The document traces the evolution of computer viruses and malware from early creations like Creeper in 1971 to advanced modern threats like Stuxnet. It discusses key events and developments along the way like the first computer crime arrest in 1981, the rise of malware in the 1990s with viruses like Melissa and Concept, and advanced targeted attacks using Stuxnet in the 2000s. The long-term trend is towards more sophisticated, targeted, and potentially destructive cyber threats over time.
The document provides a historical overview of cyber attacks and malware from early computer viruses like Creeper in 1971 to more advanced threats today like Stuxnet. It discusses the evolution of hacking activities and groups, from early phreakers to organized cybercrime syndicates. Over time, attacks have grown more sophisticated, widespread and potentially destructive, as seen with Stuxnet which targeted industrial systems. Ongoing challenges include the growing number of unknown and low prevalence malware that evade detection as well as sophisticated targeted attacks by nation states.
The document describes the format and rounds for a quiz finals competition between 6 teams. There will be 6 rounds including a written disambiguation round, and rounds focused on infinite bouncing, written questions, pouncing on a Google or animal crackers doodle. Each round has a different objective or theme.
This document discusses contact center trends and cloud contact centers. It summarizes that cloud contact centers can provide benefits like decreased capital expenses, lower total cost of ownership, and improved business agility. However, cloud contact centers also present concerns regarding security, performance, and resilience. The document then discusses specific security and performance issues for cloud contact centers and recommendations around vendor selection, voice quality, and security policies. It also summarizes insights from a customer roundtable on unified communications and the evolution of omnichannel strategies.
This document discusses insights from a 2009 printing projects roundtable. It notes that main motivations for printing projects were cost savings, improved user service, and protecting the environment. An example project saw a 44% decline in paper procurement and sharp decline in operating expenses. Printing management systems discussed include YSOFT, SENTINEL and SAFECOM. Employee education throughout a project and informing them about print monitoring were also discussed.
This document discusses trends in contact centers and cloud computing. It notes the business benefits of cloud computing like improved agility and lower costs. However, it also discusses concerns about cloud contact centers related to security, performance, and resilience. Specifically, it outlines various security threats like denial of service attacks, data theft, and voice biometric attacks that cloud contact centers face. The document advocates for selecting vendors based on performance, resilience, capabilities, and other factors. It provides insights from customer roundtables on topics like the evolution of communication channels and maintaining unified communications infrastructure.
This document describes a game called Clockwise-Pounce that involves answering 6 multiple choice questions, with points awarded for correct answers and a penalty for incorrect answers given on a "pounce" round. Players take turns moving clockwise and answering questions to earn the most points.
The document discusses how the CIO can help deliver value through embracing new technologies and processes related to agile development, mobile, cloud, big data, and security. It provides examples of how IT is changing to focus on systems of engagement that are personalized, social, and analytics-driven. The document advocates involving information security early in the development process through representative in development teams and establishing security budgets at the start of projects to help improve organizational processes and security.
The document provides a historical overview of cyber attacks and malware from early computer viruses like Creeper in 1971 to more advanced threats today like Stuxnet. It discusses the evolution of hacking activities and groups, from early phreakers to organized cybercrime syndicates. Over time, attacks have grown more sophisticated, widespread and potentially destructive, as seen with Stuxnet which targeted industrial systems. Ongoing challenges include the growing number of unknown and low prevalence malware that evade detection as well as sophisticated targeted attacks by nation states.
The document describes the format and rounds for a quiz finals competition between 6 teams. There will be 6 rounds including a written disambiguation round, and rounds focused on infinite bouncing, written questions, pouncing on a Google or animal crackers doodle. Each round has a different objective or theme.
This document discusses contact center trends and cloud contact centers. It summarizes that cloud contact centers can provide benefits like decreased capital expenses, lower total cost of ownership, and improved business agility. However, cloud contact centers also present concerns regarding security, performance, and resilience. The document then discusses specific security and performance issues for cloud contact centers and recommendations around vendor selection, voice quality, and security policies. It also summarizes insights from a customer roundtable on unified communications and the evolution of omnichannel strategies.
This document discusses insights from a 2009 printing projects roundtable. It notes that main motivations for printing projects were cost savings, improved user service, and protecting the environment. An example project saw a 44% decline in paper procurement and sharp decline in operating expenses. Printing management systems discussed include YSOFT, SENTINEL and SAFECOM. Employee education throughout a project and informing them about print monitoring were also discussed.
This document discusses trends in contact centers and cloud computing. It notes the business benefits of cloud computing like improved agility and lower costs. However, it also discusses concerns about cloud contact centers related to security, performance, and resilience. Specifically, it outlines various security threats like denial of service attacks, data theft, and voice biometric attacks that cloud contact centers face. The document advocates for selecting vendors based on performance, resilience, capabilities, and other factors. It provides insights from customer roundtables on topics like the evolution of communication channels and maintaining unified communications infrastructure.
This document describes a game called Clockwise-Pounce that involves answering 6 multiple choice questions, with points awarded for correct answers and a penalty for incorrect answers given on a "pounce" round. Players take turns moving clockwise and answering questions to earn the most points.
The document discusses how the CIO can help deliver value through embracing new technologies and processes related to agile development, mobile, cloud, big data, and security. It provides examples of how IT is changing to focus on systems of engagement that are personalized, social, and analytics-driven. The document advocates involving information security early in the development process through representative in development teams and establishing security budgets at the start of projects to help improve organizational processes and security.
1) Aghorenath Chattopadhay was the first Indian to obtain a D.Sc. degree from a foreign university and knew many languages.
2) Virendranath Chattopadhyay was the character Chandralal portrayed in a short story by Somerset Maugham.
3) Harindranath Chattopadhyay was the first to represent the Vijayawada constituency in the Lok Sabha in 1951 with support from the Communist Party of India.
Apart from inventing the radio, in 1896 Nikola Tesla also wrote Niruddesher Kahini, the first major work in Bengali science fiction. He supposedly was the first science fiction writer in the Bengali language.
Sigal Russin is a VP and senior analyst at Sigal's World who focuses on issues related to information security, communications, endpoints, and environmental technologies. She previously worked in infrastructure positions and holds a BA in information systems. Sigal provides analysis and leads round tables on topics such as zero day attacks, networking technologies, identity and access management, and data leak prevention. She receives the most inquiries about applications, infrastructure, security, and IT organization issues.
