slide1 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Cyber Terrorism PowerPoint Presentation
Download Presentation
Cyber Terrorism

Loading in 2 Seconds...

play fullscreen
1 / 28

Cyber Terrorism - PowerPoint PPT Presentation


  • 390 Views
  • Uploaded on

Cyber Terrorism. Part 2 of 2 ( When the Hackers Grow Up). CYBER WARFIGHTER. Terrorists Terrorist sympathizers Government agents Organized Crime Thrill seekers. Incidents normally take the form of organized Asymmetric Attacks. Case #1. Pakistan/India Conflict

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Cyber Terrorism' - Jeffrey


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Cyber Terrorism

Part 2 of 2

(When the Hackers Grow Up)

Hacking as Warfare

cyber warfighter
CYBER WARFIGHTER
  • Terrorists
  • Terrorist sympathizers
  • Government agents
  • Organized Crime
  • Thrill seekers

Incidents normally take the form of organized Asymmetric Attacks.

Hacking as Warfare

case 1
Case #1

Pakistan/India Conflict

  • Indian sites defaced by Pakistani hacker groups including G-Force and Doctor Nuker have been either political, highly visible, or involved in information dissemination
  • 5 megabytes of possibly sensitive nuclear research information was downloaded from the Bhabha Atomic Research Center

Hacking as Warfare

case 2
Case #2

Israel/Palestinian Conflict

Close connection between political events in the region between 1999 and 2001:

  • Feb. 3: Barak-Arafat summit breaks up
  • Feb. 8: Israel launches airstrikes against Hezbollah sites in Lebanon
  • Oct. 17: Sharm el Sheikh summit
  • Nov.20: bombs kill 4, injure 69 Israelis
  • Nov: Israeli soldiers & artillery kill 32 Palestinians
  • Jan. 12: Palestinian man shot & dragged; Arafat demands apology
  • Apr.22: 2 weeks violence culminate in suicide bombing at bus stop

Hacking as Warfare

case 3
Case #3

Yugoslavia Conflict

  • When NATO air strikes hit Former republic of Yugoslavia in Kosovo and Serbia, NATO web servers were subjected to sustained attacks by hackers employed by the Yugoslav military
  • All NATO’s 100 servers were subjected to “ping saturation” DDoS assaults and bombarded with thousands of emails, many containing viruses
  • The attacks on NATO servers coincided with numerous website defacements of American military, government, and commercial sites by Serbian, Russian, and Chinese sympathizers of Yugoslavia
  • These attacks causes serious disruption of NATA communications infrastructures

Hacking as Warfare

case 4
Case #4

China fighter plane collision with American spy plane

  • On April 1, 2001, there was a mid-air collision between an American surveillance plane and a Chinese fighter aircraft.
  • Chinese hacker groups, such as the Honker Union of China and the Chinese Red Guest Network Security Technology Alliance, organized a massive and sustained week-long campaign of cyber attacks against American targets in retaliation for the death of Chinese pilot Wang Wei
  • Chinese hackers used Internet postings and IRC to plan and coordinate their assault against US systems.
  • Approximately 1,200 U.S. sites, including those belonging to the White House, the U.S. Air Force, U.S. Geological Survey, and the Department of Energy, had been subjected to DDoS attacks or defaced with pro-Chinese images.
  • A number of recent Internet worms including Lion, Adore, and Code Red are suspected of having originated in China

Hacking as Warfare

CNN May 2, 2001

case 5
Case #5
  • Vulnerabilities in the Nation's power distribution grid were first exposed during the Joint Chiefs of Staff exercise “Eligible Receiver” Mr. Kenneth H. Bacon, Pentagon spokesperson, stated, “we did learn that computer hackers could have a dramatic impact on the nation's infrastructure, including the electrical power grid.” This vulnerability was exploited for real in June 2001, when computer hackers, routed through networks operated by China Telecom, penetrated the defenses of a practice network of the California Independent Systems Operator (Cal-ISO) for 17 days.
  • The specter of an unanticipated and massive attack on critical infrastructures that disables core functions such as telecommunications, electrical power systems, gas and oil, banking and finance, transportation, water supply systems, government services, and emergency services, has been raised in a number of reports on national security and by the National Infrastructure Protection Center (NIPC).

