed networks of bounded linear predictability. These were based on precise engineering design giving assured information security, and measured operation. However, mobile devices, internet, social networks, IP, and Apps changed all that! Internets are inherently non-linear, unbounded, and essentially designoid — that is, mostly shaped by evolution, steered by demand/rapid innovation - highly adaptive and ‘learning’ in real time.
So, those who suppose we can control such networks to fully guard and protect the information of institutions and individuals are sadly mistaken. And further confounded by Industry 4.0 and the Internet of Things (IoT). Here, a mix of the information of individuals and things, is distributed across the planet on a scale far larger than ever conceived in the past, to become essential components in the survival of our species in realising sustainable societies.
Not surprising then, Privacy and Data protection are big issues for regulators, governments and civil liberties organisations. But so far, nothing has worked, and we see the UK Data Protection Act, EU-GDPR, EU-USA Shield, and Copyright Laws often ignored or worked around. These are largely derivatives of a paper based world and a pre-computing world are now largely unfit for purpose.
Education systems across the West have degenerated into a series of memory tests and the quest to hit abstract performance targets and measures. So students that appear well qualified are often unable to apply the most basic of mathematical, scientific, engineering or logical principles, and nor do they have a good appreciation of history or design. This does not bode well for a future of faster change and greater complexity.
“At the most basic level our society it is about the survival of the most adaptable”
For sure; today’s education and learning methodologies have to move toward more experimental and experiential working in order to reinforce the basics whilst engendering far greater understanding. Early specialism has also to be reversed with all students studying a broader range of topics through school and on into college and/or university.
“Education isn’t something you have to get done and dusted - it is a lifelong pursuit”
There is a further need to recognize that the (so-called) academic and practical streams are afforded equal importance! To get the best out of teams/groups all members have to share a common base of understanding and appreciation. In turn, this can be enabled and supported by Just-in-Time education and training-on-line. But there is much more….
Despite a security landscape now embracing: People; Companies; Governments; Devices; Networks; Services; Vehicles; Properties; LAND; SEA; AIR; SPACE; CYBER and INFORMATION, people and organisations still tend to see all this as someone else problem. In reality, it concerns all of us. Governments can no longer protect their citizens and nor can any company IT/Security Dept!
“In an ideal world: responses to Cyber and Terror would be automated and immediate”
The Dark Side has grown rich and powerful by investing in R&D and the latest technology; adopting distributed team working and a global market for talent and resources; and they are winning this war with an estimated $1.5Tn income in 2019. We have to adopt the same strategies to survive let alone win. Global sharing and cooperation are key along with people, staff, management, board, NED and Chairman education/training/involvement. At this time it is rare to find a ‘Cyber Seat’ on the main board of any organization, but it is a new and critical essential!
Seventy years on from AI appearing on the public scene and all the optimistic projections have been largely overtaken with systems outgunning humans at all board, card and computer games including Chess, Poker and GO. Of course; general knowledge, medical diagnosis, genetics and proteomics, image and pattern recognition are now all firmly in the grasp of AI.
Interestingly, AI is treading a similar path to computing in that it began with single purpose/task machines that could only deal with a company payroll calculations or banking transactions and nothing more! General purpose computing emerged over further decades to give us the PCs and devices we now enjoy. So, AI currently runs as task specific applications on these general purpose platforms, and no doubt, general purpose AI will also become tractable in a few decades too!
Recent progress has promoted a deal of debate and discussion along with hundreds of published papers and definitions that attempt to characterise biological and artificial intelligence. But they all suffer the same futility and fail! Without reference to any formal characterisation, all discussion and debate remains relatively meaningless.
Somewhat ironically, it was the defence industry that triggered the analysis work here. Two of key steps to success were: the abandonment of all performance comparisons between biological and machine entities; and the avoidance of using the human brain as some ‘golden’ intelligence reference.
This presentation is suitable for professionals and public alike, and comes fully illustrated by high quality graphics, animations and movies. Inevitably, it contains (engineering) mathematics that non-practitioners will have to take on trust, whilst professionals may wish challenge on the basis that the focus on getting a solution rather than the purity of the process!
A Green Agenda cannot be fully realised by polishing our established industries and processes, or indeed minimalistic changes to manufacturing, production, and supply. We have to be far more holistic and radical! New materials and processes will get us part way there, but we also need the greater data oversight, analysis and management, provided by a fully deployed Internet of Things (IoT). In turn, this will require the application of Artificial Intelligence, Computer Modelling and War Gaming to provide the necessary guidance and decision support for machines and people.
Energy and material waste are definitely key components, but so are hyper-efficient Re-Use, Re-Purposing, and Re-Cycling with maximal material recovery at very low loss. And so, access to and analysis of, the Big and Small Data collected by networks and the IoT components is vital. For obvious reasons of unrealisable energy demands and network node densities, mobile networks and network technologies (such as 5G) cannot support such a vision and we can expect to see a migration to new network regimes where our machines, appliances, devices, vehicles, sea going containers, pallets, boxes, products and components communicate directly over very short distances in preference to using 3/4/5G and WiFi networks.
Many IoT components include sensors and access to information about their hosts; and this is vital to performance monitoring, timely maintenance and repair. Real time location, production, supply, use and ownership information will change the way we design, manufacture, supply and meet the needs of society at all levels from health, welfare, employment, education, industry, commerce, defence, and government. Many elements exist today, and more are under development, and in this presentation we bring together these core components.
The precise definition and understanding of Industry 4.0, and how the vital elements are chosen varies widely by industry and country along with a deal of vagueness on the operational detail. This is particularly true of sustainability, new materials, security, IoT, recycling, logistics, integration, and interdependencies. In this short presentation, we highlight how many of the components are critically interdependent.
工业4.0的精确定义和理解以及关键要素的选择方式因行业和国家而异,并且在操作细节上含糊不清。 对于可持续性,新材料,安全性,物联网,回收,物流,集成和相互依存关系尤其如此。 在这个简短的演讲中,我们重点介绍了有多少个组件是相互依赖的。
在此处可以找到支持范围更广的I4.0演示/治疗方法:
A supporting and far broader I4.0 presentation/treatment can be found here:
https://www.slideshare.net/PeterCochrane/why-industry-40
在这里有更多关于物联网的信息:
With more on the IoT here:
https://www.slideshare.net/PeterCochrane/the-iot-for-real
还提供了支持书:
A supporting book is also available:
https://www.springer.com/gp/book/9783030129521
Throughout my career in science, engineering and management I attended numerous meeting where many misconceptions and misinterpretations were evident. Perhaps the most expansive and expensive were the probabilities assumed and calculated for system reliability and/or product manufacturing quality. Eventually, I began to refer to this as ‘five nines’ problem!
Not fully understanding the origins of the reliability measures, it is so easy to demand a 99.999% instead of 99.99% up time for an electronic system. What could be easier? At face value it appears to be trivial and straightforward! Likewise, taking a 5s manufacturing plant up to a 6s defect level turns out to be a monumental engineering challenge! And at the time of writing 6s has never been achieved!
It appears that to few engineering and management courses address this topic, and if they do, it is as a scant reference of insufficient depth. So, we see far too many students understand in any depth, if at all! And when they become managers they just ‘don’t get it’!
This presentation and the associated lecture have been specifically created to address this problem with relevance to BSc, BA, MSc and MBA students along with anyone needing a refresher or explicit introduction to the topic. In addition to the graphics, animations and movies, the lecture is also littered with practical examples and the outcomes of case studies.
Workshop on getting to grips with digital strategy by thinking like a network. Understanding complex adaptive systems, terminology, exponential growth and how technology, behaviour and design all come together. Two exercises included are Stinky Fish and Jobs to be Done. Lots of stuff on Netflix in there too.
The CIA Mindset: Securing Your WordPress Code” on March 19th. Using the classic CIA Security Triad, David will explore how developers can have more confidence in the Confidentiality, Integrity and Availablity regarding their own WordPress Sites, plugins and themes.
Telecom customer services appear to be stuck in the early 20th Century with the telephone call the primary channel for service provision that can take days to affect. Compare that to Google, Amazon, IBM, Apple and other modern companies where customers control service provision by the minute or second.
Modem business is driven by the accumulation of customer data, but the Telecom Industry sees vast amounts of customer-related data dormant and untapped. As a result, many new opportunities are lost. For example, the behavior of people, devices, systems, and networks give the earliest indicators of potential security problems.
OTT operators exploit networks and make far greater profits than any other sector and this might be further amplified by the roll-out of 5G. But without a fundamental rethink of FTTP, 5G will fail to deliver sufficient coverage and the advertised data rates. This pending failure is already seeing alternative solutions from outside the industry along with the realization that most ‘things’ on the IoT will never connect to the internet!
Data mining and analysis has been dominated by the big looking at the small. Businesses, institutions and governments examine our habits with an eye to commercial opportunities, welfare, and security. However, big data is migrating analysis into the arena of networking and association to enhance services: advertising, ‘pre-selling,’ healthcare, security and tax avoidance reduction. But this leaves the critical arena of Small Data unaddressed - the small looking at the small - individuals and things examining and exploiting their own data.
Here we consider a future of ubiquitous tagging, sensors, measuring and networked monitoring powered by the IoT. Key conclusions see many devices talking to each other at close range with little (or no) need of internet connection, and more network connections generated between things than those on the net.
The migration of the fundamentally analogue telephone from a circuit switched network to one essential designed for machine communications based on packet switching has not been entirely comfortable. It was not at all obvious that it might work, or indeed, that it might even be possible given the sensitivity of the human ear and mind to artificiality, noise and latency.
After serving humanity for well over 100 years the analogue telephone network and devices have been overtaken by mobile computing devices offering far more facilities and power. So, despite the detailed testing, and charactering of human speech, the design and modelling of device and network abilities, we are saying goodbye to this past.
During to past 40 years a new world has emerge with intelligence and computing power at the edge of networks and not at the core. Layering speech and video on this new ‘internet’ has been a challenge, but now the performance and economics are more than viable. So, in this lecture we trace this history of development and illustrate the tech challenges with a series of audio demonstrations.
In short, we highlight the nature and impact of bandwidth, signal-to-noise ratio, latency, and packet loss through the old analogue to the new digital eras. We also present some ‘off piste’ examples of military and aircraft communications. Throughout we also highlight the key design directions designs, failures and flaws.
Part 1 of this two-part serious was about rethinking and reeducation: ‘Attack Scenarios’ approached the transformation process by getting students to think as if they are attacker so that in Part 2; ‘Defence Scenarios’ they are challenged to get ahead of the game; to anticipate and respond ahead of an attack, by recalling what they did in RED Team mode which gave them the opportunity to design their own criminal empire on screen!
In both Part 1 and Part 2 the detailed discussions occurred in camera and are not for publication or open public access.
We are engaged in an exponentially growing cyber war that we are visibly losing. Within the next 3 years it has been estimated that the global cost will equal, or overtake, the UK GDP, and it is clear that our defences are inadequate and often ineffective. Malware and ransomer-ware continue to extort more money, and cause damage and inconvenience to individuals, organisations and society, whilst hacker groups, criminals and rogue states continue to innovate and maintain their advantage. At the same time, our defences are subverted and rendered ineffective as we operate in a reactive and prescriptive, after the fact, mode with no foresight or anticipation.
In any war it is essential to know and understand as much about the enemy as possible, it is also necessary to establish the truth and validity of any situation or development. Doing this in the cyber domain is orders of magnitude more difficult than the real world, but some of the relevant tools are now available or at an advanced stage of development. For example; fully automated fact checkers and truth engines have been demonstrated, whilst situational awareness technologies are commercially available. However, what is missing is some level of context assessment on a continual basis. Without this we will continue to be ‘blind-sided’ by the actions and developments of the attackers as they maintain their element of surprise along every line of innovation.
What do we need? In short ; a Context Engine that continually monitors networks, servers, routers, machines, devices and people for anomalous behaviours that flag pending attacks as behavioural deviations that are generally easy to detect. In the case of attacker groups we have observed precursor events and trends in network activity days ahead of some big offensive. However, this requires a shift in the defenders thinking and operations away for the reactive and short term, to the long term continual monitoring, data collection and analysis in order to establish threat assessments on a real time.
The behavioural analysis of people, networks and ITC, is at the core of our ‘Context Engine’ solution which completes the triangle of: Truth; Situation; Context Awareness to provide defenders with a fuller and transformative picture. Most of the known precursor elements of this undertaken have been studied in some depth, with some behavioural elements identified on real networks and some physical situations. The unknown can only add more accuracy!
Every Industrial revolution has seen the progression from people dominated design, build and production to a higher degrees of automation that has gone hand-in-hand with shortening timescales enabled by ever-more powerful technologies. However, at a fundamental level the process has remained the same, but it is now edging toward a continuum of evolution as opposed to a series of discrete jumps that often trigger company reorganizations. In concert, there is a realization abroad that it is no longer about the biggest, the strongest, the best, or the fittest, it is now all about the survival of the most adaptable.
By and large it is relatively easy to predict when and where tech change will occur and the likely outcomes, in terms of existing and future products and services, but how people, customers, companies and societies will react is an unsolved puzzle. On another plane, competition and threats may well occur outside the sector, from a direction managers are not looking, by entirely new mechanisms, and at a most critical time. These are all challenges indeed!