The document discusses various topics related to IT, including data centers, networking, unified communications, and software-defined networking. It presents concepts through slides with text, diagrams, and references to external sources. The slides discuss modular data centers, the differences between traditional and software-defined networks, how unified communications can combine voice, data and video to increase productivity and flexibility, and some of the challenges organizations face when adopting new technologies.
This document discusses secure development practices and common security issues. It covers secure coding principles like input validation, preventing buffer overflows, and limiting exposed data. It also discusses common myths and assumptions that can lead to insecure code, like believing security issues can be fixed after deployment or that compiled code cannot be interpreted. The document advocates integrating security throughout the development lifecycle, from initial planning through automated testing and penetration testing before deployment. It recommends training developers on secure coding best practices and having dedicated security testing of code.
The document contains a K-Circle quiz with 25 multiple choice or fill-in-the-blank questions related to topics in history, mythology, language, and current events. The quiz covers people, places, terms, and concepts from areas including Indian and Chinese culture, British history, Arabic and Latin etymology, and more. Participants are tasked with identifying figures, connecting ideas, and providing missing information referenced in the quiz questions.
The document provides clues and questions for a quiz. It includes definitions, descriptions and names that provide the answers to the quiz questions. Some of the key details summarized are:
- The document contains clues and questions for a monthly quiz by K-Circle with a long preamble thanking members.
- The questions cover topics like the Indian constitution, Islamic search engines, famous activists, astronomy, Hindu mythology, surnames, mathematics, festivals, and history.
- The answers to the quiz questions are spread throughout the document in italicized text following clues.
The document discusses various cybersecurity threats and solutions. It describes advanced persistent threats (APT) like APT1, which has conducted cyber espionage against over 140 organizations globally over many years. It also discusses threats like zero-day attacks, blackhole hacking-as-a-service exploits, and distributed denial-of-service attacks. The document recommends cybersecurity solutions like cyber intelligence, honeypots, network monitoring, and behavior analysis to help detect and prevent these sophisticated cyber attacks.
This document contains slides from a presentation by Sigal Russin on contact center infrastructure. It discusses cloud computing problems and status, the benefits of cloud computing like cost savings and flexibility. It also covers cloud contact center concerns regarding security, performance, and resilience. Specific security threats like denial of service attacks and ways to address them using session border controllers are described. The slides provide an overview of session border controller topology and functions. Vendor options for SBC-based solutions are listed and factors for vendor selection like performance, security, and hosting are outlined. Insights from a customer roundtable on unified communications are also summarized.
The document discusses identity and access management (IDM/IAM). It notes that with the explosion of digital identities from various sources, organizations face "identity chaos" with decentralized management of user data across multiple systems. Proper IDM aims to bring order to this situation through centralized identity administration, access control, provisioning and other core elements. The document outlines trends in IDM such as demands for stronger authentication and more mature identity infrastructures, as well as growing complexity in authorization and privacy regulations. It provides recommendations for organizations to take a gradual, standards-based approach to implementing successful IDM projects.
The document discusses trends in enterprise IT and end user services, including:
- The move to browser-based applications and thin clients delivered through the browser.
- The role of technologies like iBeacons, WebRTC, and wireless communication standards in improving the end user experience.
- Trends in call center software like increased integration, workforce management tools, and browser-based solutions.
- How Microsoft's changing licensing and products will impact migrations and end user delivery.
The presentation provides an overview of emerging technologies and strategies for IT departments to improve delivery of services to end users.
This document discusses technology risk management. It covers topics like IT governance, balancing investments between maintaining existing systems and innovating new capabilities, and the evolution of the CIO role. It also addresses risks related to new technologies, compliance with increasing regulations, and the importance of managing technology risks as businesses become more reliant on technology. Diagrams showcase frameworks for assessing risks and balancing IT portfolios. The document emphasizes that managing technology risks has become a business priority.
Sigal Russin is a VP and senior analyst at STKI who focuses on issues related to information security, communications, endpoints, and green IT technologies. She provides analysis on strategies for infrastructure, networking, security, information management, and printing. The document includes graphs and charts analyzing trends in inquiries received by STKI and the positioning of various technology vendors in the Israeli market for security and networking products.
This document discusses data leakage prevention (DLP) and outlines best practices for implementing a DLP project. It defines DLP, explains how DLP technology works to monitor data in motion, at rest, and in use. The document recommends a multi-step DLP project that includes analyzing business environments and threats, classifying sensitive data, mapping data storage and business processes, assessing leakage channels, and selecting DLP tools. It also stresses the importance of organizational culture and policies to complement technical solutions and prevent data leakage.
The document discusses unified communications and identity and access management. It covers topics such as the different "worlds" of IT, goals of engagement systems, challenges of delivering systems, and obstacles in implementing identity and access management. Specific technologies are also mentioned, such as unified communications, APIs, and solutions for managing identities. Copyright and attribution information is provided on each slide.
Sigal Russin presented on enterprise output management (EOM) at the 2013 STKI Summit. EOM is an approach to managing the full document output lifecycle from multiple applications and channels in a centralized way. It addresses the problems of separate designs and resources required for each output type. EOM provides content creation, capture, management, delivery, and preservation capabilities. Benefits include reduced costs through consolidated resources and platforms, as well as increased customization, personalization, and regulatory compliance. Insights from an output management roundtable found that the approach requires cross-unit collaboration beyond just IT. Some Israeli organizations are looking for holistic EOM solutions to simplify complex multi-platform management.
This document summarizes the key topics presented at the 2013 IT security summit. It discusses customers' main security issues in 2012 such as cyber attacks, BYOD, and cloud security. The presentation highlights social engineering as a major security threat in 2013 and discusses identity management and cloud storage services. Recommendations are provided around reviewing social engineering policies, securing BYOD, using collaboration tools, and focusing on identity and access management through training. Network visibility solutions are presented as important for security monitoring in virtualized environments.
The document provides various IT staffing ratios across different technology domains. Some key ratios include:
- The median number of PCs supported per IT staff member is 126, and the median number of employees supported per IT staff member is 152.
- For security personnel, the median percentage of total IT staff is 3.6%.
- The median number of active network ports per network staff member is 1000.
- For storage, the median amount of raw storage per staff member is 350TB, and the median usable storage is 128TB.
- The median number of Windows servers supported per systems staff member is 117 servers.
The ratios show the level of staffing required to support various
from any slide, graph or portion of
graph 15
The document discusses security and performance concerns for cloud contact centers. It identifies authentication, backup, encryption, availability, bandwidth, latency and resilience as key concerns. The document then discusses session border controllers as a means to address security issues like denial of service attacks, data theft, and voice spoofing. It provides information on how SBCs can safeguard privacy, improve interoperability, and ensure reliability. Finally, the benefits of SBCs for network usage, home agent deployment, call recording and compliance with E911 requirements are covered.