Hacking as Warfare

case 6
Case #6
  • A series of intrusions, collectively known as Moonlight Maze, in U.S. government systems over a period of several years may have originated in Russia. The first attacks were detected in March 1998 and, in the course of this sustained assault, hundreds of unclassified networks used by the Pentagon, the Department of Energy, NASA, as well as a variety of defense contractors, may have been compromised.
  • While authorities insist that no classified systems were breached, it is undisputed that vast quantities of technical defense research were illegally downloaded.

Hacking as Warfare

c ase 7
Case #7

http://www.newsmax.com/archives/articles/2001/12/18/224826.shtml

  • NEWSMAX, Wed. Dec. 19, 2001 - In the wake of the Sept. 11 terrorist attack, the FBI has stumbled on the largest espionage ring ever discovered inside the United States. The U.S. Justice Department is now holding nearly 100 Israeli citizens with direct ties to foreignmilitary, criminal and intelligence services. The spy ringreportedly includes employees of two Israeli-owned companiesthat currently perform almost all the official wiretaps forU.S. local, state and federal law enforcement.
  • The U.S. law enforcement wiretaps, authorized by theCommunications Assistance for Law Enforcement Act (CALEA),appear to have been breached by organized crime units working inside Israel and the Israeli intelligence service, Mossad.
  • The spy ring enabled criminals to use reverse wiretaps against U.S. intelligence and law enforcement operations. The illegal monitoring may have resulted in the deaths of several informants and reportedly spoiled planned anti-drug raids on crime syndicates.
  • "Why do you think Putin so nonchalantly and with such great fanfare announced the shutdown of the Lourdes listening post in Cuba?" noted Douglas Brown, president of Multilingual DataSolutions Inc. and program director at the Nathan HaleInstitute.

Hacking as Warfare

case 8
Case #8
  • Hackers Attacked 103 Moroccan Web Sites in 2001
  • RABAT (Reuters) - At least 103 Moroccan Internet Web sites were attacked by hackers last year, in several attempts to modify their contents, the official MAP news agency said on Friday.
  • Quoting experts at leading Menara site, MAP said local firms specializing in information technologies have urged the authorities to set up a legal framework and proceedings to deter hacker attacks and protect the E-business activity in Morocco.
  • The Casablanca-based Menara is run by state-owned Moroccan telecom operator Maroc Telecom.
  • MAP didn't say if the hackers' attempts caused damage to the target sites.
  • The first hackers' attack was registered in November 2000 and targeted the finance ministry Web site, officials had said.
  • Morocco has an estimated 200,000 to 400,000 internet users, and had some 2,500 providers and cybercafes in 2001.

Hacking as Warfare

REUTERS, January 18, 2002 07:33 AM ET

high energy radio frequency
High Energy Radio Frequency

http://www.infowar.com/class_3/harden.html-ssi

http://www.zdnet.com/zdnn/stories/news/0,4586,2331772,00.html

Cyberwar attack or hacking will in many instances be the preferred mode of attack, but in some instances electromagnetic attack intended to cause denial of service for short or long periods of time may be a possibility. In the short term, electromagnetic attack is not particularly likely, although some reports from Europe and the US suggest that it is beginning to occur. Once police forces worldwide start deploying HERF guns for traffic control purposes (see an early November issue of New Scientist for more detail here), the technology will however become more available, thus better understood in the wider community, and the frequency of incidents will inevitably increase. The law enforcement community should give some careful thought to the fact that in promoting the proliferation of the HERF gun to solve one law enforcement problem, they may have inadvertently opened a Pandora's box of other law enforcement problems, potentially far more expensive to the general public.

Hacking as Warfare

high energy radio frequency cont
High Energy Radio Frequency (cont.)

