Cyber terrorism security new definitions for new realities
Download
1 / 25

Cyber-Terrorism - PowerPoint PPT Presentation


  • 434 Views
  • Updated On :

Cyber-Terrorism & Security New Definitions For New Realities. Dan Verton Vice President & Executive Editor. www.itsecuritymagazine.com. FISSEA March 2005. This Is A Controversial Topic.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Cyber-Terrorism' - Sharon_Dale


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Cyber terrorism security new definitions for new realities l.jpg

Cyber-Terrorism&SecurityNew Definitions For New Realities

Dan Verton

Vice President & Executive Editor

www.itsecuritymagazine.com

FISSEA

March 2005


This is a controversial topic l.jpg
This Is A Controversial Topic

  • “The problem is that when you make a recommendation before [an attack] happens, people tend to think you're nuts.”

  • “That's the kind of mind set that made it difficult for us…the institutional bureaucracy…couldn't see the threat because it hadn't happened.”

Richard Clarke Testifying at 9/11 Commission Hearing, 3/24/04


Before we do anything l.jpg
Before We Do Anything…

  • Accept the FACT that vulnerabilities open doors to the unexpected.

  • Accept that there is NO separation between the cyber world and the physical world.

  • Terrorism is multifaceted. Traditional definitions must be adapted to the new realities.

  • We’ve become distracted – insider threat is real & growing.

  • Change the way you THINK about future threats…don’t be a security APPEASER.


Appeaser l.jpg
Appeaser

  • According to Webster’s Dictionary:

  • \Ap*peas"er\, n. One who appeases; a pacifier.


Appeaser5 l.jpg
Appeaser

  • According to Verton’s Dictionary:

  • \Ap*peas"er\, n. “One who feeds a crocodile hoping it will eat him last.”

    • Sir Winston Churchill


What do i really mean by appeasement l.jpg
What Do I Really Mean By“Appeasement?”

  • Maybe we are growing dangerously complacent?

  • Maybe we do underestimate our enemies?

  • Maybe we really do think this is as bad as it can get?

  • Maybe the threat-independent model is not how we should be approaching these issues?


The vulnerability matrix l.jpg

Electric

The Vulnerability Matrix

5,800 registered hospitals

Viruses, Worms

Home Users

5,000 airports

300 maritime ports

Wireless

3,000 govt. facilities

2,800 power plants

104 commercial

nuclear plants

Broadband Connections

EmergencyServices

26,000 FDIC institutions

Government

Transportation

Insiders

150,000 miles transmission lines

Configuration

Problems

66,000 chemical plants

Chemical

Banking

130 overlapping grid controllers

Rail

300,000 production sites

Oil

Natural Gas

Telecom

Water

Waste Water

120,000 miles of major rails

E-commerce

2 billion miles of cable

2 million miles of pipelines

Natural Gas

1,600 municipal wastewater facilities

80,000 Dams


It security how important is it really l.jpg
IT SecurityHow Important Is It Really?

  • Not only about $… It’s about public safety too!

    • Railroads.

    • Water & Wastewater Treatment.

    • Uranium Mining.

    • Oil Wells, Water Flood Operations.

    • Airline Baggage Checking.

    • Aug. 14 Power Failure.

    • Online Information Control.


Defining the future threat intent capability l.jpg

Russian FAPSI

Pakistani ISI

Directorate for Inter-Services Intelligence

Hackers for Hire,

Organized Crime,

Disgruntled Insiders

Defining The FutureThreat = Intent + Capability


Defining the evidence omar bakri muhammad bin laden s man in london l.jpg
Defining The EvidenceOmar Bakri MuhammadBin Laden's man in London

  • Syrian-born, radical, founder of Al-Muhajirun

  • Spokesman for the International Islamic Front, the political wing of the International Islamic Front for Jihad Against Jews and Crusaders, led by Osama bin Laden

  • Has recruited for Hamas, Hezbollah and various groups in Afghanistan

  • FBI memo on July 10, 2001, noted a connection between Middle Eastern men in Phoenix-area flight schools and Bakri's London-based Al-Muhajirun.


Bakri on cyber attacks l.jpg
Bakri On Cyber Attacks

  • "In a matter of time, you will see attacks on the stock market."