The document discusses changes in technology and IT operations. It notes that new approaches like continuous deployment, distributed architectures, and developer ownership of projects from design to monitoring are replacing older practices. Traditional data centers are also changing to cloud models with software as a service, NoSQL databases, and other differences. The traditional IT organization is shifting to a model where lines of business procure services directly and software development is separated from infrastructure. Finally, the document argues that the CIO's role must evolve to an internal strategic consultant that helps the business through digital innovation and managing business change.
The document discusses trends in infrastructure services and networking. It provides presentations and graphics on topics such as networking, security, collaboration, IPv6, wireless, data center networking, application delivery controllers, and unified communications. The graphics examine market positioning of vendors and key considerations and drivers for different technologies.
1) Aghorenath Chattopadhay was the first Indian to obtain a D.Sc. degree from a foreign university and knew many languages.
2) Virendranath Chattopadhyay was the character Chandralal portrayed in a short story by Somerset Maugham.
3) Harindranath Chattopadhyay was the first to represent the Vijayawada constituency in the Lok Sabha in 1951 with support from the Communist Party of India.
Apart from inventing the radio, in 1896 Nikola Tesla also wrote Niruddesher Kahini, the first major work in Bengali science fiction. He supposedly was the first science fiction writer in the Bengali language.
Sigal Russin is a VP and senior analyst at Sigal's World who focuses on issues related to information security, communications, endpoints, and environmental technologies. She previously worked in infrastructure positions and holds a BA in information systems. Sigal provides analysis and leads round tables on topics such as zero day attacks, networking technologies, identity and access management, and data leak prevention. She receives the most inquiries about applications, infrastructure, security, and IT organization issues.
The document discusses various topics related to IT, including data centers, networking, unified communications, and software-defined networking. It presents concepts through slides with text, diagrams, and references to external sources. The slides discuss modular data centers, the differences between traditional and software-defined networks, how unified communications can combine voice, data and video to increase productivity and flexibility, and some of the challenges organizations face when adopting new technologies.
This document discusses secure development practices and common security issues. It covers secure coding principles like input validation, preventing buffer overflows, and limiting exposed data. It also discusses common myths and assumptions that can lead to insecure code, like believing security issues can be fixed after deployment or that compiled code cannot be interpreted. The document advocates integrating security throughout the development lifecycle, from initial planning through automated testing and penetration testing before deployment. It recommends training developers on secure coding best practices and having dedicated security testing of code.
The document contains a K-Circle quiz with 25 multiple choice or fill-in-the-blank questions related to topics in history, mythology, language, and current events. The quiz covers people, places, terms, and concepts from areas including Indian and Chinese culture, British history, Arabic and Latin etymology, and more. Participants are tasked with identifying figures, connecting ideas, and providing missing information referenced in the quiz questions.
The document provides clues and questions for a quiz. It includes definitions, descriptions and names that provide the answers to the quiz questions. Some of the key details summarized are:
- The document contains clues and questions for a monthly quiz by K-Circle with a long preamble thanking members.
- The questions cover topics like the Indian constitution, Islamic search engines, famous activists, astronomy, Hindu mythology, surnames, mathematics, festivals, and history.
- The answers to the quiz questions are spread throughout the document in italicized text following clues.
The document discusses various cybersecurity threats and solutions. It describes advanced persistent threats (APT) like APT1, which has conducted cyber espionage against over 140 organizations globally over many years. It also discusses threats like zero-day attacks, blackhole hacking-as-a-service exploits, and distributed denial-of-service attacks. The document recommends cybersecurity solutions like cyber intelligence, honeypots, network monitoring, and behavior analysis to help detect and prevent these sophisticated cyber attacks.
This document contains slides from a presentation by Sigal Russin on contact center infrastructure. It discusses cloud computing problems and status, the benefits of cloud computing like cost savings and flexibility. It also covers cloud contact center concerns regarding security, performance, and resilience. Specific security threats like denial of service attacks and ways to address them using session border controllers are described. The slides provide an overview of session border controller topology and functions. Vendor options for SBC-based solutions are listed and factors for vendor selection like performance, security, and hosting are outlined. Insights from a customer roundtable on unified communications are also summarized.
The document discusses identity and access management (IDM/IAM). It notes that with the explosion of digital identities from various sources, organizations face "identity chaos" with decentralized management of user data across multiple systems. Proper IDM aims to bring order to this situation through centralized identity administration, access control, provisioning and other core elements. The document outlines trends in IDM such as demands for stronger authentication and more mature identity infrastructures, as well as growing complexity in authorization and privacy regulations. It provides recommendations for organizations to take a gradual, standards-based approach to implementing successful IDM projects.
The document discusses trends in enterprise IT and end user services, including:
- The move to browser-based applications and thin clients delivered through the browser.
- The role of technologies like iBeacons, WebRTC, and wireless communication standards in improving the end user experience.
- Trends in call center software like increased integration, workforce management tools, and browser-based solutions.
- How Microsoft's changing licensing and products will impact migrations and end user delivery.
The presentation provides an overview of emerging technologies and strategies for IT departments to improve delivery of services to end users.
This document discusses technology risk management. It covers topics like IT governance, balancing investments between maintaining existing systems and innovating new capabilities, and the evolution of the CIO role. It also addresses risks related to new technologies, compliance with increasing regulations, and the importance of managing technology risks as businesses become more reliant on technology. Diagrams showcase frameworks for assessing risks and balancing IT portfolios. The document emphasizes that managing technology risks has become a business priority.
Sigal Russin is a VP and senior analyst at STKI who focuses on issues related to information security, communications, endpoints, and green IT technologies. She provides analysis on strategies for infrastructure, networking, security, information management, and printing. The document includes graphs and charts analyzing trends in inquiries received by STKI and the positioning of various technology vendors in the Israeli market for security and networking products.
This document discusses data leakage prevention (DLP) and outlines best practices for implementing a DLP project. It defines DLP, explains how DLP technology works to monitor data in motion, at rest, and in use. The document recommends a multi-step DLP project that includes analyzing business environments and threats, classifying sensitive data, mapping data storage and business processes, assessing leakage channels, and selecting DLP tools. It also stresses the importance of organizational culture and policies to complement technical solutions and prevent data leakage.