Having determined that we are at risk from electromagnetic attack, we must then determine what the likely style of attack will be. The threat can be divided into high power and low power styles of attack. High power attack, by flux generator bomb or microwave bomb, is less likely but considerably more damaging. It is less likely because the technology is difficult to produce without the resources of a government research establishment, and the equipment to perform this kind of attack requires often difficult to source materials, such as high grade plastic explosives, high performance detonation systems similar to those used in nuclear weapons, and finally a non-trivial amount of expertise is required to use these weapons properly. Delivery may also prove to be an issue, as a high power flux generator requires a packaging volume similar to that of a sizeable car bomb. High power attack is therefore only likely in the instance of war, or a terrorist attack sponsored by a hostile government prepared to provide the logistical support for the weapons. It is worth noting that any government with the ability to build an implosion type nuclear bomb will have the required hydro-dynamics expertise to eventually design themselves a flux generator or microwave bomb.

Hacking as Warfare

observations
Observations
  • Direct correlations exist between Political/Military actions and computer attacks
  • Cyber attacks immediately accompany Military Attacks
  • Politically motivated Cyber Attacks are Increasing
  • Cyber Attackers are becoming more sophisticated
  • Cyber Attackers are Attracted to High Value Targets

Hacking as Warfare

september 11 2001
September 11, 2001

Hacking as Warfare

impact on citizens
IMPACT ON CITIZENS
  • Economic Losses
    • Tourism
    • Airlines
    • International trade*
  • Living in Fear
    • Wartime Environment
    • Significantly Less Productive

*The World Trade Center attacks not only took lives and property but closed markets and destroyed a significant component of the financial information infrastructure in New York City.

Hacking as Warfare

approaches before 9 11 will no longer work
Approaches before 9/11 will no longer work
  • Current security infrastructures are not prepared to deal with the new styles of terrorism
  • Traditional police/military reactions will not work
    • “catching the terrorist” is impossible: there could be thousands of terrorists in collusion, all hidden and absorbed into our society
    • Guerilla war with invisible enemies – possibly even “friends”
    • Police inability to control terrorism
  • Mass Insecurity - People must have a framework to deal with fears
    • What could happen next - Air traffic control? Reservoir Poisoning?
    • What damage will be done?
    • What can I do?
  • Terrorism can thrive in a “Open and Free Society”
    • “I’m Coming…”

Hacking as Warfare

strategic recommendations
Strategic Recommendations
  • Preventative Medicine?
    • What are the procedures we need to have ?
    • How can we implement such procedures?
    • Who should implement the procedures?
      • Government?
      • Private Sector?
      • Citizens?
  • Hacker/Terrorist Profiling?
    • Profiles of known terrorists/hackers
      • Behavior, grooming, travel, ethnics, etc.?
  • Role of Governments
    • FBI, CIA, Military?
    • “Homeland Defense”?
  • DISCUSSION

Hacking as Warfare

practical recommendations
Practical Recommendations
  • Raise awareness of the importance of system security at all levels
  • Report suspicious activity to law enforcement immediately to facilitate the warning and investigative processes
  • Apply and follow standard best practices for computer and physical security; apply regular software updates, and install worm protection, intrusion detection systems and firewalls
  • Secure critical information assets by implementing recommended measures against known exploits and back up all vital systems and information
  • Utilize ingress and egress filtering to protect against Distributed Denial of Service (DDoS) attacks

Hacking as Warfare

societal recommendations
Societal Recommendations
  • Coordinated Terrorisms = > Major Strike Entropy
      • Cyber > Terrorism
      • Bio > Terrorism
      • Physical > Terrorism
      • Social > Terrorism
  • Empower ordinary citizens to cope with terrorism
    • Get citizens involved, informed, “in control” rather than “in fear”
    • Provide easy access to information and latest updates

Hacking as Warfare

tactical recommendations
Tactical Recommendations
  • Improved Authentication procedures
    • Users
    • Resources
    • Services
  • Education & Awareness Training
  • Disaster Recovery Planning
  • A new multi-disciplinary sleuth is needed:
    • Epidemiologist with computer and criminology training
    • Discern NATURAL from CRIMINAL disease situations
    • Detect early warning signs
    • Have resources and credentials to identify/deter terrorism
    • Provide evidence for legal prosecution

Hacking as Warfare

say what
Say What ??

Uncle Sam Wants Napster!