How to adapt to, and cope with these collective challenges is the focus of this presentation which is illustrated and supported by past and present industrial cases along with the experiences and methodologies of those who have driven/weathered this storm as well as those who failed. Many of the illustrations are automated and there are exemplar movies and segue inserts throughout.
No doubt Aldous Huxley and George Orwell would be pleased to see cameras and surveillance devices everywhere, just as they predicted, but they would then be amazed to find that we buy and install them and become upset if no one is watching! So the Dystopian futures they both predicted and feared are not here yet, but they might just be in the pipeline, and being built a device at a time by us!
Only 70 years ago close observation and surveillance was difficult and very expensive. Today, it is so very cheap, efficient, and everywhere: in our pockets; on our wrists; in our homes, offices, cars, trains, planes; in the streets and on the highways and major roads.
To some degree every country has embraced all the possibilities presented by the technology to make their societies safer and more progressive as organisms, but now here comes AI. Automatic voice, face, finger, eye, action, movement and habit recognition writ large along with all our messages, entertainment, work and recreation patterns monitored 24x7, so inference engines can check if we are good, bad, dangerous, safe, under threat and so on!
Some countries are now employing such technology to judge, sentence, and commit people for criminal acts and ant-social behaviours etc. At this point we have to proceed with care in the recognition that data errors ‘happen’ and human biases can be built in at the birth of such AI systems. Nothing is ever perfect - not people, and certainly not our machines, and we have to progressively drive out bias snd error…
For the vast majority of history the progress of our species and civilisation was limited by a very few artisans - the workers of metal, wood, leather and cloth along with famers and distribution networks. Specifically, the number of skilled blacksmiths determined the rate of sword, knife, lance and armour production, and ultimately the size of empires.
The turning point came in the eaten 1700s when the Royal Navy was expanding to explore and colonies the planer. Nails were the problem with more than 20k required per ship! So this was the first item to be mad automatically, followed by wooden blocks for the rigging. The water mills constructed to power the production therefore mark the start of Industry 1.0 and the growth of the British Empire.
The spread of automation through Industry 2, 3 and 4 accelerated and empowered us to do more and more using less and less people, power and materials. Without it we could not support the population of the planet or the lifestyle we enjoy. Remarkably, at no time during this process have we seen mass unemployment, and consistently, more and more jobs have been created. In brief, better production capabilities have seen the creation of better tools, which in turn has led to better productivity and better quality.
The process has been evident in everything hardware, and much of entertainment ,design, and software, with services perhaps the last bastion of human based delivery and support. However; the on-line world and rise of AI are now changing the balance across retail, banking, insurance, accountancy, and services in general.
In a world that appears riven by social media, ill-informed opinion, rumour, and conspiracy theories in preference to facts and established truths, it can be alarming to see scientists, doctors, and engineers challenged by vacuous statements that often hold sway over the hard-won truths of science. Moreover, large numbers of people do not understand the ‘scientific method’ and what makes it so powerful.
Paradoxically, those challenging science and scientists based on their belief systems do so using technologies that can only be furnished by scientific methodologies. For sure; no religion, belief system, great political mind, anarchist, professional protester, or social commentator will produce a TV set, mobile phone, laptop, tablet, supercomputer, MRI Scanner, AI system, or vaccine! But they will criticise, challenge, and be abusive based on their ignorance and inability.
So, this is the world that now influences the minds of young aspiring students, and this presentation is designed to go beyond the simple exposition and statement of the scientific principles and method, to provide an ancient, modern, and forward-looking perspective. It also includes a complex ‘worked example’ to highlight the rigour that must be applied to establish any truth!
We are living through an extraordinary pandemic (CV-19) that has changed all the network norms including the way we work and communicate. An invisible consequence has been the transformation of internet and telecoms traffic promoted by people working from home, restrictions on all travel and a paralysis of almost all social norms. Living and working in isolation for 3 - 5 months has become the new mode for many, and even the most technophobic have had to turned to video conferencing and on-line purchases to ‘survive’
From a network point of view the transition has seen the concentrations of traffic in major cities and towns mutate to the dispersed and disparate working, social and entertainment activities that have found the last mile wanting. Insufficient bandwidth connectivity and resilience have quickly become a prime concern with the overloading of core networks a lesser concern.
Installing new optical links and making the core (undersea and overland long-lines) networks more robust is relatively easy as they are by far the most resilient and secure of our infrastructures. It is the local loop, our last mile, that poses the hard to fix problem. In this session we present tested model solutions based on direct ‘dark-fibre’ to home and office with no electronics, splitters or access points in the field. This is augmented by Mesh-Nets and 4/5G providing temporary bridges for random fibre breaks and cable damage.
CyberCrime represents one of the biggest threats to society and human progress to be encountered in the past 70 years. As a business, it is by far the biggest on the planet with a balance sheet that would see it joining the G8 within the next 3 years given its continued exponential growth. With these criminal activities only attracting sensational reporting in the context of stolen passwords and account details, society soldiers on not understanding the detail and not understanding the growing threat. Attacks are tolerated in much the same way as a snowstorm!
Military, national defense, and security organizations, along with police and government can no longer cope and are in large part unable to defend and protect their citizens. The IT industry and those engaged in Cyber Defence are struggling too and remain in a reactive defense mode - mostly responding after the fact/act! The Dark Side not only enjoy the first-mover advantage, they are unbounded by the Law, Ethics, or indeed any constraints!
There are also rogue states and terrorists plus many other groups also leveraging the openness of societies to attack, and often straying into/exploiting criminal resources! At the same time the defenders tend to be far and few on the ground, generally underfunded and resourced, and often unappreciated and poorly paid/rewarded. For sure, it is time to rethink this arena and change our thinking on how we approach defense.
This lecture is Part 1 of a rethink/reeducation process: ‘Attack Scenarios’ approaches the transformation process by getting students to think as if they are attacker so that in Part 2; ‘Defence Scenarios’ they can get ahead of the game to anticipate and respond ahead of an attack. This they do in RED Team mode with an opportunity to design their own criminal empire on screen!
Our communications history is dominated by fixed networks of bounded linear predictability. These were based on precise engineering design giving assured information security, and measured operation. However, mobile devices, internet, social networks, IP, and Apps changed all that! Internets are inherently non-linear, unbounded, and essentially designoid — that is, mostly shaped by evolution, steered by demand/rapid innovation - highly adaptive and ‘learning’ in real time.
So, those who suppose we can control such networks to fully guard and protect the information of institutions and individuals are sadly mistaken. And further confounded by Industry 4.0 and the Internet of Things (IoT). Here, a mix of the information of individuals and things, is distributed across the planet on a scale far larger than ever conceived in the past, to become essential components in the survival of our species in realising sustainable societies.
Not surprising then, Privacy and Data protection are big issues for regulators, governments and civil liberties organisations. But so far, nothing has worked, and we see the UK Data Protection Act, EU-GDPR, EU-USA Shield, and Copyright Laws often ignored or worked around. These are largely derivatives of a paper based world and a pre-computing world are now largely unfit for purpose.
Education systems across the West have degenerated into a series of memory tests and the quest to hit abstract performance targets and measures. So students that appear well qualified are often unable to apply the most basic of mathematical, scientific, engineering or logical principles, and nor do they have a good appreciation of history or design. This does not bode well for a future of faster change and greater complexity.
“At the most basic level our society it is about the survival of the most adaptable”
For sure; today’s education and learning methodologies have to move toward more experimental and experiential working in order to reinforce the basics whilst engendering far greater understanding. Early specialism has also to be reversed with all students studying a broader range of topics through school and on into college and/or university.
“Education isn’t something you have to get done and dusted - it is a lifelong pursuit”
There is a further need to recognize that the (so-called) academic and practical streams are afforded equal importance! To get the best out of teams/groups all members have to share a common base of understanding and appreciation. In turn, this can be enabled and supported by Just-in-Time education and training-on-line. But there is much more….
Despite a security landscape now embracing: People; Companies; Governments; Devices; Networks; Services; Vehicles; Properties; LAND; SEA; AIR; SPACE; CYBER and INFORMATION, people and organisations still tend to see all this as someone else problem. In reality, it concerns all of us. Governments can no longer protect their citizens and nor can any company IT/Security Dept!
“In an ideal world: responses to Cyber and Terror would be automated and immediate”
The Dark Side has grown rich and powerful by investing in R&D and the latest technology; adopting distributed team working and a global market for talent and resources; and they are winning this war with an estimated $1.5Tn income in 2019. We have to adopt the same strategies to survive let alone win. Global sharing and cooperation are key along with people, staff, management, board, NED and Chairman education/training/involvement. At this time it is rare to find a ‘Cyber Seat’ on the main board of any organization, but it is a new and critical essential!
Seventy years on from AI appearing on the public scene and all the optimistic projections have been largely overtaken with systems outgunning humans at all board, card and computer games including Chess, Poker and GO. Of course; general knowledge, medical diagnosis, genetics and proteomics, image and pattern recognition are now all firmly in the grasp of AI.
Interestingly, AI is treading a similar path to computing in that it began with single purpose/task machines that could only deal with a company payroll calculations or banking transactions and nothing more! General purpose computing emerged over further decades to give us the PCs and devices we now enjoy. So, AI currently runs as task specific applications on these general purpose platforms, and no doubt, general purpose AI will also become tractable in a few decades too!
Recent progress has promoted a deal of debate and discussion along with hundreds of published papers and definitions that attempt to characterise biological and artificial intelligence. But they all suffer the same futility and fail! Without reference to any formal characterisation, all discussion and debate remains relatively meaningless.
Somewhat ironically, it was the defence industry that triggered the analysis work here. Two of key steps to success were: the abandonment of all performance comparisons between biological and machine entities; and the avoidance of using the human brain as some ‘golden’ intelligence reference.
This presentation is suitable for professionals and public alike, and comes fully illustrated by high quality graphics, animations and movies. Inevitably, it contains (engineering) mathematics that non-practitioners will have to take on trust, whilst professionals may wish challenge on the basis that the focus on getting a solution rather than the purity of the process!
A Green Agenda cannot be fully realised by polishing our established industries and processes, or indeed minimalistic changes to manufacturing, production, and supply. We have to be far more holistic and radical! New materials and processes will get us part way there, but we also need the greater data oversight, analysis and management, provided by a fully deployed Internet of Things (IoT). In turn, this will require the application of Artificial Intelligence, Computer Modelling and War Gaming to provide the necessary guidance and decision support for machines and people.
Energy and material waste are definitely key components, but so are hyper-efficient Re-Use, Re-Purposing, and Re-Cycling with maximal material recovery at very low loss. And so, access to and analysis of, the Big and Small Data collected by networks and the IoT components is vital. For obvious reasons of unrealisable energy demands and network node densities, mobile networks and network technologies (such as 5G) cannot support such a vision and we can expect to see a migration to new network regimes where our machines, appliances, devices, vehicles, sea going containers, pallets, boxes, products and components communicate directly over very short distances in preference to using 3/4/5G and WiFi networks.
Many IoT components include sensors and access to information about their hosts; and this is vital to performance monitoring, timely maintenance and repair. Real time location, production, supply, use and ownership information will change the way we design, manufacture, supply and meet the needs of society at all levels from health, welfare, employment, education, industry, commerce, defence, and government. Many elements exist today, and more are under development, and in this presentation we bring together these core components.
The precise definition and understanding of Industry 4.0, and how the vital elements are chosen varies widely by industry and country along with a deal of vagueness on the operational detail. This is particularly true of sustainability, new materials, security, IoT, recycling, logistics, integration, and interdependencies. In this short presentation, we highlight how many of the components are critically interdependent.
工业4.0的精确定义和理解以及关键要素的选择方式因行业和国家而异,并且在操作细节上含糊不清。 对于可持续性,新材料,安全性,物联网,回收,物流,集成和相互依存关系尤其如此。 在这个简短的演讲中,我们重点介绍了有多少个组件是相互依赖的。
在此处可以找到支持范围更广的I4.0演示/治疗方法:
A supporting and far broader I4.0 presentation/treatment can be found here:
https://www.slideshare.net/PeterCochrane/why-industry-40
在这里有更多关于物联网的信息:
With more on the IoT here:
https://www.slideshare.net/PeterCochrane/the-iot-for-real
还提供了支持书:
A supporting book is also available:
https://www.springer.com/gp/book/9783030129521
Throughout my career in science, engineering and management I attended numerous meeting where many misconceptions and misinterpretations were evident. Perhaps the most expansive and expensive were the probabilities assumed and calculated for system reliability and/or product manufacturing quality. Eventually, I began to refer to this as ‘five nines’ problem!
Not fully understanding the origins of the reliability measures, it is so easy to demand a 99.999% instead of 99.99% up time for an electronic system. What could be easier? At face value it appears to be trivial and straightforward! Likewise, taking a 5s manufacturing plant up to a 6s defect level turns out to be a monumental engineering challenge! And at the time of writing 6s has never been achieved!
It appears that to few engineering and management courses address this topic, and if they do, it is as a scant reference of insufficient depth. So, we see far too many students understand in any depth, if at all! And when they become managers they just ‘don’t get it’!
This presentation and the associated lecture have been specifically created to address this problem with relevance to BSc, BA, MSc and MBA students along with anyone needing a refresher or explicit introduction to the topic. In addition to the graphics, animations and movies, the lecture is also littered with practical examples and the outcomes of case studies.
