SlideShare a Scribd company logo

Cyberwar: (R)evolution?

Download as PPTX, PDF
Z
zapp0

Presentation on cyberwar for Masaryk University KISK - Expert Panel. Focus on current status, future outlook, threats and options.

Education
1 of 16
Cyberwar ®evolution? Petr Špiřík @ KISK Expert Panel 17. 12. 2015
PwC Petr Špiřík, MSc. Cyberwar: ®evolution? Professional PwC CEE CISO 29 countries, full scope of information security portfolio Former Cyber threat intelligence lead and Security architect I get paid for what I love. How cool is that? Personal Geek & security enthusiast Fascinated by cyberspace, cyber security realm and associated topics Believer in the power of information and that it wants to be free Low tolerance for nonsense. Rules of engagement Respect each other There are no stupid questions
PwC Cyber war … … or cyber operation? Threat actors Criminals Hacktivists Lone wolfs State actors The term cyberwar will be used through this presentation for simplicity Treat with caution War has a meaning from legal perspective Defined especially in IHL, explained in Tallinn Manual Not everyone “can” be at war Organized crime is not war Different rules apply in war (Cyber) act of war can result in kinetic response By abusing defined terms we risk misunderstanding – or worse During this presentation we will focus on operations in cyberspace where state is either a target or an attacker and where the objective is military or political advantage.
PwC History of notable incidents Helicopter view 2003, Iraq war Battlefield online, information supremacy Harsh lessons 2007, Estonia Russia “patriots” targeting banks, media and state institutions. NATO wake up call 2007, Israel, Operation Orchard No nuclear plant, Korean workers, AA defense and Israel airstrike 2008, Georgia Russian “patriots”, information blackouts Well documented 2010, Stuxnet, Operation Olympic games Targeting Iran’s nuclear program Admitted by USA – or not? 2011, Georgia Cyber espionage attack from Russia 2014, Ukraine Elections manipulation, “hybrid warfare”, joint kinetic & cyber activities
PwC Case study #1 Stuxnet family Stuxnet Targeting Iranian nuclear enrichment facilities Objective is physical damage Successful delay of nuclear program Designed to pass the air gap Discovered by accident Attribution: United States (99%) General James Cartwright Project Olympic games Considered “the first cyberweapon” Flame, Duqu, Gauss Same “family of cyber weapons” as Stuxnet Responsibility and accountability Flame (Discovered 2012) Cyber espionage Duqu (Discovered 2012, version 2.0 in 2015) ICS targeting Gauss (Discovered 2012) Targeting banking sector
PwC Case study #2 Case of Ukraine Ukraine conflict Election manipulation Does not have to be effective Support kinetic operations Supremacy over the battlefield CyberBerkut Propaganda and desinformation Hybrid war Overused and abused term Strong focus on information warfare Combination of traditional warfare with special forces & cyber operations Focus on fear, uncertainty, doubt Key concept is limiting opponent's options Avoidance of hot conflict Loopholes exploitation (legal, policy & decision making, strategic & tactical)
PwC Key distinct features Characteristic Asymetric Offense is easier than defense Fast No time for reaction Preventive measures Attribution vs. deniability Who to blame Who to counter Enablers Attack surface of the victim More advanced = more vulnerable Reduction leads to degradation Capability of the attacker Talent can be trained Technology is cheap Brave new world Interconnected Fast development
PwC Objectives of cyberwar Mission support When “cyber” is not the objective but delivery Military concept of mission “I want 200 soldiers at their doorstep tomorrow morning, sergeant!” Cyber capabilities To achieve the mission objective To prevent interruption of mission Logistics & operations focused Battlefield domination Takedown of enemy information command Contest the cyberspace environment Drones hacking Critical infrastructure disruption When military objective can be achieved by cyber means in more efficient, safe and cheaper way – it will be.
PwC Ways of war Technology Denial of service of key technologies Websites Communication Support system disruption Medical Logistic Navigation Infrastructure targeting Information Propaganda, political influence Hearts and minds of people Information denial, disruption or credibility loss Targeting decision making process Digital only – single point of failure Cyber to physical Demonstration of cyber capabilities in physical world Power plants do not have “self destruct” button Cross-domain knowledge required Security through obscurity works (this time) Marina Krotofil