The document discusses unified communications and identity and access management. It covers topics such as the different "worlds" of IT, goals of engagement systems, challenges of delivering systems, and obstacles in implementing identity and access management. Specific technologies are also mentioned, such as unified communications, APIs, and solutions for managing identities. Copyright and attribution information is provided on each slide.
Sigal Russin presented on enterprise output management (EOM) at the 2013 STKI Summit. EOM is an approach to managing the full document output lifecycle from multiple applications and channels in a centralized way. It addresses the problems of separate designs and resources required for each output type. EOM provides content creation, capture, management, delivery, and preservation capabilities. Benefits include reduced costs through consolidated resources and platforms, as well as increased customization, personalization, and regulatory compliance. Insights from an output management roundtable found that the approach requires cross-unit collaboration beyond just IT. Some Israeli organizations are looking for holistic EOM solutions to simplify complex multi-platform management.
This document summarizes the key topics presented at the 2013 IT security summit. It discusses customers' main security issues in 2012 such as cyber attacks, BYOD, and cloud security. The presentation highlights social engineering as a major security threat in 2013 and discusses identity management and cloud storage services. Recommendations are provided around reviewing social engineering policies, securing BYOD, using collaboration tools, and focusing on identity and access management through training. Network visibility solutions are presented as important for security monitoring in virtualized environments.
The document provides various IT staffing ratios across different technology domains. Some key ratios include:
- The median number of PCs supported per IT staff member is 126, and the median number of employees supported per IT staff member is 152.
- For security personnel, the median percentage of total IT staff is 3.6%.
- The median number of active network ports per network staff member is 1000.
- For storage, the median amount of raw storage per staff member is 350TB, and the median usable storage is 128TB.
- The median number of Windows servers supported per systems staff member is 117 servers.
The ratios show the level of staffing required to support various
from any slide, graph or portion of
graph 15
The document discusses security and performance concerns for cloud contact centers. It identifies authentication, backup, encryption, availability, bandwidth, latency and resilience as key concerns. The document then discusses session border controllers as a means to address security issues like denial of service attacks, data theft, and voice spoofing. It provides information on how SBCs can safeguard privacy, improve interoperability, and ensure reliability. Finally, the benefits of SBCs for network usage, home agent deployment, call recording and compliance with E911 requirements are covered.
The document discusses changes in technology and IT operations. It notes that new approaches like continuous deployment, distributed architectures, and developer ownership of projects from design to monitoring are replacing older practices. Traditional data centers are also changing to cloud models with software as a service, NoSQL databases, and other differences. The traditional IT organization is shifting to a model where lines of business procure services directly and software development is separated from infrastructure. Finally, the document argues that the CIO's role must evolve to an internal strategic consultant that helps the business through digital innovation and managing business change.
The document discusses trends in infrastructure services and networking. It provides presentations and graphics on topics such as networking, security, collaboration, IPv6, wireless, data center networking, application delivery controllers, and unified communications. The graphics examine market positioning of vendors and key considerations and drivers for different technologies.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
CAKE: Sharing Slices of Confidential Data on BlockchainClaudio Di Ciccio
Presented at the CAiSE 2024 Forum, Intelligent Information Systems, June 6th, Limassol, Cyprus.
Synopsis: Cooperative information systems typically involve various entities in a collaborative process within a distributed environment. Blockchain technology offers a mechanism for automating such processes, even when only partial trust exists among participants. The data stored on the blockchain is replicated across all nodes in the network, ensuring accessibility to all participants. While this aspect facilitates traceability, integrity, and persistence, it poses challenges for adopting public blockchains in enterprise settings due to confidentiality issues. In this paper, we present a software tool named Control Access via Key Encryption (CAKE), designed to ensure data confidentiality in scenarios involving public blockchains. After outlining its core components and functionalities, we showcase the application of CAKE in the context of a real-world cyber-security project within the logistics domain.
Paper: https://doi.org/10.1007/978-3-031-61000-4_16
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Things to Consider When Choosing a Website Developer for your Website | FODUUFODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Infrastructure Challenges in Scaling RAG with Custom AI models
From creeper to stuxnet
1. From Creeper
to Stuxnet
Tell me and I’ll forget Shahar Geiger Maor,
Show me and I may VP & Senior Analyst
remember
2. A Story With A Beginning And No End
2
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
3. The Beginning –Basic Terminology
Phreaking, Cracking and Hacking…
3
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
4. I’m A Creep(er)!
The very first viruses: Creeper and Wabbit
1971
1960 1970 1980 1990 2000 2010
4
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
5. Captain Zap
first person ever arrested for a computer crime
1981
1960 1970 1980 1990 2000 2010
5
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
6. Machine Of The Year
1982
1960 1970 1980 1990 2000 2010
6
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
7. War Games
1983
1960 1970 1980 1990 2000 2010
7
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
8. Introducing: MOD & LOD
1987
1960 1970 1980 1990 2000 2010
8
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
9. When Ideology meets Ego
1991
1960 1970 1980 1990 2000 2010
9
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
10. Professional conferences
1993
1960 1970 1980 1990 2000 2010
10
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
11. Celebrity
1995
1960 1970 1980 1990 2000 2010
11
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
12. The Rise of Malwares
The Concept Virus
1995
1960 1970 1980 1990 2000 2010
12
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
13. The Rise of Malwares
The Melissa and
Nimda Viruses
http://scforum.info/index.php?topic=2528.msg4935;topicseen
1999
1960 1970 1980 1990 2000 2010
13
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
14. The Rise of Malwares
The ILOVEYOU Worm
2000
1960 1970 1980 1990 2000 2010
14
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
15. The Rise of Malwares
Conficker
2008
1960 1970 1980 1990 2000 2010
15
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
16. The Increasingly Difficult Security Challenge
16000000
14000000 AV Signatures
12000000
10000000 100s of millions of viruses.
8000000 signature based scanning won’t keep up…
6000000
4000000
2000000
0
Jan-09
Jan-00
Jan-01
Jan-02
Jan-03
Jan-04
Jan-05
Jan-06
Jan-07
Jan-08
Jan-10
Jul-00
Jul-01
Jul-02
Jul-03
Jul-04
Jul-05
Jul-06
Jul-07
Jul-08
Jul-09
Source: Symantec
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
17. No Existing Protection Addresses the “Long Tail”
Today, both good and bad software obey a long-tail distribution.
Bad Files Unfortunately neither technique Good Files
works well for the tens of millions of
files with low prevalence.
Prevalence
(But this is precisely where the
majority of today’s malware falls)
Blacklisting works For this long tail a new Whitelisting works
well here. technique is needed. well here.
