SlideShare a Scribd company logo

The Internet of Military Things: There Will Be Cyberwar

Download as PPTX, PDF
Richard Stiennon
Richard Stiennon

Richard Stiennon discusses the evolution of network-centric warfare and how the military's overreliance on networked technology without proper security precautions has increased vulnerabilities. He outlines several past security failures in the military's use of IT and argues we could see a "cyber pearl harbor" if an adversary is able to gain information dominance by hacking networks and systems to disrupt communications and sensor grids during a future conflict. Stiennon warns that vulnerabilities in platforms like the F-35 could allow an enemy to subvert mission tasking and potentially achieve military defeat through cyber attacks.

Technology
1 of 29
There Will Be Cyberwar or The Internet of Military Things (IoMT) Richard Stiennon Chief Research Analyst IT-Harvest twitter.com/cyberwar
Keynote, CyberSecurity World, Washington DC, October 28, 2015 Book Launch: October 29, National Press Club 4 PM. All welcome twitter.com/cyberwar http://www.amazon.com/There-Will-Be-Cyberwar-Network-Centric/dp/0985460784 Purchase on Amazon
The Revolution in Military Affairs • Roman centuries • Long bow and battle of Crecy • Napoleon’s staff command • Machine guns • Mechanized armor, blitzkrieg
The Modern RMA • Operation Desert Storm leads to: • Russian assessment of precision weapons ISR, C&C as force multiplier, which leads to • Andrew Marshall
IT-Harvest Confidential Andrew Marshall: Enigmatic Strategist Andrew W. Marshall (born September 13, 1921) just retired director of the United States Department of Defense's Office of Net Assessment.
1996 Taiwan Straits Crisis "Admiral Clemens was able to use e-mail, a very graphic- rich environment, and video teleconferencing to achieve the effect he wanted", which was to deploy the carrier battle groups in a matter of hours instead of days.” -Arthur Cebrowski USS Nimitz and USS Independence deploy to Taiwan.
Admiral Archie Clemins Father of Network Centric Warfare
Clemins’ Apple Powerbook 160 9.8 inch greyscale LCD Display Up to 14 MB RAM (smaller than this slide deck) 40MB SCSI Hard Disk Drive 8 pounds
USS Blue Ridge command ship of the US Navy 7th Fleet
A Lasting Legacy Same Inmarsat satellite constellation still in use N21 initiative launched Pentagon Office of Force Transformation led by Arthur Cebrowski
Arthur Cebrowski: Evangelist “Network Centric Warfare should be the cornerstone of transformation. If you are not interoperable you are not on the net. You are not benefiting from the information age”.
The NCW Dream Total Situational Awareness eliminates “the fog of war” Red Team - Blue Team identification Central Command and Control. Distributed battle command. (The Global Information Grid, or GIG) Networked Intelligence, Surveillance Reconnaissance (ISR) -a sensor grid
IT-Harvest Confidential Network Centric Warfare Everything connected (like the Internet) Satellite-Planes-Drones-Ground-Sea based sensor grid Instant communication over a Global Grid
14 Deja vu all over again We’ve seen this story payed out before in the enterprise. First, network everything. Take advantage of connectivity and u Second: succumb to attacks from hackers, cyber criminals, hac Finally: Layer in security
15 How the Military Failed in Security April 1, 2001 a Navy EP-3E was forced down and captured by China. Top secret OS compromised In 2008 China blatantly flooded communication channels known to be monitored by the NSA with decrypted US intercepts, kicking off a major re- deployment. SEVEN years too late.
16 How the Military Failed in Security First, the Pentagon email servers p0wned 2007 Then terabytes of data exfiltrated to China from the Defense Industrial Base. The target? Joint Strike Fighter design data.
17 Military IT Security Failures The Wake Up Call BUCKSHOT YANKEE Agent.btz introduced via thumb drive in a forward operations co EVERY Windows machine re-imaged in the entire military (3 mi
18 Drone madness 1
19 Drone madness 2
20 Drone madness 3
IT-Harvest Confidential SATCOM Vulns • “We uncovered what would appear to be multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms.” - IOActive
Software Assurance maturity came after most new weapons platforms were sourced. One Air Force study of 3 million lines of code revealed: One software vulnerability per 8 lines of code One high vulnerability per 31 lines of code One critical vulnerability for 70 lines of code
The F-35 Joint Strike Fighter “JSF software development is one of the largest and most complex projects in DOD history.” -Michael J. Sullivan, Director Acquisition and Sourcing Management for the DoD:
The F-35 Joint Strike Fighter • Nine million lines of onboard code could mean 128,000 critical vulns • 15 million lines of logistics code could mean another 214,000 critical vulns • What could possibly go wrong?
Taiwan Straits Crisis. 2018? GPS hacks deflect jets away from tankers Mission tasking subverted Communications intercepts mislead commander Radar jamming masks enemy movement Result? Military defeat
A Working Definition of Cyberwar The use of network and computer attack to s
IT-Harvest Confidential Cyber Pearl Harbor Defined An overwhelming defeat of US forces due to enemy information dominance. And it look like this…
IT-Harvest Confidential
email: richard@it-harvest.com Twitter: twitter.com/cyberwar