PwC Cyber fratricide Competing interests “We need to go deeper!” Intelligence agencies Researchers Investigators Get as much information about the attacker as possible during his operations. “Leave me alone!” Innocent bystanders Private companies Individuals Don’t get harmed. Live the good life. Mind own business. Be sad. “This ends here!” Law enforcement Incident responders Operations Stop the attack. Get back to normal operations. Seek & destroy.
PwC Cyber Pearl Harbor We need more resources to prevent atrocious terrorist attack! No second Pearl Harbor! Cyber security = money Cyber security = more power to government Cyber security = more power in government Without the ever present terrorist threat of new “Cyber Pearl Harbor”, the flow of money & power will be endangered Is cyber terrorism even a thing? Give me one example! There are no cyber terrorists (theories!) Subgroups of other categories Skill barrier for dummies Recruitment for talents by others There might be cyber terrorists Dormant capabilities Cold war mode Efficient MAD concept in play
PwC Challenges of cyberwar Attack Aging weapons If we don’t use it, it will expire Speed is the factor Mutual assured destruction (MAD) from nuclear arms race reappears Who will be the warrior? Defense Line of defense What are my crown jewels? Home ground – the only advantage Seeking the high ground in cyberspace Who will be the guardian? Ability to attack can often mean the vulnerability to the same tactic employed by the adversary
PwC Future threats Technology Internet of Things (IoT) Self driving cars Smart houses Smart grid Growing computational capabilities Relying on legacy concepts from the 80s New technologies (drones, quantum computers) Faster evolution of capabilities than associated security concepts Social Balkanization of the Internet Adoption of wrong legal concepts Encryption damage Governmental lawful interception Growing gap of understanding Reality vs. decision makers Lack of “white hats” in cyber security community Pretending cyberspace is something completely different will backfire
PwC Is there no hope? If you can’t beat them, join them! When living in exciting times. Make use of it! Cyberspace is the last frontier. For now. The cyberspace landscape is changing. Make an impact! Possibilities are endless. Offensive, defensive, research, education, policy & decision making, cross-domain questions, ethics… There was never a better time to jump into cyber security industry Power of informed decision making Cyberspace is here to stay “Cyberwar” is reality and its role will grow Education is critical Self education is the key The power is just few keystrokes away Don’t panic, approach with caution To make the right decisions, you need to understand the world around you. It is a skill that can be acquired
PwC ®evolution? “War is not merely a political act, but also a real political instrument” “Gain a preponderance of physical forces and material advantages at the decisive point” Carl von Clausewitz Cyberwar is not a revolution. It is the evolution of existing concepts over new battlefield – the cyberspace. Gain information advantage Limit your adversaries’ options Know & control the battlefield Assure your operations Deny operations of the adversary Exercise the least minimum force
PwC Reference Petr Špiřík @HidenatNet petr.spirik@gmail.com petr.spirik@cz.pwc.com http://www.slideshare.net/zapp0 /cyberwar-revolution Clarke, R.A. & Knake, R., 2012, ‘Cyber War: The Next Threat to National Security and What to Do About It’, Ecco Arquilla, J., 2011, ‘From blitzkrieg to bitskrieg: the military encounter with computers’, Communications of the ACM, vol. 54, no. 10, 2011 Mandiant, 2013, ‘Exposing One of China’s Cyber Espionage Units’ [online], Available from: http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf US-CCU, 2009, ‘Overview by the US-CCU of the Cyber Campaign Against Georgia in August 2008’ [online], Available from: http://www.registan.net/wp-content/uploads/2009/08/US-CCU-Georgia-Cyber-Campaign-Overview.pdf Leverett, E.P.,2011, ‘Quantitatively Assessing and Visualising Industrial System Attack Surfaces’ [online], Available from: http://www.cl.cam.ac.uk/~fms27/papers/2011-Leverett-industrial.pdf DoD, 2011, ‘Department of Defense Cyberspace Policy Report’ [online], Available from: http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf CCDCOE, 2013, ‘Tallinn manual’ [online], Available from: http://www.ccdcoe.org/249.html Ministry of Justice of Georgia, 2012, ‘CYBER ESPIONAGE Against Georgian Government’ [online], Available from: http://dea.gov.ge/uploads/CERT%20DOCS/Cyber%20Espionage.pdf Mauer, T., 2015, ‘Cyber proxies and the crisis in Ukraine’ [online], Available from: https://ccdcoe.org/sites/default/files/multimedia/pdf/CyberWarinPerspective_Maurer_09.pdf Langner Group, 2013, ‘To kill a centrifuge’ [online], Available from: http://www.langner.com/en/wp-content/uploads/2013/11/To-kill-a- centrifuge.pdf Deep, A., 2015, ‘Hybrid war: Old concept, new techniques’ [online], Available from: http://smallwarsjournal.com/jrnl/art/hybrid-war-old- concept-new-techniques