Workshop on getting to grips with digital strategy by thinking like a network. Understanding complex adaptive systems, terminology, exponential growth and how technology, behaviour and design all come together. Two exercises included are Stinky Fish and Jobs to be Done. Lots of stuff on Netflix in there too.
The CIA Mindset: Securing Your WordPress Code” on March 19th. Using the classic CIA Security Triad, David will explore how developers can have more confidence in the Confidentiality, Integrity and Availablity regarding their own WordPress Sites, plugins and themes.
Telecom customer services appear to be stuck in the early 20th Century with the telephone call the primary channel for service provision that can take days to affect. Compare that to Google, Amazon, IBM, Apple and other modern companies where customers control service provision by the minute or second.
Modem business is driven by the accumulation of customer data, but the Telecom Industry sees vast amounts of customer-related data dormant and untapped. As a result, many new opportunities are lost. For example, the behavior of people, devices, systems, and networks give the earliest indicators of potential security problems.
OTT operators exploit networks and make far greater profits than any other sector and this might be further amplified by the roll-out of 5G. But without a fundamental rethink of FTTP, 5G will fail to deliver sufficient coverage and the advertised data rates. This pending failure is already seeing alternative solutions from outside the industry along with the realization that most ‘things’ on the IoT will never connect to the internet!
Data mining and analysis has been dominated by the big looking at the small. Businesses, institutions and governments examine our habits with an eye to commercial opportunities, welfare, and security. However, big data is migrating analysis into the arena of networking and association to enhance services: advertising, ‘pre-selling,’ healthcare, security and tax avoidance reduction. But this leaves the critical arena of Small Data unaddressed - the small looking at the small - individuals and things examining and exploiting their own data.
Here we consider a future of ubiquitous tagging, sensors, measuring and networked monitoring powered by the IoT. Key conclusions see many devices talking to each other at close range with little (or no) need of internet connection, and more network connections generated between things than those on the net.
(Beyond simplistic thinking and models)
This lecture is one of a series ‘Grand Challenge Subjects’ designed to make students think beyond, and challenge, the status quo; to question what they have been taught and the established industry wisdoms; to look beyond the tech media and journal papers; to think, be original, and be creative in the widest sense. This all culminates in a design and build/project program spread over several weeks.
The notion that the IoT will see everything connecting via the internet using a wireless domain dominated by 5G is not only simplistic, it is fundamentally impossible. A moments thought and a few simple calculations reveal that there is not enough energy on the planet to power 50 - 250Bn or more IoT devices operating in such a mode. So how are we really going to design and engineer the IoT to become a workable proposition? Here are some clues:
3/4G: Carries <5% of all internet traffic; WiFi ~55%; Wired LANs @ 45%
Mobile Network coverage is sadly lacking @ <90% by geography
Mobile Device batteries and charging are major limitations
The internet consumes ~12% of all our energy
Mobile Devices consume ~ 1% and rising
Mobile Nets consume ~ 10%
None of the above takes into account the cost of raw materials, production, distribution, delivery, support, disposal and the ecological impact of civil engineering, equipments, and people.
During this lecture the following surprising conclusions quickly emerge:
Most IoT devices will talk to each other and never connect to the internet
IoT devices will require a range of bandwidths and not just low bit rates
The majority of IoT devices will communicate over very short distance
Our current wireless architectures are outmoded by the IoT
We will most likely need something beyond UWB
The power per IoT device has to be <<1mW
Security will demand auto-immunity
This then is the starting point; from here we can design and engineer solutions for an, as yet, unspecified and dimensioned IoT fit for this century.
This presentation consist of Introduction of Internet of Things (IoT) points covered:
1) About hierarchy of data.
2) Understanding of IoT.
3) About IoT boards.
4) Demo Code.
5) Reference Links.
This presentation describes the types and characteristics of regional phishing attacks. We also describe the limitations of the phishing defense system of global browsers such as Google Chrome, and suggest ways to overcome them.
Only 40 years ago, the rate of technologically driven change was such that companies could re-organize efficiently and economically over considerable periods of time, but about 30 years ago this changed as the arrival of new technologies accelerated. We effectively moved from a world of slow periodic changes to one where change became a continuum. The leading-edge sectors were fast to recognize and adopt this new mode of continual adaptation driven by new technologies. This saw these ever more efficient and expansive companies dominating some sectors. For the majority, however, it seems that this transition was not recognized until relatively recently, and a so new movement was born under the banner of digitalization. This not only impacts the way people work, it affects company operations and changes markets, and it does so suddenly!.
Perhaps the most impactive and recent driver of change in this regard has been COVID which saw the adoption of video conferencing and working as a survival imperative in much less than a month. This now stands as a beacon of proof that companies, organizations, and society, can indeed change and adapt to the new at a rate previously considered impossible. The big danger for digitalization programmes now is the simple-minded view that there are singular (magic) solutions that fit every company and organization, but this is not the case. The reality is that the needs and culture of an organization are not the same and may not be uniform from top to bottom.
Manufacturing necessitates very steep hierarchical management structures and tight control to ensure the consistency of the quality of products. On the other hand, a research laboratory or design company requires a low flat management hierarchy and an apparently relaxed level of control. This is absolutely necessary to foster creativity, innovation, and invention. This presentation gives practical examples of management and organizational, extremes. We then go on to highlight the need to embrace AI and Quantum Computing over the coming decade to deal with future technologies, operating
and market complexity.
В епизод три си поговорихме:
#1
Какво работно място ще ни направи щастливи и продуктивни.
#2
Колко е важно да опитваме и да не се страхуваме да излезем от конфортната ни зона.
#3
Какво представлява LoRaWAN и защо в момента се позиционира като leader, когато говорим за "умен град"
#4
Deploy чрез Branches и какво представлява Plan Branch
Линкове:
- https://www.iottechexpo.com
- https://www.cooking-hacks.com/documentation/tutorials/lorawan-for-arduino-raspberry-pi-waspmote-868-900-915-433-mhz
- https://confluence.atlassian.com/bamboo/deployments-from-branches-407724097.html
Although not yet very visible, Blockchain technology is an increasingly important presence in the current economic environment, predicting a major future impact. The "Blockchain - Silent Revolution" debate aims to familiarize participants with the basic concepts of these technologies and its current development directions.
Governments all over the world are increasingly becoming more digital to better meet the needs of their citizens. The rise of new technology such as Artifical Intelligence and Blockchain are creating a Fourth Industrial Revolution where we must adapt or become obsolete. As the world becomes increasingly more connected it will be critical to the economic future of a country to have and implement a digital strategy. This SlideShare shares how technology can shape how Canadians conduct business with their Government.
Nuno Job - what's next for software - ANDdigital tech summitGreta Strolyte
Nuno Job will be giving a fast paced, passionate and thought-provoking talk around the future of software. He will expand on the theme of connection, showing why team values such as: integrity, persistence and respect are essential for modern software teams.
Nuno Job (YLD, MCS) is the CEO of YLD, a top tier technology consultancy that helps London's top CIOs to respond to the Innovator's Dilemma. Previously he was Chief Commercial at Nodejitsu where he was responsible for the world's largest Node.js cloud and provided extensive contributions to the success of Node.js as an enterprise-ready technology. Nuno's formative work years were spent in the U.S. at IBM Research and MarkLogic. He is a proud Sequoia alumni and a big advocate and enabler of open-source software. Currently, he lives in London were he leads the YLD team and helps great FTSE100 transform into the best technology enterprises.
Tweet: @dscape
Crypto Hacks - Quit your Job and Become a Crypto FarmerGreg Foss
With cryptocurrencies becoming more widely adopted as a form of payment, identity management, and accountability, our understanding of security implications around digital currency needs to keep pace. This talk dives into the many ways in which the systems put in place around new cryptocurrency technologies can be exploited to take advantage of loopholes and bypasses in this technology space.
Predicting digital futures a sector at a time is relatively easy, but in a networked world driven by accelerating technologies this is insufficient. Sectors do not operate in isolation, they are connected, and as technology advances the boundaries morph, with whole industries overtaken and pushed aside. At the same time old jobs lose relevance and new skills are required, but in aggregate ever more people are employed. Today there is no country, no matter how big or rich, that has all the raw materials and people required to power its industries, healthcare systems, farming and food production, or indeed educational institutions. Insourcing, outsourcing, and globalisation are the result, and they are about to be augmented by global networking of facilities, skills and abilities
We have never known or understood so much about our world, and nor have we enjoyed the capabilities bestowed by modern technology. But keeping up to date, acquiring the right knowledge and skills is a growing challenge as ‘the world of the simple’ evaporates and complexity takes over.
“There are plenty of simple solutions to complex problems, but they are all wrong”
Preparing for change whilst coping with the status quo now presents many new challenges way beyond human ability and we have to partner with machines to aid our decisions. For organisations it is essential to find and employ the right people, and for people it is necessary to become ever more flexible and adaptable whilst continually acquiring pertinent capabilities.
“AI and robots are not going to push us aside, but they will change everything”
No man is an island, and neither is any country, company or institution. A digital and connected global interdependency now governs the fortunes of our species as technology empowers us at every level. In this presentation we highlight a small sample of the technologies on the horizon, the jobs they will destroy, enhance and create.
An analysis of Cyber Security publications sees >99% devoted to the technology of attack and defence, with <1% examining the biggest risk of all - People. But every Cyber hack, attack or failure involving technology, starts with some human indiscretion, error, fallibility, stupidity, revenge, malice, or act of vandalism.
This near exclusive focus on the technology is analogous to bolting the stable door after the horse has bolted, and it results in a vast redirection and waste of resources. In complete contrast, our adversaries (The Dark Side) are more cunning. It really is time to reconsider our strategy if we are to stem the growing tide of attacks.
For sure, people cannot ‘do’ security! And why should they? It really is the responsibility of industry who ought to be designing and supplying inherently secure products that defend users against themselves and The Dark Side. To engineer this would mean the deployment of systems to monitor the behaviours of people, devices, systems, applications and networks.
We have to establish patterns of behaviour at all levels if we are to detect and combat the exceptions that might constitute an attack. And whilst our knowledge of human behaviours and sociology are extensive, we know almost nothing about devices, systems, applications and networks. Perhaps even more threatening is our total lack of knowledge about Things: aka the IoT.
In this presentation we illustrate the fallibilities of people as well as some of their devious activities and propose some solutions.
Security from the cloud is challenging traditional approaches. As organizations transition from perimeter-based security towards user-centric approaches, Security and Risk professionals are transitioning to cloud IAM services or IDaaS (Identity as a Service) to manage identities across cloud environments. By overcoming the limitations of legacy on-premises IAM solutions, organizations are accelerating SaaS adoption, increasing user productivity and recognizing greater returns on their cloud investments.
View our slides for IAM overview and learn about:
• Trends in cloud, and the standards to support them
• State of Identity, Digital Trust, Authentication and Access
• Directory Services and Federation
• SSO (Desktop SSO, Web SSO, and Mobile SSO)
• Automating Onboarding Practices, Provisioning and Deprovisioning
Watch the on-demand webinar here: https://www.brighttalk.com/channel/12923/onelogin?utm_source=brighttalk
4 GDPR Hacks to Mitigate Breach Risks Post GDPRTransUnion
The theft – over the last decade – of over 6 billion usernames, passwords, and online credentials has given hackers and fraudsters a steady supply of ammo with which to chip away at defenses. 63% of confirmed breaches in 2015 stemmed from compromised credentials and 81% of hacking-related breaches used either stolen or weak passwords (2017 Verizon Data Breach Investigations Report).
What does this tell us? That a more holistic approach is needed to stop fraud and mitigate breach risks under the GDPR. Securing customers personal data starts at login, but needs to follow customers throughout their online journey without adding friction.
Topics covered:
Secure the customer journey, while also mitigating breach risks
A no-hype overview of key provisions of the GDPR as they relate to fraud prevention
Minimizing the use of personal data while improving fraud detection
Best integration points to assess for risk and fraud
Q&A
Similar to Cyber Security in a Fully Mobile World (20)
It should be no surprise that AI is treading a similar path to computing which began with single-purpose machines tasked for payroll calculations, banking transactions, or weapons targeting et al, but nothing more! It took decades for General Purpose Computing to emerge in the form of the now ubiquitous PC. Today, AI is still in a single-purpose/task-specific phase, and we have no general-purpose platforms, but their emergence is only a matter of time!
Recent AI progress has seen a repeat of the media debate and alarmist warnings for our computing past, compounded by consequential advances in robotics. In turn, this has promoted numerous attempts to draw biological equivalences defining the time when machines will overtake humans. But without any workable definitions or framework that tend to little more than un/educated guesses. Recourse to IQ measures and the Touring test have proved to be irrelevant, and without a reference framework or formal characterisation, continued discussion and debate remain futile
We therefore approach this AI problem from the bottom up by defining the simplest of machines and lifeforms to derive clues, pointers and basic boundary conditions . This sees a fundamental Entropic description emerge that is applicable to both machine and lifeforms.
This presentation is suitable for professionals and the public alike, and is fully illustrated by high-quality graphics, animations and, movies. Inevitably, it contains some mathematics that non-practitioners will have to take on trust, but the focus is on defining the key characteristics, parameters, and important features of AI, our total dependence, and the future!
Note: A 40 min session for a predominantly ley audience and not all the slides presented here were used on the day. Their inclusion here is in response to those audience members requesting more detail at the end of/during the event.