By Leslie Walker Thursday, November 8, 2001; Page E01

The WASHINGTON POST

The Pentagon is taking a friendlier view of Napster's file-sharing concept than are America's big entertainment companies, which have repeatedly sued tech upstarts to stop people from swapping songs, movies and other copyrighted material.

Rather than trying to shut down the new computer networks that allow people to directly connect other personal computers, the military wants to enlist their creators in the war against terrorism.

Hacking as Warfare

say what22
Say What ??

"You guys could help us," Lt. Col. Robert Wardell, special assistant to Gen. Richard B. Myers, chairman of the Joint Chiefs of Staff, told technologists at an industry conference in Washington this week.

Indeed, the technology behind Napster, the music-sharing network that record companies sued for copyright infringement, may be getting a public relations boost in the wake of the Sept. 11 terrorist attacks. Public anxiety over flying, a desire to cut travel costs and growing awareness of the need for secure communication appear to be heightening interest in Napster-like collaboration tools.

Wardell said the technology might help the military share information on the fly across its many branches, agencies, ships, airplanes, tanks and ground troops -- here and around the world.

Hacking as Warfare

slide23
cDc

http://cultdeadcow.com/details.php3?listing_id=425

THE CULT OF THE DEAD COW OFFERS A HELPING HAND IN AMERICA'S TIME OF NEED

In an effort to turn the tide in the war on terrorism, a private-sector think tank offers its expertise to the FBI.

LUBBOCK, TX, November 26 -- Never before has the United States faced a more troublesome enemy. To meet this growing challenge, the Federal Bureau of Investigation has announced an ongoing effort to create and deploy best-of-breed electronic surveillance software.

In July 2000 the FBI unveiled Carnivore (now called the DCS-1000), a sniffer capable of plucking relevant packet headers out of live data streams. To augment the investigative value of the DCS-1000, last week the FBI announced the development of "Magic Lantern", a rootkit for gathering information on target computers.

Hacking as Warfare

cdc cont
cDc (cont.)

According to all accounts, this represents a major leap forward in the fight against all forms of computercrime. But we in the CULT OF THE DEAD COW (cDc) believe that there are opportunities here for public/private sector synergy.

"While we applaud the innovation and drive of the federal law enforcement agency, those of us who are U.S. citizens would be remiss if we did not offer our expertise in this area." said Reid Fleming, a cDc member.

The CULT OF THE DEAD COW has more targeted experience than anyone else in this field. We have repeatedly demonstrated our long-term commitment to this technology area with the release of the original Back Orifice in 1998, and its successor, Back Orifice 2000.”

Hacking as Warfare

sun tzu art of war
Sun Tzu, ART OF WAR

If you know the enemy and know yourself,

You need not fear the result of a hundred battles.

If you know yourself but not the enemy,

For every victory gained you will also suffer a defeat.

If you know neither the enemy nor yourself,

You will succumb in every battle.

Hacking as Warfare

what can you do
What Can You Do?

? Who can or should take action ?

? What can The Government do ?

? What can the Military do ?

? What can You, as an Individual, do ?

? Can ANYONE do ANYTHING at All ?

Hacking as Warfare

references
References
  • CERT http://www.cert.org/nav/index_main.html
  • SANS http://www.sans.org
  • Internet Security Systems http://www.iss.net/search.php
  • Symantec (Norton) http://securityresponse.symantec.com/
    • Security Reference Handbook
  • McAfee http://www.mcafee.com/
  • SecurityFocus http://www.securityfocus.com/
  • Internet Engineering Task Force
    • http://www.ietf.org/rfc/rfc2504.txt?number=2504

Hacking as Warfare

references cont
References (cont.)
  • IDS Discussions
    • http://msgs.securepoint.com/ids
    • http://www.ticm.com/kb/faq/idsfaq.html
    • http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html#CISCO
  • Dorothy Denning, Georgetown Institute for Information Assurance
    • http://www.nautilus.org/info-policy/workshop/papers/denning.html
  • Michael Vatis, Institute for Security Studies (Dartmouth)
    • http://www.ists.dartmouth.edu/ISTS/counterterrorism/cyber_attacks.htm

Personal

  • Russian Space Science Internet: http://www.rssi.ru/rssiak_e.html

Hacking as Warfare