Recommended

CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYTalwant Singh
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national securityTalwant Singh
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286Udaysharma3
 
Cyber Warfare -
Cyber Warfare -Cyber Warfare -
Cyber Warfare -ideaflashed
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usualEnclaveSecurity
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India ReadyDinesh O Bareja
 

Recommended

CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYTalwant Singh
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national securityTalwant Singh
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286Udaysharma3
 
Cyber Warfare -
Cyber Warfare -Cyber Warfare -
Cyber Warfare -ideaflashed
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usualEnclaveSecurity
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India ReadyDinesh O Bareja
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 
About cyber war
About cyber warAbout cyber war
About cyber wareugenvaleriu
 
Cyberwarfare
CyberwarfareCyberwarfare
CyberwarfareSpace Defense Newsletter
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosCommonwealth Telecommunications Organisation
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliAdv Prashant Mali
 
Cyber war
Cyber warCyber war
Cyber warPraveen
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismSavigya Singh
 
Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011hassanzadeh20
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in CyberwarMehdi Poustchi Amin
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismSuyash Shanker
 
114-116
114-116114-116
114-116IKERIONWU FREDRICK
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorismloverakk187
 
Securing Cyber Space- Eljay Robertson
Securing Cyber Space- Eljay RobertsonSecuring Cyber Space- Eljay Robertson
Securing Cyber Space- Eljay RobertsonEljay Robertson
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismGanesh DNP
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismDeepak Pareek
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security ReviewSimon Moffatt
 
Asymmetric threat 5_paper
Asymmetric threat 5_paperAsymmetric threat 5_paper
Asymmetric threat 5_paperMarioEliseo3
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARTalwant Singh
 
9 weebly ppt
9 weebly ppt9 weebly ppt
9 weebly pptMyra Lipsey
 
Intro to weebly
Intro to weeblyIntro to weebly
Intro to weeblystantons
 

More Related Content

What's hot

Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliAdv Prashant Mali
 
Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011hassanzadeh20
 
Securing Cyber Space- Eljay Robertson
Securing Cyber Space- Eljay RobertsonSecuring Cyber Space- Eljay Robertson
Securing Cyber Space- Eljay RobertsonEljay Robertson
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismGanesh DNP
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security ReviewSimon Moffatt
 
Asymmetric threat 5_paper
Asymmetric threat 5_paperAsymmetric threat 5_paper
Asymmetric threat 5_paperMarioEliseo3
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARTalwant Singh
 

What's hot (20)

Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
 
About cyber war
About cyber warAbout cyber war
About cyber war
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant Mali
 
Cyber war
Cyber warCyber war
Cyber war
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011Cyber terrorism fact or fiction - 2011
Cyber terrorism fact or fiction - 2011
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
114-116
114-116114-116
114-116
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Securing Cyber Space- Eljay Robertson
Securing Cyber Space- Eljay RobertsonSecuring Cyber Space- Eljay Robertson
Securing Cyber Space- Eljay Robertson
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber Terrorism
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security Review
 
Asymmetric threat 5_paper
Asymmetric threat 5_paperAsymmetric threat 5_paper
Asymmetric threat 5_paper
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWAR
 

Viewers also liked

Intro to weebly
Intro to weeblyIntro to weebly
Intro to weeblystantons
 
Weebly powerpoint
Weebly powerpointWeebly powerpoint
Weebly powerpointRaniaE92
 
Secure Shell - a Presentation on Ethical Hacking
Secure Shell - a Presentation on Ethical HackingSecure Shell - a Presentation on Ethical Hacking
Secure Shell - a Presentation on Ethical HackingNitish Kasar
 
Introduction to weebly
Introduction to weeblyIntroduction to weebly
Introduction to weeblytmjordan
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for CyberwarfareAurin Sheikh
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Cyber security
Cyber securityCyber security
Cyber securitySiblu28
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Viewers also liked (16)

9 weebly ppt
9 weebly ppt9 weebly ppt
9 weebly ppt
 
Intro to weebly
Intro to weeblyIntro to weebly
Intro to weebly
 
Weebly powerpoint
Weebly powerpointWeebly powerpoint
Weebly powerpoint
 
Weebly Website Blog
Weebly Website BlogWeebly Website Blog
Weebly Website Blog
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Secure Shell - a Presentation on Ethical Hacking
Secure Shell - a Presentation on Ethical HackingSecure Shell - a Presentation on Ethical Hacking
Secure Shell - a Presentation on Ethical Hacking
 
Introduction to weebly
Introduction to weeblyIntroduction to weebly
Introduction to weebly
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Similar to Cyberwar: (R)evolution?

Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllJarno Limnéll
 
VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016Cameron Brown
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceJarno Limnéll
 
Unveiling the Enigma Can Cybersecurity Hack
Unveiling the Enigma Can Cybersecurity HackUnveiling the Enigma Can Cybersecurity Hack
Unveiling the Enigma Can Cybersecurity HackMSR Buzz
 
Cyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckCyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckJarno Limnéll
 
CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziNCCOMMS
 
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdf
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdfTop Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdf
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdfTopCyberNewsMAGAZINE
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalLeslie Lee
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...Pukhraj Singh
 
Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018joshquarrie
 
Microsoft Digital Defense Report 2022.pdf
Microsoft Digital Defense Report 2022.pdfMicrosoft Digital Defense Report 2022.pdf
Microsoft Digital Defense Report 2022.pdfNirenj George
 
Topic Summary.docx
Topic Summary.docxTopic Summary.docx
Topic Summary.docxwrite5
 
wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...
wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...
wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...tushargupta27122003
 
Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015AFCEA International
 
40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazineBradford Sims
 
40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINE
40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINE40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINE
40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINETopCyberNewsMAGAZINE
 
Cyber security Guide
Cyber security GuideCyber security Guide
Cyber security GuideIla Group
 
Cyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatCyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatIBM Government
 

Similar to Cyberwar: (R)evolution? (20)

Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéll
 
VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in Cyberspace
 
Unveiling the Enigma Can Cybersecurity Hack
Unveiling the Enigma Can Cybersecurity HackUnveiling the Enigma Can Cybersecurity Hack
Unveiling the Enigma Can Cybersecurity Hack
 
Cyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckCyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality Check
 
CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael Narezzi
 
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdf
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdfTop Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdf
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdf
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam Segal
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
 
Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018
 
Cyber Security
Cyber Security Cyber Security
Cyber Security
 
Microsoft Digital Defense Report 2022.pdf
Microsoft Digital Defense Report 2022.pdfMicrosoft Digital Defense Report 2022.pdf
Microsoft Digital Defense Report 2022.pdf
 
Topic Summary.docx
Topic Summary.docxTopic Summary.docx
Topic Summary.docx
 
wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...
wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...
wepik-the-cyber-security-puzzle-decoding-the-digital-defenses-202404070542196...
 
Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015
 
40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine
 
40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINE
40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINE40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINE
40 under 40 in Cybersecurity 2022. Top Cyber News MAGAZINE
 
Cyber security Guide
Cyber security GuideCyber security Guide
Cyber security Guide
 
Cyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatCyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the Threat
 

More from zapp0

Enterprise incident response 2017
Enterprise incident response 2017Enterprise incident response 2017
Enterprise incident response 2017zapp0
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management IIzapp0
 
Enterprise security incident management
Enterprise security incident managementEnterprise security incident management
Enterprise security incident managementzapp0
 
Open source intelligence analysis
Open source intelligence analysisOpen source intelligence analysis
Open source intelligence analysiszapp0
 
Civilian OPSEC in cyberspace
Civilian OPSEC in cyberspaceCivilian OPSEC in cyberspace
Civilian OPSEC in cyberspacezapp0
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber securityzapp0
 
Cyberwar
CyberwarCyberwar
Cyberwarzapp0
 

More from zapp0 (7)

Enterprise incident response 2017
Enterprise incident response 2017Enterprise incident response 2017
Enterprise incident response 2017
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management II
 
Enterprise security incident management
Enterprise security incident managementEnterprise security incident management
Enterprise security incident management
 
Open source intelligence analysis
Open source intelligence analysisOpen source intelligence analysis
Open source intelligence analysis
 
Civilian OPSEC in cyberspace
Civilian OPSEC in cyberspaceCivilian OPSEC in cyberspace
Civilian OPSEC in cyberspace
 
Education to cyber security
Education to cyber securityEducation to cyber security
Education to cyber security
 
Cyberwar
CyberwarCyberwar
Cyberwar
 

Recently uploaded

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 

Recently uploaded (20)

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 

Cyberwar: (R)evolution?