Recommended

Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Mikko Hypponen
 
Self Learning Anti Drone System
Self Learning Anti Drone SystemSelf Learning Anti Drone System
Self Learning Anti Drone System
yovist taufan
 
Drone it is
Drone it isDrone it is
Drone it is
Ashutosh Singh
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
Tony Lauro
 
White Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGSWhite Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGS
DanielCHOU25
 
The rising chinese threat
The rising chinese threatThe rising chinese threat
The rising chinese threat
elopez560
 
The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)
Madushan Sandaruwan
 
Manava project
Manava projectManava project
Manava project
goutamsinghbisht
 

Recommended

Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Mikko Hypponen
 
Self Learning Anti Drone System
Self Learning Anti Drone SystemSelf Learning Anti Drone System
Self Learning Anti Drone System
yovist taufan
 
Drone it is
Drone it isDrone it is
Drone it is
Ashutosh Singh
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generation
Tony Lauro
 
White Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGSWhite Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGS
DanielCHOU25
 
The rising chinese threat
The rising chinese threatThe rising chinese threat
The rising chinese threat
elopez560
 
The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)
Madushan Sandaruwan
 
Manava project
Manava projectManava project
Manava project
goutamsinghbisht
 
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceWIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
Space Foundation
 
Hacking
HackingHacking
Hacking
NarendraGadde2
 
Everyday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsEveryday Life UAV Drone Applications
Everyday Life UAV Drone Applications
Ultimate UAV
 
"Hacking"
"Hacking""Hacking"
"Hacking"
Ameesha Indusarani
 
Hacking
HackingHacking
Hacking
kill4love
 
DRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATIONDRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATION
RedChip Companies, Inc.
 
Techno-Quiz Finals
Techno-Quiz FinalsTechno-Quiz Finals
Techno-Quiz Finals
Pranshu Agarwal
 
Survey paper
Survey paperSurvey paper
Survey paper
Yawer Yousuf
 
Where the Wild Bots are OPSNY June 2016
Where the Wild Bots are OPSNY June 2016Where the Wild Bots are OPSNY June 2016
Where the Wild Bots are OPSNY June 2016
Dr. Augustine Fou - Independent Ad Fraud Researcher
 
Spectrum of privacy 2017 01-10
Spectrum of privacy 2017 01-10Spectrum of privacy 2017 01-10
Spectrum of privacy 2017 01-10
Dr. Augustine Fou - Independent Ad Fraud Researcher
 
Tactical Commn
Tactical CommnTactical Commn
Tactical Commn
Ramasamyraja Ramanujam
 
Illustrated ad fraud risks for advertisers
Illustrated ad fraud risks for advertisersIllustrated ad fraud risks for advertisers
Illustrated ad fraud risks for advertisers
Dr. Augustine Fou - Independent Ad Fraud Researcher
 
Software defined radio
Software defined radioSoftware defined radio
Software defined radio
Sandesh Poovaiah
 
Future of Love and War
Future of Love and WarFuture of Love and War
Future of Love and War
Institute of Customer Experience
 
Internet of Things (IOT) - Technology and Applications
Internet of Things (IOT) - Technology and ApplicationsInternet of Things (IOT) - Technology and Applications
Internet of Things (IOT) - Technology and Applications
Dr. Mazlan Abbas
 
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gInternet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Mohan Kumar G
 
There WIll Be Cyberwar
There WIll Be Cyberwar There WIll Be Cyberwar
There WIll Be Cyberwar
Richard Stiennon
 
How the Revolution in Military Affairs has set the stage for future cyberwars
How the Revolution in Military Affairs has set the stage for future cyberwarsHow the Revolution in Military Affairs has set the stage for future cyberwars
How the Revolution in Military Affairs has set the stage for future cyberwars
Richard Stiennon
 