Source: Symantec
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
18. Growing Amount of Malware –Lower Rate of Detection
Submission-ID: 2009- Submission-ID: 2010-
12-10_22-01_0002 01-15_22-14_0001
src: AV-Test.org src: AV-Test.org
AV Engine Time To Detect Time To Detect
Authentium Zero-hour No detection
Avast 24.28 hrs. 2.10 hrs.
AVG 10.18 hrs. 3.52 hrs.
CA-AV No detection Zero-hour
ClamAV 40.82 hrs. No detection
Dr.Web 3.68 hrs. 13.17 hrs.
Eset Nod32 2.35 hrs. Zero-hour
F-Secure Zero-hour 20.03 hrs.
Ikarus 2.55 hrs. 1.90 hrs.
ISS VPS No detection No detection
Kaspersky 6.70 hrs. 14.52 hrs.
McAfee 28.83 hrs. No detection
Microsoft 11.62 hrs. No detection
Norman Zero-hour No detection
Panda 76.48 hrs. No detection
Rising 71.27 hrs. No detection
Spybot S&D No detection No detection
Sunbelt No detection Zero-hour
VirusBuster 4.05 hrs. Zero-hour
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
19. Secured Mediation Kiosks
Source: OPSWAT, STKI’s modifications
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
20. Nor(malware) distribution
Choose any AV
software…
What about the long
tail?
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
21. Nor(malware) distribution
Choose many AV
software…
The long tail problem
remains
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
22. Organized Cybercrime
2009
1960 1970 1980 1990 2000 2010
22
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
23. M&As in the Cyber Underground…
SpyEye made headlines this year when
investigators discovered it automatically searched
for and removed ZeuS from infected PCs before
installing itself
http://krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
24. Common “Positions” in the cyber-crime business
Leaders
Hosted
Programmers systems Cashiers
providers
Distributors Fraudsters Money mules
Tech experts Crackers Tellers
http://www.fbi.gov/news/speeches/the-cyber-threat-whos-doing-what-to-whom
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
25. Underground Economy
Products Price
Credit card details From $2-$90
Physical credit cards From $190 + cost of details
Card cloners From $200-$1000
Fake ATMs Up to $35,000
Bank credentials From $80 to 700$ (with guaranteed balance)
From 10 to 40% of the total
$10 for simple account without guaranteed
Bank transfers and cashing checks balance
Online stores and pay platforms From $80-$1500 with guaranteed balance
Design and publishing of fake online stores According to the project (not specified)
Purchase and forwarding of products From $30-$300 (depending on the project)
Spam rental From $15
SMTP rental From $20 to $40 for three months
http://press.pandasecurity.com/wp-content/uploads/2011/01/The-Cyber-Crime-Black-Market.pdf
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
26. Cyber Wars
1990’s-2000’s-2010’s
1960 1970 1980 1990 2000 2010
26
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
27. Growing Number of Incidents -US
Incidents of Malicious Cyber
Activity Against Department of Defense
Information Systems, 2000–2009
http://www.uscc.gov/annual_report/2010/annual_report_full_10.pdf
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
28. Sources of Attacks on gov.il
Source: CERT.gov.il
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
29. Cyber-Warfare is Becoming A Giants’ Playground
http://www.bbc.co.uk/news/technology-11773146
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
31. Advanced Persistent Threat (APT) –RSA Case Study
“Recently, our security
systems identified an
extremely sophisticated
cyber attack in progress
being mounted against
RSA”.
Art Coviello
Executive Chairman, RSA
http://www.rsa.com/node.aspx?id=3872
http://www.nytimes.com/2011/03/18/technology/18secure.html
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
32. Stuxnet: (THE NEW YORK TIMES, 15/1/11)
http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?_r=2&hp
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
33. Stuxnet Timeline
Eraly 2008: Siemens
cooperated with Idaho
National Laboratory
, to identify the July 2009:
vulnerabilities of Stuxnet began
computer controllers circulating around the
that the company sells world
2008-2009: July 2010: Stuxnet is
Suspected exploits first discovered by
have been created for VirusBlokAda
Siemens SCADA
systems
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
35. Stuxnet in Action: “A Game Changer”
10-30 developers (!!!)
Stuxnet has some 4,000 functions (software that runs an average
email server has about 2,000 functions)
Exploits a total of four unpatched Microsoft vulnerabilities
compromise two digital certificates
• Self-replicates through removable drives
• Spreads in a LAN through a vulnerability in the Windows Print
Spooler
• Copies and executes itself on remote computers through network
shares
• Updates itself through a peer-to-peer mechanism within a LAN
• Contacts a remote command and control server
• modifies code on the Siemens PLCs
• Hides modified code on PLCs
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
36. Vulnerability Timeline
Source: Burton Group
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
37. …Lets talk about Patch Management (PM)
• Mostly Microsoft, security-related patches
• “Its not the deployment, but the whole process evolving” AKA
Pizza Night.
• 20%-50% FTE is dedicated for PM
• Common SLAs: 3…6…or sometimes 12 Months!!
• VIP patches: up-to a week
• Hardwarenon-security patches’ SLA: Where upgradesvendor
support is needed
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
38. Your Text here Your Text here
Shahar GeigerMaor’s work Copyright 2012 @STKI Do Do not remove source or attribution from any or portion of graphic of graphic
Shahar Maor’s work Copyright 2012 @STKI not remove source or attribution from any graphic graphic or portion 38
39. Generic Cyber Attacks
1. IndividualsGroups
2. CriminalNationalistic
background
3. Lots of intervals
4. Lots of targets
5. Common tools
39
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
40. Distributed Denial Of Service (DDOS)
1. Targets
websites, internet
lines etc.
2. Legitimate traffic
3. Many different
sources
4. From all over the
world
5. Perfect timing
40
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
41. Advanced Persistent Threat (APT)
1. Group/ Org./
State
2. Ideological/
Nationalistic
background
3. Multi-layered
attack
4. Targeted
5. Variety of
tools
6. Impossible to
detect in real
time(???)