Past civilisations have nurtured small populations of those trying to understand and manipulate nature to some advantage in materials, tools, weapons, food, and wealth. However, they never formed communities and lacked the means of recording, communicating, and sharing successes and failures. They also lacked a common framework/philosophy to qualify them as scientists, but that all began to change in the 16th Century. In this lecture we consider the progression to a philosophy of science, and the underlying principles and assumptions that now guide scientific inquiry.We also examines the nature of scientific knowledge, the methods of acquisition, evolution, and significance over past centuries, and reflect on the value to society.
In the struggle to solve problems, deliver understanding, and reveal the truth about our universe, science had to suffer and survive: ignorance, bigotry, established superstitions, and the ‘diktats’ of religions and politics, and latterly, falling education standards mired by social media. We chart that ‘scientific’ journey emphasising the importance of observation, experimentation, and the search for universal laws. Ultimately, this essentially Aristotelian perspective was challenged and overtaken by the rise of empiricism, which emphasised the importance of sensory experience and the limitations of human knowledge.
Science continues to evolve and provide us with the best truths attainable with our leading edge technologies of observation and experimentation. Today, it stands as the greatest and richest contributor to human knowledge, understanding, progress, and wellbeing. In turn, debates and controversies are ongoing, shaping the field and philosophy which remains essential for understanding the nature of scientific knowledge and the models it creates. But unlike any belief system, the answers and models furnishers by science are not certain and invariant, they tend to be stochastic and incomplete - ‘the best we can do’ at a given time.
In this workshop session we identify aging technology design concepts, old business and operating models, plus energy supply limits as the prime constraints of 6G and beyond. We also identify the notion of an erroneous spectrum shortage born of the bands and channel mode of operation which is fundamentally unsuited to 6G and IoT demands in the near and far future.
We strongly link optical fibre in the local loop with future wireless systems and the need for very low-energy ‘tower-less’ systems. We also postulate a future demanding UWB and HWB (Hyper) with transmission energies ~𝛍W and signals below the ambient noise level. This will be necessary to power an IoT of >2.4Tn Things which we estimate to be necessary for Industry 4/5 and sustainable societies.
It is hard to understate the importance of ‘Thermodynamics’ in providing an almost complete (Grand Unified Theory) picture of the inner physics of energy transfer spanning machines and chemistry thro information.
Apparently, Einstein had two favourite theories: General Relativity and Thermodynamics! He championed both because of their ‘beauty’, completeness, and emergent properties purely derived from the fundamental consideration of how the universe works.
The origins of this topic mainly reside in the Industrial revolution and the realisation that the early machinery was grossly inefficient. E.G. Engines were only converting the energy consumed to ~2% of useful work output. This drew the attention of Savery (1698), Newcomen (1712), Carnot (1769), and for the next 200 years the conundrum of lost energy occupied many of the greatest scientific minds. This culminated in Rudolf Clausius (~1850)publishing his theory of Thermodynamics with further refinement by Boltzmann (1872).
Why was all this so important? In the 1700s a ‘beam engine’ weighing in at >20 tons consumed vast amounts of coal, to deliver an output ~10hp. Today a Turbofan jet Engine can deliver >30k hp at a weight of ~6 tons. This is the difference between working with little understanding, and today where our knowledge is far more complete. Our latest challenges tend around non-linear loss mechanisms associated with turbulent air and fuel flow.. And like many other fields we have to step beyond our generalise mathematical models and turn to the power of our computers for deeper insights.
Ultimately all machines, mechanisms, computing processes and information itself, involve the transformation of matter and/or bits, and thus they are Entropic and subject to the theory of Thermodynamics. This lecture therefore presents a foundation spanning the history and progress to date in preparation for the embracing other science and engineering disciplines.
Engineering might be defined as the judicial application of science and scientific knowledge, but with the rider that unlike science and scientific studies, engineering always has to deliver a solution and a result. There are therefore aspects of engineering that stretch and challenge, the accepted, wisdom and knowledge of science. To purists, this might appear outrageous, but it is no more so than the works of Erwin Schrödinger or Leonhard Euler et al
In this lecture we examine many of the established engineering basics whilst being mindful that most of our education, techniques, and working solutions are founded on the assumption of well behave linear environments. As our entire universe, and everything in it, is inherently complex and non-linear, we have to salute the powers of approximation and iteration for our many engineering success to date. However, we are increasingly being challenged by complexities of the fundamental non-linear nature of the problems confronting us. ( E.G. Politics, Conflict, Global Warming, Sustainability, Medicine, Fusion Power, Logistics, Networks, Depletion of Resources, Accelerating Tech Driven Change +++)
We start by tracing history from the foundations up to the present day, including modern analytical nomenclature and techniques, system reliability, resilience and costs, we highlight the the basic human limitations that necessitate multi-disciplinary teams that include AI and vast computing power.
The overall treatment includes our analogue past, digital today, and analogue/digital hybrid future of computing, robots, networks and systems of all kinds. It also includes animations, movies and sound files to demonstrate the realities of modern system design including the inherent complexities. To further highlight, and exemplify this projected future, we examine a real engineering project concerned with acoustic sniper spotting under battlefield conditions and extreme noise. Here a combination of digital modelling sees the use of analogue acoustic filter arrays, analogue signal amplification, and digital signal processing doubling the range of sniper detection and location.
IoT growth forecasts currently tend to span 30 – 60 Bn ‘Things’ by 2030. However, this ignores the central IoT role in realising sustainable societies where raw materials and component use have to see very high levels of reuse, repurposing, and recycling. In such a world almost everything we possess and use will have to be tagged and be electronically addressable as a part of the IoT. Such a need immediately sees growth estimates of 2Tn or more over the span of Industry 4 and 5. On the basis of energy demands alone, it is inconceivable that the technologies of BlueTooth, WiFi, 4, 5, and 6G could support such demand, and nor are the signaling and security protocols viable on such a scale.
The evolution of the IoT will therefore most likely see a new form of dynamic network requiring new lightweight protocols employing very little signal processing, together with very low energy wireless technologies (in the micro-Watt range) operating over extremely short distances (~10m). This need might be best satisfied by a new form of ‘Zero Infrastructure Mesh Networks’ that engage in active resource sharing, lossy probabilistic routing, and cyber security realised through an integrated ‘auto-immunity’ system. Ultimately, we might also envisage data amalgamation at key nodes that have a direct connection into the internet along with an additional layer of cyber checks and protection.
We justify the above assertions by illustrating the energy and network limitations of today’s 5G networks and those already obvious in current 6G proposals. We then go on to detail how a suitable IoT MeshNet might be configured and realised, along with a few solutions and emergent outcomes on the way.
Recently, it has become increasingly evident that we have engineers and scientists reaching a professional level of practice without a clear understanding of the scientific method, its origins, and its fundamental workings. There also appears to be a lack of appreciation of our total dependence on the truths that science continually reveals. How this situation ensued appears to vary from country to country, and the flavour of education system encountered by students. But a common complaint is the progressive dumbing down of the science curriculum along with a dire shortage of qualified teachers. This also seems to be compounded with the increasing speciation of science and engineering into narrower and narrower disciplines. So this situation (crisis?) prompted a request for a corrective series of foundation lectures focussed on healing these educational flaws across relevant disciplines, graduating and practicing levels. This then is the first in this foundation series.
Uncanny Valley addresses our reactions to humanoid objects, such as robots, a video game characters, or dolls, and how they look and act ‘almost’ like a real human. Feeling of uneasiness or disgust in the observer are addressed directly, rather than familiarity or attraction. The theory was proposed by Japanese roboticist Masahiro Mori in 1970 and has been explored by many researchers and artists since. It has application in AI, robotics, MMI, and human-computer interaction, and helps designers to create more appealing devices that can interact with people in various domains, such as industry, education, entertainment, defence, health care, et al.
In this lecture we explain and demonstrate the fundamentals before extending the principle to sound, motion, actions, and eyes as an output mechanism. We also note that all this poses some challenges and risks in the potential for reduced the emotional connections, empathy, acceptance, and trust between humans and machines. On a further dimension the potential to create threat and terror can be useful opportunity in the military domain. It is thus important to understand the causes and effects of the uncanny valley in the wider sense in order to meet the needs of each application space
The aspirational visions of Society 5.0 coined by many nations around 2015/16 have now been eclipsed by technological progress and world events including another European war, global warming, climate change and resource shortages. In this new context, the published 5.0 documents now seem naive and simplistic, high on aspiration, and very short on ‘the how’. The stark reality is that the present situation has been induced by our species and our inability to understand and cope with complexity.
“There are no simple solutions to complex problems”
What is now clear is that our route to survival and Society 5.0 will be born of Industry 4.0/5.0 and a symbiosis between Mother Nature, Machines, and Mankind. Today we consume and destroy near 50% more resources than the planet might reasonably support, and merely improving the efficiency of all our processes and what we do will only delay the end point. And so I4.0 is founded on new materials and new processes that are far less damaging, inherently sustainable, and most importantly, readily dispensable across the planet.
“Reversing global warming will not see a climatic reversal to some previously stable state”
In this presentation, we start with the nature of climate change, move on to the technology changes that might save the day, the impact of Industry 4.0/5.0, and then postulate what Society 5.0 might actually look like.
In a world of accelerating innovation and increasingly complex digital services, applications, appliances, and devices, it seems unreasonable to expect customers to understand and maintain their own cyber security. We are way past the point where even the well educated can cope with the compounded complexity of an ‘on-line-life’. The reality is, today's products and services are incomplete and sport wholly inadequate cyber defence applications.
Perhaps the single biggest problem is that defenders have never been professional attackers - and they don’t share the same level of thinking and deviousness, or indeed, the inventiveness of their enemies. Apart from an education embracing the attack techniques, and in some cases, engaging in war games, the defenders remain on the back foot However, there a number of new, an potentially significant, approaches yet to be addressed, and we care to look at the problem from a new direction.
In the maintenance of high-tech equipment and systems across many industries, identifiable precursors are employed to flag impending outages and failures. This realisation prompted a series of experiments to see if it was possible to presage pending cyber attacks. And indeed it was found to be the case!
In this presentation we give an overview of our early experimental and observational results, long with our current thinking spanning networks through to individual hackers, and inside actors.
When people are exposed to the new for the first time their reaction, quite rightly, is generally one of caution and perhaps a degree of suspicion. And, when that ‘new born’ is a novel technology, reactions can quickly become amplified and biased toward the dystopian by the sensationalism of media and mis-information of social networks. In this modern era I think we can also safely assume that Hollywood has more than a ‘bit part’ in nurturing extreme reactions with movies such as Terminator, AI and Ex-Machina.
Our purpose here is to dispel the modern myth that technology is, or can be, inherently evil and a direct threat to humanity. We do so by positing three basic axioms:
“Without technology we would know and understand
almost nothing”
“The greatest threat to humanity is humanity”
“If technology progress and societal advance stall, then civilisations collapse”
Having briefly establishing these in the context of our wider history, we focus on the Industrial Revolutions and their beneficial upside and consequential negatives. We then move on to examine Robotics, Artificial Intelligence, Artificial Life, and Quantum Computing in the context of our current needs and realising sustainable futures, and the survival of our civilisation.
Connecting Everything Vital to Sustainability
Mobile network evolution has followed a reasonably predictable path almost entirely focused on the needs of human communication. The transition from 1 to 2G was dictated by the economics of reliability, performance, and scale, whilst 3, 4, and 5G saw the transition to mobile computing with full internet access, AI and an ever-expanding plethora of applications. But 5G could be the end of the line as cell-site energy demands have become excessive at ~10kW.
Midway between the migration from 4G to 5G, M2M and the IoT machines overtook the human population of 8Bn people with near (estimated) 20Bn devices. Current IoT growth rates suggest a 40 - 60Bn population by 2030 to 2050. However, we present evidence that it could be far more ~ 1,000Bn ‘Things’. This is based on the observation of the number of IoT components populating modern vehicles, homes, offices, factories and plants, along with smart ‘human implants’ and ‘smart bolts’ plus the instrumentation of civil; structures.
The bold assumption that 5G would be a dominant player in the IoT is now patently one of naivety and the world has become far more complex with over 10 wireless standards currently in use. So, this poses the question; will 6G rise to the challenge? We see this as highly unlikely as the diversity of need is extremely broad, and we propose that it could be the end of tower based networks for a lot of applications. A migration to mesh-nets, UWB and (Hyper Wide Band) for the IoT at frequencies above 100GHz seems the most obvious engineering choice as it allows for far simpler designs with extremely low power at sub $0.01/device cost. 5G is already on the margins of being sustainable, and a ‘more-of-the-same’ thinking 6G can lonely be far worse!
In 2015/16 a number of bodies/nations set about defining societies they would aspire to in the near future. Each vision document similarly described some idealistic, egalitarian, super-smart, human centred, state providing a near uniformity of living conditions, and opportunity. At the same time, each society would be free of adversity, with economic development guided by ecological and human need. Of course, economic growth was defined to continue in line with the past. Very nice, but a product of old linear thinking and modelling!
It is now approaching 2022 and in the past 5/7 years our base silicon technology has advanced to enjoy a >30 fold increase in computing power. Our top end mobile devices would now challenge a super computer of 1996/7 era, whist AI systems now pervade our homes, offices, vehicles, professions and all our on-line services. At the same time, information overload has started to rival some medical conditions!