Computer Attack Stratagems
Computer Attack StratagemsComputer Attack Stratagems
Computer Attack Stratagems
Karl Wolfgang
 
Surviving Cyber War April09
Surviving Cyber War April09Surviving Cyber War April09
Surviving Cyber War April09
Richard Stiennon
 
Port security
Port securityPort security
Port security
borepatch
 
Cyberwar Update2010
Cyberwar Update2010Cyberwar Update2010
Cyberwar Update2010
Richard Stiennon
 

More Related Content

What's hot

WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceWIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
Space Foundation
 
Hacking
HackingHacking
Hacking
NarendraGadde2
 
Everyday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsEveryday Life UAV Drone Applications
Everyday Life UAV Drone Applications
Ultimate UAV
 
"Hacking"
"Hacking""Hacking"
"Hacking"
Ameesha Indusarani
 
Hacking
HackingHacking
Hacking
kill4love
 
DRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATIONDRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATION
RedChip Companies, Inc.
 
Techno-Quiz Finals
Techno-Quiz FinalsTechno-Quiz Finals
Techno-Quiz Finals
Pranshu Agarwal
 

What's hot (7)

WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceWIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
 
Hacking
HackingHacking
Hacking
 
Everyday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsEveryday Life UAV Drone Applications
Everyday Life UAV Drone Applications
 
"Hacking"
"Hacking""Hacking"
"Hacking"
 
Hacking
HackingHacking
Hacking
 
DRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATIONDRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATION
 
Techno-Quiz Finals
Techno-Quiz FinalsTechno-Quiz Finals
Techno-Quiz Finals
 

Viewers also liked

Survey paper
Survey paperSurvey paper
Survey paper
Yawer Yousuf
 
Where the Wild Bots are OPSNY June 2016
Where the Wild Bots are OPSNY June 2016Where the Wild Bots are OPSNY June 2016
Where the Wild Bots are OPSNY June 2016
Dr. Augustine Fou - Independent Ad Fraud Researcher
 
Spectrum of privacy 2017 01-10
Spectrum of privacy 2017 01-10Spectrum of privacy 2017 01-10
Spectrum of privacy 2017 01-10
Dr. Augustine Fou - Independent Ad Fraud Researcher
 
Tactical Commn
Tactical CommnTactical Commn
Tactical Commn
Ramasamyraja Ramanujam
 
Illustrated ad fraud risks for advertisers
Illustrated ad fraud risks for advertisersIllustrated ad fraud risks for advertisers
Illustrated ad fraud risks for advertisers
Dr. Augustine Fou - Independent Ad Fraud Researcher
 
Software defined radio
Software defined radioSoftware defined radio
Software defined radio
Sandesh Poovaiah
 
Future of Love and War
Future of Love and WarFuture of Love and War
Future of Love and War
Institute of Customer Experience
 
Internet of Things (IOT) - Technology and Applications
Internet of Things (IOT) - Technology and ApplicationsInternet of Things (IOT) - Technology and Applications
Internet of Things (IOT) - Technology and Applications
Dr. Mazlan Abbas
 
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gInternet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Mohan Kumar G
 

Viewers also liked (9)

Survey paper
Survey paperSurvey paper
Survey paper
 
Where the Wild Bots are OPSNY June 2016
Where the Wild Bots are OPSNY June 2016Where the Wild Bots are OPSNY June 2016
Where the Wild Bots are OPSNY June 2016
 
Spectrum of privacy 2017 01-10
Spectrum of privacy 2017 01-10Spectrum of privacy 2017 01-10
Spectrum of privacy 2017 01-10
 
Tactical Commn
Tactical CommnTactical Commn
Tactical Commn
 
Illustrated ad fraud risks for advertisers
Illustrated ad fraud risks for advertisersIllustrated ad fraud risks for advertisers
Illustrated ad fraud risks for advertisers
 
Software defined radio
Software defined radioSoftware defined radio
Software defined radio
 
Future of Love and War
Future of Love and WarFuture of Love and War
Future of Love and War
 
Internet of Things (IOT) - Technology and Applications
Internet of Things (IOT) - Technology and ApplicationsInternet of Things (IOT) - Technology and Applications
Internet of Things (IOT) - Technology and Applications
 
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gInternet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
 