  • 1. Cyberwar ®evolution? Petr Špiřík @ KISK Expert Panel 17. 12. 2015
  • 2. PwC Petr Špiřík, MSc. Cyberwar: ®evolution? Professional PwC CEE CISO 29 countries, full scope of information security portfolio Former Cyber threat intelligence lead and Security architect I get paid for what I love. How cool is that? Personal Geek & security enthusiast Fascinated by cyberspace, cyber security realm and associated topics Believer in the power of information and that it wants to be free Low tolerance for nonsense. Rules of engagement Respect each other There are no stupid questions
  • 3. PwC Cyber war … … or cyber operation? Threat actors Criminals Hacktivists Lone wolfs State actors The term cyberwar will be used through this presentation for simplicity Treat with caution War has a meaning from legal perspective Defined especially in IHL, explained in Tallinn Manual Not everyone “can” be at war Organized crime is not war Different rules apply in war (Cyber) act of war can result in kinetic response By abusing defined terms we risk misunderstanding – or worse During this presentation we will focus on operations in cyberspace where state is either a target or an attacker and where the objective is military or political advantage.
  • 4. PwC History of notable incidents Helicopter view 2003, Iraq war Battlefield online, information supremacy Harsh lessons 2007, Estonia Russia “patriots” targeting banks, media and state institutions. NATO wake up call 2007, Israel, Operation Orchard No nuclear plant, Korean workers, AA defense and Israel airstrike 2008, Georgia Russian “patriots”, information blackouts Well documented 2010, Stuxnet, Operation Olympic games Targeting Iran’s nuclear program Admitted by USA – or not? 2011, Georgia Cyber espionage attack from Russia 2014, Ukraine Elections manipulation, “hybrid warfare”, joint kinetic & cyber activities
  • 5. PwC Case study #1 Stuxnet family Stuxnet Targeting Iranian nuclear enrichment facilities Objective is physical damage Successful delay of nuclear program Designed to pass the air gap Discovered by accident Attribution: United States (99%) General James Cartwright Project Olympic games Considered “the first cyberweapon” Flame, Duqu, Gauss Same “family of cyber weapons” as Stuxnet Responsibility and accountability Flame (Discovered 2012) Cyber espionage Duqu (Discovered 2012, version 2.0 in 2015) ICS targeting Gauss (Discovered 2012) Targeting banking sector
  • 6. PwC Case study #2 Case of Ukraine Ukraine conflict Election manipulation Does not have to be effective Support kinetic operations Supremacy over the battlefield CyberBerkut Propaganda and desinformation Hybrid war Overused and abused term Strong focus on information warfare Combination of traditional warfare with special forces & cyber operations Focus on fear, uncertainty, doubt Key concept is limiting opponent's options Avoidance of hot conflict Loopholes exploitation (legal, policy & decision making, strategic & tactical)
  • 7. PwC Key distinct features Characteristic Asymetric Offense is easier than defense Fast No time for reaction Preventive measures Attribution vs. deniability Who to blame Who to counter Enablers Attack surface of the victim More advanced = more vulnerable Reduction leads to degradation Capability of the attacker Talent can be trained Technology is cheap Brave new world Interconnected Fast development
  • 8. PwC Objectives of cyberwar Mission support When “cyber” is not the objective but delivery Military concept of mission “I want 200 soldiers at their doorstep tomorrow morning, sergeant!” Cyber capabilities To achieve the mission objective To prevent interruption of mission Logistics & operations focused Battlefield domination Takedown of enemy information command Contest the cyberspace environment Drones hacking Critical infrastructure disruption When military objective can be achieved by cyber means in more efficient, safe and cheaper way – it will be.
  • 9. PwC Ways of war Technology Denial of service of key technologies Websites Communication Support system disruption Medical Logistic Navigation Infrastructure targeting Information Propaganda, political influence Hearts and minds of people Information denial, disruption or credibility loss Targeting decision making process Digital only – single point of failure Cyber to physical Demonstration of cyber capabilities in physical world Power plants do not have “self destruct” button Cross-domain knowledge required Security through obscurity works (this time) Marina Krotofil
  • 10. PwC Cyber fratricide Competing interests “We need to go deeper!” Intelligence agencies Researchers Investigators Get as much information about the attacker as possible during his operations. “Leave me alone!” Innocent bystanders Private companies Individuals Don’t get harmed. Live the good life. Mind own business. Be sad. “This ends here!” Law enforcement Incident responders Operations Stop the attack. Get back to normal operations. Seek & destroy.