All of this has also been compounded by two years of COVID-19 lockdowns and restrictions that have seen the normalisation of social isolation, limited travel, working and eduction from home, virtualised medicine and care, support services, shopping and meetings. In turn, this has resulted in empty offices, towns and cities. Concurently, climate change, global warming, pollution, finite resources, a stressed planetary system, and social unrest have suddenly become urgent issues. Against this backdrop it really seems to be time to revisit those Society 5.0 Visions and the limited linear thinking that contrived them!
In this presentation we examine many of the core parameters and assumptions to highlight existing, or soon to be realised, solutions and remedies. In doing so, a different picture of Society 5.0 emerges.
The biggest force for social change since the first industrial revolution has been adjusting to, and taking advantage of, the new and accelerating capabilities of our advancing technologies. And in our entire history, the dominant technology driver has been silicon-based electronics. It has prompted revolutions in Computing, Telecoms, Automation, AI, and Robotics that radically changed the human condition. Today, that same exponential revolution is accelerating us into Industry 4.0 and onto Industry 5.0.
The consequential transformation of medicine, industrial design and production, farming, food, processing, supply and demand has seen living standards improve and life expectancy widen. Many of our institutions have also seen tech-driven transformations in line with industry. If there has been a down-side to this progression, it has been our inability to transform the workforce ahead of new demands. Unemployment has persisted whilst reeducation and retraining have been on the back foot, whilst, the net creation of new jobs has always exceeded the demise of the old. As a result, leading countries in the first world now have labour shortages at all levels right across the spectrum.
Recently, COVID-19 has demonstrated that we have the technology and we can rapidly reorganise and change society if we have to. So in this presentation, we examine ‘the force functions’ and changes engineered to date, and then peer over the horizon to sample what is to come in terms of technologies and working practices…
This presentation was created in support of a short keynote for ICGS3-21 (14-15 Jan21) UK to purposely highlight the reasons why we are losing the cyber war and what we have to do to win. The approach adopted quantifies the key weakness and shortcomings of our current defence strategies to give pointers to a more secure future.
In postulating remedies, we purposely fall back on the wisdoms of Sun Tzu and The Art of War to highlight and explain the meaning and implications of quoted insights (below) and their pertinence to modern cyber wars/security.
“To know your Enemy, you must become your Enemy”
In this way, we go beyond opinion and suspicion by quantifying the scale of the individual elements of the cyber security equation using a variant of Drake’s Equation. This gives us a good estimate of the scale of the problems we face. Beyond this we highlight some cultural and political issues that need urgent attention.
Finally, we link to comprehensive presentations going back to 2016 that detail specific Red and Blue team exercises thinking and preparation. These themes were invoked to widen the awareness and thinking in the student body @ The UoS.
It was scientifically established in the 1970s that we are stressing the planet beyond the point where it can naturally recover. Today we are using about 50% more natural resources than can be extracted sustainably. The long history of industrialisation and population growth is now seeing climate change, extreme weather, and perhaps it is human overpopulation and terraforming that is now giving way to pandemics as we increasingly challenge and stress ecosystems.
Stressed systems react and fail in a variety of ways, and there is increasing evidence that CV-19 might just be the surprising product of human abuse of nature. What we can be certain of is that without action we will see more unpleasant and unwelcome surprises.
The Green Agenda is our biggest hope, but much of it is driven by emotion rather than deep thought, evidence, and scientific analysis. For example; recycling is mostly a fallacy and we need to think again! In reality Industry 4.0 is the first major program vested in the basics of long term sustainability.
In this presentation we give a brief overview of what I4.0 brings to the party by a focus on one major sector that is ripe for transformation. A much broader and wider treatment has been presented at previous events and numerous additional, associative, and supportive slide sets in this series are available on the web site.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Cyber Security in a Fully Mobile World
1. Prof Peter Cochrane OBE
p e t e r c o c h r a n e . c o m
U D P
I P
S I P
TC P
RT P
D C H P
D N S
P N
V P N
L A N
W
A N
W I F IP S T N
W L A N
3 G
4 G 5 G
6 G ? ?
B l u e To o t h
F T T X
V D S L
VO I P
I o T
I 4 . 0
A I
V M O
4 G
C LO
U
D
S
A M P S
A C T S
B O
D
F L A G
I N L E O
P I N
P o C
N A P
P o P P OT S
S ATC o m RO
W
A F C C O D E C C AT VAT M
DT M
F
E
IR
P
F M
D P S K
CYBER Security
In a fully mobile world
2. D A N G E R O U S E P O C H
C h a n g e n o w o c c u r s a t a n i n h u m a n s p e e d
“ We h a v e n e v e r k n o w n s o v e r y m u c h a n d
u n d e r s t o o d s o l i t t l e”
3. D A N G E R O U S E P O C H
C h a n g e n o w o c c u r s a t a n i n h u m a n s p e e d
“ We h a v e n e v e r k n o w n s o v e r y m u c h a n d
u n d e r s t o o d s o l i t t l e”
2 0 2 0
I n f o r m a t i o n 6 0 Z B
M o b i l e s > 1 4 B n
I o T D e v i c e s > 2 5 B n
C o n n e c t i o n s > 5 0 B n
G l o b a l F i b r e > 1 Tm
Tr a f f i c / D a y > 5 E B
Internet traffic
2025 >17.5 ExaBytes/Day
2020 >5.3 ExaBytes/Day
2015 > 1.7 ExaBytes/Day
2000 < 0.3 ExaBytes/Day
1 Exa =109 GBytes
4. RESUME
R e a l i t y 2 0 2 0
Attacks are escalating
The Dark Side is winning
There are no silver bullets
People are the biggest risk
The attack surface is increasing
Attacker rewards are on the up
All our security tools are reactive
Cyber disruption costs are growing
Companies do not collaborate/share
Attackers operate an open market
More of the same but better
& faster will not change the
game…
…we have to think anew - to get
out of the box and do something
very different !
5. Infrastructures
Web Resources
PoS + ATMs
Peripherals
Users
IoT
Mobiles
Pcs Tablet
Wearables
Targets
Transport
IT
Retail
Crypto££
Telecom
++++
c y b e r A t t a c k
A c o n n e c t e d / n e t w o r k e d w o r l d
Malware
False ID
Social
Engineering
Hacking
Web Probes
DDoS
Software
Adulteration
Finance
Gov
Health
Care
Education
Industry
Commerce
Services
Hospitality
VictimsTools
6. Infrastructures
Web Resources
PoS + ATMs
Peripherals
Users
IoT
Mobiles
Pcs Tablet
Wearables
Targets
Transport
IT
Retail
Crypto££
Telecom
++++
c y b e r A t t a c k
A c o n n e c t e d / n e t w o r k e d w o r l d
Malware
False ID
Social
Engineering
Hacking
Web Probes
DDoS
Software
Adulteration
Finance
Gov
Health
Care
Education
Industry
Commerce
Services
Hospitality
VictimsTools
We are all on (a)
l i s t ( s ) & r a t e d
a s t a r g e t s
S o o n e r o r l a t e r
w e w i l l a l l t a k e
a h i t ( o r t w o )
M u c h o f o u r
p e r s o n a l d a t a
i s f o r s a l e !
7. H E A D L I N E S
B i g g e r t h a n U K G D P ! “ W e a r e l o s i n g t h i s
w a r h a n d s d o w n ”
8. https://www.varonis.com/blog/cybersecurity-statistics/
A t t a c k C a t a l o g u e
W e f a c e a r a p i d l y c h a n g i n g l a n d s c a p e !
“ I t i s e s s e n t i a l t o m a k e a c y b e r t h r e a t r e v i e w a d a i l y r o u t i n e
b y c o n t i n u a l l y t a p p i n g t h e r i c h v e i n o f r e p o r t s a n d h e a d l i n e
n e w s a v a i l a b l e t o t h e d e f e n c e c o m m u n i t y ”
https://go.crowdstrike.com/crowdstrike-global-threat-report-2020.html
https://www6.gemalto.com/ppc/dtr/global
https://www.accenture.com/gb-en/insights/cyber-security-index
https://solutionsreview.com/endpoint-security/key-findings-the-check-
point-2020-cyber-security-report/
9. R a n s o m e w a r e
% o f o r g a n i s a t i o n s r e p o r t i n g a t t a c k s
10.
11. P e r s i s t e n t C r i s i s
Anti-phase cyclic actions correlate with events
Company/Institutions/Gov/Industry
Status Surveys remain almost static year-
on-year and show little sign of improvement
despite the growing number and type of
attack plus reputational damage
12. T H E B I G G E S T R I S K
A t t a c k m o d e s d e p e n d o n p e o p l e f a i l s !
13. J O E P U B L I C
T h e O L D a t r i s k g r o u p
14. J O E P U B L I C
T h e O L D a t r i s k g r o u p
Status
User Attitude
I just want to use it: I can’t/don’t want to know or
understand any of the detail - so don’t touch it, don’t
change anything, you might break it, just fix the
problem and let me carry on as normal!
Tech Awareness
Technology
Software
Apps
Passwords
Authentication
Firewalls
Malware
Back-Up
BroadBand
WiFi
ISP
BOTNET
Zip
Outdated
Old OS - never updated
Very Few - never updated
Simple and Weak
What ?
No Idea?
Whats That?
None
I use my phone line
Wide Open
???
Blanklook - Don’t care
Very hard to help
at risk group in
need of expert/
Family Help
16. Young Family
B o r n & l i v e w i t h t e c h
Status
User Attitude
We all need to be IT literate and fully understand the
opportunities/risks - child protection is a must and
how/where to get help
Tech Awareness
Technology
Software
Apps
Passwords
Authentication
Firewalls
Malware
Back-Up
BroadBand
WiFi
ISP
Security
Sufficient /Reasonable
New(ish)
OS - auto-updated
Many - auto-updated
Strong(ish)/Browser Created
Two Factor
Built into OS
Protection Built into OS
Cloud fundamental to set up
Best Deal ADSL/VDSL/Fibre
Supplier Strong Password
Firewall + Child Protection
May have Norton or similar
Parents capable
and protective
kids are eager
beavers
17. H O M E W O R K E R
A w a r e a n d C y b e r - w o r r i e d
18. H O M E W O R K E R
A w a r e a n d C y b e r - w o r r i e d
Status
User Attitude
I am a professional and my job depends upon my IT
literacy: I need to fully understand the opportunities
and risks and I need contracted support
Tech Awareness
Technology
Software
Apps
Passwords
Authentication
Firewalls
Malware
Back-Up
BroadBand
WiFi
ISP
Security
Encryption
VPN
Good
<3 years old
OS - auto-updated
Many - auto-updated
Strong/Browser Created
2 Factor + PIN/Fingerprint
Built into OS + Additional App(s)
Protection inside OS + App(s)
Cloud +Several (>1) HDs
Best ADSL/VDSL/Fibre Speed
Strong Password
FireWall and Malware Protection
Norton or similar +++
Not the norm but able
Sometimes
19. M o b i l e w o r k e r
Cyber over confident should be worried
20. M o b i l e w o r k e r
Cyber over confident should be worried
Status
User Attitude
I am a professional road warrior and my job depends
upon me being on the ball and self sufficient & I
have to be aware of physical and cyber security
Tech Awareness
Technology
Software
Apps
Passwords
Authentication
Firewalls
Malware
Back-Up
BroadBand
WiFi
ISP
Security
Encryption
VPN
Good
<3 years old
OS - auto-updated
Many - auto-updated
Strong/Browser Created
2 Factor + PIN/Fingerprint
Built into OS + Additional App(s)
Protection inside OS + App(s)
Cloud(x2) + Several (>2) HDs
Best ADSL/VDSL/Fibre Speed
Strong Password Random Sites
FireWall and Malware Protection
Norton or similar +++
Normal Mode
Normal Mode
21. S M E / S ta r t u p
D e f e n d i n g a d i s p a r a t e g r o u p
22. S M E / S ta r t u p
D e f e n d i n g a d i s p a r a t e g r o u p
Added Complexity
There are no IT standards and/or codes of practice
everyone works on the move using their personal IT
and an array of platforms and apps
People are working from Home, Office, Hotels,
Airports, Coffee Shops with ad hoc networking with
a wide range of data and apps
The attack opportunities are amplified but so are the
complications of navigating multiple locations, device
and OS types along with a diverse spread of Apps
Fledgling companies eventually die or grow up and
this model does not scale to deal with the a large
number of customers and the increased security
requirements - in short: processes, contingencies and
staff training plus a deal of uniformity are a must !
Status
User Attitude
A group of professionals dedicated to the creation of
a successful company - from a variety of backgrounds
with years of IT user experience and awareness
Tech Awareness
Technology
Software
Apps
Passwords
Authentication
Firewalls
Malware
Back-Up
BroadBand
WiFi
ISP
Security
Encryption
VPN
IT Support
Excellent
Random mix of personal devices
Multiple OS - auto-updated
Many - auto-updated
Strong/Browser Created
2 Factor + PIN/Fingerprint
Built into OS + Additional App(s)
Protection inside OS + App(s)
Cloud(x3) + Many (>??) HDs
Best ADSL/VDSL/Fibre
Strong Password Fixed & Mobile
FireWall and Malware Protection
An Array of Products + Services
Normal Mode
Normal Mode
Some Specialisms eg web site
23. M e d i u m B i G C o m p a n y
A f i x e d , m o b i l e , d i s p e r s e d w o r k f o r c e / o f f i c e s
L a r g e C o m p a n y
Cyber over confident should be worried
24. M e d i u m B i G C o m p a n y
A f i x e d , m o b i l e , d i s p e r s e d w o r k f o r c e / o f f i c e s
L a r g e C o m p a n y
Cyber over confident should be worried
ITs not my bag
THE IT DEPT
Take care of all
this/w
ho cares
IT and Security
never eat their
ow
n
dog food
do theY EVEN
care
IT and Security
never look at or
try to do your
job
28. D A N G E R O U S E P O C H
We h a v e n e v e r s e e n a n y t h i n g l i k e t h i s !