  • “I would not be surprised if tomorrow I hear of a big economic collapse because of somebody attacking the main technical systems in big companies."

  • "The third letter from Osama bin Laden…was clearly addressing using the technology in order to destroy the economy of the capitalist states. This is a matter that is very clear."


Other evidence historical l.jpg
Other Evidence - Historical

  • L’Houssaine Kherchtou, a 36-year-old Moroccan, was one of al-Qaeda’s early trainees in high-tech methods of surveillance. Teacher = Abu Mohamed al Amriki

  • Fey Street (Peshawar) Electronics Lab run by Abu al-Alkali and Salem the Iraqi.

  • “They found out that I don’t know anything about electronics, and they told me just to study from the beginning and to recognize...the different components.”

  • Degree in engineering?



Slide14 l.jpg

Slacke & Terr0r

On 8th of March F-Secure got a report of a network trojan known as "Slacke"

Report came from Russia

The trojan was written by a Kuwait hacker group Q8SEE


Slide15 l.jpg

Slacke & Terr0r

The worm downloaded additional code from a website

The website was WWW.LUVZ.ST

.ST is the domain of São Tomé and Príncipe

Where?



The net widens l.jpg
The Net Widens coast of Africa

The .ST domain rights were sold to a company operating in Stockholm, Sweden

According their WHOIS, Luvz.st was registered to: Administrative Contact Information  Company Name: JordanChat  Contact Name: TeRrOr Address: Irbid , 00962 , irbid , IR , JO Expire date: 29 Oct, 2003


The net reaches u s l.jpg
The Net Reaches U.S. coast of Africa

CHAT.CNN.COM > #Noticias in Mexico


Slacke terror l.jpg
Slacke & Terror? coast of Africa


Insider threat l.jpg
Insider Threat coast of Africa

  • Why spend R&D money when you can steal it?

  • Economic Espionage: $ hundreds of billions

  • Four forms of insider:

    • Internal (current/former employees, executives)

    • External (contractor, maintenance, business partner)

    • Collaborator (external working with internal)

    • Rogue Ideologue (seeks hire for purpose of doing harm)

  • Technology Complicates Internal Defenses

    • The Perimeter is gone!

    • USB devices, cell phone cameras, common configuration errors, lack of access controls, contractors, outsourcing

    • Places premium on automated tools, data-centric


Insider stats l.jpg
Insider Stats coast of Africa


Types of data being stolen l.jpg
Types of Data Being Stolen coast of Africa

  • Computer source code

  • Business plans and design specifications

  • Customer and order information databases

  • Motorola 2-way radio specifications

  • Newest Intel chip specifications (twice)

  • Sales and pricing data

  • Oil and gas well logs and software used in the analysis of the information

  • Engineering drawings for next generation of Gillette razor systems

  • Eng. Drawings Next Generation Space Shuttle

    (inside or outside??)


Case ramon l.jpg
Case: Ramon coast of Africa

An intellectual of sorts, highly educated, conservative in his politics, painfully introverted, somewhat arrogant and kind of a geek.

Expert programmer who preferred communicating with associates through e-mail rather than in person.

Hacked his employer's computer system without permission to show management that there were serious security gaps that needed to be fixed.

  • Robert Hanssen – The worst insider spy case in FBI history.


Insider psychological profile l.jpg
Insider Psychological Profile coast of Africa

Introverted: A common characteristic of IT specialists, which can pose a significant management challenge.

Frustrated: Family or social problems may be compounded by negative attitudes toward authority.

Computer-dependent: Such individuals often prefer online activity to direct social interaction.

Ethical flexibility: Dangerous insiders view malicious actions as justified, given their circumstances.

Entitlement: Feelings of being “special” employees—for example, the only ones with the necessary training. Being overworked with no rewards can lead to a desire for revenge.

Reduced loyalty: Some insiders identify with the IT/programming profession and not with the organization that employs them.

Lack of empathy: The impersonal nature of cyberspace leads to a lack of regard for the impact of the perpetrators’ actions on others.


Final thought 9 11 think differently l.jpg
Final Thought – 9/11 coast of AfricaThink Differently

Security is about a lot of things, not only bits & bytes

THANK YOU


ad