41
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
42. Security “Threatscape”
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
43. Thank You!
Scan Me To Your Contacts:
43
Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
Editor's Notes
בשנת 1971 נולדת לה תוכנת מחשב מיוחדת במינה בשם Creeperעל ידי בחור בשם בוב תומאס מ BBN Technologies. התוכנה יועדה להעתיק עצמה על גבי מערכות הפעלה מסוג TENEX ולהציג על גבי המסך את המסר: "אני שרץ (creeper), תפסו אותי אם תוכלו!". תוכנה זו שהיתה ניסיונית, לא כוונה במטרה לגרום נזק ממשי אלא כדי לבדוק את פעילותה על גבי המערכות. כדי להסירה, פותחה תוכנה אחרת בשם Reeper.Physorg, The Virus Turns 40 http://phys.org/news/2011-03-virus.htmlתוכנת זדונית וותיקה אחרת היא ה Wabbit. תוכנה (או יותר נכון משפחה של תוכנות) אשר נחשפה גם היא באמצע שנות ה 70 של המאה העשרים שכפלה עצמה במהירות על המחשבים שהודבקו על ידה ומכאן גם שמה. השכפול המהיר הביא בדרך כלל לקריסת המערכת המארחת.מעין שיבוש אותיות של המילה ארנב (rabbit) כפי שנהגתה על יריבו של "באגס באני", הצייד "אלמר פדס": http://jazz.he.fi/jargon/html/W/wabbit.htmlInfocarnivore, The very first viruses: Creeper, Wabbit and Brain, http://www.infocarnivore.com/2010/05/30/the-very-first-viruses-creeper-wabbit-and-brain/
גם עולם הפשיעה והחבלה הטכנולוגית מתפתחים ובעשור זה אנו עדים לעלית מדרגה ברמת התיחכום של הפורצים. בחור צעיר בשם יאן מרפי (Ian Murphy) מצליח לפרוץ למחשבים של חברת הטלפוניה AT&T ולשנות את מנגנון השעות, כך שלקוחות שיבצעו שיחות טלפון בשעות היום יקבלו תעריף מוזל של שעות השפל. מרפי, או בכינויו "קפטיין זאפ", הוא פורץ המחשבים הראשון שהורשע כתוצאה מעבירה מהסוג הזה. Wired, The Greatest Hacks of All Time, http://www.wired.com/science/discoveries/news/2001/02/41630?currentPage=allHack Story, Captain Zap, http://www.hackstory.net/index.php/Captain_Zap
המיחשוב מתפתח במהירות ובתחילת העשורמופיעים עוד ועוד דגמים של מחשבים אישיים. המחשב האישי (personal computer -PC) הופך לכל כך משפיע מבחינה טכנולוגית, עד אשר תופעה זו נבחרת ב 1982 ל"איש השנה" של המגזין Time.גם עולם הפשיעה והחבלה הטכנולוגית מתפתחים ובעשור זה אנו עדים לעלית מדרגה ברמת התיחכום של הפורצים.Low and Mac, Personal Computer History: The First 25 Years , http://lowendmac.com/lowendpc/history/index.shtmlTime Magazine, The Computer Moves In, http://www.time.com/time/magazine/article/0,9171,953632,00.html
הופעת הסרט "משחקי מלחמה" בשנת 1983 הביאה לחשיפה רחבת היקף את תופעת הפריצות למחשבים בארה"ב. הסרט מספר על גאון מחשבים משועמם אשר מנסה לפרוץ לחברה למשחקי וידאו, אך פורץ, ללא כוונה, למערכת מסווגת של צבא ארה"ב וכמעט מביא למלחמה גרעינית. הסרט מציג את ההאקרים בצורה מאוד אוהדת והדמויות והארועים בו מבוססים, לפי חלק מההשערות, על אירועים ואנשים אמיתיים, מה שהצית את דמיונם של צעירים רבים לאחר מכן.IMdb, Plot Summary for WarGames, http://www.imdb.com/title/tt0086567/plotsummaryWebCitation, A Q&A that is 25 years late: David Scott Lewis, the mystery hacker who inspired the film “War Games, http://www.webcitation.org/5v9y5REPI”
LOD ו MOD לקראת סוף שנות ה 80 הולכות ומתגבשות קבוצות אידאולוגיות של האקרים ברחבי העולם ובארה"ב. בשנת 1987 מייסדים מספר צעירים קבוצת האקרים בשם Masters of Deception (MOD). קבוצה זו אשר מקום מושבה בניו-יורק ארה"ב מתמחה בפריצות לכרטיסי אשראי וגניבת פרטים אישיים של מפורסמים. בערך באותן שנים קמה במדינת טקסס בארה"ב קבוצה בשם Legion of Doom (LOD). קבוצה זו נוסדה על ידי ההאקר LexLuthor וחבריה מנו מספר מומחים לפריצות למערכות טלפוניה (Phreakers) ומחשבים. ייחודה של קבוצה זו הוא בהפצה של מספר חוברות טכניות ללימוד עצמי, אשר הביאו להעשרה של הידע בקרב קהילת ההאקרים בעולם מבלי שהקבוצה עצמה גרמה ליותר מדי נזק למערכות שעליהן השתלטה. בסקירה של החוברות הטכניות של ה LOD ניתן לראות כי תחומי הידע של חברי הקבוצה בהחלט נרחבים והם שלטו בכל תחומי התקשורת ומערכות המידע הרלוונטיות בשנות הפעילות שלהם, החל במרכזיות טלפוניה, דרך מערכות UNIX וכלה במערכות main-frame שריכזו את רוב המידע המיחשובי בשנות ה 90 של המאה העשרים.HackDigital, 5 Most Notorious Hacking Groups Of All Time, http://www.hackdigital.com/5-most-notorious-hacking-groups-of-all-time/ZoneAlarm, Famous Hacker Groups , http://blog.zonealarm.com/2011/08/famous-hacker-groups.htmlTelephone Tribute, Phone Phreaking, http://www.telephonetribute.com/phonephreaking.htmlDocDroppers, Legion of Doom (hacking) , http://wiki.docdroppers.org/index.php?title=Legion_of_Doom_(hacking)Textfiles, Electronic Magazines: The Legion of Doom/Hackers Technical Journal , http://www.textfiles.com/magazines/LOD