29. P r i m e t a r g e t s
F a v o u r i t e c y b e r a t t a c k s e c t o r s $ $
30. V U L N E R A B I L I T I E S
T h e b i g g e s t c o n t i n u a l r i s k e x p o s u r e
31. V U L N E R A B I L I T I E S
T h e b i g g e s t c o n t i n u a l r i s k e x p o s u r e
People
Always The
Biggest
Risk!
32. P H I S H I N G D E M O
O h s o v e r y e a s y f o r t h e s k i l l e d
33.
34. S P O O F E R S
B i g g e s t f r o n t c o m p a n i e s
35. I M P E R S O N A T I O N
F a k e I D c a l l c e n t r e s u p p o r t a t t a c k s
36. C h a l l e n g e
T h i s l i s t e x p a n d s y e a r l y
37. Malicious Code
inserted into visitor
browsers
Gains Access
to sensitive
data
c y b e r A t t a c k
S y s t e m W i d e O p p o r t u n i t y Po i n t s
38. R I S K P R O F I L E
T h e b i a s f o l l o w s t h e p e o p l e
39. R I S K P R O F I L E
T h e b i a s f o l l o w s t h e p e o p l e
“ T h e b u l k o f n a t i o n a l a n d
i n t e r n a t i o n a l n e t w o r k s
a r e p h y s i c a l l y d i f f i c u l t
to access: the level of
e n c r y p t i o n r e n d e r s
i t i m p o s s i b l e t o
access any useful
i n f o o r d a t a”
W e n o w e x a m i n e
t h i s i n d e t a i l
40. PRIMARY security 1
P N V P N L o c a l n a t i o n a l & i n t e r n a t i o n a l
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
Network Services
Reseller
with direct routing
Inherently
Secure
Fibre
PN/VPN
41. PRIMARY security 1
P N V P N L o c a l n a t i o n a l & i n t e r n a t i o n a l
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
Network Services
Reseller
with direct routing
Inherently
Insecure
Wired
&
Wireless
Inherently
Secure
Fibre
PN/VPN
Strong
Encryption
Hidden
VPN &
Routings
What is actually
in this Cloud?
42. p a r t i a l v i e w 1
C o m p a n i e s d o n ’ t d i v u l g e d e t a i l What is actually
in this Cloud?
43. p a r t i a l v i e w 1
C o m p a n i e s d o n ’ t d i v u l g e d e t a i l What is actually
in this Cloud?
It
is
a
v
ita
l
s
ec
r
et
a
s
to
th
e
d
eta
iled
d
es
ig
n
/en
g
in
eer
in
g
a
d
o
p
ted
A
n
d
th
e
en
em
y
m
u
s
t
n
o
t
k
n
o
w
th
is
44. p a r t i a l v i e w 2
C o m p a n i e s d o n ’ t d i v u l g e d e t a i l
How is the
Network
Configured?
45. p a r t i a l v i e w 2
C o m p a n i e s d o n ’ t d i v u l g e d e t a i l
How is the
Network
Configured?
It
is
a
v
ita
l
s
ec
r
et
a
s
to
th
e
d
eta
iled
d
es
ig
n
/en
g
in
eer
in
g
a
d
o
p
ted
A
n
d
th
e
en
em
y
m
u
s
t
n
o
t
k
n
o
w
th
is
46. S o m e G u e s s e s
W h a t w o u l d w e d o a s d e s i g n e r s ?
47. S o m e G u e s s e s
W h a t w o u l d w e d o a s d e s i g n e r s ?
In
h
er
en
tly
s
ec
u
r
e
in
th
e
ex
tr
em
e
iff
d
es
ig
n
ed
w
ell
a
n
d
d
eta
il
is
k
ep
t
s
ec
r
et
48. Cable 3
D i v e r s i t y
M u l t i - C a b l e s P a t h s
50. Cable 8
Cable 6
Cable 3
D i v e r s i t y
M u l t i - C a b l e s P a t h s
A
d
d
s
r
es
ilien
c
e
to
a
w
h
o
les
a
ler
n
etw
o
r
k
a
n
d
is
a
v
er
y
effec
tiv
e
d
efen
c
e
a
g
a
in
s
t
D
D
O
S
A
tta
c
k
s
51. Cable 8
Cable 6
Cable 3
A d d r e s s i n g
M u l t i - C a b l e P a t h s / R o u t i n g Radically Different
For Each Layer
Password Format
Different by Layer
52. Cable 8
Cable 6
Cable 3
A d d r e s s i n g
M u l t i - C a b l e P a t h s / R o u t i n g Radically Different
For Each Layer
Password Format
Different by Layer
A
d
d
s
r
es
ilien
c
e
A
n
d
A
N
ex
tr
a
la
y
er
o
f
s
ec
u
r
ity
fo
r
a
tta
c
k
er
s
if
th
ey
g
et
th
is
d
eep
53. Cable 8
Cable 6
Cable 3
Appears to be/mimics real thing, but sees the
Dark Side fighting infrastructure to nowhere!
S p o o f i n g
G h o s t C a b l e s P a t h s
54. Cable 8
Cable 6
Cable 3
d
ilu
tes
th
e
effo
r
ts
a
n
d
r
es
o
u
r
c
es
o
f
th
e
d
a
r
k
s
id
e
a
n
d
Fr
u
s
tr
a
tes
th
eir
D
es
ig
n
s
to
G
a
in
a
c
c
es
s
Appears to be/mimics real thing, but sees the
Dark Side fighting infrastructure to nowhere!
S p o o f i n g
G h o s t C a b l e s P a t h s
55. Cable 3
H o p p i n g
D y n a m i c A d d r e s s i n g
Node Addresses Change by the second
to render them invisible to scanners
56. Cable 8
Cable 6
Cable 3
H o p p i n g
D y n a m i c A d d r e s s i n g
Node Addresses Change by the second
to render them invisible to scanners
57. Cable 8
Cable 6
Cable 3
H o p p i n g
D y n a m i c A d d r e s s i n g
Node Addresses Change by the second
to render them invisible to scanners
A
s
o
f
th
e
c
r
ea
tio
n
o
f
th
is
p
r
es
en
ta
tio
n
n
o
k
n
o
w
n
a
tta
c
k
h
a
s
b
een
s
u
c
c
es
s
fu
l
a
g
a
in
s
t
th
is
d
efen
c
e
58. TH E BIG PICTUR E
O p t i c a l F i b r e C a b l e N e t S p i n e
59. TH E BIG PICTUR E
O p t i c a l F i b r e C a b l e N e t S p i n e
O
v
er
4
30
u
n
d
er
s
ea
c
a
b
les
n
o
w
c
o
n
n
ec
t
th
e
p
la
n
et
a
n
d
c
a
r
r
y
99.999%
o
f
a
ll
tr
a
ffic
60. EU - Nth America
O p t i c a l F i b r e C a b l e s 2 0 1 9
61. EU - Nth America
O p t i c a l F i b r e C a b l e s 2 0 1 9
C
A
B
LE
FA
ILS
A
R
E
R
A
R
E
a
n
d
m
a
in
ly
c
a
u
s
ed
b
y
h
u
m
a
n
in
ter
v
en
tio
n
tr
a
w
ls
a
n
c
h
o
r
s
p
lu
s
tid
a
l
a
c
tio
n
62. UK - North America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
63. UK - North America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
D i s p e r s e C a b l e s
a n d
L a n d i n g S i t e s
D i s p e r s e Tr a f f i c
a c r o s s
S e v e r a l C a b l e s
D i v e r s e E m e r g e n c y
r o u t i n g
V i a F r a n c e , S p a i n ,
S c a n d i n a v i a , o n a
m a j o r c a b l e f a i l
M a i n t a i n S e n s i b l e
F a i l u r e M a r g i n s
64. UK - North America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
D i s p e r s e C a b l e s
a n d
L a n d i n g S i t e s
D i s p e r s e Tr a f f i c
a c r o s s
S e v e r a l C a b l e s
D i v e r s e E m e r g e n c y
r o u t i n g
V i a F r a n c e , S p a i n ,
S c a n d i n a v i a , o n a
m a j o r c a b l e f a i l
M a i n t a i n S e n s i b l e
F a i l u r e M a r g i n s
in
w
a
r
tim
e
it
is
n
o
t
u
n
u
s
u
a
l
fo
r
c
a
b
les
to
b
e
a
ta
r
g
et
if
th
ey
c
a
n
b
e
lo
c
a
TED
TH
EN
TH
EY
M
A
Y
B
E
C
U
T
65. PRIMARY Security 2
L i m i t t h e t o t a l o f c o n c a t e n a t e d h o p s
Country
Gateway
Regional
Gateway
Regional
Gateway
DedicatedFibre orWavelengths
Dedicated
Fibre or
Wavelengths
VPN
PN
Total end-to-end nodes
to number < 10
Total end-to-end path
delay to be <150 ms
66. PRIMARY Security 2
L i m i t t h e t o t a l o f c o n c a t e n a t e d h o p s
Country
Gateway
Regional
Gateway
Regional
Gateway
DedicatedFibre orWavelengths
Dedicated
Fibre or
Wavelengths
VPN
PN
Total end-to-end nodes
to number < 10
Total end-to-end path
delay to be <150 ms
All Optical Fibre Net Almost
Impossible to Penetrate but
not entirely so!
All Gateways
Highly Secure
Facilities
All Precise Routings and
Gateway Locations are
not generally available
67. PRIMARY Security 2
L i m i t t h e t o t a l o f c o n c a t e n a t e d h o p s
Country
Gateway
Regional
Gateway
Regional
Gateway
DedicatedFibre orWavelengths
Dedicated
Fibre or
Wavelengths
VPN
PN
Total end-to-end nodes
to number < 10
Total end-to-end path
delay to be <150 ms
All Optical Fibre Net Almost
Impossible to Penetrate but
not entirely so!
All Gateways
Highly Secure
Facilities
All Precise Routings and
Gateway Locations are
not generally available
N
o
n
O
b
v
io
u
s
g
a
t
ew
a
y
g
h
o
s
t
in
g
/d
u
p
lic
a
t
io
n
P
lu
s
s
p
lit
fib
r
e
c
a
b
le
feed
s
c
a
n
b
e
u
s
ed
t
o
in
c
r
ea
s
e
s
ec
u
r
it
y
Ex
t
en
s
iv
e
u
s
e
o
f
en
c
r
y
p
t
io
n
12
8
/2
5
6
/
5
12
k
ey
s
p
lu
s
p
u
b
lic
k
ey
fo
r
c
o
n
t
r
o
l
a
n
d
s
ig
n
a
llin
g
68. COULD THIS HAPPEN
W o u l d i t i n a l l l i k e l i h o o d w o r k ?
The media just love this scenario…
but undersea cables are 1000s
of time less vulnerable than
satellites!
70. PRIMARY Security 3
Ra n d o m i s a t i o n o f b y t e s a n d ro u t i n g
Impossible to fully imitate
the complex randomness
in action…so this will
have to suffice !!
71. R I S K P R O F I L E
T h e b i a s f o l l o w s t h e p e o p l e
“ T h e b u l k o f t h e l o c a l l o o p /
l a s t m i l e i s e x p o s e d a n d
p h y s i c a l l y e a s y to access:
the equipment, copper,
fibre, and wireless
links are open
to attack”
W e n o w e x a m i n e
t h e l a s t m i l e
72. “ L e t m e e x p l a i n / t e l l y o u h o w , b u t
I a m n o t g o i n g t o d o c u m e n t i t ”
H e r e i s t h e h a r d w a r e 1 :
COPPER & FIBRE ACCESS
H o w t o p h y s i c a l l y b r e a k i n t o t h e n e t
73. “ L e t m e e x p l a i n / t e l l y o u h o w , b u t
I a m n o t g o i n g t o d o c u m e n t i t ”
H e r e i s t h e h a r d w a r e 1 :
COPPER & FIBRE ACCESS
H o w t o p h y s i c a l l y b r e a k i n t o t h e n e t
1
23
4
5
6
7
8
74. COPPER & FIBRE ACCESS
H o w t o p h y s i c a l l y b r e a k i n t o t h e n e t
“ L e t m e e x p l a i n / t e l l y o u h o w , b u t
I a m n o t g o i n g t o d o c u m e n t i t ”
H e r e i s t h e h a r d w a r e
1 2
75. COPPER & FIBRE ACCESS
H o w t o p h y s i c a l l y b r e a k i n t o t h e n e t
“ L e t m e e x p l a i n / t e l l y o u h o w , b u t
I a m n o t g o i n g t o d o c u m e n t i t ”
H e r e i s t h e h a r d w a r e
76. COPPER & FIBRE ACCESS
H o w t o p h y s i c a l l y b r e a k i n t o t h e n e t
“ L e t m e e x p l a i n / t e l l y o u h o w , b u t
I a m n o t g o i n g t o d o c u m e n t i t ”
H e r e i s t h e h a r d w a r e
3
4
3 5
5 5 5
5
77. COPPER & FIBRE ACCESS
H o w t o p h y s i c a l l y b r e a k i n t o t h e n e t
“ L e t m e e x p l a i n / t e l l y o u h o w , b u t
I a m n o t g o i n g t o d o c u m e n t i t ”
H e r e i s t h e h a r d w a r e
6
78. COPPER & FIBRE ACCESS
H o w t o p h y s i c a l l y b r e a k i n t o t h e n e t
H e r e i s t h e h a r d w a r e 2 :
7
79. Why would anyone do this for a few ££
an hour, or is there hidden value add
that we are not seeing?