Similar to The Internet of Military Things: There Will Be Cyberwar

There WIll Be Cyberwar
There WIll Be Cyberwar There WIll Be Cyberwar
There WIll Be Cyberwar
Richard Stiennon
 
How the Revolution in Military Affairs has set the stage for future cyberwars
How the Revolution in Military Affairs has set the stage for future cyberwarsHow the Revolution in Military Affairs has set the stage for future cyberwars
How the Revolution in Military Affairs has set the stage for future cyberwars
Richard Stiennon
 
Computer Attack Stratagems
Computer Attack StratagemsComputer Attack Stratagems
Computer Attack Stratagems
Karl Wolfgang
 
Surviving Cyber War April09
Surviving Cyber War April09Surviving Cyber War April09
Surviving Cyber War April09
Richard Stiennon
 
Port security
Port securityPort security
Port security
borepatch
 
Cyberwar Update2010
Cyberwar Update2010Cyberwar Update2010
Cyberwar Update2010
Richard Stiennon
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
Avirot Mitamura
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
Mehdi Poustchi Amin
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
Love Steven
 
Exp r35
Exp r35Exp r35
Exp r35
SelectedPresentations
 
Vol7no2 ball
Vol7no2 ballVol7no2 ball
Vol7no2 ball
MarioEliseo3
 
Cyber Warfare Europe 2011
Cyber Warfare Europe 2011Cyber Warfare Europe 2011
Cyber Warfare Europe 2011
Sharmin Ahammad
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
David Willson, Attorney, CISSP, Security +
 
technical disaster
technical disastertechnical disaster
technical disaster
kaushik_sutariya_
 
Future of Chinese Cyber Warfare
Future of Chinese Cyber WarfareFuture of Chinese Cyber Warfare
Future of Chinese Cyber Warfare
Bill Hagestad II
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
Pukhraj Singh
 
Exp w22 exp-w22
Exp w22 exp-w22Exp w22 exp-w22
Exp w22 exp-w22
SelectedPresentations
 
Hack the Hackers 2012: Client Side Hacking – Targeting the User
Hack the Hackers 2012: Client Side Hacking – Targeting the UserHack the Hackers 2012: Client Side Hacking – Targeting the User
Hack the Hackers 2012: Client Side Hacking – Targeting the User
New Horizons Bulgaria
 
[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa
[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa
[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa
Hackito Ergo Sum
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 

Similar to The Internet of Military Things: There Will Be Cyberwar (20)

There WIll Be Cyberwar
There WIll Be Cyberwar There WIll Be Cyberwar
There WIll Be Cyberwar
 
How the Revolution in Military Affairs has set the stage for future cyberwars
How the Revolution in Military Affairs has set the stage for future cyberwarsHow the Revolution in Military Affairs has set the stage for future cyberwars
How the Revolution in Military Affairs has set the stage for future cyberwars
 
Computer Attack Stratagems
Computer Attack StratagemsComputer Attack Stratagems
Computer Attack Stratagems
 
Surviving Cyber War April09
Surviving Cyber War April09Surviving Cyber War April09
Surviving Cyber War April09
 
Port security
Port securityPort security
Port security
 
Cyberwar Update2010
Cyberwar Update2010Cyberwar Update2010
Cyberwar Update2010
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 
Exp r35
Exp r35Exp r35
Exp r35
 
Vol7no2 ball
Vol7no2 ballVol7no2 ball
Vol7no2 ball
 
Cyber Warfare Europe 2011
Cyber Warfare Europe 2011Cyber Warfare Europe 2011
Cyber Warfare Europe 2011
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
 
technical disaster
technical disastertechnical disaster
technical disaster
 
Future of Chinese Cyber Warfare
Future of Chinese Cyber WarfareFuture of Chinese Cyber Warfare
Future of Chinese Cyber Warfare
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
 
Exp w22 exp-w22
Exp w22 exp-w22Exp w22 exp-w22
Exp w22 exp-w22
 
Hack the Hackers 2012: Client Side Hacking – Targeting the User
Hack the Hackers 2012: Client Side Hacking – Targeting the UserHack the Hackers 2012: Client Side Hacking – Targeting the User
Hack the Hackers 2012: Client Side Hacking – Targeting the User
 
[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa
[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa
[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 

More from Richard Stiennon

Why Risk Management Fails
Why Risk Management FailsWhy Risk Management Fails
Why Risk Management Fails
Richard Stiennon
 