שתי הקבוצות (MOD, LOD) זכו לתהודה גדולה בקרב קהילת ההאקרים בארה"ב ונחשבו ליריבות. בין השנים 1990-1991 הפכה יריבות זו למלחמה קיברנטית של ממש במה שכונה מלחמת ההאקרים הגדולה. הכל החל לאחר שגורם אנונימי מקרב קבוצת LOD כינה את אחד מחברי MOD "Nigger" ומכאן והלאה במשך יותר משנה ניסו הקבוצות לתקוף אחת את השניה, לפרוץ למחשבים ולמרכזיות אחת של השניה ובעיקר לנסות להביך את היריבים.גורמים מסויימים מתוך עולם ההאקרים ניסו להשכין שלום בין הניצים אולם ללא הצלחה. רק בסוף 1991 הצליחו גורמים שונים להביא להפסה של מובילי הקבוצות (Chris Coggans מ LOD ו Mark Abene מ MOD) ולהרגעת הרוחות. הרגיעה במתחים בין הקבוצות פינתה לחברים מספיק זמן להמשיך במלוא המרץ בפעילות הלא חוקיות שלהם עמוק לתוך שנות ה 90 ואף מעבר לזה. מצד שני, חברי שתי הקבוצות סבלו מרדיפה של רשויות החוק האמריקאים, אשר החלו להקדיש מאמצים למיגור תופעת ההאקרים כבר מתחילת שנות ה 80 ואחדים מהם אף הורשעו בבתי המשפט בגין עבירות שונות.Michelle Slatalla and Joshua Quittner, Masters of Deception: The Gang That Ruled Cyberspace, 64, (Harper-Collins, 1995)Textfiles (Originally by The NY Transfer News Service), New York Computer Crime Indictments , http://www.textfiles.com/news/modbust.txt
התמקצעות -כנסים ותערוכותשיתוף ידע הוא הבסיס להתפתחות טכנולוגית. תחום ההאקינג אינו שונה במובן זה משום תחום טכנולוגי אחר. הזכרנו כבר למעלה את הופעת המגזין Phrack והמגזינים שהופיעו בעקבותיו וכן את החוברות הטכניות שחברי LOD נהגו להפיץ בקרב קהילת ההאקרים. בשנת 1993 עולה הענף מדרגה נוספת בכינונו של הכנס שיהפוך במרוצת השנים לשם דבר בקהילה, DefCon. כנס זה נולד כהתכנסות חד פעמית של מספר קהילות האקרים לחגוג מעבר של אבא של אחד מהם למקום עבודה אחר. השם, אגב, מקורו בצמד המילים "con" –תחילית של המילה האנגלית כנס ו def" " שמסמל את הספרה שלוש על לוח מקשים סטנדרטי של טלפון (כמחווה לפורצי הטלפונים). לשילוב המילים יש משמעות צבאית וכן משמעויות נוספות. כנסי DefConנערכים מדי שנה במשך כשבוע בסוף יולי בלאס וגאס, ארה"ב. כנסי Defcon מורכבים מהרצאות מקצועיות של אנשי מקצוע מהתעשיה וכן מתחרויות פריצה שונות הנערכות תוך כדי הכנס ומזמינות את קהל ההאקרים להשתתף בחגיגה. לצד כנס זה קיימים כנסים חשובים נוספים ובראשם RSA ו Black-Hat. כנס RSAנוסד בשנת 1991 ומתקיים מדי שנה בסוף פברואר בסן-פרנסיסקו, ארה"ב. בשנים האחרונות נוספו כנסי משנה גם בארופה, יפן ואף בסין. למרות שהכנס מופק על ידי חברה ציבורית מתחום אבטחת המידע, התכנים בכנס נקבעים בצורה מקצועית על ידי פאנל של מומחים. גם בכס זה מוצגות הרצאות מקצועיות ומתקיימת תערוכה גדולה של יצרני פתרונות אבטחת מידע. כנס RSA ידוע כבמה מצויינת להכרזות על מוצרים חדשים ורבים מהיצרנים מתזמנים הוצאת גרסאות חדשות בהתאם. אחיהם הצעיר, אך המצליח, של כנסים אלה הוא כנס Black-Hat המדובר. הכנס נוסד בשנת 1997 והפך מכנס בן יום אחד בלאס-וגאס לאירוע מתגלגל בן כמה ימים. הכנס נערך כיום מספר פעמים בשנה במספר אתרים בעולם (בנוסף ללאס-וגאס) כמו אבו-דאבי, ברצלונה וואשינגטון. מארגני הכנס והקהל הרחב מעידים עליו כי מדובר בכנס נייטרלי, ללא נטיות ליצרן כזה או אחר. בכנס ניתן לצפות במצגות של טובי המומחים בתחום וכן להתנסות בסדנאות מקצועיות לפי תחומי עניין באבטחת מידע. כנס זה משמש אכסניה להעברת קורסים מקצועיים בני כמה ימים ורבים מגיעים אליו כדי לעבור הסמכות מקצועיות. בדומה לכנסים דומים בתחום מורכב צוות ההיגוי של Black-Hat ממומחים מהשורה הראשונה בעולם אבטחת המידע אשר מקפידים על הצגת תכנים איכותיים ולא שיווקיים. יו"ר הכנס ומייסדו הוא ג'ף מוס, האקר המוכר בכינוי Dark Tangent, אשר ייסד גם את כנס DefCon לעיל.DefCon, The DefCon Story, http://www.defcon.org/html/links/dc-about.htmlRSA Conference, About RSA Conference , http://www.rsaconference.com/about/Black-Hat, About Black-Hat , http://www.blackhat.com/html/about.htmlBlack-Hat, Black-Hat Review Board , http://www.blackhat.com/html/review-board.html#ButlerCNN Tech, Meet Dark Tangent, the hacker behind Black Hat and DEF CON, http://articles.cnn.com/2011-08-03/tech/jeff.moss.black.hat_1_lulzsec-hacker-moss?_s=PM:TECH
האקר ידוען -קווין מיטניקרוב הציבור נחשף בדר"כ להאקר כמושג ולא ממש לדמות מוחשית שעומדת מאחוריו. רוב ההאקרים פועלים במחשכים, כך הם יכולים להימנע מחיכוכים מיותרים עם מוסדות רשמיים וגורמי אכיפת החוק. מעטים הם המקרים בהם הציבור הרחב נחשף בצורה ישירה להאקר בעל שם ופנים. קווין מיטניק היה אחד מאותם מעטים ששמם הפך שגור בפיהם של רבים בארה"ב של שנות התשעים. מיטניק לא רק היה מוכר, אלא הוא הפך במרוצת השנים לידוען של ממש. למיטניק מיוחסות פריצות לאתרים ומוסדות שונים בשנות ה 80 וה 90 בארה"ב, ביניהם: Sun Microsystems, Pacific Bell, Motorola ואחרים. באוגוסט 2011 התארח מיטניק בתוכנית פופולארית בשם The Colbert Report ובה הוא סיפר על שנותיו הפרועות. בראיון סיפר כי בשל עבירות שונות הוא בילה 5 שנים בכלא פדרלי ועוד שנה אחת במעצר בית מיוחד ללא גישה לטלפון מחשש שהוא מסוכן לציבור. עוד הוא סיפר על התקופה בה הוא נרדף על ידי ה FBI טרם מעצרו. על פי הריאיון, הוא הצליח לפרוץ למכשירי הטלפון הסלולרי של רודפיו ולדאוג להישאר במרחק רב מספיק מהם. בשנת 1995 נעצר מיטניק על ידי ה FBI לאחר מרדף שנמשך יותר משלוש שנים. אחד האנשים שסייעו ללכידתו הוא חוקר ומומחה אבטחה בשם Tsutomu Shimomura שמיטניק פרץ למחשבו. אורך חיו, "הישגיו המקצועיים" והנסיבות הובילו אותו לאחר ישיבה לא קצרה בכלא פדרלי למודל של האקר מחשבים ובהמשך אף ליועץ, לסופר ומרצה מבוקש בכל רחבי העולם. Colbert Nation, The Colbert Report Videos-Kevin Mitnick, http://www.colbertnation.com/the-colbert-report-videos/395003/august-18-2011/kevin-mitnickThe New-York Times, A Most-Wanted Cyberthief Is Caught in His Own Web , http://www.nytimes.com/1995/02/16/us/a-most-wanted-cyberthief-is-caught-in-his-own-web.htmlhttp://mitnicksecurity.com/company.php