Stealing all that personal data is often the
bigger prize!
MUCH EASIER
W i t h a h i g h R O I
Gangs generally hired in and exploited
by big crime! Sold on or delivered to
far more capable exploiters…
80. UP THE VALUE
100s of hack tutorials on-line
A naked mobile device is one price
A live mobile device with all the log-in
and personal data accessible is a much
better deal !
81. PASSWORD & PACKET SNIFFERS
A v i t a l b r e a k i n t o o l a v a i l a b l e o n t h e D a r k N e t
F r e e o r a v a i l a b l e t o p u r c h a s e
T i m e t o c r a c k a p a s s w o r d = M i n u t e s - H o u r s
E m u l a t i n g h a r d w a r e c a n c o s t k i t + s o f t w a r e a n d i s h a r d !
Password Sniffer: An App that scans and records passwords on a computer or network
interface.
It inspects all incoming and outgoing network traffic and records any instance of a data packet
that contains a password.
Over a period of time it can build up a complete ID, MAC Address, Password et al record
82. STUDENT WARNING
I d o n o t re c o m m e n d e n t e r i n g t h i s d o m a i n , BU T i t i s t h e o n l y
re a l wa y o f a p p re c i a t i n g t h e f u l l p o t e n t i a l - S O i f yo u d o
d e c i d e t o h a ve l o o k , t h e n :
1) Use an old machine/fake ID in a coffee shop
2) Have your camera, mic, tracking turned off
3) Make sure all location service options are off
4) Employ security (Norton et al) throughout
5) Only have a single app (TOR) installed
6) DO NOT complete any transactions
7) Reveal no personal info whatsoever
8) Factory reset machine when done
9) Security scan machine on boot
RECOMMENDATION: Enter, take a look, get a taste, get out
83. TORching infrastructure
5 G c o o k s y o u b r a i n , e y e s , & t r a n s m i t s C V - 1 9
I n t h e U K > 1 0 0 t o w e r s a n d e q u i p m e n t s t o r c h , b u t m a i n l y
3 / 4 G p u t t i n g l i v e s a t r i s k / d i s a b l i n g e m e r g e n c y s e r v i c e s
84. TORching infrastructure
5 G c o o k s y o u b r a i n , e y e s , & t r a n s m i t s C V - 1 9
I n t h e U K > 1 0 0 t o w e r s a n d e q u i p m e n t s t o r c h , b u t m a i n l y
3 / 4 G p u t t i n g l i v e s a t r i s k / d i s a b l i n g e m e r g e n c y s e r v i c e s
This is the pow
er of
ignorance w
rit large
belief paranoia
and
a
lack
of any basic
education
3 4 5G save lives day
on
day and these
fools do not know
that they are killing
people
87. L e ss o n s
F r o m
H i s to r y
F e n c e
F e n c e + M o u n d
W a l l + M o u n d
W a l l + M o u n d + D i t c h
W a l l + M o u n d + M o a t
W a l l ( s ) + M o u n d + K e e p + M o a t
+ + +
+ + +
W a l l ( s ) + M o u n d + K e e p + M o a t
+ H i d d e n D i t c h + O b s t a c l e s
+ + +
+ + +
C a s t l e i n a C a s t l e !
88. S lo w e vo l u t i o n
T h e e n e m y i s m o b i l e & a g i l e
E x p o n e n t i a l l y m o r e e x p e n s i v e a n d l o n g e r b u i l d t i m e s
E f f e c t i v e n e s s o n a s h o r t e r a n d s h o r t e r f u s e !
89. S lo w e vo l u t i o n
T h e e n e m y i s m o b i l e & a g i l e
I r o n A g e
N a p o l e o n
E x p o n e n t i a l l y m o r e e x p e n s i v e a n d l o n g e r b u i l d t i m e s
E f f e c t i v e n e s s o n a s h o r t e r a n d s h o r t e r f u s e !
Does this not look
like
the recent history
of
cyber
defence w
ith
layer
on
layer
of
fixed/static
defences
And
w
e are still
building
them
in
the
form
of bunkers at
even
vaster
expense
90. And after > 2000 years
of evolution, what
comes next?
WA L L S D O N ’ T W O R K
B u t w e k e e p b u i l d i n g t h e m !
And
w
e are still
building
them
and
they
are still
ineffective and
very
expensive
91. W H At D I D W E L E A R N !
C o n c e n t r i c d e f e n c e l a y e r s w o r k ( i s h ) ?
N o t s o i f t h e y a r e :
F i x e d
U n c h a n g i n g
U n r e s p o n s i v e
S l o w t o e v o l v e
L a c k i n t e l l i g e n c e
P o o r l y m a i n t a i n e d
O p e r a t e i n i s o l a t i o n
N o t w h o l l y i n t e g r a t e d
N o t f u l l y a n t i c i p a t o r y
H u b
L A N
S w i t c h
C P E
H u b
L A N
S w i t c h
C P E
I S P
C L O U D ( s )
S e c u r i t y a t
e v e r y l a y e r
h a s t o b e
d y n a m i c &
a d a p t a b l e
92. Assessment
S e c t o r R e a l i t y 2 0 2 0
Attacks escalating
Our exposure is growing
Attackers are winning the war
Attacker get richer by the year
Our defences are not 100% effective
We need to collaborate and share all
We are largely disorganised and underinvesting
People remain our single biggest attack risk
All our security tools are reactive & mostly outdated
Best market model appears to be the airline industry
93. Assessment
S e c t o r R e a l i t y 2 0 2 0
Attacks escalating
Our exposure is growing
Attackers are winning the war
Attacker get richer by the year
Our defences are not 100% effective
We need to collaborate and share all
We are largely disorganised and underinvesting
People remain our single biggest attack risk
All our security tools are reactive & mostly outdated
Best market model appears to be the airline industry
We present an easy
and very attractive
Opportunity for cyber
hackers and/or
criminals
94. Collaboration
A i r l i n e s m o d e l 2 0 2 0
Safety record is all
Embraces entire industry
Every accident is investigated
All incident reports are open & shared
Safety communication is pilot/operator centric
Industries, manufacturers, governments all committed
Well organised and structured with a high level of accountability
Passenger and crew safety is the single biggest concern and success metric
95. Collaboration
A i r l i n e s m o d e l 2 0 2 0
Safety record is all
Embraces entire industry
Every accident is investigated
All incident reports are open & shared
Safety communication is pilot/operator centric
Industries, manufacturers, governments all committed
Well organised and structured with a high level of accountability
Passenger and crew safety is the single biggest concern and success metric
96. Collaboration
A i r l i n e s m o d e l 2 0 2 0
Safety record is all
Embraces entire industry
Every accident is investigated
All incident reports are open & shared
Safety communication is pilot/operator centric
Industries, manufacturers, governments all committed
Well organised and structured with a high level of accountability
Passenger and crew safety is the single biggest concern and success metric
Flying is generally
the safest mode
transport globally
as a result of this
model
Cyber security is in
need of something
very similar if it is
ever to migrate out
of The victim mode
97. • No transgressions
• Work up to the limit
• Keep within the spirit & word
• Our responsibility to keep up to date
• Seek legal advice on latitude
• Special dispensations may be possible
• National security/intelligence may help
• In general the Buck ends with you !
C o n s t r a i n t s
O u r f r e e d o m s a r e l i m i t e d
Legal system
Codes of practice
Ethical principles
Moral responsibilities
99. The eNemy Innovates fast
T h i n g s l i k e t h i s p o p u p a l m o s t w e e k l y !
100. A t t a c k T y p e s
W i t h a g r o w i n g s p e c i e s c a t a l o g u e
R e a l T i m e
D e l a y e d
O p e n &
O b v i o u s
I n v i s i b l e
S t e a l t h
R e a d i l y o r
E v e n t u a l l y
I d e n t i f i a b l e
D i f f i c u l t o r
I m p o s s i b l e
t o I d e n t i f y
Disguised
H i d d e n
M a y o r m a y
not (ever) be
d i s c o v e r e d
101. A t t a c k T y p e s
W i t h a g r o w i n g s p e c i e s c a t a l o g u e
R e a l T i m e
D e l a y e d
O p e n &
O b v i o u s
I n v i s i b l e
S t e a l t h
R e a d i l y o r
E v e n t u a l l y
I d e n t i f i a b l e
D i f f i c u l t o r
I m p o s s i b l e
t o I d e n t i f y
Disguised
H i d d e n
M a y o r m a y
not (ever) be
d i s c o v e r e d
Sophisticated
criminal group
technology
Rogue/nation
state espionage
OR WEAPONISED
Rogue/nation
state espionage
OR WEAPONISED
Hacker/groups
conventional
techniques
102. D e f e n c e e s s e n c e
S p e e d o f d e t e c t i o n , r e s p o n s e & a d a p t a t i o n
1) Our own passivity is the biggest danger
2) The attacker agility and innovation our biggest challenge
3) Attackers have the first mover advantage & get to choose everything
4) Human defenders cannot be vigilant and prepared 24 x 365 year-on-year
5) Situational awareness is key & rooted in Data/Information gathering/analysis
6) Machines, AI, Machine Learning are key to solving (4 & 5) and giving us the edge
7) The application of anticipatory techniques is still in its infancy and needs investment!
8) Disparate companies, groups and government almost all the components we need
9) It is essential that these resources (8) are brought to bear and integrated with (5 -7)
8) We might just win this war, but not without changing the way we think and operate!
103. M I N D S E T S
A d i f f e re n t p e r s p e c t i ve
https://
www.y
outube.
com/
watch?
v=X7rh
ovBK_e
A
Audio Book
https://www.youtube.com/watch?v=X7rhovBK_eA
Written 5th C BC
Most important points:
Information matters and an educated guess is
better than a gut decision
Generals should be adept at the "military calculus"
of accounting for anything and everything that
could affect the outcome of a battle
104. M I N D S E T S
P r o v o c a t i v e s t i m u l a t i o n
More Quotes by famous generals and philosophers
https://bit.ly/2VVJ6Hm
More Quotes by Sun Tzu
https://bit.ly/2VVJ6Hm
BEST Quotes by Sun Tzu
https://bookroo.com/quotes/the-art-of-war
“The supreme art of war is to subdue the enemy
without fighting”
“To know your enemy you must become your
enemy”
105. 1) There is always a threat
2) It is always in a direction you’re not looking
3) Perceived risk/threat never equals reality
4) Nothing is ever 100% secure
5) People are always the primary risk
6) Resources are deployed inversely proportional to actual risk
7) You need two security groups - defenders and attackers
8) Security & operational requirements are mutually exclusive
9) Legislation is always > X years behind
Security Laws
I m m u t a b l e S i n c e 1 9 9 0
106. Security Laws
I m m u t a b l e S i n c e 1 9 9 0
10) Security standards are an oxymoron
11) Security people are never their own customer
12) Cracking systems is far more fun than defending them
13) Hackers are smarter than you - they are younger!
14) Hackers are not the biggest threat - governments are!