  • 11. PwC Cyber Pearl Harbor We need more resources to prevent atrocious terrorist attack! No second Pearl Harbor! Cyber security = money Cyber security = more power to government Cyber security = more power in government Without the ever present terrorist threat of new “Cyber Pearl Harbor”, the flow of money & power will be endangered Is cyber terrorism even a thing? Give me one example! There are no cyber terrorists (theories!) Subgroups of other categories Skill barrier for dummies Recruitment for talents by others There might be cyber terrorists Dormant capabilities Cold war mode Efficient MAD concept in play
  • 12. PwC Challenges of cyberwar Attack Aging weapons If we don’t use it, it will expire Speed is the factor Mutual assured destruction (MAD) from nuclear arms race reappears Who will be the warrior? Defense Line of defense What are my crown jewels? Home ground – the only advantage Seeking the high ground in cyberspace Who will be the guardian? Ability to attack can often mean the vulnerability to the same tactic employed by the adversary
  • 13. PwC Future threats Technology Internet of Things (IoT) Self driving cars Smart houses Smart grid Growing computational capabilities Relying on legacy concepts from the 80s New technologies (drones, quantum computers) Faster evolution of capabilities than associated security concepts Social Balkanization of the Internet Adoption of wrong legal concepts Encryption damage Governmental lawful interception Growing gap of understanding Reality vs. decision makers Lack of “white hats” in cyber security community Pretending cyberspace is something completely different will backfire
  • 14. PwC Is there no hope? If you can’t beat them, join them! When living in exciting times. Make use of it! Cyberspace is the last frontier. For now. The cyberspace landscape is changing. Make an impact! Possibilities are endless. Offensive, defensive, research, education, policy & decision making, cross-domain questions, ethics… There was never a better time to jump into cyber security industry Power of informed decision making Cyberspace is here to stay “Cyberwar” is reality and its role will grow Education is critical Self education is the key The power is just few keystrokes away Don’t panic, approach with caution To make the right decisions, you need to understand the world around you. It is a skill that can be acquired
  • 15. PwC ®evolution? “War is not merely a political act, but also a real political instrument” “Gain a preponderance of physical forces and material advantages at the decisive point” Carl von Clausewitz Cyberwar is not a revolution. It is the evolution of existing concepts over new battlefield – the cyberspace. Gain information advantage Limit your adversaries’ options Know & control the battlefield Assure your operations Deny operations of the adversary Exercise the least minimum force
  • 16. PwC Reference Petr Špiřík @HidenatNet petr.spirik@gmail.com petr.spirik@cz.pwc.com http://www.slideshare.net/zapp0 /cyberwar-revolution Clarke, R.A. & Knake, R., 2012, ‘Cyber War: The Next Threat to National Security and What to Do About It’, Ecco Arquilla, J., 2011, ‘From blitzkrieg to bitskrieg: the military encounter with computers’, Communications of the ACM, vol. 54, no. 10, 2011 Mandiant, 2013, ‘Exposing One of China’s Cyber Espionage Units’ [online], Available from: http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf US-CCU, 2009, ‘Overview by the US-CCU of the Cyber Campaign Against Georgia in August 2008’ [online], Available from: http://www.registan.net/wp-content/uploads/2009/08/US-CCU-Georgia-Cyber-Campaign-Overview.pdf Leverett, E.P.,2011, ‘Quantitatively Assessing and Visualising Industrial System Attack Surfaces’ [online], Available from: http://www.cl.cam.ac.uk/~fms27/papers/2011-Leverett-industrial.pdf DoD, 2011, ‘Department of Defense Cyberspace Policy Report’ [online], Available from: http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf CCDCOE, 2013, ‘Tallinn manual’ [online], Available from: http://www.ccdcoe.org/249.html Ministry of Justice of Georgia, 2012, ‘CYBER ESPIONAGE Against Georgian Government’ [online], Available from: http://dea.gov.ge/uploads/CERT%20DOCS/Cyber%20Espionage.pdf Mauer, T., 2015, ‘Cyber proxies and the crisis in Ukraine’ [online], Available from: https://ccdcoe.org/sites/default/files/multimedia/pdf/CyberWarinPerspective_Maurer_09.pdf Langner Group, 2013, ‘To kill a centrifuge’ [online], Available from: http://www.langner.com/en/wp-content/uploads/2013/11/To-kill-a- centrifuge.pdf Deep, A., 2015, ‘Hybrid war: Old concept, new techniques’ [online], Available from: http://smallwarsjournal.com/jrnl/art/hybrid-war-old- concept-new-techniques