וירוס המאקרו הראשון למערכות WINDOWS שהתפרץ בצורה חסרת שליטה במחשבים בעולם הוא הוירוסConcept אשר התגלה ביולי 1995. יש לציין כי לא מדובר בוירוס המאקרו הראשון שהתגלה אי פעם, אולם זהו הוירוס הראשון מסוגו שהתפרץ פרא. Concept פעל על מספר פקודות מאקרו אשר היו נפוצות בעיקר במעבדי תמלילים מסוג Word במערכות הפעלה Windows 6.x, Windows 7.x, Windows 95 ו Windows NT. עבודה עם פקודות מאקרו חסכה לכותבי הוירוסים כתיבה מסובכת יותר בשפת Assembly. כותבי וירוסים המבוססים על הוירוס הזה ניצלו לרעה יכולות מאקרו להעתקה של קבצי Word, אשר הפכו לקבצים פופולארים בשנות ה 90 של המאה העשרים, וכך עברו ממחשב למחשב. Flashing Cursor, The Concept Virus , http://www.chebucto.ns.ca/~af380/ConceptMacro.htmlF-Secure, Virus:W32/Concept , http://www.f-secure.com/v-descs/concept.shtml
http://en.wikipedia.org/wiki/Melissa_(computer_virus)תולעת מחשב שהדביקה דרך דואר אלקטרוני.
http://en.wikipedia.org/wiki/I_Love_YOu_virus
CEF –COMMON EVENT FORMAT
1. Programmers. Who develop the exploits and malware used to commit cyber-crimes.2. Distributors. Who trade and sell stolen data and act as vouchers for the goods provided by other specialists.3. Tech experts. Who maintain the criminal enterprise’s IT infrastructure, including servers, encryptiontechnologies, databases, and the like.4. Hackers. Who search for and exploit applications, systems and network vulnerabilities.5. Fraudsters. Who create and deploy various social engineering schemes, such as phishing and spam.6. Hosted systems providers. Who offer safe hosting of illicit content servers and sites.7. Cashiers. Who control drop accounts and provide names and accounts to other criminals for a fee.8. Money mules. Who complete wire transfers between bank accounts. The money mules may use student andwork visas to travel to the U.S. to open bank accounts.9. Tellers. Who are charged with transferring and laundering illicitly gained proceeds through digital currencyservices and different world currencies.10. Organization Leaders. Often “people persons” without technical skills. The leaders assemble the team andchoose the targets.
below, demonstrates the volume of malicious computeractivity against Department of Defense information systems overthe past decade. Note that not all of the incidents depicted belowspecifically relate to China; the department has not made availablethat level of detail.
ב-2010 נרשמו "רק" אירוע חריג אחד, וזה למעשה ההתקפות שחווינו לאור אירועי המשט הטורקי במאי 2010. מדובר בשבוע שלם של תקיפות מסוג Syn Flood על מספר אתרי Gov.Il מובילים.אם אני מבין נכון את הכוונה שלך בגרף "אירועים חריגים", אז אין לי כזה, וגם כמו שאתה יכול להבין רוב הפרטים רגישים ולא ניתן להוציא אותם החוצה.עם זאת, יש לי כמה פרטי רקע מעניינים על מקורות התקיפה באירועי המשט, אם זה מעניין אותך. אם נתעלם מאירועי המשט, המדינות שתקפו את תשתיות ממשל זמין (על פי כמות תקיפות, לא על פי כמות תוקפים), מתחלקות בצורה הבאה:
Self-replicates through removable drives exploiting a vulnerability allowing auto-execution. • Microsoft Windows Shortcut ‘LNK/PIF’ Files Automatic File Execution Vulnerability (BID 41732)Spreads in a LAN through a vulnerability in the Windows Print Spooler. • Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability (BID 43073)Spreads through SMB by exploiting the • Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability (BID 31874).Copies and executes itself on remote computers through network shares.• Copies and executes itself on remote computers running a WinCC database server.• Copies itself into Step 7 projects in such a way that it automatically executes when the Step 7 project is • loaded.Updates itself through a peer-to-peer mechanism within a LAN.• Exploits a total of four unpatched Microsoft vulnerabilities, two of which are previously mentioned vulnerabilities for self-replication and the other two are escalation of privilege vulnerabilities that have yet to be disclosed.Contacts a command and control server that allows the hacker to download and execute code, including up• dated versions.Contains a Windows rootkit that hide its binaries.• Attempts to bypass security products.• Fingerprints a specific industrial control system and modifies code on the Siemens PLCs to potentially sabotage the system.Hides modified code on PLCs, essentially a rootkit for PLCs.
המטרה בשקף היא להסביר את הביטויים השונים. המילה "סייבר" לא עומדת בפני עצמה. יש לוחמה קיברנטית –cyber warfareיש פשיעה קיברנטית –cyber crimeויש הגנה מפני כל מה שמאיים עלינו במרחב הקיברנטי (חלוקה בין אחריות אישית, ארגונית ומדינה)
ההתקפות הן גנריות, שיטת מצליח. בדרך כלל לא תופרים את ההתקפה לכל ארגון מחדש אלא שולחים קיטים נגועים עם מספר התקפות על כל קיט.רמת האיום פר ארגון היא מתונה יחסית, אך משאבי הארגון ומנגנוני הארגון הם נגזרת של האיום הקיים.