15) As life becomes faster it becomes less secure
16) Connectivity and data half lives are getting shorter too
17) We are most at risk during a time of transition
18) The weakest link generally defines the outcome
107. p a r A D O X 1
Wa r G a m e s a n d D e f e n c e
“The military play all day and occasionally go to war”
“We are ay war every day and never play”
108. pA r A D O X 2
N o re t a l i a t o r y d e f e n c e
BY
and
large
w
e
know
w
ho
the
attackers
are
and
w
here
they
reside
but
opt
to
do
nothing
the
enem
y
have
sim
ply
adopted
our
technologies
and
used
them
as
w
eapons
against
us
109. T o S u r v i v e
We n e e d t o b e c o m e u n i t e d
“Failure the greatest teacher is”
110. T o S u r v i v e
We n e e d t o b e c o m e u n i t e d
Well Funded R&D
Global Sharing Culture
Tools, Tech & Info Sharing
Proactive Defence Strategies
Skills & Expertise Cooperation
Fast to Respond to/Report Threats
Cooperative Creativity
Engage in Workable Legislation
Help Formulate Law Frameworks
Virtualised Every Aspect of Cyber Defence
Formulate a Rapid Attack/Punitive Responses
“The Art of War
read you must”
111. C Y B E R C R I M E
A b r i d g e d h i s t o r y a n d c o s t
Banking Malware
Crypto-Currency Attacks
Bitcoin Wallet Stealer
Device & Account Hijacking
RansomeWare
EPoS Attack
Fake News
Propaganda
Social Engineering
DoS, DDoS
Infected eMail
RansomeWare
Identity Theft
DNS Attack
BotNets
Site Sabotage
SQL Attack
Spam
Identity Theft
Phishing
Trojan
Worms
Virus
1997
2004
2007
Estimated
>>1000 Bn
Attacks
Total
> $5000 Bn
Cost of
global
cyber
crime
Today
2013
Almost all attacks/attack-types can be traced back to
the exploiting of individuals who have volunteered
vital info by falling victim to scams, spams/trickery,
bribery, corruption, blackmail, honeypots…
Social engineering is one of the most powerful tools to be
widely exploited by the ‘Dark Side’ - and the approach
can span to dumb and very obvious to the highly
sophisticated and hard to detect
112. C Y B E R C R I M E
A b r i d g e d h i s t o r y a n d c o s t
Banking Malware
Crypto-Currency Attacks
Bitcoin Wallet Stealer
Device & Account Hijacking
RansomeWare
EPoS Attack
Fake News
Propaganda
Social Engineering
DoS, DDoS
Infected eMail
RansomeWare
Identity Theft
DNS Attack
BotNets
Site Sabotage
SQL Attack
Spam
Identity Theft
Phishing
Trojan
Worms
Virus
1997
2004
2007
Estimated
>>1000 Bn
Attacks
Total
> $5000 Bn
Cost of
global
cyber
crime
Today
2013
Almost all attacks/attack-types can be traced back to
the exploiting of individuals who have volunteered
vital info by falling victim to scams, spams/trickery,
bribery, corruption, blackmail, honeypots…
Social engineering is one of the most powerful tools to be
widely exploited by the ‘Dark Side’ - and the approach
can span to dumb and very obvious to the highly
sophisticated and hard to detect
W
a
tch
som
e
crim
e
hEist
spy
m
ov
ies
rea
d
detectiv
e
n
ov
els
k
eep
up
w
ith
security
dev
elopm
en
ts
To
get
a
grip
on
deception
rea
d
on
m
a
gic
a
n
d
m
a
gicia
n
s
w
a
tch
som
e
rela
ted
m
ov
ies
113. S e g u e : S t u x n e t
S o p h i s t i c a t e d I n t e l l i g e n t M a l w a r e
Ta r g e t e d S p e c i f i c I n d u s t r i a l C o n t r o l l e r
O n l y i n t e r e s t e d i n M S O S
H u n t e r K i l l e r S p e c i e s
2 0 1 0
A t t a c k
N e v e r
A t t r i b u t e d
C I A - M o s s a d
P r i m a r y S u s p e c t s
G e n e r a l S p e c i e s
f o r S a l e o n D a r k W e b
114. c y b e r a t t a c k
P r i m a r y M o t i v a t i o n s J a n 2 0 1 9
https://www.helpnetsecurity.com/2017/01/11/ransom-motivation-behind-cyber-attacks/
Prime Motivation
Making $$$$
Prime Motivation
Trade Secrets
Military
Security
Prime Motivation
Political, Commercial
and Social Change
Prime Motivation
Domination and
TakeOver
116. M y F o r e c a s t
T h e n u m b e r O n e f o r 2 0 2 0
A target rich opportunity:
• A wealthy technophobic organisation and customers
• Processes, protocols and methodologies well known
• Millions of people involved with dispersed offices
• Multiple points of access PSTN, VOIP, Network+
• Staff trained to help customers BIG and small
++++
• Many possible attack modes: Phishing, Whaling,
Malware, Man-in-the-Middle, Insider, Contractor,
bribery, corruption, coercion
117. C Y B E R At ta c k e r s
R a p i d l y c h a n g i n g p r o f i l e s / p u r p o s e s
Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Substantial Networks
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Orchestrated Effort
Extremely Profitable
Syndicated Resources
Massive Attack Surface
Vast up-to-date Abilities
Covert
Money
WarFare
Influence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Orchestrated Effort
Political Influencers
~Unlimited Resources
Tech/Thought Leaders
Regime Destabilisation
Population Manipulation
Military and Civil Domains
Almost all attacks/attack-types can be
traced back to human fallibility and
ambition exploitation
118. C Y B E R At ta c k e r s
R a p i d l y c h a n g i n g p r o f i l e s / p u r p o s e s
Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Substantial Networks
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Orchestrated Effort
Extremely Profitable
Syndicated Resources
Massive Attack Surface
Vast up-to-date Abilities
Covert
Money
WarFare
Influence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Orchestrated Effort
Political Influencers
~Unlimited Resources
Tech/Thought Leaders
Regime Destabilisation
Population Manipulation
Military and Civil Domains
Almost all attacks/attack-types can be
traced back to human fallibility and
ambition exploitation
Short
Game
Low
Gain
Medium
Game
Medium
Gain
Long
Game
Massive
Gain
Sophistication
Investment
Complexity
ROI
119. S tat u s Q u o
C y b e r C r i m e E c o n o m y
E A S Y E N T R Y 1
M o s t l y v e r y p o o r p r o t e c t i o n
B e h i n d t h e
F i r e W a l l
i n o n e
s m a l l
s t e p
N o P a s s w o rd s
E a s y P a s s w o r d s
F a c t o r y D e f a u l t
120. E A S Y E N T R Y 2
M o s t l y v e r y p o o r p r o t e c t i o n
121. E A S Y M o n e y
L o w c o s t h u m a n / ro b o t a t t a c k s
122. P h i s h i n g
E x p o n e n t i a l G r o w t h
Criminals are in a race against security teams
looking to shut them down
Security teams report phishing URLs
regularly, but some criminals use web hosts/
domains that ignore reports
Most kits have a short life, and the phishing
window is growing smaller
H i g h l y s u c c e s s f u l / p r o f i t a b l e ;
a n d v e r y e a s y t o a u t o m a t e f o r
T X T a n d s p e e c h
123. P h i s h i n g
E x p o n e n t i a l G r o w t h
o f S p e c i e s s e e s a ra p i d
S h o r t e n i n g L i f e t i m e s
Days to Deactivation
Cumulative%ofKitsDeactivated
25%
50%
75%
100% Cumulative % of kits deactivated
0 40 80 120 160 200
124. P h i s h i n g
E x p o n e n t i a l I n n o v a t i o n
Akamai
126. D E F E N CE I N D U S T R Y
W h e n a c u s t o m e r b e c o m e s a n e n e m y
Kill Switch
Disable Signal
Destruct Command
Assume Control Portal
Information/Data Gathering
127. O F F T H E R EC O R D
A l m o s t n o t h i n g i s a s i t a p p e a r s
128. m a l w a r e
A ‘c o m m e rc i a l ’ s a m p l e
Cerber – Malicious email file affecting system OS - steals user’s info to extort money
RaaS – (Ransomware-as-a-Service) Hackers make money by selling/using this product
Emotet – Originally a banking Trojan, but evolved as a full-scale Bot threat.
Botnets – Used for DDOS attacks, SPAM distribution, data stealing, self organising
Crypto-mining Malware – Distributed computing for cryptojacking - using your FLOPs
129. D D o S T y p e s
T h e m a i n a t t a c k c h a ra c t e r i s t i c s
Volumetric: Consumes network, service, link bandwidth to create congestion/paralysis
TCP State Exhaustion: Kills core routers, firewalls & application servers - services unusable
Application Layer: Target websites, databases & app services. Perhaps the most sophisticated
/stealthy - very difficult to detect using common flow-based monitoring
https://www.scss.tcd.ie/publications/theses/diss/2018/TCD-SCSS-DISSERTATION-2018-046.pdf
130. DDoS Deception
I s t h i s t h e m a i n a c t - o r n o t ?
Not So Obvious: Distraction to
conceal more sinister activities?
132. W H AT W E D E T E C T
P o s s i b l y j u s t t h e t i p o f a n i c e b e r g !
We need to start looking below the surface
of obviousness for the hidden sophistication
of the many stealth attacks that we suspect
are happening that we cannot see!
Ransomeware
Phishing
Crypto-WalletDoD/DDoS
SQLi // XSS
Man-in-The Middle
URL Spoofing
Cloaking
Malware
Covert Plant
Visitors
Insiders
Outsiders
Alongsiders
Customers
Contractors
WiFi
Tunnels
Implants
Malware
Networks
Diversions
Brute Force
Decoys
133. V i ta l M e a s u r e r s
M i n i m a l t o M a x i m a l S e c u r i t y
P h y s i c a l S e c u r i t y
S t r o n g P a s s w o r d s
F i r e W a l l , P N , V P N
M a l w a r e P r o t e c t i o n
S t r o n g E n c r y p t i o n
G e n e r a P u b l i c K e y
A u t h e n t i c a t i o n
C e r t i f i c a t i o n
( N F a c t o r, M P a t h )
P e n e t r a t i o n D e t e c t i o n
a t K e y I n t e r f a c e P o i n t s
B e h a v i o u r a l A n a l y s i s o f
N e t , M a c h i n e s , P e o p l e
M o n i t o r f o r a l l P r e - C u r s o r
E v e n t I n d i c a t o r s
C r e a t e / J o i n I n f o r m a t i o n
S h a r i n g N e t w o r k s a c r o s s
t h e i n d u s t r y
134. P h y s i c a l M e a s u r e r s
M i n i m a l t o M a x i m a l S e c u r i t y
S e c u r e E n t r y S i t e & B u i l d i n g
D u p l i c a t e d /
T r i p l i c a t e d
P o w e r / F i b r e
B r e a k F r e e
P o w e r w i t h
B a t t e r i e s
G e n e r a t o r s
2 / 3 U t i l i t i e s
S u p p l y S i t e
5 0 k m f r o m
a n y A i r p o r t
135. V i ta l M e a s u r e r s
T h e m i n i m a l s e c u r i t y p r o t e c t i o n
failures
C o m m o n M o d e
O n e r o a d i n
a n d o u t i s n o t
a g o o d i d e a !
136. F o c u s e d
M e a s u r e r s
T e c h n i c a l S e c u r i t y
137. F o c u s e d
M e a s u r e r s
T e c h n i c a l S e c u r i t y
A i r L o c k
S t r i p D o w n
A u t h o r i s e d
E n t r y O n l y
G e n e r a l
A c c e s s
O p e n
L i m i t e d
A c c e s s
Z o n e d
T i m e d
C a m e r a s
H e a t S e n s o r s
M o t i o n S e n s o r s
L o c a t i o n P r o x i m i t y S e n s o r s
I n v i s i b l e X - X L a s e r B e a m s
138. S e g u e
S t a g e L e f t
O f f T h e R e c o r d P l a y T i m e
I d o n o t r e c o m m e n d y o u t r y a n y
o f t h i s - i t i s a l l a p a r t o f m y
p e r s o n a l m i s s i o n t o m a k e t h e
w o r l d a s a f e r p l a c e
139. Hobbies !
W e i r d / C r a z y ?
- A i r l i n e s e c u r i t y
- P u b l i c t a r g e t s
- B r e a k i n g i n
- S o c i a l d a t a
+ + + +
140. Tunnel Vision
T h e a t t a c k e r s f r i e n d
“ E n d r u n n i n g s y s t e m s
i s d e f i n i t e l y o n e o f
m y f a v o u r i t e s ”
142. C a r e l e s s
L o n d o n i s a s a f e c i t y !
I was working in London
and stopped for a coffee
break in Soho…
Soho
143. C a r e l e s s
L o n d o n i s a s a f e c i t y !
I was working in London
and stopped for a coffee
break in Soho…
Soho
A smart young man walked
in and I spotted his badge !
He sat right in front of me and this is what my
mobile phone could see as he booted up !
Coffee Shop Protocol
• Sit as far back from the door as possible ;
ideally with no one to the rear or the sides
• Check for overhead cameras
• Do not wear identifying insignia of any kind
• Do not boot up to an identifying company,
country, government, agency badge
• Check and be aware N, E, S, W
144. LOUD & RUDE
There is always a price to pay !
The group next to my colleague
had just chanced upon the perfect
name for their new company.
So he bought the domain name and
all the variants before they had
completed their meeting!
145. O p P o r t u n i s t
Unintended revelations & consequences
TRUTH ENGINES
An End Game Company
Dr Peter Cochrane
EU Concept Consultant
DAY 1: Pass Card for an undefined meeting
146. O p P o r t u n i s t
Unintended revelations & consequences
TRUTH ENGINES
An End Game Company
Dr Peter Cochrane
EU Concept Consultant
DAY 1: Pass Card for an undefined meeting
TRUTH ENGINES
An End Game Company
Peter Cochrane
Internal Affairs Advisor
DAY 2: Pass Card as a member of staff
147. O p P o r t u n i s t
Unintended revelations & consequences
TRUTH ENGINES
An End Game Company
Dr Peter Cochrane
EU Concept Consultant
DAY 1: Pass Card for an undefined meeting
TRUTH ENGINES
An End Game Company
Peter Cochrane
Internal Affairs Advisor
DAY 2: Pass Card as a member of staff
I Was Invited to Test a
Companies Revised Security
My way in was to simply massage my security
pass from visitor to employee
I then played the role of an old boy not really
up to the modern world of IT and so many
wonderfully kind people came forward to help
me access networks, rooms and facilities
My secret? Wear a suite and a tie & look very
respectable…everyone knows that hackers
wear hoodies!
148. G O T O
R e s o u r c e s 4 U
petercochrane.com
Broadcom/Symantic Crowdstrike
Cisco, IBM
Akamai Varonis
Gartner, Aon, UKGov DDCMS. MimeCast
BitSight,TrendMicro, FCA Juniper, RAND, Kaspersky
149. Things that Think want to Link
and
Things that Link want to Think
F I N - Q & A ?
www.petercochrane.com