Cyber security industry trends
Cyber security industry trendsCyber security industry trends
Cyber security industry trends
Richard Stiennon
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is Impossible
Richard Stiennon
 
Stiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, OrlandoStiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, Orlando
Richard Stiennon
 
How the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security ForeverHow the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security Forever
Richard Stiennon
 
Cybercrime and Business Process Hacking
Cybercrime and Business Process HackingCybercrime and Business Process Hacking
Cybercrime and Business Process Hacking
Richard Stiennon
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber Realism
Richard Stiennon
 
What makes the IT industry tick?
What makes the IT industry tick? What makes the IT industry tick?
What makes the IT industry tick?
Richard Stiennon
 
New definition for APT
New definition for APTNew definition for APT
New definition for APT
Richard Stiennon
 
Titan Rain
Titan RainTitan Rain
Titan Rain
Richard Stiennon
 
Surviving Cyber War
Surviving Cyber WarSurviving Cyber War
Surviving Cyber War
Richard Stiennon
 

More from Richard Stiennon (11)

Why Risk Management Fails
Why Risk Management FailsWhy Risk Management Fails
Why Risk Management Fails
 
Cyber security industry trends
Cyber security industry trendsCyber security industry trends
Cyber security industry trends
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is Impossible
 
Stiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, OrlandoStiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, Orlando
 
How the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security ForeverHow the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security Forever
 
Cybercrime and Business Process Hacking
Cybercrime and Business Process HackingCybercrime and Business Process Hacking
Cybercrime and Business Process Hacking
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber Realism
 
What makes the IT industry tick?
What makes the IT industry tick? What makes the IT industry tick?
What makes the IT industry tick?
 
New definition for APT
New definition for APTNew definition for APT
New definition for APT
 
Titan Rain
Titan RainTitan Rain
Titan Rain
 
Surviving Cyber War
Surviving Cyber WarSurviving Cyber War
Surviving Cyber War
 

Recently uploaded

Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Jeffrey Haguewood
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
HarisZaheer8
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
fredae14
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
saastr
 

Recently uploaded (20)

Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
 

The Internet of Military Things: There Will Be Cyberwar

  • 1. There Will Be Cyberwar or The Internet of Military Things (IoMT) Richard Stiennon Chief Research Analyst IT-Harvest twitter.com/cyberwar
  • 2. Keynote, CyberSecurity World, Washington DC, October 28, 2015 Book Launch: October 29, National Press Club 4 PM. All welcome twitter.com/cyberwar http://www.amazon.com/There-Will-Be-Cyberwar-Network-Centric/dp/0985460784 Purchase on Amazon
  • 3. The Revolution in Military Affairs • Roman centuries • Long bow and battle of Crecy • Napoleon’s staff command • Machine guns • Mechanized armor, blitzkrieg
  • 4. The Modern RMA • Operation Desert Storm leads to: • Russian assessment of precision weapons ISR, C&C as force multiplier, which leads to • Andrew Marshall
  • 5. IT-Harvest Confidential Andrew Marshall: Enigmatic Strategist Andrew W. Marshall (born September 13, 1921) just retired director of the United States Department of Defense's Office of Net Assessment.
  • 6. 1996 Taiwan Straits Crisis "Admiral Clemens was able to use e-mail, a very graphic- rich environment, and video teleconferencing to achieve the effect he wanted", which was to deploy the carrier battle groups in a matter of hours instead of days.” -Arthur Cebrowski USS Nimitz and USS Independence deploy to Taiwan.
  • 7. Admiral Archie Clemins Father of Network Centric Warfare
  • 8. Clemins’ Apple Powerbook 160 9.8 inch greyscale LCD Display Up to 14 MB RAM (smaller than this slide deck) 40MB SCSI Hard Disk Drive 8 pounds
  • 9. USS Blue Ridge command ship of the US Navy 7th Fleet
  • 10. A Lasting Legacy Same Inmarsat satellite constellation still in use N21 initiative launched Pentagon Office of Force Transformation led by Arthur Cebrowski
  • 11. Arthur Cebrowski: Evangelist “Network Centric Warfare should be the cornerstone of transformation. If you are not interoperable you are not on the net. You are not benefiting from the information age”.
  • 12. The NCW Dream Total Situational Awareness eliminates “the fog of war” Red Team - Blue Team identification Central Command and Control. Distributed battle command. (The Global Information Grid, or GIG) Networked Intelligence, Surveillance Reconnaissance (ISR) -a sensor grid
  • 13. IT-Harvest Confidential Network Centric Warfare Everything connected (like the Internet) Satellite-Planes-Drones-Ground-Sea based sensor grid Instant communication over a Global Grid
  • 14. 14 Deja vu all over again We’ve seen this story payed out before in the enterprise. First, network everything. Take advantage of connectivity and u Second: succumb to attacks from hackers, cyber criminals, hac Finally: Layer in security
  • 15. 15 How the Military Failed in Security April 1, 2001 a Navy EP-3E was forced down and captured by China. Top secret OS compromised In 2008 China blatantly flooded communication channels known to be monitored by the NSA with decrypted US intercepts, kicking off a major re- deployment. SEVEN years too late.
  • 16. 16 How the Military Failed in Security First, the Pentagon email servers p0wned 2007 Then terabytes of data exfiltrated to China from the Defense Industrial Base. The target? Joint Strike Fighter design data.
  • 17. 17 Military IT Security Failures The Wake Up Call BUCKSHOT YANKEE Agent.btz introduced via thumb drive in a forward operations co EVERY Windows machine re-imaged in the entire military (3 mi
  • 21. IT-Harvest Confidential SATCOM Vulns • “We uncovered what would appear to be multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms.” - IOActive
  • 22. Software Assurance maturity came after most new weapons platforms were sourced. One Air Force study of 3 million lines of code revealed: One software vulnerability per 8 lines of code One high vulnerability per 31 lines of code One critical vulnerability for 70 lines of code
  • 23. The F-35 Joint Strike Fighter “JSF software development is one of the largest and most complex projects in DOD history.” -Michael J. Sullivan, Director Acquisition and Sourcing Management for the DoD:
  • 24. The F-35 Joint Strike Fighter • Nine million lines of onboard code could mean 128,000 critical vulns • 15 million lines of logistics code could mean another 214,000 critical vulns • What could possibly go wrong?
  • 25. Taiwan Straits Crisis. 2018? GPS hacks deflect jets away from tankers Mission tasking subverted Communications intercepts mislead commander Radar jamming masks enemy movement Result? Military defeat
  • 26. A Working Definition of Cyberwar The use of network and computer attack to s
  • 27. IT-Harvest Confidential Cyber Pearl Harbor Defined An overwhelming defeat of US forces due to enemy information dominance. And it look like this…

Editor's Notes

  1. CNN) -- A U.S. Navy reconnaissance plane made an emergency landing in China after colliding with a Chinese fighter jet sent to intercept it, U.S. officials said Sunday. The EP-3 Aries, an electronic surveillance aircraft with a crew of 24, landed on the Chinese island of Hainan after the collision, said Lt. Col. Dewey Ford, a spokesman for the U.S. Pacific Command in Hawaii. None of the crew was injured, he said. Chinese officials had no immediate comment on the incident. That history dates back to the 1996 presidential election on Taiwan, when Chinese hackers took aim at Taiwan sites. They repeated their attacks during the 2000 elections, but Taiwan threatened to unleash 7,000 viruses on Chinese government sites if the attacks continued. They ended.
  2. CNN) -- A U.S. Navy reconnaissance plane made an emergency landing in China after colliding with a Chinese fighter jet sent to intercept it, U.S. officials said Sunday. The EP-3 Aries, an electronic surveillance aircraft with a crew of 24, landed on the Chinese island of Hainan after the collision, said Lt. Col. Dewey Ford, a spokesman for the U.S. Pacific Command in Hawaii. None of the crew was injured, he said. Chinese officials had no immediate comment on the incident. That history dates back to the 1996 presidential election on Taiwan, when Chinese hackers took aim at Taiwan sites. They repeated their attacks during the 2000 elections, but Taiwan threatened to unleash 7,000 viruses on Chinese government sites if the attacks continued. They ended.
  3. 20 million Ids including SSN stolen by the insider, Rene Rebollo, Wahid Siddiqi, 25,was a senior financial analyst at Full Spectrum Lending, Countrywide's subprime lending division. The FBI's statement alleges Rebollo was taking the personal information of mortgage customers, including social security numbers, storing them on a USB thumb drive. Rebollo told the law enforcement he profited anywhere from $50,000 to $70,000 from the sale of the Countrywide-owned data. In an FBI affidavit Rebollo estimated he downloaded about 20,000 customer profiles a week in excel spreadsheets onto the flash drives and then took the spreadsheets and emailed them to buyers from business center stores.